安全文章 / 文章资料 / Exploits

首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛

热门关键字：　shell 　88888 　art 　vitter 　linux

		当前位置：主页>安全文章>文章资料>Exploits>列表


	Tiny Server 1.1.9 Arbitrary File Disclosure
	日期：2014-12-01 11:29:19 点击：78 评论：0
#!/usr/bin/perl -w#Title: Tiny Server v1.1.9 Arbitrary File Disclosure Exploit#Download: http://tinyserver.sourceforge.net/tinyserver_full.zip#Author: ZoRLu / zorlu@milw00rm.com#Website: http://milw00rm.com / its online#Twitter: https://twitter.com/


	WordPress 4.0 Denial Of Service
	日期：2014-12-01 11:28:26 点击：32 评论：0
?phpecho nCVE-2014-9034 \| WordPress = v4.0 Denial of Service Vulnerabilityn;echo Proof-of-Concept developed by john@secureli.com (http://secureli.com)nn;echo usage: php wordpressed.php domain.com username numberOfThreadsn;echo e.g.: php wordpre


	Sniffit Root Shell
	日期：2014-12-01 11:26:42 点击：35 评论：0
CVE-2014-5439 - Root shell on SniffitAuthors: Ismael Ripoll Hector MarcoCVE: CVE-2014-5439Dates: July 2014 - Discovered the vulnerabilityDescriptionSniffit is a packet sniffer and monitoring tool. A bug in sniffit prior to 0.3.7 has been found. The


	Android SMS Resend Vulnerability
	日期：2014-11-27 17:26:58 点击：147 评论：0
INTRODUCTION ================================== In Android 5.0 , an unprivileged app can resend all the SMS stored in the user's phone to their corresponding recipients or senders (without user interaction). No matter whether these SMS are sent to o


	Android Settings Pendingintent Leak Vulnerability
	日期：2014-11-27 17:26:07 点击：59 评论：0
INTRODUCTION ================================== In Android 5.0 (and maybe = 4.0 ), Settings application leaks Pendingintent with a blank base intent (neither the component nor the action is explicitly set) to third party application, bad app can use


	Slider Revolution/Showbiz Pro Shell Upload Exploit
	日期：2014-11-27 17:24:16 点击：124 评论：0
#!/usr/bin/perl # # Title: Slider Revolution/Showbiz Pro shell upload exploit # Author: Simo Ben youssef # Contact: Simo_at_Morxploit_com # Discovered: 15 October 2014 # Coded: 15 October 2014 # Updated: 25 November 2014 # Published: 25 November 201


	Device42 WAN Emulator 2.3 Ping Command Injection
	日期：2014-11-27 17:22:31 点击：24 评论：0
## # This module requires Metasploit: http//metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## require 'msf/core' class Metasploit3 Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::H


	Device42 WAN Emulator 2.3 Traceroute Command Injection
	日期：2014-11-27 17:21:51 点击：20 评论：0
## # This module requires Metasploit: http//metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## require 'msf/core' class Metasploit3 Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::H


	Android WAPPushManager - SQL Injection
	日期：2014-11-27 17:20:31 点击：90 评论：0
INTRODUCTION ================================== In Android 5.0, a SQL injection vulnerability exists in the opt module WAPPushManager, attacker can remotely send malformed WAPPush message to launch any activity or service in the victim's phone (need


	Elipse E3 HTTP Denial of Service
	日期：2014-11-27 17:19:10 点击：37 评论：0
// Exploit Http DoS Request for SCADA ATTACK Elipse 3 // Mauro Risonho de Paula Assumpo aka firebits // mauro.risonho@gmail.com // 29-10-2013 11:42 // Vendor Homepage: http://www.elipse.com.br/port/index.aspx // Software Link: http://www.elipse.com.


