all things security
Showing 26 - 50 of 2,553 RSS Feed

Shell Files

Linux/x86_64 Reverse Shell Shellcode
Posted Jul 20, 2017
Authored by m4n3dw0lf

104 bytes small Linux x86_64 reverse shell shellcode that binds to

tags | shell, shellcode
systems | linux
MD5 | dea72eb758bb16a4a24244f3de24f780
DotCMS 4.1.1 Shell Upload
Posted Jul 17, 2017
Authored by Xiaotian Wang

DotCMS version 4.1.1 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | 6662f3bad9f3f62ed6c7151df589bba6
Easy File Sharing Web Server 7.2 Buffer Overflow
Posted Jul 16, 2017
Authored by N_A

Easy File Sharing Web Server version 7.2 SEH buffer overflow PassWD exploit that spawns a reverse shell.

tags | exploit, web, overflow, shell
MD5 | 0a226fb9ae5920b89126ab6486e607fb
Schneider Electric Pelco Sarix/Spectra Cameras Root Remote Code Execution
Posted Jul 11, 2017
Authored by LiquidWorm | Site

Pelco IP cameras suffer from a code execution vulnerability. The affected cameras suffer from authenticated remote code execution vulnerability. The POST parameter 'enable_leds' located in the update() function called via the GeneralSetupController.php script is not properly sanitised before being used in writeLedConfig() function to enable led state to on or off. A remote attacker can exploit this issue and execute arbitrary system commands granting her system access with root privileges using a specially crafted request and escape sequence to system shell.

tags | exploit, remote, arbitrary, shell, root, php, code execution
MD5 | f60def224c0da5db858f33bf6eef0e47
Barracuda WAF V360 Firmware Early Boot Root Shell
Posted Jul 6, 2017
Authored by Matthew Bergin, Joshua Hardin | Site

Firmware reversing of the Barracuda Web Application Firewall uncovered debug features that should have been removed on the production images. Appending a debugging statement onto a grub configuration line leads to an early boot root shell. Firmware version is affected.

tags | exploit, web, shell, root
MD5 | f6f41f262997fb113e39f15d6d42c39c
Rootkit Hunter 1.4.4
Posted Jun 30, 2017
Authored by Michael Boelen | Site

Rootkit Hunter scans files and systems for known and unknown rootkits, backdoors, and sniffers. The package contains one shell script, a few text-based databases, and optional Perl modules. It should run on almost every Unix variety except Solaris and NetBSD.

Changes: Added the GLOBSTAR configuration file option. This will set the shells globstar option to allow recursive checks of directories. By default this option is disabled. Added a Japanese translation file. Added support for the 'BSDng' package manager option. This can be used by those BSD systems which have the 'pkg' command available (currently later FreeBSD systems). Various other improvements and bug fixes made.
tags | tool, shell, perl, integrity, rootkit
systems | netbsd, unix, solaris
MD5 | c625bcb5e226d1f2a7a3a530b7e4fbd9
Linux/x86 Bind Shell Shellcode
Posted Jun 26, 2017
Authored by wetw0rk

75 bytes small Linux/x86 shellcode that binds a shell to port 4444. Contains no NULLs.

tags | shell, x86, shellcode
systems | linux
MD5 | 501256220065b8b18c393c129a24f35f
Invision Power Board XSS / CSRF / File Upload / Disclosure
Posted Jun 14, 2017
Authored by Project Insecurity, CDL, dkb | Site

Invision Power Board version suffers from reflective and stored cross site scripting, cross site request forgery, information disclosure, file upload, and shell access vulnerabilities.

tags | exploit, shell, vulnerability, xss, info disclosure, file upload, csrf
MD5 | a22518e9d6c3e73504202b0d32770349
MyBB 1.8.12 Stored XSS / File Enumeration
Posted Jun 13, 2017
Authored by Project Insecurity, MLT | Site

MyBB versions 1.8.12 and prior is vulnerable to a cross site scripting bug which can allow a moderator to take over an administrator's account and upload a webshell, or perform file enumeration in the instances where it is not possible to spawn a shell.

tags | exploit, shell, xss
MD5 | 002a68cf2fe01ab017ee3d244b021e6b
WPForce 1.0.0
Posted Jun 12, 2017
Authored by n00py | Site

