Showing 1 - 8 of 8

Files from Chris John Riley

TYPO3 Sa-2010-020 Remote File Disclosure: Posted Aug 31, 2024; Authored by Chris John Riley, Gregor Kopf | Site metasploit.com; This Metasploit module exploits a flaw in the way the TYPO3 jumpurl feature matches hashes. Due to this flaw a Remote File Disclosure is possible by matching the juhash of 0. This flaw can be used to read any file that the web server user account has access to view.; tags | exploit, remote, web; advisories | CVE-2010-3714; SHA-256 | 1d35e4826d1070372d0738e9a084efbbc13270ebd02c2ba618026825dfdceb07; Download | Favorite | View

IBM Lotus Sametime WebPlayer Denial of Service: Posted Aug 31, 2024; Authored by Chris John Riley, kicks4kittens | Site metasploit.com; This Metasploit module exploits a known flaw in the IBM Lotus Sametime WebPlayer version 8.5.2.1392 (and prior) to cause a denial of service condition against specific users. For this module to function the target user must be actively logged into the IBM Lotus Sametime server and have the Sametime Audio Visual browser plug-in (WebPlayer) loaded as a browser extension. The user should have the WebPlayer plug-in active (i.e. be in a Sametime Audio/Video meeting for this DoS to work correctly.; tags | exploit, denial of service; advisories | CVE-2013-3986; SHA-256 | 1a6622321e9e75594325110d9323a97ece910954ac54b5f2849094ab8f9f6920; Download | Favorite | View

Evernote Android Multiple PIN Related Issues: Posted Dec 13, 2013; Authored by Chris John Riley; Evernote for Android suffers from insecure storage of PIN data and bypass of PIN protection vulnerabilities.; tags | advisory, vulnerability; advisories | CVE-2013-5112; SHA-256 | d4ec90670f420f077afc1f1d13f17cf6aed8381fff2d28c4df4a6c42bd1b8f2a; Download | Favorite | View

Evernote Android Insecure Password Change: Posted Dec 13, 2013; Authored by Chris John Riley; Evernote on Android can have its one-click setup functionality leveraged maliciously to change a user's password without their knowledge.; tags | advisory; advisories | CVE-2013-5116; SHA-256 | ba18b28f54ca2d88cea8523c0e775b385fed288a3a06b92f0fd87c5eef2e2283; Download | Favorite | View

LastPass Android Container PIN / Auto-Wipe Bypass: Posted Nov 13, 2013; Authored by Chris John Riley; LastPass suffers from container PIN and auto-wipe security feature bypass vulnerabilities.; tags | advisory, vulnerability, bypass; advisories | CVE-2013-5113, CVE-2013-5114; SHA-256 | e553b2ef39e91a61d36ce85dd65b50d74e4a10ec344dbac343f09847deddb505; Download | Favorite | View

Privoxy 3.0.20-1 Credential Exposure: Posted Mar 11, 2013; Authored by Chris John Riley; Privoxy version 3.0.20-1 suffers from an authentication credential exposure vulnerability.; tags | exploit, info disclosure; advisories | CVE-2013-2503; SHA-256 | 64df167b1234ce7ef9560ad0dec948e6b6b51a7112712080b8c1c40e0cebdb89; Download | Favorite | View

SAP Management Console OSExecute Payload Execution: Posted Oct 24, 2011; Authored by Chris John Riley | Site metasploit.com; This Metasploit module executes an arbitrary payload through the SAP Management Console SOAP Interface. A valid username and password must be provided.; tags | exploit, arbitrary; SHA-256 | 631d430623b1bdaf08c10284315fb2752c47e9e4c998de80b05ea83f243e5517; Download | Favorite | View

UA-Tester (User-Agent Tester) 1.03: Posted Sep 28, 2010; Authored by Chris John Riley | Site blog.c22.cc; UA-Tester (User-Agent Tester) is a Python script that enables penetration testers to compare response headers from a remote server based on a list of User-Agent strings. The script allows testers to isolate differences in response depending on the browser used to access a site. This can be important as a growing number of sites are catering for mobile devices by forwarding them to alternative (browser friendly) pages, or redirecting them to alternative servers entirely.; tags | tool, remote, scanner, python; systems | unix; SHA-256 | 254676c67c7b522e642828ca8d076b317ca9957f162215e6ad765c0984d8c67c; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days