网络安全 > Exploit >
Mole Group Last Minute Script
-[*] ================================================================================ [*]- -[*] Last Minute Script <= 4.0 Remote SQL Injection Vulnerability [*]- -[*] =============================================================Joomla Component com_content 1.0.0 (ItemID) SQL Injection Vuln
------------------------------------------------------------------------------------------- Joomla Component com_content SQL Injection Vulnerabity ------------------AuraCMS
#!/usr/bin/perl # k1tk4t Public Security Advisory # //////////////////////////////////////////////////////////// # AuraCMS <= 2.2.2 (pages_data.php) Arbitrary Edit/Add/Delete data halaman exploit # Vendor : http://www.auracms.org/BoonEx Ray 3.5 (sIncPath) Remote File Inclusion Vulnerability
# Name Of Script : Ray # Version : 3.5 # Download From : http://get.boonex.com/Ray-v.3.5-Suite-Free # Found By : RoMaNcYxHaCkEr [ RoMaNTiC-TeaM ] # My Home Page : WwW.4RxH.CoM [ We Will Be Back Soon ] & Tryag.cc/cc [ MDreampics Builder (page) Remote SQL Injection Vulnerability
######################################################### # # PICS BUILDER (page) SQL Injection Vulnerability #======================================================== # Author: Hussin X = #Download Accelerator Plus - DAP 8.x (m3u) Local BOF Exploit 0day
#!/usr/bin/python # Download Accelerator Plus - DAP 8.x (m3u) 0day Local Buffer Overflow Exploit # Bug discovered by Krystian Kloskowski (h07) <h07@interia.pl> # Tested on: Download Accelerator Plus 8.6 / XP SP2 Polish # Shellcode:OllyDBG v1.10 and ImpREC v1.7f (export name) BOF PoC
;-------------------------------------------------------------------------; ; OllyDBG v1.10 and ImpREC v1.7f export name buffer overflow vulnerability ; PoC (probably older versions affected too, not tested though.) ; ; IncludedDownload Accelerator Plus - DAP 8.x m3u File Buffer Overflow Exploit (c)
#include <stdio.h> #include <stdlib.h> /* DAP 8.x (.m3u) File BOF C Exploit for XP SP2,SP3 English SecurityFocus Advisory: Download Accelerator Plus (DAP) is prone to a buffer-overflow vulnerability because it failsPoppler
########################################################################## #### Felipe Andres Manzano * fmanzano@fceia.unr.edu.ar #### #### updates in http://felipe.andres.manzano.googlepages.com/home #### ################Wordpress 2.6.1 (SQL Column Truncation) Admin Takeover Exploit
#!/usr/bin/php <?php # ------------------------------------------------------------ # quick'n'dirty wordpress admin-take0ver poc # by iso^kpsbr in august 2oo8 # # works w/ wordpress 2.6.1 # # .oO( private -- do notAdobe Acrobat 9 ActiveX Remote Denial of Service Exploit
<!-- Jeremy Brown (0xjbrown41@gmail.com/jbrownsec.blogspot.com) Adobe Acrobat 9 Remote DoS (--) Tested on AA9/IE7/Vista I can't seem to reproduce this on XP! Oh well. Of course the most popular app for reading pdfs is SfS/Sminb 0.1.0 Remote Code Execution Exploit
#!/usr/bin/python ##################################################################################### #### minb Remote Code Execution Exploit #### ###################################################Maxthon Browser 2.1.4.443 UNICODE Remote Denial of Service PoC
<!-- Maxthon Browser 2.1.4.443 UNICODE Remote Denial of Service PoC Summary: Maxthon Browser is a powerful tabbed browser built for all users. Besides basic browsing functionality, Maxthon Browser provides a rich set of features to iEasy Photo Gallery 2.1 XSS/FD/Bypass/SQL Injection Exploit
#!/usr/bin/perl #---------------------------------------------------------------- # #Script : Ezphotogallery 2.1 # #Type : Multiple Vulnerabilities ( Xss/Login Bypass/Sql injection Exploit/File Disclosure) # #Method : GET #phsBlog 0.2 Bypass SQL Injection Filtering Exploit
#!/usr/bin/perl #---------------------------------------------------------------- # #Script : PhsBlog v0.2 # #Type : Bypass Sql injection Filtering Exploit # #Method : GET # #Risk : High # #---------------------------