exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 17 of 17 RSS Feed

Files

Facebook Graph Phone Number Metadata Crosswalk Mapping Proof Of Concept
Posted Apr 17, 2018
Authored by Todor Donev

This script is a proof of concept that lets you map out data from the Facebook Graph using a phone number.

tags | exploit, proof of concept
SHA-256 | dee0dd5e6e056998a2f2e19732be34aae4a8bfd5691955295e17c6ad65f6cf52

Related Files

ManageEngine ADAudit Plus Remote Code Execution
Posted May 9, 2023
Authored by Erik Wynter, Moon | Site metasploit.com

This Metasploit module exploits security issues in ManageEngine ADAudit Plus versions prior to 7006 that allow authenticated users to execute arbitrary code by creating a custom alert profile and leveraging its custom alert script component. The module first runs a few checks to test the provided credentials, retrieve the configured domain(s) and obtain the build number of the target ADAudit Plus server. If the credentials are valid and the target is vulnerable, the module creates an alert profile that will be triggered for any failed login attempt to the configured domain. For versions prior to build 7004, the payload is directly inserted in the custom alert script component of the alert profile. For versions 7004 and 7005, the module leverages an arbitrary file write vulnerability (CVE-2021-42847) to create a Powershell script in the alert_scripts directory that contains the payload. The name of this script is then provided as the value for the custom alert script component of the alert profile. This module requires valid credentials for an account with the privileges to create alert scripts. It has been successfully tested against ManageEngine ADAudit Plus builds 7003 and 7005 running on Windows Server 2012 R2. Successful exploitation will result in remote code execution as the user running ManageEngine ADAudit Plus, which will typically be the local administrator.

tags | exploit, remote, arbitrary, local, code execution
systems | windows
advisories | CVE-2021-42847
SHA-256 | c657579ebd79808c3357c4b5e393fc900557895dc6dcc36170079d336c637eba
Bash / Netcat Reverse Shells
Posted Jul 4, 2022
Authored by Raed Ahsan

This script is a great tool for pentesters needing to create reverse shells using either bash or netcat.

tags | tool, shell, rootkit, bash
systems | unix
SHA-256 | 6fa1de2937ad42cc30d32f1a0d8144e64791a2c154a8baa4dad7d30634eb9f38
OpenSSL Security Advisory 20220503
Posted May 3, 2022
Site openssl.org

OpenSSL Security Advisory 20220503 - The c_rehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Other issues were also addressed.

tags | advisory, arbitrary, shell
advisories | CVE-2022-1292, CVE-2022-1343, CVE-2022-1434, CVE-2022-1473
SHA-256 | da0a32c3df546638b4876fba11798d7c64bce5b0a32daab04ad8becaec7a0d51
Microsoft Windows UAC Protection Bypass
Posted Jun 17, 2019
Authored by gushmazuko

This script is a proof of concept to bypass the Microsoft Windows User Access Control (UAC) via SluiFileHandlerHijackLPE.

tags | exploit, proof of concept, bypass
systems | windows
SHA-256 | efb5f415da1f4ff8220fecb3902a9074d9f559bfe81332a3991c71dc7246dc7f
Facebook Graph Metadata Crosswalk Mapping Proof Of Concept
Posted Apr 17, 2018
Authored by Todor Donev

This script is a proof of concept that lets you map out data from the Facebook Graph.

tags | exploit, proof of concept
SHA-256 | 448f27a20984783f71a3aeb58c87bc3e31b1156590bcef96809725d7ed3f9f64
Linux/x64 Assembly Shellcode Generator
Posted Apr 11, 2018
Authored by Andre Lima

This script is a Linux/x64 assembly shellcode generator.

tags | tool, shellcode
systems | linux
SHA-256 | ac2e35df266d3226689af810d68afa1e0e2623b208b2fee01567f8756bb06b23
POLLSolved 1.5.2 SQL Injection / Authentication Bypass
Posted Nov 13, 2015
Authored by Persian Hack Team

POLLSolved version 1.5.2 suffers from a remote SQL injection vulnerability that allows for authentication bypass. Support for this script is deprecated.

tags | exploit, remote, sql injection
SHA-256 | 8d37108dc1944aac38df5b9bf07bc559d1b8b588512f97bfada3e2f3fe0ca082
RedHat Checklist Script
Posted Aug 27, 2014
Authored by Marcos M Garcia

This script is designed to perform a security evaluation against industry best practices, over RedHat and RedHat based systems, to detect configuration deviations. It was developed due to the need to ensure that the servers within the author's workplace would comply with specific policies. As this tool was designed specifically for this purpose, "lynis" was not used for the task.

tags | tool
systems | linux, redhat
SHA-256 | 32e6a9c01f7cf352857b0a5a607d304b8c100b32f0166340a6a68c41595b9e97
SMTP Verification Tool
Posted Mar 7, 2011
Authored by Confirm

This script is a simple SMTP verification tool to send mail.

