exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 2,368 RSS Feed

Proof of Concept Files

ZenML Remote Privilege Escalation
Posted Apr 8, 2024
Authored by David Botelho Mariano | Site github.com

ZenML allows for remote privilege escalation because the /api/v1/users/{user_name_or_id}/activate REST API endpoint allows access on the basis of a valid username along with a new password in the request body. This is the proof of concept exploit. All ZenML versions below 0.46.7 are vulnerable, with the exception being patched versions 0.44.4, 0.43.1, and 0.42.2.

tags | exploit, remote, proof of concept
advisories | CVE-2024-25723
SHA-256 | 3c2c8e3882d5e4c0257dbb5b27f3d5dfe82d1a0ce0a5f485af9c54a883d48594
Linux nf_tables Local Privilege Escalation
Posted Apr 1, 2024
Authored by Notselwyn | Site github.com

A use-after-free vulnerability exists in the Linux kernel netfilter: nf_tables component. This is a universal local privilege escalation proof of concept exploit working on Linux kernels between 5.14 and 6.6, including Debian, Ubuntu, and KernelCTF.

tags | exploit, kernel, local, proof of concept
systems | linux, debian, ubuntu
advisories | CVE-2024-1086
SHA-256 | e98b20acc52d06c63e173b3fafc4a334699f028d1db4b0de3512cf556c197cd9
Xbox GamingService Arbitrary Folder Move
Posted Mar 21, 2024
Authored by Filip Dragovic

Proof of concept exploit for an arbitrary folder move issue in the GamingService component of Xbox.

tags | exploit, arbitrary, proof of concept
advisories | CVE-2024-2891
SHA-256 | 960b90e5dd57b045b10aa005fae3c30c8da6ba69285fea3ec4273f6b126c64fc
Fortra FileCatalyst Workflow 5.x Remote Code Execution
Posted Mar 19, 2024
Authored by nettitude | Site labs.nettitude.com

This is a proof of concept exploit for CVE-2024-25153, a remote code execution vulnerability in Fortra FileCatalyst Workflow versions 5.x, before 5.1.6 Build 114.

tags | exploit, remote, code execution, proof of concept
advisories | CVE-2024-25153
SHA-256 | 2a8afe7aeb8387754a5e1093b278c99cf0daa3ee2f0907df1d3ea9383e5f2a54
Microsoft Windows Defender / Backdoor_JS.Relvelshe.A Detection / Mitigation Bypass
Posted Feb 19, 2024
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Back in 2022, the researcher released a proof of concept to bypass the Backdoor:JS/Relvelshe.A detection in Windows Defender but it no longer works as it was mitigated. However, adding a simple javascript try catch error statement and eval'ing the hex string, it executes as of the time of this post.

tags | exploit, javascript, proof of concept
systems | windows
SHA-256 | 7ab1d57cbbb29f8168521971a747af06eab9ef184d9f61ee316413db3f71e0c9
DS Wireless Communication Code Execution
Posted Feb 15, 2024
Authored by MikeIsAStar | Site github.com

Proof of concept code for a flaw in DS Wireless Communication (DWC) with DWC_VERSION_3 and DWC_VERSION_11 that allows remote attackers to execute arbitrary code on a game-playing client's machine via a modified GPCM message.

tags | exploit, remote, arbitrary, proof of concept
advisories | CVE-2023-45887
SHA-256 | 1e92f7059d41e8a56d3136af0c61aed8923d09536167ec279c2c6f0c765af5a1
Zyxel zysh Format String Proof Of Concept
Posted Feb 9, 2024
Authored by Marco Ivaldi

Proof of concept format string exploit for Zyxel zysh. Multiple improper input validation flaws were identified in some CLI commands of Zyxel USG/ZyWALL series firmware versions 4.09 through 4.71, USG FLEX series firmware versions 4.50 through 5.21, ATP series firmware versions 4.32 through 5.21, VPN series firmware versions 4.30 through 5.21, NSG series firmware versions 1.00 through 1.33 Patch 4, NXC2500 firmware version 6.10(AAIG.3) and earlier versions, NAP203 firmware version 6.25(ABFA.7) and earlier versions, NWA50AX firmware version 6.25(ABYW.5) and earlier versions, WAC500 firmware version 6.30(ABVS.2) and earlier versions, and WAX510D firmware version 6.30(ABTF.2) and earlier versions, that could allow a local authenticated attacker to cause a buffer overflow or a system crash via a crafted payload.

tags | exploit, overflow, local, proof of concept
advisories | CVE-2022-26531
SHA-256 | 274400da6832cf3ae8c1a6277041c603d352c6bf51a08f409168fc36a69f146c
KiTTY Buffer Overflows
Posted Feb 8, 2024
Authored by DEFCESCO

KiTTY versions and below suffer from buffer overflows related to ANSI escape sequences. Two exploits are included as proof of concepts as well as a full documented breakdown of the issues.

tags | exploit, overflow, proof of concept
advisories | CVE-2024-25003, CVE-2024-25004
SHA-256 | 1f71c297de8e15269afccee5fe50775bb9e2e1ea8407831ab9883313d3078f04
Juniper SRX Firewall / EX Switch Remote Code Execution
Posted Feb 2, 2024
Authored by whiteOwl | Site whiteowl-pub.github.io

