Agora Pack Latest Updates

Agora 2.51

- Magento Server MAGMI Plugin Local File Include.
- McAfee ePolicy Orchestrator Authenticated XXE Credentials Exposure. CVE-2015-0921
- Wordpress Business Intelligence Plugin v 1.6.1 - Blind SQL injection Vulnerability. public
- Creative Contact Form Arbitrary File Upload Exploit. public



Agora 2.50

Agora 2.50 contains 4 new modules for fresh publicly known vulns:
- Magento Server MAGMI Plugin Local File Include.
- McAfee ePolicy Orchestrator Authenticated XXE Credentials Exposure.
- Wordpress Business Intelligence Plugin v 1.6.1 - Blind SQL injection Vulnerability.
- Creative Contact Form Arbitrary File Upload Exploit.



Agora 2.49

Agora 2.49 is out with following new modules:
- Wordpress Remote DoS
- Berta CMS File upload bypass.
- Fiyo CMS 2.0.1.8 - SQL Injection Vulnerability.
- ATOMYMAXSITE CMS Blind SQL injection Vulnerability
- Stack buffer overflow in Acunetix
* also there is ag_solarwinds_rce module bug fix



Agora 2.48

Agora contains two excellent modules for defensive software along with two fresh web apps vulns:
- WordPress All In One WP Security & Firewall SQL Injection Vulnerability
- Wordpress Aspose-Cloud-eBook-Generator Plugin Arbitrary File Download Vulnerability
- exploit for multiple vulnerabilities in Solarwinds Firewall Security Manager. with RCE vector
- Command injection in Symantec Web Gateway



Agora 2.47

Agora 2.47 contains several modules for pretty known WordPress apps:
- Webdorado Spider Event Calendar SQL Injection.
- Community Events Plugin Blind SQL injection Vulnerability.
- Windows Desktop And iPhone Photo Uploader File Upload Vulnerability
- MiwoFTP Plugin 1.0.5 - Arbitrary File Download Exploit.



Agora 2.46

AGORA 2.46
contains three remote Command Execution exploits for web and server side software:
ag_easy_address_book_web_server_rce - Easy Address Book Web Server 1.6 Remote Code Execution Exploit
ag_open_letters_rce - Open-Letters Remote PHP Code Injection Exploit
ag_uplus_ftp_rce - UPlus FTP Server v1.7.0.13 Remote Code Execution Exploit



Agora 2.45

- Photo Gallery 1.2.15 Arbitrary File Deletion Exploit. 0Day
- InBoundio Marketing 2.0 - Shell Upload Vulnerability. 0Day
- vBulletin vBSSO Single Sign-On <= 1.4.14 SQL Injection. public
- Drupal < 7.34 - Denial of Service. public



Agora 2.44

Agora 2.44 contains:
2.44 version contains following fresh new modules for Defense and Web software:
- PHPMoAdmin Unauthorized Remote Code Execution
- Http File Server 2.3.x Remote Command Execution.
- Joomla Spider FAQ component SQL Injection vulnerability.
- Joomla Gallery WD SQL Injection Vulnerability
- FSSO Prior to build 237 Denial of Service



Agora 2.43

- MantisBT <= v1.2.17 - BruteForce
- Exim ESMTP 4.80 Denial Of Service Vulnerability. CVE-2015-0235
- ManageEngine Firewall Analyzer Directory Traversal
- Symantec Data Center SQL Injection. CVE-2014-9226



Agora 2.42

- MantisBT <= v1.2.17 - SQL Injection
-SAP Netweaver Enqueue Server Trace Pattern Denial of Service Vulnerability [0-day]
- WordPress Revolution Slider Local File Disclosure Vulnerability
- Wordpress Theme Divi Arbitrary File Download Vulnerability



Agora 2.41

- Elastic Search 1.1.1 Local file read. CVE-2014-3120
- Wordpress Ajax Store Locator Arbitrary File Download Vulnerability
- CIP4 Folder Download Widget Local File Inclusion Vulnerability
- Wordpress Theme Bretheon Arbitrary File Download Vulnerability



