fb11 / exploits Goto Github PK

A collection of exploits developed by 1N3 @ CrowdShield - https://crowdshield.com

• HTTPoxy Exploit/PoC Scanner
• Ability FTP 2.34 Buffer Overflow Exploit
• Aruba AP-205 Buffer Overflow Denial of Service PoC
• Brainpan1 CTF Buffer Overflow Exploit
• CesarFTP 0.99g Buffer Overflow Exploit
• Apache 2.2.x Range Header Denial of Service Exploit
• GHOST Glibc Gethostbyname Buffer Overflow Exploit
• PHP Serialization Injection Remote Code Execution Exploit
• CrikeyConCTF Koala Gallery Exploit

Public Exploits/PoC's/CVE's/Bug Bounties/CTF's

• Placed 3rd on BugCrowd's Operation Code CTF CTF 9/2016
• HTTPoxy Exploit Scanner Exploit/PoC 7/2016
• Zabbix SQL Injection (0day) Exploit/CVE 7/2016
• CVE-2016-4401 - Unauthenticated Database Credential Leak in Aruba ClearPass (0day) Exploit/CVE 6/2016
• 1st place @DEFCON CMD+CTRL CTF CTF 8/2016
• Tied for 2nd place in BugCrowd CTF CTF 6/2016
• Placed 2nd at CactusCon 2016 RootTheBox CTF CTF 5/2016
• Ranked 19th on BugCrowd's Worldwide Leaderboard Bug Bounty 5/2016
• Charts 4 PHP 1.2.3 Cross Site Scripting Exploit/CVE 2/2016
• Open Web Analytics 1.5.7 Cross Site Scripting Exploit/CVE 2/2016
• WordPress All In One SEO Pack 2.2.2 Cross Site Scripting Exploit/CVE 2/2016
• Wordpress XMLRPC System Multicall Brute Force Exploit (0day) Exploit/PoC 10/2015
• Aruba AP-205 Remote Command Injection Vulnerability (0day) Exploit/0day/BB 10/2015
• Apache Range Header Denial of Service Exploit (CVE-2011-3192) Exploit/PoC 8/2015
• Listed on AT&T's Bug Bounty Hall of Fame (https://bugbounty.att.com/hof.php) Bug Bounty 8/2016
• HP Photosmart 7520 Printers Stored Cross Site Scripting (0day) Exploit/CVE 7/2015
• Supermicro IPMI/BMC Cleartext Password Scanner Exploit/PoC 3/2015
• WebFOCUS 533 Server XSS & Directory Traversal Vulnerabilities (0day) Exploit/CVE 2/2015
• CVE-2015-0235 GHOST glibc gethostbyname buffer overflow Exploit 1/2015
• Hak5 Wifi PinnappleV Remote Code Execution Exploit/CVE 1/2015
• Hak5 Wifi PinnappleV SSLSplit Cross Site Scripting Exploit/CVE 1/2015
• Lyris ListManagerWeb 8.95a Cross Site Scripting Exploit/CVE 7/2014
• MyConnection Server (MCS) 9.7i Cross Site Scripting Exploit/CVE 7/2014
• AlogoSec FireFlow 6.3 Cross Site Scripting Exploit/CVE 7/2014