This code serves as both a vulnerability detector and a proof of concept for CVE-2023-36845. It executes the phpinfo() function on the login page of the target device, allowing to inspect the PHP configuration. This script also has the option to save the phpinfo() output to a file for further analysis.

tags | exploit, php, proof of concept
advisories | CVE-2023-36845
SHA-256 | 56c0a0ad9dba5be91bcf88dbed7e2234e764bf5d6166e8250dfe5f1920543e02
Jenkins 2.441 / LTS 2.426.3 Arbitrary File Read
Posted Jan 29, 2024
Authored by binganao | Site github.com

Jenkins versions 2.441 and below and LTS 2.426.3 and below remote arbitrary file read proof of concept exploit written in Python.

tags | exploit, remote, arbitrary, proof of concept, python
advisories | CVE-2024-23897
SHA-256 | 4fdefdc8a91925284359a1beec765f58e6f6a5a76aa3e27c5a5a2fb4ba6cd562
GoAnywhere MFT Authentication Bypass
Posted Jan 24, 2024
Authored by James Horseman, Zach Hanley, Horizon3 Attack Team | Site github.com

GoAnywhere MFT authentication bypass proof of concept exploit.

tags | exploit, proof of concept
advisories | CVE-2024-0204
SHA-256 | cc18afe3ce13ec7ab1ac673b6370a4830af2b4f40a635675ad5b2e4d8c6adfca
PixieFail Proof Of Concepts
Posted Jan 17, 2024
Authored by QuarksLab | Site blog.quarkslab.com

This archive contains proof of concepts to trigger the 7 vulnerabilities in Tianocore's EDK II open source implementation of the UEFI specification. Issues include an integer underflow, buffer overflows, infinite loops, and an out of bounds read.

tags | exploit, overflow, vulnerability, proof of concept
advisories | CVE-2023-45229, CVE-2023-45230, CVE-2023-45231, CVE-2023-45232, CVE-2023-45233, CVE-2023-45234, CVE-2023-45235
SHA-256 | b2881adefb7e3e5f3ce5ab7e7f947977fc25d63f9ffa4210fe9c5586ffc11a4d
Android DeviceVersionFragment.java Privilege Escalation
Posted Jan 10, 2024
Authored by Amirhossein Bahramizadeh

Proof of concept exploit for a privilege escalation issue in Android. In checkDebuggingDisallowed of DeviceVersionFragment.java, there is a possible way to access adb before SUW completion due to an insecure default value. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

tags | exploit, java, local, proof of concept
advisories | CVE-2023-48418
SHA-256 | db6bf38c923aa8b48f087c92b0b649720e01af632d0cbebfd3cb67803d0a4bf9
Terrapin SSH Connection Weakening
Posted Dec 20, 2023
Authored by Jorg Schwenk, Marcus Brinkmann, Fabian Baumer | Site terrapin-attack.com

In this paper, the authors show that as new encryption algorithms and mitigations were added to SSH, the SSH Binary Packet Protocol is no longer a secure channel: SSH channel integrity (INT-PST) is broken for three widely used encryption modes. This allows prefix truncation attacks where some encrypted packets at the beginning of the SSH channel can be deleted without the client or server noticing it. They demonstrate several real-world applications of this attack. They show that they can fully break SSH extension negotiation (RFC 8308), such that an attacker can downgrade the public key algorithms for user authentication or turn off a new countermeasure against keystroke timing attacks introduced in OpenSSH 9.5. They also identified an implementation flaw in AsyncSSH that, together with prefix truncation, allows an attacker to redirect the victim's login into a shell controlled by the attacker. Related proof of concept code from their github has been added to this archive.

tags | exploit, paper, shell, protocol, proof of concept
advisories | CVE-2023-46445, CVE-2023-46446, CVE-2023-48795
SHA-256 | 3d6be8cc2a9c624a06990226485956c5d92675a632da2182c2546e4af814ff93
Chrome V8 Sandbox Escape
Posted Dec 14, 2023
Authored by R3tro74 | Site retr0.zip

Proof of concept exploit for a new technique to escape from the Chrome V8 sandbox.

tags | exploit, proof of concept
SHA-256 | b533a0e53256fe5313af052c54741bea5b40ff4a27c155aca589938f876681db
Chrome V8 Type Confusion / New Sandbox Escape
Posted Dec 14, 2023
Authored by R3tro74 | Site github.com

Proof of concept exploit for CVE-2023-3079 that leverages a type confusion in V8 in Google Chrome versions prior to 114.0.5735.110. This issue allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This variant of the exploit applies a new technique to escape the sandbox.

tags | exploit, remote, proof of concept
advisories | CVE-2023-3079
SHA-256 | 07a757d77758a5b7ba1152485d4c44678d2993d2b1ba08c1da2c0301b12a31d5
Chrome V8 JIT XOR Arbitrary Code Execution
Posted Dec 14, 2023
Authored by R3tro74 | Site github.com

