Twenty Year Anniversary
Showing 1 - 25 of 2,618 RSS Feed

Shell Files

glibc 'realpath()' Privilege Escalation
Posted Jun 12, 2018
Authored by halfdog, Brendan Coles | Site metasploit.com

This Metasploit module attempts to gain root privileges on Linux systems by abusing a vulnerability in GNU C Library (glibc) version 2.26 and prior. This Metasploit module uses halfdog's RationalLove exploit to exploit a buffer underflow in glibc realpath() and create a SUID root shell. The exploit has offsets for glibc versions 2.23-0ubuntu9 and 2.24-11+deb9u1. The target system must have unprivileged user namespaces enabled. This Metasploit module has been tested successfully on Ubuntu Linux 16.04.3 (x86_64) with glibc version 2.23-0ubuntu9; and Debian 9.0 (x86_64) with glibc version 2.24-11+deb9u1.

tags | exploit, shell, root
systems | linux, debian, ubuntu
advisories | CVE-2018-1000001
MD5 | fdde72feb2388aee3f2e93395c3c6363
Windows UAC Protection Bypass (Via Slui File Handler Hijack)
Posted May 31, 2018
Authored by bytecode-77, gushmazuko | Site metasploit.com

This Metasploit module will bypass UAC on Windows 8-10 by hijacking a special key in the Registry under the Current User hive, and inserting a custom command that will get invoked when any binary (.exe) application is launched. But slui.exe is an auto-elevated binary that is vulnerable to file handler hijacking. When we run slui.exe with changed Registry key (HKCU:\Software\Classes\exefile\shell\open\command), it will run our custom command as Admin instead of slui.exe. The module modifies the registry in order for this exploit to work. The modification is reverted once the exploitation attempt has finished. The module does not require the architecture of the payload to match the OS. If specifying EXE::Custom your DLL should call ExitProcess() after starting the payload in a different process.

tags | exploit, shell, registry
systems | windows
MD5 | cbaf903a1f48babbbfdd55bd95607ccf
NUUO NVRmini2 / NVRsolo Shell Upload
Posted May 27, 2018
Authored by Xiaotian Wang

NUUO NVRmini2 and NVRsolo suffer from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | bdc03f1cb1c4e45f65f4b6a879ef92ce
Wchat Fully Responsive PHP AJAX Chat Script 1.5 Shell Upload
Posted May 25, 2018
Authored by indoushka

Wchat Fully Responsive PHP AJAX Chat Script version 1.5 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell, php
MD5 | ef20a197f0eb75efb49439e9806f82c9
PHP Login And User Management 4.1.0 Shell Upload
Posted May 24, 2018
Authored by Reginald Dodd

PHP Login and User Management versions 4.1.0 and below suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell, php
advisories | CVE-2018-11392
MD5 | bd0631b0840255f200ab219736fbbaaa
LikeSoftware CMS Cross Site Request Forgery / Shell Upload
Posted May 24, 2018
Authored by Mr.7z

LikeSoftware CMS suffers from cross site request forgery and remote shell upload vulnerabilities.

tags | exploit, remote, shell, vulnerability, csrf
MD5 | fc933e734ee2c898fee0a9fe9c673698
Easy File Uploader 1.7 Shell Upload
Posted May 24, 2018
Authored by indoushka

Easy File Uploader version 1.7 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell, file upload
MD5 | 72afb65d3fa31008dd700ca8653852f9
WordPress Peugeot Music 1.0 Shell Upload / Cross Site Request Forgery
Posted May 24, 2018
Authored by Mr.7z

WordPress Peugeot Music plugin version 1.0 suffers from cross site request forgery and remote shell upload vulnerabilities.

tags | exploit, remote, shell, vulnerability, csrf
MD5 | 977bc38dbf076cea5680909d6b0fd85c
Linux/x86 Reverse TCP Shell To 10.0.7.17:4444 Shellcode
Posted May 24, 2018
Authored by Jonathan Crosby

101 bytes small Linux/x86 reverse TCP shell shellcode that connects to 10.0.7.17:4444.

