exploit the possibilities
Showing 1 - 25 of 463 RSS Feed

ASP Files

Telerik UI ASP.NET AJAX RadAsyncUpload Deserialization
Posted Oct 20, 2020
Authored by Spencer McIntyre, Oleksandr Mirosh, Markus Wulftange, Alvaro Munoz, Paul Taylor, Caleb Gross, straightblast | Site metasploit.com

This Metasploit module exploits the .NET deserialization vulnerability within the RadAsyncUpload (RAU) component of Telerik UI ASP.NET AJAX that is identified as CVE-2019-18935. In order to do so the module must upload a mixed mode .NET assembly DLL which is then loaded through the deserialization flaw. Uploading the file requires knowledge of the cryptographic keys used by RAU. The default values used by this module are related to CVE-2017-11317, which once patched randomizes these keys. It is also necessary to know the version of Telerik UI ASP.NET that is running. This version number is in the format YYYY.#(.###)? where YYYY is the year of the release (e.g. 2020.3.915).

tags | exploit, asp
advisories | CVE-2017-11317, CVE-2019-18935
SHA-256 | 2f6a8f760339d2c83d483651740d009b85c87d1a8e03ca388c1ef83409e65051
Red Hat Security Advisory 2020-3699-01
Posted Sep 8, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3699-01 - .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address security vulnerabilities are now available. The updated versions are .NET Core SDK 3.1.108 and .NET Core Runtime 3.1.8. Security Fixes: .NET Core: ASP.NET cookie prefix spoofing vulnerability. Issues addressed include a spoofing vulnerability.

tags | advisory, spoof, vulnerability, asp
systems | linux, redhat
advisories | CVE-2020-1045
SHA-256 | 7eeb6e7fa92674b30184bea1625342bc83c0ce98fc29e396e3ea53dc07658cc2
Red Hat Security Advisory 2020-3422-01
Posted Aug 11, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3422-01 - .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address security vulnerabilities are now available. The updated versions are .NET Core SDK 3.1.107 and .NET Core Runtime 3.1.7. Security Fixes: .NET Core: ASP.NET Core Resource Consumption Denial of Service. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, vulnerability, asp
systems | linux, redhat
advisories | CVE-2020-1597
SHA-256 | 63ff17b1af981e5982dd10ff67547e6ebfc5151221f3bd6a33f8e48ae1b0ba3e
Plesk / myLittleAdmin ViewState .NET Deserialization
Posted May 22, 2020
Authored by Spencer McIntyre, wvu | Site metasploit.com

This Metasploit module exploits a ViewState .NET deserialization vulnerability in web-based MS SQL Server management tool myLittleAdmin, for version 3.8 and likely older versions, due to hardcoded machineKey parameters in the web.config file for ASP.NET. Popular web hosting control panel Plesk offers myLittleAdmin as an optional component that is selected automatically during "full" installation. This exploit caters to the Plesk target, though it should work fine against a standalone myLittleAdmin setup. Successful exploitation results in code execution as the user running myLittleAdmin, which is IUSRPLESK_sqladmin for Plesk and described as the "SQL Admin MSSQL anonymous account". Tested on the latest Plesk Obsidian with optional myLittleAdmin 3.8.

tags | exploit, web, code execution, asp
advisories | CVE-2020-13166
SHA-256 | 4124c84ac15efa5a91216b271b351c4f85f28724a0347ca062414a3d04b8a3b5
Telerik UI Remote Code Execution
Posted Dec 18, 2019
Authored by Markus Wulftange, Paul Taylor, Bishop Fox | Site know.bishopfox.com

The Telerik UI for ASP.NET AJAX insecurely deserializes JSON objects in a manner that results in arbitrary remote code execution on the software's underlying host.

tags | exploit, remote, arbitrary, code execution, asp
advisories | CVE-2019-18935
SHA-256 | 4aab62684a4cdf73f2ac375b58ade0ea344753c8d22b1fdf5f8a4e944c3eee54
ZyXEL P-660HN-T1 V2 Missing Authentication / Password Disclosure
Posted May 31, 2019
Authored by Onur Onur

The ZyXEL P-660HN-T1 V2 rpWLANRedirect.asp page is missing authentication and discloses an administrator password.

tags | exploit, asp, bypass
advisories | CVE-2019-6725
SHA-256 | cd8bb7af8822a1c75ff1134d8c9adce8d94144c9aa905f9b2571d26b3cd740ee
LW-N605R Remote Code Execution
Posted Sep 10, 2018
Authored by Nassim Asrir

