what you don't know can hurt you
Showing 1 - 25 of 302 RSS Feed

Files from hyp3rlinx

Email addressprivate
Websitehyp3rlinx.altervista.org
First Active2015-04-28
Last Active2020-02-12
View User Profile
HP System Event Utility Local Privilege Escalation
Posted Feb 12, 2020
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

The HP System Event service "HPMSGSVC.exe" will load an arbitrary EXE and execute it with SYSTEM integrity. HPMSGSVC.exe runs a background process that delivers push notifications. The problem is that the HP Message Service will load and execute any arbitrary executable named "Program.exe" if it is found in the user's c:\ drive.

tags | exploit, arbitrary
advisories | CVE-2019-18915
MD5 | f834d687f26c92b81b101ce2b5ee2732
NTCrackPipe 2.0
Posted Feb 12, 2020
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

NTCrackPipe is a basic local Windows account cracking tool.

Changes: This version checks for account lockouts.
tags | tool, local, cracker
systems | windows
MD5 | b1b672393c20d81e400b6bcc390614e2
Neowise CarbonFTP 1.4 Insecure Proprietary Password Encryption
Posted Jan 20, 2020
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Neowise CarbonFTP version 1.4 suffers from an insecure proprietary password encryption implementation.

tags | exploit
advisories | CVE-2020-6857
MD5 | aecef434c516d728f44dde372d426274
Trend Micro Security (Consumer) Arbitrary Code Execution
Posted Jan 17, 2020
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Trend Micro Security can potentially allow an attacker to use a malicious program to escalate privileges to SYSTEM integrity and obtain persistence on a vulnerable system.

tags | exploit
advisories | CVE-2019-20357
MD5 | d94d6061aaad9782bb11838c46318d2c
Trend Micro Security 2019 Security Bypass Protected Service Tampering
Posted Jan 17, 2020
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Trend Micro Maximum Security is vulnerable to arbitrary code execution as it allows for creation of registry key to target a process running as SYSTEM. This can allow a malware to gain elevated privileges to take over and shutdown services that require SYSTEM privileges like Trend Micros "Asmp" service "coreServiceShell.exe" which does not allow Administrators to tamper with them. This could allow an attacker or malware to gain elevated privileges and tamper with protected services by disabling or otherwise preventing them to start. Note administrator privileges are required to exploit this vulnerability.

tags | exploit, arbitrary, registry, code execution
advisories | CVE-2019-19697
MD5 | 8141cd4c6867deb8b0509555a9e089df
Microsoft Windows VCF Denial Of Service
Posted Jan 4, 2020
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Microsoft Windows VCF cards do not properly sanitize email addresses allowing for HTML injection. A corrupt VCF card can cause all the users currently opened files and applications to be closed and their session to be terminated without requiring any accompanying attacker supplied code.

tags | exploit
systems | windows
MD5 | a8bf3c22b7586fb9aed156a323afff1c
Microsoft Windows .Group File URL Field Code Execution
Posted Jan 1, 2020
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Microsoft Windows suffers from a .group file code execution vulnerability that leverages the URL field.

tags | exploit, code execution
systems | windows
MD5 | c14d7dd530c485214547e0c84c47d3fd
Microsoft Windows Media Center XML Injection
Posted Dec 4, 2019
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Microsoft Windows Media Center suffers from an XML external entity injection vulnerability. This vulnerability was originally released back on December 4, 2016, yet remains unfixed.

tags | exploit
systems | windows
MD5 | 08852a95d58030559d7cf597ca2a27de
Microsoft Visual Studio 2008 Express IDE XML Injection
Posted Dec 2, 2019
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Microsoft Visual Studio 2008 Express IDE suffers from an XML external entity injection vulnerability.

tags | exploit
MD5 | 789e0a22b8214672e24e1c11ee00b829
Microsoft Excel 2016 1901 Import Error XML Injection
Posted Nov 30, 2019
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Microsoft Excel 2016 version 1901 suffers from an XML external entity injection vulnerability.

tags | exploit
MD5 | 38a897cf183daf4eab6b217fc70232f7
Max Secure Anti Virus Plus 19.0.4.020 Insecure Permissions
Posted Nov 30, 2019
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Max Secure Anti Virus Plus version 19.0.4.020 suffers from an insecure permission vulnerability.

tags | exploit, virus
advisories | CVE-2019-19382
MD5 | e33ab8412cbe5fbdb15a2935c0f48058
Xinet Elegant 6 Asset Library Web Interface 6.1.655 SQL Injection
Posted Nov 30, 2019
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

NAPC Xinet (interface) Elegant 6 Asset Library version 6.1.655 allows pre-authentication error-based SQL injection via the /elegant6/login LoginForm[username] field when double quotes are used.

tags | exploit, sql injection
advisories | CVE-2019-19245
MD5 | 19c74256613bc29f10c94c6dd8532054
ScanGuard Antivirus Insecure Permissions
Posted Nov 13, 2019
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Scanguard versions through 2019-11-12 on Windows has insecure permissions for the installation directory, leading to privilege escalation via a trojan horse executable file.

tags | exploit, trojan
systems | windows
advisories | CVE-2019-18895
MD5 | 395b36711cd21e23af1e2c01cdd5e128
Trend Micro Anti-Threat Toolkit (ATTK) 1.62.0.1218 Remote Code Execution
Posted Oct 20, 2019
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Trend Micro Anti-Threat Toolkit (ATTK) versions 1.62.0.1218 and below suffer from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2019-9491
MD5 | efda6406cb80c26ebe21b6449a6d1cae
Windows File Enumeration Intel Gathering Tool 2.1
Posted Sep 8, 2019
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

NtFileSins.py is a Windows file enumeration intel gathering tool.

