exploit the possibilities
Showing 1 - 6 of 6 RSS Feed

Files from Alessandro Di Pinto

Email addressalessandro.dipinto at emaze.net
First Active2013-08-06
Last Active2014-04-24
Sitecom WLR-4000 / WLR-4001 Weak Encryption / Predictable WPA Key
Posted Apr 24, 2014
Authored by Roberto Paleari, Alessandro Di Pinto

Sitecom WLR-4000 and WLR-4004 both v1 001 suffer from weak firmware encryption and have a predictable WPA key.

tags | advisory
MD5 | 20d289e7118d80e4b2d302813a139c47
D-Link DIR-505 Bypass / Privilege Escalation/ Traversal / Code Injection
Posted Sep 10, 2013
Authored by Alessandro Di Pinto

D-Link DIR-505 devices suffer from privilege escalation issues due to hard-coded credentials, path traversal, command injection, weak encryption, and authentication bypass vulnerabilities. Firmware versions 1.06 and below are affected.

tags | exploit, vulnerability
MD5 | a65dd7dd4ffb4b6e32c4377853108c1f
Sitecom N300 / N600 Access Bypass
Posted Aug 19, 2013
Authored by Roberto Paleari, Alessandro Di Pinto

Sitecom N300 and N600 devices suffer from multiple issues that allow for access bypass. These include an undocumented telnet service, weak WPA2 password generation, and hard-coded credentials.

tags | exploit, bypass
MD5 | e5c1ad2ae8ab2031a7607eca1478c472
HP Data Protector Arbitrary Remote Command Execution
Posted Aug 7, 2013
Authored by Alessandro Di Pinto, Claudio Moletta

This python script allows execution of a command with an arbitrary number of arguments. The trick calls 'perl.exe' interpreter installed with HP Data Protector inside the directory {install_path}/bin/. The main goal of the script is to bypass the limitation of executing only a single command without any parameter, as provided by already existing exploits. It is possible to exploit the security issue in order to run any command inside the target system.

tags | exploit, arbitrary, perl, python
advisories | CVE-2011-0923, OSVDB-72526
MD5 | 170a7d65a9fbfba5d4a2f9d411ee7f6a
HP Data Protector Arbitrary Remote Command Execution
Posted Aug 7, 2013
Authored by Alessandro Di Pinto, Claudio Moletta | Site metasploit.com

This Metasploit module allows execution of a command with an arbitrary number of arguments on Microsoft Windows operating systems. The trick calls a perl.exe interpreter installed with HP Data Protector inside the directory {install_path}/bin/. The main goal of the script is to bypass the limitation of execute only a single command without parameters, as provided by already existing exploits. It is possible to exploit the security issue in order to run any command inside the target system.

tags | exploit, arbitrary, perl
systems | windows
advisories | CVE-2011-0923, OSVDB-72526
MD5 | 0930bb4ab77459873c9f363e210b5225
Huawei B153 3G/UMTS Router WPS Weakness
Posted Aug 6, 2013
Authored by Roberto Paleari, Alessandro Di Pinto

The Huawei B153 3G/UMTS router suffers from a WPS weakness that allows for authentication bypass.

tags | advisory
MD5 | 86b3b9d185e91d0ea29c5a4ccd47a24e
Page 1 of 1
Back1Next

File Archive:

August 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    10 Files
  • 2
    Aug 2nd
    8 Files
  • 3
    Aug 3rd
    2 Files
  • 4
    Aug 4th
    1 Files
  • 5
    Aug 5th
    15 Files
  • 6
    Aug 6th
    79 Files
  • 7
    Aug 7th
    16 Files
  • 8
    Aug 8th
    10 Files
  • 9
    Aug 9th
    10 Files
  • 10
    Aug 10th
    0 Files
  • 11
    Aug 11th
    6 Files
  • 12
    Aug 12th
    26 Files
  • 13
    Aug 13th
    15 Files
  • 14
    Aug 14th
    19 Files
  • 15
    Aug 15th
    52 Files
  • 16
    Aug 16th
    11 Files
  • 17
    Aug 17th
    1 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close