Twenty Year Anniversary
Showing 1 - 23 of 23 RSS Feed

Files from Touhid M.Shaikh

First Active2017-05-16
Last Active2018-07-30
Vtiger CRM 6.3.0 Authenticated Logo Upload Remote Command Execution
Posted Jul 30, 2018
Authored by Benjamin Daniel Mussler, Touhid M.Shaikh | Site metasploit.com

Vtiger version 6.3.0 CRM's administration interface allows for the upload of a company logo. Instead of uploading an image, an attacker may choose to upload a file containing PHP code and run this code by accessing the resulting PHP file. This Metasploit module was tested against vTiger CRM version 6.3.0.

tags | exploit, php
advisories | CVE-2015-6000, CVE-2016-1713
MD5 | 72429cacd6f8d8507d950f72f13a44cd
Monstra CMS Authenticated Arbitrary File Upload
Posted Jul 11, 2018
Authored by Touhid M.Shaikh, Ishaq Mohammed | Site metasploit.com

Monstra CMS 3.0.4 allows users to upload arbitrary files which leads to remote command execution on the remote server. An attacker may choose to upload a file containing PHP code and run this code by accessing the resulting PHP file. This Metasploit module was tested against Monstra CMS 3.0.4.

tags | exploit, remote, arbitrary, php
advisories | CVE-2017-18048
MD5 | 7dbdf348dbb60d19f6dfcb69ab4f25d5
PlaySMS import.php Code Execution
Posted May 7, 2018
Authored by Touhid M.Shaikh | Site metasploit.com

This Metasploit module exploits an authenticated file upload remote code execution vulnerability in PlaySMS version 1.4. This issue is caused by improper file contents handling in import.php (aka the Phonebook import feature). Authenticated Users can upload a CSV file containing a malicious payload via vectors involving the User-Agent HTTP header and PHP code in the User-Agent. This Metasploit module was tested against PlaySMS 1.4 on VulnHub's Dina 1.0 machine and Windows 7.

tags | exploit, remote, web, php, code execution, file upload
systems | windows, 7
advisories | CVE-2017-9101
MD5 | f976c4045dcaba09573750799d5fb25a
PlaySMS sendfromfile.php Code Execution
Posted May 7, 2018
Authored by Touhid M.Shaikh, DarkS3curity | Site metasploit.com

This Metasploit module exploits a code injection vulnerability within an authenticated file upload feature in PlaySMS version 1.4. This issue is caused by improper file name handling in sendfromfile.php file. Authenticated Users can upload a file and rename the file with a malicious payload. This Metasploit module was tested against PlaySMS 1.4 on VulnHub's Dina 1.0 machine and Windows 7.

tags | exploit, php, file upload
systems | windows, 7
advisories | CVE-2017-9080
MD5 | 2580a04744c23352ceb458505fd66e3d
ClipBucket beats_uploader Unauthenticated Arbitrary File Upload
Posted Mar 26, 2018
Authored by Touhid M.Shaikh | Site metasploit.com

This Metasploit module exploits a vulnerability found in ClipBucket versions before 4.0.0 (Release 4902). A malicious file can be uploaded using an unauthenticated arbitrary file upload vulnerability. It is possible for an attacker to upload a malicious script to issue operating system commands. This issue is caused by improper session handling in /action/beats_uploader.php file. This Metasploit module was tested on ClipBucket before 4.0.0 - Release 4902 on Windows 7 and Kali Linux.

tags | exploit, arbitrary, php, file upload
systems | linux, windows, 7
MD5 | d2275d600b73e806af00c2c4d704c496
DiskBoss Enterprise 8.4.16 Import Command Buffer Overflow
Posted Sep 28, 2017
Authored by Touhid M.Shaikh

DiskBoss Enterprise version 8.4.16 suffers from an import command buffer overflow vulnerability.

tags | exploit, overflow
MD5 | 27a3919b40a7fc3253960bee0b22ca15
DiskBoss Enterprise 8.4.16 Buffer Overflow Proof Of Concept
Posted Sep 28, 2017
Authored by Touhid M.Shaikh

DiskBoss Enterprise version 8.4.16 buffer overflow proof of concept exploit.

tags | exploit, overflow, proof of concept
MD5 | d8c794bace6408671418a351c6bf5b1f
Linux/x86_64 mkdir() Shellcode
Posted Sep 27, 2017
Authored by Touhid M.Shaikh

30 bytes small Linux/x86_64 mkdir() shellcode.

tags | shellcode
systems | linux
MD5 | 602ddb5bf805d4c4ad0a5a3afea270fc
Easy RM RMVB To DVD Burner 1.8.11 Buffer Overflow
Posted Aug 28, 2017
Authored by Touhid M.Shaikh

Easy RM RMVB to DVD Burner version 18.11 buffer overflow exploit.

tags | exploit, overflow
MD5 | 51faa8b8c28c6583e8a4c83d92d9b2dd
Easy WMV/ASF/ASX To DVD Burner 2.3.11 Buffer Overflow
Posted Aug 28, 2017
Authored by Touhid M.Shaikh

