exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 7 of 7 RSS Feed

Files from scriptjunkie

Email addressscriptjunkie.1 at googlemail.com
First Active2009-05-11
Last Active2014-10-02
PXE Exploit Server
Posted Oct 2, 2014
Authored by scriptjunkie | Site metasploit.com

This Metasploit module provides a PXE server, running a DHCP and TFTP server. The default configuration loads a linux kernel and initrd into memory that reads the hard drive; placing the payload on the hard drive of any Windows partition seen. Note: the displayed IP address of a target is the address this DHCP server handed out, not the "normal" IP address the host uses.

tags | exploit, kernel
systems | linux, windows
SHA-256 | eccfe4bccc8cc819b0c0b0ed3f9685768bdbfd924bcd34807ff51c586f845e6a
DHCP Client Bash Environment Variable Code Injection
Posted Sep 26, 2014
Authored by Ramon de C Valle, scriptjunkie, Stephane Chazelas | Site metasploit.com

This Metasploit module exploits a code injection in specially crafted environment variables in Bash, specifically targeting dhclient network configuration scripts through the HOSTNAME, DOMAINNAME, and URL DHCP options.

tags | exploit, bash
advisories | CVE-2014-6271
SHA-256 | 79d7a8dc657f6596bbdf6d89daca73b5c6faa99cc6ea47bed9be15fb8d04a23a
Windows Escalate Service Permissions Local Privilege Escalation
Posted Oct 15, 2012
Authored by scriptjunkie | Site metasploit.com

This Metasploit module attempts to exploit existing administrative privileges to obtain a SYSTEM session. If directly creating a service fails, this module will inspect existing services to look for insecure file or configuration permissions that may be hijacked. It will then attempt to restart the replaced service to run the payload. This will result in a new session when this succeeds. If the module is able to modify the service but does not have permission to start and stop the affected service, the attacker must wait for the system to restart before a session will be created.

tags | exploit
SHA-256 | 2d7db2108c548773a92d81355b9be4cd20b7d9069749634dd3a320136b18a734
PXE Exploit Server
Posted Aug 6, 2011
Authored by scriptjunkie | Site metasploit.com

This Metasploit module provides a PXE server, running a DHCP and TFTP server. The default configuration loads a linux kernel and initrd into memory that reads the hard drive; placing the payload on the hard drive of any Windows partition seen, and add a uid 0 user with username and password metasploit to any linux partition seen.

tags | exploit, kernel
systems | linux, windows
SHA-256 | d5887b3e24f48d3a3e6ef8dd0852f404ea6cfdf61b06a9ba26bcbb9fa7779a04
Mozilla Firefox Interleaving document.write / appendChild Code Execution
Posted Feb 19, 2011
Authored by scriptjunkie | Site metasploit.com

This Metasploit module exploits a code execution vulnerability in Mozilla Firefox caused by interleaved calls to document.write and appendChild. This exploit is a metasploit port of the in-the-wild exploit.

tags | exploit, code execution
advisories | CVE-2010-3765, OSVDB-68905
SHA-256 | 843b760650dc1cd9d6f9a955b96d33b37fdcdd2f3d930a4d123bada5cd1bffd1
Maple Maplet File Creation and Command Execution
Posted May 3, 2010
Authored by scriptjunkie | Site metasploit.com

This Metasploit module harnesses Maple's ability to create files and execute commands automatically when opening a Maplet. All versions up to 13 are suspected vulnerable. Testing was conducted with version 13 on Windows. Standard security settings prevent code from running in a normal maple worksheet without user interaction, but those setting do not prevent code in a Maplet from running. In order for the payload to be executed, an attacker must convince someone to open a specially modified .maplet file with Maple. By doing so, an attacker can execute arbitrary code as the victim user.

tags | exploit, arbitrary
systems | windows
SHA-256 | 48cf2fc583fbcdc37654c0ac828cc80aed7b98dcc536af1af641e2b62e11c413
PHP Recommend 1.3 Bypass / Inclusion / Injection
Posted May 11, 2009
Authored by scriptjunkie

PHP Recommend versions 1.3 and below suffer from authentication bypass, remote file inclusion, and code injection vulnerabilities.

tags | exploit, remote, php, vulnerability, code execution, bypass, file inclusion
SHA-256 | 57fb82142184e366083365635d46ae24b606a051eeffd3872f820bcd17ffc841
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close