WPForce is a suite of Wordpress Attack tools. Currently this contains 2 scripts - WPForce, which brute forces logins via the API, and Yertle, which uploads shells once admin credentials have been found. Yertle also contains a number of post exploitation modules.

tags | tool, shell, scanner
systems | unix
MD5 | 1cbb5b143c74242defcaf578c5b9a98e
Windows UAC Protection Bypass (Via FodHelper Registry Key)
Posted Jun 7, 2017
Authored by amaloteaux, winscriptingblog | Site

This Metasploit module will bypass Windows 10 UAC by hijacking a special key in the Registry under the current user hive, and inserting a custom command that will get invoked when the Windows fodhelper.exe application is launched. It will spawn a second shell that has the UAC flag turned off. This Metasploit module modifies a registry key, but cleans up the key once the payload has been invoked. The module does not require the architecture of the payload to match the OS. If specifying EXE::Custom your DLL should call ExitProcess() after starting your payload in a separate process.

tags | exploit, shell, registry
systems | windows
MD5 | b20812c1abf3d3375be101013cd12af0
ModX CMS Proof Of Concept Shell Upload
Posted May 31, 2017
Authored by Cody Sixteen

This proof of concept code shows how manager functionality can be abused in ModX CMS to upload a shell.

tags | exploit, shell, proof of concept
MD5 | 4a9e82ae99c6a9dbf9554d110145a1a4
Joomla 3.x Proof Of Concept Shell Upload
Posted May 28, 2017
Authored by Cody Sixteen

This proof of concept code shows how administrator functionality can be abused in Joomla to upload a shell.

tags | exploit, shell, proof of concept, file upload
MD5 | 5342f1f41088abee2af959b87cbce235
DokuWiki Proof Of Concept Shell Upload
Posted May 28, 2017
Authored by Cody Sixteen

This proof of concept code shows how administrative functionality can be abused in DokuWiki to upload a shell.

tags | exploit, shell, proof of concept
MD5 | 729d40f68a98bc4c5c3dc2afec215396
Concrete5 Proof Of Concept Shell Upload
Posted May 28, 2017
Authored by Cody Sixteen

This proof of concept code shows how functionality can be abused in Concrete5 to upload a shell.

tags | exploit, shell, proof of concept
MD5 | 9745e0705ed0168941e97981a8f2ab5b
MS17-010 EternalBlue SMB Remote Windows Kernel Pool Corruption
Posted May 17, 2017
Authored by Sean Dillon, Shadow Brokers, Dylan Davis, Equation Group | Site

This Metasploit module is a port of the Equation Group ETERNALBLUE exploit, part of the FuzzBunch toolkit released by Shadow Brokers. There is a buffer overflow memmove operation in Srv!SrvOs2FeaToNt. The size is calculated in Srv!SrvOs2FeaListSizeToNt, with mathematical error where a DWORD is subtracted into a WORD. The kernel pool is groomed so that overflow is well laid-out to overwrite an SMBv1 buffer. Actual RIP hijack is later completed in srvnet!SrvNetWskReceiveComplete. This exploit, like the original may not trigger 100% of the time, and should be run continuously until triggered. It seems like the pool will get hot streaks and need a cool down period before the shells rain in again.

tags | exploit, overflow, shell, kernel
advisories | CVE-2017-0143, CVE-2017-0144, CVE-2017-0145, CVE-2017-0146, CVE-2017-0147, CVE-2017-0148
MD5 | aa3f38db6f272747aa8f84141f87e6e4
Ubuntu Security Notice USN-3287-1
Posted May 15, 2017
Authored by Ubuntu | Site

Ubuntu Security Notice 3287-1 - Timo Schmid discovered that the Git restricted shell incorrectly filtered allowed commands. A remote attacker could possibly use this issue to run an interactive pager and access sensitive information.

tags | advisory, remote, shell
systems | linux, ubuntu
advisories | CVE-2017-8386
MD5 | 0110cf09f15d41eb58c3c144079994c7
Debian Security Advisory 3848-1
Posted May 10, 2017
Authored by Debian | Site

Debian Linux Security Advisory 3848-1 - Timo Schmid of ERNW GmbH discovered that the Git git-shell, a restricted login shell for Git-only SSH access, allows a user to run an interactive pager by causing it to spawn "git upload-pack --help".

