what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 100 RSS Feed


Hi5 Brute Forcer
Posted Jun 4, 2009
Authored by P47r1ck | Site darkc0de.com

Hi5 brute forcing utility that takes in a wordlist and is written in Python.

tags | cracker, python
SHA-256 | 20cf2a5a5f41c4cfd2d4f019909b942f71a216d787588a10944ce5e0148869dd

Related Files

HighPlus CMS 0.1.3 SQL Injection
Posted Aug 28, 2023
Authored by indoushka

HighPlus CMS version 0.1.3 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
SHA-256 | 21f3115d6b30c6de27bf0cda169c8fde2d8ba43cd38c42a2bb49d011ce63689a
HiSecOS 04.0.01 Privilege Escalation
Posted Jun 22, 2023
Authored by dreizehnutters

HiSecOS versions 04.0.01 and below suffer from a privilege escalation vulnerability.

tags | exploit
SHA-256 | 44a11ca3e085a2a356b031e37cf0bc0280e9989d691be10c595409e1c5e8faf7
Hikvision Remote Code Execution / XSS / SQL Injection
Posted Jan 31, 2023
Authored by Thurein Soe

Some Hikvision Hybrid SAN products were vulnerable to multiple remote code execution (command injection) vulnerabilities, including reflected cross site scripting, Ruby code injection, classic and blind SQL injection resulting in remote code execution that allows an adversary to execute arbitrary operating system commands and more. However, an adversary must be on the same network to leverage this vulnerability to execute arbitrary commands.

tags | advisory, remote, arbitrary, vulnerability, code execution, xss, sql injection, ruby
advisories | CVE-2022-28171, CVE-2022-28172
SHA-256 | 9ef9e4e937841d3becdae9ba498b3199c7ac7dfcaea39831e8e5a468cd2d8f10
Hirschmann (Belden) BAT-C2 Command Injection
Posted Nov 30, 2022
Authored by T. Weber | Site cyberdanube.com

Hirschmann (Belden) BAT-C2 version suffers from a remote authenticated command injection vulnerability.

tags | exploit, remote
advisories | CVE-2022-40282
SHA-256 | 902fa02d042cb42bf90b944d2600703447b836b6f9b4d286e2b0bca32793a471
Hospital Information System 1.0 SQL Injection
Posted Jul 26, 2022
Authored by saitamang

Hospital Information System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
SHA-256 | fe66c661132cc964be237a78b59c37dd33812105a69f943e40034432ba9e37b1
HighCMS/HighPortal 12.x SQL Injection
Posted May 16, 2022
Authored by E1.Coders

HighCMS/HighPortal version 12.x appears to suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 11e531f865e4da1f04161aa0a4cb5e11bbe807e029d3818481e6c9fa1d18a1e6
Hikvision IP Camera Backdoor
Posted Mar 16, 2022
Authored by Sobhan Mahmoodi

Hikvision IP Camera has a backdoor where a magic string allows instant access regardless of authentication.

tags | exploit
SHA-256 | 5f6dfb93637a2bf560169ca8d350af523d2b8bf97671349af8d90046510d15a5
Hikvision IP Camera Unauthenticated Command Injection
Posted Feb 28, 2022
Authored by bashis, jbaines-r7, Watchful_IP | Site metasploit.com

This Metasploit module exploits an unauthenticated command injection in a variety of Hikvision IP cameras (CVE-2021-36260). The module inserts a command into an XML payload used with an HTTP PUT request sent to the /SDK/webLanguage endpoint, resulting in command execution as the root user. This module specifically attempts to exploit the blind variant of the attack. The module was successfully tested against an HWI-B120-D/W using firmware V5.5.101 build 200408. It was also tested against an unaffected DS-2CD2142FWD-I using firmware V5.5.0 build 170725. Please see the Hikvision advisory for a full list of affected products.

