exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 29 RSS Feed

Files from Alexey Sintsov

Email addressdookie at inbox.ru
First Active2009-09-24
Last Active2024-08-31
VMWare Update Manager 4 Directory Traversal
Posted Aug 31, 2024
Authored by Alexey Sintsov, sinn3r | Site metasploit.com

This Metasploit modules exploits a directory traversal vulnerability in VMWare Update Manager on port 9084. Versions affected by this vulnerability: vCenter Update Manager 4.1 prior to Update 2, vCenter Update Manager 4 Update 4.

tags | exploit
advisories | CVE-2011-4404
SHA-256 | 141792b0109b73b145e21b04ca6c1e0cd9cb9dfc495904452e3a23caf4459da8
SAP SOAP EPS_DELETE_FILE File Deletion
Posted Aug 31, 2024
Authored by Alexey Sintsov, nmonkee | Site metasploit.com

This Metasploit module abuses the SAP NetWeaver EPS_DELETE_FILE function, on the SAP SOAP RFC Service, to delete arbitrary files on the remote file system. The module can also be used to capture SMB hashes by using a fake SMB share as DIRNAME.

tags | exploit, remote, arbitrary
SHA-256 | dd8fea54335c24c4b123e867b2f7f6799e65ed7f1293added0b5dc7555c7b9a1
IBM Lotus Domino Authentication Bypass
Posted Nov 30, 2011
Authored by Alexey Sintsov

IBM Lotus Domino versions 8.5.3 and 8.5.2 FP3 suffer from an authentication bypass vulnerability.

tags | exploit, bypass
advisories | CVE-2011-1519
SHA-256 | a2ec180c7015b665a8c09c5c87f819d86fe11a21748572b331a213d5403e5704
VMware Update Manager Directory Traversal
Posted Nov 21, 2011
Authored by Alexey Sintsov

VMware Update Manager versions 4.1 prior to update 2 suffer from a directory traversal vulnerability.

tags | exploit
advisories | CVE-2011-4404
SHA-256 | 06ec687238eb262116fe18b7c8d44a43f0193289ae66d84ef77ac981152300c0
SAP NetWeaver ABAP Authorization Bypass / SMBRelay
Posted Nov 17, 2011
Authored by Alexey Sintsov

SAP NetWeaver ABAP suffers from authorization bypass, directory traversal, and SMBRelay vulnerabilities.

tags | advisory, vulnerability
SHA-256 | 0aabc6d28819f80fb0cdcc88f63dbe1fcd8013c3f12b2c36acb808d75c57fb08
DNS Reverse Download And Execute Shellcode
Posted May 27, 2011
Authored by Alexey Sintsov

This shellcode downloads and executes a file via a reverse DNS channel.

tags | shellcode
SHA-256 | 137d4935c5dba1bc9303b67ee85506910151f930ad28d4a31438dd485aafed4b
Kaspersky Administration Kit Design Flaw
Posted Apr 25, 2011
Authored by Alexey Sintsov

The Service account used for the Kaspersky Administration Kit and its functionality allow for attacks on other hosts in the network.

tags | advisory
SHA-256 | b585dc3095a18907a4e028c2b7199b468998223fdbe4a03c06b60f7ede4310b8
SAP GUI DLL Hijacking
Posted Mar 16, 2011
Authored by Sh2kerr, Alexey Sintsov

SAP Front End applications (SAPGui.exe) are vulnerable to DLL hijacking attacks allowing for remote code execution.

tags | advisory, remote, code execution
SHA-256 | 28ae63b22ea645e5c51c549e98085f2be91b625a787181783ae2e6a8a3c0929e
SAP NetWeaver BSP Logon Page Cross Site Scripting
Posted Mar 14, 2011
Authored by Alexey Sintsov

SAP NetWeaver BSP suffers from a cross site scripting vulnerability via the logon page.

tags | advisory, xss
SHA-256 | ae27517cf68babdc559c0dd1baca4cdef40af7763de853c7456a1bd2b4304b33
Progress OpenEdge Enterprise RDBMS 10.2A Bypass
Posted Jan 25, 2011
Authored by Sh2kerr, Alexey Sintsov, Alexey Troshichev | Site dsecrg.com

Progress OpenEdge Enterprise RDBMS version 10.2A has some vulnerabilities that make it possible to enumerate UserID and bypass authentication.

tags | advisory, vulnerability
SHA-256 | 94f3ea7ac21edb9e58b5237ff7c2a7826e37b408dbacdbff22fb5468c6bdec38
Oracle Document Capture Insecure READ Method
Posted Jan 25, 2011
Authored by Sh2kerr, Alexey Sintsov | Site dsecrg.com

EasyMail ActiveX Control (emsmtp.dll) that included into Oracle Document Capture distrib can be used to read any file in target system. The vulnerable method is "ImportBodyText()".

tags | exploit, activex
advisories | CVE-2010-3595
SHA-256 | e0290533ffa0e0be9cb707947d2fe37461961f3b2e54f7eb0baa68b865261ae8
SAP XRFC 6.40 / 7.00 Stack Overflow
Posted Nov 17, 2010
Authored by Alexey Sintsov

