winAUTOPWN和bsdAUTOPWN 是一个最小的交互式框架,它是快速漏洞利用系统的前端。你只需要输入目标IP地址,主机名,cms路径等,系统会自动对目标的1-6553端口进行多线程扫描,如果目标存在可利用的漏洞,winAUTOPWN会为你获得一个远程的shell。
下载地址:http://download.csdn.net/detail/heimian/3860040
Latest UI changes : (as of Sept 26 2011)
--------------------------------------------------------------------------------
Added one more commandline parameter -targetOS for list of operating Systems which winAUTOPWN asks to select for the target.
Added a few ruby exploits which require 'socket' alone for interpretation. Hence, winAUTOPWN now requires ruby installed as well, just like perl, python and php.
Added support for Reverse cmd Shellcode, shellcodes for Linux, FreeBSD and Solaris as well.
Added an external module called mod_shellcode which aids in selecting and changing the type of shellcode for any scripted (uncompiled) exploit.
Latest Unpolished Sita Additions : (as of Nov 03 2011)
--------------------------------------------------------------------------------
Digital College v1.1 Remote File Inclusion Vulnerability Exploits
eFront <= 3.6.10 (build 11944) 'templateName' - templateContent - RCE Exploit
phpScheduleIt <= 1.2.10 Remote Code Execution Exploit by EgiX Exploit
phpLDAPadmin <= 1.2.1.1 Remote PHP Code Injection Exploit by EgiX
Jaws 0.8.14 Remote File Inclusion Vulnerability Exploits
2Moons v1.4 RFI Vulnerability Exploits
Freefloat FTP Server ALLO Buffer Overflow Vulnerability Exploit
JBOSS AS Remote Exploits v2
vBulletin® Version 4.1.7 Beta 1 Multiple Vulnerability RFI Exploits
PHP Photo Album <= (0.4.1.16) Multiple Remote PHP Code Injection Exploits
MyNews v1.2 Remote File Inclusion Vulnerability Exploits
Latest additions : (as of Sept 26 2011)
--------------------------------------------------------------------------------
CA ARCserve D2D r15 GWT Command Execution Exploit
Freefloat FTP 1.0 Any Non Implemented Command Buffer Overflow Exploit
FreeFloat FTP Server ACCL Buffer Overflow Exploit
Freefloat FTP 1.0 ABOR Exploit
MeshCMS v3.5 Remote Code Execution Exploit
PHP Nuke 8.3 MT AFU Shell Upload Vulnerability Exploits
WebSVN 2.3.2 Unproper Metacharacters Escaping exec() Remote Commands Injection Vulnerability Exploits
Sagem Routers Remote Auth Bypass Exploits
Zoneminder 1.24.3 Remote File Inclusion Vulnerability Exploits
WordPress TimThumb Plugin - Remote Code Execution Exploit
Solar FTP 2.1.1 PASV Command PoC Exploits
phpMyAdmin '/scripts/setup.php' CVE-2009-1151 PHP Code Injection RCE PoC v0.11 Exploit
BisonFTP Server <=v3.5 Remote Buffer Overflow Exploits
cdeVision RFI Exploit
Exploit EChat Server <= v2.5 Remote Buffer Overflow Exploit
SYMANTEC AV w/ INTEL FILE TRANSFER SERVICE REMOTE SYSTEM LEVEL Exploits
PlaySMS <= Remote File Inclusion Vulnerability Exploit
Openads-2.0.11 Remote File Inclusion Vulnerability Exploit
SaurusCMS-CE (CommunityEdition) v4.7 RFI Exploits
MiaCMS v4.9.0 Multiple Remote File Inclusion Vulnerability Exploits
724CMS Eneterprise (index.php) (section.php) RFI Exploits
Sunway SCADA Overflow Exploit
Trying BisonFTP Server v3.5 (MKD) Remote BOF Exploit
Pluck CMS 4.7 RFI Exploits
Cerberus FTP Server 4.0.9.8 (REST) Remote BOF Exploit
KnFTPd FTP Server v1.0.0 Multiple Command Remote Buffer Overflow Exploit
FreeFloat FTP Server ACCL Buffer Overflow Exploit
FreeFloat FTP Server REST and PASV Buffer Overflow Exploit
FreeFloat FTP Server MKD Buffer Overflow Exploit
Soulseek 157 NS < 13e & 156.* Remote Peer Search Code Execution Exploit
Freefloat FTP Server DEP Bypass Buffer Overflow Exploit
Relocate Upload Wordpress plugin RFI Exploit
Wpeasystats Wordpress plugin RFI Exploit
Annonces Wordpress plugin RFI Exploit
Thecartpress Wordpress plugin RFI Exploit
Zingiri Web Shop Wordpress plugin RFI Exploits
Mailing List Wordpress plugin RFI Exploit
Disclosure Policy Plugin Wordpress plugin RFI Exploit
KnFTP Buffer Overflow Exploit
KnFTP 1.0.0 Server - 'USER' command - Remote Buffer Overflow Exploit
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
