Результаты поиска

Solaris - libnspr NSPR_LOG_FILE Privilege Escalation (Metasploit) ## # This module requires Metasploit: https://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## class MetasploitModule < Msf::Exploit::Local Rank = ExcellentRanking include...

Glassfish Server - Unquoted Service Path Privilege Escalation # Title: Glassfish Server - Unquoted Service Path Privilege Escalation # Date: 28/09/2016 # Author: s0nk3y # Software link: https://glassfish.java.net/download.html # Tested: Windows Server 2008 r2 (Metasploitable3) 1. Description...

VideoLAN VLC Media Player 2.2.1 - Buffer Overflow Exploit Title: VLC Media Player 2.2.1 Buffer Overflow 2016-09-28 Author: sultan albalawi Software Link: https://www.videolan.org/vlc/releases/2.2.1.html Tested on:win7 video...

Microsoft Windows Firewall Control - Unquoted Service Path Privilege Escalation # Exploit Title: Windows Firewall Control Unquoted Service Path Privilege Escalation # Date: 24/09/2016 # Exploit Author: [email protected] # Vendor Homepage: http://www.binisoft.org # Version: 4.8.6.0 # Tested...

Joomla! Component JCK Editor 6.4.4 - 'parent' SQL Injection # Title: Joomla Component JCK Editor 6.4.4 - 'parent' SQL Injection # Date: 2018-09-14 # Exploit Author: Hamza Megahed # Vendor Homepage:https://www.joomla.org/ # Download: https://arkextensions.com/products/jck-editor # Version...

Google Android 5.0 < 5.1.1 - 'Stagefright' .MP4 tx3g Integer Overflow (Metasploit) ## # This module requires Metasploit: http://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## require 'msf/core' class MetasploitModule < Msf::Exploit::Remote Rank...

Netis ADSL Router DL4322D RTK 2.1.1 - Denial of Service (PoC) # Exploit Title: Netis ADSL Router DL4322D RTK 2.1.1 - Denial of Service (PoC) # Author: Cakes # Discovery Date: 2018-09-16 # Vendor Homepage: http://www.netis-systems.com # Software Link...

XAMPP Control Panel 3.2.2 - Denial of Service (PoC) # Exploit Title: XAMPP Control Panel 3.2.2 - Denial of Service (PoC) # Exploit Author: Gionathan "John" Reale # Date: 2018-09-14 # Software: XAMPP # Version: 3.2.2 / 7.2.9 (Newest version at time of writing) # Download...

Oracle VirtualBox Manager 5.2.18 r124319 - 'Name Attribute' Denial of Service (PoC) # Exploit Title: Oracle VirtualBox Manager 5.2.18 r124319 - 'Name Attribute' Denial of Service (PoC) # Discovery by: Jose Eduardo Castro # Discovery Date: 2018-09-14 # Vendor Homepage...

Netis ADSL Router DL4322D RTK 2.1.1 - Cross-Site Scripting # Exploit Title: Netis ADSL Router DL4322D RTK 2.1.1 - Cross-Site Scripting # Author: Cakes # Discovery Date: 2018-09-16 # Vendor Homepage: http://www.netis-systems.com # Software Link...

Linux Kernel 4.6.3 (x86) - 'Netfilter' Local Privilege Escalation (Metasploit) ## # This module requires Metasploit: http://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## require "msf/core" class MetasploitModule < Msf::Exploit::Local Rank =...

Linux/x86 - File Modification (/etc/hosts 127.1.1.1 google.com) + Polymorphic Shellcode (99 bytes) /* # Title: Linux/86 - File Modification(/etc/hosts) Polymorphic Shellcode (99 bytes) # Date: 2018-09-13 # Author: Ray Doyle (@doylersec) # Tested on: Linux/x86 # gcc -o...

