red shadow - Lightspin AWS Vulnerability Scanner
https://reconshell.com/red-shadow-lightspin-aws-vulnerability-scanner/
#PrivilegeEscalation #exploit #Exploitation #AWS
#Vulnerability #Scanner
https://reconshell.com/red-shadow-lightspin-aws-vulnerability-scanner/
#PrivilegeEscalation #exploit #Exploitation #AWS
#Vulnerability #Scanner
iOS 15 0day Exploits
https://github.com/illusionofchaos/ios-gamed-0day
https://github.com/illusionofchaos/ios-nehelper-wifi-info-0day
https://github.com/illusionofchaos/ios-nehelper-enum-apps-0day
#ios #0day #exploit
https://github.com/illusionofchaos/ios-gamed-0day
https://github.com/illusionofchaos/ios-nehelper-wifi-info-0day
https://github.com/illusionofchaos/ios-nehelper-enum-apps-0day
#ios #0day #exploit
GitHub
GitHub - illusionofchaos/ios-gamed-0day: iOS gamed exploit (fixed in 15.0.2)
iOS gamed exploit (fixed in 15.0.2). Contribute to illusionofchaos/ios-gamed-0day development by creating an account on GitHub.
SonicWall SMA-100 Unauth RCE
Bad Blood is an exploit for CVE-2021-20038, a stack-based buffer overflow in the httpd binary of SMA-100 series systems using firmware versions 10.2.1.x. The exploit, as written, will open up a telnet bind shell on port 1270. An attacker that connects to the shell will achieve execution as
Research:
https://attackerkb.com/topics/QyXRC1wbvC/cve-2021-20038/rapid7-analysis
Exploit:
https://github.com/jbaines-r7/badblood
#sonicwall #exploit #rce #cve
Bad Blood is an exploit for CVE-2021-20038, a stack-based buffer overflow in the httpd binary of SMA-100 series systems using firmware versions 10.2.1.x. The exploit, as written, will open up a telnet bind shell on port 1270. An attacker that connects to the shell will achieve execution as
nobody.Research:
https://attackerkb.com/topics/QyXRC1wbvC/cve-2021-20038/rapid7-analysis
Exploit:
https://github.com/jbaines-r7/badblood
#sonicwall #exploit #rce #cve
AttackerKB
CVE-2021-20038 | AttackerKB
A Stack-based buffer overflow vulnerability in SMA100 Apache httpd server's mod_cgi module environment variables allows a remote unauthenticated attacker to po…
SpoolFool: Windows Print Spooler Privilege Escalation (CVE-2022–22718)
Research:
https://research.ifcr.dk/spoolfool-windows-print-spooler-privilege-escalation-cve-2022-22718-bf7752b68d81
Exploit:
https://github.com/ly4k/SpoolFool
#windows #print #spooler #lpe #exploit
Research:
https://research.ifcr.dk/spoolfool-windows-print-spooler-privilege-escalation-cve-2022-22718-bf7752b68d81
Exploit:
https://github.com/ly4k/SpoolFool
#windows #print #spooler #lpe #exploit
👍2
CVE-2022-0995
This is my exploit for CVE-2022-0995, an heap out-of-bounds write in the watch_queue Linux kernel component.
It uses the same technique described in https://google.github.io/security-research/pocs/linux/cve-2021-22555/writeup.html.
The exploit targets Ubuntu 21.10 with kernel 5.13.0-37.
The exploit is not 100% reliable, you may need to run it a couple of times. It may panic the kernel, but during my tests it happened rarely.
https://github.com/Bonfee/CVE-2022-0995
#linux #lpe #exploit #cve
This is my exploit for CVE-2022-0995, an heap out-of-bounds write in the watch_queue Linux kernel component.
It uses the same technique described in https://google.github.io/security-research/pocs/linux/cve-2021-22555/writeup.html.
The exploit targets Ubuntu 21.10 with kernel 5.13.0-37.
The exploit is not 100% reliable, you may need to run it a couple of times. It may panic the kernel, but during my tests it happened rarely.
https://github.com/Bonfee/CVE-2022-0995
#linux #lpe #exploit #cve
👍3