exploit the possibilities
Showing 1 - 25 of 34 RSS Feed

Files from infodox

Real NameDarren Martyn
Email addressprivate
Websiteinsecurety.net
First Active2011-11-16
Last Active2019-01-23
View User Profile

Personal Background

Lets party :3
No seriously. lets do it.

Also, python is great.
You may notice I use SCAPY and requests for everything... Because.


AddressSanitizer (ASan) SUID Executable Privilege Escalation
Posted Jan 23, 2019
Authored by Brendan Coles, infodox, Szabolcs Nagy | Site metasploit.com

This Metasploit module attempts to gain root privileges on Linux systems using setuid executables compiled with AddressSanitizer (ASan). ASan configuration related environment variables are permitted when executing setuid executables built with libasan. The log_path option can be set using the ASAN_OPTIONS environment variable, allowing clobbering of arbitrary files, with the privileges of the setuid user. This module uploads a shared object and sprays symlinks to overwrite /etc/ld.so.preload in order to create a setuid root shell.

tags | exploit, arbitrary, shell, root
systems | linux
SHA-256 | 0e6f740ce9bc200d846f84b085e1b15b388b872a85100b6499f36331dcd60d30
xorg-x11-server Local Root
Posted Oct 25, 2018
Authored by infodox

xorg-x11-server versions prior to 1.20.3 local root exploit.

tags | exploit, local, root
advisories | CVE-2018-14665
SHA-256 | 04fb5107a3446c9f4277d7db1e505e471ef5b483f8fd1dad9ec5583b8566c268
ASAN/SUID Local Root Exploit
Posted Feb 29, 2016
Authored by infodox

This script exploits er, unsanitized env var passing in ASAN which leads to file clobbering as root when executing setuid root binaries compiled with ASAN. It uses an overwrite of /etc/ld.so.preload to get root on a vulnerable system. You can supply your own target binary to use for exploitation.

tags | exploit, root
SHA-256 | 3f14643d1c039904bc9db24702fe18f67c6de2c6f848f3e50ab2d61c07de8423
Linksys E-Series TheMoon Remote Command Injection
Posted Apr 5, 2014
Authored by Michael Messner, Rew, juan vazquez, infodox, Johannes Ullrich | Site metasploit.com

Some Linksys E-Series Routers are vulnerable to an unauthenticated OS command injection. This vulnerability was used from the so called "TheMoon" worm. There are many Linksys systems that might be vulnerable including E4200, E3200, E3000, E2500, E2100L, E2000, E1550, E1500, E1200, E1000, E900. This Metasploit module was tested successfully against an E1500 v1.0.5.

tags | exploit, worm
SHA-256 | 8562df406cf3a664284fb32daf860dcc7c4a95b65db2f358b2abed16cc85d646
Linksys Worm Remote Root
Posted Feb 17, 2014
Authored by infodox

Proof of concept exploit used by the recent Linksys worm (known as "Moon"). Exploits blind command injection in tmUnblock.cgi.

tags | exploit, worm, cgi, proof of concept
SHA-256 | ae7d5127e7b3b8fa46d888c48b1a569122f9a4eb074e9be265ffb8853f9989d3
PHP-CGI Remote Code Execution Scanner
Posted Feb 17, 2014
Authored by infodox

This small python script scans for a number of variations on the PHP-CGI remote code execution vulnerability, includes "apache magica" and plesk paths, along with other misconfigurations.

tags | tool, remote, cgi, scanner, php, code execution, python
systems | unix
SHA-256 | 78e9601c9d4667d30bde2edbe6d0b41d7549713beeeda32559e31be022767d22
Printer Job Language Abuse Tool
Posted Feb 17, 2014
Authored by infodox

This code abuses PJL functionality on HP network printers to print documents and also change the "ReadyMessage". Useful for avoiding printer payment systems in universities. Scan for port 9100 to find printers.

tags | exploit
SHA-256 | 0cfc418101360d5c0f8ce242ec0a13b08842bfc2efb02f687606c41de85db95f
PHP Charts 1.0 Remote Code Execution
Posted Jun 26, 2013
Authored by infodox

