exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 20 of 20 RSS Feed

Files from Luca Carettoni

Email addressluca.carettoni at ikkisoft.com
First Active2005-07-28
Last Active2015-03-30
JBoss JMXInvokerServlet Remote Command Execution
Posted Mar 30, 2015
Authored by Luca Carettoni

This code exploits a common misconfiguration in JBoss Application Server. Whenever the JMX Invoker is exposed with the default configuration, a malicious "MarshalledInvocation" serialized Java object allows to execute arbitrary code. This exploit works even if the "Web-Console" and the "JMX Console" are protected or disabled.

tags | exploit, java, web, arbitrary
SHA-256 | 2f89a911033600e43c401de947c053ee9c90b4063ccb92f8ff41a305ec2aa1aa
Zend Java Bridge Remote Code Execution
Posted Mar 30, 2011
Authored by Luca Carettoni

Zend Java Bridge version 3.1 remote code execution exploit that takes advantage of a specific flaw in the javamw.jar service.

tags | exploit, java, remote, code execution
SHA-256 | 5b230d5d0d8b69815ef55baf27ebfe72e28fd2c2e03ebc062420fdb5fcd6d19e
NetSupport Manager Agent Remote Buffer Overflow
Posted Mar 4, 2011
Authored by Luca Carettoni, jduck, Evan | Site metasploit.com

This Metasploit module exploits a buffer overflow in NetSupport Manager Agent. It uses a similar ROP to the proftpd_iac exploit in order to avoid non executable stack.

tags | exploit, overflow
advisories | CVE-2011-0404, OSVDB-70408
SHA-256 | 97cfba55ad99e70aab89080a5fd28096914ddedef3359cfe0a68bdb2d98b0bff
NetSupport Manager Agent Remote Buffer Overflow
Posted Jan 8, 2011
Authored by Luca Carettoni

NetSupport Manager Agent suffers from a stack-based buffer overflow vulnerability. Version 11 for Linux, 9.50 for Solaris, and 11.00 for Mac OS X are confirmed vulnerable. The advisory and exploit are both included in this archive.

tags | exploit, overflow
systems | linux, solaris, apple, osx
SHA-256 | 6417f7b4beba8da9495af360dd98ebbd189845733d7c21caf922ea23a26883be
IBM WebSphere Arbitrary File Retrieval
Posted Jan 7, 2011
Authored by Luca Carettoni

IBM WebSphere suffers from arbitrary file retrieval vulnerabilities.

tags | advisory, arbitrary, vulnerability, info disclosure
SHA-256 | de8dc2b772ab07ee4cd4c5c0720677050407868ec9368f5cf31cdc98f583d590
Oracle Secure Backup Server Bypass / Command Injection
Posted Sep 15, 2009
Authored by Luca Carettoni | Site ikkisoft.com

Oracle Secure Backup Administration Server suffers from authentication bypass and command injection vulnerabilities.

tags | exploit, vulnerability, bypass
advisories | CVE-2009-1977, CVE-2009-1978
SHA-256 | 8bbf1a7668ebf7f94b2ec20073f80c9f8f048f84184c40ab8880774b4df54dd6
HTTP Parameter Pollution
Posted May 19, 2009
Authored by Stefano Di Paola, Luca Carettoni | Site ikkisoft.com

This is a presentation called HTTP Parameter Pollution that focuses on manipulation and injection of HTTP GET/POST parameters.

tags | paper, web
SHA-256 | df989e106011230b8418a8adeaad6d36878992bf93ca8fd2ac0c12fef5be85fa
Mortbay Jetty Denial Of Service
Posted May 8, 2009
Authored by Luca Carettoni | Site ikkisoft.com

Mortbay Jetty versions 7.0.0-pre5 and below dispatcher servlet denial of service exploit.

tags | exploit, denial of service
SHA-256 | f66271be2229a03b1932399b1b0b4487d492f57519db5138a2bb1f932b5197b8
ZeroShell Code Execution
Posted Feb 9, 2009
Authored by Luca Carettoni | Site ikkisoft.com

ZeroShell versions 1.0beta11 and below suffer from a remote code execution vulnerability.

tags | exploit, remote, code execution
SHA-256 | 15b6637e4b0289913a8d4d63a52e96e1a32f244030761fbf336ec8cf371497fd
3Com Router Authentication Bypass
Posted Feb 9, 2009
Authored by Luca Carettoni | Site ikkisoft.com