SAP XRFC version 6.40 and 7.00 suffers from a stack overflow vulnerability.

tags | advisory, overflow
SHA-256 | 9b8e7b9a5adb907ede97829d87b64a1087018e9595e7e83781a56c9d2180bf3a
Safari JS JITed Shellcode
Posted Jul 7, 2010
Authored by Alexey Sintsov | Site dsecrg.com

Safari JavaScript JIT shellcode and spray for ASLR / DEP bypass on Win32.

tags | javascript, shellcode
systems | windows
SHA-256 | 6a5ad5dcf34040adc8cd07830c26ebb5fde16628988909f26bbf382722e4f399
IBM BladeCenter Management Module Cross Site Scripting / Directory Traversal
Posted Jul 6, 2010
Authored by Alexey Sintsov | Site dsecrg.com

The IBM BladeCenter Management module suffers from cross site scripting and directory traversal vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 221ec396f78060edb0ef769a38cef5b58e18b6f8c6f38d5188b079e148e40370
Safari 4.0.5 Memory Corruption Exploit
Posted May 18, 2010
Authored by Alexey Sintsov

Safari version 4.0.5 parent.close() memory corruption exploit with ASLR and DEP bypass.

tags | exploit
SHA-256 | c63fd07a147d305e2a135c199ea0993b367eaf44d7d9208dbc7cf5a64f4e4897
VMware Portal 3.1 Cross Site Scripting
Posted May 14, 2010
Authored by Alexey Sintsov

VMware View Portal versions 3.1 and below suffer from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2010-1143
SHA-256 | 6ff34d3c4c5414257facf8f8b5cdd2f2fd3e1d2c50b916d0ba65eccf0d979ba0
ProSSHD 1.2 Remote Post-Auth Exploit
Posted May 3, 2010
Authored by Alexey Sintsov

ProSSHD version 1.2 remote post-authentication exploit with ASLR and DEP bypass.

tags | exploit, remote
SHA-256 | b3febb48bce1a02fd3be1189d335c4be2aa3bec9e2c4ff5d651b643e66766516
BladeCenter AMM Denial Of Service
Posted Apr 16, 2010
Authored by Alexey Sintsov

The IBM BladeCenter Management module suffers from a denial of service vulnerability.

tags | exploit, denial of service
SHA-256 | 2fdefac0d8be7e6b47669981826466ac5d6de34aad57eb161e0f1651ff4e02b5
VMware Remote Console Format String
Posted Apr 14, 2010
Authored by Alexey Sintsov | Site dsecrg.com

VMware Remote Console Plug-in can be installed from WEB interface of VMware vSphere. This software contains of ActiveX objects and executable files for remote console of guest OS. VMrc vulnerable to format string attacks. Exploitation of this issue may lead to arbitrary code execution on the system where VMrc is installed.

tags | advisory, remote, web, arbitrary, code execution, activex
advisories | CVE-2009-3732
SHA-256 | 9b7e2d5d9e6d71cece7b4f8e09a5fa1063bb231718082ebea4980540a99db1c7
JITed Egg-Hunter Stage-0 Universal Shellcode
Posted Mar 28, 2010
Authored by Alexey Sintsov

JITed egg-hunter stage-0 universal shellcode for XP/Vista/Win7.

tags | shellcode
SHA-256 | 2d004f2c91c53dbedcbebed03fa8b080202f0fe9aa9e00a74332fa6c4479dc69
jitedegg-shellcode.txt
Posted Mar 24, 2010
Authored by Alexey Sintsov

JITed egg-hunter stage-0 shellcode (permanent DEP bypass).

tags | shellcode
SHA-256 | c0457bd37fa64a3dd66bfe32d6241af964f283e3fe7bec27a59d2d87f5a45c82
SAP GUI 7.1 Insecure Method
Posted Mar 23, 2010
Authored by Alexey Sintsov

An insecure method vulnerability was discovered in SAP GUI version 7.1.

tags | advisory
SHA-256 | fb5ab0d8fa2ba1868b3e8cbfeabe5e49d3c31ce147b9ae7b2cecbb64d443fa95
JITed Exec Notepad Shellcode
Posted Mar 8, 2010
Authored by Alexey Sintsov

JITed exec notepad shellcode.

tags | shellcode
SHA-256 | f7f52c6ee5c1adab75dc974e6e122cb739c4d989ca728d781c188a5c2f6343b6
JITed Stage-0 Shellcode
Posted Mar 8, 2010
Authored by Alexey Sintsov

JITed Stage-0 Shellcode. This JIT shellcode finds VirtualProtect, restores the address of the shellcode, makes mem exec and jumps to it.

tags | shellcode
SHA-256 | e071a7ace3c781d63436ad1adf0cb96594c718c351445f8b3b1b2b3f572d530a
Writing JIT-Spray Shellcode For Fun And Profit
Posted Mar 8, 2010
Authored by Alexey Sintsov | Site dsecrg.com

Whitepaper called Writing JIT-Spray Shellcode For Fun And Profit.

tags | paper, shellcode
SHA-256 | c63788300beae3066d70ac6a350d32e8cc1e68446bc632aafb68473e7976af03
Page 1 of 2
Back12Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close