what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 4 of 4 RSS Feed

Files from Paul Haas

First Active2006-04-12
Last Active2017-10-21
Polycom Command Shell Authorization Bypass
Posted Oct 21, 2017
Authored by Paul Haas, h00die | Site metasploit.com

The login component of the Polycom Command Shell on Polycom HDX video endpoints, running software versions 3.0.5 and earlier, is vulnerable to an authorization bypass when simultaneous connections are made to the service, allowing remote network attackers to gain access to a sandboxed telnet prompt without authentication. Versions prior to 3.0.4 contain OS command injection in the ping command which can be used to execute arbitrary commands as root.

tags | exploit, remote, arbitrary, shell, root
SHA-256 | 737f912aedaeba8a1d57b9dc8bd11fe5911f1fbdc0923fc3bb63f868636273f6
Polycom Command Shell Authorization Bypass
Posted Aug 2, 2016
Authored by Paul Haas, h00die | Site metasploit.com

The login component of the Polycom Command Shell on Polycom HDX video endpints, running software versions 3.0.5 and earlier, is vulnerable to an authorization bypass when simultaneous connections are made to the service, allowing remote network attackers to gain access to a sandboxed telnet prompt without authentication. Versions prior to 3.0.4 contain OS command injection in the ping command which can be used to execute arbitrary commands as root.

tags | exploit, remote, arbitrary, shell, root
SHA-256 | 548cc509510583c6e9073f79cf341d4f7d444c54333db5eee6854c756f2f9ecf
Polycom HDX Telnet Authorization Bypass
Posted Feb 13, 2013
Authored by Paul Haas | Site security-assessment.com

The Polycom HDX is a series of telecommunication and video devices. The telnet component of Polycom HDX video endpoint devices is vulnerable to an authorization bypass when multiple simultaneous connections are repeatedly made to the service, allowing remote network attackers to gain full access to a Polycom command prompt without authentication. Versions prior to 3.0.4 also contain OS command injection in the ping command which can be used to escape the telnet prompt and execute arbitrary commands as root. Full Metasploit module included.

tags | exploit, remote, arbitrary, root, bypass
SHA-256 | d6c612cfdc86b1458e81dbbcb92971210f9f19604de9afd1da509ddb21eceac2
UltrVNC1.0.1.py.txt
Posted Apr 12, 2006
Authored by Paul Haas | Site Redspin.com

Ultr@VNC 1.0.1 Client Buffer Overflow exploit. Spawns an instance of calc.exe.

tags | exploit, overflow
SHA-256 | 2fcdc0f17a5a95906e55a96c88e2e56425da544a1bfe0f190964c31c98046b57
Page 1 of 1
Back1Next

File Archive:

May 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    44 Files
  • 2
    May 2nd
    5 Files
  • 3
    May 3rd
    11 Files
  • 4
    May 4th
    0 Files
  • 5
    May 5th
    0 Files
  • 6
    May 6th
    28 Files
  • 7
    May 7th
    3 Files
  • 8
    May 8th
    4 Files
  • 9
    May 9th
    54 Files
  • 10
    May 10th
    12 Files
  • 11
    May 11th
    0 Files
  • 12
    May 12th
    0 Files
  • 13
    May 13th
    17 Files
  • 14
    May 14th
    11 Files
  • 15
    May 15th
    17 Files
  • 16
    May 16th
    13 Files
  • 17
    May 17th
    22 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    17 Files
  • 21
    May 21st
    18 Files
  • 22
    May 22nd
    7 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close