Showing 1 - 7 of 7

Files from The Light Cosine

WinRM VBS Remote Code Execution: Posted Nov 6, 2012; Authored by The Light Cosine | Site metasploit.com; This Metasploit module uses valid credentials to login to the WinRM service and execute a payload. It has two available methods for payload delivery: Powershell 2.0 and VBS CmdStager. The module will check if Powershell 2.0 is available, and if so uses that method. Otherwise it falls back to the VBS Cmdstager which is less stealthy. IMPORTANT: If targeting an x64 system with the Powershell method you MUST select an x64 payload. An x86 payload will never return.; tags | exploit, x86; SHA-256 | 058f6afb598d02e80da84c0e4ea89c3ba856e987c8c0b5e3601f4daf16120377; Download | Favorite | View

Turbo FTP Server 1.30.823 PORT Overflow: Posted Oct 22, 2012; Authored by corelanc0d3r, Lincoln, The Light Cosine, Zhao Liang | Site metasploit.com; This Metasploit module exploits a buffer overflow vulnerability found in the PORT command in Turbo FTP Server versions 1.30.823 and 1.30.826, which results in remote code execution under the context of SYSTEM.; tags | exploit, remote, overflow, code execution; advisories | OSVDB-85887; SHA-256 | abb8df5bd9e6fe13f397d60912333dbe638be84ba39c6009e9215a03bc909d53; Download | Favorite | View

Serv-U FTP Server Buffer Overflow: Posted Dec 2, 2011; Authored by The Light Cosine | Site metasploit.com; This Metasploit module exploits a stack buffer overflow in the site chmod command in versions of Serv-U FTP Server prior to 4.2. You must have valid credentials to trigger this vulnerability. Exploitation also leaves the service in a non-functional state.; tags | exploit, overflow; advisories | CVE-2004-2111; SHA-256 | 6c1771fcd160c66448baf1b278f2e301aaf7d1815e249d6528222c340620cafe; Download | Favorite | View

RealVNC Authentication Bypass: Posted Aug 26, 2011; Authored by H D Moore, The Light Cosine | Site metasploit.com; This Metasploit module exploits an Authentication Bypass Vulnerability in RealVNC Server version 4.1.0 and 4.1.1. It sets up a proxy listener on LPORT and proxies to the target server The AUTOVNC option requires that vncviewer be installed on the attacking machine. This option should be disabled for Pro.; tags | exploit, bypass; advisories | CVE-2006-2369, OSVDB-25479; SHA-256 | e04dfdae1c144c55bf3ae60b0db55de39d6d8b5d1ffc4b3506d87fa3c3c8e7c6; Download | Favorite | View

SmartFTP Saved Password Extraction: Posted Jun 20, 2011; Authored by The Light Cosine | Site metasploit.com; This Metasploit module finds saved login credentials for the SmartFTP FTP client for windows.; tags | exploit, info disclosure; systems | windows; SHA-256 | 97b107bd7fae0d3b8837548d34dcb302caadedc2441c45782f6a0584dc945b8b; Download | Favorite | View

Cforms II For WordPress CAPTCHA Bypass: Posted Dec 15, 2010; Authored by The Light Cosine; The Cforms II plugin for WordPress suffers from a CAPTCHA bypass vulnerability.; tags | advisory, bypass; SHA-256 | 9651927202406b32b942c8788261677321fc3d2a584e0a29325ea269b6706946; Download | Favorite | View

Ricoh Aficio Web Image Monitor 2.03 Cross Site Scripting: Posted Nov 11, 2010; Authored by The Light Cosine; Ricoh Aficio Web Image Monitor version 2.03 suffers from cross site scripting and redirection vulnerabilities.; tags | exploit, web, vulnerability, xss; SHA-256 | 9cb8a3f297c5e5664ca6551ba861cee32ff3b727dc04c87fa31e1cc0c6f6332f; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days