Showing 51 - 55 of 55

Files from Brandon Perry

First Active	2012-09-07
Last Active	2021-10-12

Zabbix Authenticated Remote Command Execution: Posted Oct 30, 2013; Authored by Brandon Perry | Site metasploit.com; ZABBIX allows an administrator to create scripts that will be run on hosts. An authenticated attacker can create a script containing a payload, then a host with an IP of 127.0.0.1 and run the arbitrary script on the ZABBIX host. This Metasploit module was tested against Zabbix version 2.0.9.; tags | exploit, arbitrary; advisories | CVE-2013-3628; SHA-256 | 337aba7aa6c0548a701c9d962e9e56e4ac6edce3bbb5c5f7b68fef1361fd8f09; Download | Favorite | View

ISPConfig Authenticated Arbitrary PHP Code Execution: Posted Oct 30, 2013; Authored by Brandon Perry | Site metasploit.com; ISPConfig allows an authenticated administrator to export language settings into a PHP script which is intended to be reuploaded later to restore language settings. This feature can be abused to run arbitrary PHP code remotely on the ISPConfig server. This Metasploit module was tested against version 3.0.5.2.; tags | exploit, arbitrary, php; advisories | CVE-2013-3629; SHA-256 | 500ad81c08959d6a17fb323607222ca4f12a1b9a2e830df3bd4af01d85b6423e; Download | Favorite | View

OpenMediaVault Cron Remote Command Execution: Posted Oct 30, 2013; Authored by Brandon Perry | Site metasploit.com; OpenMediaVault allows an authenticated user to create cron jobs as arbitrary users on the system. An attacker can abuse this to run arbitrary commands as any user available on the system (including root).; tags | exploit, arbitrary, root; advisories | CVE-2013-3632; SHA-256 | 94cc0202bafd6d8e09dab8de5983f2f26db28f5d5e4ab61e3830ec9bd40f3b41; Download | Favorite | View

Moodle Remote Command Execution: Posted Oct 30, 2013; Authored by Brandon Perry | Site metasploit.com; Moodle allows an authenticated user to define spellcheck settings via the web interface. The user can update the spellcheck mechanism to point to a system-installed aspell binary. By updating the path for the spellchecker to an arbitrary command, an attacker can run arbitrary commands in the context of the web application upon spellchecking requests. This Metasploit module also allows an attacker to leverage another privilege escalation vuln. Using the referenced XSS vuln, an unprivileged authenticated user can steal an admin sesskey and use this to escalate privileges to that of an admin, allowing the module to pop a shell as a previously unprivileged authenticated user. This Metasploit module was tested against Moodle version 2.5.2 and 2.2.3.; tags | exploit, web, arbitrary, shell; advisories | CVE-2013-3630; SHA-256 | c4365fd3140a745d4484ea06c3aca345da8ba6b0e3a266802b6ce0150e84b884; Download | Favorite | View

ActiveFax (ActFax) 4.3 Client Importer Buffer Overflow: Posted Sep 7, 2012; Authored by Craig Freyman, juan vazquez, Brandon Perry | Site metasploit.com; This Metasploit module exploits a vulnerability in ActiveFax Server. The vulnerability is a stack based buffer overflow in the "Import Users from File" function, due to the insecure usage of strcpy while parsing the csv formatted file. The module creates a .exp file that must be imported with ActiveFax Server. The module has been tested successfully on ActFax Server 4.32 over Windows XP SP3 and Windows 7 SP1. In the Windows XP case, when ActFax runs as a service, it will execute as SYSTEM.; tags | exploit, overflow; systems | windows; SHA-256 | c647f83637014a447ae0a445b73bc78e1347958b1328e0f0cc2af4bc0585b90a; Download | Favorite | View

Page 3 of 3 Back 1 2 3 Next

Top Authors In Last 30 Days