https://github.com/CorrieOnly/google-dorks
43 lists of Google Dorks for a variety of purposes:
Amazon/Shopping/Carding dorks
Passwords/usernames/Juicy info dorks
Gaming/Minecraft dorks
and much more
#vulnerabilities #cybersecurity
43 lists of Google Dorks for a variety of purposes:
Amazon/Shopping/Carding dorks
Passwords/usernames/Juicy info dorks
Gaming/Minecraft dorks
and much more
#vulnerabilities #cybersecurity
Forwarded from Bhartiya Hunters (Founder & CEO •)
Bug bounty Hunting 🔥💫🇮🇳
#BBH #Pentesting #RedTeam #EthicalHacking #BugBounty #Vulnerabilities
Shared by @Indianshunters
https://youtu.be/YKE3kzbwRUo
#BBH #Pentesting #RedTeam #EthicalHacking #BugBounty #Vulnerabilities
Shared by @Indianshunters
https://youtu.be/YKE3kzbwRUo
Forwarded from Bhartiya Hunters (Founder & CEO •)
Jira Mobile SSRF Exploit
#Vulnerabilities #BugBounty #EthicalHacking #RedTeam #Pentesting #BBH #CyberSecurity #VAPT #Exploit
https://reconshell.com/jira-mobile-ssrf-exploit/
Shared by @Indianshunters
#Vulnerabilities #BugBounty #EthicalHacking #RedTeam #Pentesting #BBH #CyberSecurity #VAPT #Exploit
https://reconshell.com/jira-mobile-ssrf-exploit/
Shared by @Indianshunters
Penetration Testing Tools, ML and Linux Tutorials
Jira Mobile SSRF Exploit - Penetration Testing Tools, ML and Linux Tutorials
The SSRF vulnerability allows attackers to send HTTP requests using any HTTP method, headers and body to arbitrary URLs. When Jira is deployed on a cloud
🔥NETGEAR Routers: A Playground for Hackers?
Overall, the security posture of custom binaries built by NETGEAR contained many vulnerabilities, largely due to the widespread usage of insecure C functions such as
Content:
💾 Summary
💾 Advisories
💾 Vulnerabilities
💽 Telnet
📀 PSV-2023-0008 – Telnet Default Account Privilege Escalation Breakout
💽 Web Application
📀 PSV-2022-???? – JSON Response Stack Data Leak
💽 SOAP Service
📀 PSV-2023-0009 – Write HTTP Response Stack Pointer Leak
📀 PSV-2022-???? – SOAPAction Stack Buffer Overflow
📀 PSV-2023-0010 – HTTP Body Off-By-One NULL Terminator Stack Canary Corruption
📀 PSV-2023-0011 – HTTP Protocol Stack Buffer Overflow
📀 PSV-2023-0012 – SOAP Parameters Stack Buffer Overflow
💾 Conclusion
Overall, the security posture of custom binaries built by NETGEAR contained many vulnerabilities, largely due to the widespread usage of insecure C functions such as
strcpy
, strcat
, sprintf
, or from off-by-one errors. However, the majority of the binaries on the NETGEAR router were compiled with many protections in place, including stack canaries, non-executable stack (NX), position-independent code (PIE) and address layout randomization (ASLR) enabled. These protections made many of the vulnerabilities identified difficult to exploit on their own.Content:
💾 Summary
💾 Advisories
💾 Vulnerabilities
💽 Telnet
📀 PSV-2023-0008 – Telnet Default Account Privilege Escalation Breakout
💽 Web Application
📀 PSV-2022-???? – JSON Response Stack Data Leak
💽 SOAP Service
📀 PSV-2023-0009 – Write HTTP Response Stack Pointer Leak
📀 PSV-2022-???? – SOAPAction Stack Buffer Overflow
📀 PSV-2023-0010 – HTTP Body Off-By-One NULL Terminator Stack Canary Corruption
📀 PSV-2023-0011 – HTTP Protocol Stack Buffer Overflow
📀 PSV-2023-0012 – SOAP Parameters Stack Buffer Overflow
💾 Conclusion
NCC Group Research Blog
NETGEAR Routers: A Playground for Hackers
A detailed analysis on multiple vulnerabilities which were identified on the NETGEAR Nighthawk WiFi 6 Router (RAX AX2400) and may exist on other NETGEAR router models.