Twenty Year Anniversary
Showing 1 - 25 of 2,604 RSS Feed

Shell Files

Red Hat Security Advisory 2018-1195-01
Posted Apr 24, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1195-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 66.0.3359.117. Issues addressed include buffer overflow, bypass, remote shell upload, and use-after-free vulnerabilities.

tags | advisory, remote, web, overflow, shell, vulnerability
systems | linux, redhat
advisories | CVE-2018-6085, CVE-2018-6086, CVE-2018-6087, CVE-2018-6088, CVE-2018-6089, CVE-2018-6090, CVE-2018-6091, CVE-2018-6092, CVE-2018-6093, CVE-2018-6094, CVE-2018-6095, CVE-2018-6096, CVE-2018-6097, CVE-2018-6098, CVE-2018-6099, CVE-2018-6100, CVE-2018-6101, CVE-2018-6102, CVE-2018-6103, CVE-2018-6104, CVE-2018-6105, CVE-2018-6106, CVE-2018-6107, CVE-2018-6108, CVE-2018-6109, CVE-2018-6110, CVE-2018-6111, CVE-2018-6112
MD5 | 1f2281c68c5837e3f5afd511d38bf5da
ASUS infosvr Authentication Bypass Command Execution
Posted Apr 21, 2018
Authored by jduck, Friedrich Postelstorfer | Site metasploit.com

This Metasploit module exploits an authentication bypass vulnerability in the infosvr service running on UDP port 9999 on various ASUS routers to execute arbitrary commands as root. This Metasploit module launches the BusyBox Telnet daemon on the port specified in the TelnetPort option to gain an interactive remote shell. This Metasploit module was tested successfully on an ASUS RT-N12E with firmware version 2.0.0.35. Numerous ASUS models are reportedly affected, but untested.

tags | exploit, remote, arbitrary, shell, root, udp, bypass
advisories | CVE-2014-9583
MD5 | 0b841685aaa09cefb0a9621293d64a94
Digital Guardian Management Console 7.1.2.0015 Shell Upload
Posted Apr 18, 2018
Authored by Pawel Gocyla

Digital Guardian Management Console version 7.1.2.0015 suffers from a shell upload vulnerability that allows for remote code execution.

tags | exploit, remote, shell, code execution
advisories | CVE-2018-10173
MD5 | 8bc838600cd56915e5e0d27198d67ab7
Debian Security Advisory 4167-1
Posted Apr 6, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4167-1 - A buffer-overflow vulnerability was discovered in Sharutils, a set of utilities handle Shell Archives. An attacker with control on the input of the unshar command, could crash the application or execute arbitrary code in the its context.

tags | advisory, overflow, arbitrary, shell
systems | linux, debian
advisories | CVE-2018-1000097
MD5 | f45edf0e1ca9bff52faa495942d41a56
Debian Security Advisory 4149-1
Posted Mar 23, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4149-1 - Charles Duffy discovered that the Commandline class in the utilities for the Plexus framework performs insufficient quoting of double-encoded strings, which could result in the execution of arbitrary shell commands.

tags | advisory, arbitrary, shell
systems | linux, debian
advisories | CVE-2017-1000487
MD5 | a87c86c6e125862540db4cdd0f7ccf12
Debian Security Advisory 4146-1
Posted Mar 22, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4146-1 - Charles Duffy discovered that the Commandline class in the utilities for the Plexus framework performs insufficient quoting of double-encoded strings, which could result in the execution of arbitrary shell commands.

tags | advisory, arbitrary, shell
systems | linux, debian
advisories | CVE-2017-1000487
MD5 | 2c815b04a5e19aa066ea2366b9c74efc
Vehicle Sales Management System XSS / Shell Upload / SQL Injection
Posted Mar 20, 2018
Authored by Sing

Vehicle Sales Management System suffers from cross site scripting, shell upload, and remote SQL injection vulnerabilities.

tags | exploit, remote, shell, vulnerability, xss, sql injection
advisories | CVE-2017-1000474
MD5 | 7d59495ebc82f63f150cf2a13a37aed8
Gentoo Linux Security Advisory 201803-04
Posted Mar 11, 2018
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201803-4 - A vulnerability in Newsbeuter may allow remote attackers to execute arbitrary shell commands. Versions less than or equal to 2.9-r3 are affected.

