remote2.digityzone.org
Open in
urlscan Pro
2606:4700:3033::6815:13c1
Public Scan
URL:
https://remote2.digityzone.org/
Submission: On August 25 via api from US — Scanned from CA
Submission: On August 25 via api from US — Scanned from CA
Form analysis
2 forms found in the DOMGET /search/
<form method="get" action="/search/"><input type="text" name="q" id="q" maxlength="120" value="Search …"><button type="submit"></button>
<div id="q-tabs"><label for="s-files" class="on">Files</label><label for="s-news">News</label><label for="s-users">Users</label><label for="s-authors">Authors</label><input type="radio" value="files" name="s" id="s-files"><input type="radio"
value="news" name="s" id="s-news"><input type="radio" value="users" name="s" id="s-users"><input type="radio" value="authors" name="s" id="s-authors"></div>
</form>
GET /files/cal/
<form id="cal" action="/files/cal/" method="get">
<h2>File Archive:</h2>
<h3>August 2024</h3>
<button id="cal-prev" name="cal-prev" type="button" value="2024-8"><span><</span></button>
<ul class="dotw">
<li>Su</li>
<li>Mo</li>
<li>Tu</li>
<li>We</li>
<li>Th</li>
<li>Fr</li>
<li>Sa</li>
</ul>
<ul>
<li></li>
<li></li>
<li></li>
<li></li>
<li class="med"><a href="/files/date/2024-08-01/">1</a>
<div class="stats">
<div class="point"></div>
<div class="date">Aug 1st</div>
<div class="count">15 Files</div>
</div>
</li>
<li class="med"><a href="/files/date/2024-08-02/">2</a>
<div class="stats">
<div class="point"></div>
<div class="date">Aug 2nd</div>
<div class="count">22 Files</div>
</div>
</li>
<li class="none"><a href="/files/date/2024-08-03/">3</a>
<div class="stats">
<div class="point"></div>
<div class="date">Aug 3rd</div>
<div class="count">0 Files</div>
</div>
</li>
</ul>
<ul>
<li class="none"><a href="/files/date/2024-08-04/">4</a>
<div class="stats">
<div class="point"></div>
<div class="date">Aug 4th</div>
<div class="count">0 Files</div>
</div>
</li>
<li class="med"><a href="/files/date/2024-08-05/">5</a>
<div class="stats">
<div class="point"></div>
<div class="date">Aug 5th</div>
<div class="count">15 Files</div>
</div>
</li>
<li class="low"><a href="/files/date/2024-08-06/">6</a>
<div class="stats">
<div class="point"></div>
<div class="date">Aug 6th</div>
<div class="count">11 Files</div>
</div>
</li>
<li class="med"><a href="/files/date/2024-08-07/">7</a>
<div class="stats">
<div class="point"></div>
<div class="date">Aug 7th</div>
<div class="count">43 Files</div>
</div>
</li>
<li class="med"><a href="/files/date/2024-08-08/">8</a>
<div class="stats">
<div class="point"></div>
<div class="date">Aug 8th</div>
<div class="count">42 Files</div>
</div>
</li>
<li class="med"><a href="/files/date/2024-08-09/">9</a>
<div class="stats">
<div class="point"></div>
<div class="date">Aug 9th</div>
<div class="count">36 Files</div>
</div>
</li>
<li class="none"><a href="/files/date/2024-08-10/">10</a>
<div class="stats">
<div class="point"></div>
<div class="date">Aug 10th</div>
<div class="count">0 Files</div>
</div>
</li>
</ul>
<ul>
<li class="none"><a href="/files/date/2024-08-11/">11</a>
<div class="stats">
<div class="point"></div>
<div class="date">Aug 11th</div>
<div class="count">0 Files</div>
</div>
</li>
<li class="med"><a href="/files/date/2024-08-12/">12</a>
<div class="stats">
<div class="point"></div>
<div class="date">Aug 12th</div>
<div class="count">27 Files</div>
</div>
</li>
<li class="med"><a href="/files/date/2024-08-13/">13</a>
<div class="stats">
<div class="point"></div>
<div class="date">Aug 13th</div>
<div class="count">18 Files</div>
</div>
</li>
<li class="high"><a href="/files/date/2024-08-14/">14</a>
<div class="stats">
<div class="point"></div>