This exploit leverages an eval() bug in the PHP Charts library allowing for remote code execution. A reverse shell is delivered using Perl.

tags | exploit, remote, shell, perl, php, code execution
SHA-256 | 029603a16bd1c86cec4981c7cc5216c1aedd6bad4d2e981fafffc02c8f122825
PHP-CGI Argument Injection
Posted Jun 26, 2013
Authored by infodox

Exploit for the PHP-CGI argument injection vulnerability disclosed in 2012. Has file uploading, inline shell spawning, and both python and perl reverse shell implementations using an earlier version of the "payload" library written for such exploits.

tags | exploit, shell, cgi, perl, php, python, file upload
systems | unix
advisories | CVE-2012-1823
SHA-256 | e1af41b9b973cb570db69238e6f14f4459e72926e687318f078562f00ce29e0f
LotusCMS 3.0 PHP Code Execution
Posted Jun 26, 2013
Authored by infodox

LotusCMS version 3.0 remote PHP code execution exploit as disclosed in 2011. It spawns a reverse shell.

tags | exploit, remote, shell, php, code execution
advisories | OSVDB-75095
SHA-256 | 56acf18780a5602a4ab5e831ef3c7a6cfef83560842950e615cae1fc4847bc4b
SCTP Reverse Shell
Posted Jun 26, 2013
Authored by infodox

This is a reverse shell over SCTP implemented in Python. Currently it does not use SSL, but may evade most firewalls and IDS devices as many of them seemingly have no rules in place to check SCTP traffic.

tags | tool, shell, rootkit, python
systems | unix
SHA-256 | 6743f69ce173275310d5f2ffe1d1a49e6786c7abd202da271f4e6f25bd156590
Plesk PHP Code Injection
Posted Jun 25, 2013
Authored by Kingcope, infodox

Reliable exploit for the Plesk PHP code injection vulnerability disclosed by Kingcope in June 2013. Can deliver inline and reverse shells using the payloads library, as well as offering (buggy) file upload features.

tags | exploit, shell, php, file upload
systems | unix
SHA-256 | b76333a40c15eeb1e6e0fe351ee9f933ff24a237da980ed7dc853fd2e1f0d52c
Simple PHP Backdoor
Posted Jun 25, 2013
Authored by infodox

This is a simple PHP backdoor using HTTP headers to inject the code as opposed to a GET or POST variable. Uses the fictional "Code: " header as an example, for learning purposes. This is not production code.

tags | tool, web, php, rootkit
systems | unix
SHA-256 | 397d3f851a08bef7d13138eedf2b87ab8e732b35f14514f58a2162c103188aab
Memcached Remote Denial Of Service
Posted Apr 29, 2013
Authored by infodox

Memcached denial of service exploit for an issue disclosed on their bugtracker two years ago and was never patched.

tags | exploit, denial of service
SHA-256 | 814e65638843b38bd9fd9f0e2304a82c68628fa8c903a54aaec2025d9de659fc
PHP Kit 1.0
Posted Feb 12, 2013
Authored by infodox

PHPkit is a simple PHP based backdoor, leveraging include() and php://input to allow the attacker to execute arbitrary PHP code on the infected server. The actual backdoor contains no suspicious calls such as eval() or system(), as the PHP code is executed in memory by include().

Changes: Code clean up.
tags | tool, arbitrary, php, rootkit
systems | unix
SHA-256 | 9ae6f1db9ff8c94146491368c999d0b4d6a0a9cfe7316a6f72a899025250bf36
Web Exploitation Engine 0.1
Posted Feb 12, 2013
Authored by infodox, LaNMaSteR53

This is a simple utility for exploiting command injection vulnerabilities in web applications. Supports POST and GET requests. Can deliver an "inline shell" or a (python) reverse shell.

