exploit the possibilities
Showing 1 - 6 of 6 RSS Feed

Files from Alessandro Di Pinto

Email addressalessandro.dipinto at emaze.net
First Active2013-08-06
Last Active2014-04-24
Sitecom WLR-4000 / WLR-4001 Weak Encryption / Predictable WPA Key
Posted Apr 24, 2014
Authored by Roberto Paleari, Alessandro Di Pinto

Sitecom WLR-4000 and WLR-4004 both v1 001 suffer from weak firmware encryption and have a predictable WPA key.

tags | advisory
MD5 | 20d289e7118d80e4b2d302813a139c47
D-Link DIR-505 Bypass / Privilege Escalation/ Traversal / Code Injection
Posted Sep 10, 2013
Authored by Alessandro Di Pinto

D-Link DIR-505 devices suffer from privilege escalation issues due to hard-coded credentials, path traversal, command injection, weak encryption, and authentication bypass vulnerabilities. Firmware versions 1.06 and below are affected.

tags | exploit, vulnerability
MD5 | a65dd7dd4ffb4b6e32c4377853108c1f
Sitecom N300 / N600 Access Bypass
Posted Aug 19, 2013
Authored by Roberto Paleari, Alessandro Di Pinto

Sitecom N300 and N600 devices suffer from multiple issues that allow for access bypass. These include an undocumented telnet service, weak WPA2 password generation, and hard-coded credentials.

tags | exploit, bypass
MD5 | e5c1ad2ae8ab2031a7607eca1478c472
HP Data Protector Arbitrary Remote Command Execution
Posted Aug 7, 2013
Authored by Alessandro Di Pinto, Claudio Moletta

This python script allows execution of a command with an arbitrary number of arguments. The trick calls 'perl.exe' interpreter installed with HP Data Protector inside the directory {install_path}/bin/. The main goal of the script is to bypass the limitation of executing only a single command without any parameter, as provided by already existing exploits. It is possible to exploit the security issue in order to run any command inside the target system.

tags | exploit, arbitrary, perl, python
advisories | CVE-2011-0923, OSVDB-72526
MD5 | 170a7d65a9fbfba5d4a2f9d411ee7f6a
HP Data Protector Arbitrary Remote Command Execution
Posted Aug 7, 2013
Authored by Alessandro Di Pinto, Claudio Moletta | Site metasploit.com

This Metasploit module allows execution of a command with an arbitrary number of arguments on Microsoft Windows operating systems. The trick calls a perl.exe interpreter installed with HP Data Protector inside the directory {install_path}/bin/. The main goal of the script is to bypass the limitation of execute only a single command without parameters, as provided by already existing exploits. It is possible to exploit the security issue in order to run any command inside the target system.

tags | exploit, arbitrary, perl
systems | windows
advisories | CVE-2011-0923, OSVDB-72526
MD5 | 0930bb4ab77459873c9f363e210b5225
Huawei B153 3G/UMTS Router WPS Weakness
Posted Aug 6, 2013
Authored by Roberto Paleari, Alessandro Di Pinto

The Huawei B153 3G/UMTS router suffers from a WPS weakness that allows for authentication bypass.

tags | advisory
MD5 | 86b3b9d185e91d0ea29c5a4ccd47a24e
Page 1 of 1
Back1Next

File Archive:

October 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    25 Files
  • 2
    Oct 2nd
    13 Files
  • 3
    Oct 3rd
    1 Files
  • 4
    Oct 4th
    1 Files
  • 5
    Oct 5th
    15 Files
  • 6
    Oct 6th
    15 Files
  • 7
    Oct 7th
    15 Files
  • 8
    Oct 8th
    11 Files
  • 9
    Oct 9th
    3 Files
  • 10
    Oct 10th
    1 Files
  • 11
    Oct 11th
    1 Files
  • 12
    Oct 12th
    8 Files
  • 13
    Oct 13th
    12 Files
  • 14
    Oct 14th
    23 Files
  • 15
    Oct 15th
    4 Files
  • 16
    Oct 16th
    13 Files
  • 17
    Oct 17th
    1 Files
  • 18
    Oct 18th
    1 Files
  • 19
    Oct 19th
    27 Files
  • 20
    Oct 20th
    41 Files
  • 21
    Oct 21st
    18 Files
  • 22
    Oct 22nd
    16 Files
  • 23
    Oct 23rd
    2 Files
  • 24
    Oct 24th
    1 Files
  • 25
    Oct 25th
    1 Files
  • 26
    Oct 26th
    17 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close