🔠🔠🔠🔠0️⃣🔠🔠🔣➖

https://system32.ink/exim-mail-servers-cve-2024-39929-exploit/

🖥Exim through 4.97.1 misparses a multiline RFC 2231 header filename, and thus remote attackers can bypass a $mime_filename extension-blocking protection mechanism, and potentially deliver executable attachments to the mailboxes of end users. 🖥

🍰 EXIM Mail Servers CVE-2024-39929 Exploit 🏴‍☠️

The 🖥script performs the following actions:

⭐️Reads the list of SMTP servers from the specified file.
⭐️Prompts the user for sender and recipient email addresses.
🚨Connects to each SMTP server on port 25.
🚨Sends an email with a crafted attachment designed to exploit CVE-2024-39929.
#️⃣Sets the email subject to indicate the server used for sending the email.
#️⃣Prints debug information and handles exceptions.

🔣 https://system32.ink/fujitsu-network-edgiot-gw1500-m2m-gw-for-fenics-cve-2024-40617-exploit/ 🔣

🖥 FUJITSU Network 🖥 Edgiot GW1500 🖥 (M2M-GW for FENICS) CVE-2024-40617 Exploit

🖥 Path traversal vulnerability exists in FUJITSU Network Edgiot GW1500 (M2M-GW for FENICS). If a remote authenticated 🖥 attacker with User Class privilege sends a specially crafted request to the affected product, access restricted files containing sensitive information may be accessed. As a result, Administrator Class privileges of the product may be hijacked.🖥

🖥 https://system32.ink/azorult-stealr-3-4-cracked/ 🖥

🖥 Azorult Stealr 3.4 Cracked 🖥

🖥 Azorult Stealer is a type of malware, specifically an information stealer, designed to gather sensitive information from infected computers. It targets a variety of data, including:

#️⃣Login credentials (usernames and passwords)
#️⃣Banking information
⚡️Cryptocurrency wallets
⚡️Browser history
😎Cookies
😎Stored form autofill data
🪪Files from the infected machine

🖥 🔣 https://system32.ink/whatsapp-extension-manipulation-poc/ 🖥

📱 WhatsApp Extension Manipulation PoC 🎮

🖥 Android malware (.apk) can be spread through a fake PDF 🖥 document by manipulating the file extension in the WhatsApp application 😈.

🖥 https://system32.ink/windows-applocker-driver-lpe-cve-2024-21338-exploit/ 🖥

🖥 Windows AppLocker Driver LPE CVE-2024-21338 Exploit 🏴‍☠️

✏️The bug resides in the AppHashComputeImageHashInternal() function, which could be invoked by sending an IOCTL with value 0x22A018 to the device object named \\Device\Appid.

✏️The driver expects two pointers referenced from the IOCTL’s input buffer.

✏️This bug results in a powerful primitive, given that we have complete control of the instruction pointer and the data in the first argument via a callback.

✏️Based on the ACL present on the device object name, only the LOCAL SERVICE and AppIDSvc users have enough permission to send the target IoControlCode.

✏️The target driver, appid.sys, is not automatically loaded and requires sending an event to a specific AppLocker-related ETW provider.

2️⃣5️⃣ FREE USEFUL WEBSITE 🖥

#️⃣1. sizeasy.com –Visualize and compare the size of any product.

#️⃣2. whatfontis.com –quickly determine the font name from an image.

#️⃣3. fontsquirrel.com –A good collection of fonts – free for personal and commercial use.

#️⃣4. regex.info – Find data hidden in your photographs .

#️⃣5. tineye.com – This is like an online version of Google Googles.

#️⃣6. iwantmyname.com – Helps you search domains across allTLDs.

#️⃣7. tabbloid.com –Your favorite blogs delivered as PDFs.

#️⃣8. join.me – Share your screen with anyone over the web.

#️⃣9. onlineocr.net –Recognize text from scanned PDFs and images – see other OCR tools.

#️⃣10. flightstats.com –Track flight status at airports worldwide.

💡11. wetransfer.com –For sharing really big files online.

💡12. pastebin.com – A temporary onlineclipboard for your text and code snippets.

💡13. polishmywriting.com –Check your writing for spelling or grammatical errors.

💡14 . awesomehighlighter.com – Easily highlight the important parts of a web page.

💡15. typewith.me –Work on the same document with multiple people.

#️⃣16 . whichdateworks.com –Planning an event? Find a date that works for all.

#️⃣17. everytimezone.com – A less confusing view of the world time zones.

#️⃣18. warrick.cs.odu.edu – You’ll need this when your bookmarked web pages are deleted.

#️⃣19. gtmetrix.com – The perfect tool for measuring your site performance online.

#️⃣20. imo.im – Chat with your buddies on Skype,Facebook, GoogleTalk, etc from one place.

#️⃣21. translate.google.com – Translate web pages,PDFs and Office documents.

#️⃣22. youtube.com/leanback – Sit back and enjoy YouTube videos in full-screen mode.

#️⃣23. similarsites.com –Discover new sites that are similar to what you like already.

#️⃣24. wordle.net – Quicksummarize long pieces of text with tag clouds.

#️⃣25. bubbl.us – Create mind-maps, brainstorm ideas in the browser.

For More Click Here

Bug bounty Hunting Basic 001 in Hindi
By @learn_bug_bounty

BB001

Give reaction for motivating me
This is my first video ...
Forward and support ✅

If there are any mistakes in video quality ignore

🖥 https://system32.ink/cve-2024-7339-exploit-information-leak-vulnerability-in-dvr-devices/ 🍌

🪆 CVE-2024-7339 🔠🔠🔠🔠0️⃣🔠🔠: Information Leak Vulnerability In DVR Devices

💻 A vulnerability has been found in TVT DVR TD-2104TS-CL, DVR TD-2108TS-HP, Provision-ISR DVR SH-4050A5-5L(MM) and AVISION DVR AV108T and classified as problematic. This vulnerability affects unknown code of the file /queryDevInfo. The manipulation leads to information disclosure. The attack can be initiated remotely. 🤡

📡 Over 400,000+ Devices which leaks information. 🤖