''' MS17-010 exploit for Windows 2000 and later by sleepyaNote: - The exploit should never crash a target (chance should be nearly 0%) - The exploit use the bug same as eternalromance and eternalsynergy, so named pipe is neededTested on:...
MS17-010 exploit for Windows 2000 and later by sleepya Note: - The exploit should never crash a target (chance should be nearly 0%) - The exploit use the bug same as eternalromance and eternalsynergy, so named pipe is needed Tested...
I have written another include system for my dynamic webpages, but it seems to be vulnerable to LFI. Here is the code: GeSHi`ed PHP code 1 2 3 4 56 7 8 9 1011 12 13 14 1516 17 <?php if (isset($_GET['which'])) { $which = $_GET['which']; switch ($which) { case 0:...
WeChall_Training: PHP LFI (Exploit, PHP, Training) Your mission is to exploit this code, which has obviously anLFI vulnerability: GeSHi`ed PHP code 1 2 $filename = 'pages/'.(isset($_GET["file"])?$_GET["file"]:"welcome").'.html'; include $filename; There is a lot of important...
GitHack is a .git folder disclosure exploit. It rebuild source code from .git folder while keep directory structure unchanged. GitHack是一个.git泄露利用脚本,通过泄露的.git文件夹下的文件,重建还原工程源代码。 渗透测试人员、攻击者,可以进一步审计代码,挖掘:文件上传,SQL注射等安全漏洞。 脚本的工作原理 ...
checkm8.exploit() elif 'CPID:8010' in serial_number: checkm8.exploit() elif 'CPID:8011' in serial_number: checkm8.exploit() elif 'CPID:8015' in serial_number: checkm8.exploit() else: print 'Found:', serial_number print 'ERROR: This device is not supported.' @@ -104,6 +123,30...
zzz_exploit.py fromimpacketimportsmb,smbconnection frommysmbimportMYSMB Jul 10, 2017 4 fromstructimportpack,unpack,unpack_from Jun 19, 2017 Initial upload importsys importsocket import Initial upload Note: - The exploit should never crash a target (chance should be nearly 0%)...