安全文章 / 文章资料 / Exploits

首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛

热门关键字：　shell 　88888 　art 　vitter 　linux

		当前位置：主页>安全文章>文章资料>Exploits>列表


	AlkalinePHP <= 0.80.00 beta (thread.php id) SQL Injection Exploit
	日期：2008-05-20 11:01:30 点击：32 评论：0
#!/usr/bin/perl -w # Portal : AlkalinePHP = Ver 0.80.00 beta # Script Download: https://sourceforge.net/projects/alkalinephp/ # exploit aported password crypted maybe is crypted with mysql # exploit tatjibe password mcrypt :d # mgharba :d:d:d:d #####


	MyPicGallery 1.0 Arbitrary Add-Admin Exploit
	日期：2008-05-19 16:54:26 点击：31 评论：0
#!/usr/bin/perl use strict; use LWP::UserAgent; print -+--[ MyPicGallery 1.0 Arbitrary Add-Admin Exploit ]--+-n; print -+-- Discovered Coded By: t0pP8uZz --+-n; print -+-- Discovered On: 16 MAY 2008 / h4ck-y0u, milw0rm --+-n; print -+--[ MyPicGall


	PHP AGTC-Membership System <= 1.1a Arbitrary Add-Admin Exploit
	日期：2008-05-19 16:53:23 点击：28 评论：0
#!/usr/bin/perl # Note: adduser.php is accessable to a guest/any-user, but if you access through a browser you cant add admin, theres a hidden POST buried in the script, which contains the userlevel. # Note: alot of sites run this script and they rem


	MeltingIce File System <= 1.0 Remote Arbitrary Add-User Exploit
	日期：2008-05-19 16:52:24 点击：29 评论：0
#!/usr/bin/perl use strict; use LWP::UserAgent; # NOTE: user a pretty uniqe username, has the script will say successfull if a username aready existed! # NOTE: exploit is mainly to get a nice quota, but it can also to be used to add a user primeraly


	Dedecms getip()的漏洞利用
	日期：2008-05-19 11:06:06 点击：40 评论：0
author: superhei team:http://www.ph4nt0m.org blog:http://superhei.blogbus.com flyh4t在非安全发布了dedecms getip()的注射漏洞，漏洞本身的成因没什么好说的老掉牙的X-Forwarded-For的问题，我想这个漏洞很多人都找到了，不过这个漏洞的利用有个地方还是可以说说的


	LulieBlog 1.2 Multiple Remote Vulnerabilities
	日期：2008-05-19 11:04:29 点击：37 评论：0
# LulieBlog 1.2 Multiple Remote Vulnerabilities (Admin Auth Bypass, Upload File, Blind SQL Injection) # Author: Cod3rZ # Site: http://cod3rz.helloweb.eu # Site: http://devilsnight.altervista.org # Date: 06/05/2008 [dd/mm/yyyy] # Admin Auth Bypass: #


	Smeego 1.0 (Cookie lang) Local File Inclusion Exploit
	日期：2008-05-19 11:02:45 点击：46 评论：0
# Smeego CMS Local File Include Exploit # by # 0in from Dark-Coders Programming Security Group # http://dark-coders.4rh.eu #-------------------------------------------------------- # Contact: 0in(dot)email[at]gmail(dot)com #--------------------------


	FicHive 1.0 (category) Remote Blind SQL Injection Exploit
	日期：2008-05-19 10:56:03 点击：44 评论：0
#!/usr/bin/perl #Usage: ./test.pl -url http://localhost/[script_path]/index.php?go=Fictioncategory=valide_id ############################################################################# use LWP::UserAgent; use Getopt::Long; use IO::Handle; use stric


	Archangel Weblog 0.90.02 (post_id) SQL Injection Exploit
	日期：2008-05-19 10:53:26 点击：22 评论：0
#!/usr/bin/perl -w # Portal : Archangel Weblog 0.90.02 # Download : http://www.archangelmgt.com/Archangel_Weblog_v090_02.zip # exploit aported password crypted # mgharba :d:d:d:d ######################################## #[*] Founded Exploited by : St


	Debian OpenSSL Predictable PRNG Bruteforce SSH Exploit (ruby)
	日期：2008-05-16 15:48:22 点击：47 评论：0
#!/usr/bin/ruby # # Debian SSH Key Tester # L4teral l4teral [at] gmail com # # This tool helps to find user accounts with weak SSH keys # that should be regenerated with an unaffected version # of openssl. # # You will need the precalculated keys pro


