what you don't know can hurt you
Showing 1 - 25 of 2,267 RSS Feed

Proof of Concept Files

JavaScriptCore Crash Proof Of Concept
Posted Aug 19, 2021
Authored by Ivan Fratric, Google Security Research

JavaScriptCore suffers from a crash condition due to an uninitialized register in slow_path_profile_catch. Proof of concept that affects Safari is included.

tags | exploit, proof of concept
advisories | CVE-2021-30797
MD5 | e71c83e4865ffd73fb78888a127c18ef
Firebase PHP-JWT Algorithm Confusion
Posted Aug 15, 2021
Site paragonie.com

Firebase's PHP-JWT suffers from an algorithm confusion issue. Proof of concept code included.

tags | exploit, php, proof of concept
MD5 | 4c84fb0fba2f42d4741760b2e2b2764c
Sequoia: A Deep Root In Linux's Filesystem Layer
Posted Jul 21, 2021
Authored by Qualys Security Advisory

Qualys discovered a size_t-to-int conversion vulnerability in the Linux kernel's filesystem layer: by creating, mounting, and deleting a deep directory structure whose total path length exceeds 1GB, an unprivileged local attacker can write the 10-byte string "//deleted" to an offset of exactly -2GB-10B below the beginning of a vmalloc()ated kernel buffer. They successfully exploited this uncontrolled out-of-bounds write, and obtained full root privileges on default installations of Ubuntu 20.04, Ubuntu 20.10, Ubuntu 21.04, Debian 11, and Fedora 34 Workstation; other Linux distributions are certainly vulnerable, and probably exploitable. A basic proof of concept (a crasher) is attached to this advisory.

tags | exploit, kernel, local, root, proof of concept
systems | linux, debian, fedora, ubuntu
advisories | CVE-2021-33909, CVE-2021-33910
MD5 | 2739ab8c7448e7ea41f28d5e97efa32a
Online Shopping Portal 3.1 SQL Injection
Posted Jul 21, 2021
Authored by faisalfs10x

Proof of concept code for a time-based blind remote SQL injection vulnerability in Online Shopping Portal version 3.1. This is a variant of the original discovery of SQL injection in this version by Umit Yalcin in July of 2020.

tags | exploit, remote, sql injection, proof of concept
MD5 | 4f65a9a04d5b6e35d86e2c743c2dc565
XNU Network Stack Kernel Heap Overflow
Posted Jul 14, 2021
Authored by Google Security Research, ianbeer

XNU suffers from a network stack kernel heap overflow due to an out-of-bounds memmove in 6lowpan. Proof of concept code included.

tags | exploit, overflow, kernel, proof of concept
advisories | CVE-2020-9967, CVE-2021-30736
MD5 | 9333b7751aa7686ac0ca4c62a49c3d4e
Windows TCP/IP Denial Of Service
Posted Jul 14, 2021
Authored by 0vercl0k | Site github.com

This is a proof of concept for a Windows TCP/IP denial of service vulnerability due to a NULL dereference in tcpip.sys. This was patched by Microsoft in February 2021. It is triggerable remotely by sending malicious UDP packet over IPv6.

tags | exploit, denial of service, udp, tcp, proof of concept
systems | windows
advisories | CVE-2021-24086
MD5 | 603e905801bb4f31bf554bafa86b2826
Realtek RTKVHD64.sys Out-Of-Bounds Access
Posted Jul 14, 2021
Authored by 0vercl0k | Site github.com

Proof of concept exploit for an out-of-bounds access vulnerability in the Realtek RTKVHD64.sys, leading to pool corruption.

tags | exploit, proof of concept
advisories | CVE-2021-32537
MD5 | 61c0be3a39d9a150ecd6ecc535ae3063
Microsoft Hyper-V vmswitch.sys Proof Of Concept
Posted Jul 14, 2021
Authored by 0vercl0k | Site github.com

This is a proof of concept for CVE-2021-28476 ("Hyper-V Remote Code Execution Vulnerability"), an arbitrary memory read in vmswitch.sys (network virtualization service provider) patched by Microsoft in May 2021.

