UBUNTU-CVE-2018-10895

qutebrowser before version 1.4.1 is vulnerable to a cross-site request forgery flaw that allows websites to access 'qute://' URLs. A malicious website could exploit this to load a 'qute://settings/set' URL, which then sets 'editor.command' to a bash script, resulting in arbitrary code execution...

Remote Code Execution (RCE)

qutebrowser is vulnerable to remote code execution RCE through cross-site request forgery CSRF attacks. The vulnerability exists due to a CSRF issue which allows a website with an tag to load the qute://settings/set URL which sets editor.command into a bash script, resulting in RCE attacks...

GPON Routers - Authentication Bypass / Command Injection Exploit

Exploit for hardware platform in category remote exploits !/bin/bash echo "+ Sending the Command… " We send the commands with two modes backtick and semicolon ; because different models trigger on different devices curl -k -d "XWebPageName=diag&diagaction=ping&wanconlist=0&desthost=$2;$2&ipv=0"...

JShielder - Automates The Process Of Installing All The Necessary Packages To Host A Web Application And Hardening A Linux Server

JSHielder is an Open Source tool developed to help SysAdmin and developers secure there Linux Servers in which they will be deploying any web application or services. This tool automates the process of installing all the necessary packages to host a web application and Hardening a Linux server wi...

antMan 0.9.0c Authentication Bypass

Exploit Title: antMan and the password to a url-encoded linefeed %0a, we can force the authentication script to produce return values not anticipated by the developer. To exploit these defects, use a web proxy to intercept the login attempt and modify the POST parameters as follows:...

CVE-2018-7739

CVE-2018-7739 affects Antsle’s antMan web management console (pre-0.9.1a). A remote attacker can bypass authentication by sending invalid characters in the username and password to the /login URI. The login flow uses Java’s ProcessBuilder to invoke a root-privileged bash script (antsle-auth) with...

antMan 0.9.1a - Authentication Bypass

antMan 0.9.1a - Authentication Bypass Exploit Title: antMan and the password to a url-encoded linefeed %0a, we can force the authentication script to produce return values not anticipated by the developer. To exploit these defects, use a web proxy to intercept the login attempt and modify the POS...

Findsploit - Find Exploits In Local And Online Databases Instantly

Finsploit is a simple bash script to quickly and easily search both local and online exploit databases. This repository also includes "copysploit" to copy any exploit-db exploit to the current directory and "compilesploit" to automatically compile and run any C exploit ie. ./copysploit 1337.c &&...

CVE-2018-6389 WordPress Parameter Resource Consumption Remote DoS

Yesterday Monday, February 5, 2018, a zero-day vulnerability in WordPress core was disclosed, which allows an attacker to perform a denial of service DoS attack against a vulnerable application. The vulnerability exists in the modules used to load JS and CSS files. These modules were designed to...

Hashicorp vagrant-vmware-fusion 5.0.3 - Local root Privilege Escalation Exploit

Exploit for macOS platform in category local exploits Another day, another root privesc bug in this plugin. Not quite so serious this time - this one is only exploitable if the user has the plugin installed but VMware Fusion not installed. This is a fairly unlikely scenario but it's a straight to...

D-Link DIR-850L Credential Disclosure Exploit

D-Link DIR-850L remote code execution variant exploit that extracts username and password for the device. !/bin/bash Derped together by Raphael de la Vienne A.K.A. Hackdwerg Original exploit https://www.rapid7.com/db/modules/exploit/linux/http/dlinkdir850lunauthexec Just in case if you dont have...

IntRec-Pack - Intelligence and Reconnaissance Package/Bundle installer

Intelligence and Reconnaissance Package/Bundle installer. IntRec-Pack is a Bash script designed to download, install and deploy several quality OSINT, Recon and Threat Intelligence tools. Due to the fact it manages the installation of the various dependencies related to these programs as well it...

AWS CIS Benchmark Tool: Prowler

Tool based on AWS-CLI commands for AWS account hardening, following guidelines of the CIS Amazon Web Services Foundations Benchmark 1.1 . It covers hardening and security best practices for all regions related to: Identity and Access Management 24 checks Logging 8 checks Monitoring 15 checks...

Zeus - AWS EC2 / S3 Auditing & Hardening Tool

Zeus is a powerful tool for AWS EC2 / S3 best hardening practices. It checks security settings according to the profiles the user creates and changes them to recommended settings based on the CIS AWS Benchmark source at request of the user. Identity and Access Management Avoid the use of the "roo...

InsomniaX 2.1.8 Arbitrary Kernel Extension Loading Vulnerability

It was found that the loader application bundled with InsomniaX can be used to load arbitrary Kernel Extensions kext. The loader is normally used to load a kext file that is needed to disable the Lid Sleep. A flaw has been found in the loader that allows a local attacker to load or unload any...

AWS Auditing & Hardening Tool: Zeus

Zeus is a powerful tool for AWS EC2 / S3 / CloudTrail / CloudWatch / KMS best hardening practices. It checks security settings according to the profiles the user creates and changes them to recommended settings based on the CIS AWS Benchmark source at request of the user. Identity and Access...

LARE - [L]ocal [A]uto [R]oot [E]xploiter is a Bash Script That Helps You Deploy Local Root Exploits

L ocal A uto R oot E xploiter is a simple bash script that helps you deploy local root exploits from your attacking machine when your victim machine do not have internet connectivity. The script is useful in a scenario where your victim machine do not have an internet connection eg. while you piv...

CVE-2017-8799

Untrusted input execution via igetwild in all iRODS versions before 4.1.11 and 4.2.1 allows other iRODS users potentially anonymous to execute remote shell commands via iRODS virtual pathnames. To exploit this vulnerability, a virtual iRODS pathname that includes a semicolon would be retrieved vi...

Adobe (Multiple Products) - XML Injection File Content Disclosure

Adobe Multiple Products - XML Injection File Content Disclosure !/bin/bash Exploit Title: Adobe XML Injection file content disclosure Date: 07-04-2017 Exploit Author: Thomas Sluyter Website: https://www.kilala.nl Vendor Homepage: http://www.adobe.com/support/security/bulletins/apsb10-05.html...

4nonimizer - A bash script for anonymizing the public IP managing the connection to TOR and different VPNs providers

What is 4nonimizer? It is a bash script for anonymizing the public IP used to browsing Internet, managing the connection to TOR network and to different VPNs providers OpenVPN, whether free or paid. By default, it includes several pre-configured VPN connections to different peers .ovpn files and...