exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 14 of 14 RSS Feed

Files from 1F98D

First Active2019-12-22
Last Active2023-07-11
SmarterTools SmarterMail Remote Code Execution
Posted Jul 11, 2023
Authored by Soroush Dalili, 1F98D, Ismail E. Dawoodjee | Site metasploit.com

This Metasploit module exploits a vulnerability in the SmarterTools SmarterMail software for version numbers 16.x and below or for build numbers below 6985. The vulnerable versions and builds expose three .NET remoting endpoints on port 17001, namely /Servers, /Mail and /Spool. For example, a typical installation of SmarterMail Build 6970 will have the /Servers endpoint exposed to the public at tcp://0.0.0.0:17001/Servers, where serialized .NET commands can be sent through a TCP socket connection. The three endpoints perform deserialization of untrusted data (CVE-2019-7214), allowing an attacker to send arbitrary commands to be deserialized and executed. This module exploits this vulnerability to perform .NET deserialization attacks, allowing remote code execution for any unauthenticated user under the context of the SYSTEM account. Successful exploitation results in full administrative control of the target server under the NT AUTHORITY\SYSTEM account. This vulnerability was patched in Build 6985, where the 17001 port is no longer publicly accessible, although it can be accessible locally at 127.0.0.1:17001. Hence, this would still allow for a privilege escalation vector if the server is compromised as a low-privileged user.

tags | exploit, remote, arbitrary, tcp, code execution
advisories | CVE-2019-7214
SHA-256 | c00513d64b0afbcf82cfd8c3569e9b9bd32c506402e79960d11808c409ea5c44
Apache CouchDB Erlang Remote Code Execution
Posted Nov 2, 2022
Authored by 1F98D, jheysel-r7, Konstantin Burov, _sadshade, Milton Valencia | Site metasploit.com

In Apache CouchDB versions prior to 3.2.2, an attacker can access an improperly secured default installation without authenticating and gain admin privileges.

tags | exploit
advisories | CVE-2022-24706
SHA-256 | adaa831a27cc8a7dbc13e63bb293d887542dcd7e9b4a0d6eb85acf4fc9076b08
Odoo 12.0.20190101 Unquoted Service Path
Posted May 12, 2021
Authored by 1F98D

Odoo version 12.0.20190101 suffers from an unquoted service path vulnerability.

tags | exploit
SHA-256 | 469df8497a4e7de028d861d23a77481ee88f1eec8fd644fb09ea4107b5e9674a
NodeBB Emoji 3.2.1 Arbitrary FIle Write
Posted Apr 29, 2021
Authored by 1F98D

NodeBB Emoji plugin version 3.2.1 suffers from an arbitrary file write vulnerability.

tags | exploit, arbitrary
SHA-256 | b8efb1e731fd411b0d82d14ee601854ed4c4affe7d5760b5648cf818e59afbaa
Golden FTP Server 4.70 Buffer Overflow
Posted Mar 9, 2021
Authored by Craig Freyman, Gerardo Iglesias Galvan, 1F98D

Golden FTP Server version 4.70 PASS buffer overflow exploit.

tags | exploit, overflow
advisories | CVE-2006-6576
SHA-256 | 16159dc816f140941e09c862768fbfab9dfff7504f561762b8f4cadfc2699872
Erlang Cookie Remote Code Execution
Posted Jan 13, 2021
Authored by 1F98D

Erlang makes use of a cookie that can be leveraged to achieve remote code execution.

tags | exploit, remote, code execution
SHA-256 | 3c91fa1b316d38e294d40bca8209e79fd95b48d90b51b04f59fbb814a69e7588
Sonatype Nexus 3.21.1 Remote Code Execution
Posted Jan 7, 2021
Authored by 1F98D

Sonatype Nexus version 3.21.1 suffers from an authenticated remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2020-10199
SHA-256 | d8b1ad15495ef283352b6263e8b025b0ccf7349179f8c4e37eb756adbe9fb845
H2 Database 1.4.199 JNI Code Execution
Posted Jan 7, 2021
Authored by Markus Wulftange, 1F98D

H2 Database version 1.4.199 JNI code execution exploit. This exploit utilizes the Java Native Interface to load a a Java class without needing to use the Java Compiler.

tags | exploit, java, code execution
SHA-256 | 8c32746a6cf9be833e68c6b86a98feaea801217d883850845670c99360385e63
Gitea 1.7.5 Remote Code Execution
Posted Jan 7, 2021
Authored by 1F98D

Gitea version 1.7.5 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2019-11229
SHA-256 | 1544539ce83b000103667a0a303a81c41b8f6cf76dba3ecfa900b7f4f6a20f7f
PaperStream IP (TWAIN) 1.42.0.5685 Local Privilege Escalation
Posted Jan 7, 2021
Authored by 1F98D

PaperStream IP (TWAIN) version 1.42.0.5685 suffers from a local privilege escalation vulnerability.

tags | exploit, local
advisories | CVE-2018-16156
SHA-256 | 28348cc78dc388c9a87f5713f56eec3911b65f88876efe3212b98acd43384138
SmarterMail 6985 Remote Code Execution
Posted Dec 9, 2020
Authored by Soroush Dalili, 1F98D

SmarterMail build version 6985 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2019-7214
SHA-256 | 03a34ec5b65f814667108d5769e315ba381562b01bceb44b9f6931123cc94443
OpenSMTPD 6.6.2 Remote Code Execution
Posted Jan 30, 2020
Authored by Qualys Security Advisory, 1F98D

OpenSMTPD version 6.6.2 remote code execution exploit.

tags | exploit, remote, code execution
advisories | CVE-2020-7247
SHA-256 | abe43f7110bb331986cc5d9ed522108c73061ac20671c668b7da6fcdfb9996c1
Pachev FTP Server 1.0 Path Traversal
Posted Jan 23, 2020
Authored by 1F98D

Pachev FTP Server version 1.0 suffers from a path traversal vulnerability.

tags | exploit, file inclusion
SHA-256 | fce413bdfabb6b3915f35ab909f61f24a643c6aa052c9135d2737a1eb83f5a47
FreeSWITCH 1.10.1 Command Execution
Posted Dec 22, 2019
Authored by 1F98D

FreeSWITCH version 1.10.1 suffers from a command execution vulnerability.

tags | exploit
SHA-256 | cf5fac441e8fe1dc7aaac84e56a66ed60a726d5a5793daf6ad13450b79035913
Page 1 of 1
Back1Next

File Archive:

June 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    0 Files
  • 2
    Jun 2nd
    0 Files
  • 3
    Jun 3rd
    18 Files
  • 4
    Jun 4th
    21 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    57 Files
  • 7
    Jun 7th
    6 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    12 Files
  • 11
    Jun 11th
    27 Files
  • 12
    Jun 12th
    38 Files
  • 13
    Jun 13th
    16 Files
  • 14
    Jun 14th
    14 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close