Результаты поиска

  1. Exploiter

    Exploit Google Chrome 80 - JSCreate Side-effect Type Confusion (Metasploit)

    Google Chrome 80 - JSCreate Side-effect Type Confusion (Metasploit) ## # This module requires Metasploit: https://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## class MetasploitModule < Msf::Exploit::Remote Rank = ManualRanking include...
  2. Exploiter

    Exploit Microsoft Windows Remote Assistance - XML External Entity Injection

    Microsoft Windows Remote Assistance - XML External Entity Injection # Exploit Title: Microsoft Windows Remote Assistance XXE # Date: 27/03/2018 # Exploit Author: Nabeel Ahmed # Tested on: Windows 7 (x64), Windows 10 (x64) # CVE : CVE-2018-0878 # Category: Remote Exploits...
  3. Exploiter

    Exploit PHP-FPM - Underflow Remote Code Execution (Metasploit)

    PHP-FPM - Underflow Remote Code Execution (Metasploit) ## # This module requires Metasploit: https://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## class MetasploitModule < Msf::Exploit::Remote Rank = NormalRanking include...
  4. Exploiter

    Exploit Google Chrome 72 and 73 - Array.map Out-of-Bounds Write (Metasploit)

    Google Chrome 72 and 73 - Array.map Out-of-Bounds Write (Metasploit) ## # This module requires Metasploit: https://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## class MetasploitModule < Msf::Exploit::Remote Rank = ManualRanking include...
  5. Exploiter

    Exploit Google Chrome 67, 68 and 69 - Object.create Type Confusion (Metasploit)

    Google Chrome 67, 68 and 69 - Object.create Type Confusion (Metasploit) ## # This module requires Metasploit: https://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## class MetasploitModule < Msf::Exploit::Remote Rank = ManualRanking include...
  6. Exploiter

    Exploit WordPress Plugin Site Editor 1.1.1 - Local File Inclusion

    WordPress Plugin Site Editor 1.1.1 - Local File Inclusion Product: Site Editor Wordpress Plugin - https://wordpress.org/plugins/site-editor/ Vendor: Site Editor Tested version: 1.1.1 CVE ID: CVE-2018-7422 ** CVE description ** A Local File Inclusion vulnerability in the Site Editor plugin...
  7. Exploiter

    Exploit ClipBucket - 'beats_uploader' Arbitrary File Upload (Metasploit)

    ClipBucket - 'beats_uploader' Arbitrary File Upload (Metasploit) ## # This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework ## class MetasploitModule < Msf::Exploit::Remote Rank = ExcellentRanking include...
  8. Exploiter

    Exploit Apache ActiveMQ 5.x-5.11.1 - Directory Traversal Shell Upload (Metasploit)

    Apache ActiveMQ 5.x-5.11.1 - Directory Traversal Shell Upload (Metasploit) ## # This module requires Metasploit: https://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## class MetasploitModule < Msf::Exploit::Remote Rank = ExcellentRanking...
  9. Exploiter

    Exploit Dell EMC NetWorker - Denial of Service

    Dell EMC NetWorker - Denial of Service ''' # Exploit Title: Dell EMC NetWorker DoS PoC # Date: 18.03.2018 # Exploit Author: Marek Cybul # Vendor Homepage: https://www.emc.com/data-protection/networker.htm # Versions: Dell EMC NetWorker versions prior to 9.2.1.1 Dell EMC NetWorker versions...
  10. Exploiter

    Exploit Exchange Control Panel - Viewstate Deserialization (Metasploit)

    Exchange Control Panel - Viewstate Deserialization (Metasploit) ## # This module requires Metasploit: https://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## require 'bindata' class MetasploitModule < Msf::Exploit::Remote Rank = ExcellentRanking...
  11. Exploiter

    Exploit EyesOfNetwork - AutoDiscovery Target Command Execution (Metasploit)

    EyesOfNetwork - AutoDiscovery Target Command Execution (Metasploit) ## # This module requires Metasploit: https://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## class MetasploitModule < Msf::Exploit::Remote Rank = ExcellentRanking include...
  12. Exploiter

    Exploit Android Binder - Use-After-Free (Metasploit)

    Android Binder - Use-After-Free (Metasploit) ## # This module requires Metasploit: https://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## class MetasploitModule < Msf::Exploit::Local Rank = ExcellentRanking include Msf::Post::File include...
  13. Exploiter

    Exploit Apache James Server 2.3.2 - Insecure User Creation Arbitrary File Write (Metasploit)

    Apache James Server 2.3.2 - Insecure User Creation Arbitrary File Write (Metasploit) ## # This module requires Metasploit: https://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## class MetasploitModule < Msf::Exploit::Remote Rank = NormalRanking...
  14. Exploiter

    Exploit Diamorphine Rootkit - Signal Privilege Escalation (Metasploit)

