Exploit
Exploit的英文意思就是利用,它在黑客眼里就是漏洞利用,有漏洞不一定就有Exploit(利用),有Exploit就肯定有漏洞。
我们几乎每隔几天就能听到最近有一个新发现的可以被利用(exploit)的漏洞(vulnerability),然后给这个漏洞打上补丁。而事实上,这里面的内容比你想象的要多,因为你不可能知道所有软件的漏洞,而且那些可利用的漏洞也只是被少数人所了解。
漏洞是存在于一个程序、算法或者协议中的错误,可能带来一定的安全问题。但不是所有的漏洞都是能够被利用来攻击(exploitable)的,理论上存在的漏洞,并不代表这个漏洞足以让攻击者去威胁你的系统。一个漏洞不能攻击一个系统,并不代表两个或多个漏洞组合就不能攻击一个系统。例如:空指针对象引用(null-pointerdereferencing)漏洞可以导致系统崩溃(如果想做拒绝服务攻击就足够了),但是如果组合另外一个漏洞,将空指针指向一个你存放数据的地址并执行,那么你可能就利用此来控制这个系统了。
一个利用程序(Anexploit)就是一段通过触发一个漏洞(或者几个漏洞)进而控制目标系统的代码。攻击代码通常会释放攻击载荷(payload),里面包含了攻击者想要执行的代码。exploits利用代码可以在本地也可在远程进行。一个远程攻击利用允许攻击者远程操纵计算机,理想状态下能够执行任意代码。远程攻击对攻击者非常重要,因为攻击者可以远程控制他/她的主机,不需要通过其它手段(让受害者访问网站,点击一个可执行文件,打开一个邮件附件等等),而本地攻击一般都是用来提升权限。
Mercury Mail 4.0.1 (LOGIN) Remote IMAP Stack Buffer Overflow Exploit
#!/usr/bin/perl # # http://www.securityfocus.com/bid/11775 # credit to Muts for this vulnerability # acaro [at] jervus.it use IO::Socket::INET; us... 2008-10-08Maian Cart 1.1 Insecure Cookie Handling Vulnerability
Author: Saime Date: July 12, 2008 Script: Maian Cart v1.1 Insecure Cookie Handling Vulnerability URL: http://www.maianscriptworld.co.uk Dork: Powered by Maian... 2008-10-08Million Pixels 3 (id_cat) Remote SQL Injection Vulnerability
################################################################# # # Million Pixels 3 (id_cat) Remote SQL Injection Vulnerability # #======================... 2008-10-08Maian Gallery 2.0 Insecure Cookie Handling Vulnerability
Author: Saime Date: July 12, 2008 Script: Maian Gallery v2.0 Insecure Cookie Handling Vulnerability URL: http://www.maianscriptworld.co.uk Dork: Maian Gallery... 2008-10-08Maian Events 2.0 Insecure Cookie Handling Vulnerability
Author: Saime Date: July 12, 2008 Script: Maian Events v2.0 Insecure Cookie Handling Vulnerability URL: http://www.maianscriptworld.co.uk Dork: Maian Events v... 2008-10-08Maian Music 1.0 Insecure Cookie Handling Vulnerability
Author: Saime Date: July 12, 2008 Script: Maian Music v1.0 Insecure Cookie Handling Vulnerability URL: http://www.maianscriptworld.co.uk Dork: Maian Music v1.... 2008-10-08Maian Greetings 2.1 Insecure Cookie Handling Vulnerability
Author: Saime Date: July 12, 2008 Script: Maian Greetings v2.1 Insecure Cookie Handling Vulnerability URL: http://www.maianscriptworld.co.uk Dork: Powered by:... 2008-10-08Joomla Component n-forms 1.01 Blind SQL Injection Exploit
#!/usr/bin/perl use LWP::UserAgent; use Getopt::Long; if(!$ARGV[1]) { print " n&quo... 2008-10-08fuzzylime cms 3.01 (polladd.php poll) Remote Code Execution Exploit (php)
#!/usr/bin/php <?php ## ## Fuzzylime 3.01 Remote Code Execution ## Credits: Inphex and real ## ## [C:]# php fuzzylime.php http://www.target.com/fuzzy... 2008-10-08fuzzylime cms 3.01 (polladd.php poll) Remote Code Execution Exploit (pl)
#!/usr/bin/perl #!!UPDATED!!!!UPDATED!!!!UPDATED!!!!UPDATED!!!!UPDATED!!!!UPDATED!!!!UPDATED!! #after i noticed that there was a problem changing $cmd,i fixed it.t... 2008-10-08WebCMS Portal Edition (id) Remote SQL Injection Vulnerability
############################################################### #################### Viva IslaM Viva IslaM #################### ## ## Remote SQL InjEcti0n Vulner... 2008-10-08Avlc Forum (vlc_forum.php id) Remote SQL Injection Vulnerability
==================================================================== Avlc Forum (vlc_forum.php id) Remote SQL Injection Vulnerability ============================... 2008-10-08jSite 1.0 OE (SQL/LFI) Multiple Remote Vulnerabilities
--== ================================================================================ ==-- --== jSite 1.0 OE Multiple Remote SQL/LFI Vulnerbility ... 2008-10-08fuzzylime cms 3.01 (commrss.php) Remote Code Execution Exploit
<?php ## ## Name: Fuzzylime 3.01 Remote Code Execution Exploit ## Credits: Charles "real" F. <charlesfol[at]hotmail.fr> ## ## C... 2008-10-08- -[*] ================================================================================ [*]- -[*] Maian Recipe <= v1.2 Insecure Cookie Handling Vulnerabili... 2008-10-08
- -[*] ================================================================================ [*]- -[*] Maian Guestbook <= 3.2 Insecure Cookie Handling Vulnerabil... 2008-10-08
- -[*] ================================================================================ [*]- -[*] Maian Weblog <= v4.0 Insecure Cookie Handling Vulnerabili... 2008-10-08
- -[*] ================================================================================ [*]- -[*] Maian Search <= v1.1 Insecure Cookie Handling Vulnerabilit... 2008-10-08
- -[*] ================================================================================ [*]- -[*] Maian Uploader <= v4.0 Insecure Cookie Handling Vulnerabili... 2008-10-08
- #!/usr/bin/perl # # quickbite.pl # # Safari Quicktime <= 7.3 RTSP Content-Type overflow exploit # for Mac OS X (Intel) # # Tested with OS X 10.4... 2008-10-08