CVE-2022-42889 PoC
This is Proof of Concept for the vulnerability CVE-2022-42889. This code will run the JavaScript code 195 + 324. If vulnerable the output should be:
Details:
https://blogs.apache.org/security/entry/cve-2022-42889
#cve #poc
This is Proof of Concept for the vulnerability CVE-2022-42889. This code will run the JavaScript code 195 + 324. If vulnerable the output should be:
PoC Output: 519
https://github.com/SeanWrightSec/CVE-2022-42889-PoCDetails:
https://blogs.apache.org/security/entry/cve-2022-42889
#cve #poc
GitHub
GitHub - SeanWrightSec/CVE-2022-42889-PoC: Proof of Concept for the Apache commons-text vulnerability CVE-2022-42889.
Proof of Concept for the Apache commons-text vulnerability CVE-2022-42889. - SeanWrightSec/CVE-2022-42889-PoC
CVE-2022-42889 (Text4Shell) OSS detector - Finds possibly vulnerable JAR files
https://ift.tt/Fk7zU31
Submitted October 18, 2022 at 09:19PM by SRMish3
via reddit https://ift.tt/rfSNsdR
https://ift.tt/Fk7zU31
Submitted October 18, 2022 at 09:19PM by SRMish3
via reddit https://ift.tt/rfSNsdR
GitHub
GitHub - jfrog/text4shell-tools
Contribute to jfrog/text4shell-tools development by creating an account on GitHub.
👍1
Forwarded from 卩ro 爪Cracker
CVE-2022-22947
Spring Cloud Gateway < 3.0.7 & < 3.1.1 Code Injection (RCE)
Applications using Spring Cloud Gateway are vulnerable to a code injection attack when the Gateway Actuator endpoint is enabled, exposed and unsecured. A remote attacker could make a maliciously crafted request that could allow arbitrary remote execution on the remote host.
https://github.com/crowsec-edtech/CVE-2022-22947
#cve
Spring Cloud Gateway < 3.0.7 & < 3.1.1 Code Injection (RCE)
Applications using Spring Cloud Gateway are vulnerable to a code injection attack when the Gateway Actuator endpoint is enabled, exposed and unsecured. A remote attacker could make a maliciously crafted request that could allow arbitrary remote execution on the remote host.
https://github.com/crowsec-edtech/CVE-2022-22947
#cve
Forwarded from 卩ro 爪Cracker
CVE-2022-41040-metasploit-ProxyNotShell
the metasploit script(POC) about CVE-2022-41040. Microsoft Exchange are vulnerable to a server-side request forgery (SSRF) attack. An authenticated attacker can use the vulnerability to elevate privileges.
https://github.com/TaroballzChen/CVE-2022-41040-metasploit-ProxyNotShell
the metasploit script(POC) about CVE-2022-41040. Microsoft Exchange are vulnerable to a server-side request forgery (SSRF) attack. An authenticated attacker can use the vulnerability to elevate privileges.
https://github.com/TaroballzChen/CVE-2022-41040-metasploit-ProxyNotShell
App:- https://play.google.com/store/apps/details?id=com.innovate.IndonesiaSocial
» cdn-v3.justsayhi.com
Enjoy with indonesia using info. leaking
» cdn-v3.justsayhi.com
Enjoy with indonesia using info. leaking
Forwarded from 卩ro 爪Cracker
Qilin Ransomware blog
http://kbsqoivihgdmwczmxkbovk7ss2dcynitwhhfu5yw725dboqo5kthfaad.onion
http://kbsqoivihgdmwczmxkbovk7ss2dcynitwhhfu5yw725dboqo5kthfaad.onion
Forwarded from Hackbyte.org (India🇮🇳 ) ({2})
vcczone.com.sql
5.1 MB
(
Buy Unlimited Virtual Credit Cards At Cheap Price For Got Any Type Free Trial Subscription
Note : VCC Support Only USA
https://vcczone.com/
id, name, email, email_verified_at, password, profile_photo_path, is_customer, customer_id, remember_token, status, is_test, created_at, updated_at)cards (id, card_number, exp_date, cvv, first_name, last_name, address, city, state, zip, status, type, created_at, updated_at)Buy Unlimited Virtual Credit Cards At Cheap Price For Got Any Type Free Trial Subscription
Note : VCC Support Only USA
https://vcczone.com/
Forwarded from 卩ro 爪Cracker
Indonesian nuclear agency internal files leak
Details:
These 1.4 gb worth of files regarding the Nuclear power authority in Indonesia are being leaked in response to police brutality and corruption by the Indonesian government.
Download link(Updated): https://pixeldrain.com/u/GsgZb1uc
Details:
These 1.4 gb worth of files regarding the Nuclear power authority in Indonesia are being leaked in response to police brutality and corruption by the Indonesian government.
Download link(Updated): https://pixeldrain.com/u/GsgZb1uc
👍1
text4shell-scan
A fully automated, accurate, and extensive scanner for finding vulnerable text4shell hosts
Features:
▫️ Support for lists of URLs.
▫️ Fuzzing for more than 60 HTTP request headers.
▫️ Fuzzing for HTTP POST Data parameters.
▫️ Fuzzing for JSON data parameters.
▫️ Supports DNS callback for vulnerability discovery and validation.
▫️ WAF Bypass payloads.
▫️ Support for custom DNS OOB callbacks (ex: Burpsuite Collaborator)
https://github.com/securekomodo/text4shell-scan
A fully automated, accurate, and extensive scanner for finding vulnerable text4shell hosts
Features:
▫️ Support for lists of URLs.
▫️ Fuzzing for more than 60 HTTP request headers.
▫️ Fuzzing for HTTP POST Data parameters.
▫️ Fuzzing for JSON data parameters.
▫️ Supports DNS callback for vulnerability discovery and validation.
▫️ WAF Bypass payloads.
▫️ Support for custom DNS OOB callbacks (ex: Burpsuite Collaborator)
https://github.com/securekomodo/text4shell-scan
Detecting and mitigating CVE-2022-42889 a.k.a. Text4shell
https://ift.tt/4fUISJG
Submitted October 19, 2022 at 06:48PM by MiguelHzBz
via reddit https://ift.tt/q43Vpfy
https://ift.tt/4fUISJG
Submitted October 19, 2022 at 06:48PM by MiguelHzBz
via reddit https://ift.tt/q43Vpfy
Sysdig
Detecting and mitigating CVE-2022-42889 a.k.a. Text4shell | Sysdig
A new critical vulnerability CVE-2022-42889 a.k.a Text4shell was reported on the popular Apache Commons Text library.
Forwarded from I S H ∆ N T
🔥Great Offer at Powerful Laptops for Hacking🔥
In this Diwali, buy a powerful laptop for yourself to learn and to do hacking, pentesting, programming, etc.
Check out Most Powerful Laptops with High Discount 😍
👉 https://pentestingguide.com/best-laptops-for-cyber-security/ 👈
🔴 Get Up To 75% Off 🔴
In this Diwali, buy a powerful laptop for yourself to learn and to do hacking, pentesting, programming, etc.
Check out Most Powerful Laptops with High Discount 😍
👉 https://pentestingguide.com/best-laptops-for-cyber-security/ 👈
🔴 Get Up To 75% Off 🔴