Twenty Year Anniversary
Showing 1 - 8 of 8 RSS Feed

Files from catatonicprime

Email addresscatatonicprime at gmail.com
First Active2012-10-02
Last Active2017-03-04
Ektron 8.5 / 8.7 / 9.0 XSLT Transform Remote Code Execution
Posted Mar 4, 2017
Authored by catatonicprime | Site metasploit.com

Ektron versions 8.5, 8.7 equal to and below sp1, and 9.0 before sp1 have vulnerabilities in various operations within the ServerControlWS.asmxweb services. These vulnerabilities allow for remote code execution without authentication and execute in the context of IIS on the remote system.

tags | exploit, remote, vulnerability, code execution
advisories | CVE-2015-0923
MD5 | b3ada4a6663d4e329938e603c267764b
Hak5 WiFi Pineapple Preconfiguration Command Injection 2
Posted Oct 19, 2016
Authored by catatonicprime | Site metasploit.com

This Metasploit module exploits a command injection vulnerability on WiFi Pineapples versions 2.0 and below and pineapple versions prior to 2.4. We use a combination of default credentials with a weakness in the anti-csrf generation to achieve command injection on fresh pineapple devices prior to configuration. Additionally if default credentials fail, you can enable a brute force solver for the proof-of-ownership challenge. This will reset the password to a known password if successful and may interrupt the user experience. These devices may typically be identified by their SSID beacons of 'Pineapple5_....'; details derived from the TospoVirus, a WiFi Pineapple infecting worm.

tags | exploit, worm
advisories | CVE-2015-4624
MD5 | 6decdeddc87bc1b4e2eab5e2ce78b412
Hak5 WiFi Pineapple Preconfiguration Command Injection
Posted Oct 19, 2016
Authored by catatonicprime | Site metasploit.com

This Metasploit module exploits a login/csrf check bypass vulnerability on WiFi Pineapples versions 2.0 and below and pineapple versions prior to 2.4. These devices may typically be identified by their SSID beacons of 'Pineapple5_....'; Provided as part of the TospoVirus workshop at DEFCON23.

tags | exploit, bypass
MD5 | 33ff83c7a5f849fadb3d655dda6d7075
WiFi Pineapple Predictable CSRF Token
Posted Aug 12, 2015
Authored by catatonicprime

WiFi Pineapples with firmware versions 2.3.0 and below suffer from using a predictable cross site request forgery token.

tags | exploit, csrf
advisories | CVE-2015-4624
MD5 | 496db4b3ef740c44df957c4fc2104e68
DartWebserver.dll 1.9.2 Null Pointer Dereference
Posted Apr 9, 2013
Authored by catatonicprime

DartWebserver.dll version 1.9.2 suffers from a null pointer dereference denial of service vulnerability.

tags | advisory, denial of service
advisories | CVE-2012-5389
MD5 | 581cc1a10777cb563080fdeb7f9974a8
Cerberus FTP Server Cross Site Scripting
Posted Dec 19, 2012
Authored by catatonicprime

Cerberus FTP server suffers from a cross site scripting vulnerability in the web administration interface.

tags | advisory, web, xss
advisories | CVE-2012-6339
MD5 | 9da50fabf2ed4db1efb87ac182ea7445
Campaign Enterprise 11 SQL Injection / Unauthorized Access
Posted Oct 20, 2012
Authored by catatonicprime

Campaign Enterprise 11 suffers from multiple remote SQL injection, unauthorized access, clear text password storage, and direct access bypass vulnerabilities.

tags | advisory, remote, vulnerability, sql injection
advisories | CVE-2012-3820, CVE-2012-3821, CVE-2012-3822, CVE-2012-3823, CVE-2012-3824
MD5 | 8a126573d6e45fbe3f08ea1b1092c2dd
Dart Communications Stack Overflow
Posted Oct 2, 2012
Authored by catatonicprime

DartWebserver.Dll, an HTTP server by Dart Communications, suffers from a stack overflow vulnerability. Versions 1.9 and below are affected. Proof of concept code included.

tags | exploit, web, overflow, proof of concept
advisories | CVE-2012-3819
MD5 | 00b4e0652265f2869db4975b87baaf17
Page 1 of 1
Back1Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

April 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    5 Files
  • 2
    Apr 2nd
    17 Files
  • 3
    Apr 3rd
    11 Files
  • 4
    Apr 4th
    21 Files
  • 5
    Apr 5th
    17 Files
  • 6
    Apr 6th
    12 Files
  • 7
    Apr 7th
    1 Files
  • 8
    Apr 8th
    6 Files
  • 9
    Apr 9th
    21 Files
  • 10
    Apr 10th
    18 Files
  • 11
    Apr 11th
    42 Files
  • 12
    Apr 12th
    7 Files
  • 13
    Apr 13th
    14 Files
  • 14
    Apr 14th
    1 Files
  • 15
    Apr 15th
    1 Files
  • 16
    Apr 16th
    15 Files
  • 17
    Apr 17th
    20 Files
  • 18
    Apr 18th
    24 Files
  • 19
    Apr 19th
    20 Files
  • 20
    Apr 20th
    7 Files
  • 21
    Apr 21st
    10 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close