GLEG - information security company. Agora exploit pack developer.

Agora Pack Latest Updates

Agora 2.12

AGORA 2.12 contains following highlighted modules:
Web soft with millions of installations...
- OpenCart Local File Inclusion [0Day]
- Freelancer Kit [0Day] SQL Injection
- Dolibarr ERP & CRM OS Command Injection
plus:
- Remote Desktop Protocol bug MS12_020, unfortunetly only remote crash by now
- widely deployed TRENDnet SecurView IP camera ActiveX Control Buffer Overflow
and more...

Agora 2.11

Agora pack 2.11 is out with 7 new modules. Web software is covered this time.
Included are modules for popular CMSystems, web based Promise raid Array Management Software, phpDenora used for IRC servers administrating, HomeSeer Home Automation Software and more...
- Promise WebPAM v2.2.0.13. Add admin user. [0day]
- LEPTON CMS <= 1.1.3 SQL Injection
- OneFileCMS v.1.1.5 Local File Inclusion Vulnerability
- XRayCMS 1.1.1 Remote PHP shell uploader
- HomeSeer HS2 and HomeSeer PRO Directory Traversal
- PHP Address Book 6.2.12 Remote PHP shell uploader
- phpDenora <= 1.4.6 Remote PHP shell uploader

Agora 2.10

Agora pack 2.10 is out with 6 new modules for frequently used software. Included are modules for the popular webcam and network camera software for Windows, defensive Symantec and Snort software, widely used VBulletin plugin and more...
- Pandora FMS 4.0.1 Local File Inclusion [0day]
- WebcamXP and Webcam 7 Directory Traversal Vulnerability
- Snort Report <= 1.3.2 SQL Injection Vulnerability
- Symantec pcAnywhere 12.5 DoS. smth similar to CVE-2011-3478.
- vBadvanced CMPS 3.2.2 Remote Code Execution
- SolarWinds Storage Manager SQL Injection Vulnerability

Agora 2.9

0day DoS for TrendMicro along with modules for fresh and well known web stuff:
- CommonSense CMS script Remote PHP shell uploader
- ag_hitAppoint_sqli <= 4.5.17 SQL Injection
- phpMyDirectory v1.3.2,v1.3.3 SQL Injection
- [0day] TrendMicro Control Manager CmdProcessor.exe DoS.

Agora 2.8

Well known web software covered this time: including PmWiki, TYP03, Zabbix and extremely frequent Wordpress plugin - UPM-POLLS. full list:
- PmWiki <= 2.2.34 (pagelist) Remote PHP Code Injection Exploit
- TYPO3 'BACK_PATH' Parameter Local File Include Vulnerability
- Zabbix <= 1.8.4 (popup.php) SQL Injection
- Support Incident Tracker <= 3.65 (translate.php) Remote Code Execution
- Wordpress UPM-POLLS Plugin 1.0.4 Remote PHP shell uploader
- SourceBans 1.4.8 SQL/LFI Injection
- ITHorizon (lang) SQL Injection Vulnerability
- DotA OpenStats <= 1.3.9 SQL Injection

Happy New Year and Merry Christmas to everyone! Best wishes for new upcoming year.

Agora 2.7

In Agora 2.7 there are new modules for latest HP Data protector vulns, pretty frequent web stuff, Oracle Hyperion Financial Management Activex and more:
- HP Data Protector Media Operations <= 6.20 directory traversal
- HP Data Protector Media Operations <= 6.20 DOS
- Cisco CUCM directory traversal vulnerability
- Oracle Hyperion Financial Management TList6 ActiveX Control Remote
Code Execution Vulnerability - OrderSys <= 1.6.4 SQL Injection
- phpLDAPadmin <= 1.2.1.1 Remote PHP Code Injection Exploit
- Support Incident Tracker <= 3.65 (translate.php) Remote Code Execution

Agora 2.6

New modules this time include ag_ida_hexrays - [0day] IDA Windows 32-bit remote debug server(MT) v1.14 DoS.
ag_snortreport_exec - Snortreport 1.3.2 nmap.php and nbtscan.php Remote Command Execution
ag_oracle_autovue - exploit for Unsafe method in oracle_autovue ActiveX allowing cmds exec.
ag_openemr_sqli - Openemr-4.1.0 SQL injection.
ag_efront_sqli - EFront <= 3.6.9 SQL Injection.

Agora 2.5

New Agora pack 2.5 is out with five fresh web exploits this time:
- PlaySMS 0.9.5.2 <= Local File Inclusion Vulnerability. public. patch available.
- Pluck CMS 4.7 Local File Inclusion Vulnerability. public. patch available.
- WordPress SearchAutocomplete plugin <= 1.0.8 SQL Injection Vulnerability. public. patch available
- WordPress Tune Library plugin <= 2.17 SQL Injection Vulnerability. public. patch available
- Wordpress Zingiri Web Shop Plugin 2.2.0 Remote File Inclusion. public. patch available

Agora 2.4

New Agora stuff:
- Vbulletin 4.0.x - 4.1.3 forum SQL Injection.
- widely used Paltalk Messanger arbitrary code exec. vuln public, but no working public exploit available.
And also frequently used Joomla plugin and TuoCMS web exploits, plus bison ftp server exploit.