首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛
热门关键字: shell  88888  art  vitter  vsserver
  当前位置:主页>安全文章>文章资料>Exploits>列表
Microsoft Windows Kernel - 'IOCTL 0x120007 (NsiGetParameter)' nsiproxy/netio Poo
  日期:2017-07-21 17:13:12 点击:5 评论:0
/* We have discovered that the handler of the 0x120007 IOCTL in nsiproxy.sys ( \.Nsi device) discloses portions of uninitialized pool memory to user-mode clients, likely due to output structure alignment holes. On our test Windows 7 32-bit workstat
Microsoft Internet Explorer 11.1066.14393.0 - VBScript Arithmetic Functions Type
  日期:2017-07-21 17:12:12 点击:4 评论:0
!-- There is a type confusion issue related to how some arithmetic operations are performed in VBScript. To illustrate, see the following simplified code of VbsVarMod static unsigned char result_lookup_table[18][18] = {...} void VbsVarMod(VAR *v1, VA
Microsoft Internet Explorer 11 CMarkup::DestroySplayTree Memory Corruption
  日期:2017-07-19 16:35:13 点击:4 评论:0
Microsoft IE: Memory curruption in CMarkup::DestroySplayTree CVE-2017-8594There is a memory corruption issue in IE that can be triggered with svg use element.The bug was confirmed on IE Version 11.0.9600.18617 (Update Version 11.0.40) running on Win
Hashicorp vagrant-vmware-fusion 4.0.20 Privilege Escalation
  日期:2017-07-19 16:29:48 点击:6 评论:0
CVE-2017-7642 Local root privesc in Hashicorp vagrant-vmware-fusion = 4.0.2015 Jul 2017 06:57I'm a big fan of Hashicorp but this is an awful bug to have in software of theircalibre.Their vagrant plugin for vmware fusion uses a product called Ruby En
Easy File Sharing Web Server 7.2 Buffer Overflow
  日期:2017-07-19 16:28:57 点击:5 评论:0
#!/usr/bin/python#Easy File Sharing Web Server 7.2 - SEH Exploit - Tested successfully on Windows 10 x64#GET 'passWD' Buffer Overflow(SEH)#pop pop ret @ 0x100195f2 : pop esi pop ecx ret in ImageLoad.dll#Author: N_A , N_A[at]tutanota.com#OS Name: Mic
Barracuda Load Balancer Firmware <= 6.0.1.006 - Remote Command Injection (Metasp
  日期:2017-07-18 17:49:29 点击:2 评论:0
# Exploit Title: Barracuda Load Balancer Firmware = v6.0.1.006 (2016-08-19) PostAuth remote root exploit # # Date: 01/06/2017 (Originally discovered: 3/16) # Exploit Author: xort # Software Link: https://www.barracuda.com/products/loadbalancer # Vers
Sophos Web Appliance 4.3.0.2 - 'trafficType' Remote Command Injection (Metasploi
  日期:2017-07-18 17:48:43 点击:1 评论:0
# Exploit Title: Sophos Web Appliance reporting JSON trafficType Remote Command Injection Vulnerablity # Date: 01/28/2017 # Exploit Author: xort @ Critical Start # Vendor Homepage: www.sophos.com # Software Link: sophos.com/en-us/products/secure-web-
Windows Browser Example Exploit
  日期:2017-07-17 15:49:33 点击:10 评论:0
### This module requires Metasploit: http://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework####### This exploit sample demonstrates how a typical browser exploit is written using commonly# used components such
Metasploit Example Exploit
  日期:2017-07-17 15:48:49 点击:1 评论:0
### This module requires Metasploit: http://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework####### This exploit sample shows how an exploit module could be written to exploit# a bug in an arbitrary TCP server.
