exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 44 of 44 RSS Feed

Files from xistence

Email addressprivate
First Active2011-06-24
Last Active2015-10-14
View User Profile
Western Digital Arkeia Remote Code Execution
Posted Sep 20, 2013
Authored by xistence | Site metasploit.com

This Metasploit module exploits a vulnerability found in Western Digital Arkeia Appliance version 10.0.10 and lower. By abusing the upload.php file from the scripts directory, a malicious user can upload arbitrary code to the ApplianceUpdate file in the temp directory without any authentication. Abusing the local file inclusion in the lang cookie to parse this file, results in arbitrary code execution, also without any authentication. The module has been tested successfully on Arkeia 10.0.10. The issues have been fixed in version 10.1.10.

tags | exploit, arbitrary, local, php, code execution, file inclusion
SHA-256 | b6be92789311b465be99dfdca2d0ac2207f5eb8fd1d7de3d361ab48a8421df40
OpenEMR 4.1.1 Patch 14 SQLi Privilege Escalation Remote Code Execution
Posted Sep 20, 2013
Authored by xistence | Site metasploit.com

This Metasploit module exploits a vulnerability found in OpenEMR version 4.1.1 Patch 14 and lower. When logging in as any non-admin user it's possible to retrieve the admin SHA1 password hash from the database through SQL injection. The SQL injection vulnerability exists in the "new_comprehensive_save.php" page. This hash can be used to log in as the admin user. After logging in, the "manage_site_files.php" page will be used to upload arbitrary code.

tags | exploit, arbitrary, php, sql injection
SHA-256 | 153813f0acc368a45adcb43f7156aa643bd4c5305a6564c6562b51d3c58cec74
Western Digital Arkeia Appliance 10010 Upload / LFI
Posted Sep 17, 2013
Authored by xistence

Western Digital Arkeia Appliance version 10.0.10 suffers from local file inclusion and unauthenticated firmware upload vulnerabilities.

tags | exploit, local, vulnerability, file inclusion, file upload
SHA-256 | 986980ef6f7a090f7de67c61f20277e211d6c6bd9bfdb11aea4f532caa3ad9cd
OpenEMR 4.1.1 Patch 14 SQL Injection / Shell Upload
Posted Sep 17, 2013
Authored by xistence

OpenEMR version 4.1.1 Patch 14 suffers from remote shell upload and remote SQL injection vulnerabilities.

tags | exploit, remote, shell, vulnerability, sql injection
SHA-256 | dd2bb2f9a5d3ce8ac7e4ee72e80cd42dbbbcb6ec9045c094bc63c0831a0f7e7a
TP-Link TD-W8951ND Cross Site Request Forgery / Cross Site Scripting
Posted Aug 30, 2013
Authored by xistence

TP-Link TD-W8951ND Firmware 4.0.0 Build 120607 Release 30923 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
SHA-256 | 6f8f17c7fe77da4b4fb9dc2dbb22d7bc2130afdfd2ddf5f70ee72cef17ddb028
Alienvault OSSIM Cross Site Scripting
Posted Jul 25, 2013
Authored by xistence

Alienvault OSSIM versions prior to 4.3.0 suffer from multiple reflective cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | b97b24ad187260fb2d369e36bc782d9527bb13c5629ef33949027b13a42c4a22
Motion 3.2.12 XSS / CSRF / Buffer Overflow / SQL Injection
Posted Jun 26, 2013
Authored by xistence

Motion version 3.2.12 suffers from buffer overflow, cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities.

tags | exploit, remote, overflow, vulnerability, xss, sql injection, csrf
SHA-256 | b0344ad160e1b46270a65b0478d5055eea41ebe9ede1d2cfbe6032d25f57175b
CAREL pCOWeb 1.5.0 Default Credential Shell Access
Posted May 23, 2013
Authored by xistence | Site carel.com

The CAREL pCOWeb firmware version 1.5.0 and lower has two passwordless default accounts that allow direct shell access via telnet. These accounts are not exposed in the associated Web UI. CAREL pCOWeb is an embedded device used primarily for HVAC systems.

tags | advisory, web, shell
SHA-256 | 82b0a4cd0a0bf41d1802335815e91ba3801340fe8352516154ac02cad97445f8
Astium VoIP PBX 2.1 Denial Of Service
Posted Jan 2, 2013
Authored by xistence

Astium VoIP PBX versions 2.1 build 25399 and below remote crash proof of concept exploit that causes astiumd to crash when sent a large buffer.

tags | exploit, remote, denial of service, proof of concept
SHA-256 | e4acc58c36708f878375e2b46efebab2ae7b0ffc17d0d60f690a35ea16535fe7
Astium VoIP PBX 2.1 Remote Root
Posted Jan 2, 2013
Authored by xistence

