Exploit the possiblities
Showing 1 - 25 of 2,567 RSS Feed

Shell Files

Zoom Linux Client 2.0.106600.0904 Command Injection
Posted Dec 17, 2017
Authored by Gabriel Quadros, Ricardo Silva

The binary /opt/zoom/ZoomLauncher is vulnerable to command injection because it uses user input to construct a shell command without proper sanitization. The client registers a scheme handler (zoommtg://) and this makes possible to trigger the vulnerability remotely. Version 2.0.106600.0904 is affected.

tags | exploit, shell
advisories | CVE-2017-15049
MD5 | b1610cc8b8b53e184b45604c8ea0a748
Monstra CMS 3.0.4 Remote Shell Upload
Posted Dec 17, 2017
Authored by Ishaq Mohammed

Monstra CMS version 3.0.4 suffers from a remote shell upload vulnerability that allows for remote code execution.

tags | exploit, remote, shell, code execution
MD5 | 232ceeef3d1b599e0679a64c3c4ba7f7
Western Digital MyCloud multi_uploadify File Upload
Posted Dec 15, 2017
Authored by Zenofex | Site metasploit.com

This Metasploit module exploits a file upload vulnerability found in Western Digital's MyCloud NAS web administration HTTP service. The /web/jquery/uploader/multi_uploadify.php PHP script provides multipart upload functionality that is accessible without authentication and can be used to place a file anywhere on the device's file system. This allows an attacker the ability to upload a PHP shell onto the device and obtain arbitrary code execution as root.

tags | exploit, web, arbitrary, shell, root, php, code execution, file upload
advisories | CVE-2017-17560
MD5 | 1f47f80c45cf9163168bba8d9d9e5883
Polycom Shell HDX Series Traceroute Command Execution
Posted Dec 6, 2017
Authored by Mumbai, staaldraad | Site metasploit.com

Within Polycom command shell, a command execution flaw exists in lan traceroute, one of the dev commands, which allows for an attacker to execute arbitrary payloads with telnet or openssl.

tags | exploit, arbitrary, shell
MD5 | 33dcdddd82b0e30b2de8fb2a8068c350
Debian Security Advisory 4052-1
Posted Nov 30, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4052-1 - Adam Collard discovered that Bazaar, an easy to use distributed version control system, did not correctly handle maliciously constructed bzr+ssh URLs, allowing a remote attackers to run an arbitrary shell command.

tags | advisory, remote, arbitrary, shell
systems | linux, debian
advisories | CVE-2017-14176
MD5 | 0fa35f0a8b504f19587654a03b18d2bc
CS Cart 4.6.2 Shell Upload
Posted Nov 23, 2017
Authored by oric one

CS Cart version 4.6.2 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
advisories | CVE-2017-15673
MD5 | 0a62f78f3293e527ec3327b130b259b6
Gentoo Linux Security Advisory 201711-16
Posted Nov 20, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201711-16 - Multiple vulnerabilities have been found in CouchDB, the worst of which could lead to the remote execution of arbitrary shell commands. Versions less than 1.7.1 are affected.

tags | advisory, remote, arbitrary, shell, vulnerability
systems | linux, gentoo
advisories | CVE-2017-12635, CVE-2017-12636
MD5 | a083aed437a012f431a19805566e8eaa
CoolPlayer+ Portable 2.19.6 Stack Overflow
Posted Nov 6, 2017
Authored by 1N3

CoolPlayer+ Portable version 2.19.6 stack overflow exploit with ASLR bypass and a bind shell.

tags | exploit, overflow, shell
MD5 | 7aaf5691cd3da9557d896e0e81599b4f
Oracle Java SE Wv8u131 Information Disclosure
Posted Nov 2, 2017
Authored by mr_me

Oracle Java SE installs a protocol handler in the registry as "HKEY_CLASSES_ROOT\jnlp\Shell\Open\Command\Default" 'C:\Program Files\Java\jre1.8.0_131\bin\jp2launcher.exe" -securejws "%1"'. This can allow allow an attacker to launch remote jnlp files with little user interaction. A malicious jnlp file containing a crafted XML XXE attack can be leveraged to disclose files, cause a denial of service or trigger SSRF. Versions v8u131 and below are affected.

