网络安全 > Exploit >
WS_FTP Home/Professional FTP Client Remote Format String PoC
################################################################################################################## # # Ipswitch WS_FTP Home/WS_FTP Professional FTP Client Remote Format String vulnerability # Vendor : http://www.ipswitch.comFlashGet 1.9.0.1012 (FTP PWD Response) BOF Exploit (safeseh)
#!/usr/bin/perl # k`sOSe 08/17/2008 # bypass safeseh using flash9f.ocx. use warnings; use strict; use IO::Socket; # win32_exec - EXITFUNC=seh CMD=calc Size=160 Encoder=PexFnstenvSub http://metasploit.com my $shellcode = "webEdition CMS (we_objectID) Blind SQL Injection Exploit
<?php ini_set("max_execution_time",0); print_r(' ############################################################### # # WebEdition CMS - Blind SQL Injection Exploit #VMware Workstation (hcmon.sys 6.0.0.45731) Local DoS Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - Orange Bat advisory - Name : VMWare Workstation (hcmon.sys 6.0.0.45731) Class : DoS Published : 2008-08-17 Credit : g_ (g_ # orange-bat # com) - -Anzio Web Print Object
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ~ Core Security Technologies - CoreLabs Advisory ~ http://www.coresecurity.com/corelabs/ ~ Anzio Web Print Object Buffer Overflow *Advisory Information* Title:Belkin wireless G router ADSL2 modem Auth Bypass Exploit
<html> <head> </head> <body> <b>html code to bypass the webinterface password protection of the Belkin wireless G router adsl2 modem.<br> It worked on model F5D7632-4V6 with upgraded firmware 6.01.Pars4U Videosharing V1 XSS / Remote Blind SQL Injection Exploit
#!/usr/bin/perl use LWP::UserAgent; use Getopt::Long; if(!$ARGV[1]) { print " n"; print " ################## VIVA ISLAME VIVA ISLAME #############NoName Script
################################################################################ [ ] NoName Script 1.1 BETA Multiple Remote Vulnerabilities [ ] Discovered By SirGod [ ] www.mortal-team.orgGeekLog
#!/usr/bin/perl use warnings; use strict; use LWP::UserAgent; use HTTP::Request::Common; print <<INTRO; GeekLog <= 1.5.0 Remote Arbitrary File UploadDana IRC 1.4a Remote Buffer Overflow Exploit
#!/usr/bin/perl # k`sOSe - 08/24/2008 # This is a useless and not portable exploit code, tested only on my winxp-sp3 VM. # I was looking for a vuln to write an exploit for when I found this PoC: # # http://www.milw0rm.com/exploits/5817Ultra Office ActiveX Control Remote Arbitrary File Corruption Exploit
----------------------------------------------------------------------------- Ultra Office ActiveX Control Remote Arbitrary File Corruption url: http://www.ultrashareware.com Author: shinnai mail: shinnai[at]autistici[dot]org site: http:Simple PHP Blog (SPHPBlog)
<? /* sIMPLE php bLOG 0.5.0 eXPLOIT bY mAXzA 2008 */ function curl($url,$postvar){ global $cook; $ch = curl_init( $url ); curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt ($ch, CURLOPT_HEADER, 1);Acoustica Mixcraft
#!/usr/bin/perl # # Acoustica Mixcraft (mx4 file) Local Buffer Overflow Exploit # Author: Koshi # # Date: 08-28-08 ( 0day ) # Application: Acoustica Mixcraft # Version(s): (Possibly Older) / 4.1 Build 96 / 4.2 Build 98 # Site: http://MyBulletinBoard (MyBB)
<?php // forum mybb <= 1.2.11 remote sql injection vulnerability // bug found by Janek Vind "waraxe" http://www.waraxe.us/advisory-64.html // exploit write by c411k (not brutforce one symbol. insert hash in your PM in one actMicrosoft Visual Studio (Msmask32.ocx) ActiveX Remote BOF Exploit
Microsoft Visual Studio (Msmask32.ocx) ActiveX Remote Buffer Overflow Exploit Author: Koshi Original POC: http://www.milw0rm.com/exploits/6244 ( Not by me ) My first ActiveX exploit, learned quite a bit playing with this one. Heaps are hand