exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 6 of 6 RSS Feed

Files from 0a29406d9794e4f9b30b3c5d6702c708

First Active2012-04-20
Last Active2014-10-18
Linux PolicyKit Race Condition Privilege Escalation
Posted Oct 18, 2014
Authored by xi4oyu, 0a29406d9794e4f9b30b3c5d6702c708

A race condition flaw was found in the PolicyKit pkexec utility and polkitd daemon. A local user could use this flaw to appear as a privileged user to pkexec, allowing them to execute arbitrary commands as root by running those commands with pkexec. Those vulnerable include RHEL6 prior to polkit-0.96-2.el6_0.1 and Ubuntu libpolkit-backend-1 prior to 0.96-2ubuntu1.1 (10.10) 0.96-2ubuntu0.1 (10.04 LTS) and 0.94-1ubuntu1.1 (9.10).

tags | exploit, arbitrary, local, root
systems | linux, ubuntu
advisories | CVE-2011-1485
SHA-256 | 44c67bccd61b94ba8480766e3dc865358c7d2a64baf47923660508bc28f920c4
NCCGroup EasyDA Credential Disclosure
Posted Apr 4, 2014
Authored by 0a29406d9794e4f9b30b3c5d6702c708

NCCGroup EasyDA suffers from a credential disclosure vulnerability due to misuse of /tmp.

tags | exploit
SHA-256 | 5b7ef0d48812b65b840f408b3ca2c5a9a046d447cc42215e356f33637313da7a
Metasploit pcap_log Local Privilege Escalation
Posted Oct 12, 2012
Authored by 0a29406d9794e4f9b30b3c5d6702c708 | Site metasploit.com

Metasploit versions prior to 4.4 contain a vulnerable 'pcap_log' plugin which, when used with the default settings, creates pcap files in /tmp with predictable file names. This exploit works by hard-linking these filenames to /etc/passwd, then sending a packet with a privileged user entry contained within. This, and all the other packets, are appended to /etc/passwd. Successful exploitation results in the creation of a new superuser account. This Metasploit module requires manual clean-up - remove /tmp/msf3-session*pcap files and truncate /etc/passwd.

tags | exploit
SHA-256 | 4653de66b5cfae88c0edc2f5c0a58393f2d39227d368a5cfa35582ea4cadf8b7
Metasploit pcap_log Privlege Escalation
Posted Jul 17, 2012
Authored by 0a29406d9794e4f9b30b3c5d6702c708

Metasploit plugin 'pcap_log' is vulnerable to an arbitrary file overwrite bug which can further be leveraged to insert user-controlled data resulting in potential escalation of privileges. Metasploit module included.

tags | exploit, arbitrary
SHA-256 | a3608689ff5f6a56679189ea8149e0e805de1c706fb7d3fedff592abe11d622b
Nagios XI Cross Site Scripting
Posted Jun 14, 2012
Authored by 0a29406d9794e4f9b30b3c5d6702c708

Nagios XI versions prior to 2011R3.0 suffer from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | ed44ced27d734522a50f9f7812924b931ced94c24e25b7da6c559b8342f5dc87
Adobe Flash Player ActionScript Launch Command Execution
Posted Apr 20, 2012
Authored by 0a29406d9794e4f9b30b3c5d6702c708 | Site metasploit.com

This Metasploit module exploits a vulnerability in Adobe Flash Player for Linux, version 10.0.12.36 and 9.0.151.0 and prior. An input validation vulnerability allows command execution when the browser loads a SWF file which contains shell metacharacters in the arguments to the ActionScript launch method. The victim must have Adobe AIR installed for the exploit to work. This Metasploit module was tested against version 10.0.12.36 (10r12_36).

tags | exploit, shell
systems | linux
advisories | CVE-2008-5499, OSVDB-50796
SHA-256 | 93d7262043fea9cda6bcae5df8301841074b655ead8497ddc9cbc8fb6a8f410c
Page 1 of 1
Back1Next

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    28 Files
  • 16
    Jul 16th
    6 Files
  • 17
    Jul 17th
    34 Files
  • 18
    Jul 18th
    6 Files
  • 19
    Jul 19th
    34 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close