tags | exploit
systems | windows
MD5 | df854b2ff767838ad9ede940d9a2edee
Microsoft Windows NTFS Privileged File Access Enumeration
Posted Sep 6, 2019
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Microsoft Windows suffers from an NTFS privileged file access enumeration vulnerability. Attackers possessing user-only rights can gather intelligence or profile other user account activities by brute forcing a correct file name due to inconsistent error messaging.

tags | exploit
systems | windows
MD5 | 8f8a5a6cf1cf40cfec6b841ca09e2618
GGPowerShell / Windows PowerShell Remote Command Execution
Posted Aug 30, 2019
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

This python script mints a .ps file with an exploitable semicolon condition that allows for command execution from Microsoft Windows PowerShell.

tags | exploit, python
systems | windows
MD5 | 9592257d1332e2c7094af04e4b98bda7
Microsoft Windows PowerShell Command Execution
Posted Aug 2, 2019
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Microsoft Windows suffers from a PowerShell unsanitized filename command execution vulnerability.

tags | exploit
systems | windows
MD5 | 4059533a64c2c0436da56ba2b23fecdc
Trend Micro Deep Discovery Inspector Percent Encoding IDS Bypass
Posted Jul 25, 2019
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Trend Micro Deep Discovery Inspector suffers from a percent encoding IDS bypass vulnerability.

tags | exploit, bypass
MD5 | edccc27accadec979aa2288aff49d66c
MAPLE Computer WBT SNMP Administrator 2.0.195.15 Buffer Overflow
Posted Jul 19, 2019
Authored by hyp3rlinx, sasaga92

MAPLE Computer WBT SNMP Administrator version 2.0.195.15 remote buffer overflow exploit with egghunter.

tags | exploit, remote, overflow
MD5 | 264d4bba8bff62a4e99bb6090af82f9b
MAPLE Computer WBT SNMP Administrator 2.0.195.15 Buffer Overflow
Posted Jul 17, 2019
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

MAPLE Computer WBT SNMP Administrator version 2.0.195.15 suffers from a buffer overflow vulnerability that allows for code execution.

tags | exploit, overflow, code execution
advisories | CVE-2019-13577
MD5 | a6d1442ffd46e1f782c5c9c9d20d026e
Microsoft Compiled HTML Help / Uncompiled .chm File XML External Entity Injection
Posted Jul 16, 2019
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Microsoft compiled HTML Help and uncompiled .chm files can be leveraged for XML external entity injection attacks.

tags | exploit
MD5 | 58644216083e140438ff9e4523e0bb5b
Microsoft File Checksum Verifier 2.05 DLL Hijacking
Posted Jul 4, 2019
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Microsoft File Checksum Verifier version 2.05 suffers from a dll hijacking vulnerability.

tags | exploit
MD5 | d2cee35ac2dbc3bc9ea6be0bce939d6e
HC10 HC.Server Service 10.14 Remote Invalid Pointer Write
Posted Jun 17, 2019
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

The HC.Server service in Hosting Controller HC10 10.14 allows an Invalid Pointer Write DoS if attackers can reach the service on port 8794. In addition this can potentially be leveraged for post exploit persistence with SYSTEM privileges, if physical access or malware is involved. If a physical attacker or malware can set its own program for the service failure recovery options, it can be used to maintain persistence. Afterwards, it can be triggered by sending a malicious request to DoS the service, which in turn can start the attackers recovery program. The attackers program can then try restarting the affected service to try an stay unnoticed by calling "sc start HCServerService". Services failure flag recovery options for "enabling actions for stops or errors" and can be set in the services "Recovery" properties tab or on the command line. Authentication is not required to reach the vulnerable service, this was tested successfully on Windows 7/10.

tags | exploit
systems | windows, 7
advisories | CVE-2019-12323
MD5 | d00190d41a9f1c0ea2c4f92ee9779c0d
Microsoft Word (2016) Deceptive File Reference
Posted Jun 17, 2019
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

When a Microsoft Word ".docx" File contains a hyperlink to another file, it will run the first file it finds in that directory with a valid extension. But will present to the end user an extension-less file in its Security warning dialog box without showing the extension type. If another "empty" file of the same name as the target executable exists but has no file extension. Because the extension is suppressed it makes the file seem harmless and the file can be masked to appear as just a folder etc. This can potentially trick user into running unexpected code, but will only work when you have an additional file of same name with NO extension on it.

tags | exploit
MD5 | c758f8435e2134b135cb043389ffe683
Page 1 of 13
Back12345Next

File Archive:

February 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    1 Files
  • 2
    Feb 2nd
    2 Files
  • 3
    Feb 3rd
    17 Files
  • 4
    Feb 4th
    15 Files
  • 5
    Feb 5th
    24 Files
  • 6
    Feb 6th
    16 Files
  • 7
    Feb 7th
    19 Files
  • 8
    Feb 8th
    1 Files
  • 9
    Feb 9th
    2 Files
  • 10
    Feb 10th
    15 Files
  • 11
    Feb 11th
    20 Files
  • 12
    Feb 12th
    12 Files
  • 13
    Feb 13th
    18 Files
  • 14
    Feb 14th
    17 Files
  • 15
    Feb 15th
    4 Files
  • 16
    Feb 16th
    4 Files
  • 17
    Feb 17th
    34 Files
  • 18
    Feb 18th
    15 Files
  • 19
    Feb 19th
    19 Files
  • 20
    Feb 20th
    20 Files
  • 21
    Feb 21st
    15 Files
  • 22
    Feb 22nd
    2 Files
  • 23
    Feb 23rd
    2 Files
  • 24
    Feb 24th
    16 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files
  • 29
    Feb 29th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close