tags | exploit, java, remote, denial of service, shell, registry, protocol, info disclosure
advisories | CVE-2017-10309
MD5 | 1e5c74e4370cfb11bd675efce53eb688
Debian Security Advisory 4009-1
Posted Nov 1, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4009-1 - Niklas Abel discovered that insufficient input sanitising in the the ss-manager component of shadowsocks-libev, a lightweight socks5 proxy, could result in arbitrary shell command execution.

tags | advisory, arbitrary, shell
systems | linux, debian
advisories | CVE-2017-15924
MD5 | f7d370565938725f8e57e51913e2916c
Gentoo Linux Security Advisory 201710-29
Posted Oct 29, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201710-29 - Multiple vulnerabilities have been found in Asterisk, the worst of which allows remote execution of arbitrary shell commands. Versions less than 11.25.3 are affected.

tags | advisory, remote, arbitrary, shell, vulnerability
systems | linux, gentoo
advisories | CVE-2017-14098, CVE-2017-14099, CVE-2017-14100, CVE-2017-14603
MD5 | dc6664f1f4febce3a1ec19be4fbf4607
Infoblox NetMRI VM-AD30-5C6CE Factory Reset Persistence
Posted Oct 25, 2017
Authored by Matthew Bergin | Site korelogic.com

Infoblox NetMRI version VM-AD30-5C6CE suffers from an administration shell factory reset persistence vulnerability.

tags | exploit, shell
MD5 | 3d645a515c1de250781ae9cab7fd9d5c
Infoblox NetMRI 7.1.4 Shell Escape / Privilege Escalation
Posted Oct 25, 2017
Authored by Hank Leininger, Matthew Bergin | Site korelogic.com

Infoblox NetMRI versions 7.1.2 through 7.1.4 suffer from administration shell escape and privilege escalation vulnerabilities.

tags | exploit, shell, vulnerability
MD5 | b723ed326bd04aa156050b80d0b7a39f
osTicket 1.10.1 Shell Upload
Posted Oct 25, 2017
Authored by Rajwinder Singh

osTicket version 1.10.1 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
advisories | CVE-2017-15580
MD5 | 91d3007b10106697abc4881dc25ab268
Polycom Command Shell Authorization Bypass
Posted Oct 21, 2017
Authored by Paul Haas, h00die | Site metasploit.com

The login component of the Polycom Command Shell on Polycom HDX video endpoints, running software versions 3.0.5 and earlier, is vulnerable to an authorization bypass when simultaneous connections are made to the service, allowing remote network attackers to gain access to a sandboxed telnet prompt without authentication. Versions prior to 3.0.4 contain OS command injection in the ping command which can be used to execute arbitrary commands as root.

tags | exploit, remote, arbitrary, shell, root
MD5 | 19e483d20fd0e5d1252e6caf45e27fba
TP-Link WR940N Remote Code Execution
Posted Oct 21, 2017
Authored by Tim Carrington | Site fidusinfosec.com

Numerous remote code execution paths were discovered in TP-Link's WR940N home WiFi router. Valid credentials are required for this attack path. It is possible for an authenticated attacker to obtain a remote shell with root privileges.

tags | exploit, remote, shell, root, code execution
advisories | CVE-2017-13772
MD5 | 6bceaa1fe350d1c27550d6f8f857b131
Afian AB FileRun 2017.03.18 CSRF / Shell Upload / XSS / Redirection
Posted Oct 17, 2017
Authored by Roman Ferdigg | Site sec-consult.com

Afian AB FileRun version 2017.03.18 suffers from cross site request forgery, cross site scripting, open redirection, remote shell upload, and various other vulnerabilities.

tags | exploit, remote, shell, vulnerability, xss, csrf
MD5 | 3ff1edbfd9d2d8fe8f706e14236d4010
Windows Escalate UAC Protection Bypass (In Memory Injection) Abusing WinSXS
Posted Oct 12, 2017
Authored by Ernesto Fernandez | Site metasploit.com

This Metasploit module will bypass Windows UAC by utilizing the trusted publisher certificate through process injection. It will spawn a second shell that has the UAC flag turned off by abusing the way "WinSxS" works in Windows systems. This Metasploit module uses the Reflective DLL Injection technique to drop only the DLL payload binary instead of three separate binaries in the standard technique. However, it requires the correct architecture to be selected, (use x64 for SYSWOW64 systems also).

