Twenty Year Anniversary
Showing 1 - 25 of 57 RSS Feed


Samsung Security Manager 1.5 ActiveMQ Broker Service PUT Method Remote Code Execution
Posted Aug 6, 2016
Authored by mr_me | Site

This is an exploit against Samsung Security Manager that bypasses the patch in CVE-2015-3435 by exploiting the vulnerability against the client side. This exploit has been tested successfully against IE, FireFox and Chrome by abusing a GET request XSS to bypass CORS and reach the vulnerable PUT. Finally, a traversal is used in the PUT request to upload the code just where we want it and gain Remote Code Execution as SYSTEM.

tags | exploit, remote, code execution
advisories | CVE-2015-3435
MD5 | 12c0fc1de9392964d1fb7e3d45109b2d

Related Files

Samsung Web Viewer For Samsung DVR Cross Site Scripting
Posted Jun 13, 2018
Authored by Yavuz Atlas

Samsung Web Viewer for Samsung DVR suffers from a cross site scripting vulnerability.

tags | exploit, web, xss
advisories | CVE-2018-11689
MD5 | 4c1965dce41d570dded8761c42edd7e7
Samsung SRN-1670D Web Viewer Arbitrary File Read / Upload
Posted Jan 11, 2018
Authored by Omar Mezrag, Algeria, Realistic Security | Site

This Metasploit module exploits an unrestricted file upload vulnerability in Web Viewer on Samsung SRN-1670D devices. The network_ssl_upload.php file allows remote authenticated attackers to upload and execute arbitrary PHP code via a filename with a .php extension, which is then accessed via a direct request to the file in the upload/ directory. To authenticate for this attack, one can obtain web-interface credentials in cleartext by leveraging the existing local file read vulnerability referenced by CVE-2015-8279, which allows remote attackers to read the web interface credentials by sending a request to: cslog_export.php?path=/root/php_modules/lighttpd/sbin/userpw URI.

tags | exploit, remote, web, arbitrary, local, root, php, file upload
advisories | CVE-2015-8279, CVE-2017-16524
MD5 | a040c104d632cd4ba7549225102c8f38
Samsung Internet Browser SOP Bypass / UXSS
Posted Dec 25, 2017
Authored by James Lee

Samsung Internet Browser version allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via crafted JavaScript code.

tags | exploit, remote, javascript, xss, bypass
advisories | CVE-2017-17859
MD5 | b1ce454efa3a1fa02567e32b162d80b7
Samsung Internet Browser SOP Bypass
Posted Dec 20, 2017
Authored by Tod Beardsley, Jeffrey Martin, Mishra Dhiraj

This Metasploit module takes advantage of a Same-Origin Policy (SOP) bypass vulnerability in the Samsung Internet Browser, a popular mobile browser shipping with Samsung Android devices. By default, it initiates a redirect to a child tab, and rewrites the innerHTML to gather credentials via a fake pop-up.

tags | exploit, bypass
advisories | CVE-2017-17692
MD5 | 91bfa1cba09b3c4c4fa53ef3b84ecd59
Samsung Devices KNOX Extensions OTP TrustZone Trustlet Stack Buffer Overflow
Posted Dec 14, 2016
Authored by Google Security Research

As a part of the KNOX extensions available on Samsung devices, Samsung provides a TrustZone trustlet which allows the generation of OTP tokens. The tokens themselves are generated in a TrustZone application within the TEE (UID: fffffffff0000000000000000000001e), which can be communicated with using the "OTP" service, published by "otp_server". Many of the internal commands supported by the trustlet must either unwrap or wrap a token. They do so by calling the functions "otp_unwrap" and "otp_wrap", correspondingly. Both functions copy the internal token data to a local stack based buffer before attempting to wrap or unwrap it. However, this copy operation is performed using a length field supplied in the user's buffer (the length field's offset changes according to the calling code-path), which is not validated at all. This means an attacker can supply a length field larger than the stack based buffer, causing the user-controlled token data to overflow the stack buffer. There is no stack cookie mitigation in MobiCore trustlets. On the device I'm working on (SM-G925V), the "OTP" service can be accessed from any user, including from the SELinux context "untrusted_app". Successfully exploiting this vulnerability should allow a user to elevate privileges to the TrustZone TEE.