    Diamorphine Rootkit - Signal Privilege Escalation (Metasploit) ## # This module requires Metasploit: https://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## class MetasploitModule < Msf::Exploit::Local Rank = ExcellentRanking include...
  15. Exploiter

    Exploit Internet Explorer - 'RegExp.lastMatch' Memory Disclosure

    Internet Explorer - 'RegExp.lastMatch' Memory Disclosure /* There is a vulnerability in Internet Explorer that could potentially be used for memory disclosure. This was tested on IE11 running on Window 7 64-bit with the latest patches applied. PoC: =========================================...
  16. Exploiter

    Exploit Microsoft Windows - Desktop Bridge VFS Privilege Escalation

    Microsoft Windows - Desktop Bridge VFS Privilege Escalation Windows: Windows: Desktop Bridge VFS EoP Platform: Windows 1709 (not tested earlier version) Class: Elevation of Privilege Summary: The handling of the VFS for desktop bridge applications can allow an application to create virtual...
  17. Exploiter

    Exploit Microsoft Windows - Desktop Bridge Virtual Registry Arbitrary File Read/Write Privilege Escalation

    Microsoft Windows - Desktop Bridge Virtual Registry Arbitrary File Read/Write Privilege Escalation <# Windows: Windows: Desktop Bridge Virtual Registry Arbitrary File Read/Write EoP Platform: Windows 1709 (not tested earlier version) Class: Elevation of Privilege Summary: The handling of the...
  18. Exploiter

    Exploit Microsoft Windows - Desktop Bridge Virtual Registry NtLoadKey Arbitrary File Read/Write Privilege Escalation

    Microsoft Windows - Desktop Bridge Virtual Registry NtLoadKey Arbitrary File Read/Write Privilege Escalation Windows: Desktop Bridge Virtual Registry NtLoadKey Arbitrary File Read/Write EoP Platform: Windows 1703 (version 1709 seems to have fixed this bug) Class: Elevation of Privilege...
  19. Exploiter

    Exploit Microsoft Windows Kernel - 'NtQueryInformationThread(ThreadBasicInformation)' 64-bit Stack Memory Disclosure

    Microsoft Windows Kernel - 'NtQueryInformationThread(ThreadBasicInformation)' 64-bit Stack Memory Disclosure /* We have discovered that the nt!NtQueryInformationThread system call invoked with the 0 information class (ThreadBasicInformation) discloses portions of uninitialized kernel stack...
  20. Exploiter

    Exploit Microsoft Windows Kernel - 'nt!KiDispatchException' 64-bit Stack Memory Disclosure

    Microsoft Windows Kernel - 'nt!KiDispatchException' 64-bit Stack Memory Disclosure /* We have discovered a new Windows kernel memory disclosure vulnerability in the creation and copying of a EXCEPTION_RECORD structure to user-mode memory while passing execution to a user-mode exception...
  21. Exploiter

    Exploit Microsoft Windows Kernel - 'nt!NtWaitForDebugEvent' 64-bit Stack Memory Disclosure

    Microsoft Windows Kernel - 'nt!NtWaitForDebugEvent' 64-bit Stack Memory Disclosure /* We have discovered that the nt!NtWaitForDebugEvent system call discloses portions of uninitialized kernel stack memory to user-mode clients, on 64-bit versions of Windows 7 to Windows 10. The output buffer...
  22. Exploiter

    Exploit Google Software Updater macOS - Unsafe use of Distributed Objects Privilege Escalation

    Google Software Updater macOS - Unsafe use of Distributed Objects Privilege Escalation /* Google software updater ships with Chrome on MacOS and installs a root service (com.google.Keystone.Daemon.UpdateEngine) which lives here...
  23. Exploiter

    Exploit Microsoft Windows Kernel - 'NtQueryVirtualMemory(MemoryMappedFilenameInformation)' 64-bit Pool Memory Disclosure

    Microsoft Windows Kernel - 'NtQueryVirtualMemory(MemoryMappedFilenameInformation)' 64-bit Pool Memory Disclosure /* We have discovered that the nt!NtQueryVirtualMemory system call invoked with the 2 information class (MemoryMappedFilenameInformation) discloses portions of uninitialized kernel...
  24. Exploiter

    Exploit Anviz CrossChex - Buffer Overflow (Metasploit)

    Anviz CrossChex - Buffer Overflow (Metasploit) ## # This module requires Metasploit: https://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## class MetasploitModule < Msf::Exploit::Remote Rank = NormalRanking PACKET_LEN = 10 include...
  25. Exploiter

    Exploit HP System Event Utility - Local Privilege Escalation

    HP System Event Utility - Local Privilege Escalation # Exploit Title: HP System Event Utility - Local Privilege Escalation # Author: hyp3rlinx # Date: 2020-02-11 # Vendor: www.hp.com # Link: https://hp-system-event-utility.en.lo4d.com/download # CVE: CVE-2019-18915 [+] Credits: John Page...