exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 131 RSS Feed

Files from shinnai

Email addressshinnai at autistici.org
First Active2007-01-24
Last Active2021-08-17
SonicWall NetExtender 10.2.0.300 Unquoted Service Path
Posted Aug 17, 2021
Authored by shinnai

SonicWall NetExtender version 10.2.0.300 suffers from an unquoted service path vulnerability.

tags | exploit
advisories | CVE-2020-5147
SHA-256 | ec168adb408da09adcb5e7862e076b884d3773957bfa67dd254e524ff4dff3ce
Friends In War Make Or Break 1.7 Password Change
Posted Jul 27, 2017
Authored by shinnai

Friends in War Make or Break version 1.7 suffers from an unauthenticated administrative password change vulnerability.

tags | exploit
SHA-256 | 234bbef0b5e39ebc0a6238178a400f1a4461860312f92fef37656fc31f8b5bee
UCanCode Remote Code Execution / Denial Of Service
Posted Nov 24, 2016
Authored by shinnai

UCanCode has active-x vulnerabilities which allow for remote code execution and denial of service attacks.

tags | exploit, remote, denial of service, vulnerability, code execution, activex
SHA-256 | ab4bfbe01de8884e92fde956506ce90ff8b75920f8923dace877792e43cd3b3b
Aloaha PDF Crypter 3.5.0.1164 File Overwrite
Posted Jan 24, 2013
Authored by shinnai | Site shinnai.altervista.org

Aloaha PDF Crypter version 3.5.0.1164 suffers from an active-x arbitrary file overwrite vulnerability.

tags | exploit, arbitrary, activex
SHA-256 | 7fa8744017306fcb9f8b6287e11861e540f90887c71065266540838aa74a25cd
Aladdin Knowledge System Ltd ChooseFilePath Buffer Overflow
Posted Nov 1, 2012
Authored by shinnai, sinn3r, b33f, juan vazquez | Site metasploit.com

This Metasploit module exploits a vulnerability found in Aladdin Knowledge System's ActiveX component. By supplying a long string of data to the ChooseFilePath() function, a buffer overflow occurs, which may result in remote code execution under the context of the user.

tags | exploit, remote, overflow, code execution, activex
advisories | OSVDB-86723
SHA-256 | 52766c2b3fde61f7b666e4b1325dcd3fd7b5e615f7cb3ac20c90295ebd3f492b
Aladdin Knowledge System Ltd. Active-X Buffer Overflow
Posted Oct 26, 2012
Authored by shinnai | Site shinnai.altervista.org

The Aladdin Knowledge System Ltd. PrivAgent active-x control version 2.0 suffers from buffer overflow and insecure file download vulnerabilities. Buffer overflow proof of concept included.

tags | exploit, overflow, vulnerability, activex, proof of concept
SHA-256 | 9a55abf480664665e35217155ae1a22dc463dfe106da40a050d4ea0d36c8c45e
LibreOffice 3.5.3 FileOpen Crash
Posted May 28, 2012
Authored by shinnai | Site shinnai.altervista.org

LibreOffice version 3.5.3 suffers from a FileOpen crash denial of service condition when handling rtf files.

tags | exploit, denial of service
SHA-256 | a71da538901bbc0fa1d8228c151e5f1dd87314a31e0dae91254b0b30fc980d29
BeyondCHM 1.1 Buffer Overflow
Posted Apr 24, 2012
Authored by shinnai | Site shinnai.altervista.org

BeyondCHM version 1.1 suffers from a buffer overflow vulnerability when handling a specially crafted chm file. Proof of concept included.

tags | exploit, overflow, proof of concept
systems | linux
SHA-256 | 1f4140d1bd20cda3a4f39e3e694685f225a0d65e60da185fa2ca460418e79975
Mobipocket Reader 6.2 Build 608 Buffer Overflow
Posted Apr 23, 2012
Authored by shinnai | Site shinnai.altervista.org

Mobipocket Reader version 6.2 build 608 suffers from a buffer overflow vulnerability. Proof of concept included.

tags | exploit, overflow, proof of concept
SHA-256 | 956ac848bb2710f1365550adfff0b8787d1dfb621595612c0d1b192087b80cb7
SumatraPDF 2.0.1 Memory Corruption
Posted Apr 23, 2012
Authored by shinnai | Site shinnai.altervista.org

SumatraPDF version 2.0.1 suffers from chm and mobi file memory corruption vulnerabilities. Proof of concept included.

