Lucene search
K

11 matches found

ATTACKERKB
ATTACKERKB
added 2026/02/26 10:59 p.m.4 views

CVE-2026-28279

osctrl is an osquery management solution. Prior to version 0.5.0, an OS command injection vulnerability exists in the osctrl-admin environment configuration. An authenticated administrator can inject arbitrary shell commands via the hostname parameter when creating or editing environments. These...

8.4CVSS8AI score0.009EPSS
Exploits0References4Affected Software1
Packet Storm
Packet Storm
added 2026/01/21 12:0 a.m.142 views

📄 Metasploit Web Delivery PHP Proof of Concept

This project presents an advanced proof of concept that emulates the behavior of Metasploit's multi/script/webdelivery module using PHP. The goal is to demonstrate how script-based payload delivery works in a modular and extensible way, without relying directly on Metasploit. The script launches ...

6.4AI score
Exploits0
Gitee
Gitee
added 2025/07/27 3:33 a.m.158 views

awesome-oneliner-bugbounty

This repository is an offensive tool for bug bounty hunting. It contains a collection of one-liner scripts for identifying vulnerabilities, particularly for bug bounty tips. The primary CVE ID present in the context is not explicitly mentioned, but the repository includes scripts for Local File...

7.2AI score
Exploits0
Kitploit
Kitploit
added 2022/09/14 11:30 a.m.53 views

SDomDiscover - A Easy-To-Use Python Tool To Perform DNS Recon

/ // \ / \ \ / / / / / / / / / / / / \ | / / / / / / // / // / / / / / / // / // // / |/ / / / ///// // ///////|/// A easy-to-use python tool to perform dns recon with multiple options Installation: It can be installed in any OS with python3 Manual installation git clone...

7.3AI score
Exploits0References1
GithubExploit
GithubExploit
added 2022/01/28 2:54 a.m.429 views

Exploit for Incomplete Cleanup in Linux Linux_Kernel

CVE-2021-4032-NoGCC Test in: Ubuntu 20...

7.8CVSS7.5AI score0.94921EPSS
Exploits152
GithubExploit
GithubExploit
added 2021/05/07 4:50 p.m.64 views

Exploit for Deserialization of Untrusted Data in Apache Ofbiz

CVE-2020-9496 - RCE Because the 2 xmlrpc related requets in we...

6.1CVSS7.6AI score0.98926EPSS
Exploits16
GithubExploit
GithubExploit
added 2021/04/30 6:55 a.m.673 views

Exploit for Deserialization of Untrusted Data in Apache Ofbiz

CVE-2020-9496 - RCE Because the 2 xmlrpc related requets in we...

6.1CVSS7.5AI score0.98926EPSS
Exploits16
Pen Test Partners Blog
Pen Test Partners Blog
added 2019/09/18 10:43 a.m.87 views

How to: Kerberoast like a boss

Kerberoasting: by default, all standard domain users can request a copy of all service accounts along with their correlating password hashes. Crack these and you could have administrative privileges. But that’s so 2014. Why write a blog post about this in 2019 then? It still works well, yet there...

7AI score
Exploits0
Kitploit
Kitploit
added 2018/11/07 12:49 p.m.30 views

Armor - Tool Designed To Create Encrypted macOS Payloads Capable Of Evading Antivirus Scanners

Armor is a simple Bash script designed to create encrypted macOS payloads capable of evading antivirus scanners. Below is an example gif of Armor being used with a simple Netcat payload. A Netcat listener is started on port 4444. The "payload.txt" file is read and shown to contain a simple Bash...

7.5AI score
Exploits0References1
seebug.org
seebug.org
added 2015/01/05 12:0 a.m.24 views

云锁最新版1.3.145绕过webshell检测

简要描述: webshell检测绕过 详细说明: 一句话马+大马绕过检测 漏洞证明: 1.一句话木马,单纯用这种方式肯定会被检测到,我们采用这种方式: 结果发现只有一开始说的那种文件被检测到: 2.大马,采用base64+gzinflate压缩编码,大马文件如下: ?php function CLsI$ZzvSWE $ZzvSWE=gzinflatebase64decode$ZzvSWE; for$i=0;$istrlen$ZzvSWE;$i++ $ZzvSWE$i = chrord$ZzvSWE$i-1; return $ZzvSWE;...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2013/03/29 12:0 a.m.31 views

ECSHOP网站程序可以绕过权限上传一句话木马

简要描述: 可以绕过权限上传一句话木马 详细说明: 前台留个言,内容是我们的一句话木马: 接着在后台系统==数据库管理==数据备份==选择自定义备份,选择ecsfeedback这张表(存放留言的表) 备份文件名:xxx.php;.sql 这种格式来备份 提示成功了。 漏洞证明: img src="https://images.seebug.org/upload/201303/2823440078ad987d1e1...

7.1AI score
Exploits0
Rows per page
Query Builder