what you don't know can hurt you
Showing 1 - 19 of 19 RSS Feed

Files from Nicob

Email addressnicob at nicob.net
First Active2005-05-27
Last Active2012-08-28
Zabbix Server Arbitrary Command Execution
Posted Aug 28, 2012
Authored by Nicob, juan vazquez | Site metasploit.com

This Metasploit module abuses the "Command" trap in Zabbix Server to execute arbitrary commands without authentication. By default the Node ID "0" is used, if it doesn't work, the Node ID is leaked from the error message and exploitation retried. According to the vendor versions prior to 1.6.9 are vulnerable. The vulnerability has been successfully tested on Zabbix Server 1.6.7 on Ubuntu 10.04.

tags | exploit, arbitrary
systems | linux, ubuntu
advisories | CVE-2009-4498, OSVDB-60965
MD5 | eff24be4c118ce9a6b9eb930d2676760
Kojoney 0.0.4.1 Denial Of Service
Posted Feb 25, 2010
Authored by Nicob

Kojoney versions prior to 0.0.4.2 suffer from a remote denial of service vulnerability.

tags | exploit, remote, denial of service
MD5 | 68d95ad9784f00dae5e84c6d97c15541
Zabbix Server Code Execution / SQL Injection
Posted Dec 15, 2009
Authored by Nicob

Zabbix Server suffers from code execution and remote SQL injection vulnerabilities. Code execution is patched in version 1.8 and SQL injection is patched in 1.6.8. A couple of denial of service vulnerabilities were also addressed.

tags | advisory, remote, denial of service, vulnerability, code execution, sql injection
MD5 | 72fcc32b504b8874a1766d7d6539af49
Zabbix Agent Code Execution
Posted Dec 15, 2009
Authored by Nicob

Zabbix Agent versions prior to 1.6.7 suffer from a code execution vulnerability.

tags | exploit, code execution
MD5 | 43ff494e9b69cfa253bad1423fda8ec2
SquirrelMail PGP Plugin Command Execution
Posted Oct 30, 2009
Authored by Nicob

This Metasploit module exploits a command execution vulnerability in the PGP plugin of SquirrelMail.

tags | exploit
advisories | CVE-2003-0990
MD5 | f40d9630123bae27245952521986482e
novelledir-dos.txt
Posted May 6, 2008
Authored by Nicob

Novell eDirectory versions below 8.7.3 SP 10 and versions below 8.8.2 suffer from a denial of service related vulnerability. Details are provided.

tags | exploit, denial of service
advisories | CVE-2008-0927
MD5 | f4b9138ab33bcc0fa005c5716816dd0f
novelledir-soap.txt
Posted May 6, 2008
Authored by Nicob

Novell eDirectory versions 8.7.x through 8.8.1 suffer from an arbitrary access vulnerability due to client-side access control when using the SOAP interface.

tags | advisory, arbitrary
advisories | CVE-2008-0926
MD5 | bfc87cfd78dc50b27221742df7b7e90f
apache_modjk_overflow.rb.txt
Posted Jul 10, 2007
Authored by Nicob

Metasploit module for the buffer overflow vulnerability in Apache mod_jk version 1.2.20. Written to work on Win23.

tags | exploit, overflow
advisories | CVE-2007-0774
MD5 | b4b22d53df77e3f9138159dff0fe7fed
phpmyvisites-xss.txt
Posted Feb 13, 2007
Authored by Nicob

phpMyVisites versions prior to 2.2 stable suffer from cross site scripting, HTTP response splitting, and local file inclusion flaws.

tags | exploit, web, local, xss, file inclusion
MD5 | 6f012fe5affef383f86b4e875c0e456a
cattools-traverse.txt
Posted Feb 13, 2007
Authored by Nicob

Kiwi CatTools versions below 3.2.0 Beta suffer from a tftp directory traversal flaw.

