Forwarded from 卩ro 爪Cracker
CVE-2022-26809 RCE Exploit
Weakness in a core Windows component (RPC) earned a CVSS score of 9.8 not without a reason, as the attack does not require authentication and can be executed remotely over a network, and can result in remote code execution (RCE) with the privileges of the RPC service, which depends on the process hosting the RPC runtime.
That critcal bug, with a bit of luck, allows to gain access to unpatched Windows host running SMB. The vulnerability can be exploited both from outside the network in order to breach it as well as between machines in the network.
https://github.com/rkxxz/CVE-2022-26809
Vendor Information:
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26809
https://www.pwndefend.com/2022/04/14/cve-2022-26809/
#cve #poc #exploit
Weakness in a core Windows component (RPC) earned a CVSS score of 9.8 not without a reason, as the attack does not require authentication and can be executed remotely over a network, and can result in remote code execution (RCE) with the privileges of the RPC service, which depends on the process hosting the RPC runtime.
That critcal bug, with a bit of luck, allows to gain access to unpatched Windows host running SMB. The vulnerability can be exploited both from outside the network in order to breach it as well as between machines in the network.
https://github.com/rkxxz/CVE-2022-26809
Vendor Information:
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26809
https://www.pwndefend.com/2022/04/14/cve-2022-26809/
#cve #poc #exploit
Forwarded from 卩ro 爪Cracker
CVE-2022-26717
Safari WebGL XFB Use After Free Vulnerability
https://github.com/theori-io/CVE-2022-26717-Safari-WebGL-Exploit
#cve #exploit
Safari WebGL XFB Use After Free Vulnerability
https://github.com/theori-io/CVE-2022-26717-Safari-WebGL-Exploit
#cve #exploit
GitHub
GitHub - theori-io/CVE-2022-26717-Safari-WebGL-Exploit
Contribute to theori-io/CVE-2022-26717-Safari-WebGL-Exploit development by creating an account on GitHub.
Forwarded from 卩ro 爪Cracker
Forwarded from Bhartiya Hunters🇮🇳 (Founder & CEO •)
Quip
A Tale of Confusing IDOR 😤
Hi!!
Forwarded from 卩ro 爪Cracker
API Unhooking
An article about a new method of avoiding AV/EDR by creating a process in a suspended state and getting a copy of the ntdll from the new process before it is hijacked by AV/EDR.
Research:
https://dosxuz.gitlab.io/post/perunsfart/
PoC:
https://github.com/dosxuz/PerunsFart
An article about a new method of avoiding AV/EDR by creating a process in a suspended state and getting a copy of the ntdll from the new process before it is hijacked by AV/EDR.
Research:
https://dosxuz.gitlab.io/post/perunsfart/
PoC:
https://github.com/dosxuz/PerunsFart
dosxuz.gitlab.io
API Unhooking with Perun's Fart
Pre-requisites To fully understand this topic, one needs to have some knowledge about the following concepts:
Little bit of C++ programming Some knowledge of API hooking by AV/EDR software Basic understanding of the PE structures Basic knowledge about Win32…
Little bit of C++ programming Some knowledge of API hooking by AV/EDR software Basic understanding of the PE structures Basic knowledge about Win32…
👍4
Forwarded from 卩ro 爪Cracker
rtfquizmasterks_customer.json
36.5 MB
Website: rewardthefan.com
Date: May 21, 2021
Lines: 97K
Fields:
'customer_id', 'active_reward_points', 'email', 'image_path', 'is_blocked', 'is_otp_verified', 'magicwand', 'no_of_lives', 'phone' , 'rtf_cur_val_bal', 'rtf_points', 'sf_ques_level', 'super_fan_chances', 'user_id.VivaAir -Columbia.txt
1.8 GB
2M lines Datasets
from Viva Air Columbia
Headers:
