PHP 7.4 FFI – ‘disable_functions’ Bypass
<?php /* FFI Exploit – uses 3 potential BUGS. PHP was contacted and said nothing in FFI is a security issue. Able to call system($cmd) without using FFI::load() or FFI::cdefs() * BUG #1 (maybe intended, […]
Category: Exploits
Wing FTP Server 6.3.8 Remote Code Execution
# Exploit Title: Wing FTP Server 6.3.8 – Remote Code Execution (Authenticated) # Date: 2020-06-26 # Exploit Author: v1n1v131r4 # Vendor Homepage: https://www.wftpserver.com/ # Software Link: https://www.wftpserver.com/download.htm # Version: 6.3.8 # Tested on: Windows 10 […]
Microsoft Windows MSHTA.EXE .HTA File XML Injection
[+] Credits: John Page (aka hyp3rlinx) [+] Website: hyp3rlinx.altervista.org [+] Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFT-WINDOWS-MSHTA-HTA-FILE-XML-EXTERNAL-ENTITY-INJECTION.txt [+] twitter.com/hyp3rlinx [+] ISR: ApparitionSec [Vendor] www.microsoft.com [Product] Windows MSHTA.EXE .HTA File An HTML Application (HTA) is a Microsoft Windows program whose source […]
OpenSSH SCP Client – Write Arbitrary Files
Title: SSHtranger Things Author: Mark E. Haase mhaase@hyperiongray.com Homepage: https://www.hyperiongray.com Date: 2019-01-17 CVE: CVE-2019-6111, CVE-2019-6110 Advisory: https://sintonen.fi/advisories/scp-client-multiple-vulnerabilities.txt Tested on: Ubuntu 18.04.1 LTS, OpenSSH client 7.6p1 We have nicknamed this “SSHtranger Things” because the bug is […]
KPOT Botnet – File Download/Source Code Disclosure Vulnerability
################################ # Exploit Title: KPOT Botnet – File Download/Source Code Disclosure Vulnerability # Google Dork: n/a # Date: 26/11/2018 # Exploit Author: n4pst3r # Vendor Homepage: unkn0wn # Software Link: https://bhf.io/threads/515432/ # Version: unkn0wn # […]
Apache Spark – Unauthenticated Command Execution (Metasploit)
This module exploits an unauthenticated command execution vulnerability in Apache Spark with standalone cluster mode through REST API. It uses the function CreateSubmissionRequest to submit a malious java class and trigger it. [su_quote] ## # […]
Dell OpenManage Network Manager Multiple Vulnerabilities
Title: Dell OpenManage Network Manager Multiple Vulnerabilities Advisory ID: KL-001-2018-009 Publication Date: 2018.11.05 Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2018-009.txt 1. Vulnerability Details Affected Vendor: Dell Affected Product: OpenManage Network Manager Affected Version: 6.2.0.51 SP3 Platform: Embedded Linux CWE […]
OOP CMS BLOG 1.0 – ‘search’ SQL Injection
# Exploit Title: OOP CMS BLOG 1.0 – ‘search’ SQL Injection # Dork: N/A # Date: 2018-11-06 # Exploit Author: Ihsan Sencan # Vendor Homepage: http://zsoft.com.bd/ # Software Link: https://datapacket.dl.sourceforge.net/project/php-oop-cms-blog/blog_fo_rup.zip # Version: 1.0 # Category: […]
Mongo Web Admin 6.0 – Information Disclosure
# Exploit Title: Mongo Web Admin 6.0 – Information Disclosure # Dork: N/A # Date: 2018-11-04 # Exploit Author: Ihsan Sencan # Vendor Homepage: http://www.mongoadmin.org/ # Software Link: https://netix.dl.sourceforge.net/project/mongo-web-admin/mongoDesktopAdminSetup-beta-6.exe # Version: 6.0 # Category: Webapps […]
Apache OFBiz 16.11.04 – XML External Entity Injection
# Exploit Title: Apache OFBiz 16.11.04 – XML External Entity Injection # Date: 2018-10-15 # Exploit Author: Jamie Parfet # Vendor Homepage: https://ofbiz.apache.org/ # Software Link: https://archive.apache.org/dist/ofbiz/ # Version: < 16.11.04 # Tested on: Ubuntu […]