tags | exploit, file inclusion
MD5 | 15e1d669c724fd97d9cf42080bc6c86c
r3-stealer-1.0.pl.txt
Posted Feb 13, 2007
Authored by Nicob

SAP Web AS version 6.40 enserver.exe file downloader exploit.

tags | exploit, web
MD5 | 5752598c931045ff201480846280017d
sapwebas-dos.txt
Posted Feb 13, 2007
Authored by Nicob

Multiple vulnerabilities exist in SAP Web AS version 6.40 below patch 136 and 7.00 below patch 66. These flaws allow for remote file disclosure, remote denial of service attacks, and local privilege escalation.

tags | advisory, remote, web, denial of service, local, vulnerability
MD5 | a51963a221e2225c0715eb86459d20a5
r3mote_unix_wrapper.sh.txt
Posted Nov 14, 2006
Authored by Nicob

Linux port of the exploit for the gwrd bug in SAP versions below 4.6D patch 1767 and versions below 6.40 patch 4. Allows for remote command execution. Shell script version.

tags | exploit, remote, shell
systems | linux
MD5 | a1142e01a3f786842681b10d22c340b2
r3mote_unix_UDPexec.pl.txt
Posted Nov 14, 2006
Authored by Nicob

Linux port of the exploit for the gwrd bug in SAP versions below 4.6D patch 1767 and versions below 6.40 patch 4. Allows for remote command execution. Perl version.

tags | exploit, remote, perl
systems | linux
MD5 | fa38199776009325b7968543cc79e157
sapchk.c
Posted Nov 14, 2006
Authored by Nicob

Utility to test users and passwords with RfcOpenEx on SAP systems. Now deprecated in favor of THC Hydra.

tags | exploit
MD5 | c1ce68a6f324365ca84f1242f22a43cb
sap-banner.c
Posted Nov 14, 2006
Authored by Nicob

SAP RFC_SYSTEM_INFO information disclosure exploit that leaks OS type, real IP address, SAP version, and more.

tags | exploit, info disclosure
MD5 | 96b58aa2aba723709a768cf2d891f460
SAP_WebAS_UDP_DoS.c
Posted Nov 14, 2006
Authored by Nicob

Two byte UDP denial of service exploit for SAP version below 6.40 patch 6.

tags | exploit, denial of service, udp
MD5 | 4317da203cf4470a5db5b6b1e174503c
SAP-multiple.txt
Posted Nov 6, 2006
Authored by Nicob

The SAP Web Application Server suffers from denial of service, remote file disclosure, and local privilege escalation vulnerabilities.

tags | advisory, remote, web, denial of service, local, vulnerability
MD5 | fb3d3058c79e768dd0f000090523bd13
ethereal-SMB-DoS.c
Posted May 27, 2005
Authored by vade79, Nicob

Ethereal versions 0.10.10 and below SMB dissector remote denial of service exploit. Tested on 0.9.4 and 0.10.10.

tags | exploit, remote, denial of service
MD5 | 3ab2b3f2fbc4facb56d109e6506558d3
Page 1 of 1
Back1Next

File Archive:

March 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    15 Files
  • 2
    Mar 2nd
    5 Files
  • 3
    Mar 3rd
    3 Files
  • 4
    Mar 4th
    25 Files
  • 5
    Mar 5th
    20 Files
  • 6
    Mar 6th
    16 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    12 Files
  • 9
    Mar 9th
    3 Files
  • 10
    Mar 10th
    4 Files
  • 11
    Mar 11th
    23 Files
  • 12
    Mar 12th
    12 Files
  • 13
    Mar 13th
    12 Files
  • 14
    Mar 14th
    19 Files
  • 15
    Mar 15th
    12 Files
  • 16
    Mar 16th
    3 Files
  • 17
    Mar 17th
    1 Files
  • 18
    Mar 18th
    15 Files
  • 19
    Mar 19th
    22 Files
  • 20
    Mar 20th
    14 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    15 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close