Straped 1.0 is a mix of stream/raped attack ported to Windows by LeVante. It is a denial of service (DoS) attack that sends a large number of packets to the target system, causing it to become unresponsive. It can be used to target a specific port or IP address. The attacker can specify the type of attack (stream or raped) and the number of threads to use.
This exploit retrieve the username of the administrator of the board and his password crypted in SHA256
This exploit allows an attacker to inject malicious SQL code into the vulnerable ASPNuke ASP Portal application. The malicious code is used to update the tbluser table in the database, setting the username and password to 'trapset'. This allows the attacker to gain access to the application.
This exploit allows an attacker to inject malicious SQL code into the vulnerable UBBCentral application. The vulnerable code is located in the mailthread.php file, which is used to display messages from a bulletin board. The attacker can inject malicious SQL code into the 'Cat' parameter, which is not properly sanitized before being used in a SQL query. This can allow the attacker to gain access to sensitive information from the database, such as usernames and passwords.
This exploit is a buffer overflow vulnerability in the Win32 Bind Shellcode. It allows an attacker to execute arbitrary code on the target system by overflowing the buffer with malicious code. The exploit uses a PexFnstenvSub encoder to encode the malicious code and then sends it to the target system via a TCP connection on port 4444. The exploit is triggered when the target system attempts to bind to the malicious code.
phpBB is a high powered, fully scalable, and highly customizable Open Source bulletin board package. An attacker can exploit multiple DoS vulnerabilities by registering as many users as possible or by searching in a way that the database cannot observe it.
This exploit allows an attacker to gain access to the WordPress admin panel by exploiting a SQL injection vulnerability in WordPress version 1.5.1.1. The exploit uses a specially crafted URL to inject a malicious SQL query into the WordPress database. The query is used to create a new admin user with the username 'r57' and the password 'r57'. The attacker can then use this user to gain access to the WordPress admin panel.
This exploit is a proof of concept for the modify post SQL Injection issue discovered in Simple Machine Forums. It allows an attacker to grab the hash of a target account by supplying a username, password, the complete url to a post they made, and the ID of the target account.
This exploit allows an attacker to execute arbitrary code on a vulnerable system by sending a specially crafted HTTP request to the vulnerable server. The exploit takes advantage of a vulnerability in the ViRobot 2.0 web application, which allows an attacker to inject arbitrary code into the 'ViRobot_ID' cookie. The code is then executed by the vulnerable application.
This exploit is used to gain root access on IBM AIX systems. It uses a buffer overflow vulnerability in the pagsh program to execute a shellcode that spawns a root shell. The exploit is written in C and uses the setenv() function to set environment variables EGG and EGGADDR which contain the shellcode and the address of the shellcode respectively.
Services By CQR