A Python noscript to exploit CVE-2022-36446 Software Package Updates RCE (Authenticated) on Webmin < 1.997
for mitigation Update to Webmin >= 1.997
https://github.com/p0dalirius/CVE-2022-36446-Webmin-Software-Package-Updates-RCE
#webmin #rce
for mitigation Update to Webmin >= 1.997
https://github.com/p0dalirius/CVE-2022-36446-Webmin-Software-Package-Updates-RCE
#webmin #rce
GitHub
GitHub - p0dalirius/CVE-2022-36446-Webmin-Software-Package-Updates-RCE: A Python noscript to exploit CVE-2022-36446 Software Package…
A Python noscript to exploit CVE-2022-36446 Software Package Updates RCE (Authenticated) on Webmin < 1.997. - p0dalirius/CVE-2022-36446-Webmin-Software-Package-Updates-RCE
An automatic unpacker and logger for DotNet Framework targeting files! This tool has been unveiled at Black Hat USA 2022.
https://github.com/advanced-threat-research/DotDumper
#unpacker #DotNet
https://github.com/advanced-threat-research/DotDumper
#unpacker #DotNet
GitHub
GitHub - advanced-threat-research/DotDumper: An automatic unpacker and logger for DotNet Framework targeting files
An automatic unpacker and logger for DotNet Framework targeting files - advanced-threat-research/DotDumper
This repository contains de materials for the talk "Exploring the hidden attack surface of OEM IoT devices: pwning thousands of routers with a vulnerability in Realtek’s SDK for eCos OS.", which was presented at DEFCON30.
https://github.com/infobyte/cve-2022-27255
#Realtek #eCos
https://github.com/infobyte/cve-2022-27255
#Realtek #eCos
GitHub
GitHub - infobyte/cve-2022-27255
Contribute to infobyte/cve-2022-27255 development by creating an account on GitHub.
Sandman is a NTP based backdoor for red team engagements in hardened networks.
https://github.com/Idov31/Sandman
#NTP #backdoor
https://github.com/Idov31/Sandman
#NTP #backdoor
GitHub
GitHub - Idov31/Sandman: Sandman is a NTP based backdoor for hardened networks.
Sandman is a NTP based backdoor for hardened networks. - Idov31/Sandman
TOP All bugbounty pentesting CVE-2022- POC Exp RCE example payload Things
https://github.com/hktalent/TOP
#bugbounty
https://github.com/hktalent/TOP
#bugbounty
GitHub
GitHub - GhostTroops/TOP: TOP All bugbounty pentesting CVE-2023- POC Exp RCE example payload Things
TOP All bugbounty pentesting CVE-2023- POC Exp RCE example payload Things - GhostTroops/TOP
Security researchers discovered 3 vulnerabilities in the Linux kernel that could allow a local attacker to elevate privileges and potentially execute malicious code. The proof-of-concept code is publicly available increasing the likelihood of exploitation in the wild.
https://github.com/greek0x0/2022-LPE-UAF
https://zplin.me/papers/DirtyCred-Zhenpeng.pdf
#LPE
https://github.com/greek0x0/2022-LPE-UAF
https://zplin.me/papers/DirtyCred-Zhenpeng.pdf
#LPE
GitHub
GitHub - greek0x0/2022-LPE-UAF: PoC of various bugs in the Linux kernel
PoC of various bugs in the Linux kernel. Contribute to greek0x0/2022-LPE-UAF development by creating an account on GitHub.
The sources of the Linux kernel exploitation technique called DirtyCred are now on GitHub. The attack, which was presented at Black Hat 2022 security conference, is a kernel exploitation concept that swaps unprivileged kernel credentials with privileged ones to escalate privileges without overwriting any critical data on the kernel heap.
https://github.com/Markakd/DirtyCred
#LPE
https://github.com/Markakd/DirtyCred
#LPE
GitHub
GitHub - Markakd/DirtyCred: Kernel exploitation technique
Kernel exploitation technique. Contribute to Markakd/DirtyCred development by creating an account on GitHub.
Named Pipe File System Elevation of Privilege Vulnerability CVE-2022-22715
https://github.com/k0keoyo/my_vulnerabilities/tree/master/CVE-2022-22715
Write up:
https://whereisk0shl.top/post/break-me-out-of-sandbox-in-old-pipe-cve-2022-22715-windows-dirty-pipe
#LPE #Windows
https://github.com/k0keoyo/my_vulnerabilities/tree/master/CVE-2022-22715
Write up:
https://whereisk0shl.top/post/break-me-out-of-sandbox-in-old-pipe-cve-2022-22715-windows-dirty-pipe
#LPE #Windows
GitHub
my_vulnerabilities/CVE-2022-22715 at master · k0keoyo/my_vulnerabilities
Contribute to k0keoyo/my_vulnerabilities development by creating an account on GitHub.
CVE-2022-32250-Linux-Kernel-LPE
demo : https://www.youtube.com/watch?v=YqmwA6fPjKE
https://github.com/theori-io/CVE-2022-32250-exploit
demo : https://www.youtube.com/watch?v=YqmwA6fPjKE
https://github.com/theori-io/CVE-2022-32250-exploit
Teamsniper is a tool for fetching keywords in a Microsoft Teams such as (passwords, emails, database, etc.).
https://github.com/xRET2pwn/Teamsniper
#Teamsniper #redteaming
https://github.com/xRET2pwn/Teamsniper
#Teamsniper #redteaming
GitHub
GitHub - xRET2pwn/Teamsniper: Teamsniper is a tool for fetching keywords in a Microsoft Teams such as (passwords, emails, database…
Teamsniper is a tool for fetching keywords in a Microsoft Teams such as (passwords, emails, database, etc.). - GitHub - xRET2pwn/Teamsniper: Teamsniper is a tool for fetching keywords in a Microso...