#exploit
#reversing
1. Vulnerability in Synology NAS
https://paper.seebug.org/2038
2. Reverse Engineering and Exploiting an IoT TotoLink N100RE bug
https://faradaysec.com/faraday-ctf-2022-write-up-reverse-engineering-and-exploiting-an-iot-bug
3. ESI Injection PoCs
https://infosecwriteups.com/exploring-the-world-of-esi-injection-b86234e66f91
#reversing
1. Vulnerability in Synology NAS
https://paper.seebug.org/2038
2. Reverse Engineering and Exploiting an IoT TotoLink N100RE bug
https://faradaysec.com/faraday-ctf-2022-write-up-reverse-engineering-and-exploiting-an-iot-bug
3. ESI Injection PoCs
https://infosecwriteups.com/exploring-the-world-of-esi-injection-b86234e66f91
Faraday
Faraday CTF 2022 Write-up: Reverse Engineering and Exploiting an IoT bug - Faraday
In most of the write-ups of CTF, reverse engineering concepts are taken for granted. This is a problem for newcomers that are unfamiliar with some basic concepts or don’t have prior experience in this field. However, this will be different. In this video…
#exploit
1. CVE-2022-46164:
NodeBB Account Takeover Flaw
https://github.com/stephenbradshaw/CVE-2022-46164-poc
2. CVE-2022-23087:
"Escaping from bhyve"
https://www.synacktiv.com/publications/escaping-from-bhyve.html
https://github.com/synacktiv/bhyve
1. CVE-2022-46164:
NodeBB Account Takeover Flaw
https://github.com/stephenbradshaw/CVE-2022-46164-poc
2. CVE-2022-23087:
"Escaping from bhyve"
https://www.synacktiv.com/publications/escaping-from-bhyve.html
https://github.com/synacktiv/bhyve
GitHub
GitHub - stephenbradshaw/CVE-2022-46164-poc: Basic POC exploit for CVE-2022-46164
Basic POC exploit for CVE-2022-46164. Contribute to stephenbradshaw/CVE-2022-46164-poc development by creating an account on GitHub.
Forwarded from Deadly malware xp
#exploit
1. The OWASSRF + TabShell exploit chain
https://blog.viettelcybersecurity.com/tabshell-owassrf
2. CVE-2022-3515/CVE-2022-47629:
Integer overflow bug Libksba library (x.509)
https://github.com/elttam/publications/blob/master/writeups/CVE-2022-47629.md
3. CVE-2022-44877:
Centos Web Panel 7 Unauthenticated RCE
https://github.com/numanturle/CVE-2022-44877
1. The OWASSRF + TabShell exploit chain
https://blog.viettelcybersecurity.com/tabshell-owassrf
2. CVE-2022-3515/CVE-2022-47629:
Integer overflow bug Libksba library (x.509)
https://github.com/elttam/publications/blob/master/writeups/CVE-2022-47629.md
3. CVE-2022-44877:
Centos Web Panel 7 Unauthenticated RCE
https://github.com/numanturle/CVE-2022-44877
Blog of Viettel Cyber Security
The OWASSRF + TabShell exploit chain
We see that one of our vulnerabilities is exploited in the wild Link. So we decided to public the detail analysis of our two bug chain. Any customer has enough information to mitigate these bugs. The vendor also released all patches two weeks ago. This blog…
Forwarded from Deadly malware xp
#exploit
PandoraFMS NG765 - Pre-Auth RCE
https://3sjay.github.io/2023/01/06/pandoraFMS-Pre-Auth-RCE.html
PandoraFMS NG765 - Pre-Auth RCE
https://3sjay.github.io/2023/01/06/pandoraFMS-Pre-Auth-RCE.html
Esjay’s Blog
PandoraFMS - Pre-Auth Remote Code Execution
Assessed Version: PandoraFMS NG 765
Forwarded from Deadly malware xp
#exploit
SSRF attack on MySQL Server with password using php-curl
https://github.com/wupco/rwctf2023-ASTLIBRA
SSRF attack on MySQL Server with password using php-curl
https://github.com/wupco/rwctf2023-ASTLIBRA
GitHub
GitHub - wupco/rwctf2023-ASTLIBRA
Contribute to wupco/rwctf2023-ASTLIBRA development by creating an account on GitHub.
Forwarded from 卩ro 爪Cracker
CVE-2022-39073
Proof of concept for the command injection vulnerability affecting the ZTE MF286R router, including an RCE exploit.
https://github.com/v0lp3/CVE-2022-39073
#cve #exploit
Proof of concept for the command injection vulnerability affecting the ZTE MF286R router, including an RCE exploit.
https://github.com/v0lp3/CVE-2022-39073
#cve #exploit
#exploit
1. CVE-2022-31705:
Geekpwn 2022 Vmware EHCI OOB
https://github.com/s0duku/cve-2022-31705
2. Linux >=4.10: UAF in __do_semtimedop() due to lockless check outside RCU section
https://bugs.chromium.org/p/project-zero/issues/detail?id=2391
3. Lexmark Printers/Copiers haxx 0-day Exploit
https://github.com/blasty/lexmark
1. CVE-2022-31705:
Geekpwn 2022 Vmware EHCI OOB
https://github.com/s0duku/cve-2022-31705
2. Linux >=4.10: UAF in __do_semtimedop() due to lockless check outside RCU section
https://bugs.chromium.org/p/project-zero/issues/detail?id=2391
3. Lexmark Printers/Copiers haxx 0-day Exploit
https://github.com/blasty/lexmark
GitHub
GitHub - s0duku/cve-2022-31705: CVE-2022-31705 (Geekpwn 2022 Vmware EHCI OOB) POC
CVE-2022-31705 (Geekpwn 2022 Vmware EHCI OOB) POC - GitHub - s0duku/cve-2022-31705: CVE-2022-31705 (Geekpwn 2022 Vmware EHCI OOB) POC
#exploit
1. CVE-2023-0210:
Unauthenticated remote DOS in ksmbd NTLMv2 authentication (Linux kernel)
https://seclists.org/oss-sec/2023/q1/4
2. CVE-2022-20452:
Privilege escalation on Android from installed app to system/another app via LazyValue using Parcel after recycle()
https://github.com/michalbednarski/LeakValue
1. CVE-2023-0210:
Unauthenticated remote DOS in ksmbd NTLMv2 authentication (Linux kernel)
https://seclists.org/oss-sec/2023/q1/4
2. CVE-2022-20452:
Privilege escalation on Android from installed app to system/another app via LazyValue using Parcel after recycle()
https://github.com/michalbednarski/LeakValue
seclists.org
oss-sec: Linux kernel: Unauthenticated remote DOS in ksmbd NTLMv2 authentication
#exploit
1. PoC for arbitrary file delete/move in Razer Synapse 3 Macro module
https://github.com/Wh04m1001/RazerEoP
2. CVE-2023-21752:
PoC for arbitrary file delete vulnerability in Windows Backup service
https://github.com/Wh04m1001/CVE-2023-21752
1. PoC for arbitrary file delete/move in Razer Synapse 3 Macro module
https://github.com/Wh04m1001/RazerEoP
2. CVE-2023-21752:
PoC for arbitrary file delete vulnerability in Windows Backup service
https://github.com/Wh04m1001/CVE-2023-21752
GitHub
GitHub - Wh04m1001/RazerEoP
Contribute to Wh04m1001/RazerEoP development by creating an account on GitHub.