various advisories & exploits ______________
Sep 7
, 2007
Author: rgod

Microsoft SQL Server Distributed Management Objects OLE DLL for
SQL Enterprise Manager (sqldmo.dll) remote buffer overflow poc


 

various advisories & exploits ______________
Sep 3
, 2007
Author: rgod

Telecom Italy Alice Messenger Hp .Revolution . RegistryManager.dll (v.1) remote arbitrary registry key manipulation

Hexamail Server 3.0.0.001 (pop3) pre-auth remote overflow poc

 

various advisories & exploits ______________
Aug 30
, 2007
Author: rgod

Postcast Server Pro 3.0.61 / Quiksoft EasyMail (emsmtp.dll 6.0.1) BoF

eCentrex VOIP Client module (uacomx.ocx 2.0.1) Remote BOF Exploit

 

various advisories & exploits ______________
Jul 12
, 2007
Author: rgod

AMX Corp. VNC ActiveX Control (AmxVnc.dll 1.0.13.0) BoF Exploit

PHP 5.2.3 Tidy extension Local Buffer Overflow Exploit

 

various advisories & exploits ______________
Jun 12
, 2007
Author: rgod

Microsoft Windows DirectSpeechSynthesis Module (XVoice.dll)
/ DirectSpeechRecognition Module (Xlisten.dll)
remote buffer overflow exploit / 2k sp4 seh version

Microsoft Windows DirectSpeechSynthesis Module (XVoice.dll 4.0.4.2512)
/ DirectSpeechRecognition Module (Xlisten.dll 4.0.4.2512)
remote buffer overflow exploit/ xp sp2 version

 

 

 

various advisories & exploits ______________
Jun 10
, 2007
Author: rgod

IE6 / Honeywell Ademco, co., ltd. ATNBaseLoader100 Module Remote BoF Exploit

IE6 / Vivotek Motion Jpeg Control (MjpegDecoder.dll 2.0.0.13) Remote Exploit

IE6 / Provideo Camimage (ISSCamControl.dll 1.0.1.5) Remote BoF Exploit

IE6 / Dart Communications PowerTCP ZIP Compression Remote BoF Exploit

IE6 / Dart Communications PowerTCP Service Control Remote BoF Exploit

 

 

various advisories & exploits ______________
May 16, 2007
Author: rgod

XAMPP for Windows <= 1.6.0a mssql_connect() Remote BoF Exploit

IE / VImpX ActiveX (VImpX.ocx v. 4.7.3.0) Remote Buffer Overflow Exploit


IE / Pegasus ImagN' ActiveX Control (IMW32O40.OCX V4.00.041) Buffer Overflow Exploit

IE / GDivX Zenith Player AviFixer Class (fix.dll 1.0.0.1) Buffer Overflow PoC

RunCms <= 1.5.2 (debug_show.php) Remote SQL Injection Exploit


WinMail Server 4.4 build 1124 (WebMail) remote add new Super User exploit

TCExam <= 4.0.011 (SessionUserLang) Shell Injection Exploit

 

 

various advisories & exploits ______________
Mar 28, 2007
Author: rgod

PHP <= 4.4.6 ibase_connect() Local Buffer Overflow Exploit


PHP 5.2.1 with PECL phpDOC Local Buffer Overflow Exploit

Php-Stats <= 0.1.9.1b (php-stats-options.php) admin 2 exec() Exploit

Php-Stats <= 0.1.9.1b (PC-REMOTE-ADDR) SQL Injection Exploit

Php-Stats <= 0.1.9.1b (ip) Remote SQL Injection Exploit

 

 

various advisories & exploits ______________
Mar 14, 2007
Author: rgod

oh, this is my independent contribution to the Month Of PHP Bugs ...

