bcoles
/ mvpower_dvr_shell_exec_telnet.rb
Created
February 25, 2017 11:52
This module exploits an unauthenticated remote command execution vulnerability in MVPower digital video recorders. The 'shell' file on the web interface executes arbitrary operating system commands in the query string. This module launches the BusyBox Telnet daemon on the port specified in the TelnetPort option to gain an interactive remote shel…
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## | |
| # This module requires Metasploit: http://metasploit.com/download | |
| # Current source: https://github.com/rapid7/metasploit-framework | |
| ## | |
| class MetasploitModule < Msf::Exploit::Remote | |
| Rank = ExcellentRanking | |
| include Msf::Exploit::Remote::HttpClient |
bcoles
/ decaptcha.sh
Last active
February 13, 2016 16:26
Cracks rudimentary CAPTCHA. Requires tesseract.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| # decaptcha.sh - Cracks rudimentary CAPTCHA. Requires tesseract. | |
| # --- | |
| image="$1" | |
| output=`mktemp` | |
| charset="ABCDEFGHIJKLMNOPQRSTUVWXYZ" | |
| command -v tesseract >/dev/null 2>&1 || { echo "Tesseract is not installed - (apt-get install tesseract-ocr) - Aborting." >&2; exit 1; } |
bcoles
/ Life.HC.Z
Last active
August 28, 2022 17:37
Conway's Game of Life in HolyC for TempleOS. Ported from Rosetta Code. Original C Source: http://rosettacode.org/wiki/Conway's_Game_of_Life#C
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Conway's Game of Life in HolyC for TempleOS | |
| // Ported from Rosetta Code. Original C Source: | |
| // - http://rosettacode.org/wiki/Conway's_Game_of_Life#C | |
| #define WIDTH 60 | |
| #define HEIGHT 40 | |
| #define SLEEP 100 | |
| U32 Universe[HEIGHT][WIDTH]; | |
| U64 COUNT; |
bcoles
/ apache_modaccouting_postgresql_injection.rb
Created
August 23, 2015 09:32
This module exploits an SQL injection vulnerability in the mod_accounting module for Apache 1.3 when configured to use PostgreSQL. This module uses SQL injection in the HTTP 'Host' header to execute arbitrary commands as the database user. This module has been tested successfully on Apache 1.3.33 on Debian 3.1r8 Sarge with PostgreSQL 7.4.7.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## | |
| # This module requires Metasploit: http://metasploit.com/download | |
| # Current source: https://github.com/rapid7/metasploit-framework | |
| ## | |
| require 'msf/core' | |
| class Metasploit3 < Msf::Exploit::Remote | |
| Rank = ManualRanking |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # 7zip-JTR Decrypt Script | |
| # | |
| # Clone of JTR Decrypt Scripts by synacl modified for 7zip | |
| # - RAR-JTR Decrypt Script - https://synacl.wordpress.com/2012/02/10/using-john-the-ripper-to-crack-a-password-protected-rar-archive/ | |
| # - ZIP-JTR Decrypt Script - https://synacl.wordpress.com/2012/08/18/decrypting-a-zip-using-john-the-ripper/ | |
| echo "7zip-JTR Decrypt Script"; | |
| if [ $# -ne 2 ] | |
| then |
bcoles
/ brute-doom
Created
December 26, 2014 15:00
Throttled single-threaded remote dictionary attack tool for Doom multiplayer server connection password. Tested on Zandronum 1.2.42016.1
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env ruby | |
| # Throttled single-threaded remote dictionary attack tool | |
| # for Doom multiplayer server connection password. | |
| # Tested on Zandronum 1.2.42016.1 | |
| # 2014-12-20 | |
| ## | |
| require 'socket' | |
| $debug = false |
bcoles
/ pchart_example_page_traversal.rb
Created
August 25, 2014 11:23
This module exploits a directory traversal bug in pChart version 2.1.3 or earlier. The module can only be used to retrieve files.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## | |
| # This module requires Metasploit: http//metasploit.com/download | |
| # Current source: https://github.com/rapid7/metasploit-framework | |
| ## | |
| require 'msf/core' | |
| class Metasploit3 < Msf::Auxiliary | |
| include Msf::Auxiliary::Scanner |
bcoles
/ shellinabox.rb
Created
August 25, 2014 11:05
This module uses valid credentials to log in to Shell In A Box and execute arbitrary operating system commands. Shell In A Box must be configured to use the system shell (default).
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## | |
| # This module requires Metasploit: http//metasploit.com/download | |
| # Current source: https://github.com/rapid7/metasploit-framework | |
| ## | |
| require 'msf/core' | |
| class Metasploit3 < Msf::Exploit::Remote | |
| Rank = AverageRanking |
bcoles
/ crack-smartermail
Last active
April 9, 2017 17:18
Crack SmarterMail sysadmin password from 'mailConfig.xml' configuration file
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Based on work by Joe Giron @theonlyevil1 | |
| // http://www.gironsec.com/blog/tag/cracking-smartermail/ | |
| using System; | |
| using System.Collections.Generic; | |
| using System.Text; | |
| using System.IO; | |
| using System.Security.Cryptography; | |
| namespace TicketCounter | |
| { |
bcoles
/ nettemp_cmd_exec.rb
Created
October 13, 2013 16:01
This module exploits a command execution vulnerability in nettemp version 7.x which could be abused to allow unauthenticated users to execute arbitrary commands under the context of the web server user. The 'mail_test.php' file calls 'exec()' with user controlled data from the 'test_mail' parameter.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## | |
| # This file is part of the Metasploit Framework and may be subject to | |
| # redistribution and commercial restrictions. Please see the Metasploit | |
| # Framework web site for more information on licensing and terms of use. | |
| # http://metasploit.com/framework/ | |
| ## | |
| require 'msf/core' | |
| class Metasploit3 < Msf::Exploit::Remote |