exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 113 RSS Feed

Files from Kingcope

Email addresskingcope at gmx.net
First Active2004-04-11
Last Active2019-05-22
FreeBSD rtld execl() Privilege Escalation
Posted May 22, 2019
Authored by stealth, Kingcope | Site metasploit.com

This Metasploit module exploits a vulnerability in the FreeBSD run-time link-editor (rtld). The rtld unsetenv() function fails to remove LD_* environment variables if __findenv() fails. This can be abused to load arbitrary shared objects using LD_PRELOAD, resulting in privileged code execution.

tags | exploit, arbitrary, code execution
systems | freebsd, bsd
advisories | CVE-2009-4146, CVE-2009-4147
SHA-256 | b7d2e9a938e3bd3e306735ac30c5547fb5873fe1a798d291f7cd437bdee37ad0
OpenSSH Two Minute Cracking Window
Posted Jul 19, 2015
Authored by Kingcope

OpenSSH allows for unlimited password cracking in a two minute timeframe.

tags | exploit
SHA-256 | 25629b480318a8e57f7afa8ce9daa4ea9ed171b4e2087d872c4851d327423301
Apache Magicka Code Execution
Posted Oct 29, 2013
Authored by Kingcope

Apache and PHP remote command execution exploit that leverages php5-cgi.

tags | exploit, remote, cgi, php
advisories | CVE-2012-1823
SHA-256 | 9d57dc343cc59f716358c28109591d65f8d5b225d645fd188e0084e43bad3ad6
ProFTPd mod_sftp / mod_sftp_pam Memory Exhaustion
Posted Sep 11, 2013
Authored by Kingcope

ProFTPd installs with mod_sftp and mod_sftp_pam activated contain a memory exhaustion vulnerability.

tags | advisory
SHA-256 | 95185308c28fd558885085b49bb19eba912372bf47baf1e28699dce9ade846a9
Mikrotik RouterOS 5.x / 6.x SSHd Heap Corruption
Posted Sep 3, 2013
Authored by Kingcope

Mikrotik RouterOS versions 5.x and 6.x suffer from an sshd remote pre-authentication heap corruption vulnerability. Included is a 50 meg Mikrotik package that includes all research items.

tags | exploit, remote
systems | linux
SHA-256 | 74610d5d75efcfb4a984b83085a1bd9e64779bd5d156fb3a81b92d7bb3439349
Apache suEXEC Privilege Escalation / Information Disclosure
Posted Aug 8, 2013
Authored by Kingcope

Apache suEXEC suffers from privilege escalation and information disclosure vulnerabilities.

tags | exploit, vulnerability, info disclosure
SHA-256 | 6eddc12273e6a9546d9219b053ff012eff046f9697318a4bec44daadab5df846
Nginx 1.3.9 / 1.4.0 Exploit Documentation
Posted Jul 23, 2013
Authored by Kingcope

This whitepaper document how the brute forcing exploit works for a buffer overflow vulnerability in nginx versions 1.3.9 and 1.4.0 on x86.

tags | paper, overflow, x86
advisories | CVE-2013-2028
SHA-256 | 83e7a76cda024bdc1720e8569cb20218c76aa3c5b8a8f5ddfad4818e03f8afe9
Squid 3.3.5 Denial Of Service
Posted Jul 16, 2013
Authored by Kingcope

Squid version 3.3.5 remote denial of service crash exploit.

tags | exploit, remote, denial of service
SHA-256 | 247867b58f499ec2f8cbd7f45618c22bc77cf0fc844f2741c42df41f4033fd68
nginx 1.3.9 / 1.4.0 x86 Brute Force Proof Of Concept
Posted Jul 11, 2013
Authored by Kingcope

nginx version 1.3.9 and 1.4.0 x86 brute force proof of concept remote exploit that spawns a reverse shell.

tags | exploit, remote, shell, x86, proof of concept
SHA-256 | c08d90d9385b3dfaf58239db1bfee804fe103d21d4ebed131c2c37bd98971111
Plesk PHP Code Injection
Posted Jun 25, 2013
Authored by Kingcope, infodox

Reliable exploit for the Plesk PHP code injection vulnerability disclosed by Kingcope in June 2013. Can deliver inline and reverse shells using the payloads library, as well as offering (buggy) file upload features.

tags | exploit, shell, php, file upload
systems | unix
SHA-256 | b76333a40c15eeb1e6e0fe351ee9f933ff24a237da980ed7dc853fd2e1f0d52c
Parallels Plesk 9.5.4 Remote Command Execution
Posted Jun 5, 2013
Authored by Kingcope

Parallels Plesk version 9.5.4 (and possibly other versions) suffers from a remote PHP code execution vulnerability. This rar archive includes a working exploit and details surrounding the issue.

tags | exploit, remote, php, code execution
SHA-256 | 45eedc54848a9db5ff66ce3b3a0d147ce2510e8bc440ebf972f7b958ef500803
ircd-hybrid 8.0.5 Denial Of Service
Posted Apr 12, 2013
Authored by Kingcope

ircd-hybrid version 8.0.5 on CentOS 6 denial of service exploit.

tags | exploit, denial of service
systems | linux, centos
advisories | CVE-2013-0238
SHA-256 | 1ad9d4b2dbdf42d96561ba07e7956a32432227a3ff63dc81f94e3ce9afd25f47
Attacking The Windows 7 / 8 Address Space Randomization
Posted Jan 25, 2013
Authored by Kingcope

This archive has a whitepaper that discusses research and methods used to circumvent Microsoft Windows 7 and 8 memory protections in order to execute arbitrary assembly code. Proof of concepts are also provided.