tags | advisory, remote, arbitrary, shell
systems | linux, gentoo
advisories | CVE-2017-14500
MD5 | 13f887fee8686b564e52d56a034342e4
Debian Security Advisory 4134-1
Posted Mar 10, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4134-1 - Bjorn Bosselmann discovered that the umount bash completion from util-linux does not properly handle embedded shell commands in a mountpoint name. An attacker with rights to mount filesystems can take advantage of this flaw for privilege escalation if a user (in particular root) is tricked into using the umount completion while a specially crafted mount is present.

tags | advisory, shell, root, bash
systems | linux, debian
advisories | CVE-2018-7738
MD5 | 739295b248b871432986dbfe7125e245
NETGEAR Magic telnetd Enabler
Posted Mar 4, 2018
Authored by wvu, insanid, Paul Gebheim | Site metasploit.com

This Metasploit module sends a magic packet to a NETGEAR device to enable telnetd. Upon successful connect, a root shell should be presented to the user.

tags | exploit, shell, root
MD5 | a7246c6e4e3c5142a9103cda8aa6e9d7
Joomla! Proclaim 9.1.1 Shell Upload
Posted Feb 23, 2018
Authored by Ihsan Sencan

Joomla! Proclaim component version 9.1.1 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell, file upload
advisories | CVE-2018-7316
MD5 | e4b3f4730e22f3b7318737ee5628509e
Rootkit Hunter 1.4.6
Posted Feb 19, 2018
Authored by Michael Boelen | Site rootkit.nl

Rootkit Hunter scans files and systems for known and unknown rootkits, backdoors, and sniffers. The package contains one shell script, a few text-based databases, and optional Perl modules. It should run on almost every Unix variety except Solaris and NetBSD.

Changes: Added support for Alpine Linux (busybox). Added the Diamorphine LKM test. Added the ALLOWIPCPID configuration file option. Added the ALLOWIPCUSER configuration file option. Various other additions, improvements, and bug fixes made.
tags | tool, shell, perl, integrity, rootkit
systems | netbsd, unix, solaris
MD5 | 54762d04ec7faa0736cc151271b02c06
Linux/ARM BindShell Shellcode
Posted Feb 19, 2018
Authored by rtmcx

168 bytes small tcp/4444 shell-binding and IP controlled (192.168.1.190) null-free Linux/ARM shellcode.

tags | shell, tcp, shellcode
systems | linux
MD5 | e2400f0b4e82d6ae3fb4db72afd681e6
Debian Security Advisory 4116-1
Posted Feb 18, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4116-1 - Krzysztof Sieluzycki discovered that the notifier for removable devices in the KDE Plasma workspace performed insufficient sanitization of FAT/VFAT volume labels, which could result in the execution of arbitrary shell commands if a removable device with a malformed disk label is mounted.

tags | advisory, arbitrary, shell
systems | linux, debian
advisories | CVE-2018-6791
MD5 | 8bfe9448284b074dff9a1fabba58ddf3
Linux/x64 Bind TCP (4444/TCP) Shell (/bin/sh) + Password (1234567) Shellcode
Posted Feb 2, 2018
Authored by 0x4ndr3

136 bytes small Linux/x64 bind TCP (4444/TCP) shell (/bin/sh) + password (1234567) shellcode.

tags | shell, tcp, shellcode
systems | linux
MD5 | d05f6f0b7a7909402854121ee144dd64
Joomla! Jimtawl 2.2.5 Shell Upload
Posted Feb 2, 2018
Authored by Ihsan Sencan

Joomla! Jimtawl component version 2.2.5 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell, file upload
advisories | CVE-2018-6580
MD5 | 14f1e28f305715e649d2f7a55481170a
Linux/ARM Reverse TCP Shell Null Free Shellcode
Posted Jan 28, 2018
Authored by rtmcx

80 byte small Linux/ARM reverse TCP shell (192.168.1.1:4444/TCP) null-free shellcode.

tags | shell, tcp, shellcode
systems | linux
MD5 | ca358c6e2e10a456f686560467fee49d
Red Hat Security Advisory 2018-0223-01
Posted Jan 25, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0223-01 - Nautilus is the file manager and graphical shell for the GNOME desktop. Security Fix: An untrusted .desktop file with executable permission set could choose its displayed name and icon, and execute commands without warning when opened by the user. An attacker could use this flaw to trick a user into opening a .desktop file disguised as a document, such as a PDF, and execute arbitrary commands. Note: This update will change the behavior of Nautilus. Nautilus will now prompt the user for confirmation when executing an untrusted .desktop file for the first time, and then add it to the trusted file list. Desktop files stored in the system directory, as specified by the XDG_DATA_DIRS environment variable, are always considered trusted and executed without prompt.