tags | exploit, remote, arbitrary, code execution, proof of concept
advisories | CVE-2021-28476
MD5 | f030942316606ad6079ada92310ac838
Pallets Werkzeug 0.15.4 Path Traversal
Posted Jul 6, 2021
Authored by faisalfs10x

Proof of concept exploit for a path traversal vulnerability in Pallets Werkzeug version 0.15.4.

tags | exploit, proof of concept
advisories | CVE-2019-14322
MD5 | 262f237db7999ab766781c5e99c59463
PrintNightmare Windows Spooler Service Remote Code Execution
Posted Jul 2, 2021
Authored by Zhiniang Peng, Xuefeng Li | Site github.com

PrintNightmare remote code execution proof of concept exploit for the Windows Spooler Service.

tags | exploit, remote, code execution, proof of concept
systems | windows
advisories | CVE-2021-1675
MD5 | 18a157d3de35ba9fba2bda057819d0ad
Microsoft PrintNightmare Proof Of Concept
Posted Jul 2, 2021
Authored by cube0x0 | Site github.com

This is the Impacket implementation of the PrintNightmare proof of concept originally created by Zhiniang Peng and Xuefeng Li that leverages a privilege escalation vulnerability in the Windows Print Spooler.

tags | exploit, proof of concept
systems | windows
advisories | CVE-2021-1675
MD5 | 22a0e1a00b3142f5f762d0e3fa1470aa
XML External Entity Via MP3 File Upload On WordPress
Posted Jun 15, 2021
Authored by Vallari Sharma, Archie Midha

This document illustrates proof of concept exploitation of a vulnerability in WordPress versions 5.6.0 through 5.7.0 that gives a user the ability to upload files on a server and exploit an XML parsing issue in the Media Library using an MP3 file upload that leads to an XXE attack.

tags | exploit, proof of concept, file upload
advisories | CVE-2021-29447
MD5 | f480e11bbb87f0689d864f58c065154d
KnFTP Server 1.0.0 Denial Of Service
Posted Jun 14, 2021
Authored by Fernando Mengali

KnFTP Server version 1.0.0 LIST denial of service proof of concept exploit.

tags | exploit, denial of service, proof of concept
MD5 | a72acf4b3f794d9350cade34d6f0dfdb
PCMan FTP Server 2.0.7 Denial Of Service
Posted Jun 13, 2021
Authored by Fernando Mengali

PCMan FTP Server version 2.0.7 USER denial of service proof of concept exploit.

tags | exploit, denial of service, proof of concept
MD5 | 17efc6e256a96524ee05c5544add1ecd
memono Notepad 4.2 Denial Of Service
Posted Jun 10, 2021
Authored by Geovanni Ruiz

memono Notepad 4.2 denial of service proof of concept exploit.

tags | exploit, denial of service, proof of concept
MD5 | 02eea882c45475062dbace15b6daf8a6
EasyFTP Server 1.7.0.11 Denial Of Service
Posted Jun 10, 2021
Authored by Fernando Mengali

EasyFTP Server version 1.7.0.11 XRMD denial of service proof of concept exploit.

tags | exploit, denial of service, proof of concept
MD5 | 7f3bbe6bd85382a8eea6762baae721d3
Microsoft RDP Remote Code Execution
Posted Jun 3, 2021
Authored by Johnny Yu | Site github.com

Proof of concept exploit for a remote code execution vulnerability in Microsoft's RDP service.

tags | exploit, remote, code execution, proof of concept
advisories | CVE-2019-0708
MD5 | ba1bc2933bf6b851671dc70d3284245c
Exim base64d Buffer Overflow
Posted Jun 3, 2021
Authored by Johnny Yu | Site github.com

Exim versions prior to 4.90.1 remote buffer overflow proof of concept exploit.

tags | exploit, remote, overflow, proof of concept
advisories | CVE-2018-6789
MD5 | 6468b402efc15ca33e2db61638ca5cb9
Cisco SD-WAN vManage 19.2.2 Remote Root
Posted Jun 3, 2021
Authored by Johnny Yu | Site github.com

