exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

Files Date: 2018-10-05

Clam AntiVirus Toolkit 0.100.2
Posted Oct 5, 2018
Authored by Tomasz Kojm | Site clamav.net

Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a command-line scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.

Changes: Various updates. See changelog.
tags | tool, virus
systems | unix
SHA-256 | 4a2e4f0cd41e62adb5a713b4a1857c49145cd09a69957e6d946ecad575206dd6
Claromentis Discuss 1.2.1 Cross Site Scripting
Posted Oct 5, 2018
Authored by David Vargas

Claromentis Discuss module version 1.2.1 suffers from a stored cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-15903
SHA-256 | 62a89f3e71faa9b2c915aa46d1ffafee1eff19c64d7bfa67798379b30cd4c981
Unitrends UEB HTTP API Remote Code Execution
Posted Oct 5, 2018
Authored by h00die, Benny Husted, Cale Smith, Jared Arave | Site metasploit.com

It was discovered that the api/storage web interface in Unitrends Backup (UB) before 10.0.0 has an issue in which one of its input parameters was not validated. A remote attacker could use this flaw to bypass authentication and execute arbitrary commands with root privilege on the target system. UEB v9 runs the api under root privileges and api/storage is vulnerable. UEB v10 runs the api under limited privileges and api/hosts is vulnerable.

tags | exploit, remote, web, arbitrary, root
advisories | CVE-2017-12478, CVE-2018-6328
SHA-256 | 26c3d9da1b69eb5067bf4415e099c1d16549287987fd59097875111bb16caf69
Zahir Enterprise Plus 6 Stack Buffer Overflow
Posted Oct 5, 2018
Authored by modpr0be, f3ci | Site metasploit.com

This Metasploit module exploits a stack buffer overflow in Zahir Enterprise Plus version 6 build 10b and below. The vulnerability is triggered when opening a CSV file containing CR/LF and overly long string characters via Import from other File. This results in overwriting a structured exception handler record.

tags | exploit, overflow
advisories | CVE-2018-17408
SHA-256 | c51c1d1c21392204bf387a607e386388a6773f8a710db6706b904d643e98b8f9
ISDF 2018 Call For Papers
Posted Oct 5, 2018
Authored by ISDF2018 | Site sdiwc.net

The Fourth International Conference on Information Security and Digital Forensics Call For Papers has been announced. It will take place at the Metropolitan College, Thessaloniki, Greece December 7th through the 9th, 2018.

tags | paper, conference
SHA-256 | 64f94224eaa5dc0fbe7abb819a7cc7b722cd8e76964e085013f2136116718639
Ceaser Cypher Single Byte Payload Encryption
Posted Oct 5, 2018
Authored by Jonathan Loveless

This program takes a payload and does a single offset on the payload (ceaser cypher encryption) and allows you to take the payload and decrypt and execute it in memory to bypass signature detection of currently detectable payloads.

tags | tool, shellcode
SHA-256 | ee91aa4bcf011dce33164aea66f95934fa966286bcdc399e592508141b7f0adc
Navigate CMS Unauthenticated Remote Code Execution
Posted Oct 5, 2018
Authored by Pyriphlegethon | Site metasploit.com

This Metasploit module exploits insufficient sanitization in the database::protect method, of Navigate CMS versions 2.8 and prior, to bypass authentication. The module then uses a path traversal vulnerability in navigate_upload.php that allows authenticated users to upload PHP files to arbitrary locations. Together these vulnerabilities allow an unauthenticated attacker to execute arbitrary PHP code remotely. This Metasploit module was tested against Navigate CMS 2.8.

tags | exploit, arbitrary, php, vulnerability
advisories | CVE-2018-17552, CVE-2018-17553
SHA-256 | 22f02998938d92be75a2c237be95f9c8c05395976f93aa44cc1307be7bab509b
Netis ADSL Router DL4322D RTK 2.1.1 Cross Site Request Forgery
Posted Oct 5, 2018
Authored by Cakes

Netis ADSL Router DL4322D RTK 2.1.1 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | 2afed676f48b1723ef3a3bc8f517ae5e57680d7512a2ce2adc3e5fdc4dc80742
Windows Net-NTLMv2 Reflection DCOM/RPC
Posted Oct 5, 2018
Authored by Mumbai, breenmachine, FoxGloveSec | Site metasploit.com

This Metasploit module utilizes the Net-NTLMv2 reflection between DCOM/RPC to achieve a SYSTEM handle for elevation of privilege. Currently the module does not spawn as SYSTEM, however once achieving a shell, one can easily use incognito to impersonate the token.

tags | exploit, shell
advisories | CVE-2016-3225
SHA-256 | 10aca5238c09e9bf6cc039620feb2267cc144082ac9a5d8868637ad860f00b93
Linux Kernel PTR Leak Via BPF
Posted Oct 5, 2018
Authored by Jann Horn, Google Security Research

The Linux kernel suffers from a ptr leak via BPF due to a broken subtraction check.

tags | exploit, kernel
systems | linux
SHA-256 | d4223122e1ab1a77d32acc8af4e3ea5de0baa00f18f85d466df55a31d545bf23
WordPress Penetration Testing Using WPScan And Metasploit
Posted Oct 5, 2018
Authored by Behrouz Mansoori

Whitepaper called WordPress Penetration Testing Using WPScan and Metasploit. Written in English.

tags | paper
SHA-256 | 40d6ad648ac7360b313cbb38733b52a8bf9a680e252b22d792e7b8db54f89a9d
Chamilo LMS 1.11.8 Cross Site Scripting
Posted Oct 5, 2018
Authored by Cakes

Chamilo LMS version 1.11.8 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 145fae68ce6b0f21f4470e872a1562c21b4c0a371856b527f88314d9a984fd26
Chrome OS /sbin/crash_reporter Symlink Traversal
Posted Oct 5, 2018
Authored by Jann Horn, Google Security Research

Chrome OS suffers from a /sbin/crash_reporter symlink traversal vulnerability.

tags | exploit
SHA-256 | 41e32bd294ce06037cae654ccff52add6f9d2e7cd27c6acfc1cf1da49939a2e6
Easy File Sharing Web Server 7.2 Domain Name Buffer Overflow
Posted Oct 5, 2018
Authored by ZwX

Easy File Sharing Web Server version 7.2 suffers from a domain name buffer overflow vulnerability.

tags | exploit, web, overflow
SHA-256 | 990167b6d68856ee0ab3783f765cfe65eb415de259a4a2920ad90c83a33921b8
WordPress Security
Posted Oct 5, 2018
Authored by Behrouz Mansoori

This is a whitepaper that provides an overview on WordPress Security. Written in Persian.

tags | paper
SHA-256 | d22218ad1594c053cb1ee1157adae795a1d60e443169f78cd2050fa557349319
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close