iSmartAlarm CubeOne Remote Command Execution
  日期:2017-07-17 15:47:38 点击:4 评论:0
[+] Credits: Ilia Shnaidman[+] @0x496c on Twitter[+] Source:http://dojo.bullguard.com/blog/burglar-hacker-when-a-physical-security-is-compromised-by-iot-vulnerabilities/Vendor:=============iSmartAlarm, inc.Product:===========================iSmartAl
FTPGetter 5.89.0.85 - Buffer Overflow (SEH)
  日期:2017-07-17 15:46:31 点击:6 评论:0
#!/usr/bin/python # Exploit Title: FTPGetter 5.89.0.85 Remote SEH Buffer Overflow # Date: 07/14/2017 # Exploit Author: Paul Purcell # Contact: ptpxploit at gmail # Vendor Homepage: https://www.ftpgetter.com/ # Vulnerable Version Download: Available f
Firefox 50.0.1 - ASM.JS JIT-Spray Remote Code Execution
  日期:2017-07-17 15:45:22 点击:2 评论:0
!DOCTYPE HTML !-- FULL ASLR AND DEP BYPASS USING ASM.JS JIT SPRAY (CVE-2017-5375) PoC Exploit against Firefox 50.0.1 (CVE-2016-9079 - Tor Browser 0day) Tested on: Release 50.0.1 32-bit - Windows 8.1 / Windows 10 https://ftp.mozilla.org/pub/firefox/re
Counter Strike: Condition Zero - '.BSP' Map File Code Execution
  日期:2017-07-17 15:43:29 点击:2 评论:0
#!/usr/bin/env python # Counter Strike: Condition Zero BSP map exploit # By @Digital_Cold Jun 11, 2017 # # E-DB Note: https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/42325.zip (bsp-exploit-source.zip) # from bina
Apache Struts 2.3.x Showcase - Remote Code Execution (PoC)
  日期:2017-07-17 15:38:43 点击:10 评论:0
#!/usr/bin/python # -*- coding: utf-8 -*- # Just a demo for CVE-2017-9791 import requests def exploit(url, cmd): print([+] command: %s % cmd) payload = %{ payload += ( #dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS ). payload += (#_memberAccess?(#_membe
PyCharm 2-0 / 2017 Buffer Overflow
  日期:2017-07-17 15:37:08 点击:4 评论:0
# PyCharm 2-0 / 2017 Command Line Buffer Overflow# Author: Sultan albalawi#video:https://www.facebook.com/pentest3/videos/vb.100012552940568/291228291305600/?type=2theater#C:Program Files (x86)JetBrainsPyCharm Edu 2.0.2bin or C:/Program Files/Je
Skype for Business 2016 - Cross-Site Scripting
  日期:2017-07-14 13:41:41 点击:4 评论:0
# Exploit Title: Skype for Business 2016 XSS Injection - CVE-2017-8550 # # Exploit Author: @nyxgeek - TrustedSec # Date: 2017-04-10 # Vendor Homepage: www.microsoft.com # Versions: 16.0.7830.1018 32-bit 16.0.7927.1020 64-bit or lower # # # Requiremen
RaidenHTTPD 2.0.44 User-Agent Cross Site Scripting
  日期:2017-07-13 14:03:20 点击:3 评论:0
# Exploit Title: RaidenHTTPD 2.0.44 - User-Agent - HTML Injection Cross-site scripting# Exploit Author: sultan albalawi# :@bofheaded# :https://hackinguyz.blogspot.com/#exploit User-Agent HTTP header :#For remote testing use http-live -There is no ne
IBM Informix 12.10 DB-Access Buffer Overflow
  日期:2017-07-12 15:07:47 点击:1 评论:0
DefenseCode Security Advisory IBM Informix DB-Access Buffer OverflowAdvisory ID: DC-2017-04-001Advisory Title: IBM Informix DB-Access Buffer OverflowAdvisory URL:http://www.defensecode.com/advisories/DC-2017-04-001_IBM_Informix_DB-Access_Buffer_Over
Microsoft Windows Windows 7/8.1/2008 R2/2012 R2/2016 R2 - 'EternalBlue' SMB Remo
  日期:2017-07-12 15:06:02 点击:11 评论:0
#!/usr/bin/python from impacket import smb, smbconnection from mysmb import MYSMB from struct import pack, unpack, unpack_from import sys import socket import time ''' MS17-010 exploit for Windows 7+ by sleepya Note: - The exploit should never crash
WMI Event Subscription Persistence
  日期:2017-07-11 14:26:50 点击:5 评论:0
### This module requires Metasploit: http://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework##require 'msf/core/exploit/powershell'require 'msf/core/post/windows/powershell'require 'msf/core/post/file'class Met
共572页/11433条记录 首页 上一页 [1] [2] [3] 4 [5] [6] [7] 下一页 末页
  本月热点文章
·Microsoft Internet Explorer
·Microsoft Edge Chakra Incorr
·SMBLoris Denial Of Service
·ManageEngine Desktop Central
·Microsoft Windows - LNK Shor
·VICIdial 2.9 RC 1 to 2.13 RC
·Microsoft Windows - LNK Shor
·Metasploit RPC Console Comma
·Microsoft Windows LNK Shortc
·Nitro Pro PDF Reader 11.0.3.
·Synology Photo Station 6.7.3
·Jenkins < 1.650 - Java Deser
  本月推荐文章
 
  相关分类
  漏洞检测
  漏洞资料
  入侵实例
  系统安全
  网络安全
  网络基础
  病毒分析
Exploits
CopyRight © 2002-2017 VFocuS.Net All Rights Reserved