what you don't know can hurt you

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 2 of 2

Files from bperry

GestioIP Remote Command Execution

Posted Oct 7, 2013

Authored by bperry | Site metasploit.com

This Metasploit module exploits a command injection flaw to create a shell script on the filesystem and execute it. If GestioIP is configured to use no authentication, no password is required to exploit the vulnerability. Otherwise, an authenticated user is required to exploit.

tags | exploit, shell

SHA-256 | ff466c810472f8a9143ae99e56a4e7b6a912136e28c211e79853a3acf85c2641

Download | Favorite | View

Tectia SSH USERAUTH Change Request Password Reset

Posted Dec 5, 2012

Authored by Kingcope, sinn3r, bperry | Site metasploit.com

This Metasploit module exploits a vulnerability in Tectia SSH server for Unix-based platforms. The bug is caused by a SSH2_MSG_USERAUTH_PASSWD_CHANGEREQ request before password authentication, allowing any remote user to bypass the login routine, and then gain access as root.

tags | exploit, remote, root

systems | unix

SHA-256 | a8cae2783ae383b985cfe414beea92207b93fca99d51ada21c788b6eff779ccc

Download | Favorite | View