HTTP-Shell - MultiPlatform HTTP Reverse Shell

HTTP-Shell is Multiplatform Reverse Shell. This tool helps you to obtain a shell-like interface on a reverse connection over HTTP. Unlike other reverse shells, the main goal of the tool is to use it in conjunction with Microsoft Dev Tunnels, in order to get a connection as close as possible to a...

Exploit for Code Injection in Apache Commons_Text

Quickstart bash sudo apt install golang To run like...

Exploit for Code Injection in Apache Commons_Text

Quickstart bash sudo apt install golang To run like...

Exploit for Code Injection in Apache Commons_Text

Quickstart bash sudo apt install golang To run like...

Wp2Fac - OS Command Injection

Exploit Title: Wp2Fac v1.0 - OS Command Injection Date: 2023-08-27 Exploit Author: Ahmet Ümit BAYRAM Vendor: https://github.com/metinyesil/wp2fac Tested on: Kali Linux & Windows 11 CVE: N/A import requests def sendpostrequesthost, revshell: url = f'http://host/send.php' headers = 'User-Agent':...

Mirai Botnet Variant 'Pandora' Hijacks Android TVs for Cyberattacks

A Mirai botnet variant called Pandora has been observed infiltrating inexpensive Android-based TV sets and TV boxes and using them as part of a botnet to perform distributed denial-of-service DDoS attacks. Doctor Web said the compromises are likely to occur either during malicious firmware update...

Exploit for Insufficient Verification of Data Authenticity in Rarlab Winrar

CVE-2023-38831 En este caso, os comparto los archivos necesar...

GOM Player 2.3.90.5360 MITM / Remote Code Execution Exploit

GOM Player version 2.3.90.5360 man-in-the-middle proof of concept remote code execution exploit. Exploit Title: GOM Player 2.3.90.5360 - Remote Code Execution RCE Author: M. Akil Gündoğan Contact: https://twitter.com/akilgundogan Vendor Homepage: https://www.gomlab.com/gomplayer-media-player/...

Exploit for Insufficient Verification of Data Authenticity in Rarlab Winrar

CVE-2023-38831-winrar-expoit-simple-Poc Very important I h...

Exploit for Insufficient Verification of Data Authenticity in Rarlab Winrar

CVE-2023-38831-winrar-expoit-simple-Poc Very important I h...

Exploit for Insufficient Verification of Data Authenticity in Rarlab Winrar

OBTENCIÓN DE REVERSE SHELL EXPLOTANDO LA VULNERABILIDAD CVE-20...

Exploit for Insufficient Verification of Data Authenticity in Rarlab Winrar

OBTENCIÓN DE REVERSE SHELL EXPLOTANDO LA VULNERABILIDAD CVE-20...

Exploit for Improper Privilege Management in Openwebanalytics Open_Web_Analytics

CVE-2022-24637 Open Web Analytics 1.7.3 - Remote Code Executio...

Reptile Rootkit Targets Linux Systems in South Korea

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Reptile, an open-source Linux rootkit, goes beyond concealment, offering attackers a reverse shell and utilizing Port Knocking for control; observed in attacks including Chinese groups exploiting...

TP-Link Archer AX21 - Unauthenticated Command Injection Exploit

!/usr/bin/python3 Exploit Title: TP-Link Archer AX21 - Unauthenticated Command Injection Date: 07/25/2023 Exploit Author: Voyag3r https://github.com/Voyag3r-Security Vendor Homepage: https://www.tp-link.com/us/ Version: TP-Link Archer AX21 AX1800 firmware versions before 1.1.4 Build 20230219...

TP-Link Archer AX21 - Unauthenticated Command Injection

!/usr/bin/python3 Exploit Title: TP-Link Archer AX21 - Unauthenticated Command Injection Date: 07/25/2023 Exploit Author: Voyag3r https://github.com/Voyag3r-Security Vendor Homepage: https://www.tp-link.com/us/ Version: TP-Link Archer AX21 AX1800 firmware versions before 1.1.4 Build 20230219...

Exploit for Improper Input Validation in Lexmark Cxtpc_Firmware

CVE-2023-34362 POCs for credential dumping, reverse shells, an...

New SkidMap Linux Malware Variant Targeting Vulnerable Redis Servers

Vulnerable Redis services have been targeted by a "new, improved, dangerous" variant of a malware called SkidMap that's engineered to target a wide range of Linux distributions. "The malicious nature of this malware is to adapt to the system on which it is executed," Trustwave security researcher...

Exploit for Server-Side Request Forgery in Rbaskets Request_Baskets

Automatic Exploit Summary The following exploit abuses...

Reptile Rootkit: Advanced Linux Malware Targeting South Korean Systems

Threat actors are using an open-source rootkit called Reptile to target Linux systems in South Korea. "Unlike other rootkit malware that typically only provide concealment capabilities, Reptile goes a step further by offering a reverse shell, allowing threat actors to easily take control of...