tags | tool
systems | unix
SHA-256 | 29691ca8cb6bda754e176a18b8693468f6a9dbe573a2dd8fc9e839a5211262d0
Mandriva Linux Security Advisory 2009-016
Posted Jan 16, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-016 - Ian Jackson found a security issue in the QEMU block device drivers backend that could allow a guest operating system to issue a block device request and read or write arbitrary memory locations, which could then lead to privilege escalation. It was found that Xen allowed unprivileged DomU domains to overwrite xenstore values which should only be changeable by the privileged Dom0 domain. An attacker able to control a DomU domain could possibly use this flaw to kill arbitrary processes in Dom0 or trick a Dom0 user into accessing the text console of a different domain running on the same host. This update makes certain parts of xenstore tree read-only to unprivileged DomU domains. A vulnerability in the qemu-dm.debug script was found in how it created a temporary file in /tmp. A local attacker in Dom0 could potentially use this flaw to overwrite arbitrary files via a symlink attack. Since this script is not used in production, it has been removed from this update package. The updated packages have been patched to prevent these issues.

tags | advisory, arbitrary, local
systems | linux, mandriva
advisories | CVE-2008-0928, CVE-2008-4405, CVE-2008-4993
SHA-256 | bf0f92b3794ad63079798172dc4b4074c87c0b0c4c4de75dc91b2b558aa648ce
XSS-Proxy_0_0_11.pl
Posted Feb 18, 2005
Authored by Anton Rager

This script is an XSS attack controller which allows an attacker to force a victim to read pages off a XSS vulnerable server and relay contents back to this controller. This process also provides client with new script commands.

tags | exploit
SHA-256 | 0b27ece0f83b8dea923f98d2bfd7fbb0b2ab348556d89d44948eac0530dfa175
consroot.exp
Posted Jun 21, 2003
Authored by Michael H.G. Schmidt

This script is used to automate escalation of normal user privileges to root making use of FORTH hacking on Sparc hardware.

tags | exploit, root
SHA-256 | 325fd7bf0f7765175435cfc0edb188bbfee72d6c1fa31b5dedf1ab31c371b473
qute.pl
Posted Sep 24, 2002
Authored by Arne Schwerdtfegger

Qute.pl is a perl script which exploits a buffer overflow in Qstat 2.5b. Since Qstat is not SUID by default this script is useless.

tags | exploit, overflow, perl
SHA-256 | e9f3bdc1f8a9d0bf7a7f036f80af23bc7c153c77c4f0d5f0a1ab127e999a6df2
qspl.c
Posted Sep 21, 2002
Authored by Oscar Linderholm

Qstat 2.5b local root exploit for Linux. Tested on Debian GNU/Linux (Woody). Since Qstat is not SUID by default this script is not useful for gaining more access to a linux system.

tags | exploit, local, root
systems | linux, debian
SHA-256 | 0d005a95b831a74d01a12035f653c2f4e07221122ab18b3bb24edc23fa876100
cgivti2.V2.pl
Posted Aug 30, 2002
Authored by Lawrence Lavigne | Site neoerudition.net

Cgivti2.V2.pl uses a webserver host list provided by the user to scan for cgi, vti, msadc and several other vulnerabilities. Like cgivti.V2.pl, this script is easily configured to include other vulnerabilities.

tags | cgi, vulnerability
systems | unix
SHA-256 | 8966b5fa7d151c0547e782abcc1f118f0e7298ccb898d0f31dd4ee49e5a02865
BWL-00-04.txt
Posted Dec 7, 2000
Authored by Black Watch Labs | Site perfectotech.com

Black Watch Labs Security Advisory #00-04 (April 6, 2000) - BizDB is a database and search engine software by Cnctek. Part of the installation is a CGI script, ?bizdb-search.cgi? which is used to search the bizdb database. This script is vulnerable to modification of its paramater, in such way that causes it to run user provided shell commands on the server. Exploit URL's included. These issues have been resolved in newer versions of this software, make sure to upgrade!

tags | shell, cgi
SHA-256 | 24a4ed5c6abb15a3bce91a5494875ecada0d11f6a7bde42b93605a2e1bbe0bd7
cmctl_exp
Posted Sep 1, 2000
Authored by Kevin Wenchel

This script is an exploit that is an addendum to ID 170 in the Bugtraq database. ID 170 lists several Oracle setuid executables but does not offer any exploit information. This code exploits the cmctl command by violating its trust in the integrity of the ORACLE_HOME and ORA_HOME environment variables. When the command "cmctl start cmadmin" is executed, it looks under the ORACLE_HOME\bin directory and attempts to execute cmadmin. The ORACLE_HOME variable can be modified to create a change in the path of execution.

tags | exploit
SHA-256 | baabf3683d5e3e05e4139396752c7d9eb51dcf6e6f61509565b5d8a451188910
Page 1 of 1
Back1Next

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    28 Files
  • 16
    Jul 16th
    6 Files
  • 17
    Jul 17th
    34 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close