what you don't know can hurt you

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 5 of 5

Files from sf

Zyxel IKE Packet Decoder Unauthenticated Remote Code Execution

Posted Jun 9, 2023

Authored by sf | Site metasploit.com

This Metasploit module exploits a remote unauthenticated command injection vulnerability in the Internet Key Exchange (IKE) packet decoder over UDP port 500 on the WAN interface of several Zyxel devices. The affected devices are as follows: ATP (Firmware version 4.60 to 5.35 inclusive), USG FLEX (Firmware version 4.60 to 5.35 inclusive), VPN (Firmware version 4.60 to 5.35 inclusive), and ZyWALL/USG (Firmware version 4.60 to 4.73 inclusive). The affected devices are vulnerable in a default configuration and command execution is with root privileges.

tags | exploit, remote, root, udp

advisories | CVE-2023-28771

SHA-256 | 3332119f6d5058915a969972306dbb9e73aceea251afd2cffb7a4ddeec5a1966

Download | Favorite | View

Adobe ColdFusion Unauthenticated Remote Code Execution

Posted May 1, 2023

Authored by sf | Site metasploit.com

This Metasploit module exploits a remote unauthenticated deserialization of untrusted data vulnerability in Adobe ColdFusion 2021 Update 5 and earlier as well as ColdFusion 2018 Update 15 and earlier, in order to gain remote code execution.

tags | exploit, remote, code execution

advisories | CVE-2023-26360

SHA-256 | a97dc5c7910c67fbfa47a0a5ff5111b60ef4fc38c7f19bc191fb098243b227f6

Download | Favorite | View

Oracle E-Business Suite (EBS) Unauthenticated Arbitrary File Upload

Posted Mar 1, 2023

Authored by sf, HMs, l1k3beef | Site metasploit.com

This Metasploit module exploits an unauthenticated arbitrary file upload vulnerability in Oracle Web Applications Desktop Integrator, as shipped with Oracle EBS versions 12.2.3 through to 12.2.11, in order to gain remote code execution as the oracle user.

tags | exploit, remote, web, arbitrary, code execution, file upload

advisories | CVE-2022-21587

SHA-256 | a890c277f9518d69ee5b632d253b7c12b7da15367479577605ce796496a2f670

Download | Favorite | View

Microsoft SRV2.SYS SMB Negotiate ProcessID Function Table Dereference

Posted Feb 26, 2010

Authored by H D Moore, laurent gaffie, sf | Site metasploit.com

This Metasploit module exploits an out of bounds function table dereference in the SMB request validation code of the SRV2.SYS driver included with Windows Vista, Windows 7 release candidates (not RTM), and Windows 2008 Server prior to R2. Windows Vista without SP1 does not seem affected by this flaw.

tags | exploit

systems | windows

advisories | CVE-2009-3103

SHA-256 | de2b37c604aa41ff0e596df449f770135048223b2482bc370245289a93342173

Download | Favorite | View

Sun Java Calendar Deserialization

Posted Oct 27, 2009

Authored by H D Moore, sf | Site metasploit.com

This Metasploit module exploits a flaw in the deserialization of Calendar objects in the Sun JVM. The payload can be either a native payload which is generated as an executable and dropped/executed on the target or a shell from within the Java applet in the target browser. The effected Java versions are JDK and JRE 6 Update 10 and earlier, JDK and JRE 5.0 Update 16 and earlier, SDK and JRE 1.4.2_18 and earlier (SDK and JRE 1.3.1 are not affected).

tags | exploit, java, shell

advisories | CVE-2008-5353

SHA-256 | c3a3d070353114691fd1636dc19113fd8a51770f2e7febb5144445c81db0b5e4

Download | Favorite | View