seeing is believing
Showing 1 - 7 of 7 RSS Feed

Files Date: 2017-07-22

Oracle Web Center 11.1.1.9.0 / 12.2.1.1.0 / 12.2.1.2.0 XSS
Posted Jul 22, 2017
Authored by Owais Mehtab, Tayeeb Rana

Oracle Web Center versions 11.1.1.9.0, 12.2.1.1.0, and 12.2.1.2.0 suffer from a cross site scripting vulnerability.

tags | exploit, web, xss
advisories | CVE-2017-10075
MD5 | 1e3f00f41f33004fa4e281208e66410b
Easy Chat Server User Registeration Buffer Overflow (SEH)
Posted Jul 22, 2017
Authored by Marco Rivoli, Aitezaz Mohsin | Site metasploit.com

This Metasploit module exploits a buffer overflow during user registration in Easy Chat Server software.

tags | exploit, overflow
MD5 | ea660b80899722585fc2d5713b8b135f
Razer Synapse rzpnk.sys ZwOpenProcess
Posted Jul 22, 2017
Authored by Spencer McIntyre | Site metasploit.com

A vulnerability exists in the latest version of Razer Synapse (v2.20.15.1104 as of the day of disclosure) which can be leveraged locally by a malicious application to elevate its privileges to those of NT_AUTHORITY\SYSTEM.

tags | exploit, web, arbitrary, shellcode
advisories | CVE-2017-9769
MD5 | 05dbcbf512b9be0da1b9ceddb93d860c
IPFire proxy.cgi Remote Code Execution
Posted Jul 22, 2017
Authored by h00die, 0x09AL | Site metasploit.com

IPFire, a free linux based open source firewall distribution, version prior to 2.19 Update Core 110 contains a remote command execution vulnerability in the ids.cgi page in the OINKCODE field.

tags | exploit, remote, cgi
systems | linux
MD5 | 1f8ebd286acb009b1e30960495f5b74d
VICIdial user_authorization Unauthenticated Command Execution
Posted Jul 22, 2017
Authored by Brendan Coles | Site metasploit.com

This Metasploit module exploits a vulnerability in VICIdial versions 2.9 RC 1 to 2.13 RC1 which allows unauthenticated users to execute arbitrary operating system commands as the web server user if password encryption is enabled (disabled by default). When password encryption is enabled the user's password supplied using HTTP basic authentication is used in a call to exec(). This Metasploit module has been tested successfully on version 2.11 RC2 and 2.13 RC1 on CentOS.

tags | exploit, web, arbitrary
systems | linux, centos
MD5 | 97f5f8a82932db45a47b13397a65ccd6
Metasploit RPC Console Command Execution
Posted Jul 22, 2017
Authored by Brendan Coles | Site metasploit.com

This Metasploit module connects to a specified Metasploit RPC server and uses the 'console.write' procedure to execute operating system commands. Valid credentials are required to access the RPC interface. This Metasploit module has been tested successfully on Metasploit 4.15 on Kali 1.0.6; Metasploit 4.14 on Kali 2017.1; and Metasploit 4.14 on Windows 7 SP1.

tags | exploit
systems | windows, 7
MD5 | b76c5685a0298b752e8aaaf4f214e190
Hydra Network Logon Cracker 8.6
Posted Jul 22, 2017
Authored by van Hauser, thc | Site thc.org

THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.

Changes: Added radmin2 module by catatonic prime. SMB module now checks if SMBv1 is supported by the server and if signing is required. http-form module now supports URLs up to 6000 bytes. Various other updates.
tags | tool, web, imap
systems | cisco, unix
MD5 | 5d909cfea627a1f2482b82dfbd64956c
Page 1 of 1
Back1Next

File Archive:

August 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    20 Files
  • 2
    Aug 2nd
    30 Files
  • 3
    Aug 3rd
    20 Files
  • 4
    Aug 4th
    17 Files
  • 5
    Aug 5th
    4 Files
  • 6
    Aug 6th
    2 Files
  • 7
    Aug 7th
    15 Files
  • 8
    Aug 8th
    18 Files
  • 9
    Aug 9th
    10 Files
  • 10
    Aug 10th
    24 Files
  • 11
    Aug 11th
    10 Files
  • 12
    Aug 12th
    3 Files
  • 13
    Aug 13th
    3 Files
  • 14
    Aug 14th
    10 Files
  • 15
    Aug 15th
    16 Files
  • 16
    Aug 16th
    18 Files
  • 17
    Aug 17th
    15 Files
  • 18
    Aug 18th
    17 Files
  • 19
    Aug 19th
    15 Files
  • 20
    Aug 20th
    11 Files
  • 21
    Aug 21st
    15 Files
  • 22
    Aug 22nd
    15 Files
  • 23
    Aug 23rd
    13 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close