标签:n&quot
-
Wordpress 2.6.1 (SQL Column Truncation) Admin Takeover Exploit”
#!/usr/bin/php<?php# ------------------------------------------------------------# quick'n'dirty wordpress admin-take0ver poc# by iso^kpsbr in august 2oo8 ## works w/ wordpress 2.6.1## .oO( private -- do not...
-
BrewBlogger 2.1.0.1 Arbitrary Add Admin Exploit”
#!/usr/bin/perl#=================================================# BrewBlogger 2.1.0.1 Arbitrary Add Admin Exploit#=================================================## ,--^----------,--------,-----,-------^--,# | ||||||||| `-----...
-
Safari Quicktime”
#!/usr/bin/perl## quickbite.pl## Safari Quicktime <= 7.3 RTSP Content-Type overflow exploit# for Mac OS X (Intel)## Tested with OS X 10.4.# On victim, browse to http://server:8080/# Binds shell on port 4444....
-
fuzzylime cms 3.01 (polladd.php poll) Remote Code Execution Exploit (php)”
#!/usr/bin/php<?php#### Fuzzylime 3.01 Remote Code Execution## Credits: Inphex and real#### [C:]# php fuzzylime.php http://www.target.com/fuzzylime/## [target][cmd]# id## uid=63676(dswrealty) gid=888(vusers) groups=...
-
Microsoft DNS Server (Dynamic DNS Updates) Remote Exploit”
/* Exploiting Microsoft DNS Dynamic Updates for Fun and profit Andres Tarasco Acu?a - (c) 2007 Url: http://www.514.es By default, most Microsoft DNS servers integrated with active directory allow insecure dynamic updates f...
-
Galatolo Web Manager 1.3a”
--== ============================================================================ ==----== Galatolo Web Manager 1.3a <= XSS / Remote SQL Injection Vulnerability ==-- --== ==========================================================...
-
Oracle 10g KUPM$MCP.MAIN SQL Injection Exploit”
#!/usr/bin/perl # # Remote Oracle KUPM$MCP.MAIN exploit (10g) # # Grant or revoke dba permission to unprivileged user # # Tested on "Oracle Database 10g Enterprise Edition Release 10.1.0.3.0" # # REF: http://www...
-
fuzzylime cms 3.01 (commrss.php) Remote Code Execution Exploit”
<?php#### Name: Fuzzylime 3.01 Remote Code Execution Exploit## Credits: Charles "real" F. <charlesfol[at]hotmail.fr>#### Conditions: None#### Greetz: Inphex, hEEGy and austeN#### Exp...
-
MS Internet Explorer (FTP Server Response) DoS Exploit”
#!/usr/bin/perl # MS 07-016 FTP Server Response PoC # Usage: ./ms07016ftp.pl [LISTEN_IP] # # Tested Against: MSIE 6.02900.2180 (SP2) # # Details: The response is broken into buffers, either at length 1024, #...
-
Mercury Mail 4.0.1 (LOGIN) Remote IMAP Stack Buffer Overflow Exploit”
#!/usr/bin/perl # # http://www.securityfocus.com/bid/11775 # credit to Muts for this vulnerability # acaro [at] jervus.it use IO::Socket::INET; use Switch; if (@ARGV new(proto=>'tcp', PeerAddr=>$host, PeerPort=>$p...
-
eNdonesia 8.4 (Calendar Module) Remote SQL Injection Exploit”
#!/usr/bin/perl#/-----------------------------------------------#| /----------------------------------------- |#| | Remote SQL Exploit | |#| | eNdonesia 8.4 Remote SQL Exploit | |#| | www.endonesia.o...
-
IntelliTamper 2.07/2.08 Beta 4 A HREF Remote Buffer Overflow Exploit”
/********************************************************************//* [Crpt] IntelliTamper v2.07/2.08 Beta 4 sploit by kralor [Crpt] *//********************************************************************//*...
-
AlstraSoft Article Manager Pro 1.6 Blind SQL Injection Exploit”
#/usr/bin/perl#| | Author: GoLd_M#--//--># -- AlstraSoft Article Manager Pro Blind SQL Injection Exploit --#--//--> Exploit :use strict;use LWP::Simple;print "- - - - - - - - - - - - - - - - - - - - - - - - - -...
-
Quicksilver Forums 1.4.1 forums[] Remote SQL Injection Exploit”
<?php/*. vuln.: Quicksilver Forums 1.4.1 (forums[]) Remote SQL Injection Exploit. download: http://www.quicksilverforums.com/.. author: irk4z[at]yahoo.pl. homepage: http://irk4z.wordpress.com/.. greets: all friends ;)....
-
WFTPD Pro Server”
/************************************************************************ *WFTPD server <= 3.25 SITE ADMN DoS * * * *Sending comm...
-
Bea Weblogic Apache Connector Code Exec / Denial of Service Exploit”
#// Bea Weblogic -- Apache Connector Remote Exploit -1day#// Should stack break latest Windows Server 2003 <address space randomization>#// BIG THANKS TO #// "dong-hun you"(Xpl017Elz) in INetCop - for his paper#// "T...
-
Arctic Issue Tracker 2.0.0 (index.php filter) SQL Injection Exploit”
#!/usr/bin/perluse IO::Socket;print q{-----------------------------------------------Arctic Issue Tracker v2.0.0 exploit by ldma ~ SubCode ~use: arctic.pl [server] [dir]sample:$perl arctic.pl localhos...
-
WarFTP 1.65 (USER) Remote Buffer Overlow Exploit”
#include <stdio.h> #include <string.h> #include <winsock.h> #define VULNSERVER "WAR-FTPD 1.65" #define VULNCMD "x55x53x45x52x20" #define ZERO 'x00' #d...