tags | exploit, vulnerability, proof of concept
systems | linux
SHA-256 | 2c48263ca242c08c83e3159ab0488a34d4ec0b9ed8c46ee7db29a49caef65b02
LibreOffice 3.5.2.2 Memory Corruption
Posted Apr 18, 2012
Authored by shinnai | Site shinnai.altervista.org

LibreOffice version 3.5.2.2 suffers from a soffice.exe\soffice.bin memory corruption vulnerability when handling a malformed RTF file. This is a proof of concept exploit.

tags | exploit, proof of concept
SHA-256 | 9108e491be1d7df3025c505170e97f3e07e7d1652a9bd9606c234343e61301b5
PeerBlock 1.1 Denial Of Service
Posted Feb 10, 2012
Authored by shinnai

PeerBlock version 1.1 blue screen of death denial of service exploit.

tags | exploit, denial of service
SHA-256 | 920cf5f9ed8276bb941a1713a259c0f0be78e23ac4b2956fc7396824706d5b71
Viscom Software Movie Player Pro SDK Activex 6.8 Buffer Overflow
Posted Nov 20, 2011
Authored by shinnai, mr_me, TecR0c | Site metasploit.com

Stack-based buffer overflow in the MOVIEPLAYER.MoviePlayerCtrl.1 ActiveX control in MoviePlayer.ocx 6.8.0.0 in Viscom Software Movie Player Pro SDK ActiveX 6.8 allows remote attackers to execute arbitrary code via a long strFontName parameter to the DrawText method. The victim will first be required to trust the publisher Viscom Software. This Metasploit module has been designed to bypass DEP and ASLR under XP IE8, Vista and Win7 with Java support.

tags | exploit, java, remote, overflow, arbitrary, activex
advisories | CVE-2010-0356, OSVDB-61634
SHA-256 | 902c4d348e0eb89f02c1aff016e36bb2f309e424dad941285a19cf704212a739
Black Ice Cover Page ActiveX Control Arbitrary File Download
Posted Jun 21, 2011
Authored by shinnai, mr_me, sinn3r | Site metasploit.com

This Metasploit module allows remote attackers to place arbitrary files on a users file system by abusing the "DownloadImageFileURL" method in the Black Ice BIImgFrm.ocx ActiveX Control (BIImgFrm.ocx 12.0.0.0). Code execution can be achieved by first uploading the payload to the remote machine, and then upload another mof file, which enables Windows Management Instrumentation service to execute the binary. Please note that this module currently only works for Windows before Vista. Also, a similar issue is reported in BIDIB.ocx (10.9.3.0) within the Barcode SDK.

tags | exploit, remote, arbitrary, code execution, activex
systems | windows
advisories | CVE-2008-2683, OSVDB-46007
SHA-256 | c654011b0b3147d7a6b19b80df3e17b7fd597bafa54d127293006bedf2615b9d
Haihaisoft PDF Reader Buffer Overflow
Posted Jul 17, 2010
Authored by shinnai

Haihaisoft PDF Reader with OCX control version 1.1.2.0 suffers from a remote buffer overflow vulnerability.

tags | exploit, remote, overflow
SHA-256 | f4f2df2555e6a1b165df2624885a25e4c36da2d1ed12ade17c8c774d9d6cbb70
Yahoo CD Player Overflow
Posted Apr 20, 2010
Authored by shinnai

Yahoo! CD Player (YoPlyCd.dll) remote stack overflow exploit.

tags | exploit, remote, overflow
SHA-256 | 8a0d6e287e603a846eafe4d909f0383db7eaf2decf49a019977881ffd8347e27
Viscom Movie Player Pro SDK 6.8 Buffer Overflow
Posted Apr 20, 2010
Authored by shinnai

Viscom Software Movie Player Pro SDK version 6.8 suffers from an Active-X related buffer overflow vulnerability.

tags | exploit, overflow, activex
SHA-256 | b48017e490f339f4951f725955f191ca1b85f6c188585cca4420cb71403509bc
Chilkat Crypt ActiveX WriteFile Unsafe Method
Posted Mar 5, 2010
Authored by shinnai, jduck | Site metasploit.com

This Metasploit module allows attackers to execute code via the 'WriteFile' unsafe method of Chilkat Software Inc's Crypt ActiveX control. This exploit is based on shinnai's exploit that uses an hcp:// protocol URI to execute our payload immediately. However, this method requires that the victim user be browsing with Administrator. Additionally, this method will not work on newer versions of Windows. NOTE: This vulnerability is still unpatched. The latest version of Chilkat Crypt at the time of this writing includes ChilkatCrypt2.DLL version 4.4.4.0.

