exploit the possibilities
Showing 1 - 25 of 317 RSS Feed

Files from hyp3rlinx

Email addressprivate
Websitehyp3rlinx.altervista.org
First Active2015-04-28
Last Active2020-10-06
View User Profile
Recon Informer 1.2
Posted Oct 6, 2020
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Recon-Informer is a basic real-time anti-reconnaissance detection tool for offensive security systems, useful for penetration testers. It runs on Windows/Linux and leverages scapy.

Changes: Fixed minor window title bug and removed a module.
tags | tool
systems | linux, windows, unix
MD5 | 01e3fdb17ce9ebb4bdd944a17576de40
CloudMe 1.11.2 Buffer Overflow
Posted Sep 29, 2020
Authored by hyp3rlinx, Bobby Cooke

CloudMe version 1.11.2 exploit that uses MSVCRT.System to create a new user (boku:0v3R9000!) and add the new user to the Administrators group. A requirement of successful exploitation is the CloudMe.exe process must be running as administrator.

tags | exploit, overflow
advisories | CVE-2018-6892
MD5 | ee00ae19cbee8ea397dcd21d71b0c0f1
Mantis Bug Tracker 2.3.0 Remote Code Execution
Posted Sep 18, 2020
Authored by hyp3rlinx, Nikolas Geiselman, permanull

Mantis Bug Tracker version 2.3.0 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2017-7615, CVE-2019-15715
MD5 | b8224e074922b7417247b27948ca6d30
Microsoft Windows Finger Security Bypass / C2 Channel
Posted Sep 14, 2020
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Microsoft Windows TCPIP Finger Command finger.exe that ships with the OS, can be used as a file downloader and makeshift C2 channel. Legitimate use of Windows Finger Command is to send Finger Protocol queries to remote Finger daemons to retrieve user information. However, the finger client can also save the remote server response to disk using the command line redirection operator.

tags | exploit, remote, protocol
systems | windows
MD5 | cf1c7a658300820f34037e5d7395ac66
Ericom Access Server 9.2.0 Server-Side Request Forgery
Posted Aug 22, 2020
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Ericom Access Server allows attackers to initiate SSRF requests making outbound connections to arbitrary hosts and TCP ports. Attackers, who can reach the AccessNow server can target internal systems that are behind firewalls that are typically not accessible. This can also be used to target third-party systems from the AccessNow server itself. Version 9.2.0 is affected.

tags | exploit, arbitrary, tcp
advisories | CVE-2020-24548
MD5 | 00835b7add7f159a6244efac16d7a915
Microsoft Windows MSHTA.EXE .HTA File XML Injection
Posted Jul 6, 2020
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Microsoft Windows mshta.exe allows processing of XML external entities which can result in local data-theft and or program reconnaissance upon opening specially crafted HTA files.

tags | exploit, local
systems | windows
MD5 | 3d485c03f4489132e6fd1b36a2775fe9
HFS Http File Server 2.3m Build 300 Buffer Overflow
Posted Jun 8, 2020
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

HFS Http File Server version 2.3m build 300 suffers from a remote buffer overflow vulnerability that can lead to a denial of service.

tags | exploit, remote, web, denial of service, overflow
advisories | CVE-2020-13432
MD5 | ff26db6a52d5ae8326efc24dc1754c44
WinGate 9.4.1.5998 Insecure Permissions / Privilege Escalation
Posted Jun 5, 2020
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

WinGate version 9.4.1.5998 suffers from an insecure permissions vulnerability that allows for privilege escalation.

tags | exploit
advisories | CVE-2020-13866
MD5 | cca9ea7f3d456df0c0e3a3e30fed3922
Avaya IP Office 11 Insecure Transit / Password Disclosure
Posted Jun 5, 2020
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Avaya IP Office versions 9.1.8.0 through 11 suffer from an insecure transit vulnerability that allows for password disclosure.

