Exploit the possiblities
Showing 1 - 25 of 3,027 RSS Feed

Root Files

Docker Sudo Privilege Escalation
Posted Jan 18, 2018
Authored by Pype

If a user has sudo permissions to /usr/bin/docker, it can be leveraged to escalated privileges to root.

tags | exploit, root
MD5 | 52de940cff9cf249313f9f59cec9e950
Master IP CAM 01 Hardcoded Password / Unauthenticated Access
Posted Jan 17, 2018
Authored by Daniele Linguaglossa, Raffaele Sabato

Master IP CAM version 01 has a hardcoded root password and suffers from multiple unauthenticated access vulnerabilities.

tags | exploit, root, vulnerability, bypass
advisories | CVE-2018-5723, CVE-2018-5724, CVE-2018-5725, CVE-2018-5726
MD5 | 253eee4323841717bf3ffd8d13607ed9
Samsung SRN-1670D Web Viewer 1.0.0.193 Arbitrary File Read / Upload
Posted Jan 11, 2018
Authored by Omar Mezrag, Algeria, Realistic Security | Site metasploit.com

This Metasploit module exploits an unrestricted file upload vulnerability in Web Viewer 1.0.0.193 on Samsung SRN-1670D devices. The network_ssl_upload.php file allows remote authenticated attackers to upload and execute arbitrary PHP code via a filename with a .php extension, which is then accessed via a direct request to the file in the upload/ directory. To authenticate for this attack, one can obtain web-interface credentials in cleartext by leveraging the existing local file read vulnerability referenced by CVE-2015-8279, which allows remote attackers to read the web interface credentials by sending a request to: cslog_export.php?path=/root/php_modules/lighttpd/sbin/userpw URI.

tags | exploit, remote, web, arbitrary, local, root, php, file upload
advisories | CVE-2015-8279, CVE-2017-16524
MD5 | a040c104d632cd4ba7549225102c8f38
Synology PhotoStation 6.7.2-3429 Remote Root
Posted Jan 9, 2018
Authored by James Bercegay | Site metasploit.com

This Metasploit module exploits multiple vulnerabilities in Synology PhotoStation. When combined these issues can be leveraged to gain a remote root shell.

tags | exploit, remote, shell, root, vulnerability
MD5 | b4f5208c794052067b20c6cf8801580a
VMware Workstation ALSA Config File Local Privilege Escalation
Posted Jan 5, 2018
Authored by Brendan Coles, Jann Horn | Site metasploit.com

This Metasploit module exploits a vulnerability in VMware Workstation Pro and Player on Linux which allows users to escalate their privileges by using an ALSA configuration file to load and execute a shared object as root when launching a virtual machine with an attached sound card. This Metasploit module has been tested successfully on VMware Player version 12.5.0 on Debian Linux.

tags | exploit, root
systems | linux, debian
advisories | CVE-2017-4915
MD5 | f3b6448b87cca47f57a97189ff144abb
D-Link DNS-320L 'mydlinkBRionyg' Backdoor
Posted Jan 5, 2018
Authored by James Bercegay | Site metasploit.com

This Metasploit module exploits two issues. The first issue is that there is a hard coded backdoor within DNS-320L devices. Using this backdoor access we can then reach buggy code which is vulnerable to command injection. Root shell will be spawned upon successful exploitation. Firmware versions 1.0 (2012/6/15) to 6.0 (2015/07/28) are vulnerable.

tags | exploit, shell, root
MD5 | 14d1fdea7ee67fedccba8b171ff90c2a
Western Digital WDMyCloud 'mydlinkBRionyg' Backdoor
Posted Jan 5, 2018
Authored by James Bercegay | Site metasploit.com

This Metasploit module exploits two issues. The first issue is that there is a hard coded backdoor within WDMyCloud devices. Using this backdoor access we can then reach buggy code which is vulnerable to command injection. A root shell will be spawned upon successful exploitation.

tags | exploit, shell, root
MD5 | 484e2c31ef009345ea0787457d66bfe8
D-Link DNS-320L ShareCenter Backdoor Account / Remote Root
Posted Jan 5, 2018
Authored by James Bercegay | Site gulftech.org

D-Link DNS-320L ShareCenter contains a backdoor account that allows for remote root command execution.

tags | exploit, remote, root
MD5 | d24809c3e2e8217c390f17c1f99d1b9c
Xplico Remote Code Execution
Posted Jan 4, 2018
Authored by Mehmet Ince | Site metasploit.com

This Metasploit module exploits a command injection vulnerability in Xplico. Unauthenticated users can register a new account and then execute a terminal command under the context of the root user.

