/Exploits-4

Exploits by 1N3 @ CrowdShield

Primary LanguagePython

A collection of exploits developed by 1N3 @ CrowdShield - https://crowdshield.com

  • HTTPoxy Exploit/PoC Scanner
  • Ability FTP 2.34 Buffer Overflow Exploit
  • Aruba AP-205 Buffer Overflow Denial of Service PoC
  • Brainpan1 CTF Buffer Overflow Exploit
  • CesarFTP 0.99g Buffer Overflow Exploit
  • Apache 2.2.x Range Header Denial of Service Exploit
  • GHOST Glibc Gethostbyname Buffer Overflow Exploit
  • PHP Serialization Injection Remote Code Execution Exploit

Public Exploits/PoC's/CVE's/Bug Bounties/CTF's

  • 1st place @DEFCON CMD+CTRL CTF CTF 8/2016
  • HTTPoxy Exploit Scanner PoC 7/2016
  • Zabbix RCE/SQL Injection (0day) CVE 7/2016
  • Aruba ClearPass Policy Manager SQL Injection (0day) CVE 6/2016
  • Tied for 2nd place in BugCrowd CTF CTF 6/2016
  • Placed 2nd at CactusCon 2016 RootTheBox CTF CTF 5/2016
  • Ranked 19th on BugCrowd's Worldwide Leaderboard Bug Bounty 5/2016
  • Charts 4 PHP 1.2.3 Cross Site Scripting Exploit/CVE 2/2016
  • Open Web Analytics 1.5.7 Cross Site Scripting Exploit/CVE 2/2016
  • WordPress All In One SEO Pack 2.2.2 Cross Site Scripting Exploit/CVE 2/2016
  • Wordpress XMLRPC System Multicall Brute Force Exploit (0day) Exploit/PoC 10/2015
  • Aruba AP-205 Remote Command Injection Vulnerability (0day) Exploit/0day/BB 10/2015
  • Apache Range Header Denial of Service Exploit (CVE-2011-3192) Exploit/PoC 8/2015
  • Listed on AT&T's Bug Bounty Hall of Fame (https://bugbounty.att.com/hof.php) Bug Bounty 8/2016
  • HP Photosmart 7520 Printers Stored Cross Site Scripting (0day) Exploit/CVE 7/2015
  • Supermicro IPMI/BMC Cleartext Password Scanner Exploit/PoC 3/2015
  • WebFOCUS 533 Server XSS & Directory Traversal Vulnerabilities (0day) Exploit/CVE 2/2015
  • CVE-2015-0235 GHOST glibc gethostbyname buffer overflow Exploit 1/2015
  • Hak5 Wifi PinnappleV Remote Code Execution Exploit/CVE 1/2015
  • Hak5 Wifi PinnappleV SSLSplit Cross Site Scripting Exploit/CVE 1/2015
  • Lyris ListManagerWeb 8.95a Cross Site Scripting Exploit/CVE 7/2014
  • MyConnection Server (MCS) 9.7i Cross Site Scripting Exploit/CVE 7/2014
  • AlogoSec FireFlow 6.3 Cross Site Scripting Exploit/CVE 7/2014