<div class="date">Aug 14th</div>
<div class="count">50 Files</div>
</div>
</li>
<li class="med"><a href="/files/date/2024-08-15/">15</a>
<div class="stats">
<div class="point"></div>
<div class="date">Aug 15th</div>
<div class="count">33 Files</div>
</div>
</li>
<li class="med"><a href="/files/date/2024-08-16/">16</a>
<div class="stats">
<div class="point"></div>
<div class="date">Aug 16th</div>
<div class="count">23 Files</div>
</div>
</li>
<li class="none"><a href="/files/date/2024-08-17/">17</a>
<div class="stats">
<div class="point"></div>
<div class="date">Aug 17th</div>
<div class="count">0 Files</div>
</div>
</li>
</ul>
<ul>
<li class="none"><a href="/files/date/2024-08-18/">18</a>
<div class="stats">
<div class="point"></div>
<div class="date">Aug 18th</div>
<div class="count">0 Files</div>
</div>
</li>
<li class="med"><a href="/files/date/2024-08-19/">19</a>
<div class="stats">
<div class="point"></div>
<div class="date">Aug 19th</div>
<div class="count">43 Files</div>
</div>
</li>
<li class="med"><a href="/files/date/2024-08-20/">20</a>
<div class="stats">
<div class="point"></div>
<div class="date">Aug 20th</div>
<div class="count">29 Files</div>
</div>
</li>
<li class="med"><a href="/files/date/2024-08-21/">21</a>
<div class="stats">
<div class="point"></div>
<div class="date">Aug 21st</div>
<div class="count">42 Files</div>
</div>
</li>
<li class="med"><a href="/files/date/2024-08-22/">22</a>
<div class="stats">
<div class="point"></div>
<div class="date">Aug 22nd</div>
<div class="count">26 Files</div>
</div>
</li>
<li class="med"><a href="/files/date/2024-08-23/">23</a>
<div class="stats">
<div class="point"></div>
<div class="date">Aug 23rd</div>
<div class="count">25 Files</div>
</div>
</li>
<li class="none"><a href="/files/date/2024-08-24/">24</a>
<div class="stats">
<div class="point"></div>
<div class="date">Aug 24th</div>
<div class="count">0 Files</div>
</div>
</li>
</ul>
<ul>
<li class="none today"><a href="/files/date/2024-08-25/">25</a>
<div class="stats">
<div class="point"></div>
<div class="date">Aug 25th</div>
<div class="count">0 Files</div>
</div>
</li>
<li class="none"><a href="/files/date/2024-08-26/">26</a>
<div class="stats">
<div class="point"></div>
<div class="date">Aug 26th</div>
<div class="count">0 Files</div>
</div>
</li>
<li class="none"><a href="/files/date/2024-08-27/">27</a>
<div class="stats">
<div class="point"></div>
<div class="date">Aug 27th</div>
<div class="count">0 Files</div>
</div>
</li>
<li class="none"><a href="/files/date/2024-08-28/">28</a>
<div class="stats">
<div class="point"></div>
<div class="date">Aug 28th</div>
<div class="count">0 Files</div>
</div>
</li>
<li class="none"><a href="/files/date/2024-08-29/">29</a>
<div class="stats">
<div class="point"></div>
<div class="date">Aug 29th</div>
<div class="count">0 Files</div>
</div>
</li>
<li class="none"><a href="/files/date/2024-08-30/">30</a>
<div class="stats">
<div class="point"></div>
<div class="date">Aug 30th</div>
<div class="count">0 Files</div>
</div>
</li>
<li class="none"><a href="/files/date/2024-08-31/">31</a>
<div class="stats">
<div class="point"></div>
<div class="date">Aug 31st</div>
<div class="count">0 Files</div>
</div>
</li>
</ul>
</form>
Text Content