LW-N605R devices allow remote code execution via shell metacharacters in the HOST field of the ping feature at adm/systools.asp. Authentication is needed but the default password of admin for the admin account may be used in some cases.

tags | exploit, remote, shell, code execution, asp
advisories | CVE-2018-16752
SHA-256 | 405a54b7328103d274033ba1718a79ec36e34a387798e6c349e7e6c74465d240
ASP.NET jVideo Kit 1.0 SQL Injection
Posted May 24, 2018
Authored by Ozkan Mustafa Akkus

ASP.NET jVideo Kit version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection, asp
SHA-256 | eb792f18f1f53dbfb6b5c50d9878dc053d894293efeeb4b0f55522c1f6d55849
ASP.NET Core 5-RC1 HTTP Header Injection
Posted Dec 23, 2016
Authored by Reto Schadler

ASP.NET Core version 5.-RC1 suffers from an HTTP header injection vulnerability.

tags | exploit, web, asp
SHA-256 | 1d6c349a4c1cbeebdb441bb9d71d28155836dfc3262d25c0f5027232b302026b
ASP Gateway 1.0.0 Database Disclosure
Posted Oct 31, 2016
Authored by indoushka

ASP Gateway 1.0.0 suffers from a database disclosure vulnerability.

tags | exploit, asp, info disclosure
SHA-256 | 7117d0ed47e50d0cd2ca5bc4a1b4c5a29c59a1035262d55ef463a436105f5798
CodeWarrior 0.3
Posted Sep 13, 2016
Authored by coolervoid

CodeWarrior is a manual code and static analysis tool. It has many modules, one for each common language like PHP, ASP, Ruby, C/C++, Java and Javascript. Each module has rules in raw text with parameters like description, type, reference, relevance and match (regex to detect pattern). You can also create your own rules.

tags | tool, php, javascript, asp, ruby
systems | unix
SHA-256 | 82753c89cb961457842b407e2a28042ca4dfbd896b15eb1555371fa0f3628dce
AfterLogic WebMail Pro ASP.NET Account Takeover / XXE Injection
Posted May 24, 2016
Authored by Mehmet Ince, Halit Alptekin

AfterLogic WebMail Pro ASP.NET versions prior to 6.2.7 suffer from an administrator account takeover via an XXE injection vulnerability.

tags | exploit, asp, xxe
SHA-256 | 285a356df0342917c10949047f0e7a8de20316652b88f7502badf4e23df2d5c3
ASP Webshell For IIS 8
Posted May 12, 2016
Authored by Savio Bot

ASP webshell backdoor designed specifically for IIS 8.

tags | tool, rootkit, asp
systems | windows
SHA-256 | a44d9c6790e87fa2491d5b551491b6c414d55452959ef3a48cf31d639af39609
ASP Forums 2.1 Database Disclosure
Posted Feb 6, 2016
Authored by indoushka

ASP Forums version 2.1 suffers from a database disclosure vulnerability.

tags | exploit, asp, info disclosure
SHA-256 | 2a82cea0a7e0fc3cdf08bd773189c08f0aff6348e891a9283f84cac52de4e6d2
ASP Dynamika 2.5 Cross Site Scripting
Posted Dec 8, 2015
Authored by T3NZOG4N, Mojtaba MobhaM

ASP Dynamika version 2.5 suffers from a cross site scripting vulnerability.

tags | exploit, xss, asp
SHA-256 | 03ca5035c8a555789ffc39c66287fa1aa9631adb55c10abcd347b9d848a316c2
ASP Dynamika 2.5 File Upload / SQL Injection
Posted Dec 7, 2015
Authored by indoushka

ASP Dynamika version 2.5 suffers from arbitrary file upload and remote SQL injection vulnerabilities.

tags | exploit, remote, arbitrary, vulnerability, sql injection, asp, file upload
SHA-256 | 2e960dfa2b379ae040834e8b3cb8d71edacd24f9b079f13a5a901b91e0617293
Kaseya VSA uploader.aspx Arbitrary File Upload
Posted Oct 2, 2015
Authored by Pedro Ribeiro | Site metasploit.com

This Metasploit module exploits an arbitrary file upload vulnerability found in Kaseya VSA versions between 7 and 9.1. A malicious unauthenticated user can upload an ASP file to an arbitrary directory leading to arbitrary code execution with IUSR privileges. This Metasploit module has been tested with Kaseya v7.0.0.17, v8.0.0.10 and v9.0.0.3.

