Exploits Archives | Page 2 of 6

6 SCADA 0-Day Exploits

13-September-201117-September-2011Prasanna Sherekar

A security researcher has disclosed a laundry list of unpatched vulnerabilities and detailed proof-of-concept exploits that allow hackers to completely compromise major industrial control systems. Security researcher Luigi Auriemma disclosed the attacks against six SCADA (Supervisory Control and Data Acquisition) systems including US giant Rockwell Automation. The step-by-step exploits allowed attackers to execute full remote […]

phpMyAdmin 3 Remote Code Execution Exploit

8-July-201111-July-2011Prasanna Sherekar

#!/usr/bin/env python # coding=utf-8 # pma3 – phpMyAdmin3 remote code execute exploit # Author: wofeiwo # Thx Superhei # Tested on: 3.1.1, 3.2.1, 3.4.3 # CVE: CVE-2011-2505, CVE-2011-2506 # Date: 2011-07-08 # Have fun, DO *NOT* USE IT TO DO BAD THING. ###################################################### # Requirements: # 1. “config” directory must created & writeable in pma […]

MHTML vulnerability under active exploitation

14-March-201124-March-2011Prasanna Sherekar

The flaw, which was first highlighted by Microsoft in an advisory in January, allows an attacker to inject a client-side script into the response to a request made by Internet Explorer. The script could allow a hacker to compromise the user by performing actions online that appear to have originated from the user; by stealing […]

All versions of Internet Explorer under threat

23-December-201029-December-2010Prasanna SherekarLeave a Comment

Today Microsoft released a new security advisory to help protect users from a vulnerability affecting Internet Explorer versions 6, 7, and 8. Exploiting this vulnerability could lead to unauthorized remote code execution inside the iexplore.exe process. Internet Explorer loads mscorie.dll, a library that was not compiled with /DYNAMICBASE (thus not supporting ASLR and being located […]

Facebook Hack – View photo albums of non-friends

15-October-20105-February-2011Prasanna Sherekar

A new facebook exploit allows anyone to access any photo album of non-friends as long as you have the link. By following the simple steps shown in above image, you can bypass the security of Facebook and view photos of others online.

Zero day exploit for Firefox 3.6

21-February-201024-February-2010Prasanna SherekarLeave a Comment

Russian security firm Intevydis has made a Windows exploit for a previously unknown security hole in Firefox 3.6 available to its customers. The exploit allows attackers to remotely gain control of a PC. Intevydis develops the commercial VulnDisco add-on for the also commercial Canvas exploit toolkit by vendor Immunity. On the Immunity forum, developer Evgeny […]