Search the Community

Showing results for tags 'command'.

The search index is currently processing. Current results may not be complete.


More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • General doubts | News
    • General doubts
    • News
  • Hacking | Remote Administration | Bugs & Exploits
    • Hacking
    • Remote Administration
    • Bugs & Exploits
  • Programming | Web | SEO | Prefabricated applications
    • General Programming
    • Web Programming
    • Prefabricated Applications
    • SEO
  • Cracking Zone
  • Security & Anonymity
  • Operating Systems | Hardware | Programs
  • Graphic Design
  • vBCms Comments
  • live stream tv
  • Marketplace
  • Premium Accounts
  • Modders Section
  • PRIV8-Section
  • Cracking Zone PRIV8
  • Carding Zone PRIV8

Blogs

There are no results to display.

There are no results to display.


Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


About Me


Location


Interests


Occupation


TeamViewer


Twitter


Facebook


Youtube


Google+


Tox

Found 121 results

  1. This Metasploit module exploits a remote command execution vulnerability in Nostromo versions 1.9.6 and below. This issue is caused by a directory traversal in the function http_verify in nostromo nhttpd allowing an attacker to achieve remote code execution via a crafted HTTP request. View the full article
  2. Moxa EDR-810 suffers from command injection and information disclosure vulnerabilities. View the full article
  3. ASUS RT-N10+ with firmware version 2.0.3.4 suffers from cross site request forgery and cross site scripting vulnerabilities that can assist with achieving command execution. View the full article
  4. 1337day-Exploits

    Ajenti Remote Command Execution

    Ajenti suffers from a remote command execution vulnerability. View the full article
  5. 1337day-Exploits

