what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 23 of 23 RSS Feed

Files from Russell Sanford

Email addressxort at blacksecurity.org
First Active2005-12-31
Last Active2023-08-31
MsIo64 LOLDriver Memory Corruption
Posted Aug 31, 2023
Authored by Russell Sanford

LOLDriver version 1.3-x64 proof of concept memory corruption exploit.

tags | exploit, proof of concept
advisories | CVE-2022-44898
SHA-256 | a330abffaaadfd62570ff07c8df013554081bb33cab314ff75bd805bebba1f05
Sonicwall Secure Remote Access (SRA) 8.1.0.2-14sv Command Injection
Posted Jul 19, 2017
Authored by Russell Sanford

Sonicwall Secure Remote Access (SRA) version 8.1.0.2-14sv suffers from a remote command injection vulnerability.

tags | exploit, remote
advisories | CVE-2016-9682
SHA-256 | 058ee4560dcd1576fb23b43fa5fe3a3d28b656aedb5f932919ce0ded272f97b3
Citrix CloudBridge CAKEPHP Cookie Command Injection
Posted Jul 19, 2017
Authored by Russell Sanford

Citrix CloudBridge suffers from a CAKEPHP pre-authentication remote root cookie command injection vulnerability.

tags | exploit, remote, root
SHA-256 | ed35a3243301479f8f9b453927d581a3dab42f8438d6ee27f9608582962fb66f
Sonicwall importlogo/sitecustomization Remote Command Injection
Posted Jul 19, 2017
Authored by Russell Sanford

Sonicwall version 8.1.0.2-14sv importlogo/sitecustomization remote command execution exploit.

tags | exploit, remote
SHA-256 | bad044d4acf954bf0f910ffc7f39881c4498bc687a9f36640cd739cd6638bdc3
Citrix SD-WAN 9.1.2.26.561201 Remote Command Injection
Posted Jul 19, 2017
Authored by Russell Sanford

Citrix SD-WAN version 9.1.2.26.561201 logout cookie pre-authentication remote command injection exploit.

tags | exploit, remote
SHA-256 | a9d18103386b7c5413eb695eaee5e1020ef143fa405d4b964605ff5561db732d
Sonicwall SRA 8.1.0.2-14sv gencsr.cgi Command Injection
Posted Jul 19, 2017
Authored by Russell Sanford

Sonicwall SRA version 8.1.0.2-14sv gencsr.cgi remote command injection exploit.

tags | exploit, remote, cgi
SHA-256 | 329940cf4063e7a9fb0d94eae38b5e003d9143b085469fa57ef97279bed2d20e
Barracuda Load Balancer Firmware 6.0.1.006 Remote Root
Posted Jul 18, 2017
Authored by Russell Sanford

Barracuda Load Balancer Firmware versions 6.0.1.006 (2016-08-19) and below post-authentication remote root exploit.

tags | exploit, remote, root
advisories | CVE-2017-6320
SHA-256 | 761cc64c788d41c81b773e2661fb538a8d4516f8a3c77082756bc9a65c69ee93
Sophos Web Appliance 4.3.0.2 Remote Command Injection
Posted Jul 18, 2017
Authored by Russell Sanford

Sophos Web Appliance version 4.3.0.2 reporting JSON trafficType remote command injection exploit.

tags | exploit, remote, web
advisories | CVE-2017-6182
SHA-256 | b7c8712bb8d62608c24d118744810037b7c47dba41c89048cac2b15b57b84234
Sonicwall SRA 8.1.0.2-14sv viewcert.cgi Remote Command Execution
Posted Feb 24, 2017
Authored by Russell Sanford | Site metasploit.com

This Metasploit module exploits a remote command execution vulnerability in the Sonicwall SRA Appliance versions 8.1.0.2-14sv and below. The vulnerability exists in a section of the machine's administrative interface for performing configurations related to on-connect scripts to be launched for users connecting.

tags | exploit, remote
SHA-256 | ee018dd39831a98879da701a3b32d457caca08abf9e8f7998865190e3fb7e893
Sonicwall SRA 8.1.0.2-14sv Remote Command Execution
Posted Feb 24, 2017
Authored by Russell Sanford | Site metasploit.com