AccountID|FilenameXml|FilenameExtension|DateProduction|PeriodFrom|PeriodTo|CutoffTime|VersionXml|MerchantID|OrderID|EffortID|AttemptID|Recordcategory|Recordtype|PaymentReference|AdditionalReference|CurrencyLocal|AmountLocal|CurrencyDelivered|AmountDelivered|PaymentCountry|PaymentStatus|TransactionDateTime|ErrorCodes|ErrorMessages|CardNumber|ExpiryDate|IssueNumber|AuthorizationCode|PaymentGroupId|PaymentMethodId|PaymentProductId|IIN|IssuerCountry|PaymentProcessorID|MID|NumberOfInstallments|FraudResult|FraudCode|FraudStatus|ThirdPartyReferenceNumber1|ThirdPartyReferenceNumber2|ThirdPartyReferenceNumber3|Street|Zip|City|CountryCode|LanguageCode|Phonenumber|Email|EmailTypeIndicator|IPAddressCustomer|BillingStreet|BillingZip|BillingCity|BillingCountryCode|BillingPhonenumber|BillingEmail|BillingEmailTypeIndicator|AirlineCode|AirlineName|TicketNumber|PassengerName|FlightDate|DateUpload|NrOfInstallments|DateDue|AmountDue|OrderCurrency|OrderAmount|CreditcardCompany|Forwarded from 卩ro 爪Cracker
Forwarded from 卩ro 爪Cracker
🔰The Complete Ethical Hacking Course🔰
◾️ Hacking Lab setup
◾️ Kali Linux 101
◾️ Anonymity Online
◾️ Dark Web
◾️ Network Pentesting
◾️ Wireless Attacks
◾️ Post Connection Attacks
◾️ System Pentesting
◾️ Attacks On users
◾️ Social Engineering
◾️ Social Media Security
◾️ Beef
◾️ External Networks Attacks
◾️ Fake Game websites attack
◾️ Post Hacking Sessions
◾️ Hacker Methodology
◾️ Website Reconnaissance
◾️ Website Pentesting
◾️ SQL 101
◾️ SQL Injection
◾️ Website Pentesting tools
◾️ Ethical Hacking Certifications
◾️ Python For Ethical Hacking
◾️ Python Data type & Structure
◾️ Control Statements & Loops
◾️ Essentials
◾️ Functions
◾️ Object Oriented Programming
◾️ Modules
◾️ Mac Changer
◾️ Network Scanner
◾️ Man In the Middle
◾️ Packet Listener
◾️ Keylogger
◾️ Backdoor
◾️ Packaging & Malicious files
◾️ Closing & Ethical Hacker's Handbook And many More things
⚠️People are Sell For : 66.26$ (5000₹) [Free In Our Channel]⚠️
📥 Download Link:
https://mega.nz/folder/WvIlFCLQ#KHWbWS4Ez57R3jCdpYdREw
◾️ Hacking Lab setup
◾️ Kali Linux 101
◾️ Anonymity Online
◾️ Dark Web
◾️ Network Pentesting
◾️ Wireless Attacks
◾️ Post Connection Attacks
◾️ System Pentesting
◾️ Attacks On users
◾️ Social Engineering
◾️ Social Media Security
◾️ Beef
◾️ External Networks Attacks
◾️ Fake Game websites attack
◾️ Post Hacking Sessions
◾️ Hacker Methodology
◾️ Website Reconnaissance
◾️ Website Pentesting
◾️ SQL 101
◾️ SQL Injection
◾️ Website Pentesting tools
◾️ Ethical Hacking Certifications
◾️ Python For Ethical Hacking
◾️ Python Data type & Structure
◾️ Control Statements & Loops
◾️ Essentials
◾️ Functions
◾️ Object Oriented Programming
◾️ Modules
◾️ Mac Changer
◾️ Network Scanner
◾️ Man In the Middle
◾️ Packet Listener
◾️ Keylogger
◾️ Backdoor
◾️ Packaging & Malicious files
◾️ Closing & Ethical Hacker's Handbook And many More things
⚠️People are Sell For : 66.26$ (5000₹) [Free In Our Channel]⚠️
📥 Download Link:
https://mega.nz/folder/WvIlFCLQ#KHWbWS4Ez57R3jCdpYdREw
mega.nz
File folder on MEGA
Forwarded from 卩ro 爪Cracker
🔰 How to Remove Facebook Account by Pottu Report Tool Termux in 5 Minutes 🔰
[👇Tab to Copy Command👇]
$ apt update && apt upgrade
$ apt install python
$ apt install git
$ git clone https://github.com/IlayTamvan/Report
$ cd Report
$ ls
$ unzip Report.zip
$ python2 Report.py
DONE ✅
[👇Tab to Copy Command👇]
$ apt update && apt upgrade
$ apt install python
$ apt install git
$ git clone https://github.com/IlayTamvan/Report
$ cd Report
$ ls
$ unzip Report.zip
$ python2 Report.py
DONE ✅
GitHub
GitHub - IlayTamvan/Report: Code : Secret
Code : Secret. Contribute to IlayTamvan/Report development by creating an account on GitHub.