Результаты поиска

Mozilla Firefox < 17.0.1 - Flash Privileged Code Injection (Metasploit) ## # This module requires Metasploit: http://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## require 'msf/core' class MetasploitModule < Msf::Exploit::Remote Rank =...

Centreon < 2.5.1 / Centreon Enterprise Server < 2.2 - SQL Injection / Command Injection (Metasploit) ## # This module requires Metasploit: http://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## require 'msf/core' class MetasploitModule <...

D-Link/TRENDnet - NCC Service Command Injection (Metasploit) ## # This module requires Metasploit: http://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## require 'msf/core' class MetasploitModule < Msf::Exploit::Remote Rank = NormalRanking # Only...

Ceragon FibeAir IP-10 - SSH Private Key Exposure (Metasploit) ## # This module requires Metasploit: http://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## require 'msf/core' require 'net/ssh' class MetasploitModule < Msf::Exploit::Remote include...

SysGauge 1.5.18 - SMTP Validation Buffer Overflow (Metasploit) # # This module requires Metasploit: http://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework # class MetasploitModule < Msf::Exploit::Remote include Msf::Exploit::Remote::TcpServer Rank...

Google Android 4.2 Browser and WebView - 'addJavascriptInterface' Code Execution (Metasploit) ## # This module requires Metasploit: http://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## require 'msf/core' require 'msf/core/exploit/android' class...

Spidermonkey - IonMonkey Type Inference is Incorrect for Constructors Entered via OSR /* A bug in IonMonkeys type inference system when JIT compiling and entering a constructor function via on-stack replacement (OSR) allows the compilation of JITed functions that cause type confusions between...

VMware Workstation 14.1.5 / VMware Player 15.0.2 - Host VMX Process Impersonation Hijack Privilege Escalation VMware: Host VMX Process Impersonation Hijack EoP Platform: VMware Workstation Windows v14.1.5 (on Windows 10). Also tested VMware Player 15.0.2. Class: Elevation of Privilege...

Disk Sorter Enterprise 9.5.12 - 'GET' Remote Buffer Overflow (SEH) #!/usr/bin/env python # Exploit Title: DiskSorter Enterprise 9.5.12 - 'GET' Remote buffer overflow (SEH) # Date: 2017-03-22 # Exploit Author: Daniel Teixeira # Author Homepage: www.danielteixeira.com # Vendor Homepage...

VMware Workstation 14.1.5 / VMware Player 15 - Host VMX Process COM Class Hijack Privilege Escalation VMware: Host VMX Process COM Class Hijack EoP Platform: VMware Workstation Windows v14.1.5 (on Windows 10). Also tested VMware Player 15. Class: Elevation of Privilege Summary: COM classes...

SpyCamLizard 1.230 - Denial of Service import socket import sys author = ''' ############################################## # Created: ScrR1pTK1dd13 # # Name: Greg Priest # #...

Jettweb PHP Hazır Haber Sitesi Scripti V2 - SQL Injection (Authentication Bypass) # Exploit Title: Jettweb PHP Hazır Haber Sitesi Scripti V2 - Authentication Bypass # Date: 25.03.2019 # Exploit Author: Ahmet Ümit BAYRAM # Vendor Homepage...

PoC || GTFO 0x14 pocorgtfo14.pdf

Jettweb PHP Hazır Haber Sitesi Scripti V3 - SQL Injection # Exploit Title: Jettweb PHP Hazır Haber Sitesi Scripti V3 - Multiple Vulnerabilities # Date: 25.03.2019 # Exploit Author: Ahmet Ümit BAYRAM # Vendor Homepage: https://jettweb.net/u-16-php-hazir-haber-sitesi-scripti-v3.html # Demo Site...

Mozilla Firefox - 'table' Use-After-Free <!-- Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1130 Mozilla bug tracker link: https://bugzilla.mozilla.org/show_bug.cgi?id=1340138 There is a use-after-free security vulnerability in Firefox. The vulnerability was confirmed on...

Microsoft Internet Explorer 11 - 'textarea.defaultValue' Memory Disclosure (MS17-006) <!-- Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1076 There is an use-after-free bug in IE which can lead to info leak / memory disclosure. The bug was confirmed on Internet Explorer...

D-Link DGS-1510 - Multiple Vulnerabilities ================ get-user-info.py ================ import re import os.path import urllib2 import base64 import gzip import zlib from StringIO import StringIO from io import BytesIO def make_requests(): """Calls request functions sequentially."""...

Microsoft Windows - Uniscribe Heap Out-of-Bounds Read in 'USP10!ScriptApplyLogicalWidth' Triggered via EMF (MS17-013) Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1053 We have encountered a crash in the Windows Uniscribe user-mode library, in the...

Microsoft Color Management Module 'icm32.dll' - 'icm32!LHCalc3toX_Di16_Do16_Lut8_G32' Out-of-Bounds Read (MS17-013) Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1054 We have encountered a crash in the Windows Color Management library (icm32.dll), in the...

snap - seccomp BBlacklist for TIOCSTI can be Circumvented /* snap uses a seccomp filter to prevent the use of the TIOCSTI ioctl; in the source code, this filter is expressed as follows: # TIOCSTI allows for faking input (man tty_ioctl) # TODO: this should be scaled back even more ioctl...

Microsoft Windows - Uniscribe Font Processing Multiple Heap Out-of-Bounds and Wild Reads (MS17-011) Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1031 Through fuzzing, we have discovered a number of different crashes in the Windows Uniscribe user-mode library, while trying...

Microsoft GDI+ - 'gdiplus!GetRECTSForPlayback' Out-of-Bounds Read (MS17-013) Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1042 We have encountered a crash in the Windows GDI+ library, in the gdiplus!GetRECTSForPlayback function, while trying to display a malformed EMF+...

Microsoft Color Management Module 'icm32.dll' - 'icm32!Fill_ushort_ELUTs_from_lut16Tag' Out-of-Bounds Read (MS17-013) Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1052 We have encountered a crash in the Windows Color Management library (icm32.dll), in the...

Microsoft Windows - Uniscribe Font Processing Heap Out-of-Bounds Write in 'USP10!UpdateGlyphFlags' (MS17-011) Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1028 We have encountered a crash in the Windows Uniscribe user-mode library, in the USP10!UpdateGlyphFlags function...

Microsoft Windows - Uniscribe Font Processing Heap Memory Corruption Around 'USP10!BuildFSM' (MS17-011) Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1029 We have encountered a number of crashes in the Windows Uniscribe user-mode library, while trying to display text using...