exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 17 of 17 RSS Feed

Files from Matteo Cantoni

Email addressmatteo.cantoni at nothink.org
First Active2006-01-08
Last Active2024-09-01
JBoss Status Servlet Information Gathering
Posted Sep 1, 2024
Authored by Matteo Cantoni | Site metasploit.com

This Metasploit module queries the JBoss status servlet to collect sensitive information, including URL paths, GET parameters and client IP addresses. This Metasploit module has been tested against JBoss 4.0, 4.2.2 and 4.2.3.

tags | exploit
advisories | CVE-2008-3273, CVE-2010-1429
SHA-256 | ad6d24da1d5376d91cf44a10ef80499ec9a8b2320e76886a8262c5d30ff1784f
HTTP Open Proxy Detection
Posted Sep 1, 2024
Authored by Matteo Cantoni | Site metasploit.com

Checks if an HTTP proxy is open. False positive are avoided verifying the HTTP return code and matching a pattern. The CONNECT method is verified only the return code. HTTP headers are shown regarding the use of proxy or load balancer.

tags | exploit, web
SHA-256 | 8a0266333291f7df747501b70f5b9f99d56d9c23eda6f14be90cd699b795cbbd
VNC Authentication None Detection
Posted Sep 1, 2024
Authored by Matteo Cantoni, jduck | Site metasploit.com

Detect VNC servers that support the "None" authentication method.

tags | exploit
advisories | CVE-2006-2369
SHA-256 | 0bec066f46dede6a815b8a3bda8d747ffc60b5d7fdc9246f913be16b7512cbad
Chargen Probe Utility
Posted Aug 31, 2024
Authored by Matteo Cantoni | Site metasploit.com

Chargen is a debugging and measurement tool and a character generator service. A character generator service simply sends data without regard to the input. Chargen is susceptible to spoofing the source of transmissions as well as use in a reflection attack vector. The misuse of the testing features of the Chargen service may allow attackers to craft malicious network payloads and reflect them by spoofing the transmission source to effectively direct it to a target. This can result in traffic loops and service degradation with large amounts of network traffic.

tags | exploit, spoof
advisories | CVE-1999-0103
SHA-256 | 52953bf9fe3f79cb5c689f464333697b3fc90f8deb33819929445f342870c0ae
HP LaserJet Printer SNMP Enumeration
Posted Aug 31, 2024
Authored by Matteo Cantoni | Site metasploit.com

This Metasploit module allows enumeration of files previously printed. It provides details as filename, client, timestamp and username information. The default community used is "public".

tags | exploit
SHA-256 | 9711647b0a492a0e8b2bc64b1066906eeb3b80f413bd74b6566a58e6680c1af7
WordPress Symposium Plugin SQL Injection
Posted Aug 31, 2024
Authored by Matteo Cantoni, PizzaHatHacker | Site metasploit.com

This Metasploit module exploits a SQL injection vulnerability in the WP Symposium plugin before 15.8 for WordPress, which allows remote attackers to extract credentials via the size parameter to get_album_item.php.

tags | exploit, remote, php, sql injection
advisories | CVE-2015-6522
SHA-256 | 2961b2a6386f280ff2a5c8a22286ae6b39869c94cfc164ff4f01d0e67ea4a838
phpMyAdmin 4.x Remote Code Execution
Posted Jun 18, 2018
Authored by Matteo Cantoni, Cure53, Michal AihaA | Site metasploit.com

phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 does not properly choose delimiters to prevent use of the preg_replace (aka eval) modifier, which might allow remote attackers to execute arbitrary PHP code via a crafted string, as demonstrated by the table search-and-replace implementation.

tags | exploit, remote, arbitrary, php
advisories | CVE-2016-5734
SHA-256 | 46f778fd23af1e4e604d32a71ab007e759502445aee2fac99855d70658df179c
TikiWiki jhot Remote Command Execution
Posted Oct 30, 2009
Authored by Matteo Cantoni

TikiWiki contains a flaw that may allow a malicious user to execute arbitrary PHP code. The issue is triggered due to the jhot.php script not correctly verifying uploaded files. It is possible that the flaw may allow arbitrary PHP code execution by uploading a malicious PHP script resulting in a loss of integrity. The vulnerability has been reported in Tikiwiki version 1.9.4.

tags | exploit, arbitrary, php, code execution
advisories | CVE-2006-4602
SHA-256 | f7850ab13f084ee0399ccaa4266f25beedbf677492fc535ebf17997b1756a1ce
TikiWiki tiki-graph_formula Remote Command Execution
Posted Oct 30, 2009
Authored by Matteo Cantoni

TikiWiki versions 1.9.8 and below contain a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to 'tiki-graph_formula.php' script not properly sanitizing user input supplied to the f variable, which may allow a remote attacker to execute arbitrary PHP commands resulting in a loss of integrity.

tags | exploit, remote, arbitrary, php
advisories | CVE-2007-5423
SHA-256 | 2c4a8a6e81f67352e72024e2f545f7d1ae145048bf376afb7ae97d09bf473fe9
Simple PHP Blog 0.4.0 Command Execution
Posted Oct 30, 2009
Authored by Matteo Cantoni

