ignore security and it'll go away
Showing 1 - 7 of 7 RSS Feed

Files from Nixawk

First Active2015-11-06
Last Active2017-04-24
Microsoft Office Word Malicious Hta Execution
Posted Apr 24, 2017
Authored by Haifei Li, Didier Stevens, sinn3r, Nixawk, ryHanson, vysec, wdormann | Site metasploit.com

This Metasploit module creates a malicious RTF file that when opened in vulnerable versions of Microsoft Word will lead to code execution. The flaw exists in how an olelink object can make a http(s) request, and execute hta code in response. This bug was originally seen being exploited in the wild starting in Oct 2016. This Metasploit module was created by reversing a public malware sample.

tags | exploit, web, code execution
advisories | CVE-2017-0199
MD5 | 22d66842eeda59c2f386116bd2c8a720
Apache Struts Jakarta Multipart Parser OGNL Injection
Posted Mar 14, 2017
Authored by egypt, Nixawk, Nike.Zheng, Jeffrey Martin, Chorder | Site metasploit.com

This Metasploit module exploits a remote code execution vulnerability in Apache Struts version 2.3.5 - 2.3.31, and 2.5 - 2.5.10. Remote Code Execution can be performed via http Content-Type header. Native payloads will be converted to executables and dropped in the server's temp dir. If this fails, try a cmd/* payload, which won't have to write to the disk.

tags | exploit, remote, web, code execution
advisories | CVE-2017-5638
MD5 | 8637e8ffc6de9189c657a3e087a50331
Netcore Router Udp 53413 Backdoor
Posted Aug 11, 2016
Authored by h00die, Nixawk | Site metasploit.com

Routers manufactured by Netcore, a popular brand for networking equipment in China, have a wide-open backdoor that can be fairly easily exploited by attackers. These products are also sold under the Netis brand name outside of China. This backdoor allows cyber criminals to easily run arbitrary code on these routers, rendering it vulnerable as a security device. Some models include a non-standard echo command which doesn't honor -e, and are therefore not currently exploitable with Metasploit. See URLs or module markdown for additional options.

tags | exploit, arbitrary
MD5 | 344cf1d43d84d79b6807431fd61e8450
Apache Struts REST Plugin With Dynamic Method Invocation Remote Code Execution
Posted Jun 9, 2016
Authored by Nixawk | Site metasploit.com

This Metasploit module exploits a remote command execution vulnerability in Apache Struts version between 2.3.20 and 2.3.28 (except 2.3.20.2 and 2.3.24.2). Remote Code Execution can be performed when using REST Plugin with ! operator when Dynamic Method Invocation is enabled.

tags | exploit, remote, code execution
advisories | CVE-2016-3087
MD5 | a500c7d4893ccc30f624a84876393fb9
Apache Struts 2.3.28 Dynamic Method Invocation Remote Code Execution
Posted Apr 30, 2016
Authored by Nixawk | Site metasploit.com

This Metasploit module exploits a remote command execution vulnerability in Apache Struts version between 2.3.20 and 2.3.28 (except 2.3.20.2 and 2.3.24.2). Remote Code Execution can be performed via method: prefix when Dynamic Method Invocation is enabled.

tags | exploit, remote, code execution
advisories | CVE-2016-3081
MD5 | bb77e1c207231c0a1ce3a4a82373b2c0
PostgreSQL CREATE LANGUAGE Execution
Posted Apr 9, 2016
Authored by Micheal Cottingham, midnitesnake, Nixawk | Site metasploit.com

Some installations of Postgres 8 and 9 are configured to allow loading external scripting languages. Most commonly this is Perl and Python. When enabled, command execution is possible on the host. To execute system commands, loading the "untrusted" version of the language is necessary. This requires a superuser. This is usually postgres. The execution should be platform-agnostic, and has been tested on OS X, Windows, and Linux. This Metasploit module attempts to load Perl or Python to execute system commands. As this dynamically loads a scripting language to execute commands, it is not necessary to drop a file on the filesystem. Only Postgres 8 and up are supported.

tags | exploit, perl, python
systems | linux, windows, apple, osx
MD5 | 3c81d94f69a7a70e2c856b1c3cb07ab0
China Chopper Caidao PHP Backdoor Code Execution
Posted Nov 6, 2015
Authored by Nixawk | Site metasploit.com

This Metasploit module takes advantage of the China Chopper Webshell that is commonly used by Chinese hackers.

tags | exploit
MD5 | 49f6c90355a862b124b78c5bdd3942d6
Page 1 of 1
Back1Next

File Archive:

October 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    15 Files
  • 2
    Oct 2nd
    16 Files
  • 3
    Oct 3rd
    15 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    11 Files
  • 6
    Oct 6th
    6 Files
  • 7
    Oct 7th
    2 Files
  • 8
    Oct 8th
    1 Files
  • 9
    Oct 9th
    13 Files
  • 10
    Oct 10th
    16 Files
  • 11
    Oct 11th
    15 Files
  • 12
    Oct 12th
    23 Files
  • 13
    Oct 13th
    13 Files
  • 14
    Oct 14th
    12 Files
  • 15
    Oct 15th
    2 Files
  • 16
    Oct 16th
    16 Files
  • 17
    Oct 17th
    16 Files
  • 18
    Oct 18th
    15 Files
  • 19
    Oct 19th
    10 Files
  • 20
    Oct 20th
    7 Files
  • 21
    Oct 21st
    4 Files
  • 22
    Oct 22nd
    2 Files
  • 23
    Oct 23rd
    10 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close