Ralf Hacker Channel
26.7K subscribers
407 photos
16 videos
503 files
487 links
Download Telegram
Forwarded from APT
This media is not supported in your browser
VIEW IN TELEGRAM
🔥 VMware vRealize Network Insight — Pre-authenticated RCE (CVE-2023-20887)

This post will examine the exploitation process of CVE-2023-20887 in VMware Aria Operations for Networks (formerly known as vRealize Network Insight). This vulnerability comprises a chain of two issues leading to Remote Code Execution (RCE) that can be exploited by unauthenticated attackers.

Exploit:
https://github.com/sinsinology/CVE-2023-20887

Research:
https://summoning.team/blog/vmware-vrealize-network-insight-rce-cve-2023-20887/

#VMware #vRealize #rce #cve
Полезный ресурс, содержащий информацию о всех CVE, которые патчит Microsoft в своих ежемесячных обновлениях.

https://patchapalooza.com/

#pentest #redteam #cve
Please open Telegram to view this post
VIEW IN TELEGRAM
Forwarded from APT
🖥 Veeam Enterprise Manager Authentication Bypass

May 21st, Veeam published an advisory stating that all the versions BEFORE Veeam Backup Enterprise Manager 12.1.2.172 is affected by an authentication bypass allowing an unauthenticated attacker to bypass the authentication and log in to the Veeam Backup Enterprise Manager web interface as any user. , the CVSS for this vulnerability is 9.8.

🔗 Source:
https://summoning.team/blog/veeam-enterprise-manager-cve-2024-29849-auth-bypass/

🔗 PoC:
https://github.com/sinsinology/CVE-2024-29849

#veeam #authentication #bypass #cve
Please open Telegram to view this post
VIEW IN TELEGRAM
Forwarded from APT
🖼️ RegreSSHion — OpenSSH Unauthenticated RCE

The Qualys Threat Research Unit has discovered a Remote Unauthenticated Code Execution vulnerability in OpenSSH’s server (sshd) in glibc-based Linux systems. CVE assigned to this vulnerability is CVE-2024-6387.

The vulnerability, which is a signal handler race condition in OpenSSH’s server (sshd), allows unauthenticated remote code execution (RCE) as root on glibc-based Linux systems.

🔗 Research:
https://blog.qualys.com/vulnerabilities-threat-research/2024/07/01/regresshion-remote-unauthenticated-code-execution-vulnerability-in-openssh-server

🔗 PoC:
https://github.com/7etsuo/cve-2024-6387-poc

#openssh #glibc #rce #cve
Please open Telegram to view this post
VIEW IN TELEGRAM
Forwarded from APT
Please open Telegram to view this post
VIEW IN TELEGRAM
Forwarded from APT
🔐 FreeIPA Rosting (CVE-2024-3183)

A vulnerability recently discovered by my friend @Im10n in FreeIPA involves a Kerberos TGS-REQ being encrypted using the client’s session key. If a principal’s key is compromised, an attacker could potentially perform offline brute-force attacks to decrypt tickets by exploiting the encrypted key and associated salts.

🔗Source:
https://github.com/Cyxow/CVE-2024-3183-POC

#freeipa #kerberos #hashcat #cve

———
Добавляем доклад Миши в вишлист на Offzone 🚶‍♂️
Please open Telegram to view this post
VIEW IN TELEGRAM
Forwarded from SHADOW:Group
🖊️Семантические уязвимости в серверах Apache

В связи с недавно прошедшими мероприятиями и моим отпуском не было времени упомянуть некоторые крутые недавно опубликованные доклады. И к одному из таких относится ресерч старины Orange Tsai, в ходе которого было найдено сразу несколько CVE и различных мисконфигов в серверах Apache.

Странно, что никто об этом еще не написал, так как материал очень интересный и я всем рекомендую ознакомиться с оригиналом по ссылке. Я также набросал несколько шаблонов для Nuclei на основе этого доклада, которые вы можете доработать или использовать как есть на своих целях (закину их в комменты под постом).

#web #apache #cve
Please open Telegram to view this post
VIEW IN TELEGRAM