ignore security and it'll go away
Showing 1 - 25 of 2,550 RSS Feed

Shell Files

Windows Escalate UAC Protection Bypass (In Memory Injection) Abusing WinSXS
Posted Oct 12, 2017
Authored by Ernesto Fernandez | Site metasploit.com

This Metasploit module will bypass Windows UAC by utilizing the trusted publisher certificate through process injection. It will spawn a second shell that has the UAC flag turned off by abusing the way "WinSxS" works in Windows systems. This Metasploit module uses the Reflective DLL Injection technique to drop only the DLL payload binary instead of three separate binaries in the standard technique. However, it requires the correct architecture to be selected, (use x64 for SYSWOW64 systems also).

tags | exploit, shell
systems | windows
MD5 | 168e1d24d366b109430b6a8f6c85ad79
Ubuntu Security Notice USN-3438-1
Posted Oct 5, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3438-1 - It was discovered that Git incorrectly handled certain subcommands such as cvsserver. A remote attacker could possibly use this issue via shell metacharacters in modules names to execute arbitrary code. This update also removes the cvsserver subcommand from git-shell by default.

tags | advisory, remote, arbitrary, shell
systems | linux, ubuntu
advisories | CVE-2017-14867
MD5 | dceb7916acf33e0993fb0e947b68f140
Qmail SMTP Bash Environment Variable Injection (Shellshock)
Posted Sep 29, 2017
Authored by Kyle George, Gabriel Follon, Mario Ledo | Site metasploit.com

This Metasploit module exploits a shellshock vulnerability on Qmail, a public domain MTA written in C that runs on Unix systems. Due to the lack of validation on the MAIL FROM field, it is possible to execute shell code on a system with a vulnerable BASH (Shellshock). This flaw works on the latest Qmail versions (qmail-1.03 and netqmail-1.06). However, in order to execute code, /bin/sh has to be linked to bash (usually default configuration) and a valid recipient must be set on the RCPT TO field (usually admin@exampledomain.com). The exploit does not work on the "qmailrocks" community version as it ensures the MAILFROM field is well-formed.

tags | exploit, shell, bash
systems | unix
advisories | CVE-2014-6271
MD5 | e886215786e8070f396bf10bc995a777
PhpCollab 2.5.1 Shell Upload
Posted Sep 29, 2017
Authored by Nicolas Serra

PhpCollab versions 2.5.1 and below suffer from a remote shell upload vulnerability.

tags | exploit, remote, shell
advisories | CVE-2017-6090
MD5 | 27220dc23bb2abac37e991a03abd8894
UCOPIA Wireless Appliance Restricted Shell Escape
Posted Sep 29, 2017
Authored by Nicolas Chatelain

UCOPIA Wireless Appliance version prior to 5.1.8 suffer from a restricted shell escape vulnerability.

tags | exploit, shell
advisories | CVE-2017-11321
MD5 | d7ec758fffa0347a2564b5cb077d8709
Debian Security Advisory 3984-1
Posted Sep 28, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3984-1 - joernchen discovered that the git-cvsserver subcommand of Git, a distributed version control system, suffers from a shell command injection vulnerability due to unsafe use of the Perl backtick operator. The git-cvsserver subcommand is reachable from the git-shell subcommand even if CVS support has not been configured (however, the git-cvs package needs to be installed).

tags | advisory, shell, perl
systems | linux, debian
MD5 | 98463fb673a8ecb102e3ba8022adf3af
FLIR Systems FLIR Thermal Camera FC-S/PT Authenticated OS Command Injection
Posted Sep 25, 2017
Authored by LiquidWorm | Site zeroscience.mk

FLIR FC-S/PT series suffer from an authenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands as the root user.

tags | exploit, arbitrary, shell, root
MD5 | 636a089048b47449c889902485301766
Supervisor XML-RPC Authenticated Remote Code Execution
Posted Sep 25, 2017
Authored by Calum Hutton | Site metasploit.com

This Metasploit module exploits a vulnerability in the Supervisor process control software, where an authenticated client can send a malicious XML-RPC request to supervisord that will run arbitrary shell commands on the server. The commands will be run as the same user as supervisord. Depending on how supervisord has been configured, this may be root. This vulnerability can only be exploited by an authenticated client, or if supervisord has been configured to run an HTTP server without authentication. This vulnerability affects versions 3.0a1 to 3.3.2.

tags | exploit, web, arbitrary, shell, root
advisories | CVE-2017-11610
MD5 | 72e2b4eea477f27f5a652ee4327d9755
DlxSpot Shell Upload
Posted Sep 19, 2017
Authored by Simon Brannstrom

DlxSpot Player4 LED video wall suffers from a remote shell upload vulnerability. Versions greater than 1.5.10 are affected.