Cisco SD-WAN vManage version 19.2.2 remote root shell proof of concept exploit that leverages multiple vulnerabilities.

tags | exploit, remote, shell, root, vulnerability, proof of concept
systems | cisco
advisories | CVE-2020-3387, CVE-2020-3437
MD5 | a4bd588c350b9a327fc445d03fadab85
VMware ESXi OpenSLP Heap Overflow
Posted Jun 3, 2021
Authored by Johnny Yu | Site github.com

Proof of concept exploit for the OpenSLP heap overflow in VMware ESXi versions 7.0 before ESXi70U1c-17325551, 6.7 before ESXi670-202102401-SG, and 6.5 before ESXi650-202102101-SG.

tags | exploit, overflow, proof of concept
advisories | CVE-2021-21974
MD5 | 74b3fa0ce957d3e82fb4eb6c32a6c8f6
DupTerminator 1.4.5639.37199 Denial Of Service
Posted Jun 1, 2021
Authored by Brian Rodriguez

DupTerminator version 1.4.5639.37199 denial of service proof of concept exploit.

tags | exploit, denial of service, proof of concept
MD5 | 055b8b8e2d4f5efb50ab336161341836
Postbird 0.8.4 XSS / LFI / Insecure Data Storage
Posted Jun 1, 2021
Authored by Tridentsec | Site tridentsec.io

Postbird version 0.8.4 suffers from cross site scripting, local file inclusion, and insecure data storage vulnerabilities. Included in this archive is a whitepaper and proof of concept exploit.

tags | exploit, local, vulnerability, xss, proof of concept, file inclusion
advisories | CVE-2021-33570
MD5 | f60c4ad77076831e6c6210dffcd07d54
Ubuntu OverlayFS Local Privilege Escalation
Posted May 31, 2021
Authored by Chris Wild, Sudhanshu Kumar, Rohit Verma

The document in this archive illustrates using the included proof of concept exploit to achieve root on Ubuntu systems using a flaw in the OverlayFS file system. The exploit itself does not have author attribution as the proof of concept came through SSD Disclosures.

tags | exploit, paper, root, proof of concept
systems | linux, ubuntu
advisories | CVE-2021-3493
MD5 | f594195ba35e11d203cb280d4aa0e967
PHP 8.1.0-dev Backdoor Remote Command Execution
Posted May 31, 2021
Authored by Mayank Deshmukh

PHP version 8.1.0-dev unauthenticated remote command execution proof of concept exploit that leverages the backdoor.

tags | exploit, remote, php, proof of concept
MD5 | 68b81a413521d514b1b67f8bde5a5138
RarmaRadio 2.72.8 Denial Of Service
Posted May 26, 2021
Authored by Ismael Nava

RarmaRadio version 2.72.8 denial of service proof of concept exploit.

tags | exploit, denial of service, proof of concept
MD5 | e3972881c8a84c8b53c0c3119a4c0df4
Page 1 of 91
Back12345Next

File Archive:

September 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    14 Files
  • 2
    Sep 2nd
    19 Files
  • 3
    Sep 3rd
    9 Files
  • 4
    Sep 4th
    1 Files
  • 5
    Sep 5th
    2 Files
  • 6
    Sep 6th
    3 Files
  • 7
    Sep 7th
    12 Files
  • 8
    Sep 8th
    22 Files
  • 9
    Sep 9th
    17 Files
  • 10
    Sep 10th
    19 Files
  • 11
    Sep 11th
    3 Files
  • 12
    Sep 12th
    2 Files
  • 13
    Sep 13th
    15 Files
  • 14
    Sep 14th
    16 Files
  • 15
    Sep 15th
    15 Files
  • 16
    Sep 16th
    7 Files
  • 17
    Sep 17th
    13 Files
  • 18
    Sep 18th
    2 Files
  • 19
    Sep 19th
    2 Files
  • 20
    Sep 20th
    14 Files
  • 21
    Sep 21st
    20 Files
  • 22
    Sep 22nd
    28 Files
  • 23
    Sep 23rd
    13 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close