首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛
热门关键字: shell  88888  art  vitter  linux
  当前位置:主页>安全文章>文章资料>Exploits>列表
PCMAN FTP Server 2.0.7 Buffer Overflow
  日期:2016-04-05 14:38:39 点击:26 评论:0
### This module requires Metasploit: http://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework##require 'msf/core'class MetasploitModule Msf::Exploit::Remote Rank = NormalRanking include Msf::Exploit::Remote::Ftp
Hexchat IRC Client 2.11.0 - Directory Traversal
  日期:2016-04-05 14:35:17 点击:35 评论:0
#!/usr/bin/python # #################### # Meta information # #################### # Exploit Title: Hexchat IRC client - Server name log directory traversal # Date: 2016-01-26 # Exploit Author: PizzaHatHacker # Vendor Homepage: https://hexchat.github
Hexchat IRC Client 2.11.0 - CAP LS Handling Buffer Overflow
  日期:2016-04-05 14:34:00 点击:23 评论:0
#!/usr/bin/python # #################### # Meta information # #################### # Exploit Title: Hexchat IRC client - CAP LS Handling Stack Buffer Overflow # Date: 2016-02-07 # Exploit Author: PizzaHatHacker # Vendor Homepage: https://hexchat.gith
Xion Audio Player <= 1.5 (build 160) - .mp3 Crash PoC
  日期:2016-04-05 14:33:03 点击:11 评论:0
# Exploit Title: Xion Audio Player = 1.5 (build 160) - Crash PoC # Date: 01-04-2016 # Software Link: http://www.r2.com.au/downloads/files/xion-audio-player-v1.5b160.zip # Homepage: http://www.xionplayer.com/ # Exploit Author: Charley Celice (stmerry)
PHP 5.5.33 - Invalid Memory Write
  日期:2016-04-05 14:30:41 点击:84 评论:0
# Exploit Title: Invalid memory write in phar on filename with in name # Date: 2016-03-19 # Exploit Author: @vah_13 # Vendor Homepage: https://secure.php.net/ # Software Link: https://github.com/php/php-src # Version: 5.5.33 # Tested on: Linux Tes
PHP 7.0.4/5.5.33 - SNMP Format String Exploit
  日期:2016-04-05 14:27:38 点击:22 评论:0
?php // PHP = 7.0.4/5.5.33 SNMP format string exploit (32bit) // By Andrew Kramer andrew at jmpesp dot org // Should bypass ASLR/NX just fine // This exploit utilizes PHP's internal %Z (zval) // format specifier in order to achieve code-execution. /
Apache Jetspeed Arbitrary File Upload
  日期:2016-03-31 16:34:44 点击:29 评论:0
### This module requires Metasploit: http://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework##class MetasploitModule Msf::Exploit::Remote Rank = ManualRanking include Msf::Exploit::Remote::HttpClient include Ms
LShell <= 0.9.15 - Remote Code Execution
  日期:2016-03-31 16:33:47 点击:31 评论:0
import paramiko import traceback from time import sleep # # Exploit lshell pathing vulnerability in = 0.9.15. # Runs commands on the remote system. # @dronesec # if len(sys.argv) 4: print '%s: [USER] [PW] [IP] {opt: port}'%(sys.argv[0]) sys.exit(1) t
ATutor 2.2.1 Directory Traversal / Remote Code Execution
  日期:2016-03-30 14:55:05 点击:42 评论:0
### This module requires Metasploit: http://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework##require 'msf/core'class MetasploitModule Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::
TallSoft SNMP TFTP Server 1.0.0 - Denial of Service
  日期:2016-03-29 14:11:57 点击:27 评论:0
# Exploit Title: TallSoft SNMP TFTP Server 1.0.0 - DoS # Date: 28-03-2016 # Software Link: http://www.tallsoft.com/snmp_tftpserver.exe # Exploit Author: Charley Celice (stmerry) # Contact: https://twitter.com/charleycelice # # Credits: Based off Tall
OS X Kernel Use-After-Free and Double Delete Due to Incorrect Locking in Intel G
  日期:2016-03-24 14:42:21 点击:30 评论:0
/* Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=708 The external methods IGAccelGLContext::unmap_user_memory and IGAccelCLContext::unmap_user_memory take an 8 byte struct input which is a user-space pointer previously passed to t
OS X Kernel - Unchecked Array Index Used to Read Object Pointer Then Call Virtua
  日期:2016-03-24 14:41:39 点击:52 评论:0
/* Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=709 nvDevice::ReleaseDeviceTexture is external method 0x10a of userclient 5 of the geforce IOAccelerator. It takes a single uint argument __text:000000000001BCD2 mov r14d, esi ... _
OS X Kernel - AppleKeyStore Use-After-Free
  日期:2016-03-24 14:40:47 点击:117 评论:0
/* Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=710 The AppleKeyStore userclient uses an IOCommandGate to serialize access to its userclient methods, however by racing two threads, one of which closes the userclient (which frees
OS X Kernel - Code Execution Due to Lack of Bounds Checking in AppleUSBPipe::Abo
  日期:2016-03-24 14:39:47 点击:42 评论:0
/* Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=728 External Method 36 of IOUSBInterfaceUserClient is _AbortStreamPipe. It takes two scalar inputs and uses the second one as an array index to read a pointer to a C++ object withou
CCTV-DVR Remote Code Execution
  日期:2016-03-24 14:33:15 点击:78 评论:0
#!/usr/bin/python# Blog post - http://www.kerneronsec.com/2016/02/remote-code-execution-in-cctv-dvrs-of.htmlfrom sys import argvimport optparsefrom urlparse import urlparsefrom re import compileimport socketimport requestsfrom requests.exceptions im
Sysax Multi Server 6.50 - HTTP File Share SEH Overflow RCE Exploit
  日期:2016-03-22 14:59:23 点击:34 评论:0
# Exploit Title: Sysax Multi Server 6.50 HTTP File Share SEH Overflow RCE Exploit # Date: 03/21/2016 # Exploit Author: Paul Purcell # Contact: ptpxploit at gmail # Vendor Homepage: http://www.sysax.com/ # Vulnerable Version Download: http://download.
Internet Download Manager 6.25 Build 14 - 'Find file' Unicode SEH Exploit
  日期:2016-03-22 14:58:39 点击:26 评论:0
#!/usr/bin/python # Exploit Title: Internet Download Manager 6.25 Build 14 - 'Find file' SEH Buffer Overflow (Unicode) # Date: 20-3-2016 # Exploit Author: Rakan Alotaibi # Contact: https://twitter.com/hxteam # Software Link: http://mirror2.internetdo
Windows - Secondary Logon Standard Handles Missing Sanitization Privilege Escala
  日期:2016-03-22 14:55:07 点击:74 评论:0
Sources: https://bugs.chromium.org/p/project-zero/issues/detail?id=687 https://googleprojectzero.blogspot.ca/2016/03/exploiting-leaked-thread-handle.html Windows: Secondary Logon Standard Handles Missing Sanitization EoP Platform: Windows 8.1, Windo
Cisco UCS Manager 2.1(1b) - Shellshock Exploit
  日期:2016-03-17 14:13:23 点击:109 评论:0
#!/usr/bin/python ############################################### # Cisco UCS Manager 2.1(1b) Shellshock Exploit # # CVE-2014-6278 # Confirmed on version 2.1(1b), but more are likely vulnerable. # Cisco's advisory: # https://tools.cisco.com/security/
FreeBSD 10.2 amd64 Kernel - amd64_set_ldt Heap Overflow
  日期:2016-03-17 14:12:09 点击:62 评论:0
/* 1. Advisory Information Title: FreeBSD Kernel amd64_set_ldt Heap Overflow Advisory ID: CORE-2016-0005 Advisory URL: http://www.coresecurity.com/content/freebsd-kernel-amd64_set_ldt-heap-overflow Date published: 2016-03-16 Date of last update: 2016
共637页/12733条记录 首页 上一页 [121] [122] [123] 124 [125] [126] [127] 下一页 末页
  本月热点文章
 
  本月推荐文章
 
  相关分类
  漏洞检测
  漏洞资料
  入侵实例
  系统安全
  网络安全
  网络基础
  病毒分析
Exploits
CopyRight © 2002-2022 VFocuS.Net All Rights Reserved