decidedlygray

require 'msf/core'

class Metasploit3 < Msf::Exploit::Remote
  Rank = ExcellentRanking

  include Msf::Exploit::Remote::HttpServer::HTML
  
  def initialize(info = {})
    super(update_info(info,
      'Name'           => 'NetGear UPnP CSRF',

decidedlygray

# Exploit Title: CesarFTP 0.99g Remote Resource Exhaustion Vulnerability v4260
# Date: 10/16/2015
# Exploit Author: @decidedlygray (independently discovered while learning Sulley fuzzing framework)
# Vendor Homepage: ACLogic.com [NO LONGER EXISTS]
# Software Link: http://download.cnet.com/CesarFTP/3000-2160_4-13481.html
# Version: 0.99g
# Tested on: Windows XP, Windows 7
#
# Exploit for the issue already discovered in 2004:
#     - CesarFTP Server Long Command Denial of Service Exploit - https://www.exploit-db.com/exploits/428/

decidedlygray

Keybase proof

I hereby claim:

• I am decidedlygray on github.
• I am decidedlygray (https://keybase.io/decidedlygray) on keybase.
• I have a public key ASAKcnLth9zmCU92kY2PjXhHT7zm4KfiY4wkr1N3p2Phego

To claim this, I am signing this object:

decidedlygray

#!/usr/bin/python

import sys
import time
from sulley import *


#######################################################################
""" Receive banner when connecting to server. """
def banner(sock):

decidedlygray

Aruba produces two different software loads for their Access Point hardware. The first is called ArubaOS and the second is called Aruba Instant. With ArubaOS, the AP requires a Mobility Controller (hardware) to be installed in the network. With the Aruba Instant it is possible to run AP’s independently (standalone mode) or in a cluster, with no Mobility Controller in the network.

decidedlygray

# ###
# install_letsencrypt_ca_certificates_for_jvm_windows.ps1
# Based on the linux script here: https://www.nuharborsecurity.com/creating-a-private-burp-collaborator-in-amazon-aws-with-a-letsencrypt-wildcard-certificate/
# Written by @decidedlygray, 20180626
#
# NOTE: Not working at the moment. Comments welcome.
# ###

# BurpSuitePro Install Location
$BurpInstallLocation="C:\Program Files\BurpSuitePro\"

decidedlygray

#!/usr/bin/env python

# The py2 code below is an abomination that was slapped together in a matter of
#    minutes to see if the internet was behaving as expected. It is utter garbage
#    and should not be used by anyone. - @decidedlygray

import socket
import urllib2
import zipfile
import csv

decidedlygray

using System;
using System.IO;
using System.Text;
using System.IO.Compression;
using System.EnterpriseServices;
using System.Collections.Generic;
using System.Runtime.InteropServices;
using System.Security.Cryptography;
 
/*

decidedlygray

# For when you decompile an Android APK and some of the strings are static integer arrays instead of strings,
#  this snippet will print them out as strings. I've re-written this a few times so I figured I'd just
#  post it here so I can find it when I need it.

strArray = []

# Drop your "private static final short[] a = { 65, 66, 67, 68, 69, 70, 71, 72, 73 ... }"" here, but replace [] w/ {}
strArray.append(
    [65, 66, 67, 68, 69, 70, 71, 72, 73, 74, 75, 76, 77, 78, 79, 80, 81, 82, 83, 84, 85, 86, 87, 88, 89, 90, 97, 98, 99, 100, 101, 102, 103, 104, 105, 106, 107, 108, 109, 110, 111, 112, 113, 114, 115, 116, 117, 118, 119, 120, 121, 122, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57]

decidedlygray

# 
# Project Homepage: https://github.com/avast-tl/retdec#linux
# This file is based on the Dockerfile from the repo above
# 
apt update -y
apt install -y build-essential cmake git perl python3 doxygen graphviz upx flex bison zlib1g-dev libtinfo-dev autoconf automake pkg-config m4 libtool
cd /opt
git clone https://github.com/avast-tl/retdec
cd retdec && mkdir build && cd build
cmake .. -DCMAKE_INSTALL_PREFIX=/home/retdec/retdec-install