tags | exploit, root
advisories | CVE-2017-16666
MD5 | f84cbd2f0e6585fce60f5fb1ebfaac2e
Ubuntu Security Notice USN-3480-3
Posted Jan 4, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3480-3 - USN-3480-2 fixed regressions in Apport. The update introduced a new regression in the container support. This update addresses the problem. Sander Bos discovered that Apport incorrectly handled core dumps for setuid binaries. A local attacker could use this issue to perform a denial of service via resource exhaustion or possibly gain root privileges. Various other issues were also addressed.

tags | advisory, denial of service, local, root
systems | linux, ubuntu
advisories | CVE-2017-14177, CVE-2017-14180
MD5 | 8fc3d8c839d99115ca99623b7fedf97f
pfSense 2.1.3-RELEASE (amd64) Remote Command Execution
Posted Dec 28, 2017
Authored by wetw0rk, Jared Stephens | Site metasploit.com

pfSense, a free BSD based open source firewall distribution, versions 2.2.6 and below contain a remote command execution vulnerability post authentication in the _rrd_graph_img.php page. The vulnerability occurs via the graph GET parameter. A non-administrative authenticated attacker can inject arbitrary operating system commands and execute them as the root user. Verified against 2.1.3.

tags | exploit, remote, arbitrary, root, php
systems | bsd
MD5 | 9e31715f8e4cf15c616cd81794fa4e26
Western Digital MyCloud multi_uploadify File Upload
Posted Dec 15, 2017
Authored by Zenofex | Site metasploit.com

This Metasploit module exploits a file upload vulnerability found in Western Digital's MyCloud NAS web administration HTTP service. The /web/jquery/uploader/multi_uploadify.php PHP script provides multipart upload functionality that is accessible without authentication and can be used to place a file anywhere on the device's file system. This allows an attacker the ability to upload a PHP shell onto the device and obtain arbitrary code execution as root.

tags | exploit, web, arbitrary, shell, root, php, code execution, file upload
advisories | CVE-2017-17560
MD5 | 1f47f80c45cf9163168bba8d9d9e5883
pfSense 2.4.1 CSRF Error Page Clickjacking
Posted Dec 13, 2017
Authored by Yorick Koster | Site metasploit.com

This Metasploit module exploits a Clickjacking vulnerability in pfSense versions 2.4.1 and below. pfSense is a free and open source firewall and router. It was found that the pfSense WebGUI is vulnerable to Clickjacking. By tricking an authenticated admin into interacting with a specially crafted webpage it is possible for an attacker to execute arbitrary code in the WebGUI. Since the WebGUI runs as the root user, this will result in a full compromise of the pfSense instance.

tags | exploit, arbitrary, root
MD5 | 88144d72abf1d2945664621d86be2cbc
Palo Alto Networks Firewalls Remote Root Code Execution
Posted Dec 13, 2017
Authored by Philip Pettersson

Three separate bugs can be used together to remotely execute commands as root through the web management interface without authentication on PAN-OS versions 6.1.18 and earlier, PAN-OS versions 7.0.18 and earlier, PAN-OS versions 7.1.13 and earlier, and PAN-OS versions 8.0.5 and earlier. Full details provided.

tags | exploit, web, root
advisories | CVE-2017-15944
MD5 | db7bfd1aa5298db5960daae8338a30f3
EMC Isilon OneFS Privilege Escalation
Posted Dec 13, 2017
Site emc.com

EMC Isilon OneFS versions 7.x and 8.x suffer from a privilege escalation vulnerability. They contain an issue where a 'compadmin' user can potentially run restricted system commands with elevated (root) privilege on a cluster in compliance mode.

tags | advisory, root
advisories | CVE-2017-14380
MD5 | d5de14ab1bb0cab1cd04f047522b8304
Red Hat Security Advisory 2017-3405-01
Posted Dec 9, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-3405-01 - PostgreSQL is an advanced object-relational database management system. Security Fix: Privilege escalation flaws were found in the initialization scripts of PostgreSQL. An attacker with access to the postgres user account could use these flaws to obtain root access on the server machine. Note: This patch drops the script privileges from root to the postgres user. Therefore, we dropped the --new-systemd-unit option for security reasons. Please use the root-only script postgresql-new-systemd-unit.

tags | advisory, root
systems | linux, redhat
advisories | CVE-2017-12172, CVE-2017-15097
MD5 | 997166402189930f6d5a4c0bef3024b8
Red Hat Security Advisory 2017-3404-01
Posted Dec 9, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-3404-01 - PostgreSQL is an advanced object-relational database management system. Security Fix: Privilege escalation flaws were found in the initialization scripts of PostgreSQL. An attacker with access to the postgres user account could use these flaws to obtain root access on the server machine. Note: This patch drops the script privileges from root to the postgres user. Therefore, we dropped the --new-systemd-unit option for security reasons. Please use the root-only script postgresql-new-systemd-unit.