exploit the possibilities Register | Login FilesNewsUsersAuthors Home Files News &[SERVICES_TAB]About Contact Add New How To Manipulate The Execution Flow Of TOCTOU Attacks SolarWinds Leaks Credentials In Hotfix Defenders Get A MoonPeak At North Korea's Malware Backbone Google Patches Ninth Chrome Zero Day Of 2024 RECENT FILES * All * Exploits * Advisories * Tools * Whitepapers * Other Ray cpu_profile Command Injection Posted Aug 23, 2024 Authored by sierrabearchell, byt3bl33d3r, Takahiro Yokoyama | Site metasploit.com This Metasploit module demonstrates a command injection vulnerability in Ray via cpu_profile. tags | exploit Download | Favorite | View Ray Agent Job Remote Code Execution Posted Aug 23, 2024 Authored by sierrabearchell, byt3bl33d3r, Takahiro Yokoyama | Site metasploit.com This Metasploit modules demonstrates remote code execution in Ray via the agent job submission endpoint. This is intended functionality as Ray's main purpose is executing arbitrary workloads. By default Ray has no authentication. tags | exploit, remote, arbitrary, code execution Download | Favorite | View DiCal-RED 4009 Information Disclosure Posted Aug 23, 2024 Authored by Sebastian Hamann | Site syss.de DiCal-RED version 4009 provides a network server on TCP port 2101. This service does not seem to process any input, but it regularly sends data to connected clients. This includes operation messages when they are processed by the device. An unauthenticated attacker can therefore gain information about current emergency situations and possibly also emergency vehicle positions or routes. tags | exploit, tcp Download | Favorite | View DiCal-RED 4009 Outdated Third Party Components Posted Aug 23, 2024 Authored by Sebastian Hamann | Site syss.de DiCal-RED version 4009 makes use of unmaintained third party components with their own vulnerabilities. tags | advisory, vulnerability Download | Favorite | View DiCal-RED 4009 Log Disclosure Posted Aug 23, 2024 Authored by Sebastian Hamann | Site syss.de DiCal-RED version 4009 is vulnerable to unauthorized log access and other files on the device's file system due to improper authentication checks. tags | exploit Download | Favorite | View DiCal-RED 4009 Path Traversal Posted Aug 23, 2024 Authored by Sebastian Hamann | Site syss.de DiCal-RED version 4009 has an administrative web interface that is vulnerable to path traversal attacks in several places. The functions to download or display log files can be used to access arbitrary files on the device's file system. The upload function for new license files can be used to write files anywhere on the device's file system - possibly overwriting important system configuration files, binaries or scripts. Replacing files that are executed during system operation results in a full compromise of the whole device. tags | exploit, web, arbitrary Download | Favorite | View DiCal-RED 4009 Cryptography Failure Posted Aug 23, 2024 Authored by Sebastian Hamann | Site syss.de DiCal-RED version 4009 provides an administrative web interface that requests the administrative system password before it can be used. Instead of submitting the user-supplied password, its MD5 hash is calculated on the client side and submitted. An attacker who knows the hash of the correct password but not the password itself can simply replace the value of the password URL parameter with the correct hash and subsequently gain full access to the administrative web interface. tags | exploit, web Download | Favorite | View DiCal-RED 4009 Weak Hashing Posted Aug 23, 2024 Authored by Sebastian Hamann | Site syss.de DiCal-RED version 4009 has a password that is stored in the file /etc/deviceconfig as a plain MD5 hash, i.e. without any salt or computational cost function. tags | exploit Download | Favorite | View DiCal-RED 4009 Missing Authentication Posted Aug 23, 2024 Authored by Sebastian Hamann | Site syss.de DiCal-RED version 4009 provides an FTP service on TCP port 21. This service allows anonymous access, i.e. logging in as the user "anonymous" with an arbitrary password. Anonymous users get read access to the whole file system