Improper access control

An Incorrect Access Control vulnerability was found in Wikimedia MediaWiki 1.18.0 through 1.32.1. It is possible to bypass the limits on IP range blocks $wgBlockCIDRLimit by using the API. Fixed in 1.32.2, 1.31.2, 1.30.2 and 1.27.6...

CVE-2019-12472

An Incorrect Access Control vulnerability was found in Wikimedia MediaWiki 1.18.0 through 1.32.1. It is possible to bypass the limits on IP range blocks $wgBlockCIDRLimit by using the API. Fixed in 1.32.2, 1.31.2, 1.30.2 and 1.27.6...

CVE-2019-12472

MediaWiki 1.18.0–1.32.1 contains an Incorrect Access Control vulnerability that allows bypassing IP range block limits ($wgBlockCIDRLimit) via the API. This can enable abuse of block controls that should restrict large CIDR blocks. The issue is fixed in versions 1.32.2, 1.31.2, 1.30.2, and 1.27.6...

CVE-2019-12472

An Incorrect Access Control vulnerability was found in Wikimedia MediaWiki 1.18.0 through 1.32.1. It is possible to bypass the limits on IP range blocks $wgBlockCIDRLimit by using the API. Fixed in 1.32.2, 1.31.2, 1.30.2 and 1.27.6...

FreeBSD : mediawiki -- multiple vulnerabilities (3c5a4fe0-9ebb-11e9-9169-fcaa147e860e)

MediaWiki reports : Security fixes : T197279, CVE-2019-12468: Directly POSTing to Special:ChangeEmail would allow for bypassing reauthentication, allowing for potential account takeover. T204729, CVE-2019-12473: Passing invalid titles to the API could cause a DoS by querying the entire watchlist...

Forbid blocking IP ranges as big as /1 and /2, as done on ruwikiquote using the API

More info at https://phabricator.wikimedia.org/T199540...

mediawiki -- multiple vulnerabilities

Mediawiki reports: Security fixes: T197279, CVE-2019-12468: Directly POSTing to Special:ChangeEmail would allow for bypassing reauthentication, allowing for potential account takeover. T204729, CVE-2019-12473: Passing invalid titles to the API could cause a DoS by querying the entire watchlist...

Rpi-Hunter - Automate Discovering And Dropping Payloads On LAN Raspberry Pi's Via SSH

Automate discovering and dropping payloads on LAN Raspberry Pi's via ssh. rpi-hunter is useful when there are multiple Raspberry Pi's on your LAN with default or known credentials, in order to automate sending commands/payloads to them. GUIDE: Installation 1. Install dependencies: sudo pip instal...

CertCrunchy - Just A Silly Recon Tool That Uses Data From SSL Certificates To Find Potential Host Names

It just a silly python script that either retrieves SSL Certificate based data from online sources, currently https://crt.sh/, https://certdb.com/, https://sslmate.com/certspotter/ and https://censys.io or given a IP range it will attempt to extract host information from SSL Certificates. If you...

CVE-2018-14858

An SSRF vulnerability was discovered in idreamsoft iCMS before V7.0.11 because the remote function in app/spider/spidertools.class.php does not block private and reserved IP addresses such as 10.0.0.0/8. NOTE: this vulnerability exists because of an incomplete fix for CVE-2018-14514...

Leviathan - Wide Range Mass Audit Toolkit

Leviathan is a mass audit toolkit which has wide range service discovery, brute force, SQL injection detection and running custom exploit capabilities. It consists open source tools such masscan, ncrack, dsss and gives you the flexibility of using them with a combination. The main goal of this...

iptodomain - This tool extract domains from IP address based in the information saved in virustotal

This tool allows you to extract domains from a IP range, using the historic information archived in Virustotalusing API key. It is usefull if you want to know what domains are behind of this IP address, for example in bug bounty programs one of the first steps is to extract subdomains, this tool...

Tools recommended: Scanner Routerhunter, the router vulnerability scanner-vulnerability warning-the black bar safety net

! 0×0 0 Preface We will introduce a Automatic mining router vulnerability test tools, it can be automated on the Internet a wide range of search contains a vulnerability in the routing test, further confirmed these vulnerabilities, which relates to the D-link multiple router. The tool is using...

Ruby on Rails 4.0.x/4.1.x/4.2.x (Web Console v2) - Whitelist Bypass Code Execution (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'Ruby on Rails Web Console v2 Whitelist Bypass Code Execution', 'Description' = %q This module exploits an IP whitelist bypass...

Apache-+-PHP-5.x

quick'n'dirty VERY UGLYY C=000DEEE IZ N0T MY STYLE : - for connect back shell start netcat/nc and bind port on given host:port - is ip-range scanner not is multithreaded, but iz multithreaded iz in random scanner and is scanner from file greets to MustLive - no ssl support - more php paths can be...

Hostscan - PHP tool for scanning specific range of hosts

Hostscan is a php tool which allows you to scan specific range of hosts, mostly for information gathering and testing for weak passwords. I guess it's a pentest tool, i'd created it to automate some tests that i often do. Since it's PHP, it works quite slowly compared to client-side soft. How it...

[Resolver v1.0.9] The reverse/bruteforce DNS lookup

Resolver is a windows based tool which designed to preform a reverse DNS Lookup for a given IP address or for a range of IP’s in order to find its PTR. Updated to Version 1.0.3 added dns records brute force. Resolver features: Resolve a Single IP Resolve an IP Range Resolve IP’s provided in a tex...

[Resolver 1.0.9] Reverse DNS Lookup for a range of IP’s

Resolver is a windows based tool which designed to preform a reverse DNS Lookup for a given IP address or for a range of IP’s in order to find its PTR. Updated to Version 1.0.3 added dns records brute force. Version 1.0.4 added stop button. Features Resolve a single IP address Resolve a C class I...

PT-2012-1920 · Moodle · Moodle

Name of the Vulnerable Software and Affected Versions: Moodle versions 1.9.x through 1.9.14 Description: The issue concerns the ip in range function in mnet/lib.php, which incorrectly handles data types. This allows remote attackers to bypass intended IP address restrictions by sending an XMLRPC...

dns-zeustracker NSE Script

Checks if the target IP range is part of a Zeus botnet by querying ZTDNS @ abuse.ch. Please review the following information before you start to scan: Example Usage nmap -sn -PN --script=dns-zeustracker Script Output Host script results: | dns-zeustracker: | Name IP SBL ASN Country Status Level...