PHP <= 4.4.6 mssql_connect() & mssql_pconnect() Local Buffer Overflow Exploit

PHP 4.4.6 crack_opendict() Local Buffer Overflow Exploit PoC

PHP 4.4.6 snmpget() object id Local Buffer Overflow Exploit PoC

PHP 4.4.6 cpdf_open() Local Source Code Discslosure PoC

GuppY <= 4.5.16 Remote Commands Execution Exploit

Woltlab Burning Board Lite <= 1.0.2pl3e (pms.php) SQL Injection Exploit

ThWboard <= 3.0b2.84-php5 SQL Injection / Code Execution Exploit

 

 

various advisories & exploits ______________
Mar 14, 2007
Author: rgod

oh, this is my independent contribution to the Month Of PHP Bugs ...

PHP <= 4.4.6 mssql_connect() & mssql_pconnect() Local Buffer Overflow Exploit

PHP 4.4.6 crack_opendict() Local Buffer Overflow Exploit PoC

PHP 4.4.6 snmpget() object id Local Buffer Overflow Exploit PoC

PHP 4.4.6 cpdf_open() Local Source Code Discslosure PoC

GuppY <= 4.5.16 Remote Commands Execution Exploit

Woltlab Burning Board Lite <= 1.0.2pl3e (pms.php) SQL Injection Exploit

ThWboard <= 3.0b2.84-php5 SQL Injection / Code Execution Exploit

 

 

various advisories & exploits ______________
Mar 1
, 2007
Author: rgod

vBulletin <= 3.6.4 inlinemod.php "postids" sql injection / privilege
escalation by session hijacking exploit

 

 

various advisories & exploits ______________
Jan 13, 2007
Author: rgod

Wordpress <= 2.0.6 wp-trackback.php Zend _ Hash _ Del _ Key _ Or _ Index
sql injection admin hash disclosure exploit

Cacti 0.8.6i "copy_cacti_user.php" sql injection create new admin exploit

sNews <= 1.5.30 unauthorized access / reset admin pass / cmd exec exploit

 

 

various advisories & exploits ______________
Dec 28, 2006
Author: rgod

Cacti <= 0.8.6i "cmd.php" popen() injection

Sambar FTP Server 6.4 (SIZE) Remote Denial of Service Exploit

PHP-Update <= 2.7 extract() auth bypass / shell inject

PHP-Update <= 2.7 str_replace() sql injection / privilege escalation /
/ cmd exec ii

Durian Web Application Server 3.02 freeware for Win32 buffer overflow execute command exploit

Durian Web Application Server 3.02 freeware for Win32 denial of service exploit

Singapore <= 0.10.0 local inclusion exploit

 

various advisories & exploits ______________
Dec 8
, 2006
Author: rgod

Filezilla FTP Server 0.9.20 beta / 0.9.21 "STOR" Denial Of Service

PHPGraphy 0.9.12 ZHDKOI/privilege escalation/remote commands execution exploit

Golden FTP server 1.92 (freeware edition) USER/PASS heap overflow poc

 

various advisories & exploits ______________
Nov 23
, 2006
Author: rgod

Discuz! 4.x SQL injection / admin credentials disclosure exploit

Discuz! 5.0.0 GBK SQL injection / admin credentials disclosure exploit

PHPWind <= 5.0.1 "AdminUser" blind SQL injection exploit

PhpWebGallery <= 1.6.1 SQL injection

Woltlab Burning Board Lite 1.0.2 decode_cookie() sql injection exploit
(magic quotes bypass)

Woltlab Burning Board Lite 1.0.2 Zend_Hash_Del_Key_Or_Index /
/ blind sql injection exploit (mqg off)

AIOCP <= 1.3.007 multiple SQL injection vulnerabilities/hash disclosure exploit

 

various advisories & exploits ______________
Oct 14
, 2006
Author: rgod

Flatnuke <= 2.5.8 file() Priv Escalation / Code Execution Exploit

Flatnuke 2.5.8 (userlang) Local Inclusion / Delete All Users Exploit

 

