exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 118 RSS Feed

Files from Jeremy Brown

Real NameJeremy Brown
Email addressprivate
Websitewww.patchtuesday.org
First Active2008-07-15
Last Active2022-09-05
View User Profile
Apple macOS Remote Events Memory Corruption
Posted Sep 5, 2022
Authored by Jeremy Brown

This is a proof of concept exploit for the Apple macOS remote events remote memory corruption vulnerability. It serves as a toolkit to help debug and trigger crashes.

tags | exploit, remote, proof of concept
systems | apple
advisories | CVE-2022-22630
SHA-256 | b71c042ede4f92abca7d1cc98ba26d58de335a31e253ab82c25fea5b3120ba80
NVIDIA Data Center GPU Manager Remote Memory Corruption
Posted Jun 3, 2022
Authored by Jeremy Brown

NVIDIA DCGM runs on machines with NVIDIA GPUs to gather telemetry and GPU health data. nv-hostengine is a daemon that by default listens on the loopback interface, but can also listen on the network for requests coming in on port 5555 (remote mgmt). A native client named DCGMI allows users to make requests to the daemon to support a variety of functions. Malformed packets can cause the daemon (running as root or user account) to crash or potentially result in code execution. Versions less than 2.3.5 are affected.

tags | exploit, remote, root, code execution
advisories | CVE-2022-21820
SHA-256 | 2b77e249b980c3871a0f2ac4cb6decec29e1672c0858391ed0910b4b6867f9f3
IIPImage Remote Memory Corruption
Posted Jun 3, 2022
Authored by Jeremy Brown

IIPImage is distributed with a server that enables advanced, high-performance image manipulation for web-based streaming and viewing of high resolution images. The server component called iipsrv.fcgi processes requests from users and passes them to command handlers. Several crashes including an integer overflow were discovered by sending malformed requests to the server, allowing remote users without authentication to perform denial-of-service attacks or potentially crafted for remote code execution as the server's running user. Versions at least up to 1.1 may be affected.

tags | exploit, remote, web, overflow, code execution
SHA-256 | 469b8801bf0145e552808075cd1f841e7ae3b8e88fcdd656bd6e310c9da61211
libMeshb Buffer Overflow
Posted Jun 2, 2022
Authored by Jeremy Brown

libMeshb suffers from a buffer overflow vulnerability. Version 7.62 has been released to address this issue.

tags | exploit, overflow
SHA-256 | 4eb31ef6c78c0a4496bb470b1fbeb940f7fb6e6336a12f36aa32c13366a7a515
Comma Openpilot Insecure Default Configuration
Posted Jun 1, 2022
Authored by Jeremy Brown

Comma devices running Openpilot suffered from an insecure configuration when SSH is enabled where the private key is publicly known. Additional security hardening improvements have also been made in recent releases to address other concerns as well.

tags | advisory
SHA-256 | 97e4a789717fe1480fe02588feff13555897da5c681197fa1c988ec56942dcff
GtkRadiant 1.6.6 Buffer Overflow
Posted Jun 1, 2022
Authored by Jeremy Brown

GtkRadiant version 1.6.6 suffers from a buffer overflow vulnerability.

tags | exploit, overflow
SHA-256 | 14f9015f9b6fd0206b68903bbe51b7ceaf2ff6f2d18427ab50c01e183f4465a8
litefuzz 1.0
Posted Sep 20, 2021
Authored by Jeremy Brown | Site github.com

litefuzz is a multi-platform fuzzer for poking at userland binaries and servers.

tags | tool, fuzzer
systems | unix
SHA-256 | f25a4127aa0a0332f8898ed435abea7ff3f6fdf48ec55273a12cb50f97f07dd3
Ulfius Web Framework Remote Memory Corruption
Posted Sep 14, 2021
Authored by Jeremy Brown

