exploit the possibilities
Showing 1 - 25 of 32 RSS Feed

Files from Cody Sixteen

Email address610code at gmail.com
First Active2016-05-30
Last Active2021-01-11
Code16 Notes Magazine 04
Posted Jan 11, 2021
Authored by Cody Sixteen, code16

Code16 is a compilation of notes from research performed by Cody16. This issue discusses setting up your browser with extensions for inspection of payloads while pentesting, fuzzing, and more.

tags | magazine
MD5 | dcdbad11d4199df8034996d251435301
Code16 Notes Magazine 03
Posted Jan 11, 2021
Authored by Cody Sixteen, code16

Code16 is a compilation of notes from research performed by Cody16. This issue discusses creating web modules for Metasploit, a mass scanner for WordPress plugins, Learning Arduino, and more.

tags | web, magazine
MD5 | 3dc7de3a1510e8929e532e7ea94698de
Code16 Notes Magazine 01
Posted Nov 23, 2020
Authored by Cody Sixteen, code16

Code16 is a compilation of notes from research performed by Cody16. This issue discusses creating web modules for Metasploit and more.

tags | paper, web, magazine
MD5 | 37e9cde49e5ddf663379d345d4abcce3
Code16 Notes Magazine 02
Posted Nov 23, 2020
Authored by Cody Sixteen, code16

Code16 is a compilation of notes from research performed by Cody16. This issue discusses exploring heap overflows and more.

tags | paper, overflow, magazine
MD5 | 69a5018313932a09abe01bb1cf8ab55f
Symantec Web Gateway 5.0.2.8 Remote Code Execution
Posted Apr 9, 2020
Authored by Cody Sixteen

Symantec Web Gateway version 5.0.2.8 pre-authentication remote code execution exploit.

tags | exploit, remote, web, code execution
MD5 | 4626e1e8d0204fec4863f5b78c64b0a5
NagiosXL 5.6.11 orderby SQL Injection
Posted Apr 9, 2020
Authored by Cody Sixteen

NagiosXL version 5.6.11 post authentication orderby parameter remote SQL injection exploit.

tags | exploit, remote, sql injection
MD5 | af00914d51be1605d7261a4e4640d262
Centreon 19.11 SQL Injection
Posted Apr 9, 2020
Authored by Cody Sixteen

Centreon version 19.11 post authentication acl_res_name parameter remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | dbfffa02418a8f8265e03ea289bcae42
NagiosXI 5.6.11 start / end / step Remote Code Execution
Posted Apr 9, 2020
Authored by Cody Sixteen

NagiosXI version 5.6.11 post authentication start, end, and step parameter remote code execution exploit.

tags | exploit, remote, code execution
MD5 | 03df490fde128bbcbed70d7a7cbbf943
Symantec Web Gateway 5.0.2.8 Remote Code Execution
Posted Apr 9, 2020
Authored by Cody Sixteen

Symantec Web Gateway version 5.0.2.8 post authentication remote code execution exploit.

tags | exploit, remote, web, code execution
MD5 | c88d1355f7cf9690236ca64c4866aaac
NagiosXI 5.6.11 address Remote Code Execution
Posted Apr 9, 2020
Authored by Cody Sixteen

NagiosXI version 5.6.11 post authentication address parameter remote code execution exploit.

tags | exploit, remote, code execution
MD5 | 92ef7b4ba5ce159306931d3e4c660d97
Centreon 19.10-3.el7 SQL Injection
Posted Apr 8, 2020
Authored by Cody Sixteen

This is a whitepaper tutorial that describes steps taken to identify post-authentication remote SQL injection vulnerabilities in Centreon version 19.10-3.el7.

tags | exploit, paper, remote, vulnerability, sql injection
MD5 | dbac0cf531ae47db48c0dc6c68b92930
Symantec Web Gateway 5.0.2.8 Remote Code Execution
Posted Apr 8, 2020
Authored by Cody Sixteen

This is a whitepaper tutorial that describes steps taken to identify post-authentication remote code execution vulnerabilities in Symantec Web Gateway version 5.0.2.8.

tags | exploit, paper, remote, web, vulnerability, code execution
MD5 | abc6efe48f42679d3df8d10a4ab60e49
ManageEngine 14 Remote Code Execution
Posted Apr 8, 2020
Authored by Cody Sixteen

This is a whitepaper tutorial that describes steps taken to identify post-authentication remote code execution vulnerabilities in ManageEngine version 14.

tags | exploit, paper, remote, vulnerability, code execution
MD5 | 361d79554df5c1c70d3bd1a4ab11c9d7
NagiosXI 5.6.11 Remote Command Execution
Posted Apr 8, 2020
Authored by Cody Sixteen

This is a whitepaper tutorial that describes steps taken to identify post-authentication remote command execution vulnerabilities in NagiosXI version 5.6.11.

tags | exploit, paper, remote, vulnerability, proof of concept
MD5 | 73a519ae9906fa675e36f00d2ae34802
Symantec Web Gateway 5.0.2.8 Remote Command Execution
Posted Apr 8, 2020
Authored by Cody Sixteen

