Core Certified Exploits

We provide real-time updates including new penetration testing exploits and tests for additional platforms as they become available. We advise you of any new modules by email, after which you can download them directly from within Core Impact. All product updates are free during the license period. You're always on the cutting edge of vulnerability and threat intelligence because Core Impact keeps you there.

Subscribe to receive regular updates by email:

 

Browse All Exploits

 

 

Title Description CVE Link Exploit Platform Exploit Type
Anti Keylogger Elite Privilege Escalation Exploit Update This module exploits a vulnerability in Anti keylogger elite when the 0x002224A4 function is invoked with a specially crafted parameter. The IOCTL 0x002224A4 handler in the AKEProtect.sys device driver in Anti Keylogger Elite allows local users to overwrite memory and execute arbitrary code via malformed Interrupt Request Packet (Irp) parameters to obtain system privileges. This update improves the checks to verify whether the vulnerable application is installed or not. Windows Exploits/Local
Anti Keylogger Elite Privilege Escalation Exploit Update 2 This module exploits a vulnerability in Anti keylogger elite when the 0x002224A4 function is invoked with a specially crafted parameter. The IOCTL 0x002224A4 handler in the AKEProtect.sys device driver in Anti Keylogger Elite allows local users to overwrite memory and execute arbitrary code via malformed Interrupt Request Packet (Irp) parameters to obtain system privileges. This update improves the checks to verify whether the vulnerable application is installed or not. Windows Exploits/Local
Anzio Web Print Object Buffer Overflow Exploit This module exploits a vulnerability in the PWButtonXControl1.ocx control included in the Anzio Web Print Object application. The exploit is triggered when the mainuri property processes a long string argument resulting in a stack-based buffer overflow. This module runs a malicious web site on the CORE IMPACT Console and waits for an unsuspecting user to trigger the exploit by connecting to the web site. Windows Exploits/Client Side
AOL Desktop RTX Buffer Overflow Exploit A buffer overflow in AOL Desktop allows an attacker to execute arbitrary code via crafted .RTX file. Windows Exploits/Client Side
AOL Radio IWinAmpActiveX ConvertFile() Buffer Overflow Exploit This module exploits a buffer overflow vulnerability in AOL Radio ActiveX to install an agent. Windows Exploits/Client Side
Apache - OpenSSL SSLv2 exploit update This update fixes an incompatibility issue between this exploit and latest Python versions. Linux Exploits/Remote
Apache ActiveMQ Path Traversal Exploit This update introduces an exploit for Apache ActiveMQ. The vulnerable versions present a path traversal vulnerability in default instalations that allows writing files to arbitrary filesystem locations, with the permissions of the user running the ActiveMQ process. This module leverages the vulnerability to install an agent. This exploit doesn't require authentication. The vulnerability is only present when the application is running in a Windows system. Windows Exploits/Remote
Apache Chunked Encoding Exploit Update This package fixes a bug in the Apache chunked encoding exploit. OpenBSD Exploits/Remote
Apache CouchDB Remote OS Command Injection Exploit Apache CouchDB contains an Authentication Bypass vulnerability and a OS Command Injection vulnerability, which allows attackers to gain arbitrary code execution on the affected system. Linux Exploits/Authentication Weakness/Known Vulnerabilities
Apache Incomplete Header DoS This module creates a large number of connections to the Apache server that are left opened preventing it from accepting legitimate requests. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. Windows Denial of Service/Remote
Apache mod_isapi Denial of Service Exploit The Apache HTTP Server, commonly referred to as Apache, is a popular open source web server software. mod_isapi is a core module of the Apache package that implements the Internet Server extension API. The extension allows Apache to serve Internet Server extensions (ISAPI .dll modules) for Microsoft Windows based hosts. By sending a specially crafted request followed by a reset packet it is possible to trigger a vulnerability in Apache mod_isapi that will unload the target ISAPI module from memory. Windows Denial of Service/Remote
Apache mod_php Exploit Update 2 This update fixes an issue with the 'reuse connection' mode on Impact V7.5 Linux Exploits/Remote
Apache Mod_rewrite Remote Buffer Overflow Exploit This module exploits an Off-by-one error in the LDAP scheme handling in the Rewrite module (mod_rewrite) in Apache and installs an agent into the target host. Exploits/Remote
Apache Range Header DoS A denial of service vulnerability has been found in the way the multiple overlapping ranges are handled by the Apache HTTPD server. This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. Solaris Denial of Service/Remote