This Metasploit module combines three separate issues within The Simple PHP Blog (versions 0.4.0 and below) application to upload arbitrary data and thus execute a shell. The first vulnerability exposes the hash file (password.txt) to unauthenticated users. The second vulnerability lies within the image upload system provided to logged-in users; there is no image validation function in the blogger to prevent an authenticated user from uploading any file type. The third vulnerability occurs within the blog comment functionality, allowing arbitrary files to be deleted.

tags | exploit, arbitrary, shell, php
advisories | CVE-2005-2733
SHA-256 | 50264a6496c4736a34367e584387b0458ab475eb594ae22a834552e36308bb11
PAJAX Remote Command Execution
Posted Oct 30, 2009
Authored by Matteo Cantoni

RedTeam has identified two security flaws in PAJAX versions 0.5.1 and below. It is possible to execute arbitrary PHP code from unchecked user input. Additionally, it is possible to include arbitrary files on the server ending in ".class.php".

tags | exploit, arbitrary, php
advisories | CVE-2006-1551
SHA-256 | 223f89066530be65e8100cf31774da9860ea9f254965c65c5bc52ade6f7acfac
AWStats configdir Remote Command Execution
Posted Oct 30, 2009
Authored by Matteo Cantoni

This Metasploit module exploits an arbitrary command execution vulnerability in the AWStats CGI script. iDEFENSE has confirmed that AWStats versions 6.1 and 6.2 are vulnerable.

tags | exploit, arbitrary, cgi
advisories | CVE-2005-0116
SHA-256 | c7fdffbbd0281a931ef1b75a62465cf757ccbfbbe17fe89aeaf55cb24d294f22
googlegath.txt
Posted Dec 8, 2006
Authored by Matteo Cantoni | Site nothink.org

googlegath is a free open source utility to obtain informations through Google searches. It could be useful for penetration testing, security scanning, etc. googlegath has been tested on GNU/Linux, *BSD systems.

tags | web
systems | linux, bsd
SHA-256 | e754e380fcd9e0ba64eeb22cf691c7a8ed0da8b395cb718921623b3649666ab1
snmpcheck-1.6.txt
Posted Dec 6, 2006
Authored by Matteo Cantoni | Site nothink.org

snmpcheck is a free open source utility to get information via SNMP protocols. It works fine against Windows, Linux, Cisco, HP-UX, SunOS systems and any devices with SNMP protocol support. It could be useful for penetration testing or systems monitoring. snmpcheck has been tested on GNU/Linux, *BSD and Windows (Cygwin) systems.

tags | tool, scanner, protocol
systems | cisco, linux, windows, unix, solaris, bsd, hpux
SHA-256 | d761829bf0e54681d7f7286dc9fdb8136fc370c218b85024b7c22a2e209970ca
snmpcheck-1.5.txt
Posted Jul 24, 2006
Authored by Matteo Cantoni | Site nothink.org

snmpcheck is a tool to get information via SNMP protocols for Windows, Linux, Cisco, HP-UX and SunOS platforms. Tested on GNU/Linux, *BSD and Windows (Cygwin and ActivePerl) systems. Distributed under the GPL license and based on Athena-2k script by jshaw.

tags | tool, scanner, protocol
systems | cisco, linux, windows, unix, solaris, bsd, hpux
SHA-256 | d41ac4459a12ff293160ae66984f94115d1ebd6f8943ec46db4edaf82ce8645b
snmpcheck-1.3.pl.txt
Posted Apr 1, 2006
Authored by Matteo Cantoni | Site nothink.org

snmpcheck is a tool to get information via SNMP protocols for Windows, Linux, Cisco, HP-UX and SunOS platforms. Tested on GNU/Linux, *BSD and Windows (Cygwin and ActivePerl) systems. Distributed under the GPL license and based on Athena-2k script by jshaw.

tags | tool, scanner, protocol
systems | cisco, linux, windows, unix, solaris, bsd, hpux
SHA-256 | 25c63b6755c36fdf3b9fd075352226e2368d0f4fcbea0ae0928677e9eb11db10
snmpcheck.pl.txt
Posted Jan 8, 2006
Authored by Matteo Cantoni | Site nothink.org

snmpcheck is a tool to get information via SNMP protocols for Windows, Linux, Cisco, HP-UX and SunOS platforms. Tested on GNU/Linux, *BSD and Windows (Cygwin and ActivePerl) systems. Distributed under the GPL license and based on Athena-2k script by jshaw.

tags | tool, scanner, protocol
systems | cisco, linux, windows, unix, solaris, bsd, hpux
SHA-256 | b2fe0fd3cd85760db76dcb3582fe0a41491f75110f42b65de418ede033916f9d
Page 1 of 1
Back1Next

File Archive:

October 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    39 Files
  • 2
    Oct 2nd
    23 Files
  • 3
    Oct 3rd
    18 Files
  • 4
    Oct 4th
    20 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    17 Files
  • 8
    Oct 8th
    66 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close