tags | exploit
advisories | CVE-2020-7030
MD5 | aa4f9f8d14cf8ae3c1ea713bab3c17d0
CloudMe 1.11.2 SEH / DEP / ASLR Buffer Overflow
Posted May 20, 2020
Authored by hyp3rlinx, Xenofon Vassilakopoulos

CloudMe version 1.11.2 SEH / DEP / ASLR buffer overflow exploit. The original discovery of this vulnerability was by hyp3rlinx.

tags | exploit, overflow
MD5 | 62c80dd1e9581b652dabe5cf2a673f5e
CloudMe 1.11.2 Buffer Overflow
Posted Apr 27, 2020
Authored by hyp3rlinx, Andy Bowden

CloudMe version 1.11.2 buffer overflow proof of concept exploit. Original vulnerability discovered by hyp3rlinx.

tags | exploit, overflow, proof of concept
advisories | CVE-2018-6892
MD5 | 124ecdef95f7d0d5092f5fed68a5792c
Neowise CarbonFTP 1.4 Insecure Proprietary Password Encryption
Posted Apr 21, 2020
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Neowise CarbonFTP version 1.4 suffers from an insecure proprietary password encryption implementation. Second version of this exploit that is updated to work with Python 3.

tags | exploit, python
advisories | CVE-2020-6857
MD5 | e7c69cbdc42341fad6f120be67f23e92
netABuse Insufficient Windows Authentication Logic Scanner
Posted Apr 9, 2020
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

netABuse is a scanner that identifies systems susceptible to a Microsoft Windows insufficient authentication logic flaw.

tags | exploit, tool
systems | windows
MD5 | d75527e08e33928b159bc5d35176ca86
Microsoft Windows Net Use Insufficent Authentication
Posted Apr 6, 2020
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

The Windows "net use" network logon type-3 command does not prompt for authentication when the built-in Administrator account is enabled and both remote and originating systems suffer from password reuse. This also works as "standard" user but unfortunately we do not gain high integrity privileges. However, it opens the door and increases the attack surface if the box we laterally move to has other vulnerabilities present.

tags | exploit, remote, vulnerability
systems | windows
MD5 | 1cbbf18780d337b8641e53ba2ce0d1e4
Recon Informer
Posted Mar 30, 2020
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Recon-Informer is a basic real-time anti-reconnaissance detection tool for offensive security systems, useful for penetration testers. It runs on Windows/Linux and leverages scapy.

tags | tool
systems | linux, windows, unix
MD5 | cb8d3c18e04a60fd39e205fae7a0cd88
HP System Event Utility Local Privilege Escalation
Posted Feb 12, 2020
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

The HP System Event service "HPMSGSVC.exe" will load an arbitrary EXE and execute it with SYSTEM integrity. HPMSGSVC.exe runs a background process that delivers push notifications. The problem is that the HP Message Service will load and execute any arbitrary executable named "Program.exe" if it is found in the user's c:\ drive.

tags | exploit, arbitrary
advisories | CVE-2019-18915
MD5 | f834d687f26c92b81b101ce2b5ee2732
NTCrackPipe 2.0
Posted Feb 12, 2020
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

NTCrackPipe is a basic local Windows account cracking tool.

Changes: This version checks for account lockouts.
tags | tool, local, cracker
systems | windows
MD5 | b1b672393c20d81e400b6bcc390614e2
Neowise CarbonFTP 1.4 Insecure Proprietary Password Encryption
Posted Jan 20, 2020
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Neowise CarbonFTP version 1.4 suffers from an insecure proprietary password encryption implementation.

tags | exploit
advisories | CVE-2020-6857
MD5 | aecef434c516d728f44dde372d426274
Trend Micro Security (Consumer) Arbitrary Code Execution
Posted Jan 17, 2020
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Trend Micro Security can potentially allow an attacker to use a malicious program to escalate privileges to SYSTEM integrity and obtain persistence on a vulnerable system.

