Exploits

International Cybersecurity Association

<!-- [+] mozilla firefox <= 10.0 local null byte bypass file check execution exploit --> <!-- --> <!-- Vuln risk level: Medium --> <!-- Author: Todor Donev --> <!-- Author mail: [email protected]@gmail.com --> <!-- --> <!-- Description: Allows local attackers to bypass file type checks and possibly execute programs via a jar: --> <!-- URI...

#!perl # # StreamDown v6.4.3 Local Buffer Overflow Exploit (0day) # ------------------------------------------------------- # Research & Exploit [Todor Donev :: [email protected]] # ------------------------------------------------------- # Shareware software for downloading and stream ripping # # Tested on Windows XP SP3 # Proof Of Concept # # Best regards and be safe, # Todor Donev # $overflow = "\x41"...

/*COMTREND ADSL Router BTC(VivaCom) CT-5367 C01_R12 Remote Root ============================================================================= Board ID : 96338A-122 Software : A111-312BTC-C01_R12 Bootloader : 1.0.37-12.1-1 Wireless Driver : 4.170.16.0.cpe2.1sd ADSL : A2pB023k.d20k_rc2 ============================================================================= Type : HardWare Risk of use : High Type to use : Remote Discovered by : Todor Donev Author Email : [email protected] ============================================================================= Special greetz to my sweetheart...

#!perl # ACTi ASOC 2200 Web Configurator <= v2.6 Remote Root Command Execution ## # Dicovery & Author: Todor Donev # Author mail: [email protected]@gmail.com # Type: Hardware # Vuln Type and Risk: Remote / High ## # ACTi Corporation is the technology leader in IP surveillance, # focusing on multiple security surveillance market segments. ##...

#!/usr/bin/perl # DreamBox DM800 <= 1.5rc1 Remote File Disclosure Exploit # # Author: Todor Donev # Email: [email protected]@gmail.com # Type: Hardware # Vuln Type: Remote ##### # Product summary: DreamBox DM800 is Powerful receiver # for digital TV and Radio programs based on Linux. # Product web page: http://www.dream-multimedia-tv.de ##### # playground$ perl dreambox.pl target...

#!/usr/bin/perl # # [+] Comtrend Router CT-5624 Remote Root/Support Password Disclosure/Change Exploit # # Author: Todor Donev # Email: [email protected]@gmail # Type: Hardware # Vuln Type: Remote # # Tested: # Board ID : CT-5624 # Software : A011-306TSR-C01_R03 # Bootloader : 1.0.37-0.7-3 # ADSL : A2pB022c3.d20e # # Board ID : CT-5637 # Software...

#!/usr/bin/perl # # [+] StarVedia IPCamera IC502w IC502w+ v020313 remote bypass username/password disclosure exploit # Author: Todor Donev # Email: todor.donev at gmail dot com # Type: Hardware # # Thanks to Tsvetelina Emirska the best friend in my life # and all my other friends for the help and support which # gives me....

#!/bin/bash # Konftel 300IP SIP-based Conference phone <= 2.1.2 remote bypass reboot exploit # # by Todor Donev / 03.2013 / Sofia,Bulgaria # email: todor dot donev at gmail com # type: hardware # # The Konftel 300IP is a flexible SIP-based conference phone, # perfect for companies that use IP voice services. Its clear,...

#!/usr/bin/perl # # [+] Seowonintech all devices remote root exploit v2 # ===================================================== # author: | email: # Todor Donev (latin) | todor dot donev # Тодор Донев (cyrillic) | @googlemail.com # ===================================================== # type: | platform: | description: # remote | linux | attacker can get root # hardware | seowonintech | access on...

#!/usr/bin/perl # # [+] Seowonintech routers * <= fw: 2.3.9 remote root file dumper # # Author: Todor Donev (todor dot donev at gmail.com) # Type: Hardware # Platform: Linux # # Special greetz to Stiliyan Angelov, Tsvetelina Emirska and all # my friends that support me # # 2013 Bulgaria # use LWP::Simple; my...