Deactivating Endpoint Protection Software in an Unauthorized Manner (Revisited) 40433.pdf

Linux/x86 - Add Root User (r00t/blank) + Polymorphic Shellcode (103 bytes) /* # Shellcode Title: Linux/x86 - Add User(r00t/blank) Polymorphic Shellcode (103 bytes) # Date: 2018-09-13 # Author: Ray Doyle (@doylersec) # Homepage: https://www.doyler.net # Tested on: Linux/x86 # gcc -o...

Microsoft Windows - RegLoadAppKey Hive Enumeration Privilege Escalation (MS16-111) /* Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=870 Windows: RegLoadAppKey Hive Enumeration EoP Platform: Windows 10 10586 not tested 8.1 Update 2 or Windows 7 Class: Elevation of Privilege...

Linux/x86 - Read File (/etc/passwd) + MSF Optimized Shellcode (61 bytes) /* # Shellcode Title: Linux/x86 - Read File (/etc/passwd) MSF Optimized Shellcode (61 bytes) # Date: 2018-09-13 # Author: Ray Doyle (@doylersec) # Homepage: https://www.doyler.net # Tested on: Linux/x86 # gcc -o...

InfraRecorder 0.53 - '.txt' Denial of Service (PoC) # Exploit Title: InfraRecorder 0.53 - '.txt' Denial of Service (PoC) # Date: 2018-09-14 # Exploit Author: Gionathan "John" Reale # Version: version 0.53 # Download...

Microsoft Windows 8.1 Update 2 / 10 10586 (x86/x64) - NtLoadKeyEx User Hive Attachment Point Privilege Escalation (MS16-111) /* Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=865 Windows: NtLoadKeyEx User Hive Attachment Point EoP Platform: Windows 10 10586 (32/64) and 8.1...

Faleemi Plus 1.0.2 - Denial of Service (PoC) # Exploit Title: Faleemi Plus 1.0.2 - Denial of Service (PoC) # Author: Gionathan "John" Reale # Discovey Date: 2018-09-14 # Software Link: http://support.faleemi.com/fsc776/Faleemi_Plus_v1.0.2.exe # Tested Version: 1.0.2 # Tested on OS: Windows...

CdBurnerXP 4.5.8.6795 - 'File Name' Denial of Service (PoC) # Exploit Title: CdBurnerXP 4.5.8.6795 - 'File Name' Denial of Service (PoC) # Discovery by: Alan Baeza # Discovery Date: 2018-09-13 # Vendor Homepage: https://cdburnerxp.se/ # Software Link: https://cdburnerxp.se/downloadsetup.exe #...

WordPress Plugin Survey & Poll 1.5.7.3 - 'sss_params' SQL Injection # Exploit Title: Wordpress Plugin Survey & Poll 1.5.7.3 - 'sss_params' SQL Injection # Date: 2018-09-09 # Exploit Author: Ceylan Bozogullarindan # Vendor Homepage: http://modalsurvey.pantherius.com/ # Software Link...

Free MP3 CD Ripper 2.6 - '.wma' Local Buffer Overflow (SEH) # Exploit Title: Free MP3 CD Ripper 2.6 - '.wma' Buffer Overflow (SEH) # Author: Gionathan "John" Reale # Discovey Date: 2018-09-13 # Software Link: http://www.commentcamarche.net/download/telecharger-34082200-free-mp3-cd-ripper #...

Linux 4.18 - Arbitrary Kernel Read into dmesg via Missing Address Check in segfault Handler There is a missing address check in both show_opcodes() callers. show_opcodes() is mostly used by the kernel to print the raw instruction bytes surrounding an instruction that generated an unexpected...

Chrome OS 10820.0.0 dev-channel - app->VM via garcon TCP Command Socket ======================= BUG DESCRIPTION ======================= There is a variety of RPC communication channels between the Chrome OS host system and the crosvm guest. This bug report focuses on communication on TCP port...

[Turkish] Web Application Security and Secure Coding 101 40424.pdf