Agora 2.40

Agora 2.40 contains:
- Bash-Environment Variables Code Injection (ShellShock)
- Webmin <= v1.680 - File Delete
- Joomla! Spider Contacts SQL Injection Routines
- SHARP Printer Buffer Overflow Exploit



Agora 2.39

Agora 2.39 contains:
- Joomla Spider Form Maker <= v.3.4 - index.php Blind Time-based SQL Injection. 0day
- JOOMLA (v2.5) HD FLV Player <= v2.0 - File Download. 0day
- JOOMLA (v2.5) HD FLV Player <= v2.0 - SQL Injection. 0day
- Joomla Spider video player 2.8.3 - Blind SQL Injection. 0day
- Symantec Endpoint Protection 11.x, 12.x - Kernel Pool Overflow. CVE-2014-08-05



Agora 2.38

Agora 2.38 contains:
- WordPress ShortCode Plugin 1.1 Local File Inclusion Vulnerability
- Wing FTP Server 4.3.8 and below Authenticated Command Execution
- ver 1.1 of Embedthis Goahead Webserver 3.1.3-0 Denial Of Service Vulnerability
- Oxwall 1.7.0 Remote Code Execution Exploit



Agora 2.37

Agora 2.37 contains:
- Wordpress XML Blowup Attack Denial Of Service Vulnerability
- Wordpress NextGEN Gallery Directory traversal
- Drupal 6x-7x Denial Of Service Vulnerability



Agora 2.36

Agora 2.36 contains:
- Bitdefender GravityZone Directory Traversal Vulnerability
- Easy File Management Web Server Stack Buffer Overflow
- Embedthis Goahead Webserver 3.1.3-0 Denial Of Service Vulnerability
- Arkeia Network Backup Path Traversal/Remote Code Execution



Agora 2.35

Agora 2.35 contains:
- CouchDB v1.5.0. Denial of Service. CVE-2014-2668
- GetGo Download Manager buffer overflow. CVE-2014-2206
- DaumGame ActiveX IconCreate() Remote Overflow. CVE-2013-7246



Agora 2.34

Agora 2.34 contains modules for public vulns, including for nginx, http and ftp servers:
- DomsHttpd Remote Denial Of Service Exploit
- GoAhead Web Server 3.1.x - Denial of Service
- Joomla AJAX Shoutbox <= 1.6 - Remote SQL Injection
- nginx v1.3.9-1.4.0 Denial Of Service Exploit
- PCMAN FTP 2.07 Buffer Overflow Exploit


Agora 2.33

Agora pack 2.33 contains several modules targeting well known web servers, including:
- Tiny Server Remote Denial Of Service Exploit
- Abuse HTTP Server 2.8 Denial Of Service Vulnerability
- Apache Commons FileUpload and Apache Tomcat Denial Of Service Vulnerability
- lighttpd 1.4.31 Denial Of Service Vulnerability
- onehttpd 0.7 Denial of Service


Agora 2.32

Agora 2.32 version contains following new modules for iOS and windows systems:
- FileMaster SY-IT v3.1 iOS Local File Inclusion. [0-Day].
- PHP-Nuke 8.2.4 File Inclusion. SOJOBO-ADV-13-04
MyBB <= 1.6.11 - Remote Code Execution Using Admin Privileges.
- Chamilo LMS 1.9.6 SQL Injection. CVE-2013-6787
- AjaXplorer Directory traversal vulnerability. CVE-2013-5688
- MediaWiki <= 1.22.1 PdfHandler Remote Code Execution. CVE-2014-1610



Agora 2.31

Agora 2.31 contains several interesting web modules and one module for defense software. List:
[def]
- WatchGuard Firewall XTM Denial Of Service Exploit. public
[web]:
- Zimbra Local File Inclusion
- vBulletin Security Bypass Vulnerability
- LiveZilla Remote Code Execution.
- ImpressPages CMS SQLi