of the device, including files that contain sensitive configuration information, such as /etc/deviceconfig. The respective process on the system runs as the system user "ftp". Therefore, a few files with restrictive permissions are not accessible via FTP. tags | exploit, arbitrary, tcp Download | Favorite | View DiCal-RED 4009 Missing Authentication Posted Aug 23, 2024 Authored by Sebastian Hamann | Site syss.de DiCal-RED version 4009 provides a Telnet service on TCP port 23. This service grants access to an interactive shell as the system's root user and does not require authentication. tags | exploit, shell, root, tcp Download | Favorite | View OX App Suite Cross Site Scripting / Denial Of Service Posted Aug 23, 2024 Authored by Martin Heiland OX App Suite frontend version 7.10.6-rev42 suffers from cross site scripting vulnerabilities. OX App Suite backend versions 7.10.6-rev61 and 8.22 suffer from a denial of service vulnerability. tags | advisory, denial of service, vulnerability, xss Download | Favorite | View OX App Suite Frontend 7.10.6-rev44 Cross Site Scripting Posted Aug 23, 2024 Authored by Martin Heiland OX App Suite frontend version 7.10.6-rev44 suffers from a cross site scripting vulnerability. tags | advisory, xss Download | Favorite | View UFONet 1.9 Posted Aug 23, 2024 Authored by psy | Site ufonet.03c8.net UFONet abuses OSI Layer 7-HTTP to create/manage 'zombies' and to conduct different attacks using GET/POST, multi-threading, proxies, origin spoofing methods, cache evasion techniques, etc. Changes: Added the setup.py auto-installer and open redirect dorks. Fixed dorking engines, crypto lib, and threading. Cleaned community botnet + data. Modified and updated Web/GUI. Updated documentation. Updated website. tags | tool, web, denial of service, spoof systems | unix Download | Favorite | View Ubuntu Security Notice USN-6980-1 Posted Aug 23, 2024 Authored by Ubuntu | Site security.ubuntu.com Ubuntu Security Notice 6980-1 - It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or possibly execute code with the privileges of the user invoking the program. tags | advisory, denial of service systems | linux, ubuntu Download | Favorite | View Ubuntu Security Notice USN-6978-1 Posted Aug 23, 2024 Authored by Ubuntu | Site security.ubuntu.com Ubuntu Security Notice 6978-1 - It was discovered that XStream incorrectly handled parsing of certain crafted XML documents. A remote attacker could possibly use this issue to read arbitrary files. Zhihong Tian and Hui Lu found that XStream was vulnerable to remote code execution. A remote attacker could run arbitrary shell commands by manipulating the processed input stream. It was discovered that XStream was vulnerable to server-side forgery attacks. A remote attacker could request data from internal resources that are not publicly available only by manipulating the processed input stream. tags | advisory, remote, arbitrary, shell, code execution systems | linux, ubuntu Download | Favorite | View PlantUML 1.2024.6 Cross Site Scripting Posted Aug 23, 2024 Authored by Hosein Vita PlantUML version 1.2024.6 suffers from a cross site scripting vulnerability. tags | exploit, xss Download | Favorite | View Crime Complaints Reporting Management System 1.0 Shell Upload Posted Aug 23, 2024 Authored by indoushka Crime Complaints Reporting Management System version 1.0 suffers from a remote shell upload vulnerability. tags | exploit, remote, shell Download | Favorite | View Courier Management System 1.0 Cross Site Request Forgery Posted Aug 23, 2024 Authored by indoushka Courier Management System version 1.0 suffers from a cross site request forgery vulnerability. tags | exploit, csrf Download | Favorite | View Company Visitor Management 1.0 SQL Injection Posted Aug 23, 2024 Authored by indoushka Company Visitor Management version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass. tags | exploit, remote, sql injection, bypass Download | Favorite | View CMSsite 1.0 Shell Upload Posted Aug 23, 2024 Authored by indoushka CMSsite version 1.0 suffers from a remote shell upload vulnerability. tags | exploit, remote, shell Download | Favorite | View Red Hat Security Advisory 2024-5446-03 Posted Aug 23, 2024 Authored by Red Hat | Site access.redhat.com Red Hat Security Advisory 2024-5446-03 - Red Hat OpenShift Container Platform release 4.13.48 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a memory exhaustion vulnerability. tags | advisory systems | linux, redhat Download | Favorite | View CMS RIMI 1.3 Cross Site Request Forgery / File Upload Posted Aug 23, 2024 Authored by indoushka CMS RIMI version 1.3 suffers from cross site request forgery and arbitrary file upload vulnerabilities. tags | exploit, arbitrary, vulnerability, file upload, csrf Download | Favorite | View Client Management System 1.0 SQL Injection Posted Aug 23, 2024 Authored by indoushka Client Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass. tags | exploit, remote, sql injection, bypass Download | Favorite | View CCMS Project 1.0 SQL Injection Posted Aug 23, 2024 Authored by indoushka CCMS Project version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass. tags | exploit, remote, sql injection, bypass Download | Favorite | View Biobook Social Networking Site 1.0 SQL Injection Posted Aug 23, 2024 Authored by indoushka Biobook Social Networking Site version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass. tags | exploit, remote, sql injection, bypass Download | Favorite | View View Older Files → * Follow us on Twitter * Follow us on Facebook * Subscribe to an RSS Feed RECENT NEWS Atlassian Patches Vulnerabilities In Bamboo, Confluence, Crowd, Jira Posted Aug 22, 2024 tags | headline, flaw, patch Favorite | View UCSC Does Phishing Exercise With Fake Ebola Scare Posted Aug 22, 2024 tags | headline, email, phish Favorite | View Hackers Leak Their Own Operations Through Exposed Telegram Bot API Tokens Posted Aug 22, 2024 tags | headline, hacker, malware, data loss, botnet, password Favorite | View Google To Help Build Cyber Protection For Australian Infrastructure Posted Aug 22, 2024 tags | headline, government, australia, google Favorite | View Novel Technique Allows Malicious Apps To Escape Walled Gardens Posted Aug 22, 2024 tags | headline, phone, flaw, google, apple Favorite | View Cisco Calls For UN To Revisit Cybercrime Convention Posted Aug 22, 2024 tags | headline, government, cybercrime, cisco Favorite | View Deadbeat Dad Faked His Own Death By Hacking Government Databases Posted Aug 21, 2024 tags | headline, hacker, government, data loss, fraud Favorite | View FlightAware Admits Passwords, SSNs Exposed For Years Posted Aug 21, 2024 tags | headline, privacy, data loss, flaw, password, identity theft Favorite | View Cyberattack Disrupts Microchip Manufacturing Facilities Posted Aug 21, 2024 tags | headline, hacker, denial of service, data loss Favorite | View Microsoft Copilot Studio Vuln Led To Information Disclosure Posted Aug 21, 2024 tags | headline, privacy, microsoft, data loss, flaw Favorite | View View More News → FILE ARCHIVE: AUGUST 2024 < * Su * Mo * Tu * We * Th * Fr * Sa * * * * * 1 Aug 1st 15 Files * 2 Aug 2nd 22 Files * 3 Aug 3rd 0 Files * 4 Aug 4th 0 Files * 5 Aug 5th 15 Files * 6 Aug 6th 11 Files * 7 Aug 7th 43 Files * 8 Aug 8th 42 Files * 9 Aug 9th 36 Files * 10 Aug 10th 0 