Результаты поиска

EC-CUBE 2.12.6 - Server-Side Request Forgery # Exploit Title: EC-CUBE 2.12.6 Server-Side Request Forgery # Date: 22/10/16 # Exploit Author: Wad Deek # Vendor Homepage: http://en.ec-cube.net/ # Software Link: http://en.ec-cube.net/download/ # Version: 2.12.6en-p1 # Tested on: Xampp on Windows7...

Network Scanner 4.0.0 - Local Buffer Overflow (SEH) #!/usr/bin/python # -*- coding: utf-8 -*- ### Network Scanner Version 4.0.0.0 - SEH Overflow Exploit by n30m1nd ### # Date: 2016-10-21 # Exploit Author: n30m1nd # Exploit Title: Network Scanner Version 4.0.0.0 SEH Based Exploit # Vendor...

Boonex Dolphin 7.3.2 - Authentication Bypass # Exploit Title : Boonex Dolphin all versoin <= 7.3 Authentication Bypass # Exploit Author : Saadat Ullah saadi_linux[@]rocketmail.com # Software Link : https://www.boonex.com # Author HomePage : http://security-geeks.blogspot.com...

SmallFTPd 1.0.3 - 'mkd' Denial of Service from ftplib import FTP print ''' ############################################## # Created: ScrR1pTK1dd13 # # Name: Greg Priest # # Mail...

PoC || GTFO 0x11 pocorgtfo11.pdf

PoC || GTFO 0x12 pocorgtfo12.pdf

PoC || GTFO 0x13 pocorgtfo13.pdf

Zenbership 107 - Multiple Vulnerabilities 1. ADVISORY INFORMATION ======================================== Title: Zenbership (latest version) - Multiple Vulnerabilities Application: Zenbership Class: Sensitive Information disclosure Versions Affected: <= latest version ) Vendor URL...

PoC || GTFO 0x09 pocorgtfo09.pdf

PoC || GTFO 0x10 pocorgtfo10.pdf

Linux Kernel 2.6.22 < 3.9 (x86/x64) - 'Dirty COW /proc/self/mem' Race Condition Privilege Escalation (SUID Method) /* * * EDB-Note: After getting a shell, doing "echo 0 > /proc/sys/vm/dirty_writeback_centisecs" may make the system more stable. * * (un)comment correct payload first (x86 or...

RealPlayer 18.1.5.705 - '.QCP' Crash (PoC) Tested on: Win7 / Win10 x64 Date: October 20th 2016 Vendor homepage: http://www.real.com Software link: http://realplayer-download.real.com/free/windows/installer/stubinst/stub/rt1/T10EUDRP/RealTimes-RealPlayer.exe File version (both realplay.exe...

Oracle VM VirtualBox 4.3.28 - '.ovf' Crash (PoC) #Exploit Title: Oracle VM VirtualBox 4.3.28 Crash #Author: sultan albalawi #Tested on:win7 #open viryualbox -->ctrl+i-->choose file -->double+double+double next ban= '\x0d\x0a\x20\x20\x20\x20\x20\x20\x20\x5c\x20\x20\x20\x2d\x20\x20'...

Linux Kernel 2.6.22 < 3.9 - 'Dirty COW' /proc/self/mem Race Condition (Write Access Method) /* ####################### dirtyc0w.c ####################### $ sudo -s # echo this is not a test > foo # chmod 0404 foo $ ls -lah foo -r-----r-- 1 root root 19 Oct 20 15:23 foo $ cat foo this is not a...

Microsoft SQL Server Management Studio 17.9 - '.xmla' XML External Entity Injection # Exploit Title: Microsoft SQL Server Management Studio 17.9 - '.xmla' XML External Entity Injection # Date: 2018-10-10 # Author: John Page (aka hyp3rlinx) # Website: hyp3rlinx.altervista.org # Venodor...

FreePBX 13 - Remote Command Execution / Privilege Escalation #!/usr/bin/env python ''' Title | FreePBX 13 Remote Command Execution and Privilege Escalation Date | 10/21/2016 Author | Christopher Davis Vendor | https://www.freepbx.org/...

Hak5 WiFi Pineapple 2.4 - Preconfiguration Command Injection (Metasploit) ## # This module requires Metasploit: http://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## require 'msf/core' class MetasploitModule < Msf::Exploit::Remote Rank =...

OpenNMS - Java Object Unserialization Remote Code Execution (Metasploit) ## # This module requires Metasploit: http://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## require 'msf/core' class MetasploitModule < Msf::Exploit::Remote Rank =...

jQuery-File-Upload 9.22.0 - Arbitrary File Upload # Title: jQuery-File-Upload 9.22.0 - Arbitrary File Upload # Author: Larry W. Cashdollar, @_larry0 # Date: 2018-10-09 # Vendor: https://github.com/blueimp # Download Site: https://github.com/blueimp/jQuery-File-Upload/releases # CVE-ID: N/A #...

Microsoft Windows Edge/Internet Explorer - Isolated Private Namespace Insecure Boundary Descriptor Privilege Escalation (MS16-118) /* Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=878 Windows: Edge/IE Isolated Private Namespace Insecure Boundary Descriptor EoP Platform...

Microsoft SQL Server Management Studio 17.9 - '.xel' XML External Entity Injection # Exploit Title: Microsoft SQL Server Management Studio 17.9 - '.xel' XML External Entity Injection # Date: 2018-10-10 # Author: John Page (aka hyp3rlinx) # Website: hyp3rlinx.altervista.org # Venodor...

Microsoft Windows - NtLoadKeyEx Read Only Hive Arbitrary File Write Privilege Escalation (MS16-124) /* Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=871 Windows: NtLoadKeyEx Read Only Hive Arbitrary File Write EoP Platform: Windows 10 10586 not tested 8.1 Update 2 or...

Microsoft Edge - Spread Operator Stack Overflow (MS16-119) <!-- Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=910 The spread operator in JavaScript allows an array to be treated as function parameters using the following syntax: var a = [1,2]; f(...a); This is...

Microsoft Windows Edge/Internet Explorer - Isolated Private Namespace Insecure DACL Privilege Escalation (MS16-118) /* Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=879 Windows: Edge/IE Isolated Private Namespace Insecure DACL EoP Platform: Windows 10 10586, Edge...

Microsoft SQL Server Management Studio 17.9 - XML External Entity Injection # Exploit Title: Microsoft SQL Server Management Studio 17.9 - XML External Entity Injection # Date: 2018-10-10 # Author: John Page (aka hyp3rlinx) # Website: hyp3rlinx.altervista.org # Venodor: www.microsoft.com #...