exploit the possibilities
Showing 1 - 14 of 14 RSS Feed

Files from David Kennedy

Email addresskennedyd013 at gmail.com
First Active2009-06-11
Last Active2020-01-11
Citrix Application Delivery Controller / Gateway Remote Code Execution / Traversal
Posted Jan 11, 2020
Authored by David Kennedy, Rob Simon

Citrix Application Delivery Controller and Citrix Gateway directory traversal remote code execution exploit.

tags | exploit, remote, code execution, file inclusion
advisories | CVE-2019-19781
SHA-256 | 58fc2672000bf17d12588526d12ca1207500f1e227f4abda50e070491b0d9866
The TrustedSec Attack Platform (TAP)
Posted Oct 29, 2015
Authored by David Kennedy | Site github.com

TAP is a remote penetration testing platform builder. For folks in the security industry, traveling often times becomes a burden and adds a ton of cost to the customer. TAP was designed to make the deployment of these boxes super simple and create a self-healing and stable platform to deploy remote penetration testing platforms. Essentially the concept is simple, you pre-configure a brand new box and run the TAP setup file. This will install a service on Linux that will be configured the way you want. What it will do is establish a reverse SSH tunnel back to a machine thats exposed on the Internet for you. From there you can access the box locally from the server it connects back to. TAP automatically detects when an SSH connection has gone stale and will automatically rebuild it for you.

tags | tool, remote, rootkit
systems | linux, unix
SHA-256 | a42c3f31a3a76e5688666de6f602e9c95f4c10fab29266ee874d7f2dae3b3851
Windows Escalate UAC Protection Bypass (In Memory Injection)
Posted Mar 5, 2014
Authored by David Kennedy, Ben Campbell, mitnick, mubix | Site metasploit.com

This Metasploit module will bypass Windows UAC by utilizing the trusted publisher certificate through process injection. It will spawn a second shell that has the UAC flag turned off. This Metasploit module uses the Reflective DLL Injection technique to drop only the DLL payload binary instead of three separate binaries in the standard technique. However, it requires the correct architecture to be selected, (use x64 for SYSWOW64 systems also).

tags | exploit, shell
systems | windows
SHA-256 | 2af1863cdb30bfd4736972507c329a2bdd36de75f1f53ed9dba7e1b9c141c5d9
Mac OS X 10.8.4 Local Privilege Escalation
Posted Aug 30, 2013
Authored by David Kennedy

Mac OS X versions 10.8.4 and below local root privilege escalation exploit written in Python.

tags | exploit, local, root, python
systems | apple, osx
advisories | CVE-2013-1775, OSVDB-90677
SHA-256 | a0b32edb63a75a52f36b3b0a16898f214ffdda7d8f01efbf9482265d991f663b
Windows Escalate UAC Protection Bypass
Posted Oct 6, 2012
Authored by David Kennedy, mitnick, mubix | Site metasploit.com

This Metasploit module will bypass Windows UAC by utilizing the trusted publisher certificate through process injection. It will spawn a second shell that has the UAC flag turned off.

tags | exploit, shell
systems | windows
SHA-256 | 6f5a8c2406a41e33a82abea58ad31e2ab24d2e47c5ad7403b51ed4ce3b1f2ca2
MySQL Remote Root Authentication Bypass
Posted Jun 12, 2012
Authored by Sergei A. Golubchik, David Kennedy

MySQL remote root authentication bypass exploit.

tags | exploit, remote, root
systems | linux, debian
advisories | CVE-2012-2122
SHA-256 | fa8a07437a078edcac9f7f432c70a04cd4fc7c1f42f36d254d4fa9efe0c46b18
F5 BIG-IP Remote Root Authentication Bypass
Posted Jun 12, 2012
Authored by David Kennedy

This is a proof of concept remote root authentication bypass exploit for F5 BIG-IP. Written in Python.

tags | exploit, remote, root, proof of concept, python
SHA-256 | 56ead1dc2b7a0b89044841502ec4977b0bed8067f3b3118da72703e3b50cbed2
Microsoft SQL Server Payload Execution via SQL injection
Posted Jan 29, 2011
Authored by Rodrigo Marcos, David Kennedy, jduck | Site metasploit.com

This Metasploit module will execute an arbitrary payload on a Microsoft SQL Server, using a SQL injection vulnerability. Once a vulnerability is identified this module will use xp_cmdshell to upload and execute Metasploit payloads. It is necessary to specify the exact point where the SQL injection vulnerability happens.

tags | exploit, arbitrary, sql injection
advisories | CVE-2000-0402, CVE-2000-1209, OSVDB-15757
SHA-256 | 5c71a8e0d959c8b1f43ce27c1cfb87641e1abf71b42047e2636fd0256601f31a
Adobe Shockwave rcsL Memory Corruption
Posted Oct 25, 2010
Authored by David Kennedy | Site metasploit.com

This Metasploit module exploits a weakness in the Adobe Shockwave player's handling of Director movies (.DIR). A memory corruption vulnerability occurs through an undocumented rcsL chunk. This vulnerability was discovered by http://www.abysssec.com.

tags | exploit, web
advisories | CVE-2010-3653
SHA-256 | edbfcc271f52640c5283e776893d943627be757790c777c863e113627287a4e1
Microsoft SQL Server Payload Execution
Posted Nov 26, 2009
Authored by David Kennedy | Site metasploit.com

This Metasploit module will execute an arbitrary payload on a Microsoft SQL Server, using the Windows debug.com method for writing an executable to disk and the xp_cmdshell stored procedure. File size restrictions are avoided by incorporating the debug bypass method presented at Defcon 17 by SecureState. Note that this module will leave a metasploit payload in the Windows System32 directory which must be manually deleted once the attack is completed.

tags | exploit, arbitrary
systems | windows
advisories | CVE-2000-0402
SHA-256 | 08dfa1b6b11d0fd3513417baa7f7f3bdc147dd9a8593be9c3fe0d2e365f87d4d
Spiceworks 3.6 Overflow
Posted Aug 10, 2009
Authored by David Kennedy | Site securestate.com

Spiceworks version 3.6 accept parameter overflow proof of concept crash exploit.

tags | exploit, overflow, proof of concept
SHA-256 | 97160280f7a39829513cfc89560d3e4076e1cd77b06e48cfb5b3bdef51b07171
Firefox 3.5 Heap Spray
Posted Jul 17, 2009
Authored by David Kennedy | Site securestate.com

Mozilla Firefox 3.5 heap spray exploit. Written in Python.

tags | exploit, python
SHA-256 | d1253f8edede8fa9f97227138d7df3490fea4cc39eb8c1282947c40659be1655
Internet Explorer 7 Overflow
Posted Jul 10, 2009
Authored by David Kennedy, John Melvin, Steve Austin | Site securestate.com

Microsoft Internet Explore 7 DirectShow heap spray exploit that leverages msvidctl.dll.

tags | exploit, overflow
SHA-256 | 4ca40df1197e30ea46a78039f8530554112a1b449eb78a2efb94f356bf3735f9
Bypassing Hardware Based DEP
Posted Jun 11, 2009
Authored by David Kennedy | Site securestate.com

Whitepaper called Bypassing Hardware Based Data Execution Prevention (DEP) on Windows 2003 SP2.

tags | paper
systems | windows
SHA-256 | d184381c4ad889006627d8570ca692515a97b3b6be034ad73a212421887c84aa
Page 1 of 1
Back1Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    6 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close