 

various advisories & exploits ______________
Sep 2
7, 2006
Author: rgod

exV2 <= 2.0.4.3 extract() Remote Command Execution Exploit

exV2 <= 2.0.4.3 (sort) Remote SQL Injection Exploit

Exponent CMS <= 0.96.3 (view) Remote Command Execution Exploit

Limbo CMS <= 1.0.4.2L (com_contact) Remote Code Execution Exploit

RaidenHTTPD 1.1.49 (SoftParserFileXml) Remote Code Execution Exploit

DokuWiki <= 2006-03-09b (dwpage.php) Remote Code Execution Exploit

DokuWiki <= 2006-03-09b (dwpage.php) System Disclosure Exploit

 

various advisories & exploits ______________
Sep 7, 2006
Author: rgod

e107 <= 0.75 GLOBALS[] overwrite/ Zend_Hash_Del_Key_Or_Index remote commands
execution exploit

TikiWiki <= 1.9 Sirius "jhot.php" remote commands execution exploit

PmWiki <= 2.1.19 Zend_Hash_Del_Key_Or_Index / remote commands execution exploit

PHPFusion <= 6.01.4 extract() /_SERVER[REMOTE_ADDR] sql injection exploit (magic_quotes_gpc = off)

MercuryBoard <= 1.1.4 "User-Agent" SQL injection / privilege escalation exploit
(php version)

 

 

various advisories & exploits ______________
Aug 22, 2006
Author: rgod

Simple Machines Forum <= 1.1 rc2 (lngfile) Remote Exploit (windows)

Simple Machines Forum <= 1.1 rc2 (lock) exploit

CubeCart <= 3.0.11 (oid) Remote Blind SQL Injection Exploit

XMB <= 1.9.6 Final basename() Remote Command Execution Exploit

 

various advisories & exploits ______________
Aug 06, 2006
Author: rgod

MyBloggie <= 2.1.4 trackback.php SQL injection /
administrative credentials disclosure exploit

SendCard <= 3.4.0 Unauthorized Administrative Access Exploit

ATutor <= 1.5.3.1 (links) Remote Blind SQL Injection Exploit

XMB <= 1.9.6 (u2uid) Remote SQL Injection Exploit

 

various advisories & exploits ______________
Jul 26, 2006
Author: rgod

Pivot <= 1.30 RC2 Privileges Escalation/Remote Code Execution Exploit

MyBulletinBoard (MyBB) <= 1.1.5 (CLIENT-IP) SQL Injection Exploit

PAPOO <= 3_RC3 SQL Injection/Admin Credentials Disclosure Exploit

Phorum 5 (pm.php) Arbitrary Local Inclusion Exploit

phpBB 3 (memberlist.php) Remote SQL Injection Exploit

LoudBlog <= 0.5 (id) SQL Injection / Admin Credentials Disclosure

toendaCMS <= 1.0.0 (FCKeditor) Remote File Upload Exploit

X7 Chat <= 2.0.4 (old_prefix) Remote Blind SQL Injection Exploit

Etomite CMS <= 0.6.1 (rfiles.php) Remote Command Execution Exploit

Etomite CMS <= 0.6.1 (username) SQL Injection Exploit

 

 

various advisories & exploits ______________
Jul 04, 2006
Author: rgod

BLOG:CMS <= 4.0.0k Remote SQL Injection Exploit

GeekLog <= 1.4.0sr3 f(u)ckeditor Remote Code Execution Exploit

Mambo <= 4.6rc1 (Weblinks) Remote Blind SQL Injection Exploit (INTO OUTFILE version)

 

 

various advisories & exploits ______________
Jun 26, 2006
Author: rgod

Mambo <= 4.6rc1 (Weblinks) Remote Blind SQL Injection Exploit (2)

Mambo <= 4.6rc1 (Weblinks) Blind SQL Injection Exploit

Joomla <= 1.0.9 (Weblinks) Remote Blind SQL Injection Exploit

LifeType <= 1.0.4 SQL Injection / Admin Credentials Disclosure Exploit

Jaws <= 0.6.2 (Search gadget) Remote SQL Injection Exploit

Claroline <= 1.7.6 (includePath) Remote Code Execution Exploit

blur6ex <= 0.3.462 (ID) Admin Disclosure / Blind SQL Injection exploit

bitweaver <= 1.3 (tmpImagePath) Attachment mod_mime Exploit

 

