Showing 1 - 4 of 4

Operating System: Os:7

EasyCafe Server Remote File Access: Posted Sep 1, 2024; Authored by Brendan Coles, R-73eN | Site metasploit.com; This Metasploit module exploits a file retrieval vulnerability in EasyCafe Server. The vulnerability can be triggered by sending a specially crafted packet (opcode 0x43) to the 831/TCP port. This Metasploit module has been successfully tested on EasyCafe Server version 2.2.14 (Trial mode and Demo mode) on Windows XP SP3 and Windows 7 SP1. Note that the server will throw a popup messagebox if the specified file does not exist.; tags | exploit, tcp; systems | windows, xp, 7; SHA-256 | 33d40a2aa040357554a8308847a479cb0f61d14ed8afe5d9bd0a74c18bb67185; Download | Favorite | View

SurgeNews User Credentials: Posted Sep 1, 2024; Authored by Brendan Coles | Site metasploit.com; This Metasploit module exploits a vulnerability in the WebNews web interface of SurgeNews on TCP ports 9080 and 8119 which allows unauthenticated users to download arbitrary files from the software root directory; including the user database, configuration files and log files. This Metasploit module extracts the administrator username and password, and the usernames and passwords or password hashes for all users. This Metasploit module has been tested successfully on SurgeNews version 2.0a-13 on Windows 7 SP 1 and 2.0a-12 on Ubuntu Linux.; tags | exploit, web, arbitrary, root, tcp; systems | linux, windows, ubuntu, 7; SHA-256 | 73764b44f63d2549636f9a072cfc6159cd3fc1782b3972e02ed0b63dd113c7dc; Download | Favorite | View

Microsoft Windows 7 / Server 2008 R2 SMB Client Infinite Loop: Posted Aug 31, 2024; Authored by H D Moore, laurent gaffie | Site metasploit.com; This Metasploit module exploits a denial of service flaw in the Microsoft Windows SMB client on Windows 7 and Windows Server 2008 R2. To trigger this bug, run this module as a service and forces a vulnerable client to access the IP of this system as an SMB server. This can be accomplished by embedding a UNC path (\\HOST\share\something) into a web page if the target is using Internet Explorer, or a Word document otherwise.; tags | exploit, web, denial of service; systems | windows, 7; advisories | CVE-2010-0017; SHA-256 | 9beedad3e3c3103e0197e08fdbc451bf1f5445929f6c5022c987a0616228427c; Download | Favorite | View

Microsoft SRV2.SYS SMB Negotiate ProcessID Function Table Dereference: Posted Aug 31, 2024; Authored by H D Moore, laurent gaffie | Site metasploit.com; This Metasploit module exploits an out of bounds function table dereference in the SMB request validation code of the SRV2.SYS driver included with Windows Vista, Windows 7 release candidates (not RTM), and Windows 2008 Server prior to R2. Windows Vista without SP1 does not seem affected by this flaw.; tags | exploit; systems | windows, vista, 7; advisories | CVE-2009-3103; SHA-256 | eb306cad88b29720e7dac7d13bc441bdf247266d948c8cc0122be192d6f3a8f2; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days