Ulfius Web Framework suffers from a remote memory corruption vulnerability. When parsing malformed HTTP requests, a heap-related initialization bug is triggered resulting in a crash in the server or potentially remote code execution with privileges of the running process.

tags | exploit, remote, web, code execution
advisories | CVE-2021-40540
SHA-256 | bcece9074fff2d52274f17c6d4979214834ae5a855709f997bd265bfd66f6259
Shoutcast Server 2.6.0.753 Crash
Posted Aug 23, 2021
Authored by Jeremy Brown

Shoutcast server version 2.6.0.753 suffers from a remote authenticated crash vulnerability.

tags | exploit, remote
SHA-256 | 991ebf15a2fad6e84c2cb8c0596024371c0ae5aa7b0309a15458c5be942d417d
Riak Insecure Default Configuration / Remote Command Execution
Posted Aug 4, 2021
Authored by Jeremy Brown

Riak runs as an Erlang service configured with a default cookie of riak that allows for remote command execution if not modified before use.

tags | exploit, remote
SHA-256 | 635d63c416e6d16fc7edbd391f31e513f403e171612e8d0cf4351c1d333c9320
Okta Access Gateway 2020.5.5 Authenticated Remote Root
Posted Jul 7, 2021
Authored by Jeremy Brown

Okta Access Gateway version 2020.5.5 suffers from multiple authenticated remote root command injection vulnerabilities.

tags | exploit, remote, root, vulnerability
advisories | CVE-2021-28113
SHA-256 | fde1ff592fc34fc94cc529909b2816a1c21c20b0fb847dc8e826cd07707aeffa
Docker Dashboard Remote Command Execution
Posted Jul 7, 2021
Authored by Jeremy Brown

Docker Dashboard suffers from a remote command execution vulnerability. The fix is added in commit 79cdc41.

tags | exploit, remote
advisories | CVE-2021-27886
SHA-256 | 9b77e4733c86f91e56473cf9d0f921975dafea71ff7b3a299b9f700be4daf219
HPE RDA-CAS 1.23.826 Denial Of Service
Posted Jun 23, 2021
Authored by Jeremy Brown

HPE RDA-CAS version 1.23.826 remote denial of service exploit.

tags | exploit, remote, denial of service
SHA-256 | 851ec48c64b3059e512be8c1c4393fdfd9f503accfd3a295ba4254513c87e474
Cisco Modeling Labs 2.1.1-b19 Remote Command Execution
Posted Jun 23, 2021
Authored by Jeremy Brown

Cisco Modeling Labs version 2.1.1-b19 remote command execution exploit.

tags | exploit, remote
systems | cisco
advisories | CVE-2021-1531
SHA-256 | 29df00cdf8fbbcafabb5f3a4cccb147529145b52b4f8832dee4e09e3d2d05d94
F5 BIG-IQ VE 8.0.0-2923215 Remote Root
Posted Jun 23, 2021
Authored by Jeremy Brown

F5 BIG-IQ VE version 8.0.0-2923215 post-authentication remote root code execution exploit.

tags | exploit, remote, root, code execution
advisories | CVE-2021-23024
SHA-256 | 06ca92ed589ce099a31c2500c551bcdd8f20879de941a5f994508892b97ce94e
PIMT 1.0
Posted Jan 4, 2021
Authored by Jeremy Brown | Site github.com

PIMT is a Public Infrastructure Monitoring Tool (pronounced PIM-tee). It queries common recon tools for publicly available data regarding particular organizations based on the domains and keywords provided. It is not meant to provide complete coverage for every external asset that belongs to a company as attackers usually do not have this detailed info or mapping either. One can use it to paint some sort of picture of what external attackers may be looking at, the changes occurring over time and insight for how to further harden the perimeter. The key idea being to provide valuable data to red teams as well as addition al monitoring capabilities for defenders.

tags | tool
systems | unix
SHA-256 | 4bd0c008c5efb7d3027fbd1752dcb69e6e2c963201bcecf7ea8cdbff06b2a4ea
Zoom 4.6.239.20200613 Meeting Connector Post-Auth Remote Root
Posted Dec 31, 2020
Authored by Jeremy Brown

