Aiven Ltd: Kafka Connect RCE via connector SASL JAAS JndiLoginModule configuration

Summary: When configuring the connector via the Aiven API or the Kafka Connect REST API, the attacker can set the database.history.producer.sasl.jaas.config connector property for the io.debezium.connector.mysql.MySqlConnector connector. This is likely true for other debezium connectors too. By...

Exploit for Code Injection in Vmware Spring_Framework

CVE-2022-22965 poc CVE-2022-22965 poc including reverse-shell...

Exploit for Code Injection in Vmware Spring_Cloud_Function

CVE-2022-22963 CVE-2022-22963 PoC Slight modified for Englis...

Exploit for Code Injection in Vmware Spring_Cloud_Function

CVE-2022-22963 CVE-2022-22963 Spring-Cloud-Function-SpELRCE漏...

LAZYPARIAH - A Tool For Generating Reverse Shell Payloads On The Fly

A low-dependency command-line tool for generating reverse shell payloads on the fly. Description LAZYPARIAH is a simple and easily installable command-line tool written in pure Ruby that can be used during penetration tests and capture-the-flag CTF competitions to generate a range of reverse shel...

Tdarr 2.00.15 Command Injection

Exploit Title: Tdarr 2.00.15 - Command Injection Date: 10/03/2022 Exploit Author: Sam Smith Vendor Homepage: https://tdarr.io Software Link: https://f000.backblazeb2.com/file/tdarrs/versions/2.00.15/linuxarm64/TdarrServer.zip Version: 2.00.15 likely also older versions Tested on: 2.00.15 Exploit:...

Windows Encrypted Reverse Shell

Connect back to attacker and spawn an encrypted command shell Module Options msf use payload/windows/x64/encryptedshellreversetcp msf payloadencryptedshellreversetcp show actions ...actions... msf payloadencryptedshellreversetcp set ACTION msf payloadencryptedshellreversetcp show options ...show...

Exploit for OS Command Injection in Gitea

CVE-2020-14144 - GiTea authenticated RCE A script to explo...

Exploit for Expression Language Injection in Vmware Spring_Cloud_Gateway

CVE-2022-22947-Spring-Cloud-Gateway-SpelRCE Overview of CVE...

Exploit for Improper Access Control in Webmin

Webmin-CVE-2022-0824-revshell Vulnerability Description...

WebHMI 4.1.1 Remote Code Execution Exploit

Exploit Title: WebHMI 4.1.1 - Remote Code Execution RCE Authenticated Exploit Author: Antonio Cuomo arkantolo Vendor Homepage: https://webhmi.com.ua/en/ Version: WebHMI 4.1.1.7662 Tested on: WebHMI-4.1.1.7662 !/usr/bin/python import sys import re import argparse import requests import time import...

Exploit for Code Injection in Exiftool_Project Exiftool

CVE-2021-22204-exiftool Python exploit for the CVE-2021-22204...

Exploit for Code Injection in Exiftool_Project Exiftool

CVE-2021-22204-exiftool Python exploit for the CVE-2021-22204...

Exploit for Code Injection in Exiftool_Project Exiftool

CVE-2021-22204-exiftool Python exploit for the CVE-2021-22204...

Nagios XI Autodiscovery Shell Upload

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Nagios XI Autodiscovery Webshell Upload', 'Description' = %q This module exploits a path traversal issue in Nagios XI before version 5.8.5...

Nagios XI Autodiscovery Webshell Upload

This module exploits a path traversal issue in Nagios XI before version 5.8.5 CVE-2021-37343. The path traversal allows a remote and authenticated administrator to upload a PHP web shell and execute code as www-data. The module achieves this by creating an autodiscovery job with an id field...

Exploit for Code Injection in Cisco Adaptive_Security_Device_Manager

staystaystay staystaystay is a proof of concept exploit for...

Wing FTP Server 4.3.8 - Remote Code Execution (Authenticated) Exploit

Exploit Title: Wing FTP Server 4.3.8 - Remote Code Execution RCE Authenticated Exploit Author: notcos Credit: Credit goes to the initial discoverer of this exploit, Alex Haynes. Vendor Homepage: https://www.wftpserver.com/ Software Link: https://www.wftpserver.com/download/WingFtpServer.exe...

Wing FTP Server 4.3.8 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: Wing FTP Server - Authenticated RCE Date: 02/06/2022 Exploit Author: notcos Credit: Credit goes to the initial discoverer of this exploit, Alex Haynes. Vendor Homepage: https://www.wftpserver.com/ Software Link: https://www.wftpserver.com/download/WingFtpServer.exe Version: " %...

Exploit for CVE-2021-1675

PrintNightmare Local Privilege Escalation PoC src/nightmare...