22 matches found
Targeted attack on industrial enterprises and public institutions
In January 2022, Kaspersky ICS CERT experts detected a wave of targeted attacks on military industrial complex enterprises and public institutions in several countries. In the course of our research, we were able to identify over a dozen of attacked organizations. The attack targeted industrial...
CVE-2019-1010268
Ladon since 0.6.1 since ebef0aae48af78c159b6fce81bc6f5e7e0ddb059 is affected by: XML External Entity XXE. The impact is: Information Disclosure, reading files and reaching internal network endpoints. The component is: SOAP request handlers. For instance:...
Exploit for Path Traversal in Microsoft
〖EXP〗Ladon CVE-2021-40444 Office Vulnerability Reimplementatio...
Exploit for CVE-2021-1675
〖EXP〗 Ladon Printer Vulnerability Exploitation – CVE-2021-1675...
Exploit for Improper Null Termination in Php
Ladon POC Moudle CVE-2019-11043 PHP-FPM + Ngnix 漏洞简介 PHP-FPM 远程代码执行漏洞CVE-2019-11043 在长亭科技举办的 Real World CTF 中,国外安全研究员 Andrew Danau 在解决一道 CTF 题目时发现,向目标服务器 URL 发送 %0a 符号时,服务返回异常,疑似存在漏洞。 在使用一些有错误的Nginx配置的情况下,通过恶意构造的数据包,即可让PHP-FPM执行任意代码。 Example 和Ladon.exe放在同一目录,即可对C段或url.txt进行批量检测 bash Ladon...
Exploit for CVE-2013-0422
K8tools 20191130 声明: 工具仅供安全研究或授权渗透,非法用途后果自负。 下载: https://github.com/k8gege/K8tools PS: 不定期更新,文件比较大,可按需下载。工具有BUG或建议可直接Github上留言 提权工具均可在远控Cmd或WebShell运行,大部份经过修改编译兼容性稳定性更好 注意:不保证永久有效,喜欢自行保存。 综合工具 + 扫描工具 Ladon 5.7 大型内网渗透扫描神器内置40个功能,支持Cobalt Strike + 扫描工具 K8Cscan5.4 大型内网渗透扫描器内置30个功能,支持Cobalt Strike +...
Exploit for CVE-2018-2894
Ladon Scanner for Python !Authorhttps://img.shields.io/bad...
Exploit for Out-of-bounds Write in Php
Ladon POC Moudle CVE-2019-11043 PHP-FPM + Ngnix Vulner...
Improper Restriction of XML External Entity Reference in ladon
Ladon since 0.6.1 since ebef0aae48af78c159b6fce81bc6f5e7e0ddb059 is affected by: XML External Entity XXE. The impact is: Information Disclosure, reading files and reaching internal network endpoints. The component is: SOAP request handlers. For instance:...
GHSA-VG35-VC9F-Q7X2 Improper Restriction of XML External Entity Reference in ladon
Ladon since 0.6.1 since ebef0aae48af78c159b6fce81bc6f5e7e0ddb059 is affected by: XML External Entity XXE. The impact is: Information Disclosure, reading files and reaching internal network endpoints. The component is: SOAP request handlers. For instance:...
XML External Entity (XXE)
ladon is vulnerable to XML external entity. Attackers who can send SOAP messages to the Ladon webservice via the HTTP interface can exploit the ulnerability to read local files, forge server side requests or crash the application...
CVE-2019-1010268
Ladon since 0.6.1 since ebef0aae48af78c159b6fce81bc6f5e7e0ddb059 is affected by: XML External Entity XXE. The impact is: Information Disclosure, reading files and reaching internal network endpoints. The component is: SOAP request handlers. For instance:...
CVE-2019-1010268
Ladon since 0.6.1 since ebef0aae48af78c159b6fce81bc6f5e7e0ddb059 is affected by: XML External Entity XXE. The impact is: Information Disclosure, reading files and reaching internal network endpoints. The component is: SOAP request handlers. For instance:...
PYSEC-2019-184
Ladon since 0.6.1 since ebef0aae48af78c159b6fce81bc6f5e7e0ddb059 is affected by: XML External Entity XXE. The impact is: Information Disclosure, reading files and reaching internal network endpoints. The component is: SOAP request handlers. For instance:...
PYSEC-2019-184
Ladon since 0.6.1 since ebef0aae48af78c159b6fce81bc6f5e7e0ddb059 is affected by: XML External Entity XXE. The impact is: Information Disclosure, reading files and reaching internal network endpoints. The component is: SOAP request handlers. For instance:...
Xxe
Ladon since 0.6.1 since ebef0aae48af78c159b6fce81bc6f5e7e0ddb059 is affected by: XML External Entity XXE. The impact is: Information Disclosure, reading files and reaching internal network endpoints. The component is: SOAP request handlers. For instance:...
CVE-2019-1010268
Ladon since 0.6.1 since ebef0aae48af78c159b6fce81bc6f5e7e0ddb059 is affected by: XML External Entity XXE. The impact is: Information Disclosure, reading files and reaching internal network endpoints. The component is: SOAP request handlers. For instance:...
CVE-2019-1010268
CVE-2019-1010268 : Ladon (since 0.6.1) is affected by an XML External Entity (XXE) vulnerability in SOAP request handlers. The attack vector is a specially crafted SOAP call, leading to information disclosure, including local file reads and access to internal network endpoints. Affected component...
Ladon Framework For Python 0.9.40 XXE Injection Vulnerability
Attackers who can send SOAP messages to a Ladon webservice via the HTTP interface of the Ladon webservice can exploit an XML external entity expansion vulnerability and read local files, forge server side requests or overload the service with exponentially growing memory payloads. Versions 0.9.40...
Ladon Framework for Python 0.9.40 - XML External Entity Expansion
Ladon Framework for Python 0.9.40 - XML External Entity Expansion Advisory: XML External Entity Expansion in Ladon Webservice Attackers who can send SOAP messages to a Ladon webservice via the HTTP interface of the Ladon webservice can exploit an XML external entity expansion vulnerability and re...