tags | exploit, protocol, activex
systems | windows
advisories | CVE-2008-5002
SHA-256 | f5fc358c931e5cad863d48c12b7b5bd2f2586f9cca6246339d327cfef13918bd
Ultra Shareware Office Control ActiveX HttpUpload Buffer Overflow
Posted Mar 5, 2010
Authored by shinnai, jduck | Site metasploit.com

This Metasploit module exploits a stack-based buffer overflow in Ultra Shareware's Office Control. When processing the 'HttpUpload' method, the arguments are concatenated together to form a command line to run a bundled version of cURL. If the command fails to run, a stack-based buffer overflow occurs when building the error message. This is due to the use of sprintf() without proper bounds checking. NOTE: Due to input restrictions, this exploit uses a heap-spray to get the payload into memory unmodified.

tags | exploit, overflow
advisories | CVE-2008-3878
SHA-256 | 8a257918eee93537e405cc218701960973136185e85d5e2b8f61efc33ae7b6b3
AwingSoft Winds3D Player SceneURL Buffer Overflow
Posted Dec 31, 2009
Authored by shinnai, Trancer, jduck | Site metasploit.com

This Metasploit module exploits a data segment buffer overflow within Winds3D Viewer of AwingSoft Awakening 3.x (WindsPly.ocx v3.6.0.0). This ActiveX is a plugin of AwingSoft Web3D Player. By setting an overly long value to the 'SceneURL' property, an attacker can overrun a buffer and execute arbitrary code.

tags | exploit, overflow, arbitrary, activex
SHA-256 | cc5464c5502efeb363604ff7cff786f441a5c42581c6aaf148a0991375add770
HaiHaiSoft Universal Player Buffer Overflow
Posted Dec 2, 2009
Authored by shinnai | Site shinnai.altervista.org

HaiHaiSoft Universal Player version 1.4.8.0 suffers from buffer overflow vulnerability.

tags | exploit, overflow
SHA-256 | 43cd11160f2a5263a27f9188677df814c188a6b1f8aea6f8c48849928894c3d1
AwingSoft Web3D Player Buffer Overflow
Posted Jul 13, 2009
Authored by shinnai | Site shinnai.altervista.org

AwingSoft Web3D Player using WindsPly.ocx versions 3.5.0.0 and below suffer from a remote buffer overflow vulnerability in SceneURL().

tags | exploit, remote, overflow
SHA-256 | 29528d60369660c1e028650260c3b4e760bc9d8bbc3b599a7623f7fe8dfaae18
Zervit 0.4 Traversal / Memory Corruption
Posted May 13, 2009
Authored by shinnai, e.wiZz! | Site shinnai.altervista.org

Zervit webserver version 0.4 directory traversal and memory corruption proof of concept exploit.

tags | exploit, proof of concept, file inclusion
SHA-256 | 9e10e70eaec0d3a59ef5c25f192693edebf3b377c08b4fb02b2dc28d20ad097a
Java SE Runtime Environment Denial Of Service
Posted May 13, 2009
Authored by shinnai | Site shinnai.altervista.org

Java SE Runtime Environment resource consumption exploit.

tags | exploit, java, denial of service
SHA-256 | 527612944f0e5df5e39b6ff1472ae2184bc2eb6861f81de9ad46c7a2ded3c8e3
Quick N Easay Mail Server 3.3 Denial Of Service
Posted May 5, 2009
Authored by shinnai | Site shinnai.altervista.org

Quick 'N Easy Mail Server version 3.3 remote denial of service exploit.

tags | exploit, remote, denial of service
SHA-256 | 1f9fa6c86fcad7c5b77c5a5a199e2f0140113a02cdd48aaf68acf370cec6aa2c
Page 1 of 6
Back12345Next

File Archive:

August 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    20 Files
  • 2
    Aug 2nd
    4 Files
  • 3
    Aug 3rd
    6 Files
  • 4
    Aug 4th
    55 Files
  • 5
    Aug 5th
    16 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    13 Files
  • 9
    Aug 9th
    13 Files
  • 10
    Aug 10th
    34 Files
  • 11
    Aug 11th
    16 Files
  • 12
    Aug 12th
    5 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    25 Files
  • 16
    Aug 16th
    3 Files
  • 17
    Aug 17th
    6 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close