首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 专题 | 会员中心 | 安全论坛
热门关键字: vsserver  vitter  shell  linux  art
  当前位置:主页>安全文章>文章资料>Exploits>列表
Discuz! Reset User Password Vulnerability
  日期:2008-11-21 10:17:50 点击:0 评论:0
Discuz! Reset User Password Vulnerabilityauthor: 80vul-A/80vul-Bteam:http://www.80vul.com由于Discuz! 的随机数使用的播种缺陷,在找会用户密码时可以暴力得到id的随机hash,从而导致容易修改用户密码的严重漏洞.一 分析暂缺[将在pstzine3上详细介绍这个问题,有兴趣
Oracle Database Vault ptrace(2) Privilege Escalation Exploit
  日期:2008-11-21 10:16:32 点击:0 评论:0
/* * original release: http://vnull.pcnet.com.pl/blog/?p=92 * * ora_dv_mem_off.c version 0x1 * ORACLE Database Vault runtime disabler (x86_32 Linux only) * AKA give_back_the_freedom * by Jakub 'vnull' Wartak jakub.wartak@gmail.com 26.02.2008 * 0-day
vBulletin 3.7.3 Visitor Message XSS/XSRF + worm Exploit
  日期:2008-11-21 10:15:26 点击:0 评论:0
/* ----------------------------- * Author = Mx * Title = vBulletin 3.7.3 Visitor Messages XSS/XSRF + worm * Software = vBulletin * Addon = Visitor Messages * Version = 3.7.3 * Attack = XSS/XSRF - Description = A critical vulnerability exists in the n
PHP-Fusion 7.00.1 (messages.php) Remote SQL Injection Exploit
  日期:2008-11-21 10:14:42 点击:0 评论:0
?php /*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-* PHP-Fusion 7.00.1 (messages.php) Remote SQL Injection Exploit requires magic_quotes == off coded by irk4z[at]yahoo.pl homepage: http://irk4z.wordpress.com greets: all
wPortfolio <= 0.3 Admin Password Changing Exploit
  日期:2008-11-21 10:13:27 点击:0 评论:0
?php /* ============================================================================== _ _ _ _ _ _ / | | | | / | | | | / _ | | | | / _ | |_| | / ___ | |___ | |___ / ___ | _ | IN THE NAME OF /_/ _ |_____| |_____| /_/ _ |_| |_| ========
PunBB Mod PunPortal 0.1 Local File Inclusion Exploit
  日期:2008-11-21 10:12:57 点击:0 评论:0
#!/usr/bin/perl =about PunBB (PunPortal 0.1) Local File Inclusion Exploit -------------------------------------------------- by athos - staker[at]hotmail[dot]it download mod http://www.punres.org/download.php?id=1108 download cms http://punbb.org reg
Exodus 0.10 (uri handler) Arbitrary Parameter Injection Exploit
  日期:2008-11-21 10:11:52 点击:0 评论:0
!-- Exodus v0.10 remote code execution exploit by Nine:Situations:Group::strawdog This uses the -l argument to overwrite a file inside Microsoft Help and Support Center folders (oh rgod...) Firstly run netcat in listen mode to drop the vbscript shell
Portfolio <= 0.3 Remote Arbitrary File Upload Exploit
  日期:2008-11-20 15:50:19 点击:0 评论:0
#!/usr/bin/perl # Name: wPortfolio = 0.3 Arbitrary File Upload Exploit # Script Name: wPortfolio 0.3 # Download: http://sourceforge.net/project/downloading.php?group_id=244834use_mirror=kentfilename=wPortfolio.zip80791070 # Vulnerability: Arbitrary F
Exploits Microsoft VISTA TCP/IP stack buffer overflow
  日期:2008-11-20 10:57:00 点击:0 评论:0
#define _WIN32_WINNT 0x0600#define WIN32_LEAN_AND_MEAN#include windows.h#include winsock2.h#include ws2ipdef.h#include iphlpapi.h#include stdio.h#include stdlib.hint main(int argc, char** argv){ DWORD dwStatus; MIB_IPFORWARD_ROW2 route; if (argc !=
MauryCMS <= 0.53.2 Remote Shell Upload Exploit
  日期:2008-11-20 10:56:30 点击:0 评论:0
#!/usr/bin/perl =about MauryCMS = 0.53.2 Remote Shell Upload Exploit ---------------------------------------------- by athos - staker[at]hotmail[dot]it download on http://cms.maury91.org thnx Osirys =cut use strict; use warnings; use LWP::UserAgent;
MyTopix <= 1.3.0 (notes send) Remote SQL Injection Exploit
  日期:2008-11-20 10:55:51 点击:0 评论:0
?php /** * * MyTopix = 1.3.0 (notes send) Remote SQL Injection Exploit * Bug discovered exploited by cOndemned * * Desc : *In order to exploit this vulnerability user have to *be logged on the forum, so I'd decided to write this *exploit x] * * Greet
PunBB (Private Messaging System 1.2.x) Multiple LFI Exploit
  日期:2008-11-20 10:54:59 点击:0 评论:0
?php error_reporting(0); ini_set(default_socket_timeout,5); /* PunBB (Private Messaging System 1.2.x) Multiple LFI Exploit ----------------------------------------------------------- by athos - staker[at]hotmail[dot]it download mod http://www.punres.