Easy WMV/ASF/ASX to DVD Burner version 2.3.11 buffer overflow exploit.

tags | exploit, overflow
MD5 | f29118120d3fd9918ec8e9645151d130
Linux/x86-64 Reverse TCP Shell Shellcode
Posted Aug 21, 2017
Authored by Touhid M.Shaikh

153 bytes small Linux/x86-64 reverse TCP shell shellcode that binds to 192.168.1.2:4444.

tags | shell, x86, tcp, shellcode
systems | linux
MD5 | 61d0bff1874dee43bdda29cd1ada3ad1
RealTime RWR-3G-100 Router Cross Site Request Forgery
Posted Aug 12, 2017
Authored by Touhid M.Shaikh

RealTime RWR-3G-100 router suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | 120da48c843debac3d5408298c077151
Piwigo User Tag 0.9.0 Cross Site Scripting
Posted Aug 10, 2017
Authored by Touhid M.Shaikh

Piwigo User Tag plugin version 0.9.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 6701bf24df1ab48886dd811413896284
VehicleWorkshop Arbitrary File Upload
Posted Aug 1, 2017
Authored by Touhid M.Shaikh

VehicleWorkshop suffers from a remote file upload vulnerability.

tags | exploit, remote, file upload
MD5 | 711f39a07eb8caa7b24fb3d075b31bb8
VehicleWorkshop Authentication Bypass / SQL Injection
Posted Aug 1, 2017
Authored by Touhid M.Shaikh

VehicleWorkshop suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection, bypass
MD5 | 64764044ccdef8622fdfc659f7902ff2
Easy File Sharing Web Server 7.2 Buffer Overflow
Posted Jun 12, 2017
Authored by Touhid M.Shaikh

Easy File Sharing Web Server version 7.2 suffers from a buffer overflow vulnerability.

tags | exploit, web, overflow
MD5 | 6cda3365a8fb67672877f3e67351f5b3
Easy File Sharing Web Server 7.2 Authentication Bypass
Posted Jun 11, 2017
Authored by Touhid M.Shaikh

Easy File Sharing Web Server version 7.2 suffers from an authentication bypass vulnerability. suffers from a bypass vulnerability.

tags | exploit, web, bypass
MD5 | cb6cabfb18bb30057a5918cb51b25080
Linux/x86-64 JMP CALL POP /bin/sh Shellcode
Posted Jun 5, 2017
Authored by Touhid M.Shaikh

31 bytes small Linux/x86-64 JMP CALL POP /bin/sh shellcode.

tags | x86, shellcode
systems | linux
MD5 | a9a3ed56afabe12cf2913b23ab4e9198
Piwigo Facetag 0.0.3 SQL Injection
Posted May 31, 2017
Authored by Touhid M.Shaikh

Piwigo Facetag plugin version 0.0.3 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 265f571ac1465bf00b85cfdccc57cffc
Aries QWR-1104 Wireless-N Cross Site Scripting
Posted May 27, 2017
Authored by Touhid M.Shaikh

Aries QWR-1104 Wireless-N router suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | fdea6d042260382680f451432b9be930
PlaySMS 1.4 Remote Code Execution
Posted May 20, 2017
Authored by Touhid M.Shaikh

PlaySMS version 1.4 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
MD5 | c336f72f79e084e8c81c8e859a78c9e1
D-Link DIR-600M Wireless N 150 Authentication Bypass
Posted May 20, 2017
Authored by Touhid M.Shaikh

D-Link DIR-600M Wireless N 150 suffers from an authentication bypass vulnerability.

tags | exploit, bypass
MD5 | 177eb06dde58e466bffebdce91d3056e
PlaySms 1.4 Remote Code Execution
Posted May 16, 2017
Authored by Touhid M.Shaikh

PlaySms version 1.4 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
MD5 | e424148e741d37bb81caa355da3894ce
Page 1 of 1
Back1Next

File Archive:

November 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    10 Files
  • 2
    Nov 2nd
    15 Files
  • 3
    Nov 3rd
    2 Files
  • 4
    Nov 4th
    2 Files
  • 5
    Nov 5th
    32 Files
  • 6
    Nov 6th
    27 Files
  • 7
    Nov 7th
    8 Files
  • 8
    Nov 8th
    9 Files
  • 9
    Nov 9th
    17 Files
  • 10
    Nov 10th
    2 Files
  • 11
    Nov 11th
    2 Files
  • 12
    Nov 12th
    33 Files
  • 13
    Nov 13th
    29 Files
  • 14
    Nov 14th
    23 Files
  • 15
    Nov 15th
    45 Files
  • 16
    Nov 16th
    11 Files
  • 17
    Nov 17th
    1 Files
  • 18
    Nov 18th
    1 Files
  • 19
    Nov 19th
    3 Files
  • 20
    Nov 20th
    2 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close