what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 74 RSS Feed

Files

LFI Image Helper 0.8
Posted Jan 9, 2015
Authored by Doddy Hackman

This is a simple script to infect images with PHP Backdoors for local file inclusion attacks.

tags | tool, local, php, rootkit, file inclusion
systems | unix
SHA-256 | 2417fa7ba59a45f47d8610a1495111a59f039bd586605208288ef92ac36d8906

Related Files

Lost and Found Information System 1.0 Cross Site Request Forgery
Posted Aug 20, 2024
Authored by indoushka

Lost and Found Information System version 1.0 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | 4ff737e4c7ddd6c4daea85392f2433bdcd4507e42cfaa25ab1c7f2177389e147
Lost And Found Information System 1.0 Cross Site Scripting
Posted Jun 13, 2024
Authored by Amit Roy

Lost and Found Information System version 1.0 suffers from a reflective cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2024-37859
SHA-256 | 075bae0f3073aeafd6f4cb516ed784fe8d11ba07aa216df25c0eb9c8235cf759
Lost And Found Information System 1.0 Cross Site Scripting
Posted Jun 13, 2024
Authored by Amit Roy

Lost and Found Information System version 1.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2024-37856
SHA-256 | df973d3074e051a08dcb9a9e07fa3df6582f74a0030c02786fb1aedfa590b1c4
Lost And Found Information System 1.0 Insecure Direct Object Reference
Posted Oct 12, 2023
Authored by Or4nG.M4N

Lost and Found Information System version 1.0 suffers from an insecure direct object reference vulnerability that allows for account takeover.

tags | exploit
advisories | CVE-2023-38965
SHA-256 | 37bf336b197bfc7b731eb17e7784ed7321a5aa6c943c3b7e16884d1780c1eca5
Lost And Found Information System 1.0 SQL Injection
Posted Jul 7, 2023
Authored by Amirhossein Bahramizadeh

Lost and Found Information System version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2023-33592
SHA-256 | 26d0f1deb4fda9d9af13364671a7e8c2b6885870a63d654ccb53313326691e2a
Drupal drupgeddon3 Remote Code Execution
Posted Apr 26, 2018
Authored by Blaklis

This is a simple proof of concept exploit for Drupal versions prior to 7.58 that demonstrate the drupalgeddon3 authenticated remote code execution vulnerability.

tags | exploit, remote, code execution, proof of concept
advisories | CVE-2018-7602
SHA-256 | 083d892c5eba86d29cd75e8b8e8af90103d767eb04a11f57033b9dd9088214a0
KeePass Simple Dictionary Password Enumerator
Posted Apr 4, 2018
Authored by Todor Donev

This is a simple perl script to perform dictionary attacks against the KeePass password manager.

tags | cracker, perl
SHA-256 | 6543608fbc7bd69c9aed01176048fc5dbb4c5cfcf6b3eb1751f46ee2b6e9c7cd
WordPress WooCommerce Direct Download Local File Inclusion
Posted Jan 17, 2017
Authored by Diego Celdran Morell

WordPress Direct Download for WooCommerce versions up to 1.15 suffer from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | c86f833ea2cb397491425f18175efc5680a0cebbd58bf33c3c099f1c010bedcf
Local File Inclusion (LFI) Testing Techniques
Posted Jan 6, 2017
Authored by Aptive | Site aptive.co.uk

The intent of this document is to help penetration testers and students identify and test LFI vulnerabilities on future penetration testing engagements by consolidating research for local file inclusion LFI penetration testing techniques. LFI vulnerabilities are typically discovered during web app penetration testing using the techniques contained within this document. Additionally, some of the techniques mentioned in this paper are also commonly used in CTF style competitions.

tags | paper, web, local, vulnerability, file inclusion
SHA-256 | 5e0f59932f1a0e50ca16efbe5fc14be1920860feb00a8731ba38a2383ae6c8bf
PHP Vulnerability Audit Cheatsheet
Posted Oct 6, 2016
Authored by dustyfresh

This is a simple set of things to grep for that will help identify potential vulnerabilities in PHP code.

tags | paper, php, vulnerability
SHA-256 | 8700fa18f507e86dc84f2e92e04b5abdb40ce92fcbade4663491cd4222cd6069
Win32 x86 Reverse Shell In Assembly
Posted Mar 7, 2016
Authored by Andrea Sindoni

This is a simple reverse shell written in assembly for remote command execution on win32.

tags | remote, shell, shellcode
systems | windows
SHA-256 | 896d5235c9827973cc96df4bfde3554d14494a09f77c947ad44f5ed8f639a7a6
Juli Man-In-The-Middle Script
Posted Feb 21, 2015
Authored by em616

This is a simple perl script for setting up man-in-the-middle attacks on Linux.

tags | tool, perl
systems | linux, unix
SHA-256 | d38e8956c0b99e7aff2b55fc10799e47aad7c2ed96fe26151631c149f50fbb5d
LFI Exploiter 1.1
Posted Dec 8, 2013
Authored by M.R.S.CO

This perl script leverages /proc/self/environ to attempt getting code execution out of a local file inclusion vulnerability.

