exploit the possibilities
Showing 1 - 7 of 7 RSS Feed

Files Date: 2017-07-22

Oracle Web Center 11.1.1.9.0 / 12.2.1.1.0 / 12.2.1.2.0 XSS
Posted Jul 22, 2017
Authored by Owais Mehtab, Tayeeb Rana

Oracle Web Center versions 11.1.1.9.0, 12.2.1.1.0, and 12.2.1.2.0 suffer from a cross site scripting vulnerability.

tags | exploit, web, xss
advisories | CVE-2017-10075
MD5 | 1e3f00f41f33004fa4e281208e66410b
Easy Chat Server User Registeration Buffer Overflow (SEH)
Posted Jul 22, 2017
Authored by Marco Rivoli, Aitezaz Mohsin | Site metasploit.com

This Metasploit module exploits a buffer overflow during user registration in Easy Chat Server software.

tags | exploit, overflow
MD5 | ea660b80899722585fc2d5713b8b135f
Razer Synapse rzpnk.sys ZwOpenProcess
Posted Jul 22, 2017
Authored by Spencer McIntyre | Site metasploit.com

A vulnerability exists in the latest version of Razer Synapse (v2.20.15.1104 as of the day of disclosure) which can be leveraged locally by a malicious application to elevate its privileges to those of NT_AUTHORITY\SYSTEM.

tags | exploit, web, arbitrary, shellcode
advisories | CVE-2017-9769
MD5 | 05dbcbf512b9be0da1b9ceddb93d860c
IPFire proxy.cgi Remote Code Execution
Posted Jul 22, 2017
Authored by h00die, 0x09AL | Site metasploit.com

IPFire, a free linux based open source firewall distribution, version prior to 2.19 Update Core 110 contains a remote command execution vulnerability in the ids.cgi page in the OINKCODE field.

tags | exploit, remote, cgi
systems | linux
MD5 | 1f8ebd286acb009b1e30960495f5b74d
VICIdial user_authorization Unauthenticated Command Execution
Posted Jul 22, 2017
Authored by Brendan Coles | Site metasploit.com

This Metasploit module exploits a vulnerability in VICIdial versions 2.9 RC 1 to 2.13 RC1 which allows unauthenticated users to execute arbitrary operating system commands as the web server user if password encryption is enabled (disabled by default). When password encryption is enabled the user's password supplied using HTTP basic authentication is used in a call to exec(). This Metasploit module has been tested successfully on version 2.11 RC2 and 2.13 RC1 on CentOS.

tags | exploit, web, arbitrary
systems | linux, centos
MD5 | 97f5f8a82932db45a47b13397a65ccd6
Metasploit RPC Console Command Execution
Posted Jul 22, 2017
Authored by Brendan Coles | Site metasploit.com

This Metasploit module connects to a specified Metasploit RPC server and uses the 'console.write' procedure to execute operating system commands. Valid credentials are required to access the RPC interface. This Metasploit module has been tested successfully on Metasploit 4.15 on Kali 1.0.6; Metasploit 4.14 on Kali 2017.1; and Metasploit 4.14 on Windows 7 SP1.

tags | exploit
systems | windows, 7
MD5 | b76c5685a0298b752e8aaaf4f214e190
Hydra Network Logon Cracker 8.6
Posted Jul 22, 2017
Authored by van Hauser, thc | Site thc.org

THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.

Changes: Added radmin2 module by catatonic prime. SMB module now checks if SMBv1 is supported by the server and if signing is required. http-form module now supports URLs up to 6000 bytes. Various other updates.
tags | tool, web, imap
systems | cisco, unix
MD5 | 5d909cfea627a1f2482b82dfbd64956c
Page 1 of 1
Back1Next

File Archive:

February 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    1 Files
  • 2
    Feb 2nd
    2 Files
  • 3
    Feb 3rd
    17 Files
  • 4
    Feb 4th
    15 Files
  • 5
    Feb 5th
    24 Files
  • 6
    Feb 6th
    16 Files
  • 7
    Feb 7th
    19 Files
  • 8
    Feb 8th
    1 Files
  • 9
    Feb 9th
    2 Files
  • 10
    Feb 10th
    15 Files
  • 11
    Feb 11th
    20 Files
  • 12
    Feb 12th
    12 Files
  • 13
    Feb 13th
    18 Files
  • 14
    Feb 14th
    17 Files
  • 15
    Feb 15th
    4 Files
  • 16
    Feb 16th
    4 Files
  • 17
    Feb 17th
    34 Files
  • 18
    Feb 18th
    15 Files
  • 19
    Feb 19th
    19 Files
  • 20
    Feb 20th
    20 Files
  • 21
    Feb 21st
    11 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files
  • 29
    Feb 29th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close