Search the Community

Showing results for tags 'escalation'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Staff Control
    • Staff Announcements
    • Moderators
    • Administration
  • General doubts | News
    • General doubts
    • News
  • Hacking | Remote Administration | Bugs & Exploits
    • Hacking
    • Remote Administration
    • Bugs & Exploits
  • Programming | Web | SEO | Prefabricated applications
    • General Programming
    • Web Programming
    • Prefabricated Applications
    • SEO
  • Cracking Zone
  • Security & Anonymity
  • Operating Systems | Hardware | Programs
  • Graphic Design
  • vBCms Comments
  • live stream tv
  • Marketplace
  • Premium Accounts
  • Modders Section
  • PRIV8-Section
  • Cracking Zone PRIV8
  • Carding Zone PRIV8

Blogs

There are no results to display.

There are no results to display.


Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


About Me


Location


Interests


Occupation


TeamViewer


Twitter


Facebook


Youtube


Google+


Tox

Found 151 results

  1. This Metasploit module exploits the trusted $PATH environment variable of the SUID binary omniresolve in Micro Focus (HPE) Data Protector versions A.10.40 and below. The omniresolve executable calls the oracleasm binary using a relative path and the trusted environment $PATH, which allows an attacker to execute a custom binary with root privileges. View the full article
  2. Microsoft Windows suffers from an insecure CSharedStream object privilege escalation vulnerability. View the full article
  3. This Metasploit module exploits a vulnerability in xscreensaver versions since 5.06 on unpatched Solaris 11 systems which allows users to gain root privileges. xscreensaver allows users to create a user-owned file at any location on the filesystem using the -log command line argument introduced in version 5.06. This module uses xscreensaver to create a log file in /usr/lib/secure/, overwrites the log file with a shared object, and executes the shared object using the LD_PRELOAD environment variable. This module has been tested successfully on xscreensaver version 5.15 on Solaris 11.1 (x86) and xscreensaver version 5.15 on Solaris 11.3 (x86). View the full article
  4. This Metasploit module attempts to gain root privileges with SUID Xorg X11 server versions 1.19.0 up to 1.20.3. A permission check flaw exists for -modulepath and -logfile options when starting Xorg. This allows unprivileged users that can start the server the ability to elevate privileges and run arbitrary code under root privileges. This module has been tested with CentOS 7 (1708). CentOS default install will require console auth for the users session. Xorg must have SUID permissions and may not start if running. On successful exploitation artifacts will be created consistent with starting Xorg. View the full article
  5. Solaris version 11.4 xscreensaver local privilege escalation exploit. View the full article
  6. Solaris version 11.4 xscreensaver local privilege escalation exploit. View the full article
  7. Uplay version 92.0.0.6280 suffers from a local privilege escalation vulnerability. View the full article
  8. National Instruments Circuit Design Suite version 14.0 suffers from a local privilege escalation vulnerability. View the full article
  9. Logrotate versions up to and including 3.15.1 suffer from a privilege escalation vulnerability. View the full article
  10. CheckPoint Endpoint Security VPN versions E80.87 Build 986009514 and below and ZoneAlarm versions 15.4.062.17802 and below suffer from a privilege escalation vulnerability. View the full article
  11. Gitlab Omnibus versions 7.4 through 12.2.1 suffer from a privilege escalation vulnerability that leverages a race condition in logrotate, resulting in a root shell. View the full article
  12. V-SOL GPON/EPON OLT Platform version 2.03 suffers from a remote privilege escalation vulnerability. View the full article
  13. This Metasploit module attempts to gain root privileges on RHEL systems with a vulnerable version of Automatic Bug Reporting Tool (ABRT) configured as the crash handler. sosreport uses an insecure temporary directory, allowing local users to write to arbitrary files (CVE-2015-5287). This module has been tested successfully on abrt 2.1.11-12.el7 on RHEL 7.0 x86_64 and abrt 2.1.11-19.el7 on RHEL 7.1 x86_64. View the full article
  14. macOS version 18.7.0 kernel local privilege escalation exploit that may only work on Macs before 2016. View the full article
  15. AppXSvc version 17763.1.amd64fre.rs5_release.180914-1434 suffers from an arbitrary file security descriptor overwrite privilege escalation vulnerability. View the full article
  16. Control Web Panel version 0.9.8.851 suffers from multiple privilege escalation vulnerabilities. View the full article
  17. 1337day-Exploits

    ktsuss Suid Privilege Escalation

    This Metasploit module attempts to gain root privileges by exploiting a vulnerability in ktsuss versions 1.4 and prior. The ktsuss executable is setuid root and does not drop privileges prior to executing user specified commands, resulting in command execution with root privileges. This module has been tested successfully on ktsuss 1.3 on SparkyLinux 6 (2019.08) (LXQT) (x64) and ktsuss 1.3 on SparkyLinux 5.8 (LXQT) (x64). View the full article
  18. This Metasploit module attempts to gain root privileges by blindly injecting into the session user's running shell processes and executing commands by calling system(), in the hope that the process has valid cached sudo tokens with root privileges. The system must have gdb installed and permit ptrace. This module has been tested successfully on Debian 9.8 (x64) and CentOS 7.4.1708 (x64). View the full article
  19. Kaseya VSA Agent versions 9.5 and below suffer from a privilege escalation vulnerability. View the full article
  20. Asus Precision TouchPad version 11.0.0.25 suffers from denial of service and privilege escalation via pool overflow vulnerabilities. View the full article
  21. Steam Windows client local privilege escalation exploit. View the full article
  22. This Metasploit module exploits SQL injection and command injection vulnerabilities in the ManageEngine Application Manager versions 14.2 and below. View the full article
  23. This Metasploit module exploits SQL injection and command injection vulnerability in the OpManager versions 12.4.034 and below. View the full article
  24. Microsoft Windows 7 Build 7601 (x86) local privilege escalation exploit. View the full article
  25. Microsoft Windows Task Scheduler suffers from a local privilege escalation vulnerability. The Windows MMC auto-elevates members of the 'administrators' group via the GUI and MMC snap-ins (via mmc.exe) automatically elevate without prompting UAC potentially leading to unintentional elevation of privilege. View the full article