tags | exploit, overflow, local
MD5 | 7ca93e4b9e68b1ccea14faa98806c21a
Samsung Repair Information Disclosure
Posted Sep 11, 2016
Authored by Justa Person

Samsung's repair system has ignored a researcher's plea to fix a flaw that allows attackers to brute force customer information.

tags | exploit, cracker
MD5 | 67b21d624c252c1ff6a2e56d91e52109
Posted Aug 18, 2016

This is an exploit with an unclear attack vector for TOPSEC firewalls running TOS operating system versions,, and Note that this exploit is part of the recent public disclosure from the "Shadow Brokers" who claim to have compromised data from a team known as the "Equation Group", however, there is no author data available in this content. This archive also includes the BLATSTING implant that works in conjunction with this exploit.

tags | exploit
MD5 | 61c5f0a8dd65f04dbfafef2df36ae464
Samsung Smart Home Camera SNH-P-6410 Command Injection
Posted Aug 14, 2016
Authored by PenTest Partners | Site

Samsung Smart Home Camera SNH-P-6410 command injection exploit that sets a new root password.

tags | exploit, root
MD5 | 822fe27c75b9b79eb988623329ccd1de
Samsung Mobile Phone Telecom Denial Of Service
Posted Aug 4, 2016
Authored by 0xr0ot

Vulnerabilities in the SpamCall Activity components of the Samsung Telecom application can crash and reboot a device when a malformed serializable object is passed.

tags | advisory, denial of service, vulnerability
advisories | CVE-2016-6526, CVE-2016-6527
MD5 | 2d8e130dda2656e82b1e1f90ea793f43
Samsung SoftAP Weak Password
Posted Dec 18, 2015
Authored by Augusto Pereyra

Samsung's SoftAP WPA2-PSK password generation is weak and can be cracked in a few hours.

tags | advisory
advisories | CVE-2015-5729
MD5 | 8e6e1e6a07c89099c66cad01237c00ea
Samsung SyncThruWeb SMB Hash Disclosure
Posted Aug 31, 2015
Authored by Shad Malloy

Samsung SyncThruWeb suffers from an SMB hash disclosure vulnerability.

tags | exploit, info disclosure
MD5 | 2d978299a5089b10ca9d82ef7509bb1f
Samsung iPOLiS 1.12.2 ReadConfigValue Remote Code Execution
Posted Apr 15, 2015
Authored by Praveen Darshanam

Samsung iPOLiS version 1.12.2 ReadConfigValue heap spray remote code execution exploit.

tags | exploit, remote, code execution
advisories | CVE-2015-0555
MD5 | d1745be0d8ab3b5a910fe857592dd07f
Samsung iPolis Buffer Overflow
Posted Feb 21, 2015
Authored by Praveen Darshanam

Samsung iPolis suffers from a buffer overflow vulnerability in XnsSdkDeviceIpInstaller.ocx.

tags | exploit, overflow
advisories | CVE-2015-0555
MD5 | 93a69c03a007dca4e9b37490c79737b5
Samsung SmartViewer BackupToAvi 3.0 Remote Code Execution
Posted Jan 19, 2015
Authored by Praveen Darshanam

Samsung SmartViewer BackupToAvi 3.0 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2014-9265
MD5 | 4bdaec6e5163e772f168ca0c7adfcf3c
Samsung Galaxy KNOX Android Browser Remote Code Execution
Posted Nov 18, 2014
Authored by joev, Andre Moulu | Site

This Metasploit module exploits a vulnerability that exists in the KNOX security component of the Samsung Galaxy firmware that allows a remote webpage to install an APK with arbitrary permissions by abusing the 'smdm://' protocol handler registered by the KNOX component. The vulnerability has been confirmed in the Samsung Galaxy S4, S5, Note 3, and Ace 4.

