Kali
POC for CVE-2024-36401: RCE for GeoServer version prior to 2.25.1, 2.24.3 and 2.23.5 of GeoServer. This POC is based on the security advisory by phith0n. How It Works How To Use This POC will attempt to establish a reverse shell from the vlun targets. This is aimed to work against vlun Linux targets. You will have …
Continue reading “GeoServer Vulnerability : Reverse Shell Execution For CVE-2024-36401”
A vulnerable application made using node.js, express server and ejs template engine. This application is meant for educational purposes only. Setup Clone This Repository Application Setup: DB Setup Set Basic Environment Variable Start The Server Vulnerability Covered
delve into CVE-2024-26229, a critical security vulnerability identified within the csc.sys driver, pivotal in handling I/O control codes. This issue is catalogued under CWE-781, indicating a severe oversight in address validation mechanisms when utilizing METHOD_NEITHER I/O Control Codes. Such vulnerabilities pose significant risks as they could allow attackers to execute arbitrary code within the kernel, …
Continue reading “CVE-2024-26229 : Address Validation Flaws In IOCTL With METHOD_NEITHER”
In this article, we delve into the intricacies of a recently discovered vulnerability in Google Chrome, identified as CVE-2023-4427. Discovered by glazunov and originating from the v8ctf platform, this vulnerability poses significant risks to users of Chrome version 117.0.5938.62 on Linux systems. We explore the methods utilized to exploit this vulnerability, including bypassing Address Space …
We dissect the exploit’s mechanisms, shedding light on how it manipulates memory through io_uring. By delving into the technical nuances, we aim to provide a comprehensive understanding of this critical security issue for educational and research purposes. LPE exploit for CVE-2023-2598. My write-up of the vulnerability: Conquering the memory through io_uring – Analysis of CVE-2023-2598 You …
Continue reading “io_uring_LPE-CVE-2023-2598 : Analysis Of The Conquering Memory Exploit”
This article delves into a critical vulnerability in Splunk, identified as CVE-2023-46214. It provides a detailed analysis and a Proof of Concept (PoC) script to demonstrate the vulnerability’s exploitation. The script is designed for educational purposes, helping to understand the security implications of this vulnerability in Splunk, a popular data processing and analytics platform. The …
Continue reading “Splunk RCE – PoC: In-Depth Analysis and Exploitation Methodology”
Do you need to filter Nessus scan results and zero in on exploitable vulnerabilities? When you’re on a penetration test or vulnerability assessment and you have to review Nessus scan results, you can filter using Nessus or you can export a Nessus .nessus file for distrubution or offline parsing. Nessusploitable parses .nessus files for exploitable …
Continue reading “Nessusploitable – Targeting Exploitable Nessus Vulnerabilities”
ADCSKiller is a Python-based tool designed to automate the process of discovering and exploiting Active Directory Certificate Services (ADCS) vulnerabilities. It leverages the features of Certipy and Coercer to simplify the process of attacking ADCS infrastructure. Please note that the ADCSKiller is currently in its first draft and will undergo further refinements and additions in …
Continue reading “ADCSKiller – An ADCS Exploitation Automation Tool”
Ivanti has just put out a warning about CVE-2023-38035. The vulnerability has been added to CISA KEV and is called an authentication bypass in the Ivanti Sentry user interface. This new flaw comes after a flaw in Ivanti EPMM (CVE-2023-35078) that was already being used in the wild. In this post, we’ll look closely at …
Continue reading “CVE-2023-38035 – Arbitrary Command Execution As The Root user On Ivanti Sentry”
Windows Event Log Analyzer wants to be the Swiss Army knife of Windows event logs. At the moment, WELA’s best feature is that it can make an easy-to-understand timeline of logins to help with fast forensics and incident reaction. WELA’s logon timeline generator will combine only the useful information from multiple logon log entries (4624, …
.webp)
.webp)
.webp)
%20(1).webp)
.webp)
