Showing 1 - 12 of 12

Files from Felipe Daragon

Lua Web Application Security Vulnerabilities: Posted May 28, 2014; Authored by Felipe Daragon | Site syhunt.com; This paper highlights risks associated with unvalidated input in Lua-based applications.; tags | paper; SHA-256 | b4f14650e83aeefc80c835944c58d54d354b9a258c6d244b09f76bbd9c1c50be; Download | Favorite | View

Sandcat Browser 5.0-beta.1: Posted May 28, 2014; Authored by Felipe Daragon; Sandcat is a lightweight multi-tabbed web browser that combines the speed and power of Chromium and Lua. Sandcat comes with built-in live headers, an extensible user interface and command line console, resource viewer, and many other features that are useful for web developers and pen-testers and when you need to examine live web applications.; tags | tool, web; systems | unix; SHA-256 | cf989c86c0521b79f36955f23b5884a66b9f8bfdc0e7670e64ccb43a1afda929; Download | Favorite | View

CGILua 5.x Predictable Session Identifier: Posted May 1, 2014; Authored by Felipe Daragon | Site syhunt.com; A vulnerability in the session library that ships with CGILua since version 5.0 beta may allow remote attackers to easily and quickly guess valid session IDs generated by a Lua web application and perform session hijacking.; tags | advisory, remote, web; advisories | CVE-2014-2875; SHA-256 | d47d6ee8b23d4dfc00517ad05df39563c3ec959859f6a90ece46d4098f19ee5c; Download | Favorite | View

Google V8 Server-Side Javascript Injection: Posted Feb 27, 2012; Authored by Felipe Daragon | Site syhunt.com; This is a brief write up discussing Google V8 server-side javascript (SSJS) injection.; tags | paper, javascript; SHA-256 | 7652f540e79f74e1eff943b389b6f7f03423371c27f0d655323015f9f003002b; Download | Favorite | View

Time-Based Blind NoSQL Injection: Posted Dec 19, 2011; Authored by Felipe Daragon | Site syhunt.com; This is a brief write up discussing time-based NoSQL injection attacks using javascript.; tags | paper, javascript, sql injection; SHA-256 | 38f29f6bb429406f5f75bcf44692f842d085e1f1bc2d98124da439be4d863cc3; Download | Favorite | View

Visual Synapse Directory Traversal: Posted Oct 8, 2010; Authored by Felipe Daragon | Site syhunt.com; Visual Synapse HTTP server suffers from a directory traversal vulnerability.; tags | exploit, web, file inclusion; advisories | CVE-2010-3743; SHA-256 | 038f38bdf4e7117803ec5bc6d22f030c1807fe0e79f28bb04eb182d7d342adfb; Download | Favorite | View

Klinzmann A-A-S 2.0.48 XSRF Exploit: Posted May 13, 2009; Authored by Felipe Daragon | Site syhunt.com; Klinzmann Application Access Server version 2.0.48 cross site request forgery exploit.; tags | exploit, csrf; advisories | CVE-2009-1464; SHA-256 | 8fbdf9086123ab178a93c6aa387ee37b227bad398eb09b10822fe24d631ab585; Download | Favorite | View

Klinzmann A-A-S XSRF / Code Execution: Posted May 13, 2009; Authored by Felipe Daragon | Site syhunt.com; The Klinzmann Application Access Server suffers from cross site request forgery, command execution, default password, and insecure password storage vulnerabilities.; tags | exploit, vulnerability, csrf; advisories | CVE-2009-1464, CVE-2009-1465, CVE-2009-1466; SHA-256 | e216edbf657d61bdb2e559c269b7118db00d7f30c8cb83b7248238c64f6b103d; Download | Favorite | View

hfs-spoof.txt: Posted Jan 24, 2008; Authored by Felipe Daragon, Alec Storm | Site syhunt.com; HFS versions 1.5g through 2.3 suffer from username spoofing and log injection vulnerabilities.; tags | advisory, spoof, vulnerability; advisories | CVE-2008-0407, CVE-2008-0408; SHA-256 | 5b3cbaf4dc12bfae2a139d34b04a6f0260e498eb9425aab233e032444fa1c0a7; Download | Favorite | View

hfshack.txt: Posted Jan 24, 2008; Authored by Felipe Daragon, Alec Storm | Site syhunt.com; Syhunt HFSHack version 1.0b is an exploit for various vulnerabilities found in HFS versions 1.5 through 2.3.; tags | exploit, vulnerability; advisories | CVE-2008-0405, CVE-2008-0406, CVE-2008-0407, CVE-2008-0408, CVE-2008-0409, CVE-2008-0410; SHA-256 | cf5241d98b767c660b1da691f06531bdf11802f7be9b965f8b6a271445f08f40; Download | Favorite | View

hfs-manipulate.txt: Posted Jan 24, 2008; Authored by Felipe Daragon, Alec Storm | Site syhunt.com; HFS versions 2.2 through 2.3 suffer from arbitrary file manipulation and denial of service vulnerabilities.; tags | advisory, denial of service, arbitrary, vulnerability; advisories | CVE-2008-0405, CVE-2008-0406; SHA-256 | b808645f02dd720f4b5dc129b8f8e58df6ca146c7b5158604938c0d0f8bbd55e; Download | Favorite | View

hfs-xss.txt: Posted Jan 24, 2008; Authored by Felipe Daragon, Alec Storm | Site syhunt.com; HFS versions 2.3 through 2.0 suffer from cross site scripting and information disclosure vulnerabilities.; tags | exploit, vulnerability, xss, info disclosure; advisories | CVE-2008-0409, CVE-2008-0410; SHA-256 | c6417b3811c50e7ea4316acb3c097304bd8f5ebfd4d871f85cbc2532a0cd2f0d; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days