    thesystem 1.0 Command Injection

    thesystem version 1.0 suffers from a command injection vulnerability. View the full article
  6. ACTi ACM-5611 video camera remote command execution exploit. View the full article
  7. ACTi ACD-2100 video encoder remote command execution exploit. View the full article
  8. Nmap NSE script that exploits a pre-authentication remote command execution vulnerability in vBulletin versions 5.x. View the full article
  9. ACTi ACM-3100 Camera remote command execution exploit. View the full article
  10. NPMJS gitlabhook version 0.0.17 suffers from a remote command execution vulnerability. View the full article
  11. Piwigo versions 2.9.5 and below suffer from cross site scripting, command execution, and remote SQL injection vulnerabilities. View the full article
  12. Black Vision Command line Remote Access tool targeting Windows Systems. Download Maxmind GeoIP2 Database from here ; LINK Extract the file under blackvision/ How to use Install required modules pip3 install -r requirements.txt Run server git clone [Hidden Content] cd blackvision python3 main.py Generate Agent cd blackvision python3 generate.py Change Host/Port Open settings.ini. And change host, port. Commands Command Purpose transfer Transfer a NON Binary file. bsendfile Transfer a Binary File. kill Kill the connection info View Information of client. msgbox Send Messageboxes. exec Execute a Command on the remote Machine(s). exec-file Execute a file on the remote Machine(s). wanip View WAN IP of Remote Machine(s). hostname View Hostname of Remote Machine(s). username View Username of Remote Machine(s). monitoroff Turn of monitor of Remote Machine(s). monitoron Turn monitor back on. cdopen Eject CDROM of Remote Machine(s). cdclose Close CDROM of Remote Machine(s). playaudio Play Audio stream on Remote Machine(s). send Send commands to 1 client. (NO broadcast) keydump DUMP Keystroke buffer (Not added yet) Termux Compatibilty This app is compatible with Termux. Run it the same way you run it in Terminal. TODO Rewrite Agent in C. Fix sending file to single client. (Fixed) Fix multiple clients information saving. (Fixed) Add keylogging. Fix that args[3] does not get sent. (Fixed) Fix Broken connection problems. Video Example: [Hidden Content] Download: [Hidden Content]
  13. Opencart version 2.3.0.2 pre-authentication remote command execution exploit. View the full article
  14. Enigma NMS version 65.0.0 suffers from a remote OS command injection vulnerability. View the full article
  15. C3 Custom Command and Control C3 (Custom Command and Control) is a tool that allows Red Teams to rapidly develop and utilise esoteric command and control channels (C2). It’s a framework that extends other red team tooling, such as the commercial Cobalt Strike (CS) product via ExternalC2, which is supported at release. It allows the Red Team to concern themselves only with the C2 they want to implement; relying on the robustness of C3 and the CS tooling to take care of the rest. This efficiency and reliability enable Red Teams to operate safely in critical client environments (by assuring a professional level of stability and security); whilst allowing for safe experimentation and rapid deployment of customised Tactics, Techniques and Procedures (TTPs). Thus, empowering Red Teams to emulate and simulate an adaptive real-world attacker. Attackers must establish command and control (C2) to gain influence within their target environments in order to pursue their goals and objectives. It is therefore arguably one of the most important parts of the cyber kill chain because without it any payloads that are successfully delivered operate blindly, cannot provide network level pivoting and near real-time interaction. It is no surprise then that organisations have been imposing more controls against what types of communications are allowed from systems and a priority has been placed on defensive teams to be able to effectively detect C2. This is emphasised by two out of the twelve columns of Mitre ATT&CK being related to this area, ‘Command and Control’ and ‘Exfiltration’. The first proof of concept of C3 was presented at BlueHat v18 by William Knowles and Dave Hartley. Since then it has been refactored and some aspects reimagined into what it is today by a team of developers heavily influenced by members of the MWR Red Team. Video : BlueHat v18 || Overt Command & Control: The Art of Blending In Practical Usage C3 is designed to be an easy and intuitive interface that allows users to form complex paths during adversarial simulations. This section provides an in-depth guide of how to use C3, from compilation through to code execution. See blog post for a detailed tutorial. [hide][Hidden Content]] For contribution guide (how to develop a Channel tutorials), see this page [hide][Hidden Content]] Download [hide][Hidden Content]]
  16. This Metasploit module exploits a command injection vulnerability in the Collectd graphing functionality in LibreNMS. The to and from parameters used to define the range for a graph are sanitized using the mysqli_escape_real_string() function, which permits backticks. These parameters are used as part of a shell command that gets executed via the passthru() function, which can result in code execution. View the full article
  17. This Metasploit module exploits a vulnerability found in AwindInc and OEM'ed products where untrusted inputs are fed to ftpfw.sh system command, leading to command injection. A valid SNMP read-write community is required to exploit this vulnerability. View the full article
  18. A vulnerability in the web-based management interface of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and Cisco RV215W Wireless-N VPN Router could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. The vulnerability is due to improper validation of user-supplied data in the web-based management interface. An attacker could exploit this vulnerability by sending malicious HTTP requests to a targeted device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system of the affected device as a high-privilege user. RV110W Wireless-N VPN Firewall versions prior to 1.2.2.1 are affected. RV130W Wireless-N Multifunction VPN Router versions prior to 1.0.3.45 are affected. RV215W Wireless-N VPN Router versions prior to 1.3.1.1 are affected. Note: successful exploitation may not result in a session, and as such, on_new_session will never repair the HTTP server, leading to a denial-of-service condition. View the full article
  19. This python script mints a .ps file with an exploitable semicolon condition that allows for command execution from Microsoft Windows PowerShell. View the full article
  20. Cisco UCS Director, Cisco Integrated Management Controller Supervisor and Cisco UCS Director Express for Big Data suffer from default password, authentication bypass, and command injection vulnerabilities. View the full article
  21. GNU patch suffers from command injection and various other vulnerabilities when handling specially crafted patch files. View the full article
  22. EyesOfNetwork version 5.1 authenticated remote command execution exploit. View the full article
  23. This Metasploit module exploits SQL injection and command injection vulnerabilities in the ManageEngine Application Manager versions 14.2 and below. View the full article