Exploit the possiblities
Showing 1 - 19 of 19 RSS Feed

Files from PAgVac

First Active2003-12-03
Last Active2009-12-31
PhpMyAdmin Config File Code Injection
Posted Dec 31, 2009
Authored by PAgVac, Greg Ose | Site metasploit.com

This Metasploit module exploits a vulnerability in PhpMyAdmin's setup feature which allows an attacker to inject arbitrary PHP code into a configuration file. The original advisory says the vulnerability is present in phpMyAdmin versions 2.11.x < 2.11.9.5 and 3.x < 3.1.3.1; this module was tested on 3.0.1.1. The file where our payload is written (phpMyAdmin/config/config.inc.php) is not directly used by the system, so it may be a good idea to either delete it or copy the running config (phpMyAdmin/config.inc.php) over it after successful exploitation.

tags | exploit, arbitrary, php
advisories | CVE-2009-1151
MD5 | daa773a35dac8ed474de87c4c695b7ea
Avaya Intuity Audix LX Command Execution
Posted Sep 19, 2009
Authored by PAgVac

The Avaya Intuity Audix LX suffers from remote command execution, cross site scripting, and cross site request forgery vulnerabilities.

tags | exploit, remote, vulnerability, xss, csrf
MD5 | 3fa63cbcbe9243da5288688f70d747c5
phpMyAdmin /scripts/setup.php Code Injection
Posted Jun 10, 2009
Authored by PAgVac

phpMyAdmin /scripts/setup.php PHP code injection remote command execution proof of concept exploit. Versions 3.0.1.1 and below are affected.

tags | exploit, remote, php, proof of concept
advisories | CVE-2009-1151
MD5 | 59f3c5673bb3b69956d8432c0e7b8a9a
D2T1_-_Adrian_Pastor_-_Cracking_Into_Embeded_Devices_and_Beyond.zip
Posted Apr 21, 2008
Authored by PAgVac | Site conference.hitb.org

Cracking into Embedded Devices and Beyond - The presentation covers cracking into embedded devices by exploiting vulnerabilities present on default software running on the target device.

tags | vulnerability
MD5 | f919ddceb26ea5d330ed640c854c67f7
calljack.txt
Posted Jan 22, 2008
Authored by PAgVac | Site gnucitizen.org

Call Jacking: Phreaking The BT Home Hub.

tags | paper
MD5 | 5b531137f594cec86923f76c724b4f76
homehub-upnp.txt
Posted Jan 10, 2008
Authored by PAgVac | Site gnucitizen.org

Information on pwning the BT Home Hub regarding the exploitation of IGDs remotely via UPnP.

tags | advisory
MD5 | b881d12f8b72ceedb666cfb0b156a716
bt-pwnage.txt
Posted Nov 13, 2007
Authored by PAgVac | Site gnucitizen.org

Pwning the BT Home Hub details have been published. Various cross site scripting and cross site request forgery issues still exist.

tags | advisory, xss, csrf
MD5 | 33bf36a9c0244909428ecd0367127de6
bthomehub.txt
Posted Oct 10, 2007
Authored by PAgVac

It appears that the BT Home Hub is susceptible to some critical vulnerabilities.

tags | advisory, vulnerability
MD5 | bdb5d6bad9d4d27dc5d6883def4166aa
googleurchin-xss.txt
Posted Sep 25, 2007
Authored by PAgVac

There is a trivially exploitable cross site scripting vulnerability on Google Urchin Web Analytics 5's login page. The vulnerability has been tested on versions 5.6.00r2, 5.7.01, 5.7.02 and 5.7.03 (latest). Previous versions are most likely affected as well.

tags | advisory, web, xss
MD5 | 787e264d6b1e657a3f34181cf856f8d5
wpregister-xss.txt
Posted Sep 25, 2007
Authored by PAgVac

Earlier versions of the Wordpress 2.0 branch are susceptible to two vanilla cross site scripting vulnerabilities in wp-register.php.

tags | exploit, php, vulnerability, xss
MD5 | f345a0ca1db629697ba2cc932cb9a4e6
luhn-check.tar
Posted Mar 20, 2007
Authored by PAgVac | Site ikwt.com

luhn-check is a tool that determines whether or not a number follows Luhn's algorithm.

tags | encryption
MD5 | 4ee5c5aa974db85dde68636934db0ac3
rcsr.txt
Posted Nov 29, 2006
Authored by PAgVac

Full write up discussing password theft with Firefox using RCSR, aka Reverse Cross-Site Request attacks.

tags | paper
MD5 | b729ac408ec380fe637e8f8bb54c40ad
exegesis.pdf
Posted Mar 9, 2006
Authored by PAgVac | Site public.gnucitizen.org

Purple Paper: Exegesis Of Virtual Hosts Hacking - First paper written on the topic of virtual hosts hacking. It covers basic skills such as passive discovery techniques and (almost) stealth active discovery techniques. It also presents possible scenarios of exploitation.

tags | paper
MD5 | 415c3a19e997a3df3f383fc0b7fb8046
unidenWeak.txt
Posted Feb 25, 2006
Authored by PAgVac

The Uniden UIP1868P VoIP phone/gateway comes with a default password of admin without any login necessary.

tags | advisory
MD5 | 879095fd394dce02834f162963b3c464
google-talk-cleartext-proxy-credentials.txt
Posted Oct 24, 2005
Authored by PAgVac | Site ikwt.com

Google Talk stores proxy login credentials as cleartext in the Windows Registry.

tags | advisory, registry
systems | windows
MD5 | 367eaca75ea84dbe3f8ad76038fb5437
Brief_intro_to_crypt.pdf
Posted Feb 26, 2005
Authored by PAgVac

Brief paper discussing the basics of cryptography and the difference between symmetric and asymmetric cryptography.

tags | paper
MD5 | 1fb7d951e26e627eb3917c88148cf3ea
avaya.cpp
Posted Feb 26, 2005
Authored by PAgVac

Avaya IP Office Phone Manager exploit that attempts to extract sensitive data from the Windows registry.

tags | exploit, registry
systems | windows
MD5 | 9666749b62f499e1f04e9084c391876b
AvayaData.txt
Posted Feb 26, 2005
Authored by PAgVac

The Avaya IP Office Phone Manager stores sensitive user data in the Windows Registry.

tags | advisory, registry
systems | windows
MD5 | 692867ebab87f61b705c238418be1b34
WNMSB-LAN.zip
Posted Dec 3, 2003
Authored by PAgVac

WNMSB-LAN is a Windows Messenger Service Bomber. Includes C++ source and a windows executable.

systems | windows
MD5 | 2ff196a71f4cbd1ed6aa0e7ce296b5a8
Page 1 of 1
Back1Next

File Archive:

November 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    22 Files
  • 2
    Nov 2nd
    28 Files
  • 3
    Nov 3rd
    10 Files
  • 4
    Nov 4th
    1 Files
  • 5
    Nov 5th
    5 Files
  • 6
    Nov 6th
    15 Files
  • 7
    Nov 7th
    15 Files
  • 8
    Nov 8th
    13 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    9 Files
  • 11
    Nov 11th
    3 Files
  • 12
    Nov 12th
    2 Files
  • 13
    Nov 13th
    15 Files
  • 14
    Nov 14th
    17 Files
  • 15
    Nov 15th
    19 Files
  • 16
    Nov 16th
    15 Files
  • 17
    Nov 17th
    19 Files
  • 18
    Nov 18th
    4 Files
  • 19
    Nov 19th
    2 Files
  • 20
    Nov 20th
    9 Files
  • 21
    Nov 21st
    15 Files
  • 22
    Nov 22nd
    23 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close