exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 6 of 6 RSS Feed

Files from 0a29406d9794e4f9b30b3c5d6702c708

First Active2012-04-20
Last Active2014-10-18
Linux PolicyKit Race Condition Privilege Escalation
Posted Oct 18, 2014
Authored by xi4oyu, 0a29406d9794e4f9b30b3c5d6702c708

A race condition flaw was found in the PolicyKit pkexec utility and polkitd daemon. A local user could use this flaw to appear as a privileged user to pkexec, allowing them to execute arbitrary commands as root by running those commands with pkexec. Those vulnerable include RHEL6 prior to polkit-0.96-2.el6_0.1 and Ubuntu libpolkit-backend-1 prior to 0.96-2ubuntu1.1 (10.10) 0.96-2ubuntu0.1 (10.04 LTS) and 0.94-1ubuntu1.1 (9.10).

tags | exploit, arbitrary, local, root
systems | linux, ubuntu
advisories | CVE-2011-1485
SHA-256 | 44c67bccd61b94ba8480766e3dc865358c7d2a64baf47923660508bc28f920c4
NCCGroup EasyDA Credential Disclosure
Posted Apr 4, 2014
Authored by 0a29406d9794e4f9b30b3c5d6702c708

NCCGroup EasyDA suffers from a credential disclosure vulnerability due to misuse of /tmp.

tags | exploit
SHA-256 | 5b7ef0d48812b65b840f408b3ca2c5a9a046d447cc42215e356f33637313da7a
Metasploit pcap_log Local Privilege Escalation
Posted Oct 12, 2012
Authored by 0a29406d9794e4f9b30b3c5d6702c708 | Site metasploit.com

Metasploit versions prior to 4.4 contain a vulnerable 'pcap_log' plugin which, when used with the default settings, creates pcap files in /tmp with predictable file names. This exploit works by hard-linking these filenames to /etc/passwd, then sending a packet with a privileged user entry contained within. This, and all the other packets, are appended to /etc/passwd. Successful exploitation results in the creation of a new superuser account. This Metasploit module requires manual clean-up - remove /tmp/msf3-session*pcap files and truncate /etc/passwd.

tags | exploit
SHA-256 | 4653de66b5cfae88c0edc2f5c0a58393f2d39227d368a5cfa35582ea4cadf8b7
Metasploit pcap_log Privlege Escalation
Posted Jul 17, 2012
Authored by 0a29406d9794e4f9b30b3c5d6702c708

Metasploit plugin 'pcap_log' is vulnerable to an arbitrary file overwrite bug which can further be leveraged to insert user-controlled data resulting in potential escalation of privileges. Metasploit module included.

tags | exploit, arbitrary
SHA-256 | a3608689ff5f6a56679189ea8149e0e805de1c706fb7d3fedff592abe11d622b
Nagios XI Cross Site Scripting
Posted Jun 14, 2012
Authored by 0a29406d9794e4f9b30b3c5d6702c708

Nagios XI versions prior to 2011R3.0 suffer from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | ed44ced27d734522a50f9f7812924b931ced94c24e25b7da6c559b8342f5dc87
Adobe Flash Player ActionScript Launch Command Execution
Posted Apr 20, 2012
Authored by 0a29406d9794e4f9b30b3c5d6702c708 | Site metasploit.com

This Metasploit module exploits a vulnerability in Adobe Flash Player for Linux, version 10.0.12.36 and 9.0.151.0 and prior. An input validation vulnerability allows command execution when the browser loads a SWF file which contains shell metacharacters in the arguments to the ActionScript launch method. The victim must have Adobe AIR installed for the exploit to work. This Metasploit module was tested against version 10.0.12.36 (10r12_36).

tags | exploit, shell
systems | linux
advisories | CVE-2008-5499, OSVDB-50796
SHA-256 | 93d7262043fea9cda6bcae5df8301841074b655ead8497ddc9cbc8fb6a8f410c
Page 1 of 1
Back1Next

File Archive:

August 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    20 Files
  • 2
    Aug 2nd
    4 Files
  • 3
    Aug 3rd
    6 Files
  • 4
    Aug 4th
    55 Files
  • 5
    Aug 5th
    16 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    13 Files
  • 9
    Aug 9th
    13 Files
  • 10
    Aug 10th
    34 Files
  • 11
    Aug 11th
    16 Files
  • 12
    Aug 12th
    5 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close