Chrome V8 proof of concept exploit for CVE-2021-21220. The specific flaw exists within the implementation of XOR operation when executed within JIT compiled code.

tags | exploit, proof of concept
advisories | CVE-2021-21220
SHA-256 | 4a0c5ace29bab9077fd3cb6f30e1b337ebb1207166906d4dc66f459257476092
Chrome V8 Type Confusion
Posted Dec 14, 2023
Authored by mistymntncop | Site github.com

Proof of concept exploit for CVE-2023-3079 that leverages a type confusion in V8 in Google Chrome versions prior to 114.0.5735.110. This issue allows a remote attacker to potentially exploit heap corruption via a crafted HTML page.

tags | exploit, remote, proof of concept
advisories | CVE-2023-3079
SHA-256 | c7ac9c003e88739db826c7b7f01e6f701dd02bd677b93702334ae6f89f6455d0
libcue 2.2.1 Out-Of-Bounds Access
Posted Dec 9, 2023
Authored by Kevin Backhouse, GitHub Security Lab

libcue provides an API for parsing and extracting data from CUE sheets. Versions 2.2.1 and prior are vulnerable to out-of-bounds array access. A user of the GNOME desktop environment can be exploited by downloading a cue sheet from a malicious webpage. Because the file is saved to ~/Downloads, it is then automatically scanned by tracker-miners. And because it has a .cue filename extension, tracker-miners use libcue to parse the file. The file exploits the vulnerability in libcue to gain code execution. This issue is patched in version 2.3.0. This particular archive holds three proof of concept exploits.

tags | exploit, code execution, proof of concept
advisories | CVE-2023-43641
SHA-256 | 642dbf93a2ac7ad97ec0e5940fb62ec821a66ce449bbde84890a9695362e981a
Magento 2.4.6 XSLT Server Side Injection
Posted Nov 20, 2023
Authored by tmrswrr

Magento version 2.4.6 XSLT server-side injection proof of concept exploit.

tags | exploit, proof of concept
SHA-256 | ae81950e2fc15cf464a8175e05b574b8b5b2ed4aba982fabb1e7d86affd1d181
Citrix Bleed Session Token Leakage Proof Of Concept
Posted Oct 25, 2023
Authored by Assetnote Security Research Team | Site assetnote.io

Citrix NetScaler ADC and NetScaler Gateway proof of concept exploit for the session token leakage vulnerability as described in CVE-2023-4966.

tags | exploit, proof of concept
advisories | CVE-2023-4966
SHA-256 | 89ec75b909eb1e5d40ef988dc08431b0375f4fa6890974bea609b7d956cd8ac4
Squid Caching Proxy Proof Of Concepts
Posted Oct 18, 2023
Authored by Joshua Rogers | Site megamansec.github.io

Two and a half years ago an independent audit was performed on the Squid Caching Proxy, which ultimately resulted in 55 vulnerabilities being discovered in the project's C++ source code. Although some of the issues have been fixed, the majority (35) remain valid. The majority have not been assigned CVEs, and no patches or workarounds are available. Some of the listed issues concern more than one bug, which is why 45 issues are listed, despite there being 55 vulnerabilities in total (10 extra of the result of similar, but different pathways to reproduce a vulnerability). After two and a half years of waiting, the researcher has decided to release the issues publicly. This archive contains all of the proof of concept code released by the researcher.

tags | exploit, vulnerability, proof of concept
SHA-256 | 8a60c32d038280c1edeea0a6969797283bd744dd1d8876f4879ad103db17b469
XNSoft Nconvert 7.136 Buffer Overflow / Denial Of Service
Posted Oct 17, 2023
Authored by Michele Toccagni | Site toccagni.info

XNSoft Nconvert version 7.136 is vulnerable to buffer overflow and denial of service conditions. Proof of concepts included.

tags | exploit, denial of service, overflow, proof of concept
advisories | CVE-2023-43250, CVE-2023-43251, CVE-2023-43252
SHA-256 | 638390b25c13e2dfa7b3f373e58cc3d277307ff7a2ae09d48cf4a2266af3831a
Elasticsearch 8.5.3 Stack Overflow
Posted Sep 22, 2023
Authored by Touhami Kasbaoui

Elasticsearch version 8.5.3 stack overflow proof of concept exploit.

tags | exploit, overflow, proof of concept
advisories | CVE-2023-31419
SHA-256 | 3ea73849caae7368d08d81cb21e393baddfab08e0fc2108b64083363b66bb17a
Packers And Movers Management System 1.0 SQL Injection
Posted Sep 19, 2023
Authored by Robert Cretu | Site robsware.github.io

Packers and Movers Management System version 1.0 suffers from a remote blind SQL injection vulnerability. Proof of concept exploit written in python included.

tags | exploit, remote, sql injection, proof of concept, python
advisories | CVE-2023-30415
SHA-256 | 392e218592b7d81bc0c0a1e2e699e9fe38ca587052d6e6393e97b66c59ab44ea
Page 1 of 95

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    0 Files
  • 16
    Apr 16th
    0 Files
  • 17
    Apr 17th
    0 Files
  • 18
    Apr 18th
    0 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2022 Packet Storm. All rights reserved.

Security Services
Hosting By