	Mini-stream RM-MP3 Converter 3.1.2.1.2010.03.30 (.wax) SEH Buffer Overflow
	日期：2014-11-27 17:18:32 点击：30 评论：0
#!/usr/bin/env ruby # Exploit Title: Mini-stream RM-MP3 Converter 3.1.2.1.2010.03.30 (.wax) SEH Buffer Overflow # Date: 26.11.2014 # Exploit Author: Muhamad Fadzil Ramli mind1355[at]gmail.com # Vendor Homepage: not valid anymore # Software Link: not


	Pandora FMS SQLi Remote Code Execution
	日期：2014-11-27 17:14:31 点击：48 评论：0
## # This module requires Metasploit: http://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## require 'msf/core' class Metasploit3 Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::


	KMPlayer 3.9.1.130 Denial Of Service
	日期：2014-11-26 11:18:42 点击：28 评论：0
# Exploit Title: KMPlayer 3.9.1.130 Integer division by zero DoS.# Date: 25-11-2014# Author: Ajin Abraham# Website: http://opensecurity.in# Vendor Homepage: http://www.kmpmedia.net/# Software Link: http://filehippo.com/download_kmplayer/download/7f4


	PHP 5.x / Bash Shellshock Proof Of Concept
	日期：2014-11-26 11:17:56 点击：32 评论：0
?php// Exploit Title: PHP 5.x and GNU Bash = 4.3 Shellshock Exploit// Date: 22/11/2014// Exploit Author: ssbostan// Vendor Homepage: http://www.gnu.org/software/bash/// Software Link: http://ftp.gnu.org/gnu/bash/// Version: = 4.3// Tested on: Fedora


	Mozilla Firefox 3.6 mChannel Use-After-Free Vulnerability
	日期：2014-11-26 11:16:53 点击：49 评论：0
!-- Exploit Author: Juan Sacco Name: Mozilla Firefox 3.6 mChannel ( Universal ) Description: Mozilla Firefox 3.6 is prone to an use-after-free vulnerability in OBJECT mChannel that allows an attacker to execute arbitrary code. Tested on Windows XP S


	All-in-One WP Migration 2.0.2 Remote Code Execution Vulnerability
	日期：2014-11-26 11:15:31 点击：49 评论：0
In Ai1wm_Import_Controller::import admin priveleges ARE NOT checked. Function is imported as action: add_action(wp_ajax_import, Ai1wm_Import_Controller::import) in class -ai1wm-main-controller.php Its possible to use it through wp-admin/admin-ajax.p


	Linux Kernel libfutex Local Root for RHEL/CentOS 7.0.1406
	日期：2014-11-26 11:11:40 点击：144 评论：0
/* * CVE-2014-3153 exploit for RHEL/CentOS 7.0.1406 * By Kaiqu Chen ( kaiquchen@163.com ) * Based on libfutex and the expoilt for Android by GeoHot. * * Usage: * $gcc exploit.c -o exploit -lpthread * $./exploit * */ #include stdio.h #include stdlib.


	Arris VAP2500 Authentication Bypass
	日期：2014-11-26 11:10:54 点击：70 评论：0
#!/usr/bin/env ruby require 'net/http' require 'digest/md5' if ! ARGV [ 0 ] puts Usage: #{$0} vap2500_ip_address exit( 0 ) end host = ARGV [ 0 ] new_pass = h4x0r3d! http = Net:: HTTP . new (host).start users = nil users = http.request_get( /admin.co


	phpMyRecipes 1.2.2 (dosearch.php, words_exact param) - SQL Injection
	日期：2014-11-26 11:08:15 点击：51 评论：0
#!/usr/bin/pythonimport httplibfrom bs4 import BeautifulSoupimport reimport os############ Function that takes an SQL select statement and inject it into the words_exact variable of dosearch.php # Returns BeautifulSoup object ###########def sqli(sel


	TRENDnet SecurView Wireless Network Camera TV-IP422WN (UltraCamX.ocx) Stack BoF
	日期：2014-11-26 11:07:04 点击：144 评论：0
TRENDnet SecurView Wireless Network Camera TV-IP422WN (UltraCamX.ocx) Stack BoF Vendor: TRENDnet Product web page: http://www.trendnet.com Affected version: TV-IP422WN/TV-IP422W Summary: SecurView Wireless N Day/Night Pan/Tilt Internet Camera, a pow

共637页/12733条记录首页上一页 [159] [160] [161] 162 [163] [164] [165] 下一页末页

本月热点文章

本月推荐文章

相关分类

Exploits

CopyRight © 2002-2022 VFocuS.Net All Rights Reserved