CVE-2018-15473
OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c.
Github link:
https://github.com/moften/cve-2018-15473-poc
OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c.
Github link:
https://github.com/moften/cve-2018-15473-poc
GitHub
GitHub - moften/cve-2018-15473-poc: Check if a username is valid on the SSH server by attempting an authentication. The server…
Check if a username is valid on the SSH server by attempting an authentication. The server response will indicate whether the username exists. - moften/cve-2018-15473-poc
CVE-2024-21413
Microsoft Outlook Remote Code Execution Vulnerability
Github link:
https://github.com/ArtemCyberLab/Project-NTLM-Hash-Capture-and-Phishing-Email-Exploitation-for-CVE-2024-21413
Microsoft Outlook Remote Code Execution Vulnerability
Github link:
https://github.com/ArtemCyberLab/Project-NTLM-Hash-Capture-and-Phishing-Email-Exploitation-for-CVE-2024-21413
GitHub
GitHub - ArtemCyberLab/Project-NTLM-Hash-Capture-and-Phishing-Email-Exploitation-for-CVE-2024-21413: The project was created to…
The project was created to demonstrate the use of various tools for capturing NTLM hashes from users on a network and for executing phishing attacks using email. This showcases how network authenti...
CVE-2022-0847
A flaw was found in the way the "flags" member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel and could thus contain stale values. An unprivileged local user could use this flaw to write to pages in the page cache backed by read only files and as such escalate their privileges on the system.
Github link:
https://github.com/cypherlobo/DirtyPipe-BSI
A flaw was found in the way the "flags" member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel and could thus contain stale values. An unprivileged local user could use this flaw to write to pages in the page cache backed by read only files and as such escalate their privileges on the system.
Github link:
https://github.com/cypherlobo/DirtyPipe-BSI
GitHub
GitHub - cypherlobo/DirtyPipe-BSI: A root exploit for CVE-2022-0847 (Dirty Pipe)
A root exploit for CVE-2022-0847 (Dirty Pipe). Contribute to cypherlobo/DirtyPipe-BSI development by creating an account on GitHub.