Agora 2.30

Agora pack ver 2.30 contains nice web and server stuff. List:
- Lianja SQL db_netserver Denial of Service [0Day].
- Vino VNC Server - Denial of Service. CVE-2013-5745
- ALLMediaServer 0.8. Buffer Overflow Exploit for windows 7/XP
- aMSN 0.98.9 Local File Inclusion exploit
- ElitCMS 1.01 Standard Edition SQL Injection
- VoipNow Local File Inclusion Vulnerability

Videos for ALLmediaServer and ElitCMS are available here - https://vimeo.com/user7532837/videos


Agora 2.29

Agora pack 2.29 contains 2 modules for defense software and 3 sploits for server sides. List:
[server sides and others]:
- one more Squid Denial of service
- httpdx Remote HTTP Server Denial of Service
- Abuse HTTP Server Vulnerability [0day]
[defense]:
- Check Point Firewall-1 PKI Web Service HTTP Header Remote Overflow. PoC
- HP ProCurve Manager SNAC UpdateCertificatesServlet File Upload



Agora 2.28

Agora pack 2.28 is out with three modules for defense software and two web exploits. Listing:
[def]:
- Fortigate Firewalls CSRF Vulnerability. under certain conditions
could result in control over the hole firewall.
- pwStore password management system Denial of Service.
- Trustport Webfilter gateway Remote File disclosure Vulnerability.
[web]:
- Joomla Media Manager remote file upload and exec.
- VLC Media Player Web Interface dir info disclosure bug. this is
based on fresh public bug, but modified by us to work on latest player version!
more info in changelog.
pwStore and Trustport videos are available at
https://vimeo.com/user7532837/videos
Happy hunting


Agora 2.27

contains 3 new defense modules for HP and Novell Zenworks software
along with 3 httpd server side exploits!
List:
- HP Data Protector 6.1 Command Execution
- HP Intelligent Management Center v. <= 5.1:e0202 Remote File Upload
- Novell ZENworks Configuration Management Remote Code Execution
- DeWeS web server Directory Traversal Vulnerability
- onehttpd 0.7 Denial of Service
- Ultra Mini HTTPD stack buffer overflow



Agora 2.26

Agora 2.26 contains a bunch of ftp exploits and nice web app sploits as usual. Listing:
- phpVMS Virtual Airline Administration. SQL Injection Vulnerability
- Kohana CMS Framework v2.3.3 Directory Traversal Vulnerability
- php-Charts 1.0 Code Execution Vulnerability
- Serva 32 TFTP 2.1.0 - Buffer Overflow Denial of service
- Serva 32 HTTP 2.1.0 Directory Traversal [0Day]
- PCMan's FTP Server 2.0.7 - Buffer Overflow Exploit.
- Baby FTP Server 1.24 - DoS PoC.


Agora 2.25

Agora 2.25 is out with Sophos and Trend Micro sploits and Symantec DoS; pretty fresh DoSes for Monkey httpd and Squid; and nice web apps modules. List is below.
[def]:
- Sophos Web Protection Appliance local file disclosure. which could
be leveraged to clear text passwords retrieval and administrator users impersonation. public bug, but nice exploitation vector by us.
- Symantec AntiVirus Intel Alert Handler service DOS. which seems to be an old, but still usefull bug.
- Trend Micro Control Manager SQL Injection. public
[other]:
- Monkey HTTPD Denial of service. public
- Squid Denial of service. public
[web]:
- Webid Local File Disclosure Vulnerability
- WHMCS all-in-one client management, billing & support solution. SQL Injection
- Wordpress wp-FileManager Arbitrary File Download Vulnerability
*************************
Also take a look at our video for Sophos Web
Protection Appliance exploit. located:
https://vimeo.com/user7532837


Agora 2.24

Agora 2.24:
As always, pack containts fresh vulns in widely used web software
(huge number of installations in the Internet) and more...
List:
- McAfee Virtual Technician ActiveX exploit allowing Arbitrary File Replace
- Sysax Multi Server SSH Denial of Service
- WordPress Plugin Google Document Embedder Arbitrary File Disclosure
- Joomla com_collector Component Arbitrary File Upload Vulnerability