tags | exploit, arbitrary, proof of concept
systems | windows
SHA-256 | c8e610b00b7c56c4bacab2f28c7776039d77d68be2dd25ef959f8e2a888d5f82
IBM System Director Agent DLL Injection
Posted Dec 7, 2012
Authored by Kingcope, Bernhard Mueller, juan vazquez | Site metasploit.com

This Metasploit module abuses the "wmicimsv" service on IBM System Director Agent 5.20.3 to accomplish arbitrary DLL injection and execute arbitrary code with SYSTEM privileges. In order to accomplish remote DLL injection it uses a WebDAV service as disclosed by kingcope on December 2012. Because of this, the target host must have the WebClient service (WebDAV Mini-Redirector) enabled. It is enabled and automatically started by default on Windows XP SP3, but disabled by default on Windows 2003 SP2.

tags | exploit, remote, arbitrary
systems | windows
advisories | CVE-2009-0880, OSVDB-52616, OSVDB-88102
SHA-256 | 57ad1d7f1d323cfb6acd126a3292c26cbc21aecfac9b4ae0aa47d8c45a07aaad
Oracle MySQL For Microsoft Windows MOF Execution
Posted Dec 7, 2012
Authored by Kingcope, sinn3r | Site metasploit.com

This Metasploit modules takes advantage of a file privilege misconfiguration problem specifically against Windows MySQL servers (due to the use of a .mof file). This may result in arbitrary code execution under the context of SYSTEM. However, please note in order to use this module, you must have a valid MySQL account on the target machine.

tags | exploit, arbitrary, code execution
systems | windows
advisories | CVE-2012-5613
SHA-256 | 4bdddccff72e6f861ece38c09f5e2d07982390d9788ff9574617a88479fcf1dc
Tectia SSH USERAUTH Change Request Password Reset
Posted Dec 5, 2012
Authored by Kingcope, sinn3r, bperry | Site metasploit.com

This Metasploit module exploits a vulnerability in Tectia SSH server for Unix-based platforms. The bug is caused by a SSH2_MSG_USERAUTH_PASSWD_CHANGEREQ request before password authentication, allowing any remote user to bypass the login routine, and then gain access as root.

tags | exploit, remote, root
systems | unix
SHA-256 | a8cae2783ae383b985cfe414beea92207b93fca99d51ada21c788b6eff779ccc
FreeFTPD Remote SYSTEM Level
Posted Dec 3, 2012
Authored by Kingcope

FreeFTPD remote SYSTEM level exploit that does not require a username. All versions as of 12/03/2012 are affected.

tags | exploit, remote
SHA-256 | b7bff25b29023037bee1293ab7a4b53100ef5e4b3588f6dc35cf4926f6199596
FreeSSHD Remote Authentication Bypass
Posted Dec 3, 2012
Authored by Kingcope

FreeSSHD suffers from a remote authentication bypass vulnerability.

tags | exploit, remote, bypass
SHA-256 | 0f3bd20a3e70422b385aedbcf9be79dcffb498416d75c29e1820bbafa68dab21
SSH Tectia Remote Authentication Bypass
Posted Dec 3, 2012
Authored by Kingcope

The SSH USERAUTH CHANGE REQUEST routines in SSH Tectia (a commercial version of OpenSSH) suffer from a remote authentication bypass vulnerability.

tags | exploit, remote, bypass
SHA-256 | 90574e5a353e4c3a76ad8f415c316dc006d8d28e2cf0d2589bd14d0b13c310a8
Telnet Encrypt Key ID Priv8 Scanner
Posted Dec 3, 2012
Authored by Kingcope, John Anderson

This is the telnet encrypt key id priv8 modified version of synscan.

tags | tool, scanner
systems | unix
SHA-256 | 941d0545a6636757939b84f3cf7f19204935caab6241cc3cf55bcb2b2b71ba5e
Oracle MySQL User Account Enumeration Utility
Posted Dec 3, 2012
Authored by Kingcope

Oracle MySQL suffers from a user enumeration vulnerability. This is a utility that demonstrates the issue.

tags | exploit
advisories | CVE-2012-5615
SHA-256 | 8460a0977a201113cdd0cf16e055c51392db08aa506165c818a881ce632dbd1d
Oracle MySQL Windows Stuxnet Technique SYSTEM Exploit
Posted Dec 3, 2012
Authored by Kingcope

Oracle MySQL on Windows remote exploit that leverages file privileges to obtain a SYSTEM shell.

tags | exploit, remote, shell
systems | windows
SHA-256 | 4a2e64891b58bc7a154f2b70367e520bd51dde3d72bf67966ad91a32725a0244
Oracle MySQL 5.5.19-log Denial Of Service
Posted Dec 3, 2012
Authored by Kingcope

Oracle MySQL version 5.5.19-log on SuSE Linux suffers from a denial of service vulnerability.

tags | exploit, denial of service
systems | linux, suse
advisories | CVE-2012-5614
SHA-256 | e7b152542270e8ccb148f030520930976460470f663a3f3d19c5f09cba1871f5
Oracle MySQL Privilege Escalation
Posted Dec 3, 2012
Authored by Kingcope

Oracle MySQL on Linux suffers from a vulnerability that allows an attacker to add a new admin user.

tags | exploit
systems | linux
advisories | CVE-2012-5613
SHA-256 | d1601135651994faddfc10c91567f145058d6d888036e2073e79b83518277a4f
Oracle MySQL Heap Overrun
Posted Dec 3, 2012
Authored by Kingcope

Oracle MySQL on Linux suffers from a heap overrun vulnerability.

tags | exploit, overflow
systems | linux
advisories | CVE-2012-5612
SHA-256 | aa61b4faa2cc9c52276bbcea35e5861199148c06c5182c06981f429b55af2c0e
Page 1 of 5
Back12345Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close