tags | exploit
advisories | CVE-2019-20357
MD5 | d94d6061aaad9782bb11838c46318d2c
Trend Micro Security 2019 Security Bypass Protected Service Tampering
Posted Jan 17, 2020
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Trend Micro Maximum Security is vulnerable to arbitrary code execution as it allows for creation of registry key to target a process running as SYSTEM. This can allow a malware to gain elevated privileges to take over and shutdown services that require SYSTEM privileges like Trend Micros "Asmp" service "coreServiceShell.exe" which does not allow Administrators to tamper with them. This could allow an attacker or malware to gain elevated privileges and tamper with protected services by disabling or otherwise preventing them to start. Note administrator privileges are required to exploit this vulnerability.

tags | exploit, arbitrary, registry, code execution
advisories | CVE-2019-19697
MD5 | 8141cd4c6867deb8b0509555a9e089df
Microsoft Windows VCF Denial Of Service
Posted Jan 4, 2020
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Microsoft Windows VCF cards do not properly sanitize email addresses allowing for HTML injection. A corrupt VCF card can cause all the users currently opened files and applications to be closed and their session to be terminated without requiring any accompanying attacker supplied code.

tags | exploit
systems | windows
MD5 | a8bf3c22b7586fb9aed156a323afff1c
Microsoft Windows .Group File URL Field Code Execution
Posted Jan 1, 2020
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Microsoft Windows suffers from a .group file code execution vulnerability that leverages the URL field.

tags | exploit, code execution
systems | windows
MD5 | c14d7dd530c485214547e0c84c47d3fd
Microsoft Windows Media Center XML Injection
Posted Dec 4, 2019
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Microsoft Windows Media Center suffers from an XML external entity injection vulnerability. This vulnerability was originally released back on December 4, 2016, yet remains unfixed.

tags | exploit
systems | windows
MD5 | 08852a95d58030559d7cf597ca2a27de
Microsoft Visual Studio 2008 Express IDE XML Injection
Posted Dec 2, 2019
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Microsoft Visual Studio 2008 Express IDE suffers from an XML external entity injection vulnerability.

tags | exploit
MD5 | 789e0a22b8214672e24e1c11ee00b829
Microsoft Excel 2016 1901 Import Error XML Injection
Posted Nov 30, 2019
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Microsoft Excel 2016 version 1901 suffers from an XML external entity injection vulnerability.

tags | exploit
MD5 | 38a897cf183daf4eab6b217fc70232f7
Page 1 of 13
Back12345Next

File Archive:

October 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    25 Files
  • 2
    Oct 2nd
    13 Files
  • 3
    Oct 3rd
    1 Files
  • 4
    Oct 4th
    1 Files
  • 5
    Oct 5th
    15 Files
  • 6
    Oct 6th
    15 Files
  • 7
    Oct 7th
    15 Files
  • 8
    Oct 8th
    11 Files
  • 9
    Oct 9th
    3 Files
  • 10
    Oct 10th
    1 Files
  • 11
    Oct 11th
    1 Files
  • 12
    Oct 12th
    8 Files
  • 13
    Oct 13th
    12 Files
  • 14
    Oct 14th
    23 Files
  • 15
    Oct 15th
    4 Files
  • 16
    Oct 16th
    13 Files
  • 17
    Oct 17th
    1 Files
  • 18
    Oct 18th
    1 Files
  • 19
    Oct 19th
    27 Files
  • 20
    Oct 20th
    41 Files
  • 21
    Oct 21st
    18 Files
  • 22
    Oct 22nd
    16 Files
  • 23
    Oct 23rd
    2 Files
  • 24
    Oct 24th
    1 Files
  • 25
    Oct 25th
    1 Files
  • 26
    Oct 26th
    17 Files
  • 27
    Oct 27th
    19 Files
  • 28
    Oct 28th
    29 Files
  • 29
    Oct 29th
    13 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close