Files * 11 Aug 11th 0 Files * 12 Aug 12th 27 Files * 13 Aug 13th 18 Files * 14 Aug 14th 50 Files * 15 Aug 15th 33 Files * 16 Aug 16th 23 Files * 17 Aug 17th 0 Files * 18 Aug 18th 0 Files * 19 Aug 19th 43 Files * 20 Aug 20th 29 Files * 21 Aug 21st 42 Files * 22 Aug 22nd 26 Files * 23 Aug 23rd 25 Files * 24 Aug 24th 0 Files * 25 Aug 25th 0 Files * 26 Aug 26th 0 Files * 27 Aug 27th 0 Files * 28 Aug 28th 0 Files * 29 Aug 29th 0 Files * 30 Aug 30th 0 Files * 31 Aug 31st 0 Files TOP AUTHORS IN LAST 30 DAYS * Red Hat 213 files * indoushka 118 files * Ubuntu 88 files * Gentoo 33 files * Debian 25 files * Jasper Nota 25 files * Willem Westerhof 19 files * Jim Blankendaal 11 files * Apple 9 files * Martijn Baalman 9 files FILE TAGS * ActiveX (933) * Advisory (86,537) * Arbitrary (16,903) * BBS (2,859) * Bypass (1,872) * CGI (1,034) * Code Execution (7,830) * Conference (691) * Cracker (844) * CSRF (3,412) * DoS (25,112) * Encryption (2,389) * Exploit (53,275) * File Inclusion (4,263) * File Upload (1,000) * Firewall (822) * Info Disclosure (2,891) * Intrusion Detection (916) * Java (3,144) * JavaScript (899) * Kernel (7,236) * Local (14,804) * Magazine (587) * Overflow (13,177) * Perl (1,435) * PHP (5,226) * Proof of Concept (2,394) * Protocol (3,730) * Python (1,646) * Remote (31,687) * Root (3,639) * Rootkit (527) * Ruby (632) * Scanner (1,657) * Security Tool (8,030) * Shell (3,281) * Shellcode (1,217) * Sniffer (902) * Spoof (2,279) * SQL Injection (16,620) * TCP (2,444) * Trojan (690) * UDP (904) * Virus (670) * Vulnerability (33,015) * Web (9,972) * Whitepaper (3,782) * x86 (967) * XSS (18,263) * Other FILE ARCHIVES * August 2024 * July 2024 * June 2024 * May 2024 * April 2024 * March 2024 * February 2024 * January 2024 * December 2023 * November 2023 * October 2023 * September 2023 * Older SYSTEMS * AIX (429) * Apple (2,099) * BSD (377) * CentOS (58) * Cisco (1,927) * Debian (7,107) * Fedora (1,693) * FreeBSD (1,246) * Gentoo (4,567) * HPUX (880) * iOS (378) * iPhone (108) * IRIX (220) * Juniper (69) * Linux (50,890) * Mac OS X (691) * Mandriva (3,105) * NetBSD (256) * OpenBSD (489) * RedHat (16,615) * Slackware (941) * Solaris (1,611) * SUSE (1,444) * Ubuntu (9,777) * UNIX (9,440) * UnixWare (187) * Windows (6,676) * Other NEWS TAGS * 0 Day (301) * Adobe (310) * Anonymous (350) * Apple (1,065) * Backdoor (703) * Bank (1,209) * Botnet (580) * Britain (1,108) * China (941) * Cisco (209) * Conference (326) * Cryptography (1,608) * Cybercrime (2,111) * Cyberwar (1,930) * Data Loss (3,959) * Database (227) * DoS (551) * Email (521) * Facebook (829) * FBI (455) * Flaw (4,521) * Fraud (2,673) * Google (1,566) * Government (6,981) * Hacker (7,557) * Headline (19,823) * Identity Theft (213) * Iran (225) * Linux (261) * Malware (2,728) * Microsoft (1,826) * Military (221) * Mozilla (216) * NSA (678) * Password (781) * Patch (1,009) * Phish (377) * Phone (1,928) * Privacy (4,769) * Russia (1,064) * Scada (206) * Scam (273) * Science (534) * Social (467) * Space (257) * Spam (379) * Spyware (1,594) * Terror (403) * Trojan (321) * Twitter (403) * USA (3,894) * Virus (397) * Wireless (228) * Worm (201) * Other NEWS ARCHIVES * August 2024 * July 2024 * June 2024 * May 2024 * April 2024 * March 2024 * February 2024 * January 2024 * December 2023 * November 2023 * October 2023 * September 2023 * Older © 2024 Packet Storm. All rights reserved. Site Links News by Month News Tags Files by Month File Tags File Directory About Us History & Purpose Contact Information Terms of Service Privacy Statement Copyright Information Services Security Services Hosting By Rokasec * Follow us on Twitter * Follow us on Facebook * Subscribe to an RSS Feed