tags | tool, web, shell, vulnerability, rootkit, python
systems | unix
SHA-256 | 2c82dcde1a7835fac49946c2d7c022271f0105c0e8c280133632994e909508cd
D-LINK DIR-300 / DIR-600 Remote Root
Posted Feb 8, 2013
Authored by infodox

This exploit demonstrates the remote root vulnerability discovered by Michael Messner in D-Link DIR-300 and DIR-600 devices.

tags | exploit, remote, root
SHA-256 | 838e77a770f310592d0086570fd3486761116a8c97ae1aa49719f77441d5b192
PHP Data Stream File Inclusion To Command Execution Tool
Posted Jan 21, 2013
Authored by infodox

This is a small proof of concept tool that leverages the data:// stream to gain remote code execution from a file inclusion vulnerability.

tags | remote, code execution, proof of concept, file inclusion
SHA-256 | c8c8bbfa963434111dffb850c77790720a4f7b2c74f7310ff876ccea44eb66f6
PHP Kit 0.2a
Posted Jan 17, 2013
Authored by infodox

PHPkit is a simple PHP based backdoor, leveraging include() and php://input to allow the attacker to execute arbitrary PHP code on the infected server. The actual backdoor contains no suspicious calls such as eval() or system(), as the PHP code is executed in memory by include().

Changes: Shell client rewritten and a file upload client was added.
tags | tool, arbitrary, php, rootkit
systems | unix
SHA-256 | 3078b9daa99d887414dbe12584cdafa91a5f3554f05f8ad34cdf5d3ffe218a26
PHP Kit 0.1a
Posted Jan 6, 2013
Authored by infodox

PHPkit is a simple PHP based backdoor, leveraging include() and php:// input to allow the attacker to execute arbitrary PHP code on the infected server. The actual backdoor contains no suspicious calls such as eval() or system(), as the PHP code is executed in memory by include(). Includes a simple python client that gives a "shell" on the server.

tags | tool, shell, php, rootkit, python
systems | unix
SHA-256 | a0b89f7413840636a73320699e779bec747d2127f4e7880708cb96dae4596056
PHP-CGI Argument Injection Remote Code Execution
Posted Dec 24, 2012
Authored by infodox

This exploits abuses an argument injection in the PHP-CGI wrapper to execute code as the PHP user/webserver user.

tags | exploit, cgi, php
advisories | CVE-2012-1823
SHA-256 | 3eec4f2609dbad6e788f030ac2d9d162c3f1d0f995cfc76d077850a4c0c1bcdc
PHPTax 0.8 Remote Code Execution
Posted Oct 3, 2012
Authored by infodox, Jean Pascal Pereira

PHPTax versions 0.8 and below remote code execution exploit. Written in Python.

tags | exploit, remote, code execution, python
SHA-256 | 86294030fd719aa799ec672577b9d00f4cb5ff09a5e758f0b04271418448dd6a
DM FileManager Remote File Inclusion
Posted Oct 1, 2012
Authored by infodox

In certain versions of the DM FileManager Wordpress Plugin, the security_file parameter does not correctly check the source of a file before including it, leading to a remote file inclusion vulnerability that can be leveraged to gain remote code execution.

tags | exploit, remote, code execution, file inclusion
SHA-256 | 41fbdd0b4c17113fac05e11bebc41175e9551ce9772141ef01a6e7e1db1f5db0
Zabbix 1.6.2 Remote Code Execution
Posted Oct 1, 2012
Authored by infodox

Zabbix version 1.6.2 suffers from a code execution vulnerability.

tags | exploit, code execution
SHA-256 | 86f3d883d617a5ae5377c71678d17a1db0b1cf46e8c15b15457abc89b6a8e4b7
Xoops 2.3.2 Remote Code Execution
Posted Oct 1, 2012
Authored by infodox

Xoops version 2.3.2 suffers from a remote code execution vulnerability in the mydirname parameter.

tags | exploit, remote, code execution
SHA-256 | ea1f08a5a265d8abd6a9171f572dfdaf10a138346ebc32742bbe81fdb47d184e
Page 1 of 2
Back12Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    0 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    0 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close