Karkinos - Penetration Testing And Hacking CTF's Swiss Army Knife With: Reverse Shell Handling - Encoding/Decoding - Encryption/Decryption - Cracking Hashes / Hashing

Karkinos is a light-weight 'Swiss Army Knife' for penetration testing and/or hacking CTF's. Currently, Karkinos offers the following: Encoding/Decoding characters Encrypting/Decrypting text or files Reverse shell handling Cracking and generating hashes Dependancies Any server capable of hosting...

OPENSUSE-SU-2020:2152-1 Security update for python3

This update for python3 fixes the following issues: Update to 3.6.12 bsc1179193, including: - Fixed a directory traversal in downloadhttpurl bsc1176262 CVE-2019-20916 This update was imported from the SUSE:SLE-15:Update update project...

Exploit for Use After Free in Microsoft

Mass-scanner-for-CVE-2019-0708-RDP-RCE-Exploit This script i...

Security update for python3 (important)

openSUSE Security Update: Security update for python3 Announcement ID: openSUSE-SU-2020:2152-1 Rating: important References: 1176262 1179193 Cross-References: CVE-2019-20916 Affected Products: openSUSE Leap 15.2 An update that solves one vulnerability and has one errata is now available...

SUSE-SU-2020:3596-1 Security update for python3

This update for python3 fixes the following issues: - Fixed a directory traversal in downloadhttpurl bsc1176262 CVE-2019-20916...

SUSE-SU-2020:3593-1 Security update for python3

This update for python3 fixes the following issues: Update to 3.6.12 bsc1179193, including: - Fixed a directory traversal in downloadhttpurl bsc1176262 CVE-2019-20916...

CVE-2012-0955

software-properties was vulnerable to a person-in-the-middle attack due to incorrect TLS certificate validation in softwareproperties/ppa.py. software-properties didn't check TLS certificates under python2 and only checked certificates under python3 if a valid certificate bundle was provided. Fix...

CVE-2012-0955

CVE-2012-0955 affects the Ubuntu software-properties component, where TLS certificate validation was incorrect in softwareproperties/ppa.py. It did not consistently validate TLS certificates under Python 2 and only validated under Python 3 if a valid bundle was provided. This led to potential MIT...

CVE-2012-0955 software-properties incorrectly validated TLS certificates

software-properties was vulnerable to a person-in-the-middle attack due to incorrect TLS certificate validation in softwareproperties/ppa.py. software-properties didn't check TLS certificates under python2 and only checked certificates under python3 if a valid certificate bundle was provided. Fix...

WonderCMS 3.1.3 Remote Code Execution

Exploit Title: WonderCMS 3.1.3 - Authenticated Remote Code Execution Date: 2020-11-27 Exploit Author: zetc0de Vendor Homepage: https://www.wondercms.com/ Software Link: https://github.com/robiso/wondercms/releases/download/3.1.3/WonderCMS-3.1.3.zip Version: 3.1.3 Tested on: Ubuntu 16.04 CVE : N/A...

OnionSearch - A Script That Scrapes Urls On Different .Onion Search Engines

OnionSearch is a Python3 script that scrapes urls on different ".onion" search engines. Prerequisite Python 3  Currently supported Search engines ahmia darksearchio onionland notevil darksearchenginer phobos onionsearchserver torgle onionsearchengine tordex tor66 tormax haystack multivac evosear...

Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2020-2489)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP9 : python3 (EulerOS-SA-2020-2502)

According to the version of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In Python 3 through 3.9.0, the Lib/test/multibytecodecsupport.py CJK codec tests call eval on content retrieved via HTTP.CVE-2020-27619 Note that...

Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2020-2502)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP9 : python3 (EulerOS-SA-2020-2489)

According to the version of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In Python 3 through 3.9.0, the Lib/test/multibytecodecsupport.py CJK codec tests call eval on content retrieved via HTTP.CVE-2020-27619 Note that...

CVE-2020-27619 affecting package python3 3.7.9-4

CVE-2020-27619 affecting package python3 3.7.9-4. A patched version of the package is available...

Intelbras Router RF 301K 1.1.2 Authentication Bypass

Exploit Title: Intelbras Router RF 301K 1.1.2 - Authentication Bypass Date: 27/11/2020 Exploit Author: Kaio Amaral Vendor Homepage: https://www.intelbras.com/pt-br/ Software Link: http://backend.intelbras.com/sites/default/files/2020-10/RF301Kv1.1.2.zip Version: firmware version 1.1.2 Tested on:...

YATinyWinFTP - Denial of Service Exploit

Exploit Title: YATinyWinFTP - Denial of Service PoC Google Dork: None Exploit Author: strider Vendor Homepage: https://github.com/ik80/YATinyWinFTP Software Link: https://github.com/ik80/YATinyWinFTP Tested on: Windows 10 ------------------------------Description---------------------------------...

ATX MiniCMTS200a Broadband Gateway 2.0 - Credential Disclosure

Exploit Title: ATX MiniCMTS200a Broadband Gateway 2.0 - Credential Disclosure Date: 2020-11-20 Exploit Author: Zagros Bingol Vendor Homepage: http://www.atx.com Software Link: https://atx.com/products/commercial-services-gateways/minicmts200a-broadband-gateway/ Version: 2.0 and earlier Tested on:...

Rejetto HttpFileServer 2.3.x - Remote Command Execution (3)

Exploit Title: Rejetto HttpFileServer 2.3.x - Remote Command Execution 3 Google Dork: intext:"httpfileserver 2.3" Date: 28-11-2020 Remote: Yes Exploit Author: Óscar Andreu Vendor Homepage: http://rejetto.com/ Software Link: http://sourceforge.net/projects/hfs/ Version: 2.3.x Tested on: Windows...