tags | shell, x86, tcp, shellcode
systems | linux
MD5 | 6eeac0567a3fef4c667bd7ed8a53c0af
Linux/x86 Reverse TCP Shell Shellcode
Posted May 24, 2018
Authored by Nuno Freitas

68 bytes small Linux/x86 reverse TCP shell shellcode.

tags | shell, x86, tcp, shellcode
systems | linux
MD5 | 992c716611405f56f700612608127ead
Monstra CMS 3.0.4 Remote Code Execution
Posted May 15, 2018
Authored by Jameel Nabbo

Monstra CMS version 3.0.4 suffers from a shell upload remote code execution vulnerability.

tags | exploit, remote, shell, code execution
advisories | CVE-2018-9037
MD5 | 0525bf838887d360c20e311c2ea4a509
Linux/x86 Reverse TCP Shell Shellcode
Posted May 15, 2018
Authored by Paolo Perego

96 bytes small Linux/x86 reverse TCP shell shellcode that connects to 127.0.0.1:4444.

tags | shell, x86, tcp, shellcode
systems | linux
MD5 | 595d776824a93f7666b99a23897c290e
ProjectPier 0.8.8 SQL Injection / Authentication Bypass / RFI
Posted May 14, 2018
Authored by Imre Rad

ProjectPier versions 0.8.8 and below suffer from remote file inclusion, authentication bypass, remote shell upload, and remote SQL injection vulnerabilities.

tags | exploit, remote, shell, vulnerability, sql injection, bypass, file inclusion
advisories | CVE-2018-10759, CVE-2018-10760
MD5 | 981d011a590304ccd6de6e3510500b73
Linux Restricted Shell Bypass Guide
Posted May 6, 2018
Authored by n4ckhcker, h4d3sw0rm

Whitepaper titled Linux Restricted Shell Bypass Guide.

tags | paper, shell
systems | linux
MD5 | d27133695ec11bcee5f1145b62e7f195
Red Hat Security Advisory 2018-1195-01
Posted Apr 24, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1195-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 66.0.3359.117. Issues addressed include buffer overflow, bypass, remote shell upload, and use-after-free vulnerabilities.

tags | advisory, remote, web, overflow, shell, vulnerability
systems | linux, redhat
advisories | CVE-2018-6085, CVE-2018-6086, CVE-2018-6087, CVE-2018-6088, CVE-2018-6089, CVE-2018-6090, CVE-2018-6091, CVE-2018-6092, CVE-2018-6093, CVE-2018-6094, CVE-2018-6095, CVE-2018-6096, CVE-2018-6097, CVE-2018-6098, CVE-2018-6099, CVE-2018-6100, CVE-2018-6101, CVE-2018-6102, CVE-2018-6103, CVE-2018-6104, CVE-2018-6105, CVE-2018-6106, CVE-2018-6107, CVE-2018-6108, CVE-2018-6109, CVE-2018-6110, CVE-2018-6111, CVE-2018-6112
MD5 | 1f2281c68c5837e3f5afd511d38bf5da
ASUS infosvr Authentication Bypass Command Execution
Posted Apr 21, 2018
Authored by jduck, Friedrich Postelstorfer | Site metasploit.com

This Metasploit module exploits an authentication bypass vulnerability in the infosvr service running on UDP port 9999 on various ASUS routers to execute arbitrary commands as root. This Metasploit module launches the BusyBox Telnet daemon on the port specified in the TelnetPort option to gain an interactive remote shell. This Metasploit module was tested successfully on an ASUS RT-N12E with firmware version 2.0.0.35. Numerous ASUS models are reportedly affected, but untested.

tags | exploit, remote, arbitrary, shell, root, udp, bypass
advisories | CVE-2014-9583
MD5 | 0b841685aaa09cefb0a9621293d64a94
Digital Guardian Management Console 7.1.2.0015 Shell Upload
Posted Apr 18, 2018
Authored by Pawel Gocyla

Digital Guardian Management Console version 7.1.2.0015 suffers from a shell upload vulnerability that allows for remote code execution.