Agora 2.23

Agora 2.23 is out with a bunch of modules for various server side software plus an activex.
- Aloaha PDF Crypter activex arbitrary file overwrite
- FirebirdSQL Server Remote Unauthenticated Denial Of Service
- IIS 7.5 FTPSVC Remote Unauthenticated Denial Of Service
- Ipswitch WS_FTP 12 Professional Remote Format String PoC



Agora 2.22

Agora 2.22 is out with nice module for Cisco Security Agent Management Center and three modules for web software.
As always, web software is pretty famous, e.g. "powered by plogger" yields 3800000 results.
List:
- Cisco Security Agent Management Center Code Execution
[web]
- WordPress Mz-jajak plugin <= 2.1 SQL Injection Vulnerability
- WordPress LeagueManager Plugin SQL Injection
- Plogger Gallery Remote PHP shell uploader



Agora 2.21

A bunch of modules in Agora 2.21 target Symantec Web Gateway and mobile sploits
are available in this version. list:
- Symantec Web Gateway 5.0.2 Blind SQL Injection
- Symantec Web Gateway 5.0.2.8 Local File Inclusion
- Symantec Web Gateway Password Change Security Bypass Exploit
- D-Link DCS Cameras Password Disclosure
mobile_scanner tool updated with two modules:
- WiFilet v1.2 Local File/Path Include
- Air Disk Wireless 1.9 Local File Include



Agora 2.20

Agora 2.20 is out with bunch of nice web exploits targeting highly popular web related software.
For example "Powered By Piwigo" yields more than 4 millions in google.
A new version of wordpress scanner tool with new modules added to it will also be helpfull in your tests.
highlighted modules list:
- WordPress Advanced Custom Fields Plugin Remote File Inclusion
- Piwigo 2.4.6 Remote Arbitrary File Read and Delete
- Hiverr v2.2 Get the administrator password
- Cometchat Remote PHP Code Execution


Agora 2.19

it includes a simple tool aimed to help in exploiting WordPress sites (with the help of 11 modules of ours) and two modules for defensive software along with modules for well known web apps .
List:
[def]
- ManageEngine Security Manager Plus <= 5.5 build 5505 Path Traversal
- Symantec Messaging Gateway 9.5.3-3 Arbitrary File Download
[web]
- Free Hosting Manager 2.0 SQL Injection Vulnerability
- Invision Power Board <= 3.3.4 unserialize Regex Bypass
- Automated tool for launching wordpress exploits ver 0.1
+ additional Buddypress plugin Wordpress remote SQL Injection


Agora 2.18

Agora 2.18 contains several web modules and a client side:
[web]
ag_AB_Banner_Exchange_lfi - AB Banner Exchange Local File Inclusion"
ag_wordpress_cloudsafe365 - WordPress Cloudsafe365 Local File Inclusion
ag_webERP_DoS - webERP <=4.08.4 MySQL DoS
ag_Clipbucket - Clipbucket v2.x Arbitrary Delete Vulnerability
[other]
ag_EMC_ApplicationXtender - [0day] (diffferent method than in CVE) EMC ApplicationXtender Web Access Remote Arbitrary File Replace Minor bug fixes in mobile apps scan&sploit tool.


