Blog Posts - Proof Of Concept



OpenBSD Local Denial Of Service

/* * 2015, Maxime Villard * Exploit triggering a memory leak in the OpenBSD kernel from an unprivileged * user. Found by The Brainy Code Scanner. */   - - - - - - - - - - - - - - - - - script.sh - - - - - - - - - [...]...
by MondoUnix on Aug 31, 2015

WordPress 4.2.2 Comment form CSRF

Details ================ Software: WordPress Version: 3.8.1,3.8.2,4.2.2 Homepage: http://wordpress.org/ Advisory report: https://security.dxw.com/advisories/comment-form-csrf-allows-admin-impersonation-via-comments-in-wordpress-4-2-2/ CVE: Awaiting a...
by MondoUnix on Aug 26, 2015

Adobe Flash Player Drawing Fill Shader Memory Corruption

## # This module requires Metasploit: http://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ##   require 'msf/core'   class Metasploit3 < Msf::Exploit::Remote Rank = GreatRanking   include...
by MondoUnix on Jun 28, 2015

Linux splice_write Kernel Panic

/* ---------------------------------------------------------------------------------------------------- * cve-2014-7822_poc.c * * The implementation of certain splice_write file operations in the Linux kernel before 3.16 does not enforce a restrictio...
by MondoUnix on Apr 14, 2015

WordPress Fraction Theme 1.1.1 Privilege Escalation

------------------------------------------------------------------------------ WordPress Fraction Theme 1.1.1 Previlage Escalation ------------------------------------------------------------------------------   [-] Theme Link:   http://the...
by MondoUnix on Mar 12, 2015

PHP DateTimeZone Type Confusion Infoleak

#Type Confusion Infoleak Vulnerability in unserialize() with DateTimeZone   Taoguang Chen <[@chtg](http://github.com/chtg)> - Write Date: 2015.1.29 - Release Date: 2015.2.20   > A Type Confusion Vulnerability was discovered in u...
by MondoUnix on Feb 25, 2015

PHP DateTime Use-After-Free

#Use After Free Vulnerability in unserialize() with DateTime* [CVE-2015-0273]   Taoguang Chen <[@chtg](http://github.com/chtg)> - Write Date: 2015.1.29 - Release Date: 2015.2.20   > A use-after-free vulnerability was discovered...
by MondoUnix on Feb 25, 2015

WordPress WPLMS 1.8.4.1 Privilege Escalation

------------------------------------------------------------------------------ WordPress WPLMS Theme Previlege Escalation ------------------------------------------------------------------------------   [-] Author: Evex   http://packetstorm...
by MondoUnix on Feb 18, 2015

WordPress Quasar Theme 1.9.1 Privilege Escalation

------------------------------------------------------------------------------ WordPress Quasar Theme Previlege Escalation ------------------------------------------------------------------------------     [-] Theme Link:   http://them...
by MondoUnix on Feb 10, 2015

WordPress Pixarbay Images 2.3 XSS / Bypass / Upload / Traversal

Mogwai Security Advisory MSA-2015-01 ---------------------------------------------------------------------- Title: WP Pixarbay Images Multiple Vulnerabilities Product: Pixarbay Images (Wordpress Plugin) Affected versions: 2.3 Impact: high Remote: yes...
by MondoUnix on Jan 26, 2015

PHP 5.x / Bash Shellshock Proof Of Concept

<?php   // Exploit Title: PHP 5.x and GNU Bash <= 4.3 Shellshock Exploit // Date: 22/11/2014 // Exploit Author: ssbostan // Vendor Homepage: http://www.gnu.org/software/bash/ // Software Link: http://ftp.gnu.org/gnu/bash/ // Version: ...
by MondoUnix on Nov 26, 2014

Samsung Galaxy KNOX Android Browser Remote Code Execution

## # This module requires Metasploit: http://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ##   require 'msf/core' require 'digest/md5'   class Metasploit3 < Msf::Exploit::Remote   include...
by MondoUnix on Nov 18, 2014

Junges Start-up entwickelt innovatives Tool zur Suche der optimalen Wohngegend

Nicht erst seit der gesetzlich eingeführten „Mietpreisbremse“ sind steigende Mietpreise in besonders beliebten Wohngegenden in das Bewusstsein der Öffentlichkeit gerückt: Ob Prenzlauer Berg und Kreuzberg in Berlin oder Schanzenviertel und St.

OpenBSD 5.5 Local Kernel Panic

/* * tenochtitlan.c * * OpenBSD <= 5.5 Local Kernel Panic * by Alejandro Hernandez (@nitr0usmx) * * Advisory and technical details: * http://www.ioactive.com/pdfs/IOActive_Advisory_OpenBSD_5_5_Local_Kernel_Panic.pdf * * Fix: http://www.openbsd.or...
by MondoUnix on Oct 24, 2014

Steambot Studios Launches Urbance Kickstarter

We covered Urbance way back when the story of these gender-bending street warriors was little more than a hyper-stylish proof-of-concept trailer. Look how much a year changes things! Steambot Studios finally launched a kickstarter page for Urbance la...
by Awesome Robo! on Oct 2, 2014

M/Monit 3.2.2 Cross Site Request Forgery

Application: M/Monit 3.2.2 Author: Dolev Farhi @dolevff Date: 13.9.2014 Relevant CVEs: CVE-2014-6409, CVE-2014-6607 Vulnerable version: <= 3.2.2       M/Monit is an Easy, proactive monitoring of Unix systems, network and cloud serv...
by MondoUnix on Sep 20, 2014

LogAnalyzer 3.6.5 Cross Site Scripting

Author: Dolev Farhi @dolevff Application: LogAnalyzer Date: 8.2.2014 Tested on: Red Hat Enterprise Linux 6.4 Relevant CVEs: CVE-2014-6070     1. About the application ------------------------ LogAnalyzer is a web interface to syslog and oth...
by MondoUnix on Sep 7, 2014

WordPress Simple Share Buttons Adder 4.4 CSRF / XSS

Details ================ Software: Simple Share Buttons Adder Version: 4.4 Homepage: https://wordpress.org/plugins/simple-share-buttons-adder/ Advisory report: https://security.dxw.com/advisories/csrf-and-stored-xss-in-simple-share-buttons-adder/ CVE...
by MondoUnix on Jul 1, 2014

Turn your arm into a keyboard with Google Minuums and Glass

The Google Glass is all a reality, and every time we are surprised with the many more things we can do with them,… more » The post Turn your arm into a keyboard with Google Minuums and Glass appeared first on 24reviews.
by 24Reviews on Jun 8, 2014

Elwood Pie - The Pilot

Elwood Pie is a 12 year old kid living in Mud Lake, probably the weirdest place on the planet. And he's the star of this pilot by Kapow Pictures, which seems to take elements from Disney's paranormal themed Gravity Falls and add the twist of a b...
by Awesome Robo! on May 19, 2014


Trending Topics

Close