tags | exploit, arbitrary, code execution, asp, file upload
advisories | CVE-2015-6922
SHA-256 | a3160e35b949105dc779c6f1769beb11f955240e314addc241694dc44304af7d
Numara / BMC Track-It! FileStorageService Arbitrary File Upload
Posted Oct 21, 2014
Authored by Pedro Ribeiro | Site metasploit.com

This Metasploit module exploits an arbitrary file upload vulnerability in Numara / BMC Track-It! v8 to v11.X. The application exposes the FileStorageService .NET remoting service on port 9010 (9004 for version 8) which accepts unauthenticated uploads. This can be abused by a malicious user to upload a ASP or ASPX file to the web root leading to arbitrary code execution as NETWORK SERVICE or SYSTEM. This Metasploit module has been tested successfully on versions 11.3.0.355, 10.0.51.135, 10.0.50.107, 10.0.0.143, 9.0.30.248 and 8.0.2.51.

tags | exploit, web, arbitrary, root, code execution, asp, file upload
advisories | CVE-2014-4872
SHA-256 | 95061f597110575d12518dbaad93354d7acf1c2eabf6a59fdfcc9c6bc66fdd45
Telerik ASP.NET AJAX RadEditor Control 2014.1.403.35 XSS
Posted Sep 25, 2014
Authored by G. S. McNamara, Tyler Hoyle

Telerik ASP.NET AJAX RadEditor Control versions 2014.1.403.35 and 2009.3.1208.20 suffer from a persistent cross site scripting vulnerability.

tags | advisory, xss, asp
advisories | CVE-2014-4958
SHA-256 | c00ca1a36468d8069de3d09b942cd140f1aa6d4e521b6cead6b21e7289d8edea
Hacking ASP/ASPX Websites Manually
Posted Jun 30, 2014
Authored by Chetan Soni

This is a whitepaper that goes into detail on hacking ASP/ASPX websites manually.

tags | paper, asp
SHA-256 | e01e929f0159f35636b57ccb14d23133cee0871e331625923ed2e065e0033b49
Cogent DataHub Command Injection
Posted Jun 25, 2014
Authored by John Leitch, juan vazquez | Site metasploit.com

This Metasploit module exploits an injection vulnerability in Cogent DataHub prior to 7.3.5. The vulnerability exists in the GetPermissions.asp page, which makes insecure use of the datahub_command function with user controlled data, allowing execution of arbitrary datahub commands and scripts. This Metasploit module has been tested successfully with Cogent DataHub 7.3.4 on Windows 7 SP1.

tags | exploit, arbitrary, asp
systems | windows
advisories | CVE-2014-3789
SHA-256 | ea90ec1ce02362764c088f9a23d4e3e49eb058ef8047c0f1c9b916a1d71d04e3
DevExpress ASP.NET File Manager 13.2.8 Directory Traversal
Posted Jun 5, 2014
Site redteam-pentesting.de

DevExpress ASP.NET File Manager versions 10.2 through 13.2.8 suffer from a directory traversal vulnerability.

tags | exploit, asp
advisories | CVE-2014-2575
SHA-256 | 394a34f5bb9c0db271438b8c89cbdc148df7951f648d6063157e850611f77962
ASP-Nuke 2.0.7 Open Redirect
Posted Mar 28, 2014
Authored by Felipe Andrian Peixoto

ASP-Nuke version 2.0.7 suffers from an open redirect vulnerability.

tags | exploit, asp
SHA-256 | 902da011bf746423d5b241e17da52bd86559dbc0d84acce478a7761e2d717453
Kaseya uploadImage Arbitrary File Upload
Posted Dec 4, 2013
Authored by Thomas Hibbert | Site metasploit.com

This Metasploit module exploits an arbitrary file upload vulnerability found in Kaseya versions below 6.3.0.2. A malicious user can upload an ASP file to an arbitrary directory without previous authentication, leading to arbitrary code execution with IUSR privileges.

tags | exploit, arbitrary, code execution, asp, file upload
advisories | OSVDB-99984
SHA-256 | 3e11070aa3e56e32d0904d26cac7cacb888f2199f24e9d97a3ad562caf0a7096
FCKEditor 2.6.8 ASP File Upload Protection Bypass
Posted Nov 28, 2012
Authored by Soroush Dalili

FCKEditor version 2.6.8 ASP version suffers from a file upload protection bypass.

tags | advisory, asp, bypass, file upload
SHA-256 | 139ccad597b02f049b3b2b0129bd2dd23c86df34ebff98c04ada72b76409a1d8
Page 1 of 19
Back12345Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    6 Files
  • 24
    May 24th
    19 Files
  • 25
    May 25th
    5 Files
  • 26
    May 26th
    12 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close