exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 14 of 14 RSS Feed

Files from David Kennedy

Email addresskennedyd013 at gmail.com
First Active2009-06-11
Last Active2020-01-11
Citrix Application Delivery Controller / Gateway Remote Code Execution / Traversal
Posted Jan 11, 2020
Authored by David Kennedy, Rob Simon

Citrix Application Delivery Controller and Citrix Gateway directory traversal remote code execution exploit.

tags | exploit, remote, code execution, file inclusion
advisories | CVE-2019-19781
SHA-256 | 58fc2672000bf17d12588526d12ca1207500f1e227f4abda50e070491b0d9866
The TrustedSec Attack Platform (TAP)
Posted Oct 29, 2015
Authored by David Kennedy | Site github.com

TAP is a remote penetration testing platform builder. For folks in the security industry, traveling often times becomes a burden and adds a ton of cost to the customer. TAP was designed to make the deployment of these boxes super simple and create a self-healing and stable platform to deploy remote penetration testing platforms. Essentially the concept is simple, you pre-configure a brand new box and run the TAP setup file. This will install a service on Linux that will be configured the way you want. What it will do is establish a reverse SSH tunnel back to a machine thats exposed on the Internet for you. From there you can access the box locally from the server it connects back to. TAP automatically detects when an SSH connection has gone stale and will automatically rebuild it for you.

tags | tool, remote, rootkit
systems | linux, unix
SHA-256 | a42c3f31a3a76e5688666de6f602e9c95f4c10fab29266ee874d7f2dae3b3851
Windows Escalate UAC Protection Bypass (In Memory Injection)
Posted Mar 5, 2014
Authored by David Kennedy, Ben Campbell, mitnick, mubix | Site metasploit.com

This Metasploit module will bypass Windows UAC by utilizing the trusted publisher certificate through process injection. It will spawn a second shell that has the UAC flag turned off. This Metasploit module uses the Reflective DLL Injection technique to drop only the DLL payload binary instead of three separate binaries in the standard technique. However, it requires the correct architecture to be selected, (use x64 for SYSWOW64 systems also).

tags | exploit, shell
systems | windows
SHA-256 | 2af1863cdb30bfd4736972507c329a2bdd36de75f1f53ed9dba7e1b9c141c5d9
Mac OS X 10.8.4 Local Privilege Escalation
Posted Aug 30, 2013
Authored by David Kennedy

Mac OS X versions 10.8.4 and below local root privilege escalation exploit written in Python.

tags | exploit, local, root, python
systems | apple, osx
advisories | CVE-2013-1775, OSVDB-90677
SHA-256 | a0b32edb63a75a52f36b3b0a16898f214ffdda7d8f01efbf9482265d991f663b
Windows Escalate UAC Protection Bypass
Posted Oct 6, 2012
Authored by David Kennedy, mitnick, mubix | Site metasploit.com

This Metasploit module will bypass Windows UAC by utilizing the trusted publisher certificate through process injection. It will spawn a second shell that has the UAC flag turned off.

tags | exploit, shell
systems | windows
SHA-256 | 6f5a8c2406a41e33a82abea58ad31e2ab24d2e47c5ad7403b51ed4ce3b1f2ca2
MySQL Remote Root Authentication Bypass
Posted Jun 12, 2012
Authored by Sergei A. Golubchik, David Kennedy

MySQL remote root authentication bypass exploit.

tags | exploit, remote, root
systems | linux, debian
advisories | CVE-2012-2122
SHA-256 | fa8a07437a078edcac9f7f432c70a04cd4fc7c1f42f36d254d4fa9efe0c46b18
F5 BIG-IP Remote Root Authentication Bypass
Posted Jun 12, 2012
Authored by David Kennedy

This is a proof of concept remote root authentication bypass exploit for F5 BIG-IP. Written in Python.

tags | exploit, remote, root, proof of concept, python
SHA-256 | 56ead1dc2b7a0b89044841502ec4977b0bed8067f3b3118da72703e3b50cbed2
Microsoft SQL Server Payload Execution via SQL injection
Posted Jan 29, 2011
Authored by Rodrigo Marcos, David Kennedy, jduck | Site metasploit.com

This Metasploit module will execute an arbitrary payload on a Microsoft SQL Server, using a SQL injection vulnerability. Once a vulnerability is identified this module will use xp_cmdshell to upload and execute Metasploit payloads. It is necessary to specify the exact point where the SQL injection vulnerability happens.

tags | exploit, arbitrary, sql injection
advisories | CVE-2000-0402, CVE-2000-1209, OSVDB-15757
SHA-256 | 5c71a8e0d959c8b1f43ce27c1cfb87641e1abf71b42047e2636fd0256601f31a
Adobe Shockwave rcsL Memory Corruption
Posted Oct 25, 2010
Authored by David Kennedy | Site metasploit.com

This Metasploit module exploits a weakness in the Adobe Shockwave player's handling of Director movies (.DIR). A memory corruption vulnerability occurs through an undocumented rcsL chunk. This vulnerability was discovered by http://www.abysssec.com.

tags | exploit, web
advisories | CVE-2010-3653
SHA-256 | edbfcc271f52640c5283e776893d943627be757790c777c863e113627287a4e1
Microsoft SQL Server Payload Execution
Posted Nov 26, 2009
Authored by David Kennedy | Site metasploit.com

This Metasploit module will execute an arbitrary payload on a Microsoft SQL Server, using the Windows debug.com method for writing an executable to disk and the xp_cmdshell stored procedure. File size restrictions are avoided by incorporating the debug bypass method presented at Defcon 17 by SecureState. Note that this module will leave a metasploit payload in the Windows System32 directory which must be manually deleted once the attack is completed.

tags | exploit, arbitrary
systems | windows
advisories | CVE-2000-0402
SHA-256 | 08dfa1b6b11d0fd3513417baa7f7f3bdc147dd9a8593be9c3fe0d2e365f87d4d
Spiceworks 3.6 Overflow
Posted Aug 10, 2009
Authored by David Kennedy | Site securestate.com

Spiceworks version 3.6 accept parameter overflow proof of concept crash exploit.

tags | exploit, overflow, proof of concept
SHA-256 | 97160280f7a39829513cfc89560d3e4076e1cd77b06e48cfb5b3bdef51b07171
Firefox 3.5 Heap Spray
Posted Jul 17, 2009
Authored by David Kennedy | Site securestate.com

Mozilla Firefox 3.5 heap spray exploit. Written in Python.

tags | exploit, python
SHA-256 | d1253f8edede8fa9f97227138d7df3490fea4cc39eb8c1282947c40659be1655
Internet Explorer 7 Overflow
Posted Jul 10, 2009
Authored by David Kennedy, John Melvin, Steve Austin | Site securestate.com

Microsoft Internet Explore 7 DirectShow heap spray exploit that leverages msvidctl.dll.

tags | exploit, overflow
SHA-256 | 4ca40df1197e30ea46a78039f8530554112a1b449eb78a2efb94f356bf3735f9
Bypassing Hardware Based DEP
Posted Jun 11, 2009
Authored by David Kennedy | Site securestate.com

Whitepaper called Bypassing Hardware Based Data Execution Prevention (DEP) on Windows 2003 SP2.

tags | paper
systems | windows
SHA-256 | d184381c4ad889006627d8570ca692515a97b3b6be034ad73a212421887c84aa
Page 1 of 1
Back1Next

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    0 Files
  • 16
    Apr 16th
    0 Files
  • 17
    Apr 17th
    0 Files
  • 18
    Apr 18th
    0 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close