This is a whitepaper tutorial that walks through creating a proof of concept exploit for a pre-authentication remote command execution vulnerability in Symantec Web Gateway version 5.0.2.8.

tags | exploit, paper, remote, web, proof of concept
MD5 | e3a2193e793902cf582aa14cc8f1a1ee
NagiosXI 5.6 Remote Command Execution
Posted Apr 8, 2020
Authored by Cody Sixteen

This is a whitepaper tutorial that walks through creating a proof of concept exploit for a remote command execution vulnerability in NagiosXI version 5.6.

tags | exploit, paper, remote, proof of concept
MD5 | af4fa3179a109a0ef5f00713c259a926
multiOTP 5.0.4.4 Remote Code Execution
Posted Apr 2, 2020
Authored by Cody Sixteen

This whitepaper documents a walk through that describes the steps taken to identify a remote code execution vulnerability in multiOTP version 5.0.4.4.

tags | exploit, remote, code execution
MD5 | 168865d3c5de4d20e8f3595f40cf8679
Zen Load Balancer 3.10.1 Remote Code Execution
Posted Mar 30, 2020
Authored by Cody Sixteen

Zen Load Balancer version 3.10.1 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
MD5 | 8a94b04383ba5845668af5b40ea1572f
Pentesting Zen Load Balancer
Posted Mar 30, 2020
Authored by Cody Sixteen

This whitepaper is a quick tutorial on pentesting the Zen load balancer.

tags | paper
MD5 | 861099cc2be81725b83792a18b56b14b
VA MAX 8.3.4 Remote Code Execution
Posted Feb 11, 2019
Authored by Cody Sixteen

VA MAX version 8.3.4 suffers from a post-authentication remote code execution vulnerability.

tags | exploit, remote, code execution
MD5 | 2f7f205175ffba97f02f89ae90c1840a
Zoho ManageEngine Applications Manager 13 SQL Injection
Posted Nov 6, 2017
Authored by Cody Sixteen

Zoho ManageEngine Applications Manager version 13 suffers from multiple post-authentication remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
advisories | CVE-2017-16542, CVE-2017-16543
MD5 | 8115dc4d1bf7c179bd4ceb7ff2fb80df
Trend Micro InterScan Messaging Security (Virtual Appliance) Remote Code Execution
Posted Aug 18, 2017
Authored by Mehmet Ince, Cody Sixteen | Site metasploit.com

This Metasploit module exploits a command injection vulnerability in the Trend Micro IMSVA product. An authenticated user can execute a terminal command under the context of the web server user which is root. Besides, default installation of IMSVA comes with a default administrator credentials. WizardSetting_sys.imss endpoint takes several user inputs and performs LAN settings. After that it use them as argument of predefined operating system command without proper sanitation. It's possible to inject arbitrary commands into it. InterScan Messaging Security prior to 9.1.-1600 affected by this issue.

tags | exploit, web, arbitrary, root
MD5 | 7eadfd94788e579c42212511e87507fe
ModX CMS Proof Of Concept Shell Upload
Posted May 31, 2017
Authored by Cody Sixteen

This proof of concept code shows how manager functionality can be abused in ModX CMS to upload a shell.

tags | exploit, shell, proof of concept
MD5 | 4a9e82ae99c6a9dbf9554d110145a1a4
RealPlayer 18.1.7.344 Memory Corruption
Posted May 29, 2017
Authored by Cody Sixteen

RealPlayer version 18.1.7.344 suffers from memory corruption vulnerabilities.

tags | exploit, vulnerability
MD5 | 016abfd3fbb9683bb3cb4c4d5b774f1e
Joomla 3.x Proof Of Concept Shell Upload
Posted May 28, 2017
Authored by Cody Sixteen

This proof of concept code shows how administrator functionality can be abused in Joomla to upload a shell.

tags | exploit, shell, proof of concept, file upload
MD5 | 5342f1f41088abee2af959b87cbce235
Page 1 of 2
Back12Next

File Archive:

January 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    4 Files
  • 2
    Jan 2nd
    3 Files
  • 3
    Jan 3rd
    3 Files
  • 4
    Jan 4th
    33 Files
  • 5
    Jan 5th
    31 Files
  • 6
    Jan 6th
    21 Files
  • 7
    Jan 7th
    15 Files
  • 8
    Jan 8th
    19 Files
  • 9
    Jan 9th
    1 Files
  • 10
    Jan 10th
    1 Files
  • 11
    Jan 11th
    33 Files
  • 12
    Jan 12th
    19 Files
  • 13
    Jan 13th
    27 Files
  • 14
    Jan 14th
    8 Files
  • 15
    Jan 15th
    16 Files
  • 16
    Jan 16th
    1 Files
  • 17
    Jan 17th
    2 Files
  • 18
    Jan 18th
    20 Files
  • 19
    Jan 19th
    32 Files
  • 20
    Jan 20th
    15 Files
  • 21
    Jan 21st
    10 Files
  • 22
    Jan 22nd
    16 Files
  • 23
    Jan 23rd
    1 Files
  • 24
    Jan 24th
    1 Files
  • 25
    Jan 25th
    28 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close