tags | advisory, shell
systems | linux, debian
advisories | CVE-2017-8386
MD5 | e60c0d507349db5ea9c6655ff7195174
Linux/x86-64 Reverse Shell Shellcode
Posted May 8, 2017
Authored by Srakai

113 bytes small Linux/x86-64 reverse shell shellcode for IPv6.

tags | shell, x86, shellcode
systems | linux
MD5 | ac5201873bbc6a9ce91386d7e9e153d6
Easy File Uploader Remote Shell Upload
Posted Apr 27, 2017
Authored by Daniel Godoy

Easy File Uploader suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell, file upload
MD5 | 8ac3610167d2a6610763fae78f9e7f29
Solarwinds LEM 6.3.1 Management Shell Arbitrary File Read
Posted Apr 24, 2017
Authored by Hank Leininger, Matthew Bergin | Site

The management shell on Solarwinds Log and Event Manager Virtual Appliance version 6.3.1 allows the end user to edit the MOTD banner displayed during SSH logon. The editor provided for this is nano. This editor has a keyboard mapped function which lets the user import a file from the local file system into the editor. An attacker can abuse this to read arbitrary files within the allowed permissions.

tags | exploit, arbitrary, shell, local
MD5 | f78a6aa709d515f34ff4063017a41667
Solarwinds LEM 6.3.1 Shell Escape Command Injection
Posted Apr 24, 2017
Authored by Hank Leininger, Matthew Bergin | Site

Insufficient input validation in the management interface can be leveraged in order to execute arbitrary commands. This can lead to (root) shell access to the underlying operating system on Solarwinds Log and Event Manager Virtual Appliance version 6.3.1.

tags | exploit, arbitrary, shell, root
MD5 | c05724ef34080811a5c98ed6a6d254cf
October CMS 1.0.412 Code Execution / Shell Upload
Posted Apr 20, 2017
Authored by Anti Rais

October CMS version 1.0.412 suffers from access bypass, cross site scripting, code execution, and remote shell upload vulnerabilities.

tags | exploit, remote, shell, vulnerability, code execution, xss
MD5 | e702737b1f0f3d12d56ab625156a9afc
Huawei HG532n Command Injection
Posted Apr 17, 2017
Authored by Ahmed S. Darwish | Site

This Metasploit module exploits a command injection vulnerability in the Huawei HG532n routers provided by TE-Data Egypt, leading to a root shell. The router's web interface has two kinds of logins, a "limited" user:user login given to all customers and an admin mode. The limited mode is used here to expose the router's telnet port to the outside world through NAT port-forwarding. With telnet now remotely accessible, the router's limited "ATP command line tool" (served over telnet) can be upgraded to a root shell through an injection into the ATP's hidden "ping" command.

tags | exploit, web, shell, root
MD5 | 5846ef508d85837a4608f1c94c201d64
Magento 2.1.6 Shell Upload / Cross Site Request Forgery
Posted Apr 13, 2017
Authored by DefenseCode, Bosko Stankovic

Magento versions 2.1.6 and below suffers from cross site request forgery and shell upload vulnerabilities.

tags | exploit, shell, vulnerability, csrf
MD5 | 7eac7c985713b9e6f32be4da1b6565bb
Page 2 of 103

File Archive:

October 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    15 Files
  • 2
    Oct 2nd
    16 Files
  • 3
    Oct 3rd
    15 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    11 Files
  • 6
    Oct 6th
    6 Files
  • 7
    Oct 7th
    2 Files
  • 8
    Oct 8th
    1 Files
  • 9
    Oct 9th
    13 Files
  • 10
    Oct 10th
    16 Files
  • 11
    Oct 11th
    15 Files
  • 12
    Oct 12th
    23 Files
  • 13
    Oct 13th
    13 Files
  • 14
    Oct 14th
    12 Files
  • 15
    Oct 15th
    2 Files
  • 16
    Oct 16th
    16 Files
  • 17
    Oct 17th
    16 Files
  • 18
    Oct 18th
    15 Files
  • 19
    Oct 19th
    10 Files
  • 20
    Oct 20th
    7 Files
  • 21
    Oct 21st
    4 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2016 Packet Storm. All rights reserved.

Security Services
Hosting By