 

various advisories & exploits ______________
Jun 3, 2006
Author: rgod

WordPress <= 2.0.2 'cache' shell injection exploit

Nucleus <= 3.22 GLOBALS[DIR_LIBS] arbitrary remote inclusion exploit

DotClear <= 1.2.4 'blog_dc_path' (PHP5) arbitrary remote inclusion

Pixelpost <= 1-5rc1-2 privilege escalation exploit

pppBlog <= 0.3.8 system disclosure exploit

Drupal <= 4.7 attachment mod_mime poc exploit

PHP-Fusion <= v6.00.306 "srch_where" SQL Injection/Admin
credentials disclosure exploit

PHPFusion <= v6.00.306 avatar mod_mime arbitrary file upload
and local inclusion vulnerabilities

XOOPS <= 2.0.13.2 'xoopsOption[nocommon]' exploit

Unclassified NewsBoard <= 1.6.1 patch 1 ABBC[Config][smileset]
arbitrary local inclusion

PhpBB <= v2.0.20 Admin "Restore Database/default_lang" remote commands execution

PhpBB <= v2.0.20 HTTP Proxy vulnerability

PhpBB <= v2.0.20 (multiple avatars uploading) D.o.S

Sugar Suite Open Source <= 4.2 "OptimisticLock!" arbitrary remote inclusion exploit

DeluxeBB <= v1.06 attachment mod_mime exploit

 

various advisories & exploits ______________
May 4, 2006
Author: rgod

X7 Chat <= 2.0 (help_file) Remote Commands Execution Exploit

PHPSurveyor <= 0.995 (surveyid) Remote Command Execution Exploit

SysInfo 1.21 (sysinfo.cgi) Remote Command Execution Exploit

PCPIN Chat <= 5.0.4 (login/language) Remote Code Execution Exploit

PHP Album <= 0.3.2.3 Remote Command Execution Exploit

phpWebSite <= 0.10.2 (hub_dir) Remote Commands Execution Exploit

osCommerce <= 2.2 (extras) Source Code Disclosure Vulnerability

Sphider <= 1.3 (configset.php) Arbitrary Remote Inclusion Exploit

PHP121 Instant Messenger <= 1.4 Remote Code Execution Exploit

Simplog <= 0.9.2 (s) Remote Commands Execution Exploit

PHPList <= 2.10.2 GLOBALS[] Remote Code Execution Exploit

ADODB < 4.70 (tmssql.php) Denial of Service Vulnerability

ADODB < 4.70 (PhpOpenChat 3.0.x) Server.php SQL Injection Exploit

phpMyChat <= 0.14.5 (SYS enter) Remote Code Execution Exploit

phpMyChat 0.15.0dev (SYS enter) Remote Code Execution Exploit

ReloadCMS <= 1.2.5 Cross Site Scripting / Remote Code Execution Exploit

Claroline <= 1.7.4 (scormExport.inc.php) Remote Code Execution Exploit

 

various advisories & exploits ______________
Mar 30, 2006
Author: rgod

Plogger <= beta 2.1 sql injection / administrative credentials disclosure

PHPCollab v2.x / NetOffice v2.x sendpassword.php SQL Injection

WebAlbum <= 2.02pl $_COOKIE[skin2] remote commands xctn

XHP Cms <= 0.5 remote commands execution

php iCalendar <= 2.21 "cookie_language"/"cookie_style" remote cmmdns xctn

php iCalendar <= 2.21 publish.ical.php remote cmmdns xctn

Simple PHP Blog <= 0.4.7.1 remote commands execution

Gallery <= 2.0.3 "stepOrder[]" remote commands execution

Php-Stats <=0.191 "modify_config" remote commands execution (advisory / exploit )