tags | exploit, remote, shell
advisories | CVE-2017-12928, CVE-2017-12929, CVE-2017-12930
MD5 | 9af7a881088ecdf7ad4e03ae9466faeb
Aerohive Networks HiveManager Remote Shell Upload
Posted Sep 8, 2017
Authored by Sandro Zaccarini

Aerohive Networks HiveManager Classic Online NMS suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
advisories | CVE-2017-14105
MD5 | c7a05d84a6ceaa5379e1b1bb8508ce38
SOA - School Management System 3.0 Shell Upload
Posted Sep 2, 2017
Authored by Ali BawazeEer

SOA - School Management System version 3.0 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | 2fe2cdfd6210b32a06189f8002f9cb10
Asterisk Project Security Advisory - AST-2017-006
Posted Aug 31, 2017
Authored by Richard Mudgett, Corey Farrell | Site asterisk.org

Asterisk Project Security Advisory - The app_minivm module has an externnotify program configuration option that is executed by the MinivmNotify dialplan application. The application uses the caller-id name and number as part of a built string passed to the OS shell for interpretation and execution. Since the caller-id name and number can come from an untrusted source, a crafted caller-id name or number allows an arbitrary shell command injection.

tags | advisory, arbitrary, shell
MD5 | 748567bf154dce3a594d7969b1e1b697
Linux/x86-64 Reverse TCP Shell Shellcode
Posted Aug 21, 2017
Authored by Touhid M.Shaikh

153 bytes small Linux/x86-64 reverse TCP shell shellcode that binds to 192.168.1.2:4444.

tags | shell, x86, tcp, shellcode
systems | linux
MD5 | 61d0bff1874dee43bdda29cd1ada3ad1
Red Hat Security Advisory 2017-2491-01
Posted Aug 18, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2491-01 - Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work on and contribute to projects without the need to have permission to push the changes to their official repositories, but also makes it possible for the user to work with no network connection. Security Fix: A shell command injection flaw related to the handling of "ssh" URLs has been discovered in Git. An attacker could use this flaw to execute shell commands with the privileges of the user running the Git client, for example, when performing a "clone" action on a malicious repository or a legitimate repository containing a malicious commit.

tags | advisory, shell
systems | linux, redhat
advisories | CVE-2017-1000117, CVE-2017-8386
MD5 | 2f87d3f7e18f8ea1608c332b3ef8877c
Red Hat Security Advisory 2017-2489-01
Posted Aug 17, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2489-01 - Mercurial is a fast, lightweight source control management system designed for efficient handling of very large distributed projects. Security Fix: A vulnerability was found in the way Mercurial handles path auditing and caches the results. An attacker could abuse a repository with a series of commits mixing symlinks and regular files/directories to trick Mercurial into writing outside of a given repository. A shell command injection flaw related to the handling of "ssh" URLs has been discovered in Mercurial. This can be exploited to execute shell commands with the privileges of the user running the Mercurial client, for example, when performing a "checkout" or "update" action on a sub-repository within a malicious repository or a legitimate repository containing a malicious commit.

tags | advisory, shell
systems | linux, redhat
advisories | CVE-2017-1000115, CVE-2017-1000116
MD5 | d8aca43735ba972fb53be71326d4f3c6
Red Hat Security Advisory 2017-2485-01
Posted Aug 16, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2485-01 - Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work on and contribute to projects without the need to have permission to push the changes to their official repositories, but also makes it possible for the user to work with no network connection. Security Fix: A shell command injection flaw related to the handling of "ssh" URLs has been discovered in Git. An attacker could use this flaw to execute shell commands with the privileges of the user running the Git client, for example, when performing a "clone" action on a malicious repository or a legitimate repository containing a malicious commit.

tags | advisory, shell
systems | linux, redhat
advisories | CVE-2017-1000117
MD5 | 8d8b9d876aaa88ab4284d91859ca2057
Red Hat Security Advisory 2017-2484-01
Posted Aug 16, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2484-01 - Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work on and contribute to projects without the need to have permission to push the changes to their official repositories, but also makes it possible for the user to work with no network connection. Security Fix: A shell command injection flaw related to the handling of "ssh" URLs has been discovered in Git. An attacker could use this flaw to execute shell commands with the privileges of the user running the Git client, for example, when performing a "clone" action on a malicious repository or a legitimate repository containing a malicious commit.

tags | advisory, shell
systems | linux, redhat
advisories | CVE-2017-1000117
MD5 | 82f2312ea9e77d11cf4566e9b0280769
Red Hat Security Advisory 2017-2480-01
Posted Aug 15, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2480-01 - Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. Security Fix: A shell command injection flaw related to the handling of "svn+ssh" URLs has been discovered in Subversion. An attacker could use this flaw to execute shell commands with the privileges of the user running the Subversion client, for example when performing a "checkout" or "update" action on a malicious repository, or a legitimate repository containing a malicious commit.