Changes: Various updates.
tags | tool, local, perl, code execution, file inclusion
systems | unix
SHA-256 | 7ce9af081371d3aac6a99db29aef3d8887c46d12ee280d8061b70faa5799c0f2
D-Link Backdoor Czechr
Posted Oct 30, 2013
Authored by dustyfresh

This is a simple PHP script that checks to see if your D-Link device is vulnerable to the User-Agent backdoor.

tags | exploit, php
SHA-256 | b0f9b07e55de0f72f7056f20fafc5118ca5dbd0af300d0146663b52ab3d742d7
Web Shell Backdoor 1.1
Posted Jul 4, 2013
Authored by M.R.S.CO

This is a simple PHP web shell backdoor.

tags | tool, web, shell, php, rootkit
systems | unix
SHA-256 | aaad39e328e8da519232f1d7feb60cfd3c991f2aa486739cdba8df7d746a8994
Simple PHP Backdoor
Posted Jun 25, 2013
Authored by infodox

This is a simple PHP backdoor using HTTP headers to inject the code as opposed to a GET or POST variable. Uses the fictional "Code: " header as an example, for learning purposes. This is not production code.

tags | tool, web, php, rootkit
systems | unix
SHA-256 | 397d3f851a08bef7d13138eedf2b87ab8e732b35f14514f58a2162c103188aab
SVN Extractor
Posted Apr 10, 2013
Authored by Anant Shrivastava | Site anantshri.info

This is a simple python tool written to extract all web resources by leveraging an exposed .SVN folder.

tags | tool, web, scanner, python
systems | unix
SHA-256 | 2675f79a415d1f1f96f60a6a337e25c1fb941c47573e612e32d8468062080155
Common Name Grabber Script
Posted Mar 4, 2013
Authored by nitr0us

This is a simple perl script that will scan a given IP range and extract the Common Name from all SSL certificates. It is useful for discovery during penetration tests.

tags | tool, perl
systems | unix
SHA-256 | 8bee3b0c0b06ba802a3816adb1b076af310701d747f2d5b5a2c0056512339dd9
Web Exploitation Engine 0.1
Posted Feb 12, 2013
Authored by infodox, LaNMaSteR53

This is a simple utility for exploiting command injection vulnerabilities in web applications. Supports POST and GET requests. Can deliver an "inline shell" or a (python) reverse shell.

tags | tool, web, shell, vulnerability, rootkit, python
systems | unix
SHA-256 | 2c82dcde1a7835fac49946c2d7c022271f0105c0e8c280133632994e909508cd
Control Panel Finder Script
Posted Dec 14, 2012
Authored by Amir Masoud

This is a simple script that looks for administrative web interfaces.

tags | tool, web, scanner
systems | unix
SHA-256 | 8b38d74ef497e3a86e7bc96c10d42b6295ff2d4263d94398896acce9df4f3109
LFI Exploiter
Posted Sep 26, 2012
Authored by M.R.S.CO

This perl script leverages /proc/self/environ to attempt getting code execution out of a local file inclusion vulnerability.

tags | tool, local, perl, code execution, file inclusion
systems | unix
SHA-256 | bd77eecfb380be0b2302b89fd25fafe9ee987dadd671f7e40d057f74b0ce0ade
DNS Denial Of Service Tool
Posted Jul 19, 2012

This is a simple snippet of c code that can be used for creating a denial of service condition against a DNS server.

tags | denial of service
SHA-256 | 23d955165e262da83e17e578062db6045a5487a02f461e22bbd4b3d9d5a162af
MD5 MySQL Brute Forcer
Posted May 10, 2012
Authored by baltazar

This is a simple python script for cracking MySQL MD5 passwords.

tags | cracker, python
SHA-256 | 2eabc6d50aa0308a12f9f621132d81ab8133f46b0854377425c4d9b0bac9f450
WordPress Bruteforce Script
Posted Apr 29, 2012
Authored by CorryL

This is a simple bash script for bruteforcing WordPress.

tags | cracker, bash
SHA-256 | a04595fb1fae7483302800dc402320dae1656bd040d010c93927bb2d7e92208a
rdpScan Network Checker
Posted Mar 18, 2012
Authored by silverstoneblue

This is a simple script that leverages nmap to scan for RDP-Server.

tags | tool, scanner
systems | unix
SHA-256 | 396f47878b4ab500666868acb58cf5871826fd5090559209cb91564b55b243e6
Page 1 of 3
Back123Next

File Archive:

September 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    261 Files
  • 2
    Sep 2nd
    17 Files
  • 3
    Sep 3rd
    38 Files
  • 4
    Sep 4th
    52 Files
  • 5
    Sep 5th
    23 Files
  • 6
    Sep 6th
    27 Files
  • 7
    Sep 7th
    0 Files
  • 8
    Sep 8th
    1 Files
  • 9
    Sep 9th
    16 Files
  • 10
    Sep 10th
    0 Files
  • 11
    Sep 11th
    0 Files
  • 12
    Sep 12th
    0 Files
  • 13
    Sep 13th
    0 Files
  • 14
    Sep 14th
    0 Files
  • 15
    Sep 15th
    0 Files
  • 16
    Sep 16th
    0 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close