Nodez 4.6.1.1 Mercury multiple vulnerabilities

gCards <=1.45 multiple vulnerabilities

OWL Intranet Egine = 0.82 remote cmmnds xctn

GuestBook Script <= 1.7 remote commands execution

 

various advisories & exploits ______________
Feb 26, 2006
Author: rgod

Coppermine Photo Gallery <= 1.4.3 remote commands execution advisory / exploit

4Images <= 1.7.1 remote commands execution

EGS Enterprise Groupware System 1.0 rc4 remote commands execution

FlySpray 0.9.7 remote commands execution

PHPKit <= v.1.6.1 release 2 remote code execution


NOCC Webmail <= 1.0 remote code execution

iGENUS WebMail <= 2.0.2 remote commands execution

AdmBook <=1.2.2 "X-Forwarded-For" remote cmmnds xctn

Geeklog 1.* remote commands execution exploit php / perl

Pbl Guestbook <=1.31 admin md5 password hash disclosure

 

various vulnerabilities ______________
Feb 12, 2006
Author: rgod

DocMGR <= 0.54.2 process.php remote comands execution exploit

Linpha <= 1.0 multiple arbitrary local inclusion
vulnerability

 

various vulnerabilities ______________
Feb 11, 2006
Author: rgod

FCKEditor 2.0 <= 2.2 (connector.php) Remote Shell Upload Exploit

RunCMS <= 1.2 Arbitrary Remote Inclusion Exploit

 

various vulnerabilities ______________
Feb 8, 2006
Author: rgod

LoudBlog <= 0.4 arbitrary remote inclusion

Clever Copy <= V3.0 SQL injection / Admin authentication details disclosure

SPIP <= 1.8.2g remote commands execution through arbitrary local inclusion

CPGNuke Dragonfly 9.0.6.1 remote commands execution through arbitrary local inclusion

b2evolution <= 1.6alpha bruteforce attack tool / _config.php shell inject

 

various vulnerabilities ______________
Dec 29, 2005
Author: rgod

MS Internet Explorer 6.0 sp2 mshtml.dll (div) Denial Of Service exploit

phpDocumentor <= 1.3.0 rc4 remote commands execution exploit

 

 

______________
Dec 27, 2005
Author: rgod

Dev web management system <= 1.5 SQL injection / cross site scripting

 

 

various vulnerabilities ______________
Dec 22, 2005
Author: rgod

PhpGedView <= 3.3.7 remote commands execution

Limbo <= 1.0.4.2 _SERVER[REMOTE_ADDR] Overwrite Remote Exploit

 

 

various vulnerabilities ______________
Dec 13, 2005
Author: rgod

Sugar Suite Open source <= 4.0 remote code execution

Website Baker <= 2.6.0 SQL injection / remote commands execution


Flatnuke 2.5.6 privilege escalation / remote commands execution

phpCoin 1.2.2 Multiple vulnerabilities: advisory

phpCoin 1.2.2 phpcoinsessid blind SQL injection

phpCOIN 1.2.2 _CCFG[_PKG_PATH_DBSE] remote code execution

 

 

various vulnerabilities ______________
Dec 7, 2005
Author: rgod

XOOPS 2.2.3 Final arbitrary local inclusion
XOOPS WF-Downloads module v 2.05 SQL Injection / Administrative credentials disclousre / Remote commands execution


Moodle <=1.6dev blind SQL Injection / Remote commands/code execution / xss


ATutor 1.5.1pl2 SQL Injection / Remote commands execution

Unclassified NewsBoard 1.5.3 patch level 3 "DateFrom" & "DateUntil" blind SQL injection

Mambo <= 4.5.2 Globals overwrite / remote commands execution exploit

Xaraya <=1.0.0 RC4 Denial Of Service advisory / exploit

Zen-Cart <= 1.2.6d blind SQL injection / remote commands execution

PHPWebThings 1.4 "msg" and "forum" SQL injection / remote commands execution exploit