tags | exploit, remote, arbitrary, protocol
MD5 | 9f057a9c3dab36565bdf001f5df0f7d1 Open Redirect
Posted Oct 12, 2014
Authored by Claudio Viviani suffers from an open redirect vulnerability.

tags | exploit
MD5 | 80ca5c9cef80047ad7f6bf454bfe7f6d
Samsung Cross Site Scripting
Posted Jun 11, 2014
Authored by Robert Garcia suffered from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | e405ac0e6eb1da1f988a026c6a5827d1
Prestige Software CMS Local File Disclosure
Posted Sep 5, 2013
Authored by bie gabby

This is an exploit that leverages a local file disclosure vulnerability in systems running Prestige Software CMS in order to gain database information and credentials.

tags | exploit, local, info disclosure
MD5 | a65627350ffa3a9fb20df0cde552a8e5
Samsung DVR Authentication Bypass
Posted Aug 20, 2013
Authored by Andrea Fabrizi

Samsung DVRs put usernames and passwords base64 encoded into cookies. They also fail to validate the cookies in many places, so any values work, allowing for authentication bypass. A proof of concept exploit that lists all users and passwords is included.

tags | exploit, proof of concept, bypass
MD5 | 2b4dcb70387cbebcb1fc92c1e2470d57
Samsung TV Denial Of Service
Posted Jul 22, 2013
Authored by Malik Messelem

The DMCRUIS/0.1 web server on Samsung TVs suffers from a denial of service vulnerability.

tags | exploit, web, denial of service
advisories | CVE-2013-4890
MD5 | 255f52df7efa2179812c8d9457d0d0e0
Samsung Galaxy S3/S4 SMS Spoofing
Posted Jul 17, 2013
Authored by Z.X.

The Samsung Galaxy S3 and S4 phones come with a pre-loaded application that allows for spoofing and creation of arbitrary SMS content.

tags | advisory, arbitrary, spoof
advisories | CVE-2013-4764, CVE-2013-4763
MD5 | 4d798f1b865ddfda3b09cc7cdfb713b0
Samsung Series Cross Site Scripting
Posted Jun 13, 2013
Authored by Jonas Rapero Castillo

Samsung Series IP cameras suffer from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2013-3964
MD5 | 8c6846cf5a47240a8056d6729b42c4ca
Samsung Cross Site Scripting
Posted Jun 1, 2013
Authored by David Tapia suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | dc99e9d74c130b6f5f16c7217aa125dd
Samsung TV Denial Of Service
Posted Mar 6, 2013
Authored by AKAT-1, 22733db72ab3ed94b5f8a1ffcde850251fe6f466, c8e74ebd8392fda4788179f9a02bb49337638e7b

Samsung TVs suffer from a denial of service vulnerability.

tags | exploit, denial of service
MD5 | 17925dd5e2791b7c80a55dc6f6dbfca2
Samsung S3 Full Lock Screen Bypass
Posted Mar 5, 2013
Authored by Sean McMillan

The Samsung S3 suffers from a full locked screen bypass vulnerability that leverages the emergency call functionality.

tags | exploit, bypass
MD5 | 5a699bee9cb62494ef22f863d0bdedc6
Page 1 of 3

Want To Donate?

Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

July 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    1 Files
  • 2
    Jul 2nd
    26 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    11 Files
  • 5
    Jul 5th
    13 Files
  • 6
    Jul 6th
    4 Files
  • 7
    Jul 7th
    4 Files
  • 8
    Jul 8th
    1 Files
  • 9
    Jul 9th
    16 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    32 Files
  • 12
    Jul 12th
    22 Files
  • 13
    Jul 13th
    15 Files
  • 14
    Jul 14th
    1 Files
  • 15
    Jul 15th
    1 Files
  • 16
    Jul 16th
    21 Files
  • 17
    Jul 17th
    10 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2018 Packet Storm. All rights reserved.

Security Services
Hosting By