7079 matches found
Python Exec, Python Meterpreter, Python Reverse TCP Stager with UUID Support
Execute a Python payload as an OS command from a Posix-compatible shell. Run a meterpreter server in Python compatible with 2.5-2.7 & 3.1+. Connect back to the attacker with UUID Support Module Options msf use payload/cmd/unix/python/meterpreter/reversetcpuuid msf payloadreversetcpuuid show actio...
Python Exec, Python Meterpreter Shell, Reverse TCP Inline
Execute a Python payload as an OS command from a Posix-compatible shell. Connect back to the attacker and spawn a Meterpreter shell Module Options msf use payload/cmd/unix/python/meterpreterreversetcp msf payloadmeterpreterreversetcp show actions ...actions... msf payloadmeterpreterreversetcp set...
Uncovering Trickbot’s use of IoT devices in command-and-control infrastructure
Trickbot, a sophisticated trojan that has evolved significantly since its discovery in 2016, has continually expanded its capabilities and, even with disruption efforts and news of its infrastructure going offline, it has managed to remain one of the most persistent threats in recent years. The...
CVE-2022-22348
IBM Spectrum Protect Operations Center 8.1.0.000 through 8.1.13.xxx is vulnerable to reverse tabnabbing where it could allow a page linked to from within Operations Center to rewrite it. An administrator could enter a link to a malicious URL that another administrator could then click. Once...
CVE-2022-22348
IBM Spectrum Protect Operations Center 8.1.0.000 through 8.1.13.xxx is vulnerable to reverse tabnabbing where it could allow a page linked to from within Operations Center to rewrite it. An administrator could enter a link to a malicious URL that another administrator could then click. Once...
Code injection
IBM Spectrum Protect Operations Center 8.1.0.000 through 8.1.13.xxx is vulnerable to reverse tabnabbing where it could allow a page linked to from within Operations Center to rewrite it. An administrator could enter a link to a malicious URL that another administrator could then click. Once...
CVE-2022-22348
IBM Spectrum Protect Operations Center 8.1.0.000 through 8.1.13.xxx is vulnerable to reverse tabnabbing where it could allow a page linked to from within Operations Center to rewrite it. An administrator could enter a link to a malicious URL that another administrator could then click. Once...
CVE-2022-22348
CVE-2022-22348 affects IBM Spectrum Protect Operations Center versions 8.1.0.000–8.1.13.xxx. The issue is reverse tabnabbing that enables a malicious page linked from within Operations Center to rewrite the original page, potentially leading to phishing. It coexists with a CSRF risk (CVE-2022-223...
Security Bulletin: Reverse Tabnabbing and Cross-Site Request Forgery vulnerabilities in IBM Spectrum Protect Operations Center (CVE-2020-22348, CVE-2020-22346)
Summary IBM Spectrum Protect Operations Center is vulnerable to reverse tabnabbing and cross-site request forgery CSRF. Vulnerability Details CVEID: CVE-2022-22348 DESCRIPTION: IBM Spectrum Protect Operations Center is vulnerable to reverse tabnabbing where it could allow a page linked to from...
[SECURITY] Fedora 35 Update: radare2-5.6.4-1.fc35
The radare2 is a reverse-engineering framework that is multi-architecture, multi-platform, and highly scriptable. Radare2 provides a hexadecimal editor, wrapped I/O, file system support, debugger support, diffing between two functions or binaries, and code analysis at opcode, basic block, and...
CVE-2022-22348
IBM Spectrum Protect Operations Center 8.1.0.000 through 8.1.13.xxx is vulnerable to reverse tabnabbing where it could allow a page linked to from within Operations Center to rewrite it. An administrator could enter a link to a malicious URL that another administrator could then click. Once...
Tdarr 2.00.15 Command Injection
Exploit Title: Tdarr 2.00.15 - Command Injection Date: 10/03/2022 Exploit Author: Sam Smith Vendor Homepage: https://tdarr.io Software Link: https://f000.backblazeb2.com/file/tdarrs/versions/2.00.15/linuxarm64/TdarrServer.zip Version: 2.00.15 likely also older versions Tested on: 2.00.15 Exploit:...
Windows Encrypted Reverse Shell
Connect back to attacker and spawn an encrypted command shell Module Options msf use payload/windows/x64/encryptedshellreversetcp msf payloadencryptedshellreversetcp show actions ...actions... msf payloadencryptedshellreversetcp set ACTION msf payloadencryptedshellreversetcp show options ...show...
Windows Command Shell, Encrypted Reverse TCP Stager
Spawn a piped command shell staged. Connect to MSF and read in stage Module Options msf use payload/windows/x64/encryptedshell/reversetcp msf payloadreversetcp show actions ...actions... msf payloadreversetcp set ACTION msf payloadreversetcp show options ...show and set options... msf...
Audio Conversion Wizard v2.01 - Buffer Overflow Exploit
Exploit Title: Audio Conversion Wizard v2.01 - Buffer Overflow Exploit Author: Hejap Zairy Software Link: https://www.litexmedia.com/acwizard.exe Tested Version: v2.01 Tested on: Windows 10 64bit 1.- Run python code : 0day-HejapZairy.py 2.- Open 0dayHejap.txt and copy All content to Clipboard 3.-...
Exploit for OS Command Injection in Gitea
CVE-2020-14144 - GiTea authenticated RCE A script to explo...
Exploit for Expression Language Injection in Vmware Spring_Cloud_Gateway
CVE-2022-22947-Spring-Cloud-Gateway-SpelRCE Overview of CVE...
Exploit for Improper Access Control in Webmin
Webmin-CVE-2022-0824-revshell Vulnerability Description...
golang: net/http/httputil: panic due to racy read of persistConn after handler panic
A race condition flaw was found in Go. The incoming requests body weren't closed after the handler panic and as a consequence this could lead to ReverseProxy crash. The highest threat from this vulnerability is to Availability...
WebHMI 4.1.1 Remote Code Execution Exploit
Exploit Title: WebHMI 4.1.1 - Remote Code Execution RCE Authenticated Exploit Author: Antonio Cuomo arkantolo Vendor Homepage: https://webhmi.com.ua/en/ Version: WebHMI 4.1.1.7662 Tested on: WebHMI-4.1.1.7662 !/usr/bin/python import sys import re import argparse import requests import time import...