Agora 2.17

Agora 2.17 is focused on pretty famous "Spying" software. Modules for mobile devices are now easier to launch with the help of a new tool (mobile scanner and autolaunch tool)
Modules list
[defense]
- Cyclope Employee Surveillance Solution v6.0 SQL Injection and
Remote PHP Code Injection
- Quest InTrust 10.4.x Remote Code Execution
- [0day] DoS Spytech NetVizor v6.1
[mobile]
- Automated tool for exploiting vulnerabilities of mobile devices and services



Agora 2.16

The 2.16 version includes fresh modules for well known commercial web software like webERP, Magento eCommerce, SugarCRM
along with McAfee Virtual Technician in defense section and more... :
[defense]
- McAfee Virtual Technician Remote Code Execution
- Vivotek IP cameras
[web]
- Magento eCommerce Local File Disclosure
- MyBB MyStatus 3.1 Get the administrator password
- MyBB MyTabs <=1.31 Get the administrator password
- SugarCRM CE <= 6.3.1 PHP Code Execution
- Swoopo Gold Shop CMS v8.4.56 Sql Injection
- webERP <= 4.08.1 Local File Inclusion



Agora 2.15

Agora pack 2.15 is focused on server related software.
Highlighted modules are for XAMPP and WAMP apache+mysql server bundles, along with famous Joomla! 'com_hello' Component Local File Include.

details:
- [0day] http+mysql XAMPP budle. mysql DoS
- famous web profiling soft - webgrind. (installed by def in WAMP). LFI
- FileZilla Server DoS
- Atmail WebAdmin and Webmail Control Panel SQL Root Password Disclosure
- Joomla Hello component local file inclusion vulnerability

hint: use google's search inurl:"com_hello" to find vuln joomla installs.


Agora 2.14

New Agora 2.14 includes a bunch of mobile applications modules for iPhone and Android allowing information steal and DoS;
plus defensive and web app modules... including DoS for PcAnywhere, and funny RIPS (web app fuzzer) local file include.
The highlighted modules list:
[mobile]:
- Android FTPServer 1.9.0 Remote DoS
- iPhone iFile Directory Traversal
- iPod Touch/iPhone iFileExplorer Free Directory Traversal
- iPhone MyDocs Directory Traversal
- iPhone Folders Directory Traversal
[defense]:
- D-Link DCS-5605 Network Surveillance ActiveX
- Symantec PcAnywhere login and password field buffer overflow
[web]:
- static php source code analyser. RIPS <= 0.53 Local File Inclusion
- TVersity home media server <= 1.9.7 Arbitrary File Download
- web publishing engine - ArticleSetup Remote PHP shell uploader



Agora 2.13

Agora 2.13 contains excellent web stuff, along with modules for
Symantec and SourceFire defensive soft.
We are also glad to announce [Mobile apps] section, which we will be
paying attention from now. (hope you will like it).
Featured modules include:
[web stuff]:
JAT3 0day for Joomla; widely used PBBoard and WebCalendar, Exponent
CMS, phpFox social networking engine and more...
[defense]:
- Symantec Web Gateway 5.0.2 Remote Root Exploit
- Sourcefire Defense Center Arbitrary File Download
[mobile]:
- iPhone4 FTP Server V1.0 - Remote Crash
- iPhone/iPad Phone Drive 1.1.1 - sensitive info disclosure.



Agora 2.12

AGORA 2.12 contains following highlighted modules:
Web soft with millions of installations...
- OpenCart Local File Inclusion [0Day]
- Freelancer Kit [0Day] SQL Injection
- Dolibarr ERP & CRM OS Command Injection
plus:
- Remote Desktop Protocol bug MS12_020, unfortunetly only remote crash by now
- widely deployed TRENDnet SecurView IP camera ActiveX Control Buffer Overflow
and more...



Agora 2.11

Agora pack 2.11 is out with 7 new modules. Web software is covered this time.
Included are modules for popular CMSystems, web based Promise raid Array Management Software, phpDenora used for IRC servers administrating, HomeSeer Home Automation Software and more...
- Promise WebPAM v2.2.0.13. Add admin user. [0day]
- LEPTON CMS <= 1.1.3 SQL Injection
- OneFileCMS v.1.1.5 Local File Inclusion Vulnerability
- XRayCMS 1.1.1 Remote PHP shell uploader
- HomeSeer HS2 and HomeSeer PRO Directory Traversal
- PHP Address Book 6.2.12 Remote PHP shell uploader
- phpDenora <= 1.4.6 Remote PHP shell uploader



