首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛
热门关键字: shell  88888  art  vitter  vsserver
  当前位置:主页>安全文章>文章资料>Exploits>列表
ProcessMaker Plugin Code Execution
  日期:2018-04-04 13:57:08 点击:10 评论:0
### This module requires Metasploit: http://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework##class MetasploitModule Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::HttpClient include
DuckDuckGo 4.2.0 WebRTC Private IP Leakage
  日期:2018-04-04 13:56:15 点击:17 评论:0
### This module requires Metasploit: https://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework##class MetasploitModule Msf::Auxiliary include Msf::Exploit::Remote::HttpServer def initialize(info = {}) super( upd
Moxa AWK-3131A 1.4 < 1.7 - 'Username' OS Command Injection
  日期:2018-04-04 13:55:26 点击:3 评论:0
#!/usr/bin/env python2 import telnetlib import re import random import string # Split string into chunks, of which each is = length def chunkstring(s, length): return (s[0+i:length+i] for i in range(0, len(s), length)) # Split strings based on MAX_LE
Microsoft Edge Chakra JIT - Stack-to-Heap Copy (Incomplete Fix 2)
  日期:2018-04-04 13:53:36 点击:8 评论:0
/*Here's a snippet of JavascriptArray::BoxStackInstance. template typename T T * JavascriptArray::BoxStackInstance(T * instance, bool deepCopy) { Assert(ThreadContext::IsOnStack(instance)); // On the stack, the we reserved a pointer before the objec
Microsoft Edge Chakra JIT - Stack-to-Heap Copy (Incomplete Fix)
  日期:2018-04-04 13:52:49 点击:3 评论:0
/* Here's a snippet of JavascriptArray::BoxStackInstance. To fix issue 1420 , deepCopy was introduced. But it only deep-copies the array when instance-head is on the stack. So simply by adding a single line of code that allocates head to the heap, we
Google Chrome V8 - 'Genesis::InitializeGlobal' Out-of-Bounds Read/Write
  日期:2018-04-04 13:52:03 点击:4 评论:0
/* Bug: The Genesis::InitializeGlobal method initializes the constructor of RegExp as follows: // Builtin functions for RegExp.prototype. HandleJSFunction regexp_fun = InstallFunction( global, RegExp, JS_REGEXP_TYPE, JSRegExp::kSize + JSRegExp::kInOb
Google Chrome V8 - 'ElementsAccessorBase::CollectValuesOrEntriesImpl' Type Confu
  日期:2018-04-04 13:51:24 点击:6 评论:0
/* Here's a snippet of the method. https://cs.chromium.org/chromium/src/v8/src/elements.cc?rcl=3cbf26e8a21aa76703d2c3c51adb9c96119500dal=1051 static Maybebool CollectValuesOrEntriesImpl( Isolate* isolate, HandleJSObject object, HandleFixedArray value
Nginx 1.13.10 Accept-Encoding Line Feed Injection
  日期:2018-04-03 17:41:19 点击:35 评论:0
// Underground_Agency (UA) - (koa, bacL, g3kko, Dostoyevsky) // trigger nginx 1.13.10 (latest) logic flaw / bug // ~2018 // Tested on Ubuntu 17.10 x86 4.13.0-21-generic #include stdio.h #include stdlib.h #include string.h #include sys/socket.h #inclu
glibc LD_AUDIT libmemusage.so RHEL-Based Arbitrary DSO Load Privilege Escalation
  日期:2018-04-02 14:53:45 点击:11 评论:0
require 'msf/core/exploit/local/linux'require 'msf/core/exploit/exe'class MetasploitModule Msf::Exploit::Local Rank = ExcellentRanking include Msf::Post::File include Msf::Exploit::EXE include Msf::Exploit::FileDropper include Msf::Exploit::Local::L
Faleemi Windows Desktop Software - (DDNS/IP) Local Buffer Overflow
  日期:2018-04-02 14:51:30 点击:3 评论:0
''' Faleemi Desktop Software for Windows- (DDNS/IP) Local Buffer Overflow Vuln Description: Faleemi Desktop Software for Windows and its Beta version (Faleemi Plus Desktop Software for Windows(Beta)) are vulnerable to Buffer Overflow exploit. When o
Vtiger CRM 6.3.0 - Authenticated Arbitrary File Upload (Metasploit)
  日期:2018-04-02 14:48:52 点击:26 评论:0