EKINboard 1.0.3 SQL injection / remote commands execution

eFiction <= 2.0 remote code execution / SQL injection / login bypass / cross site scripting / path & information disclosure

Guppy <= 4.5.9 Remote code execution / various arbitrary inclusion issues

DoceboLMS 2.0.4 remote commands execution

SimpleBBS <= v1.1 remote commands execution

 

 

various vulnerabilities ______________
Nov 3, 2005
Author: rgod

PHP-Nuke 7.8 SQL Injection / Remote Command Execution Exploit

CuteNews 1.4.1 arbitrary file inclusion/ Remote Command Execution Exploit

MWChat 6.8 Sql Injection / Remote commands execution

e107 <= 0.6172 (resetcore.php) Remote SQL Injection Exploit

w-Agora <= 4.2.0 (quicklist.php) Remote Code Execution Exploit

Lucid CMS 1.0.11 SQL Injection/Login Bypass/ Remote code execution advisory, exploit

versatileBulletinBoard 1.00 RC2 (board takeover) SQL Injection advisory, exploit

Cyphor <= 0.19 (board takeover) SQL Injection Exploit

Utopia News Pro <= 1.1.3 (news.php) SQL Injection Exploit

PHP-Fusion 6.00.109 (msg_send) SQL Injection Exploit

MailGust <= 1.9 (board takeover) SQL Injection Exploit

phpMyFAQ <= 1.5.1 (User-Agent) Remote Shell Injection Exploit

MyBloggie 2.1.3beta null char + SQL Injection -> Login Bypass


My Little Forum <= 1.5 (searchstring) SQL Injection Exploit

 

 

various vulnerabilities ______________
Sep 20, 2005
Author: rgod

CuteNews 1.4.0 remote code execution

AzDGDatingLite V 2.1.3 remote code execution

ATutor 1.5.1 SQL Injection

Digital Scribe v1.4 SQL Injection / remote code execution

Mail-it Now! 1.5 contact.php remote code execution

PHP Advanced Transfer Manager v1.30 directory traversal bug

 

 

various vulnerabilities ______________
Sep 9, 2005
Author: rgod

class-1 Forum Software v 0.24.4 Remote code execution

PBLang 4.65 (possibly prior versions) remote code execution / administrative
credentials disclosure
/ system information disclosure / cross site scripting / path disclosure


MAXdev MD-Pro 1.0.73 (possibly prior versions) remote code execution
/ cross site scripting / path disclosure


phpCommunityCalendar 4.0.3 (possibly prior versions)
sql injection / login bypass / cross site scripting


UNB 1.5.3 cross site scripting

Cyber-Cats ChitCHat 2.0 permits cross site scripting attacks,
lets users launch exploits from, lets remote users obtain informations
on target users, lets insecurely delete/create files

 

 

various vulnerabilities: ______________
Aug 31, 2005
Author: rgod

Flatnuke 2.5.6 Underlying system information disclosure / Administrative & users
credentials disclosure / cross site scripting / path disclosure / resource consumption poc


FUDforum remote code execution (based on securityfocus advisory )

 

 

various vulnerabilities ______________
Aug 30, 2005
Author: rgod

phpLDAPadmin 0.9.6 - 0.9.7/alpha5 (possibly prior versions) system disclosure,
remote code execution, cross site scripting


Looking Glass v20040427 arbitrary commands execution / cross site scripting

SaveWebPortal 3.4 remote code execution / admin check bypass / remote file
inclusion / cross site scripting


NETQUERY 3.11 remote commands execution explit (3.1 not properly unpatched)

 

 

various vulnerabilities ______________
Aug 18, 2005
Author: rgod

DevC++ V.4.9.9.2 null byte insertion / obfuscation flaw (update to synedit component obfuscation flaw explaination)

Zorum 3.5 remote code execution poc exploit

BBCaffe 2.0 cross site scripting poc

 

 

various vulnerabilities ______________
Aug 10, 2005
Author: rgod

Synedit null byte insertion / code obfuscation (this bug is in a bunch of compilers...)

Gravity Board X v1.1 (possibly prior versions)
Remote code execution, SQL Injection / Login Bypass, cross site scripting, path
disclosure poc


FunkBoard V0.66CF (possibly prior versions) cross site scripting,
possible database username/password disclosure & board takeover,
possible remote code execution


 

 

FlatNuke 2.5.5 (possibly prior versions) remote commands execution / cross site scripting / path disclosure ______________
Aug 5, 2005
Author: rgod

some critical vulnerabilities in FlatNuke 2.5.5, proof of concept exploit code here

 

Various vulnerabilities ______________
Aug 3, 2005
Author: rgod

Silvernews 2.0.3 (possibly previous versions ) SQL Injection / Login Bypass / Remote commands execution / cross site scripting

PHPFreeNews Version 1.32 (& previous) sql injection, cross site scripting, path disclosure, information disclosure  

qliteNews arbitrary database manipulation & cross site scripting poc exploit

Utopia News Pro 1.1.3 cross site scripting poc

SAXON version 4.1 sql injection / login bypass

phpeasynews v1.13 RC2 (possibly prior versions) cross site scripting, path disclosure , user check bypass

Web Content Management News System Administrative Account creation & cross site scripting poc

 

 

Various advisories ______________
Jul 26, 2005
Author: rgod

Simplicity OF Upload 1.3 (possibly prior versons) remote code execution
& cross site scripting


Flex PHPNews login bypass/ sql injection, cross site scripting & resource consumption poc exploit

 

 

Various vulnerabilities in php applications ______________
Jul 21, 2005
Author: rgod

Netquery 3.1 remote commands execution, cross site scripting and information disclosure

SEOboard 1.0 cross site scripting poc exploit

XMLRPC.PHP Remote code execution

CuteNews 1.3.6 path disclosure & cross site scripting / cookie disclosure poc exploit

Website Generator Multiple vulnerabilities

Asn Guestbook 1.5 cross site scripting poc exploit

PHPPageProtect Version 1.0.0 Cross site scripting POC Exploit

 

 

Various XSS in php applications ______________
Jul 13, 2005
Author: rgod

Pyrox search Cross Site Scripting poc exploit

UPB Gold 1.9.6 XSS poc exploit

UPB Gold 1.9.6 various XSS vulnerabilities

Mambo 4.5.2.3 Cross Site Scripting poc exploit

PHPSiteSearch 1.7.7d Cross Site Scripting poc exploit

 

 

PhpBB2Root = 2.0.15 ______________
Jul 10, 2005
Author: rgod

exploit che permette di prendere il controllo di una
macchina con installato
PhpBB 2.0.15, lanciare comandi di shell e appropriarsi della password del database

 

 

 

602 Lan Suite 2004 _ resources consumption & remote programs execution exploit [php] ______________
Jun 10, 2005
Author: rgod

Un utente remoto può saturare la memoria del sistema e lanciare programmi, inserendo nell'url chiamate a device names (come lpt1, com1...) (leggi tutto)

 

Pragma TelnetServer 6.0 Log Obfuscation ______________
Jun 10, 2005
Author: rgod

Un utente remoto può causare che la visione dei file di log
venga offuscata (leggi tutto)

 

 

602 Lan Suite bug: tag maliziosi in una richiesta di GET ______________
Jun 5, 2005
Author: rgod

tramite l'inserimento di tag
maliziosi in una richiesta di GET, si può impedire che l'amministratore veda i log
tramite l'interfaccia del web
server integrato

 

Mirc 6.16 & "generic Edit component" win32 trick ______________
Jun 3, 2005
Author: rgod

Naturalmente si sa che una edit box di Windows permette
di prelevare il suo testo tramite l'invio del messaggio
WM_GETTEXT e settarlo con WM_SETTEXT, una volta che si è trovato il suo handle. Ma cosa accade quando si usano software di messaggistica come Mirc? :)

 

Serverscheck 5.9.00 exploit ______________
May 27, 2005
Author: rgod

Trasversal url bug nel software di monioraggio Serverscheck 5.9.00. Una breve descrizione qui.

 

NmapGUI v0.9 per Win32 ______________
May 13, 2005
Author: rgod

una front-end grafica per lo scanner di network Nmap. Aggiunge alcune funzionalità come: la possibilità di sfruttare al massimo il programma, sviscerandone tutti gli switch, disposti in più tabsheets; la possibilità di esportare l'output di Nmap in Html, Latex e Rtf; di salvare diverse onfigurazioni di host e porte, oltre a quelle generali del programma;
la visualizzazione ell'output in una pratica synedit box;
l'organizzazione dei logs per data e ora.

 

Google dorks scanner [PHP] revision ______________
Apr 12, 2005
Author: rgod

Versione che implementa una lista di proxy. Aggiunta la grafica e una piacevole ascii-art, fixati alcuni bug.

 

Google dorks scanner [PHP] ______________
Apr 7, 2005
Author: rgod

Si tratta di uno scanner che effettua una serie di ricerche su google allo scopo di evidenziare le vulnerabilità di un sito. Si serve di questo database:

 

proxy grabber [php] ______________
Mar 17, 2005
Author: rgod

un semplice proxy grabber script

 

phpBB2root <= 2.0.10 [php] ______________
Dec 27, 2004
Author:

uno script per prendere il controllo totale di una macchina con phpBB2 <=2.0.10
o semplicemente svelare l'account del database

 

socksifying a connection _ [ php] ______________
Dec 20, 2004
Author:

breve articolo su come "socksificare" una
connessione in php

 

Irene1.2b_ release ______________
Dec 13, 2004
Author:

segnalibri; convertitore binario, decimale, esadecimale;
una pratica tabella ascii; conto delle parole; uppercase/lowercase
di una selezione; possibilità di convertire il valore RGB selezionato
da una colorbox in HTML; possibilità di aggiungere il numero di riga
ai sorgenti; fixati alcuni bug.

 

Irene 1.1b _ programming tool ______________
Dec 9, 2004
Author:

questa versione del programma
aggiunge alcuni linguaggi, la correzione e il completamento automatico, permette di esportare in Latex, permette di personalizzare i colori della sintassi

 

net send spoofing _ php ______________
Dec 1, 2004
Author:

uno studio sulle possibili
implicazioni del servizio
di messaggistica immediata
di win2k/xp

 

Irene _ syntax highligthing tool ______________
Nov 28, 2004
Author: rgod

Un utile tool di syntax highligthing ed exporting scritto in Delphi, supporta le sintassi di 46 linguaggi/applicativi
differenti, permette di esportare i sorgenti in un buon html e in rtf...

 

phpscan _ nbss session request ______________
Nov 16, 2004
Author: rgod

Aggiunte alcune funzionalità:
ICMP Echo requests (Ping sweep); NBSS session request (permette di vedere se attiva
la condivisione di file e stampanti, in particolare
mostra come sono codificati i nomi netbios); UDP scan : inserito uno scan preliminare sulle porte alte per determinare il tempo di timeout; fixati alcuni bug; inseriti dei commenti
sulla configurazione più adeguata di php.ini.

 

pscan _ SNMP queries ______________
Oct 7, 2004
Author: rgod

Aggiunte funzionalità di SNMP discovery, una tabella di visualizzazione dei pacchetti in esadecimale e plain text, fixato un bug.

 

pscan ______________
Oct 4, 2004
Author: rgod

Fixato un bug nel codice relativo all'UDP scan; inserita una funzionalità di netbios discovery

 

php scanner ______________
Oct 3, 2004
Author: rgod

TCP/UDP Port scanner tool, scritto totalmente in PHP è in fase di sviluppo: aggiunti versione fornisce scan customizzabili, collegamenti ipertestuali...