tags | exploit, remote, shell, code execution
advisories | CVE-2018-10173
MD5 | 8bc838600cd56915e5e0d27198d67ab7
Debian Security Advisory 4167-1
Posted Apr 6, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4167-1 - A buffer-overflow vulnerability was discovered in Sharutils, a set of utilities handle Shell Archives. An attacker with control on the input of the unshar command, could crash the application or execute arbitrary code in the its context.

tags | advisory, overflow, arbitrary, shell
systems | linux, debian
advisories | CVE-2018-1000097
MD5 | f45edf0e1ca9bff52faa495942d41a56
Debian Security Advisory 4149-1
Posted Mar 23, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4149-1 - Charles Duffy discovered that the Commandline class in the utilities for the Plexus framework performs insufficient quoting of double-encoded strings, which could result in the execution of arbitrary shell commands.

tags | advisory, arbitrary, shell
systems | linux, debian
advisories | CVE-2017-1000487
MD5 | a87c86c6e125862540db4cdd0f7ccf12
Debian Security Advisory 4146-1
Posted Mar 22, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4146-1 - Charles Duffy discovered that the Commandline class in the utilities for the Plexus framework performs insufficient quoting of double-encoded strings, which could result in the execution of arbitrary shell commands.

tags | advisory, arbitrary, shell
systems | linux, debian
advisories | CVE-2017-1000487
MD5 | 2c815b04a5e19aa066ea2366b9c74efc
Vehicle Sales Management System XSS / Shell Upload / SQL Injection
Posted Mar 20, 2018
Authored by Sing

Vehicle Sales Management System suffers from cross site scripting, shell upload, and remote SQL injection vulnerabilities.

tags | exploit, remote, shell, vulnerability, xss, sql injection
advisories | CVE-2017-1000474
MD5 | 7d59495ebc82f63f150cf2a13a37aed8
Gentoo Linux Security Advisory 201803-04
Posted Mar 11, 2018
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201803-4 - A vulnerability in Newsbeuter may allow remote attackers to execute arbitrary shell commands. Versions less than or equal to 2.9-r3 are affected.

tags | advisory, remote, arbitrary, shell
systems | linux, gentoo
advisories | CVE-2017-14500
MD5 | 13f887fee8686b564e52d56a034342e4
Debian Security Advisory 4134-1
Posted Mar 10, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4134-1 - Bjorn Bosselmann discovered that the umount bash completion from util-linux does not properly handle embedded shell commands in a mountpoint name. An attacker with rights to mount filesystems can take advantage of this flaw for privilege escalation if a user (in particular root) is tricked into using the umount completion while a specially crafted mount is present.

tags | advisory, shell, root, bash
systems | linux, debian
advisories | CVE-2018-7738
MD5 | 739295b248b871432986dbfe7125e245
NETGEAR Magic telnetd Enabler
Posted Mar 4, 2018
Authored by wvu, insanid, Paul Gebheim | Site metasploit.com

This Metasploit module sends a magic packet to a NETGEAR device to enable telnetd. Upon successful connect, a root shell should be presented to the user.

tags | exploit, shell, root
MD5 | a7246c6e4e3c5142a9103cda8aa6e9d7
Joomla! Proclaim 9.1.1 Shell Upload
Posted Feb 23, 2018
Authored by Ihsan Sencan

Joomla! Proclaim component version 9.1.1 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell, file upload
advisories | CVE-2018-7316
MD5 | e4b3f4730e22f3b7318737ee5628509e
Page 1 of 105
Back12345Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

June 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    14 Files
  • 2
    Jun 2nd
    1 Files
  • 3
    Jun 3rd
    3 Files
  • 4
    Jun 4th
    18 Files
  • 5
    Jun 5th
    21 Files
  • 6
    Jun 6th
    9 Files
  • 7
    Jun 7th
    16 Files
  • 8
    Jun 8th
    18 Files
  • 9
    Jun 9th
    5 Files
  • 10
    Jun 10th
    2 Files
  • 11
    Jun 11th
    21 Files
  • 12
    Jun 12th
    34 Files
  • 13
    Jun 13th
    15 Files
  • 14
    Jun 14th
    16 Files
  • 15
    Jun 15th
    4 Files
  • 16
    Jun 16th
    1 Files
  • 17
    Jun 17th
    2 Files
  • 18
    Jun 18th
    13 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close