This exploit is used to bypass authentication of SSH RSA 2048. It uses a python script to connect to the SSH server and try to authenticate with different keys. If the key is found, the script shows the key and the command to connect to the server.
SecurityGateway open port 4000 for remote administration/managment, EIP get owned when the username field is filled with 720 chars. Replace http://127.0.0.1:4000/ with your remote host. Use LWP::UserAgent to send a POST request with a payload of 236 'a' characters, 480 'b' characters, and 4 'c' characters to the SecurityGateway.dll page.
This exploit is a blind SQL injection vulnerability in the Joomla Component Joo!BB. It allows an attacker to extract the MD5 hash of a user's password by exploiting a vulnerability in the 'index.php' file. The exploit works by sending a specially crafted HTTP request to the vulnerable server, which then returns a response indicating whether the request was successful or not. The attacker can then use this response to determine the MD5 hash of the user's password.
I-Pos Internet Pay Online Store v1.3 Beta is vulnerable to a remote SQL injection vulnerability. An attacker can exploit this vulnerability by sending a specially crafted HTTP request to the vulnerable application. This can allow the attacker to gain access to the database and execute arbitrary SQL commands.
meBiblio 0.4.7 is vulnerable to SQL Injection, Arbitrary File Upload and XSS. An attacker can exploit this vulnerability by sending a malicious SQL query to the vulnerable application. An attacker can also upload a malicious file to the vulnerable application and execute it. An attacker can also inject malicious JavaScript code into the vulnerable application.
A Remote File Inclusion vulnerability exists in DesktopOnNet 3 Beta, which allows an attacker to include a remote file containing malicious code and execute it on the vulnerable system. The vulnerability is due to the 'app_path' parameter in 'don3_requiem.php' and 'frontpage.php' scripts not properly sanitized before being used to include files.
This exploit is a blind SQL injection vulnerability in the Joomla Component mycontent. It allows an attacker to extract the MD5 hash of the password of a given user ID. The exploit works by sending a specially crafted HTTP request to the vulnerable server and then analyzing the response to determine the MD5 hash of the password.
A vulnerability exists in ComicShout 2.8, which can be exploited by malicious people to conduct SQL injection attacks. The vulnerability is caused due to the 'news_id' parameter in the 'news.php' script not being properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Successful exploitation may allow execution of arbitrary SQL commands.
This exploit is a remote buffer overflow vulnerability in the SMB client. The vulnerability is triggered when a maliciously crafted packet is sent to the vulnerable SMB client. The packet contains a large number of 'A' characters, which causes a buffer overflow and allows arbitrary code execution.
A vulnerability in Social Site Generator allows an attacker to view the source code of any file on the server by appending the file name to the filedload.php, download.php, or download_file.php URL. This can be used to view the source code of any file on the server, including configuration files containing passwords and other sensitive information.
Services By CQR