Exploit the possiblities
Showing 1 - 8 of 8 RSS Feed

Files from catatonicprime

Email addresscatatonicprime at gmail.com
First Active2012-10-02
Last Active2017-03-04
Ektron 8.5 / 8.7 / 9.0 XSLT Transform Remote Code Execution
Posted Mar 4, 2017
Authored by catatonicprime | Site metasploit.com

Ektron versions 8.5, 8.7 equal to and below sp1, and 9.0 before sp1 have vulnerabilities in various operations within the ServerControlWS.asmxweb services. These vulnerabilities allow for remote code execution without authentication and execute in the context of IIS on the remote system.

tags | exploit, remote, vulnerability, code execution
advisories | CVE-2015-0923
MD5 | b3ada4a6663d4e329938e603c267764b
Hak5 WiFi Pineapple Preconfiguration Command Injection 2
Posted Oct 19, 2016
Authored by catatonicprime | Site metasploit.com

This Metasploit module exploits a command injection vulnerability on WiFi Pineapples versions 2.0 and below and pineapple versions prior to 2.4. We use a combination of default credentials with a weakness in the anti-csrf generation to achieve command injection on fresh pineapple devices prior to configuration. Additionally if default credentials fail, you can enable a brute force solver for the proof-of-ownership challenge. This will reset the password to a known password if successful and may interrupt the user experience. These devices may typically be identified by their SSID beacons of 'Pineapple5_....'; details derived from the TospoVirus, a WiFi Pineapple infecting worm.

tags | exploit, worm
advisories | CVE-2015-4624
MD5 | 6decdeddc87bc1b4e2eab5e2ce78b412
Hak5 WiFi Pineapple Preconfiguration Command Injection
Posted Oct 19, 2016
Authored by catatonicprime | Site metasploit.com

This Metasploit module exploits a login/csrf check bypass vulnerability on WiFi Pineapples versions 2.0 and below and pineapple versions prior to 2.4. These devices may typically be identified by their SSID beacons of 'Pineapple5_....'; Provided as part of the TospoVirus workshop at DEFCON23.

tags | exploit, bypass
MD5 | 33ff83c7a5f849fadb3d655dda6d7075
WiFi Pineapple Predictable CSRF Token
Posted Aug 12, 2015
Authored by catatonicprime

WiFi Pineapples with firmware versions 2.3.0 and below suffer from using a predictable cross site request forgery token.

tags | exploit, csrf
advisories | CVE-2015-4624
MD5 | 496db4b3ef740c44df957c4fc2104e68
DartWebserver.dll 1.9.2 Null Pointer Dereference
Posted Apr 9, 2013
Authored by catatonicprime

DartWebserver.dll version 1.9.2 suffers from a null pointer dereference denial of service vulnerability.

tags | advisory, denial of service
advisories | CVE-2012-5389
MD5 | 581cc1a10777cb563080fdeb7f9974a8
Cerberus FTP Server Cross Site Scripting
Posted Dec 19, 2012
Authored by catatonicprime

Cerberus FTP server suffers from a cross site scripting vulnerability in the web administration interface.

tags | advisory, web, xss
advisories | CVE-2012-6339
MD5 | 9da50fabf2ed4db1efb87ac182ea7445
Campaign Enterprise 11 SQL Injection / Unauthorized Access
Posted Oct 20, 2012
Authored by catatonicprime

Campaign Enterprise 11 suffers from multiple remote SQL injection, unauthorized access, clear text password storage, and direct access bypass vulnerabilities.

tags | advisory, remote, vulnerability, sql injection
advisories | CVE-2012-3820, CVE-2012-3821, CVE-2012-3822, CVE-2012-3823, CVE-2012-3824
MD5 | 8a126573d6e45fbe3f08ea1b1092c2dd
Dart Communications Stack Overflow
Posted Oct 2, 2012
Authored by catatonicprime

DartWebserver.Dll, an HTTP server by Dart Communications, suffers from a stack overflow vulnerability. Versions 1.9 and below are affected. Proof of concept code included.

tags | exploit, web, overflow, proof of concept
advisories | CVE-2012-3819
MD5 | 00b4e0652265f2869db4975b87baaf17
Page 1 of 1
Back1Next

File Archive:

December 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    15 Files
  • 2
    Dec 2nd
    2 Files
  • 3
    Dec 3rd
    1 Files
  • 4
    Dec 4th
    15 Files
  • 5
    Dec 5th
    15 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    17 Files
  • 8
    Dec 8th
    15 Files
  • 9
    Dec 9th
    13 Files
  • 10
    Dec 10th
    4 Files
  • 11
    Dec 11th
    41 Files
  • 12
    Dec 12th
    44 Files
  • 13
    Dec 13th
    25 Files
  • 14
    Dec 14th
    15 Files
  • 15
    Dec 15th
    28 Files
  • 16
    Dec 16th
    3 Files
  • 17
    Dec 17th
    13 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close