This Metasploit module exploits a remote command execution vulnerability in the Sonicwall SRA Appliance versions 8.1.0.2-14sv and below. The vulnerability exists in a section of the machine's administrative interface for performing configurations related to on-connect scripts to be launched for users connecting.

tags | exploit, remote
advisories | CVE-2016-9683
SHA-256 | e5debce7ddf1f32b39ab4ebafe3798788f7bac257c170fec0012a53ab9729588
Sophos Web Appliance 4.2.1.3 Remote Command Execution
Posted Feb 24, 2017
Authored by Russell Sanford | Site metasploit.com

This Metasploit module exploits a remote command execution vulnerability in the Sophos Web Appliance versions 4.2.1.3 and below. The vulnerability exists in a section of the machine's administrative interface for performing diagnostic network tests with wget and unsanitized user supplied information.

tags | exploit, remote, web
advisories | CVE-2016-9554
SHA-256 | 7db483f4c13c510be0772b6ca810c42aab21ae2d4566ceb664f88a68ec7e033c
Sophos Web Appliance 4.2.1.3 Block / Unblock
Posted Feb 24, 2017
Authored by Russell Sanford | Site metasploit.com

This Metasploit module exploits two separate remote command injection vulnerabilities in the Sophos Web Appliance versions 4.2.1.3 and below via the web administration interface. By sending a specially crafted request it's possible to inject system commands

tags | exploit, remote, web, vulnerability
advisories | CVE-2016-9553
SHA-256 | 7c4b3bbdbc3b0206bfe31759b404dcf843c219914e256a2ec58afefa528e061c
Sophos Web Appliance 4.2.1.3 Remote Command Injection
Posted Jan 31, 2017
Authored by Russell Sanford

Sophos Web Appliance version 4.2.1.3 is vulnerable to two remote command injection vulnerabilities.

tags | exploit, remote, web, vulnerability
advisories | CVE-2016-9553
SHA-256 | 545641ea8be8bc213ed17b9bb9c8d8511001c33b8803e8aeeba5626c4a9d867c
Barracuda Web Application Firewall 8.0.1.008 Post Auth Root
Posted Jul 29, 2016
Authored by Russell Sanford | Site metasploit.com

This Metasploit module exploits a remote command execution vulnerability in the Barracuda Web Application Firewall firmware versions 8.0.1.008 (2016-03-22) and below by exploiting a vulnerability in the web administration interface. By sending a specially crafted request it's possible to inject system commands while escalating to root do to relaxed sudo configuration on the local machine.

tags | exploit, remote, web, local, root
SHA-256 | e629172103ae4ff6e305d3b64279d72809b63af1ee85c6af41c91df3db7d9d96
Barracuda Web App Firewall/Load Balancer Post Auth Remote Root Exploit (3)
Posted Jul 28, 2016
Authored by Russell Sanford | Site metasploit.com

This Metasploit module exploits a remote command execution vulnerability in the Barracuda Web App Firewall Firmware Version <= 8.0.1.008 and Load Balancer Firmware <= v5.4.0.004 by exploiting a vulnerability in the web administration interface. By sending a specially crafted request it's possible to inject system commands while escalating to root do to relaxed sudo configurations on the appliances.

tags | exploit, remote, web, root
SHA-256 | ada1acb74888da1ee068093d1bfd8b3f3fa7cbe886c53bffebec80de7451a35e
Barracuda Web App Firewall/Load Balancer Post Auth Remote Root Exploit (2)
Posted Jul 26, 2016
Authored by Russell Sanford | Site metasploit.com

This Metasploit module exploits a remote command execution vulnerability in the Barracuda Web App Firewall Firmware Version <= 8.0.1.007 and Load Balancer Firmware <= v5.4.0.004 by exploiting a two vulnerabilities in the web administration interface. The first bug leverages a Arbitrary File Upload vulnerability to create a malicious file containing shell commands before using a second bug meant to clean up left-over core files on the device to execute them. By sending a specially crafted requests it's possible to inject system commands while escalating to root do to relaxed sudo configurations on the appliances.