Zoom version 4.6.239.20200613 suffers from a Meeting Connector post-authentication remote root code execution vulnerability via the proxy server functionality. The latest Zoom client has this issue patched per Zoom.

tags | exploit, remote, root, code execution
SHA-256 | a841b2931fe578788c8622d32483f5ecfa1a1ef799aac55dcc45a85daf624fc2
Openpilot Default SSH Key Scanner
Posted Dec 31, 2020
Authored by Jeremy Brown

Openpilot has a default SSH key that can allow attackers remote access if not changed. This script port scans and attempts to login to Openpilot SSH servers with the default key.

tags | exploit, remote
SHA-256 | 7dc874bafc8e1284b57778d532d5d0599963bfb86f1318f023153827514112f5
HPE Edgeline Infrastructure Manager Improper Authorization
Posted Dec 29, 2020
Authored by Jeremy Brown

HPE Edgeline Infrastructure Manager suffers from multiple broken authorization flows that allow for administrative function access without authenticating and can allow for arbitrary password changes.

tags | exploit, arbitrary
SHA-256 | 87121a708a5d58e0787d22fbc3bc5c2a8bf7f3c2c03fd87d6efdd1247efe1119
Cassandra Web 0.5.0 Remote File Read
Posted Dec 29, 2020
Authored by Jeremy Brown

Cassandra Web is vulnerable to directory traversal due to the disabled Rack::Protection module. Apache Cassandra credentials are passed via the CLI in order for the server to auth to it and provide the web access, so they are also one thing that can be captured via the arbitrary file read. Version 0.5.0 is affected.

tags | exploit, web, arbitrary
SHA-256 | be82376a69ccf9d5d95a794429f042870509dba311154ba5e350b1dd69148aec
Stratodesk NoTouch Center Privilege Escalation
Posted Dec 21, 2020
Authored by Jeremy Brown

Stratodesk NoTouch Center virtual appliance suffers from a privilege escalation vulnerability. This was addressed in version 4.4.68.

tags | exploit
advisories | CVE-2020-25917
SHA-256 | bc1e49f9a8def3aa6ccdabef93414743d37482014f5ffd7cf5069cef8ed88f82
Erlang Bytecode String Converter
Posted Dec 21, 2020
Authored by Jeremy Brown

estr2bc is a python script to convert arbitrary string input to Erlang bytecode.

tags | tool, arbitrary, python
systems | unix
SHA-256 | ea4aff1b7084945953980fb63882fb41c9d14b2cd6acf58e45a9f68cf0428975
Ajenti 2.1.31 Command Injection
Posted Dec 2, 2019
Authored by Jeremy Brown, Onur ER | Site metasploit.com

This Metasploit module exploits a command injection in Ajenti version 2.1.31. By injecting a command into the username POST parameter to api/core/auth, a shell can be spawned.

tags | exploit, shell
SHA-256 | 19a60244a9981506c6ee38b26a274f9f9a7867cb46ae450c4e77577fc35a1e1f
Podman / Varlink Remote Code Execution
Posted Oct 15, 2019
Authored by Jeremy Brown

Remote exploit for Podman when configured with Varlink that allows for remote command execution, denial of service, directory traversal, and information disclosure vulnerabilities.

tags | exploit, remote, denial of service, vulnerability, info disclosure
SHA-256 | 9dade0df8f26903fcb75bd7b183f65c133b07d815d2b11143e1d860fcdd45b69
Ajenti Remote Command Execution
Posted Oct 11, 2019
Authored by Jeremy Brown

Ajenti suffers from a remote command execution vulnerability.

tags | exploit, remote
SHA-256 | 3ce7fe662dcd1fad936763e9f3e597eb74b20d6a571486419c63670bd70af341
Page 1 of 5
Back12345Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close