red shadow - Lightspin AWS Vulnerability Scanner
https://reconshell.com/red-shadow-lightspin-aws-vulnerability-scanner/
#PrivilegeEscalation #exploit #Exploitation #AWS
#Vulnerability #Scanner
https://reconshell.com/red-shadow-lightspin-aws-vulnerability-scanner/
#PrivilegeEscalation #exploit #Exploitation #AWS
#Vulnerability #Scanner
iOS 15 0day Exploits
https://github.com/illusionofchaos/ios-gamed-0day
https://github.com/illusionofchaos/ios-nehelper-wifi-info-0day
https://github.com/illusionofchaos/ios-nehelper-enum-apps-0day
#ios #0day #exploit
https://github.com/illusionofchaos/ios-gamed-0day
https://github.com/illusionofchaos/ios-nehelper-wifi-info-0day
https://github.com/illusionofchaos/ios-nehelper-enum-apps-0day
#ios #0day #exploit
GitHub
GitHub - illusionofchaos/ios-gamed-0day: iOS gamed exploit (fixed in 15.0.2)
iOS gamed exploit (fixed in 15.0.2). Contribute to illusionofchaos/ios-gamed-0day development by creating an account on GitHub.
SonicWall SMA-100 Unauth RCE
Bad Blood is an exploit for CVE-2021-20038, a stack-based buffer overflow in the httpd binary of SMA-100 series systems using firmware versions 10.2.1.x. The exploit, as written, will open up a telnet bind shell on port 1270. An attacker that connects to the shell will achieve execution as
Research:
https://attackerkb.com/topics/QyXRC1wbvC/cve-2021-20038/rapid7-analysis
Exploit:
https://github.com/jbaines-r7/badblood
#sonicwall #exploit #rce #cve
Bad Blood is an exploit for CVE-2021-20038, a stack-based buffer overflow in the httpd binary of SMA-100 series systems using firmware versions 10.2.1.x. The exploit, as written, will open up a telnet bind shell on port 1270. An attacker that connects to the shell will achieve execution as
nobody.Research:
https://attackerkb.com/topics/QyXRC1wbvC/cve-2021-20038/rapid7-analysis
Exploit:
https://github.com/jbaines-r7/badblood
#sonicwall #exploit #rce #cve
AttackerKB
CVE-2021-20038 | AttackerKB
A Stack-based buffer overflow vulnerability in SMA100 Apache httpd server's mod_cgi module environment variables allows a remote unauthenticated attacker to po…
SpoolFool: Windows Print Spooler Privilege Escalation (CVE-2022–22718)
Research:
https://research.ifcr.dk/spoolfool-windows-print-spooler-privilege-escalation-cve-2022-22718-bf7752b68d81
Exploit:
https://github.com/ly4k/SpoolFool
#windows #print #spooler #lpe #exploit
Research:
https://research.ifcr.dk/spoolfool-windows-print-spooler-privilege-escalation-cve-2022-22718-bf7752b68d81
Exploit:
https://github.com/ly4k/SpoolFool
#windows #print #spooler #lpe #exploit
👍2
CVE-2022-0995
This is my exploit for CVE-2022-0995, an heap out-of-bounds write in the watch_queue Linux kernel component.
It uses the same technique described in https://google.github.io/security-research/pocs/linux/cve-2021-22555/writeup.html.
The exploit targets Ubuntu 21.10 with kernel 5.13.0-37.
The exploit is not 100% reliable, you may need to run it a couple of times. It may panic the kernel, but during my tests it happened rarely.
https://github.com/Bonfee/CVE-2022-0995
#linux #lpe #exploit #cve
This is my exploit for CVE-2022-0995, an heap out-of-bounds write in the watch_queue Linux kernel component.
It uses the same technique described in https://google.github.io/security-research/pocs/linux/cve-2021-22555/writeup.html.
The exploit targets Ubuntu 21.10 with kernel 5.13.0-37.
The exploit is not 100% reliable, you may need to run it a couple of times. It may panic the kernel, but during my tests it happened rarely.
https://github.com/Bonfee/CVE-2022-0995
#linux #lpe #exploit #cve
👍3
SpringShell: Spring Core RCE
(CVE-2022-22963)
PoC Payload:
https://www.cyberkendra.com/2022/03/springshell-rce-0-day-vulnerability.html
Exploit:
https://github.com/craig/SpringCore0day
(CVE-2022-22963)
PoC Payload:
spring.cloud.function.routing-expression: T(java.lang.Runtime).getRuntime().exec("xcalc")
Research:https://www.cyberkendra.com/2022/03/springshell-rce-0-day-vulnerability.html
Exploit:
https://github.com/craig/SpringCore0day
👍5🔥2
This media is not supported in your browser
VIEW IN TELEGRAM
WSO2 RCE (CVE-2022-29464)
Critical vulnerability on WSO2 discovered by Orange Tsai. the vulnerability is an unauthenticated unrestricted arbitrary file upload which which allows unauthenticated attackers to gain RCE on WSO2 servers via uploading malicious JSP files.
Google Dorks:
#wso2 #rce #exploit
Critical vulnerability on WSO2 discovered by Orange Tsai. the vulnerability is an unauthenticated unrestricted arbitrary file upload which which allows unauthenticated attackers to gain RCE on WSO2 servers via uploading malicious JSP files.
Google Dorks:
inurl:"/carbon/admin/login.jsp"https://github.com/hakivvi/CVE-2022-29464
inurl:"/authenticationendpoint/login.do"
inurl:"devportal/apis"
intitle:"API Publisher- Login"
intitle:"WSO2 Management Console"
#wso2 #rce #exploit
❤1