Apache Range Header DoS Update A denial of service vulnerability has been found in the way the multiple overlapping ranges are handled by the Apache HTTPD server. This update fixes an issue when launching the module from an agent running in a Linux system. AIX Denial of Service/Remote
Apache Solr ENABLE_REMOTE_JMX_OPTS JMX-RMI Remote Code Execution Exploit Apache Solr is prone to a remote vulnerability that allows attackers to take advantage of an insecure deployment of the JMX/RMI service used to manage and monitor the Java Virtual Machine. By exploiting known methods, it is possible to remotely load an MLet file from an attacker controlled web server that points at a jar file. Linux Exploits/Remote
Apache Solr Velocity Template Remote OS Command Injection Exploit A vulnerability in the Apache Solr Velocity template allows unauthenticated attackers to execute arbitrary OS commands. Windows Exploits/OS Command Injection/Known Vulnerabilities
Apache Solr Velocity Template Remote OS Command Injection Exploit Update A vulnerability in the Apache Solr Velocity template allows unauthenticated attackers to execute arbitrary OS commands. This update adds automatic core name detection and newer supported versions. Windows Exploits/OS Command Injection/Known Vulnerabilities
Apache Struts 2 ActionMessage Remote Code Execution Exploit This module exploits a vulnerability in Apache Struts 2. The specific vulnerability relies on the Struts 1 plugin which might allow remote attackers to execute arbitrary code via a malicious field value passed in a raw message to the ActionMessage. Windows Exploits/Remote
Apache Struts 2 DefaultActionMapper method Remote Code Execution Exploit The DefaultActionMapper class in Apache Struts 2 supports a Dynamic Method Invocation feature via the "method:" prefix. The information contained in this prefix is not properly sanitized before being evaluated as OGNL expressions on the server side, which allows remote attackers to execute arbitrary Java code on the server. This module exploits the vulnerability in any web application built on top of vulnerable versions of the Apache Struts 2 framework with the "struts.enable.DynamicMethodInvocation" configuration parameter in struts.xml set to True. Windows Exploits/Remote
Apache Struts 2 DefaultActionMapper redirect Remote Code Execution Exploit The DefaultActionMapper class in Apache Struts2 supports a method for short-circuit navigation state changes by prefixing parameters with "action:" or "redirect:". The information contained in these prefixes is not properly sanitized before being evaluated as OGNL expressions on the server side, which allows remote attackers to execute arbitrary Java code on the server. This module exploits the vulnerability in any web application built on top of vulnerable versions of the Apache Struts 2 framework. Windows Exploits/Remote
Apache Struts 2 DefaultActionMapper redirect Remote Code Execution Exploit Update The DefaultActionMapper class in Apache Struts2 supports a method for short-circuit navigation state changes by prefixing parameters with "action:" or "redirect:". The information contained in these prefixes is not properly sanitized before being evaluated as OGNL expressions on the server side, which allows remote attackers to execute arbitrary Java code on the server. This module exploits the vulnerability in any web application built on top of vulnerable versions of the Apache Struts 2 framework. Linux Exploits/Remote
Apache Struts 2 devMode OGNL Remote Code Execution Exploit The best practice for web applications built on top of the Apache Struts 2 framework is to switch off Developer Mode (struts.devMode parameter in the struts.xml configuration file) before going into production. When devMode is left enabled, attackers can gain remote code execution by setting the 'debug=command' URL parameter and sending OGNL expressions through the 'expression' URL parameter. This module takes advantage of this misconfiguration scenario in order to deploy an agent in the target system. Windows Exploits/Remote
Apache Struts 2 devMode OGNL Remote Code Execution Exploit Update The best practice for web applications built on top of the Apache Struts 2 framework is to switch off Developer Mode (struts.devMode parameter in the struts.xml configuration file) before going into production. When devMode is left enabled, attackers can gain remote code execution by setting the 'debug=command' URL parameter and sending OGNL expressions through the 'expression' URL parameter. This module takes advantage of this misconfiguration scenario in order to deploy an agent in the target system. Linux Exploits/Remote
Apache Struts 2 Multipart File Upload Remote Code Execution Exploit Remote Code Execution when performing file upload based on Jakarta Multipart parser. Linux Exploits/OS Command Injection/Known Vulnerabilities