tags | advisory, shell
systems | linux, redhat
advisories | CVE-2017-9800
MD5 | 40bd7b9ff573bead4b0100c8bcbfa06a
Red Hat Security Advisory 2017-2192-01
Posted Aug 2, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2192-01 - MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. The following packages have been upgraded to a later upstream version: mariadb. Security Fix: It was discovered that the mysql and mysqldump tools did not correctly handle database and table names containing newline characters. A database user with privileges to create databases or tables could cause the mysql command to execute arbitrary shell or SQL commands while restoring database backup created using the mysqldump tool.

tags | advisory, arbitrary, shell
systems | linux, redhat
advisories | CVE-2016-5483, CVE-2016-5617, CVE-2016-6664, CVE-2017-3238, CVE-2017-3243, CVE-2017-3244, CVE-2017-3258, CVE-2017-3265, CVE-2017-3291, CVE-2017-3302, CVE-2017-3308, CVE-2017-3309, CVE-2017-3312, CVE-2017-3313, CVE-2017-3317, CVE-2017-3318, CVE-2017-3453, CVE-2017-3456, CVE-2017-3464, CVE-2017-3600
MD5 | a4a97ca54fc208d44a4850aa2b445a15
Red Hat Security Advisory 2017-2004-01
Posted Aug 2, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2004-01 - Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work on and contribute to projects without the need to have permission to push the changes to their official repositories, but also makes it possible for the user to work with no network connection. Security Fix: It was found that the git-prompt.sh script shipped with git failed to correctly handle branch names containing special characters. A specially crafted git repository could use this flaw to execute arbitrary commands if a user working with the repository configured their shell to include repository information in the prompt.

tags | advisory, arbitrary, shell
systems | linux, redhat
advisories | CVE-2014-9938, CVE-2017-8386
MD5 | 6bbb834b668f4ee66e6f028007fbfffa
Red Hat Security Advisory 2017-1931-01
Posted Aug 2, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1931-01 - The bash packages provide Bash, which is the default shell for Red Hat Enterprise Linux. Security Fix: An arbitrary command injection flaw was found in the way bash processed the hostname value. A malicious DHCP server could use this flaw to execute arbitrary commands on the DHCP client machines running bash under specific circumstances. An arbitrary command injection flaw was found in the way bash processed the SHELLOPTS and PS4 environment variables. A local, authenticated attacker could use this flaw to exploit poorly written setuid programs to elevate their privileges under certain circumstances.

tags | advisory, arbitrary, shell, local, bash
systems | linux, redhat
advisories | CVE-2016-0634, CVE-2016-7543, CVE-2016-9401
MD5 | 7c8a3a75d795ab44095ecd3d7c25724d
Linux x86 TCP Reverse Shell
Posted Jul 27, 2017
Authored by wetw0rk

97 bytes small Linux/x86 reverse tcp shell shellcode with no NULLs.

tags | shell, x86, tcp, shellcode
systems | linux
MD5 | 2eae0af7fba90fcf388c03ecca6c1eef
Linux/x86_64 Reverse Shell Shellcode
Posted Jul 20, 2017
Authored by m4n3dw0lf

104 bytes small Linux x86_64 reverse shell shellcode that binds to 192.168.1.8:4444.

tags | shell, shellcode
systems | linux
MD5 | dea72eb758bb16a4a24244f3de24f780
DotCMS 4.1.1 Shell Upload
Posted Jul 17, 2017
Authored by Xiaotian Wang

DotCMS version 4.1.1 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | 6662f3bad9f3f62ed6c7151df589bba6
Easy File Sharing Web Server 7.2 Buffer Overflow
Posted Jul 16, 2017
Authored by N_A

Easy File Sharing Web Server version 7.2 SEH buffer overflow PassWD exploit that spawns a reverse shell.

tags | exploit, web, overflow, shell
MD5 | 0a226fb9ae5920b89126ab6486e607fb
Page 1 of 102
Back12345Next

File Archive:

October 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    15 Files
  • 2
    Oct 2nd
    16 Files
  • 3
    Oct 3rd
    15 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    11 Files
  • 6
    Oct 6th
    6 Files
  • 7
    Oct 7th
    2 Files
  • 8
    Oct 8th
    1 Files
  • 9
    Oct 9th
    13 Files
  • 10
    Oct 10th
    16 Files
  • 11
    Oct 11th
    15 Files
  • 12
    Oct 12th
    23 Files
  • 13
    Oct 13th
    13 Files
  • 14
    Oct 14th
    12 Files
  • 15
    Oct 15th
    2 Files
  • 16
    Oct 16th
    5 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close