tags | advisory, arbitrary, shell
systems | linux, redhat
advisories | CVE-2017-14604
MD5 | f0e110126554a5d70a7a6de9496a29e7
Toplist 2 SQL Injection / Backdoor Account / Shell Upload
Posted Jan 19, 2018
Authored by indoushka

Toplist 2 suffers from remote shell upload, backdoor account, and remote SQL injection vulnerabilities.

tags | exploit, remote, shell, vulnerability, sql injection
MD5 | 08a6531a217a4c307ef90f734313edb8
Linux/ARM Password Protected Reverse Shell Shellcode
Posted Jan 19, 2018
Authored by rtmcx

156 bytes small Linux/ARM password protected reverse TCP (192.168.1.1:4444/TCP) shell (/bin/sh) null-free shellcode.

tags | shell, tcp, shellcode
systems | linux
MD5 | b7131d0642486647b97ab38932c932e3
Gentoo Linux Security Advisory 201801-18
Posted Jan 17, 2018
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201801-18 - Insufficient input validation in Newsbeuter may allow remote attackers to execute arbitrary shell commands. Versions less than 2.9-r3 are affected.

tags | advisory, remote, arbitrary, shell
systems | linux, gentoo
advisories | CVE-2017-12904
MD5 | 2e41bd1176e5ce1d057f0ab9c5760f96
Belkin N600DB Command Injection / Backdoor
Posted Jan 17, 2018
Authored by Wadeek

Belkin N600DB suffers from password disclosure, a backdoor shell, server-side request forgery, and command injection vulnerabilities.

tags | exploit, shell, vulnerability
MD5 | 546c8e10d2e3c9868c52f837366e622c
D-Link DNS-325 ShareCenter 1.05B03 Shell Upload / Command Injection
Posted Jan 15, 2018
Authored by James Bercegay | Site gulftech.org

D-Link DNS-325 ShareCenter versions 1.05B03 and below suffer from remote shell upload and command injection vulnerabilities.

tags | exploit, remote, shell, vulnerability
MD5 | 9b97afd3b186a9159133894550ec5482
Kaseya VSA 9.2 Shell Upload
Posted Jan 15, 2018
Authored by Securify B.V., Kin Hung Cheng, Robert Hartshorn

Kaseya VSA version 9.2 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | 907b91ed2f652a5d04feabc0ab331cb0
Disk Pulse Enterprise 10.1.18 Buffer Overflow
Posted Jan 15, 2018
Authored by Ahmad Mahfouz

Disk Pulse Enterprise version 10.1.18 buffer overflow exploit that binds a shell.

tags | exploit, overflow, shell
advisories | CVE-2017-15663
MD5 | 70ce17cbe1db3948f132073f7d0feee7
Page 1 of 105
Back12345Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

April 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    5 Files
  • 2
    Apr 2nd
    17 Files
  • 3
    Apr 3rd
    11 Files
  • 4
    Apr 4th
    21 Files
  • 5
    Apr 5th
    17 Files
  • 6
    Apr 6th
    12 Files
  • 7
    Apr 7th
    1 Files
  • 8
    Apr 8th
    6 Files
  • 9
    Apr 9th
    21 Files
  • 10
    Apr 10th
    18 Files
  • 11
    Apr 11th
    42 Files
  • 12
    Apr 12th
    7 Files
  • 13
    Apr 13th
    14 Files
  • 14
    Apr 14th
    1 Files
  • 15
    Apr 15th
    1 Files
  • 16
    Apr 16th
    15 Files
  • 17
    Apr 17th
    20 Files
  • 18
    Apr 18th
    24 Files
  • 19
    Apr 19th
    20 Files
  • 20
    Apr 20th
    7 Files
  • 21
    Apr 21st
    10 Files
  • 22
    Apr 22nd
    2 Files
  • 23
    Apr 23rd
    17 Files
  • 24
    Apr 24th
    36 Files
  • 25
    Apr 25th
    15 Files
  • 26
    Apr 26th
    31 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close