tags | exploit, web, root
advisories | CVE-2021-36260
SHA-256 | 7bd3dd72f17285cba701691f5d8795c84e79f211db3e6ea8a840141f658935a5
Hikvision Web Server Build 210702 Command Injection
Posted Oct 25, 2021
Authored by bashis

Hikvision Web Server Build 210702 suffers from a command injection vulnerability.

tags | exploit, web
advisories | CVE-2021-36260
SHA-256 | 6f3b4e5a9c425280adc8f7457f3b39a4875de53beec44c5e9cbfa151788ff314
Hi-Rez Studios Unquoted Service Path
Posted Mar 23, 2021
Authored by Ekrem Can Kok

Hi-Rez Studios version suffers from an unquoted service path vulnerability.

tags | exploit
SHA-256 | de7c9809806942e28452d915a3d476ac59b3bc5a2c3b9401c1b037a98d6d2218
HiSilicon Video Encoder Backdoor Password
Posted Oct 19, 2020
Authored by Alexei Kojenov

HiSilicon Video Encoder allows for full administrative access via a backdoor password. Versions affected are vendor specific.

tags | exploit
advisories | CVE-2020-24215
SHA-256 | dad3b25e442de546e872a7c92c276c593c79415ddcc20135aeba9dd94bdd1c02
HiSilicon Video Encoder Command Injection
Posted Oct 19, 2020
Authored by Alexei Kojenov

HiSilicon Video Encoder suffers from a remote command injection vulnerability. Versions affected are vendor specific.

tags | exploit, remote
advisories | CVE-2020-24217
SHA-256 | aafacb19bd515d145364bc7d88da7249a61ab2490442a5ff54b6a6e8292dab6d
HiSilicon DVR/NVR hi3520d Firmware Backdoor Account
Posted Feb 5, 2020
Authored by Snawoot

HiSilicon DVR/NVR with hi3520d firmware suffers from having a remote backdoor account vulnerability.

tags | exploit, remote
SHA-256 | fb9c5743e89b20410d85556efda5278324665de203fa6f5a86bdf0bf1d11edd2
Hisilicon Hi3518 HD Camera Remote Configuration Disclosure
Posted Oct 3, 2019
Authored by Todor Donev

Hisilicon Hi3518 HD camera remote configuration disclosure exploit.

tags | exploit, remote
SHA-256 | d8bd68d08d946df40f1b009e653a325e057d986782a9ab30f2c776b69da79d00
HiddenWall Linux Firewall
Posted Jun 11, 2019
Authored by coolervoid

This is a tool that generates a Linux kernel module for custom rules with Netfilter hooking to block ports, run in hidden mode, perform rootkit functions, etc.

tags | tool, kernel, firewall
systems | linux, unix
SHA-256 | d0dc6f8136db21f01228d49ad0aaf1fb756fbd13cbc46d39483563c187f9fd7c
HID ActivID ActivClient Denial Of Service
Posted Oct 31, 2018
Authored by Harrison Neal

HID ActivID ActivClient version appears to include the JasPer library for parsing JPEG 2000 facial images that may be present on PIV cards. It suffers from multiple denial of service conditions.

tags | advisory, denial of service
advisories | CVE-2017-5499, CVE-2017-5500, CVE-2017-5502
SHA-256 | 47c4613810ea8b2e7bc632eee27806dd5a0491ef7e14a343a6f8613b2e8ece1a
HID ActivID ActivClient Heap Spray / Denial Of Service
Posted Oct 27, 2018
Authored by Harrison Neal

HID ActivID ActivClient version may not enforce upper bounds on the size of data received from a smart card, which can lead to attacks such as memory exhaustion, or serve as a heap spraying primitive for other attacks against the software, albeit slowly.

tags | exploit, denial of service
SHA-256 | 8f152ff2c4f8e62b07f2d5b2c106633d4aa5a263ab60b54c6da64427b460e860
HighPortal 12.5 Cross Site Scripting
Posted Oct 16, 2018
Authored by Ali Abdollahi

