#!/usr/bin/env python######################################################################################################### # HPE/H3C IMC - Java Deserialization Exploit## Version 0.1# Tested on Windows Server 2008 R2# NameHPE/H3C IMC (Intelligent
#!/usr/bin/env python3 # Optionsbleed proof of concept test# by Hanno Bck import argparseimport urllib3import re def test_bleed(url, args): r = pool.request('OPTIONS', url) try: allow = str(r.headers["Allow"]) except KeyError: return False if allow i
/*Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1307 We have discovered that the win32k!NtQueryCompositionSurfaceBinding system call discloses portions of uninitialized kernel stack memory to user-mode clients, as tested on Window
/*Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1304 We have discovered that the win32k!NtGdiDoBanding system call discloses portions of uninitialized kernel stack memory to user-mode clients. More specifically, exactly 8 bytes of
/*Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1275 We have discovered that the nt!NtGdiGetFontResourceInfoInternalW system call discloses portions of uninitialized kernel stack memory to user-mode clients. This is caused by the
/*Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1269 We have discovered that the nt!NtRemoveIoCompletion system call handler discloses 4 bytes of uninitialized pool memory to user-mode clients on 64-bit platforms. The bug manifest
/*Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1268 We have discovered that the nt!NtGdiGetPhysicalMonitorDescription system call discloses portions of uninitialized kernel stack memory to user-mode clients, on Windows 7 to Windo
#!/bin/bash # If you have access to an ethernet port you can upload custom firmware to a device because system recovery service is started and available for a few seconds after restart.# E-DB Note: https://embedi.com/blog/enlarge-your-botnet-top-d-li
# Due to error in hnap protocol implementation we can overflow stack and execute any sh commands under root priviliges.# E-DB Note: https://embedi.com/blog/enlarge-your-botnet-top-d-link-routers-dir8xx-d-link-routers-cruisin-bruisin# E-DB Note: https
# phpcgi is responsible for processing requests to .php, .asp and .txt pages. Also, it checks whether a user is authorized or not. Nevertheless, if a request is crafted in a proper way, an attacker can easily bypass authorization and execute a script
