winAUTOPWN 2.7 发布，远程漏洞利用工具

文章转载开源中国

winAUTOPWN (Windows AutoPwm)和 bsdAUTOPWN 是一个最小的交互式框架，它是快速漏洞利用系统的前端。你只需要输入目标IP地址，主机名，cms路径等，系统会自动对目标的1-6553端口进行多线程扫描，如果目标存在可利用的漏洞，winAUTOPWN会为你获得一个远程的shell。

新版本改进记录：

• CA ARCserve D2D r15 GWT Command Execution Exploit
• Freefloat FTP 1.0 Any Non Implemented Command Buffer Overflow Exploit
• FreeFloat FTP Server ACCL Buffer Overflow Exploit
• Freefloat FTP 1.0 ABOR Exploit
• MeshCMS v3.5 Remote Code Execution Exploit
• PHP Nuke 8.3 MT AFU Shell Upload Vulnerability Exploits
• WebSVN 2.3.2 Unproper Metacharacters Escaping exec() Remote Commands Injection Vulnerability Exploits
• Sagem Routers Remote Auth Bypass Exploits
• Zoneminder 1.24.3 Remote File Inclusion Vulnerability Exploits
• WordPress TimThumb Plugin – Remote Code Execution Exploit
• Solar FTP 2.1.1 PASV Command PoC Exploits
• phpMyAdmin ‘/scripts/setup.php’ CVE-2009-1151 PHP Code Injection RCE PoC v0.11 Exploit
• BisonFTP Server <=v3.5 Remote Buffer Overflow Exploits