Citrix Application Delivery Controller and Citrix Gateway directory traversal remote code execution exploit.
58fc2672000bf17d12588526d12ca1207500f1e227f4abda50e070491b0d9866TAP is a remote penetration testing platform builder. For folks in the security industry, traveling often times becomes a burden and adds a ton of cost to the customer. TAP was designed to make the deployment of these boxes super simple and create a self-healing and stable platform to deploy remote penetration testing platforms. Essentially the concept is simple, you pre-configure a brand new box and run the TAP setup file. This will install a service on Linux that will be configured the way you want. What it will do is establish a reverse SSH tunnel back to a machine thats exposed on the Internet for you. From there you can access the box locally from the server it connects back to. TAP automatically detects when an SSH connection has gone stale and will automatically rebuild it for you.
a42c3f31a3a76e5688666de6f602e9c95f4c10fab29266ee874d7f2dae3b3851This Metasploit module will bypass Windows UAC by utilizing the trusted publisher certificate through process injection. It will spawn a second shell that has the UAC flag turned off. This Metasploit module uses the Reflective DLL Injection technique to drop only the DLL payload binary instead of three separate binaries in the standard technique. However, it requires the correct architecture to be selected, (use x64 for SYSWOW64 systems also).
2af1863cdb30bfd4736972507c329a2bdd36de75f1f53ed9dba7e1b9c141c5d9Mac OS X versions 10.8.4 and below local root privilege escalation exploit written in Python.
a0b32edb63a75a52f36b3b0a16898f214ffdda7d8f01efbf9482265d991f663bThis Metasploit module will bypass Windows UAC by utilizing the trusted publisher certificate through process injection. It will spawn a second shell that has the UAC flag turned off.
6f5a8c2406a41e33a82abea58ad31e2ab24d2e47c5ad7403b51ed4ce3b1f2ca2MySQL remote root authentication bypass exploit.
fa8a07437a078edcac9f7f432c70a04cd4fc7c1f42f36d254d4fa9efe0c46b18This is a proof of concept remote root authentication bypass exploit for F5 BIG-IP. Written in Python.
56ead1dc2b7a0b89044841502ec4977b0bed8067f3b3118da72703e3b50cbed2This Metasploit module will execute an arbitrary payload on a Microsoft SQL Server, using a SQL injection vulnerability. Once a vulnerability is identified this module will use xp_cmdshell to upload and execute Metasploit payloads. It is necessary to specify the exact point where the SQL injection vulnerability happens.
5c71a8e0d959c8b1f43ce27c1cfb87641e1abf71b42047e2636fd0256601f31aThis Metasploit module exploits a weakness in the Adobe Shockwave player's handling of Director movies (.DIR). A memory corruption vulnerability occurs through an undocumented rcsL chunk. This vulnerability was discovered by https://www.abysssec.com.
edbfcc271f52640c5283e776893d943627be757790c777c863e113627287a4e1This Metasploit module will execute an arbitrary payload on a Microsoft SQL Server, using the Windows debug.com method for writing an executable to disk and the xp_cmdshell stored procedure. File size restrictions are avoided by incorporating the debug bypass method presented at Defcon 17 by SecureState. Note that this module will leave a metasploit payload in the Windows System32 directory which must be manually deleted once the attack is completed.
08dfa1b6b11d0fd3513417baa7f7f3bdc147dd9a8593be9c3fe0d2e365f87d4dSpiceworks version 3.6 accept parameter overflow proof of concept crash exploit.
97160280f7a39829513cfc89560d3e4076e1cd77b06e48cfb5b3bdef51b07171Mozilla Firefox 3.5 heap spray exploit. Written in Python.
d1253f8edede8fa9f97227138d7df3490fea4cc39eb8c1282947c40659be1655Microsoft Internet Explore 7 DirectShow heap spray exploit that leverages msvidctl.dll.
4ca40df1197e30ea46a78039f8530554112a1b449eb78a2efb94f356bf3735f9Whitepaper called Bypassing Hardware Based Data Execution Prevention (DEP) on Windows 2003 SP2.
d184381c4ad889006627d8570ca692515a97b3b6be034ad73a212421887c84aa
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed