exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 337 RSS Feed

Files from juan vazquez

First Active2011-06-27
Last Active2024-09-01
Novell ZENworks Configuration Management Preboot Service Remote File Access
Posted Sep 1, 2024
Authored by Luigi Auriemma, juan vazquez | Site metasploit.com

This Metasploit module exploits a directory traversal in the ZENworks Configuration Management. The vulnerability exists in the Preboot service and can be triggered by sending a specially crafted PROXY_CMD_FTP_FILE (opcode 0x21) packet to the 998/TCP port. This Metasploit module has been successfully tested on Novell ZENworks Configuration Management 10 SP2 and SP3 over Windows.

tags | exploit, tcp
systems | windows
advisories | CVE-2012-2215
SHA-256 | c8558ecefbfe751f2fc66900fb57a9cf3f672074e3a5a9c539be4d79127c10fb
Multiple DVR Manufacturers Configuration Disclosure
Posted Sep 1, 2024
Authored by Alejandro Ramos, juan vazquez | Site metasploit.com

This Metasploit module takes advantage of an authentication bypass vulnerability at the web interface of multiple manufacturers DVR systems, which allows to retrieve the device configuration.

tags | exploit, web, bypass
advisories | CVE-2013-1391
SHA-256 | 92970fe8576d8a26914e34ab8819055f169c2028d4106ed9aa7fe40e0c3de86b
HP Intelligent Management ReportImgServlt Directory Traversal
Posted Sep 1, 2024
Authored by rgod, juan vazquez | Site metasploit.com

This Metasploit module exploits a lack of authentication and a directory traversal in HP Intelligent Management, specifically in the ReportImgServlt, in order to retrieve arbitrary files with SYSTEM privileges. This Metasploit module has been tested successfully on HP Intelligent Management Center 5.1 E0202 over Windows 2003 SP2.

tags | exploit, arbitrary
systems | windows
advisories | CVE-2012-5203
SHA-256 | fc011d457e4acf956275035f4b8a0451d41e2e13f19438085bac537923b7fe5d
Apache ActiveMQ Directory Traversal
Posted Sep 1, 2024
Authored by AbdulAziz Hariri, juan vazquez | Site metasploit.com

This Metasploit module exploits a directory traversal vulnerability in Apache ActiveMQ 5.3.1 and 5.3.2 on Windows systems. The vulnerability exists in the Jettys ResourceHandler installed with the affected versions. This Metasploit module has been tested successfully on ActiveMQ 5.3.1 and 5.3.2 over Windows 2003 SP2.

tags | exploit
systems | windows
SHA-256 | e4fc1de226b239cc42c11119b2ecd2130fccf09146aabb316d9690fa9c3b4d15
D-Link User-Agent Backdoor Scanner
Posted Sep 1, 2024
Authored by Craig Heffner, Michael Messner, juan vazquez | Site metasploit.com

This Metasploit module attempts to find D-Link devices running Alphanetworks web interfaces affected by the backdoor found on the User-Agent header. This Metasploit module has been tested successfully on a DIR-100 device with firmware version v1.13.

tags | exploit, web
SHA-256 | efeab64a2c3b15be8d9ef8a9a4512d08c15268b3a979db52689b008670fee189
Novell ZENworks Asset Management 7.5 Remote File Access
Posted Sep 1, 2024
Authored by juan vazquez | Site metasploit.com

This Metasploit module exploits a hardcoded user and password for the GetFile maintenance task in Novell ZENworks Asset Management 7.5. The vulnerability exists in the Web Console and can be triggered by sending a specially crafted request to the rtrlet component, allowing a remote unauthenticated user to retrieve a maximum of 100_000_000 KB of remote files. This Metasploit module has been successfully tested on Novell ZENworks Asset Management 7.5.

tags | exploit, remote, web
advisories | CVE-2012-4933
SHA-256 | 330cc22734979700205d38d8b3a6fcb4016360f791b7add7a0841b6885897ab3
HP Intelligent Management FaultDownloadServlet Directory Traversal
Posted Sep 1, 2024
Authored by rgod, juan vazquez | Site metasploit.com

This Metasploit module exploits a lack of authentication and a directory traversal in HP Intelligent Management, specifically in the FaultDownloadServlet, in order to retrieve arbitrary files with SYSTEM privileges. This Metasploit module has been tested successfully on HP Intelligent Management Center 5.1 E0202 over Windows 2003 SP2.

tags | exploit, arbitrary
systems | windows
advisories | CVE-2012-5202
SHA-256 | 4afa0137a506369a61e2db708c38b69ad4ed8789d747da63b132480ec19c7b07
Supermicro Onboard IPMI CGI Scanner
Posted Sep 1, 2024
Authored by H D Moore, juan vazquez | Site metasploit.com

This Metasploit module checks for known vulnerabilities in the CGI applications of Supermicro Onboard IPMI controllers. These issues currently include several unauthenticated buffer overflows in the login.cgi and close_window.cgi components.

tags | exploit, overflow, cgi, vulnerability
advisories | CVE-2013-3621, CVE-2013-3623
SHA-256 | 25146ab0a527b2c20a4d174368a8756c57f0f973644733c599eb8239270f30b0
NFR Agent FSFUI Record Arbitrary Remote File Access
Posted Sep 1, 2024
Authored by juan vazquez | Site metasploit.com

NFRAgent.exe, a component of Novell File Reporter (NFR), allows remote attackers to retrieve arbitrary text files via a directory traversal while handling requests to /FSF/CMD with an FSFUI record with UICMD 126. This Metasploit module has been tested successfully against NFR Agent 1.0.4.3 (File Reporter 1.0.2) and NFR Agent 1.0.3.22 (File Reporter 1.0.1).

tags | exploit, remote, arbitrary
advisories | CVE-2012-4958
SHA-256 | 81f6f5506b0f0868f1a9d759cd92713726d775d050dcedeb4fb03b32a0063308
HP SiteScope SOAP Call GetSiteScopeConfiguration Configuration Access
Posted Sep 1, 2024
Authored by rgod, juan vazquez | Site metasploit.com

This Metasploit module exploits an authentication bypass vulnerability in HP SiteScope which allows to retrieve the HP SiteScope configuration, including administrative credentials. It is accomplished by calling the getSiteScopeConfiguration operation available through the APISiteScopeImpl AXIS service. The HP SiteScope Configuration is retrieved as file containing Java serialization data. This Metasploit module has been tested successfully on HP SiteScope 11.20 over Windows 2003 SP2 and Linux Centos 6.3.

tags | exploit, java, bypass
systems | linux, windows, centos
SHA-256 | 49a6293f49b3d88908408822f05f60de61f16258c0921f50adecb84a90811493
MediaWiki SVG XML Entity Expansion Remote File Access
Posted Sep 1, 2024
Authored by juan vazquez, Christian Mehlmauer, Daniel Franke | Site metasploit.com

This Metasploit module attempts to read a remote file from the server using a vulnerability in the way MediaWiki handles SVG files. The vulnerability occurs while trying to expand external entities with the SYSTEM identifier. In order to work MediaWiki must be configured to accept upload of SVG files. If anonymous uploads are allowed the username and password arent required, otherwise they are. This Metasploit module has been tested successfully on MediaWiki 1.19.4, 1.20.3 on Ubuntu 10.04 and Ubuntu 12.10. Older versions were also tested but do not seem to be vulnerable to this vulnerability. The following MediaWiki requirements must be met: File upload must be enabled, $wgFileExtensions[] must include svg, $wgSVGConverter must be set to something other than false.

tags | exploit, remote, file upload
systems | linux, ubuntu
SHA-256 | 71615d7c455fb2156a5414c500e8bff8843420ced30f06fff70abbf96f287ac8
HP SiteScope SOAP Call LoadFileContent Remote File Access
Posted Sep 1, 2024
Authored by rgod, juan vazquez | Site metasploit.com

This Metasploit module exploits an authentication bypass vulnerability in HP SiteScope to retrieve an arbitrary text file from the remote server. It is accomplished by calling the loadFileContent operation available through the APIMonitorImpl AXIS service. This Metasploit module has been successfully tested on HP SiteScope 11.20 over Windows 2003 SP2 and Linux Centos 6.3.

tags | exploit, remote, arbitrary, bypass
systems | linux, windows, centos
SHA-256 | 70fba2e746b60b36e7ed3d2efbabee053f81db339cfb2580347bd710629b238d
HP Intelligent Management SOM FileDownloadServlet Arbitrary Download
Posted Sep 1, 2024
Authored by rgod, juan vazquez | Site metasploit.com

This Metasploit module exploits a lack of authentication and access control in HP Intelligent Management, specifically in the FileDownloadServlet from the SOM component, in order to retrieve arbitrary files with SYSTEM privileges. This Metasploit module has been tested successfully on HP Intelligent Management Center 5.2_E0401 with SOM 5.2 E0401 over Windows 2003 SP2.

tags | exploit, arbitrary
systems | windows
advisories | CVE-2013-4826
SHA-256 | 1850a191353250b7a4f39ae00758d5a46a4b1b6e1c9ca0c3c46852217064aebe
Atlassian Crowd XML Entity Expansion Remote File Access
Posted Sep 1, 2024
Authored by juan vazquez, Will Caput, Trevor Hartman, Thaddeus Bogner | Site metasploit.com

This Metasploit module simply attempts to read a remote file from the server using a vulnerability in the way Atlassian Crowd handles XML files. The vulnerability occurs while trying to expand external entities with the SYSTEM identifier. This Metasploit module has been tested successfully on Linux and Windows installations of Crowd.

tags | exploit, remote
systems | linux, windows
advisories | CVE-2012-2926
SHA-256 | 75935ac70e77d2ed62ac0e96af0d4e5b93fa4b3bb3efd5ddaf65a718cf03dd38
Apache ActiveMQ JSP Files Source Disclosure
Posted Sep 1, 2024
Authored by Veerendra G.G, juan vazquez | Site metasploit.com

This Metasploit module exploits a source code disclosure in Apache ActiveMQ. The vulnerability is due to the Jettys ResourceHandler handling of specially crafted URIs starting with //. It has been tested successfully on Apache ActiveMQ 5.3.1 over Windows 2003 SP2 and Ubuntu 10.04.

tags | exploit
systems | linux, windows, ubuntu
advisories | CVE-2010-1587
SHA-256 | ede3496420e2c26c1f98f2ec9c2985c39b539632810d4d9851f54502743fb0ff
HP SiteScope SOAP Call GetFileInternal Remote File Access
Posted Sep 1, 2024
Authored by rgod, juan vazquez | Site metasploit.com

This Metasploit module exploits an authentication bypass vulnerability in HP SiteScope to retrieve an arbitrary file from the remote server. It is accomplished by calling the getFileInternal operation available through the APISiteScopeImpl AXIS service. This Metasploit module has been successfully tested on HP SiteScope 11.20 over Windows 2003 SP2 and Linux Centos 6.3.

tags | exploit, remote, arbitrary, bypass
systems | linux, windows, centos
SHA-256 | ac2a6c8b7ee1032f4592faca207812805ca78af0323e9f167ee599f82c2b95f3
Supermicro Onboard IPMI Url_redirect.cgi Authenticated Directory Traversal
Posted Sep 1, 2024
Authored by H D Moore, juan vazquez | Site metasploit.com

This Metasploit module abuses a directory traversal vulnerability in the url_redirect.cgi application accessible through the web interface of Supermicro Onboard IPMI controllers. The vulnerability is present due to a lack of sanitization of the url_name parameter. This allows an attacker with a valid, but not necessarily administrator-level account, to access the contents of any file on the system. This includes the /nv/PSBlock file, which contains the cleartext credentials for all configured accounts. This Metasploit module has been tested on a Supermicro Onboard IPMI (X9SCL/X9SCM) with firmware version SMT_X9_214. Other file names to try include /PSStore, /PMConfig.dat, and /wsman/simple_auth.passwd.

tags | exploit, web, cgi
SHA-256 | 2a895b9a6c562c00a389ca6061ee3c5d3935d00911eac01555699f44b7a15397
HP Intelligent Management BIMS DownloadServlet Directory Traversal
Posted Sep 1, 2024
Authored by rgod, juan vazquez | Site metasploit.com

This Metasploit module exploits a lack of authentication and a directory traversal in HP Intelligent Management, specifically in the DownloadServlet from the BIMS component, in order to retrieve arbitrary files with SYSTEM privileges. This Metasploit module has been tested successfully on HP Intelligent Management Center 5.1 E0202 with BIMS 5.1 E0201 over Windows 2003 SP2.

tags | exploit, arbitrary
systems | windows
advisories | CVE-2013-4823
SHA-256 | dd399cbd46c56431b6335bb7af600f7a8b07fbe5b5343567170606df7df666bb
Novell Groupwise Agents HTTP Directory Traversal
Posted Sep 1, 2024
Authored by juan vazquez | Site metasploit.com

This Metasploit module exploits a directory traversal vulnerability in Novell Groupwise. The vulnerability exists in the web interface of both the Post Office and the MTA agents. This Metasploit module has been tested successfully on Novell Groupwise 8.02 HP2 over Windows 2003 SP2.

tags | exploit, web
systems | windows
advisories | CVE-2012-0419
SHA-256 | cf3c10c3309d3a179dabde680510ab0063386316124c0e6cf1c7d34f3864c865
HP Intelligent Management IctDownloadServlet Directory Traversal
Posted Sep 1, 2024
Authored by rgod, juan vazquez | Site metasploit.com

This Metasploit module exploits a lack of authentication and a directory traversal in HP Intelligent Management, specifically in the IctDownloadServlet, in order to retrieve arbitrary files with SYSTEM privileges. This Metasploit module has been tested successfully on HP Intelligent Management Center 5.1 E0202 over Windows 2003 SP2.

tags | exploit, arbitrary
systems | windows
advisories | CVE-2012-5204
SHA-256 | 331f67245589f8f5486246bf8eb948bde7cf833ed0355ee50545787a79aaed4a
NFR Agent SRS Record Arbitrary Remote File Access
Posted Sep 1, 2024
Authored by juan vazquez | Site metasploit.com

NFRAgent.exe, a component of Novell File Reporter (NFR), allows remote attackers to retrieve arbitrary files via a request to /FSF/CMD with a SRS Record with OPERATION 4 and CMD 103, specifying a full pathname. This Metasploit module has been tested successfully against NFR Agent 1.0.4.3 (File Reporter 1.0.2) and NFR Agent 1.0.3.22 (File Reporter 1.0.1).

tags | exploit, remote, arbitrary
advisories | CVE-2012-4957
SHA-256 | 0fe7de29a8510749c4422eb90c00ce443c32a0afb88d5b82f3f5fffdca5d7da1
Novell ZENworks Asset Management 7.5 Configuration Access
Posted Sep 1, 2024
Authored by juan vazquez | Site metasploit.com

This Metasploit module exploits a hardcoded user and password for the GetConfig maintenance task in Novell ZENworks Asset Management 7.5. The vulnerability exists in the Web Console and can be triggered by sending a specially crafted request to the rtrlet component, allowing a remote unauthenticated user to retrieve the configuration parameters of Novell Zenworks Asset Management, including the database credentials in clear text. This Metasploit module has been successfully tested on Novell ZENworks Asset Management 7.5.

tags | exploit, remote, web
advisories | CVE-2012-4933
SHA-256 | 1d9e7ba3c5437ccfb3683cfc6321e1b7024fe5a849eab97a085b5868e1d6209e
OpenSSL Server-Side ChangeCipherSpec Injection Scanner
Posted Aug 31, 2024
Authored by juan vazquez, Craig Young, Masashi Kikuchi | Site metasploit.com

This Metasploit module checks for the OpenSSL ChangeCipherSpec (CCS) Injection vulnerability. The problem exists in the handling of early CCS messages during session negotiation. Vulnerable installations of OpenSSL accepts them, while later implementations do not. If successful, an attacker can leverage this vulnerability to perform a man-in-the-middle (MITM) attack by downgrading the cipher spec between a client and server. This issue was first reported in early June, 2014.

tags | exploit
advisories | CVE-2014-0224
SHA-256 | 50d2ae16c07b123362ddd9c4123d103a1aaf098f3776f32cfd170977a46bd234
Sielco Sistemi Winlog Remote File Access
Posted Aug 31, 2024
Authored by Luigi Auriemma, juan vazquez | Site metasploit.com

This Metasploit module exploits a directory traversal in Sielco Sistemi Winlog. The vulnerability exists in the Runtime.exe service and can be triggered by sending a specially crafted packet to the 46824/TCP port. This Metasploit module has been successfully tested on Sielco Sistemi Winlog Lite 2.07.14.

tags | exploit, tcp
advisories | CVE-2012-4356
SHA-256 | b86031eb554a91e334141d55bf93e4dd76814f3ae6c789b063d6cd6424f4986a
Indusoft WebStudio NTWebServer Remote File Access
Posted Aug 31, 2024
Authored by juan vazquez, temp66 | Site metasploit.com

This Metasploit module exploits a directory traversal vulnerability in Indusoft WebStudio. The vulnerability exists in the NTWebServer component and allows to read arbitrary remote files with the privileges of the NTWebServer process. The module has been tested successfully on Indusoft WebStudio 6.1 SP6.

tags | exploit, remote, arbitrary
advisories | CVE-2011-1900
SHA-256 | d242b8007726d97afc7ca45d4fdc57dd3eea44c1e53c5a4a3eff01999ce2fbaa
Page 1 of 14
Back12345Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close