Core Certified Exploits

Library of expert validated exploits for safe and effective pen tests

Exploit development can be an advanced penetration testing skill that takes time to master. Additionally, when on a job, pen testers often don’t have the resources to create a new exploit. Many resort to searching for and using pre-written exploits that have not been tested and must go through the timely effort of quality assurance testing in order to ensure they are secure and effective.

Core Impact users can save time by finding all the up-to-date exploits they need in one place. We provide a robust library of exploits designed to enable pen testers to safely and efficiently conduct successful penetration tests. Whether written by our own internal team or by a third party like ExCraft, you can trust they have been thoroughly tested and validated by our experts.

The universe of vulnerabilities is huge and not all of them represent the same risk for the customers. Vulnerabilities do not all have the same level of criticality. Some may be easily exploitable by a low-level user, while others may not be exploitable at all. To increase the efficiency of the attacks and the quality of the exploits provided, the Core Impact team has developed selection criteria to prioritize its analysis and implementation. We determine which exploits warrant creation based on the following questions:

  • What are the most critical attacks from the attacker’s perspective?
  • What new vulnerabilities are more likely to be exploited in real attacks?
  • What exploits are the most valuable for Core Impact?

Once an exploit is approved, its priority order considers the following variables: 

  • Vulnerability Properties: CVE, disclosure date, access mechanism and privileges needed. 
  • Target Environment Setup: OS, application prevalence, version and special configurations needed. 
  • Value Provided to Core Impact: Customer request, usage in multiple attacks, allows the installation of an agent, etc. 
  • Technical Cost vs. Benefit: An analysis weighing the resources needed to build an exploit with the internal and external knowledge gained in its creation. 

Each one of these variables has a different weight and provides a ranking of the potential exploits to be developed. Following those criteria, the top of the list would contain, for example, a vulnerability on Windows (most popular OS) that can be exploited remotely, without authentication and that provides super user privileges. 

Correspondingly, a vulnerability on an application that is rarely installed, needs special configurations, and requires User Interaction, would be at the bottom.

Stay Informed of New Core Certified Exploits

Subscribe to receive regular email updates on new exploits available for Core Impact

Browse the Core Certified Exploit Library

We provide pen testers with real-time updates for a wide range of exploits for different platforms, operating systems, and applications. 

Search our continuously growing library to discover an exploit that will allow you to gain and retain access on the target host or application.

Title Description Date Added CVE Link Exploit Platform Exploit Type Product Name
Microsoft Windows LNK Shortcut Automatic File Execution Exploit (CVE-2017-8464) This vulnerability allows to execute arbitrary code via a crafted .LNK file, which is not properly handled during icon display in Windows Explorer or any other application that parses the icon of the shortcut. aka "LNK Remote Code Execution Vulnerability." CVE-2017-8464 Windows Exploits / Tools Impact
MSRPC Trend Micro Server Protect buffer overflow exploit TrendMicro ServerProtect is prone to a buffer overflow vulnerability on the rpc interface that could permit the execution of arbitrary remote code.

 CVE-2007-2508 Windows Exploits / Remote Impact Professional
Microsoft Windows SMB Pool Overflow Remote Code Execution (MS17-010) This module exploits the ms17-010 vulnerability by taking advantage of a remote pool overflow in the smb transaction handling code of the windows smb driver. CVE-2017-0143 Windows Exploits / Remote Impact
RealPlayer ActiveX Buffer Overflow Exploit This module exploits a vulnerability caused due to a boundary error in the ierpplug.dll of the Real Player application. This module runs a malicious web site on the CORE IMPACT Console and waits for an unsuspecting user to trigger the exploit by connecting to the web site.

 CVE-2007-5601 Windows Exploits / Client Side Impact Professional
SIDVault LDAP Server Remote Buffer Overflow Exploit This module exploits a buffer overflow vulnerability in the LDAP service (sidvault.exe) of the SIDVault LDAP application. The exploit triggers a stack-based buffer overflow by sending a specially crafted packet to port 389/TCP of the vulnerable system and installs an agent if successful. CVE-2007-4566 Windows Exploits / Remote Impact Professional
IIS WebDav ScStoragePathFromUrl Remote Code Execution Exploit A buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet Information Services (IIS) 6.0 in Microsoft Windows Server 2003 R2 allows remote attackers to execute arbitrary code via a long header beginning with "If: CVE-2017-7269 Windows Exploits / Remote Impact
Apache Struts 2 Multipart File Upload Remote Code Execution Exploit Remote Code Execution when performing file upload based on Jakarta Multipart parser. CVE-2017-5638 Linux Exploits / OS Command Injection / Known Vulnerabilities Impact
QuickTime RTSP URL exploit This exploit triggers a stack-based buffer overflow in the QuickTime browser plugin via a specially crafted HTML page.