## # This module requires Metasploit: https://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## class MetasploitModule Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::HttpClient in
Advantech WebAccess < 8.1 - webvrpcs DrawSrv.dll Path BwBuildPath Stack-Based Bu
  日期:2018-04-02 14:47:47 点击:12 评论:0
#!/usr/bin/python2.7 # Exploit Title: Advantech WebAccess 8.1 webvrpcs DrawSrv.dll Path BwBuildPath Stack-Based Buffer Overflow RCE # Date: 03-29-2018 # Exploit Author: Chris Lyne (@lynerc) # Vendor Homepage: www.advantech.com # Software Link: http:
Systematic SitAware - NVG Denial of Service
  日期:2018-04-02 14:46:24 点击:4 评论:0
# Exploit Title: SitAware NVG Denial of Service # Date: 03/31/2018 # Exploit Author: 2u53 # Vendor Homepage: https://systematic.com/defence/products/c2/sitaware/ # Version: 6.4 SP2 # Tested on: Windows Server 2012 R2 # CVE: CVE-2018-9115 # Remarks:
osCommerce 2.3.4.1 - Remote Code Execution
  日期:2018-04-02 14:45:37 点击:17 评论:0
# Exploit Title: osCommerce 2.3.4.1 Remote Code Execution # Date: 29.0.3.2018 # Exploit Author: Simon Scannell - https://scannell-infosec.net contact@scannell-infosec.net # Version: 2.3.4.1, 2.3.4 - Other versions have not been tested but are likely
Homematic CCU2 2.29.23 - Remote Command Execution
  日期:2018-04-02 14:44:46 点击:7 评论:0
#!/usr/bin/ruby # Exploit Title: Homematic CCU2 Remote Command Execution # Date: 28-03-18 # Exploit Author: Patrick Muench, Gregor Kopf # Vendor Homepage: http://www.eq-3.de # Software Link: http://www.eq-3.de/service/downloads.html?id=268 # Version
Allok Video Joiner 4.6.1217 - Stack-Based Buffer Overflow
  日期:2018-04-02 14:43:30 点击:9 评论:0
# SWAMI KARUPASAMI THUNAI ############################################################################### # Exploit Title: Alloksoft Video joiner (4.6.1217) - Buffer Overflow Vulnerability (Windows XP SP3) # Date: 06-03-2018 # Exploit Author: Mohan
Homematic CCU2 2.29.23 - Arbitrary File Write
  日期:2018-04-02 14:41:48 点击:6 评论:0
#!/usr/bin/ruby # Exploit Title: Homematic CCU2 Arbitrary File Write # Date: 28-03-18 # Exploit Author: Patrick Muench, Gregor Kopf # Vendor Homepage: http://www.eq-3.de # Software Link: http://www.eq-3.de/service/downloads.html?id=268 # Version: 2.
ManageEngine Application Manager Remote Code Execution
  日期:2018-03-30 15:12:46 点击:2 评论:0
### This module requires Metasploit: http://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework##class MetasploitModule Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::HttpClient include
Tenda W308R V2 Wireless Router 5.07.48 DNS Changer
  日期:2018-03-30 15:11:25 点击:12 评论:0
### Tenda W308R v2 Wireless Router V5.07.48# Cookie Session Weakness Remote DNS Change PoC### Copyright 2018 (c) Todor Donev todor.donev at gmail.com# https://ethical-hacker.org/# https://facebook.com/ethicalhackerorg### Once modified, systems use f
Joomla Component Fields - SQLi Remote Code Execution (Metasploit)
  日期:2018-03-30 15:10:12 点击:18 评论:0
## # This module requires Metasploit: https://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## class MetasploitModule Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::HttpClient inc
共606页/12112条记录 首页 上一页 [1] [2] [3] [4] [5] 6 [7] 下一页 末页
  本月热点文章
·Microsoft Internet Explorer
·Oracle Weblogic Server 10.3.
·Drupal < 8.3.9 / < 8.4.6 / <
·Palo Alto Networks readSessi
·AMD Plays.tv 1.27.5.0 - 'pla
·SickRage < v2018.03.09 - Cle
·Easy File Sharing Web Server
·GPON Routers - Authenticatio
·Interspire Email Marketer <
·PlaySMS import.php Code Exec
·Linux Kernel < 4.17-rc1 - 'A
·FTPShell Client 6.7 - Buffer
  本月推荐文章
 
  相关分类
  漏洞检测
  漏洞资料
  入侵实例
  系统安全
  网络安全
  网络基础
  病毒分析
Exploits
CopyRight © 2002-2018 VFocuS.Net All Rights Reserved