OSCP

OSCP Hello world! This repo contain some of the scripts, exploits, and documents made during my OSCP journey. The list include but not limited to the following: LinuxPrivCheck.sh Yes, there are far better scripts out there, However this one has less output to go thru and it has colors. Think basi...

PrivEsc (Privilege Escalation) in Jira Core Data Center

Summary: This High severity PrivEsc Privilege Escalation vulnerability was introduced in versions 9.12.0, 10.3.0, 10.4.0, and 10.5.0 of Jira Core Data Center. This PrivEsc Privilege Escalation vulnerability, with a CVSS Score of 7.2, allows an attacker to perform actions as a higher-privileged...

RHEL 6 : pacemaker (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - pacemaker: Insufficient local IPC client-server authentication on the client's side can lead to local...

Linux-Smart-Enumeration - Linux Enumeration Tool For Pentesting And CTFs With Verbosity Levels

First, a couple of useful oneliners ; wget "https://github.com/diego-treitos/linux-smart-enumeration/releases/latest/download/lse.sh" -O lse.sh;chmod 700 lse.sh curl "https://github.com/diego-treitos/linux-smart-enumeration/releases/latest/download/lse.sh" -Lo lse.sh;chmod 700 lse.sh Note that...

RHEL 6 : pacemaker (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - pacemaker: Insufficient local IPC client-server authentication on the client's side can lead to local...

RHEL 8 / 9 : OpenShift Container Platform 4.12.24 (RHSA-2023:3976)

The remote Redhat Enterprise Linux 8 / 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:3976 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private clo...

RHEL 8 / 9 : OpenShift Container Platform 4.13.5 (RHSA-2023:4093)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:4093 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or...

RHEL 9 : Red Hat build of MicroShift 4.14.0 (RHSA-2023:5008)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:5008 advisory. Red Hat build of MicroShift is Red Hat's light-weight Kubernetes orchestration solution designed for edge device deployments and is built fr...

RHEL 8 : OpenShift Container Platform 4.11.34 (RHSA-2023:1503)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:1503 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud...

RHEL 7 / 8 : OpenShift Container Platform 4.10.67 (RHSA-2023:4898)

The remote Redhat Enterprise Linux 7 / 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:4898 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private clo...

New CherryLoader Malware Mimics CherryTree to Deploy PrivEsc Exploits

A new Go-based malware loader called CherryLoader has been discovered by threat hunters in the wild to deliver additional payloads onto compromised hosts for follow-on exploitation. Arctic Wolf Labs, which discovered the new attack tool in two recent intrusions, said the loader's icon and name...

Exploit for Out-of-bounds Write in Microsoft

CVE-2023-28252-Compiled-exe A modification of Fortra's excell...

CVE-2022-4318 Cri-o: /etc/passwd tampering privesc

A vulnerability was found in cri-o. This issue allows the addition of arbitrary lines into /etc/passwd by use of a specially crafted environment variable...

CVE-2023-1260 Kube-apiserver: privesc

An authentication bypass vulnerability was discovered in kube-apiserver. This issue could allow a remote, authenticated attacker who has been given permissions "update, patch" the "pods/ephemeralcontainers" subresource beyond what the default is. They would then need to create a new pod or patch...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.10.67 security update

Red Hat OpenShift Container Platform release 4.10.67 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.10. Red Hat Product Security has rated this update as having a...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.13.5 security update

Red Hat OpenShift Container Platform release 4.13.5 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a...

Exploit for CVE-2023-31497

EPScalate An elevation of privilege vulnerability in QuickHeal...

sudo 1.8.0 to 1.9.12p1 - Privilege Escalation

!/usr/bin/env bash Exploit Title: sudo 1.8.0 to 1.9.12p1 - Privilege Escalation Exploit Author: n3m1.sys CVE: CVE-2023-22809 Date: 2023/01/21 Vendor Homepage: https://www.sudo.ws/ Software Link: https://www.sudo.ws/dist/sudo-1.9.12p1.tar.gz Version: 1.8.0 to 1.9.12p1 Tested on: Ubuntu Server 22.0...

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.12.6 packages and security update

Red Hat OpenShift Container Platform release 4.12.6 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.12. Red Hat Product Security has rated this update as having a...

F5 Big-IP Create Admin User

This creates a local user with a username/password and root-level privileges. Note that a root-level account is not required to do this, which makes it a privilege escalation issue. Note that this is pretty noisy, since it creates a user account and creates log files and such. Additionally, most ...