 CVE-2007-0015 Windows Exploits / Client Side Impact Professional
Microsoft Windows GDI Kernel Local Privilege Escalation Exploit This module exploits a vulnerability in the way that Microsoft Windows manages GDI kernel structures in shared memory. An attacker could remap a global shared memory section that is defined to be read-only to read-write allowing them to execute arbitrary code and gain additional privileges on the target system. CVE-2006-5758 Windows Exploits / Local Impact Professional
Ubuntu 5.10 Password Recovery Escalation Exploit The Ubuntu 5.10 installer does not properly clear passwords from the installer log file (questions.dat), and leaves the log file with world-readable permissions, which allows local users to gain privileges

 CVE-2006-1183 Linux Exploits / Local Impact Professional
Joomla User Agent Object Injection Exploit Update This module exploits a remote code execution vulnerability in Joomla. The session handling code is susceptible to PHP Object Injection attacks due to lack of sanitization in some HTTP headers that are saved to the database session backend.



This update fixes an issue which made the exploit abort before running.

 CVE-2015-8562 Linux Exploits / OS Command Injection / Known Vulnerabilities Impact Professional
Media Player PNG header overflow exploit This module exploits a stack-based buffer overflow in Microsoft Windows Media Player 9 and 10 allows remote attackers to execute arbitrary code via a PNG image with a large chunk size. CVE-2006-0025 Windows Exploits / Client Side Impact Professional
Liferay Portal JSONWS Java Deserialization Vulnerability Remote Code Execution Exploit Deserialization of Untrusted Data in Liferay Portal prior to 7.2.1 CE GA2 allows remote attackers to execute arbitrary code via JSON web services (JSONWS). CVE-2020-7961 Windows, Linux Exploits / Remote Impact
Trident Z Lighting Control Driver Local Privilege Escalation Exploit The ene.sys driver in Trident Z Lighting Control before v1.00.17 allow local non-privileged users (including low-integrity level processes) to read and write to arbitrary physical memory locations, and consequently gain NT AUTHORITY\SYSTEM privileges. CVE-2020-12446 Windows Exploits / Local Impact
Oracle Coherence T3 ExtractorComparator Deserialization Vulnerability Remote Code Execution Exploit Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Caching,CacheStore,Invocation). Supported versions that are affected are 3.7.1.17, 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle Coherence. Successful attacks of this vulnerability can result in takeover of Oracle Coherence. CVE-2020-2883 Windows, Linux Exploits / Remote Impact
VLC MMS Stream Handling Buffer Overflow Exploit A Stack-based buffer overflow in VideoLAN VLC media player allows remote attackers to execute arbitrary code via a crafted MMS:// stream. CVE-2012-1775 Windows Exploits / Client Side Impact Professional
IBM Cognos tm1admsd Multiple Operations Buffer Overflow Exploit This vulnerability exists within the tm1admsd.exe component Of IBM Cognos TM1. This process listens on TCP port 5498 by default. Multiple opcodes fail to validate user supplied length and data fields before copying their contents to a fixed length buffer on the stack. CVE-2012-0202 Windows Exploits / Remote Impact Professional
Pulse Secure SSL VPN Arbitrary File Disclosure Exploit This exploit leverages a vulnerability in Pulse Secure which allows an unauthenticated remote attacker to send a specially crafted URI to perform an arbitrary file reading vulnerability. CVE-2018-13379 Linux Exploits / Remote File Disclosure Impact
Netmechanica NetDecision HTTP Server Buffer Overflow Exploit Update A buffer overflow in NetDecision's HTTP service is exploited when a long URL is managed by the HTTP Server's active window. For successfull exploitation, the victim need to have the HttpSvr's window open.

This version add CVE. 		CVE-2012-1465 Windows Exploits / Remote Impact Professional
Cisco Catalyst 2960 IOS 12.2(55)SE1 ROCEM Remote Code Execution This module exploits a buffer overflow and installs an agent into the target host. Windows Exploits / Remote IOT
EZHomeTech EzServer Buffer Overflow Exploit EzServer is prone to a buffer-overflow when handling packets with an overly long string. NOCVE-9999-52789 Windows Exploits / Remote Impact Professional
ZTE ZXHN H108N Information Disclosure Vulnerability ZTE ZXHN H108N Information Disclosure vulnerability Exploits / Client Side IOT
Schneider Electric VAMPSET ASCII Argument Heap Overflow Exploit The vulnerability in VAMPSET is caused by opening crafted VAMPSET disturbance recording files with log ASCII argument. This produce a heap overflow vulnerability when this info is copied to a fixed sized buffer in the heap. CVE-2014-8390 Windows Exploits / Client Side Impact Professional
Astak CM-818T3 2.4GHz Wireless Security Surveillance Camera Remote Configuration Disclosure Astak CM-818T3 2.4GHz Wireless Security Surveillance Camera Remote Configuration Disclosure Exploits / Client Side IOT
Amaya Web Browser BDO HTML TAG Buffer Overflow Exploit Update This module exploits a vulnerability caused by boundary errors in Amaya Web Browser within the processing of a BDO HTML tag that has an overly long DIR attribute, allowing an attacker to cause a stack overflow in order to execute arbitrary code.



This update fixes an issue when using the option "Generate File". 		CVE-2008-5282 Windows Exploits / Client Side Impact Professional