fastjson-remote-code-execute-poc

This is a Java-based proof-of-concept PoC exploit for a remote code execution RCE vulnerability in the FastJSON library, version 1.2.24. The exploit is designed to be used with IntelliJ IDEA, a popular integrated development environment IDE for Java development. The exploit consists of two main...

CVE-2025-0402 1902756969 reggie CommonController.java upload unrestricted upload

A vulnerability classified as critical was found in 1902756969 reggie 1.0. Affected by this vulnerability is the function upload of the file src/main/java/com/itheima/reggie/controller/CommonController.java. The manipulation of the argument file leads to unrestricted upload. The attack can be...

H2 Database 1.4.196 - Remote Code Execution

H2 Database 1.4.196 - Remote Code Execution Exploit Title: H2 Database 1.4.196 - Remote Code Execution Google Dork: N/A Date: 2018-09-24 Exploit Author: h4ckNinja Vendor Homepage: https://www.h2database.com/ Software Link: http://www.h2database.com/h2-2018-03-18.zip Version: 1.4.196 and 1.4.197...

Operation Dragonfly Analysis Suggests Links to Earlier Attacks

ARCHIVED STORY Operation Dragonfly Analysis Suggests Links to Earlier Attacks By Trellix · December 17, 2017 On September 6, Symantec published details of the Dragonfly campaign, which targeted dozens of energy companies throughout 2017. This attack was effectively Dragonfly 2.0, an update to a...

GongDa vs. Korean News

On Jan. 27, we observed visitors to a Korean news site being redirected to the GongDa Exploit Kit EK, potentially exposing them to malware infection. We will be referring to this site as KNS. GongDa is an exploit kit that can compromise vulnerable endpoints by use of exploits, allowing harmful...

Thunderstrike 2 Mac OS X Firmware Worm

A new attack against Intel firmware running in Apple computers is expected to be unveiled at this week’s Black Hat conference. The research is an extension of the Thunderstrike Mac OS X firmware bootkit disclosed this spring that enables the undetectable installation of malicious firmware that...

JBoss JMXInvokerServlet JMXInvoker 0.3 remote command execution vulnerability-vulnerability warning-the black bar safety net

/ JBoss JMXInvokerServlet Remote Command Execution JMXInvoker.java v0. 3 - Luca Carettoni @ikki This code exploits a common misconfiguration in the JBoss Application Server 4. x, 5. x, .... Whenever the JMX Invoker is exposed with the default configuration, a malicious "MarshalledInvocation"...

JBoss JMXInvokerServlet JMXInvoker 0.3 - Remote Command Execution

/ JBoss JMXInvokerServlet Remote Command Execution JMXInvoker.java v0.3 - Luca Carettoni @ikki This code exploits a common misconfiguration in JBoss Application Server 4.x, 5.x, .... Whenever the JMX Invoker is exposed with the default configuration, a malicious "MarshalledInvocation" serialized...

PwnStar - Script for multi attack (for all your fake-AP needs!)

A bash script to launch a Soft AP, configurable with a wide variety of attack options. Includes a number of index.html and server php scripts, for sniffing/phishing. Can act as multi-client captive portal using php and iptables. Launches classic exploits such as evil-PDF. De-auth with aireplay,...

AskMen Purportedly Compromised by Nuclear Pack Kit

Users who visit AskMen.com, a men’s entertainment and lifestyle portal, are being hit with malicious code, potentially stemming from the Nuclear Pack exploit kit, researchers announced today. When a user stumbles across the site – or a localized version aus.askmen.com, etc. of it – malicious code...

IE Zero Day Exploits Increase Just Before Patch

Attackers have increased their exploitation of an Internet Explorer zero day vulnerability CVE-2014-0322 set to be fixed by Microsoft in its regularly scheduled patch Tuesday release later this afternoon. According to a Websense report, the exploit source code deployed in at least two incidents –...

Hasbro Serving Drive-By Download Malware Attack

Hasbro.com, a leading toy and game distributor in the United States, is infected and serving malware to visitors of the site. Researchers at Barracuda Networks said the site remained infected as of this morning and Hasbro has not responded to an email from the security firm disclosing the issue...

NetTraveler Now Using Java Exploits, Watering Hole Attacks

When NetTravler was unveiled in June, Costin Raiu of Kaspersky Lab warned that the espionage campaign was an “ugly gorilla with a thousand faces” and that we hadn’t seen them all yet. A little more than two months later, another profile of the malware targeting activists, diplomats, government...

NBC Website Hacked, Leading Visitors to Citadel Banking Malware

Another day, another media company hacked. This time it’s NBC which has fallen to victim hackers on the heels of compromises of the New York Times and Wall Street Journal websites. Various experts have confirmed that NBC’s website is compromised and leading visitors to the dangerous Citadel banki...

Apple Breached by Facebook Hackers Using Java Exploit

Apple is the latest major American company to enter the security confessional and disclose it has been breached. The company told Reuters today it was attacked by the same crew that hit Facebook, which disclosed its breach last Friday, and that like the social media giant, no data had been stolen...

Facebook Says Employee Laptops Compromised in 'Sophisticated' Attack

Laptops belonging to several Facebook employees were compromised recently and infected with malware that the company said was installed through the use of a Java zero-day exploit that bypassed the software’s sandbox. Facebook claims that no user data was affected by the attack and says that it ha...

New Java exploit sells for $5000 on Black market

We continues to recommend users disable the Java program in their Web browsers, because it remains vulnerable to attacks that could result in identity theft and other cyber crimes and less than 24 hours after Oracle Sunday released a security update that addresses two critical zero-day...

Java Exploit Linked to Red October Espionage Malware Campaign

Red October, the espionage campaign uncovered by Kaspersky Lab this week after attackers spent five years actively spying on diplomats, scientists, and governments worldwide, is using a Java exploit to infect its victims, bringing the exploit count to four in this campaign. Seculert, an Israeli...

ADP-Themed Phishing Emails Lead to Blackhole Sites

Scammers are spamming out malicious emails purporting to come from payroll processing company ADP, according Dancho Danchev of Webroot. The emails arrive under the subject line “ADP Immediate Notifications” and contain links to compromised websites hosting the latest iteration of the Blackhole...

Gong Da Exploit Kit Bundling Numerous Java Attacks

Don’t expect any relief from the current assault on Java. A new sandbox-escape exploit targeting a vulnerability in the Java Runtime Environment has been integrated into both the Black Hole and Gong Da exploit kits, setting the stage for additional attacks, researchers said. The exploit was...