The 3Com OfficeConnect wireless cable/dsl router suffers from an authentication bypass vulnerability.

tags | exploit, bypass
SHA-256 | aa080901b45cce39e49530c28026faaa434bace8effcbd668c55029fb4655d06
Posted Nov 6, 2008
Authored by Luca Carettoni | Site ikkisoft.com

DFLabs PTK versions 1.0 and below suffer from a local command execution vulnerability. Full exploitation details provided.

tags | exploit, local
SHA-256 | 5695f2251816085038d0b232c49173e5e2e8df4fefa8aac2a2c8d23da4b18bdb
Posted Oct 11, 2008
Authored by Luca Carettoni | Site secunia.com

The Nokia Mini Map Browser suffers from a silent crash vulnerability.

tags | advisory
SHA-256 | ea8657ee3bff0560317b033c2fec9f30414dbc0595ff68403bf49e94ffbca132
Posted Oct 8, 2008
Authored by Luca Carettoni | Site ikkisoft.com

This is a list of fuzzing vectors used in order to trigger directory traversal vulnerabilities. It is quite a huge list composed using different encodings and bizarre attack patterns reported in several vulnerability advisories.

tags | vulnerability, fuzzer
SHA-256 | 4ba540799aa51a24dc790a72c68a21a526b853367d539adee6941a805954e2e4
Posted Aug 27, 2008
Authored by Luca Carettoni, Claudio Criscione, Lavakumar Kuppan | Site ikkisoft.com

Further analysis regarding the HP System Management

tags | exploit, xss
advisories | CVE-2008-1663
SHA-256 | 50cafab5d8ea833ac02ac9ae4a102f63d72c36a385c1f8949e6ee5291fbf724f
Posted Feb 14, 2008
Authored by Luca Carettoni | Site securenetwork.it

The Philips VOIP841 DECT cordless phone with an embedded Skype client suffers from a hidden administrative interface with a default login, directory traversal, and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | ca377cc63b1fdc961af36a095f187918a72cd8179c8b5930245727e8467eb649
Posted Sep 26, 2007
Authored by Luca Carettoni, Luca De Fulgentis | Site securenetwork.it

Simple PHP Blog version, 0.4.8, and all previous versions suffer from cross site scripting and arbitrary file upload vulnerabilities.

tags | exploit, arbitrary, php, vulnerability, xss, file upload
SHA-256 | 3027e00fe1c5d2f7de12da1db873e56561637229d6fbf0c6be6c6cc5383dd35c
Posted Sep 19, 2007
Authored by Luca Carettoni | Site securenetwork.it

GCALDaemon version 1.0-beta13 is susceptible to denial of service attacks via a specially crafted HTTP request.

tags | exploit, web, denial of service
SHA-256 | bf70ecc515ce42e68f77786ee109556869210e65b7c5f9d7ca197255326672c8
Posted Sep 18, 2007
Authored by Luca Carettoni, Claudio "paper" Merloni | Site securenetwork.it

It is possible to bypass HTTP basic authentication on Boa version 0.93.15.

tags | advisory, web, bypass
SHA-256 | ca7942dc4171dd5917fcf795566ace2e929664f8d6e883117aa9a78d535cf174
Posted Jan 11, 2006
Authored by Luca Carettoni, Federico Maggi | Site securenetwork.it

Hummingbird Collaboration versions 5.2.1 and below suffer from cross site scripting, improper file handling, and information disclosure vulnerabilities.

tags | advisory, vulnerability, xss, info disclosure
SHA-256 | f3a90a238b8ae699d77c308f0f0bf299c07360001f625c4774af61491c1676e7
Posted Jul 28, 2005
Authored by Luca Carettoni

By sending trigger packets to the management port (280/http-mgmt) of a Siemens Santis 50 wireless router, the device freezes the web interface and allows unauthenticated access to the telnet CLI.

tags | exploit, web
SHA-256 | 55fd63fc68a9ff21180c20280c664708b42386f538608ed1c889437dee91b9b0
Page 1 of 1

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    28 Files
  • 16
    Jul 16th
    6 Files
  • 17
    Jul 17th
    34 Files
  • 18
    Jul 18th
    6 Files
  • 19
    Jul 19th
    34 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2022 Packet Storm. All rights reserved.

Security Services
Hosting By