CVE-2022-40929

XXL-JOB 2.2.0 has a Command execution vulnerability in background tasks. NOTE: this is disputed because the issues/4929 report is about an intended and supported use case running arbitrary Bash scripts on behalf of users...

PT-2022-25627 · Xxl-Job · Xxl-Job

Name of the Vulnerable Software and Affected Versions: XXL-JOB versions 2.2.0 and prior Description: The issue concerns a Command execution vulnerability in background tasks, which is disputed as it may be an intended use case for running arbitrary Bash scripts on behalf of users. Recommendations...

Command Injection

@saagie/sdk is vulnerable to command injection. An attacker is able to retrieve the secret tokens via injecting arbitrary commands into the bash scripts through closeissue.yml and createissue.yml...

Linux-Focused Cryptojacking Gang Tracked to Romania

A cryptojacking gang that’s likely based in Romania is using a never-before-seen SSH brute-forcer dubbed “Diicot brute” to crack passwords on Linux-based machines with weak passwords. The point of the campaign is mainly to deploy Monero mining malware, Bitdefender researchers said in a report...

Exploit for SQL Injection in Zabbix

This repository is an offensive tool for vulnerability research and exploitation. It contains a collection of vulnerable applications and services, along with exploit modules and tools for testing and demonstrating vulnerabilities. The primary vulnerability being targeted is not explicitly stated...

Exploit for Improper Encoding or Escaping of Output in F5 Nginx

It is an offensive tool for various areas. The repository contains a collection of vulnerable docker environments, including: CouchDB FFmpeg Git InfluxDB Jenkins Nginx Oracle Java Apache HTTP Server GitLab FastJSON Jenkins Electron The vulnerabilities include: CVE-2016-9086 GitLab CVE-2016-10134...

PhishingKitTracker - Let's Track Phishing Kits To Give To Research Community Raw Material To Stud

An extensible and freshly updated collection of phishingkits for forensics and future analysis topped with simple stats Disclaimer This repository holds a collection of Phishing Kits used by criminals to steal user information. Almost every file into the raw folder is malicious so I strongly...

Vesta Control Panel Authenticated Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Vesta Control Panel Authenticated Remote Code Execution", 'Description' = %q This module exploits command injection vulnerability in...

CVE-2019-19041

An issue was discovered in Xorux Lpar2RRD 6.11 and Stor2RRD 2.61, as distributed in Xorux 2.41. They do not correctly verify the integrity of an upgrade package before processing it. As a result, official upgrade packages can be modified to inject an arbitrary Bash script that will be executed by...

Discover - Custom Bash Scripts Used To Automate Various Penetration Testing Tasks Including Recon, Scanning, Parsing, And Creating Malicious Payloads And Listeners With Metasploit

Custom bash scripts used to automate various penetration testing tasks including recon, scanning, parsing, and creating malicious payloads and listeners with Metasploit. For use with Kali Linux and the Penetration Testers Framework PTF. Lee Baird @discoverscripts Jay "L1ghtn1ng" Townsend...

CVE-2019-9146

Jamf Self Service 10.9.0 allows man-in-the-middle attackers to obtain a root shell by leveraging the "publish Bash shell scripts" feature to insert "/Applications/Utilities/Terminal app/Contents/MacOS/Terminal" into the TCP data stream...

Wildpwn - Unix Wildcard Attack Tool

Wildpwn is a Python UNIX wildcard attack tool that helps you generate attacks, based on a paper by Leon Juranic. It’s considered a fairly old-skool attack vector, but it still works quite often. First things first! Read: https://www.exploit-db.com/papers/33930/ Basic usage It goes something like...

Github Account of Gentoo Linux Hacked, Code Replaced With Malware

Downloaded anything from Gentoo's GitHub account yesterday? Consider those files compromised and dump them now—as an unknown group of hackers or an individual managed to gain access to the GitHub account of the Gentoo Linux distribution on Thursday and replaced the original source code with a...

New Research: Crypto-mining Drives Almost 90% of All Remote Code Execution Attacks

It’s early in 2018 and we have already witnessed one of the top contenders in this year’s web application attacks. Continuing the trend from the last months of 2017, crypto-mining malware is quickly becoming attackers’ favorite modus operandi. In December 2017, 88 percent of all remote code...

Highly Customizable Raspberry Pi USB Attack Platform: P4wnP1

P4wnP1 is a highly customizable USB attack platform, based on a low cost Raspberry Pi Zero or Raspberry Pi Zero W required for HID backdoor. Introduction the Windows LockPicker unlock Windows boxes with weak passwords, fully automated by attaching P4wnP1 the HID covert channel backdoor Get remote...

Kemp Load Master 7.1.16 - Multiple Vulnerabilities

Kemp Load Master version 7.1-16 suffers from code execution, cross site request forgery, cross site scripting, and denial of service vulnerabilities. Exploit Title: Kemp Load Master - Multiple Vulnerabilities RCE, CSRF, XSS, DoS Date: 01 April 2015 Author: Roberto Suggi Liverani Software Link:...

openSUSE Security Update : sysconfig (openSUSE-SU-2012:0242-1)

This update for sysconfig contains the following fixes : - sysconfig hook script for NetworkManager did not properly quote shell meta characters when processing ESSIDs. Specially crafted network names could therefore lead to execution of shell code CVE-2011-4182. - Explicitly disabled posix mode ...

openSUSE Security Update : sysconfig (openSUSE-2012-74)

Fixed to quote config / interface variables in ifservices script and cleaned up content of the ESSID which gets appended to them by NetworkManager dispatcher hook bnc735394, CVE-2011-4182. Fixed also to return proper exit code 0 in NM dispatcher hooks. - Changed to call ip addr flush in ifdown,...

ZeroShell Code Execution

======================================================================== ZeroShell /cgi-bin/kerbynet?Section=NoAuthREQ&Action=x509List&type=user The parameter "type" is used to distinguish between users, CA and host certificates. Unfortunately, this parameter is passed to the following code wi...

sudo -- privilege escalation with bash scripts

A Sudo Security Alerts reports: A flaw in exists in sudo's environment sanitizing prior to sudo version 1.6.8p2 that could allow a malicious user with permission to run a shell script that utilized the bash shell to run arbitrary commands...