tags | advisory, root
systems | linux, redhat
advisories | CVE-2017-12172, CVE-2017-15097
MD5 | 5e83d7998ed71bb88b86b400cdb8e508
Red Hat Security Advisory 2017-3403-01
Posted Dec 9, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-3403-01 - PostgreSQL is an advanced object-relational database management system. Security Fix: Privilege escalation flaws were found in the initialization scripts of PostgreSQL. An attacker with access to the postgres user account could use these flaws to obtain root access on the server machine. Note: This patch drops the script privileges from root to the postgres user. Therefore, we dropped the --new-systemd-unit option for security reasons. Please use the root-only script postgresql-new-systemd-unit.

tags | advisory, root
systems | linux, redhat
advisories | CVE-2017-12172, CVE-2017-15097
MD5 | e115e24b1d1fb7d1b51b241e3269be13
Red Hat Security Advisory 2017-3402-01
Posted Dec 9, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-3402-01 - PostgreSQL is an advanced object-relational database management system. Security Fix: Privilege escalation flaws were found in the initialization scripts of PostgreSQL. An attacker with access to the postgres user account could use these flaws to obtain root access on the server machine. Note: This patch drops the script privileges from root to the postgres user. Therefore, this update works properly only if the postgres user has write access to the postgres' home directory, such as the one in the default configuration.

tags | advisory, root
systems | linux, redhat
advisories | CVE-2017-12172, CVE-2017-15097
MD5 | 9975c358cbf69aa627308bec7345a038
Apple macOS 10.13.1 High Sierra Cron Privilege Escalation
Posted Dec 7, 2017
Authored by Mark Wadham

Apple macOS version 10.13.1 (High Sierra) suffers from a cron related local privilege escalation vulnerability that allows you to gain root privileges.

tags | exploit, local, root
systems | apple
MD5 | 9473afa208319a6ea6560b35916c5529
Arq Backup 5.9.7 Local Root Privilege Escalation
Posted Dec 5, 2017
Authored by Mark Wadham

Arq Backup versions 5.9.7 and below suffer from a local root privilege escalation vulnerability.

tags | exploit, local, root
advisories | CVE-2017-16895
MD5 | 6e034780e44ad140d984b98d2baff8d8
Arq Backup 5.9.6 Local Root Privilege Escalation
Posted Dec 4, 2017
Authored by Mark Wadham

Arq Backup versions 5.9.6 and below suffer from a local root privilege escalation vulnerability.

tags | exploit, local, root
advisories | CVE-2017-15357
MD5 | 2cf34b399d49d64d0321379e8239a52e
Mac OS X Root Privilege Escalation
Posted Nov 29, 2017
Site metasploit.com

This Metasploit module exploits a serious flaw in Mac OS X High Sierra. Any user can login with user "root", leaving an empty password.

tags | exploit, root
MD5 | f135153db9d869d3133d4890fca2f61f
Synology StorageManager 5.2 Remote Command Execution
Posted Nov 29, 2017
Authored by securiteam

Synology StorageManager version 5.2 suffers from a remote root command execution vulnerability in smart.cgi.

tags | exploit, remote, cgi, root
MD5 | 0e725291dedfc743e647723b95b3a423
Red Hat Security Advisory 2017-3277-01
Posted Nov 29, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-3277-01 - The tcmu-runner packages provide a service that handles the complexity of the LIO kernel target's userspace passthrough interface. It presents a C plugin API for extension modules that handle SCSI requests in ways not possible or suitable to be handled by LIO's in-kernel backstores. Security Fix: A flaw was found in the implementation of CheckConfig method in handler_glfs.so of the tcmu-runner daemon. A local, non-root user with access to the D-Bus system bus could send a specially crafted string to CheckConfig method resulting in various kinds of segmentation fault.

tags | advisory, kernel, local, root
systems | linux, redhat
advisories | CVE-2017-1000198, CVE-2017-1000199, CVE-2017-1000200, CVE-2017-1000201
MD5 | 60d0bc3e1239871d8a46ec7c89c07b68
Page 1 of 122
Back12345Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

January 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    2 Files
  • 2
    Jan 2nd
    13 Files
  • 3
    Jan 3rd
    16 Files
  • 4
    Jan 4th
    39 Files
  • 5
    Jan 5th
    26 Files
  • 6
    Jan 6th
    40 Files
  • 7
    Jan 7th
    2 Files
  • 8
    Jan 8th
    16 Files
  • 9
    Jan 9th
    25 Files
  • 10
    Jan 10th
    28 Files
  • 11
    Jan 11th
    44 Files
  • 12
    Jan 12th
    32 Files
  • 13
    Jan 13th
    2 Files
  • 14
    Jan 14th
    4 Files
  • 15
    Jan 15th
    31 Files
  • 16
    Jan 16th
    15 Files
  • 17
    Jan 17th
    16 Files
  • 18
    Jan 18th
    24 Files
  • 19
    Jan 19th
    7 Files
  • 20
    Jan 20th
    0 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    0 Files
  • 25
    Jan 25th
    0 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close