tags | exploit, shell
systems | windows
MD5 | 168e1d24d366b109430b6a8f6c85ad79
Ubuntu Security Notice USN-3438-1
Posted Oct 5, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3438-1 - It was discovered that Git incorrectly handled certain subcommands such as cvsserver. A remote attacker could possibly use this issue via shell metacharacters in modules names to execute arbitrary code. This update also removes the cvsserver subcommand from git-shell by default.

tags | advisory, remote, arbitrary, shell
systems | linux, ubuntu
advisories | CVE-2017-14867
MD5 | dceb7916acf33e0993fb0e947b68f140
Qmail SMTP Bash Environment Variable Injection (Shellshock)
Posted Sep 29, 2017
Authored by Kyle George, Gabriel Follon, Mario Ledo | Site metasploit.com

This Metasploit module exploits a shellshock vulnerability on Qmail, a public domain MTA written in C that runs on Unix systems. Due to the lack of validation on the MAIL FROM field, it is possible to execute shell code on a system with a vulnerable BASH (Shellshock). This flaw works on the latest Qmail versions (qmail-1.03 and netqmail-1.06). However, in order to execute code, /bin/sh has to be linked to bash (usually default configuration) and a valid recipient must be set on the RCPT TO field (usually admin@exampledomain.com). The exploit does not work on the "qmailrocks" community version as it ensures the MAILFROM field is well-formed.

tags | exploit, shell, bash
systems | unix
advisories | CVE-2014-6271
MD5 | e886215786e8070f396bf10bc995a777
PhpCollab 2.5.1 Shell Upload
Posted Sep 29, 2017
Authored by Nicolas Serra

PhpCollab versions 2.5.1 and below suffer from a remote shell upload vulnerability.

tags | exploit, remote, shell
advisories | CVE-2017-6090
MD5 | 27220dc23bb2abac37e991a03abd8894
UCOPIA Wireless Appliance Restricted Shell Escape
Posted Sep 29, 2017
Authored by Nicolas Chatelain

UCOPIA Wireless Appliance version prior to 5.1.8 suffer from a restricted shell escape vulnerability.

tags | exploit, shell
advisories | CVE-2017-11321
MD5 | d7ec758fffa0347a2564b5cb077d8709
Debian Security Advisory 3984-1
Posted Sep 28, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3984-1 - joernchen discovered that the git-cvsserver subcommand of Git, a distributed version control system, suffers from a shell command injection vulnerability due to unsafe use of the Perl backtick operator. The git-cvsserver subcommand is reachable from the git-shell subcommand even if CVS support has not been configured (however, the git-cvs package needs to be installed).

tags | advisory, shell, perl
systems | linux, debian
MD5 | 98463fb673a8ecb102e3ba8022adf3af
FLIR Systems FLIR Thermal Camera FC-S/PT Authenticated OS Command Injection
Posted Sep 25, 2017
Authored by LiquidWorm | Site zeroscience.mk

FLIR FC-S/PT series suffer from an authenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands as the root user.

tags | exploit, arbitrary, shell, root
MD5 | 636a089048b47449c889902485301766
Supervisor XML-RPC Authenticated Remote Code Execution
Posted Sep 25, 2017
Authored by Calum Hutton | Site metasploit.com

This Metasploit module exploits a vulnerability in the Supervisor process control software, where an authenticated client can send a malicious XML-RPC request to supervisord that will run arbitrary shell commands on the server. The commands will be run as the same user as supervisord. Depending on how supervisord has been configured, this may be root. This vulnerability can only be exploited by an authenticated client, or if supervisord has been configured to run an HTTP server without authentication. This vulnerability affects versions 3.0a1 to 3.3.2.

tags | exploit, web, arbitrary, shell, root
advisories | CVE-2017-11610
MD5 | 72e2b4eea477f27f5a652ee4327d9755
Page 1 of 103
Back12345Next

File Archive:

December 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    15 Files
  • 2
    Dec 2nd
    2 Files
  • 3
    Dec 3rd
    1 Files
  • 4
    Dec 4th
    15 Files
  • 5
    Dec 5th
    15 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    17 Files
  • 8
    Dec 8th
    15 Files
  • 9
    Dec 9th
    13 Files
  • 10
    Dec 10th
    4 Files
  • 11
    Dec 11th
    41 Files
  • 12
    Dec 12th
    44 Files
  • 13
    Dec 13th
    25 Files
  • 14
    Dec 14th
    15 Files
  • 15
    Dec 15th
    28 Files
  • 16
    Dec 16th
    3 Files
  • 17
    Dec 17th
    13 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close