Agora 2.10

Agora pack 2.10 is out with 6 new modules for frequently used software. Included are modules for the popular webcam and network camera software for Windows, defensive Symantec and Snort software, widely used VBulletin plugin and more...
- Pandora FMS 4.0.1 Local File Inclusion [0day]
- WebcamXP and Webcam 7 Directory Traversal Vulnerability
- Snort Report <= 1.3.2 SQL Injection Vulnerability
- Symantec pcAnywhere 12.5 DoS. smth similar to CVE-2011-3478.
- vBadvanced CMPS 3.2.2 Remote Code Execution
- SolarWinds Storage Manager SQL Injection Vulnerability



Agora 2.9

0day DoS for TrendMicro along with modules for fresh and well known web stuff:
- CommonSense CMS script Remote PHP shell uploader
- ag_hitAppoint_sqli <= 4.5.17 SQL Injection
- phpMyDirectory v1.3.2,v1.3.3 SQL Injection
- [0day] TrendMicro Control Manager CmdProcessor.exe DoS.



Agora 2.8

Well known web software covered this time: including PmWiki, TYP03, Zabbix and extremely frequent Wordpress plugin - UPM-POLLS. full list:
- PmWiki <= 2.2.34 (pagelist) Remote PHP Code Injection Exploit
- TYPO3 'BACK_PATH' Parameter Local File Include Vulnerability
- Zabbix <= 1.8.4 (popup.php) SQL Injection
- Support Incident Tracker <= 3.65 (translate.php) Remote Code Execution
- Wordpress UPM-POLLS Plugin 1.0.4 Remote PHP shell uploader
- SourceBans 1.4.8 SQL/LFI Injection
- ITHorizon (lang) SQL Injection Vulnerability
- DotA OpenStats <= 1.3.9 SQL Injection

Happy New Year and Merry Christmas to everyone! Best wishes for new upcoming year.



Agora 2.7

In Agora 2.7 there are new modules for latest HP Data protector vulns, pretty frequent web stuff, Oracle Hyperion Financial Management Activex and more:
- HP Data Protector Media Operations <= 6.20 directory traversal
- HP Data Protector Media Operations <= 6.20 DOS
- Cisco CUCM directory traversal vulnerability
- Oracle Hyperion Financial Management TList6 ActiveX Control Remote
Code Execution Vulnerability - OrderSys <= 1.6.4 SQL Injection
- phpLDAPadmin <= 1.2.1.1 Remote PHP Code Injection Exploit
- Support Incident Tracker <= 3.65 (translate.php) Remote Code Execution



Agora 2.6

New modules this time include ag_ida_hexrays - [0day] IDA Windows 32-bit remote debug server(MT) v1.14 DoS.
ag_snortreport_exec - Snortreport 1.3.2 nmap.php and nbtscan.php Remote Command Execution
ag_oracle_autovue - exploit for Unsafe method in oracle_autovue ActiveX allowing cmds exec.
ag_openemr_sqli - Openemr-4.1.0 SQL injection.
ag_efront_sqli - EFront <= 3.6.9 SQL Injection.



Agora 2.5

New Agora pack 2.5 is out with five fresh web exploits this time:
- PlaySMS 0.9.5.2 <= Local File Inclusion Vulnerability. public. patch available.
- Pluck CMS 4.7 Local File Inclusion Vulnerability. public. patch available.
- WordPress SearchAutocomplete plugin <= 1.0.8 SQL Injection Vulnerability. public. patch available
- WordPress Tune Library plugin <= 2.17 SQL Injection Vulnerability. public. patch available
- Wordpress Zingiri Web Shop Plugin 2.2.0 Remote File Inclusion. public. patch available



Agora 2.4

New Agora stuff:
- Vbulletin 4.0.x - 4.1.3 forum SQL Injection.
- widely used Paltalk Messanger arbitrary code exec. vuln public, but no working public exploit available.
And also frequently used Joomla plugin and TuoCMS web exploits, plus bison ftp server exploit.