	Pet Grooming Management System <= 2.0 Arbitrary Add-Admin Exploit
	日期：2008-05-16 11:05:36 点击：30 评论：0
#!/usr/bin/perl use strict; use LWP::UserAgent; print -+- Pet Grooming Management System = 2.0 Arbitrary Add-Admin Exploit -+-n; print -+- Discovered Coded By: t0pP8uZz - Discovered On: 15 MAY 2008 -+-n; print -+- Script Download: http://sourceforg


	Symantec Altiris Client Service 6.8.378 Local Privilege Escalation Exploit
	日期：2008-05-16 11:04:07 点击：84 评论：0
// 0day PRIVATE NOT DISTRIBUTE!!! // // Symantec Altiris Client Service Local Exploit (0day) // // Affected Versions: Altiris Client 6.5.248 // Altiris Client 6.5.299 // Altiris client 6.8.378 // // Alex Hernandez aka alt3kx // ahernandez [at] sybsec


	Debian OpenSSL Predictable PRNG Bruteforce SSH Exploit
	日期：2008-05-16 11:02:48 点击：78 评论：0
the debian openssl issue leads that there are only 65.536 possible ssh keys generated, cause the only entropy is the pid of the process generating the key. This leads to that the following perl script can be used with the precalculated ssh keys to br


	MS Internet Explorer (Print Table of Links) Cross-Zone Scripting PoC
	日期：2008-05-15 10:57:45 点击：81 评论：0
MS Internet Explorer Print Table of Links Cross-Zone Scripting Vulnerability 具体细节: http://aviv.raffon.net/2008/05/14/InternetExplorerQuotPrintTableOfLinksquotCrossZoneScriptingVulnerability.aspx 如果启用了 Print Table of Links，在打印一个网页的


	La-Nai CMS <= 1.2.16 (fckeditor) Arbitrary File Upload Exploit
	日期：2008-05-15 10:57:03 点击：39 评论：0
?php /* -------------------------------------------------------------- La-Nai CMS = 1.2.16 (fckeditor) Arbitrary File Upload Exploit -------------------------------------------------------------- author...: EgiX mail.....: n0b0d13s[at]gmail[dot]com l


	IDAutomation Bar Code ActiveX Multiple Remote Vulnerabilities
	日期：2008-05-15 10:55:41 点击：44 评论：0
----------------------------------------------------------------------------- IDAutomation Multiple Vulnerabilities url: www.idautomation.com Author: shinnai mail: shinnai[at]autistici[dot]org site: http://shinnai.altervista.org This was written for


	EQDKP 1.3.2f (user_id) Authentication Bypass (PoC)
	日期：2008-05-14 12:15:45 点击：34 评论：0
?php // EQDKP 1.3.2f Authentication Bypass (PoC) // vort.fu@gmail.com $data['auto_login_id'] = 'x'; $data['user_id'] = 1' . UNION SELECT . 1, . // * user_id 'a', . // username 'x', . // * user_password '', . // user_email 1, . // user_alimit 1, . //


	Advanced Image Hosting (AIH) 2.1 Remote SQL Injection Exploit
	日期：2008-05-13 11:31:56 点击：46 评论：0
#!/usr/bin/perl -w ########################################################## # Advanced Image Host Script # # Powered by: AIH = v2.1 - Remote SQL Inj Exploit # ########################################################## # dork:Powered by: AIH v2.1 #


	CMS Made Simple <= 1.2.4 (FileManager module) File Upload Exploit
	日期：2008-05-13 11:31:16 点击：74 评论：0
?php /* --------------------------------------------------------------------------- CMS Made Simple = 1.2.4 (FileManager module) Arbitrary File Upload Exploit --------------------------------------------------------------------------- author...: EgiX


	Battle.net Clan Script <= 1.5.x Remote SQL Injection Exploit
	日期：2008-05-13 11:29:34 点击：27 评论：0
#!/usr/bin/perl -w # download script : http://sourceforge.net/project/showfiles.php?group_id=142506package_id=156487 ############################################################## # Battle.net Clan Script = 1.5.x - Remote SQL Inj Exploit # ##########

共637页/12733条记录首页上一页 [520] [521] [522] 523 [524] [525] [526] 下一页末页

本月热点文章

本月推荐文章

相关分类

Exploits

CopyRight © 2002-2022 VFocuS.Net All Rights Reserved