exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 7 of 7 RSS Feed

Files from scriptjunkie

Email addressscriptjunkie.1 at googlemail.com
First Active2009-05-11
Last Active2014-10-02
PXE Exploit Server
Posted Oct 2, 2014
Authored by scriptjunkie | Site metasploit.com

This Metasploit module provides a PXE server, running a DHCP and TFTP server. The default configuration loads a linux kernel and initrd into memory that reads the hard drive; placing the payload on the hard drive of any Windows partition seen. Note: the displayed IP address of a target is the address this DHCP server handed out, not the "normal" IP address the host uses.

tags | exploit, kernel
systems | linux, windows
SHA-256 | eccfe4bccc8cc819b0c0b0ed3f9685768bdbfd924bcd34807ff51c586f845e6a
DHCP Client Bash Environment Variable Code Injection
Posted Sep 26, 2014
Authored by Ramon de C Valle, scriptjunkie, Stephane Chazelas | Site metasploit.com

This Metasploit module exploits a code injection in specially crafted environment variables in Bash, specifically targeting dhclient network configuration scripts through the HOSTNAME, DOMAINNAME, and URL DHCP options.

tags | exploit, bash
advisories | CVE-2014-6271
SHA-256 | 79d7a8dc657f6596bbdf6d89daca73b5c6faa99cc6ea47bed9be15fb8d04a23a
Windows Escalate Service Permissions Local Privilege Escalation
Posted Oct 15, 2012
Authored by scriptjunkie | Site metasploit.com

This Metasploit module attempts to exploit existing administrative privileges to obtain a SYSTEM session. If directly creating a service fails, this module will inspect existing services to look for insecure file or configuration permissions that may be hijacked. It will then attempt to restart the replaced service to run the payload. This will result in a new session when this succeeds. If the module is able to modify the service but does not have permission to start and stop the affected service, the attacker must wait for the system to restart before a session will be created.

tags | exploit
SHA-256 | 2d7db2108c548773a92d81355b9be4cd20b7d9069749634dd3a320136b18a734
PXE Exploit Server
Posted Aug 6, 2011
Authored by scriptjunkie | Site metasploit.com

This Metasploit module provides a PXE server, running a DHCP and TFTP server. The default configuration loads a linux kernel and initrd into memory that reads the hard drive; placing the payload on the hard drive of any Windows partition seen, and add a uid 0 user with username and password metasploit to any linux partition seen.

tags | exploit, kernel
systems | linux, windows
SHA-256 | d5887b3e24f48d3a3e6ef8dd0852f404ea6cfdf61b06a9ba26bcbb9fa7779a04
Mozilla Firefox Interleaving document.write / appendChild Code Execution
Posted Feb 19, 2011
Authored by scriptjunkie | Site metasploit.com

This Metasploit module exploits a code execution vulnerability in Mozilla Firefox caused by interleaved calls to document.write and appendChild. This exploit is a metasploit port of the in-the-wild exploit.

tags | exploit, code execution
advisories | CVE-2010-3765, OSVDB-68905
SHA-256 | 843b760650dc1cd9d6f9a955b96d33b37fdcdd2f3d930a4d123bada5cd1bffd1
Maple Maplet File Creation and Command Execution
Posted May 3, 2010
Authored by scriptjunkie | Site metasploit.com

This Metasploit module harnesses Maple's ability to create files and execute commands automatically when opening a Maplet. All versions up to 13 are suspected vulnerable. Testing was conducted with version 13 on Windows. Standard security settings prevent code from running in a normal maple worksheet without user interaction, but those setting do not prevent code in a Maplet from running. In order for the payload to be executed, an attacker must convince someone to open a specially modified .maplet file with Maple. By doing so, an attacker can execute arbitrary code as the victim user.

tags | exploit, arbitrary
systems | windows
SHA-256 | 48cf2fc583fbcdc37654c0ac828cc80aed7b98dcc536af1af641e2b62e11c413
PHP Recommend 1.3 Bypass / Inclusion / Injection
Posted May 11, 2009
Authored by scriptjunkie

PHP Recommend versions 1.3 and below suffer from authentication bypass, remote file inclusion, and code injection vulnerabilities.

tags | exploit, remote, php, vulnerability, code execution, bypass, file inclusion
SHA-256 | 57fb82142184e366083365635d46ae24b606a051eeffd3872f820bcd17ffc841
Page 1 of 1
Back1Next

File Archive:

July 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    52 Files
  • 2
    Jul 2nd
    0 Files
  • 3
    Jul 3rd
    0 Files
  • 4
    Jul 4th
    0 Files
  • 5
    Jul 5th
    0 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    0 Files
  • 9
    Jul 9th
    0 Files
  • 10
    Jul 10th
    0 Files
  • 11
    Jul 11th
    0 Files
  • 12
    Jul 12th
    0 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    0 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close