tags | exploit, remote, web, arbitrary, shell, root, vulnerability, file upload
SHA-256 | c5cbb5353489330f723faa90c0811bb577e0e6462b9b934b977a12a22fc05e6e
Barracuda Web App Firewall / Load Balancer Remote Root
Posted Jul 22, 2016
Authored by Russell Sanford | Site metasploit.com

This Metasploit module exploits a remote command execution vulnerability in the Barracuda Web App Firewall Firmware version 8.0.1.007 and below and Load Balancer Firmware versions 5.4.0.004 and below by exploiting a vulnerability in the web administration interface. By sending a specially crafted request it's possible to inject system commands while escalating to root do to relaxed sudo configurations on the appliances.

tags | exploit, remote, web, root
SHA-256 | 1140a40daee90570960cfd7f3c6d5cd7ddfbca7468a85535b18619b259be1089
Barracuda Spam And Virus Firewall 5.1.3.007 Remote Root
Posted Jul 22, 2016
Authored by Russell Sanford | Site metasploit.com

This Metasploit module exploits a remote command execution vulnerability in the Barracuda Spam and Virus firewall firmware versions 5.1.3.007 and below by exploiting a vulnerability in the web administration interface. By sending a specially crafted request it's possible to inject system commands while escalating to root do to relaxed sudo configuration on the local machine.

tags | exploit, remote, web, local, root, virus
SHA-256 | 808ddc4f2e9d4a40b867ca92e98217e9170d718d92040b6e9e8b3c8f3b5a6144
Barracuda Firmware 5.0.0.012 Post-Auth Remote Root
Posted Apr 9, 2015
Authored by Russell Sanford | Site metasploit.com

This Metasploit module exploits a remote command execution vulnerability in Barracuda Firmware versions 5.0.0.012 and below by exploiting a vulnerability in the web administration interface. By sending a specially crafted request it's possible to inject system commands while escalating to root do to relaxed sudo configuration on the local machine.

tags | exploit, remote, web, local, root
SHA-256 | 47ed3ef4957c8e0f48670b15bb88acf48f64853701b5565f1f077b80177cbc5a
Adobe JBIG2Decode Memory Corruption Exploit
Posted Nov 26, 2009
Authored by redsand, Russell Sanford, MC, Didier Stevens, natron | Site metasploit.com

This Metasploit module exploits a heap-based pointer corruption flaw in Adobe Reader 9.0.0 and earlier. This Metasploit module relies upon javascript for the heap spray.

tags | exploit, javascript
SHA-256 | c70e7201fb6677429aa372f8e4d78ab8b21364ee9a98a1ffc919b117d64949be
black-dl-exec-SOLARIS.c
Posted Nov 29, 2006
Authored by Russell Sanford

278 byte shellcode for Solaris that downloads a binary named evil-dl from a host and saves it to /tmp/ff and then executes it.

tags | shellcode
systems | solaris
SHA-256 | bf7207f4db48a0b9dde6f35a1c6b899fc0c0213145bbf35b353cba491c4e83f3
x86-linux-bounce-proxy.c
Posted Dec 31, 2005
Authored by Russell Sanford

372 byte socket-proxy shellcode for Linux on x86.

tags | x86, shellcode
systems | linux
SHA-256 | 433765238af6b29c9039efca01cdbde5d458010e03af10626c35d6b7f3e86c91
x86-linux-connect-back.c
Posted Dec 31, 2005
Authored by Russell Sanford

90 byte connect back shellcode for Linux on x86.

tags | x86, shellcode
systems | linux
SHA-256 | 34677ae2cc62c081beeb6ed4432ef2371fd2e9b8491caa7d9d91e10a202353a1
Page 1 of 1
Back1Next

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    28 Files
  • 16
    Jul 16th
    6 Files
  • 17
    Jul 17th
    34 Files
  • 18
    Jul 18th
    6 Files
  • 19
    Jul 19th
    34 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close