Astium is prone to multiple vulnerabilities. This exploit uses SQL injection to bypass authentication on the login page and get access as an administrator. After that it uploads and executes a PHP script that will modify the "/usr/local/astium/web/php/config.php" script with a reverse shell and run a "sudo /sbin/service astcfgd reload". Version 2.1 build 25399 is affected.

tags | exploit, web, shell, local, php, vulnerability, sql injection
SHA-256 | a8bfed2b6a0488de9a6ded9c5bfe3e6d3e1e35ff053af72f599d8824a3f99a99
Ubiquiti AirOS 5.5.2 Command Execution
Posted Dec 29, 2012
Authored by xistence

Ubiquiti AirOS versions 5.5.2 and below suffer from a remote post-authentication root-level command execution vulnerability.

tags | exploit, remote, root
SHA-256 | 31177e50c29169efd962af59bdd1dcd6fd98c00f6e95f81c9e27921a3d144b6a
YeaLink IP Phone 9.70.0.100 CSRF / Default Credentials
Posted Dec 21, 2012
Authored by xistence

YeaLink IP Phone SIP TxxP firmware versions 9.70.0.100 and below suffer from default credential and cross site request forgery vulnerabilities.

tags | exploit, vulnerability, info disclosure, csrf
SHA-256 | 874405777edd847f163325edf73c03b42d16a9c2dc18c2eda37f745725d199aa
ManageEngine Security Manager Plus 5.5 build 5505 SQL Injection
Posted Oct 28, 2012
Authored by egypt, sinn3r, xistence | Site metasploit.com

This Metasploit module exploits a SQL injection found in ManageEngine Security Manager Plus advanced search page, which results in remote code execution under the context of SYSTEM in Windows; or as the user in Linux. Authentication is not required in order to exploit this vulnerability.

tags | exploit, remote, code execution, sql injection
systems | linux, windows
SHA-256 | ae2e0907bda1eeb2906f4560caa8085b35712d1a7fe05eeb19dddd8fe8de7ac1
ManageEngine Security Manager Plus 5.5 SQL Injection
Posted Oct 19, 2012
Authored by xistence

ManageEngine Security Manager Plus versions 5.5 build 5505 remote SYSTEM/root SQL injection exploit that spawns a shell.

tags | exploit, remote, shell, root, sql injection
SHA-256 | 6d2a8bcbddb1c5a2fce72265db430d93c35c4e46841e736af9eb65ee5db7fa47
ManageEngine Security Manager Plus 5.5 Traversal
Posted Oct 19, 2012
Authored by xistence

ManageEngine Security Manager Plus versions 5.5 build 5505 and below suffer from a path traversal vulnerability.

tags | exploit, file inclusion
SHA-256 | fa2c630e11d919d9d1b121504583b9b23aae97d94b41855b33e036271a53318b
ManageEngine Security Manager Plus 5.5 Build 5505 Code Execution
Posted Oct 19, 2012
Authored by xistence | Site metasploit.com

This Metasploit module exploits a SQL injection found in ManageEngine Security Manager Plus advanced search page. It will send a malicious SQL query to create a JSP file under the web root directory, and then let it download and execute our malicious executable under the context of SYSTEM. No authentication is necessary to exploit this.

tags | exploit, web, root, sql injection
SHA-256 | e2984c80e9b18bcfe0bf36c7deb7a463e4967710e4784d8a20eb3c7da32c323b
ManageEngine Support Center Plus 7908 XSS / Shell Upload
Posted Oct 16, 2012
Authored by xistence

ManageEngine Support Center Plus versions 7908 and below suffer from multiple cross site scripting and shell upload vulnerabilities.

tags | exploit, shell, vulnerability, xss
SHA-256 | ce1d93bee37427da393ef8b2a378940e15f95dfe2266842aa8f8b6171109489a
ManageEngine Support Center Plus 7903 XSS / SQL Injection
Posted Apr 15, 2012
Authored by xistence

ManageEngine Support Center Plus versions 7903 and below suffer from backup related, unauthorized access, cross site scripting, and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | 00f2539984dab23c36d58c4e258af76a9f0554b23a8e7f3047e20d3d1a2fd7a1
ManageEngine Support Center Plus 7.8 Directory Traversal
Posted Jun 24, 2011
Authored by xistence

ManageEngine Support Center Plus versions 7801 and below of the 7.8 build suffer from a directory traversal vulnerability.

tags | exploit, file inclusion
SHA-256 | 8743cb951897ee9699667263f90fad9d4a903b39178ae4eaf8b7ff565eb920ee
Page 2 of 2
Back12Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close