HighPortal version 12.5 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-17964
SHA-256 | dc3438488946e0c9472997dfce4da1dfe5cae5b34fbf0e8e172de192753810ae
HID discoveryd command_blink_on Unauthenticated Remote Command Execution
Posted Jul 7, 2018
Authored by Brendan Coles, coldfusion39, Ricky HeadlessZeke Lawshae | Site metasploit.com

This Metasploit module exploits an unauthenticated remote command execution vulnerability in the discoveryd service exposed by HID VertX and Edge door controllers. This Metasploit module was tested successfully on a HID Edge model EH400 with firmware version (Build 04/23/2012).

tags | exploit, remote
SHA-256 | 8275f8758f70a2b7dda2edcb091aa489d7febf1014d2edabac321e0b6df40de0
hik-connect.com / ezvizlife.com Authentication Bypass
Posted Apr 26, 2018
Authored by Vangelis Stykas, George Lavdanis

A lack of validation on cookie values allows you to login as any user on hik-connect.com and ezvizlife.com.

tags | exploit, bypass
SHA-256 | 640d9d5b8ed635a745527703397776a5bb9f02ecdcb9b198beddb96116636e81
Hikvision IP Camera 5.3.9 Access Control Bypass
Posted Mar 26, 2018
Authored by Matamorphosis

Hikvision IP Camera versions 5.2.0 through 5.3.9 (builds 140721 up until 170109) suffer from an access control bypass vulnerability.

tags | exploit, bypass
SHA-256 | 7af92b119967a688ba007849fccd93f43c5fcb2a0a609765db006f3999450a9f
Hipchat For Mac 4.x Remote Code Execution
Posted Nov 29, 2017
Authored by Matthew Hart

Hipchat for Mac desktop client versions prior to 4.30 suffer from a remote code execution vulnerability.

tags | advisory, remote, code execution
advisories | CVE-2017-14586
SHA-256 | 8d4ee003b008842df1a8bbe4503c53d309960157148ffac1215331883d3d8291
Hipchat Data Center / Hipchat Server Code Execution / SSRF
Posted Nov 29, 2017
Authored by Matthew Hart

Hipchat Data Center and Hipchat Server suffer from server-side request forgery and remote code execution vulnerabilities.

tags | advisory, remote, vulnerability, code execution
advisories | CVE-2017-14585
SHA-256 | 85ff28883c85d9d50aed28fb22e57f0ab765ebcb2f08baf9a4d008871ee54eb5
HikVision Wi-Fi IP Camera Wireless Access Point State
Posted Nov 28, 2017
Authored by IOT Sec

HikVision Wi-Fi IP cameras come with a default SSID "davinci", with a setting of no WiFi encryption or authentication. Depending on the firmware version, there is no configuration option within the camera to turn off Wi-Fi. If a camera is deployed via wired ethernet, then the WiFi settings won't be adjusted, and a rogue AP with the SSID "davinci" can be associated to the camera to provide a new attack vector via WiFi to a wired network camera. Tested on firmware versions 5.3.0, 5.4.0, and 5.4.5 and model number DS-2CD2432F-IW.

tags | exploit
advisories | CVE-2017-14953
SHA-256 | f5308846195618c1d90deb701b32687a1044057024da5ebb8faa201a03647d06
Hikvision IP Camera Access Bypass
Posted Sep 12, 2017
Authored by Monte Crypto

Hikvision IP Cameras suffers from multiple access bypass vulnerabilities.

tags | exploit, vulnerability, bypass
SHA-256 | cabfbe910089852487e71438083c32d73028cf30f8bde18c0de76568a7647b30
Page 1 of 4

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    30 Files
  • 16
    Apr 16th
    10 Files
  • 17
    Apr 17th
    22 Files
  • 18
    Apr 18th
    45 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2022 Packet Storm. All rights reserved.

Security Services
Hosting By