Chilkat Socket activex 2.3.1.1 Remote Arbitrary File Creation Exploit
  日期:2008-11-18 11:39:04 点击:3 评论:0
html titleChilkatSocket.DLL Arbitrary File Creation/titlebrbr body Company Name : Chilkat Software, Inc.brbr Vulnerable DLL : ChilkatSocket.DLLbrbr DLL's version : 2,3,1,1brbr Object Safety Report : br Report for Clsid: {474FCCCD-1B89-4D34-9E09-45807
FREEze Greetings 1.0 Remote Password Retrieve Exploit
  日期:2008-11-18 11:38:10 点击:4 评论:0
?php /** * FREEze Greetings 1.0 Remote Password Retrieve Exploit * Exploit by cOndemned * * Greetz : suN8Hclf, 0in, m4r1usz, str0ke, rtgn, doctor, sid.psycho [...] * Special thx to ZaBeaTy for developing such a sexy regexp ;) Thx m8 */ echo Header [~
Opera 9.62 file:// Local Heap Overflow Exploit
  日期:2008-11-18 11:34:38 点击:4 评论:0
html headtitleuh?/title/head body script // k`sOSe 11/15/2008 // tested on Windows XP SP3, opera 9.62 international version // vulnerability found by send9 // there are many ways to achieve code execution, tons of function pointers to overwrite. // m
MS Windows Server Service Code Execution Exploit (MS08-067) (2k/2k3)
  日期:2008-11-17 10:09:03 点击:4 评论:0
#!/usr/bin/env python ############################################################################# # MS08-067 Exploit by Debasis Mohanty (aka Tr0y/nopsled) # www.hackingspirits.com # www.coffeeandsecurity.com # Email: d3basis.m0hanty @ gmail.com ###
Minigal b13 (index.php list) Remote File Disclosure Exploit
  日期:2008-11-17 10:08:05 点击:3 评论:0
?php set_time_limit(0); function find_pass($data){ $pass = explode('$adminpass = ',$data); if($pass[1]!=){ echo(Vuln exploited enjoy !n); sleep(1); echo(Admin hash == [.substr($pass[1],0,32).]n); } else{ echo(Exploit failed!!!!); } } function __sen
Sudo <= 1.6.9p18 (Defaults setenv) Local Privilege Escalation Exploit
  日期:2008-11-17 10:07:17 点击:3 评论:0
#!/bin/sh #* Sudo = 1.6.9p18 local r00t exploit #* by Kingcope/2008/www.com-winner.com # # Most lame exploit EVER! # # Needs a special configuration in the sudoers file: # --- Defaults setenv so environ vars are preserved :) --- # # May also need the
VeryPDF PDFView OCX ActiveX OpenPDF Heap Overflow PoC
  日期:2008-11-17 10:06:21 点击:2 评论:0
!-- VeryPDF PDFView OCX ActiveX OpenPDF Heap Overflow Discovered Written By: r0ut3r (writ3r [at] gmail.com / www.bmgsec.com.au) Advisory: http://www.bmgsec.com.au/advisory/39/ --------------------------------------------------- Tested on: WinXP Pro S
SlimCMS <= 1.0.0 (edit.php) Remote SQL Injection Exploit
  日期:2008-11-15 15:08:40 点击:4 评论:0
#!/usr/bin/perl =starting -------------------------------------------------------- SlimCMS = 1.0.0 (edit.php) Remote SQL Injection Exploit -------------------------------------------------------- by athos - staker[at]hotmail[dot]it download on source
共136页/2720条记录 首页 1 [2] [3] [4] [5] [6] [7] 下一页 末页
  本月热点文章
·MS08066本地权限提升漏洞explo
·MS08-067 Remote Stack Overfl
·DjVu ActiveX Control 3.0 Ima
·Linux Kernel < 2.6.22 ftrunc
·Discuz! 6.x/7.x Remote Code
·Adobe Reader util.printf() J
·MemHT Portal 4.0.1 SQL Injec
·VLC 0.9.4 .TY File Buffer Ov
·deV!Lz Clanportal [DZCP] <=
·MyForum 1.3 (lecture.php id)
·>Opera 9.62 (opera:allinone)
·U-Mail Webmail 4.91 (edit.ph
  本月推荐文章
 
  相关分类
  漏洞检测
  漏洞资料
  入侵实例
  系统安全
  网络安全
  网络基础
  病毒分析
Exploits
CopyRight © 2002-2008 VFocuS.Net All Rights Reserved