Valentin Lobstein Chocapikk

🎯

Focusing

🛠 Security enthusiast since 2019 💥 Writing exploits since 2021 🔓 Passionate about Open Source

850 followers · 160 following

View GitHub Profile

Recently created

Least recently created

Recently updated

Least recently updated

Chocapikk / CVE-2025-34152-exploitation-report.md

Created September 12, 2025 21:10

Public evidence of CVE-2025-34152 being actively exploited in the wild. Includes log excerpts, malicious loader script, running process list, and malware sample (Mirai variant).

CVE-2025-34152 - Active Exploitation in the Wild

Date observed: September 2025
Affected devices: Shenzhen Aitemi M300 (MT02) Wi-Fi Repeaters

1. Exploit Trigger (Captured Logs)

Evidence from /tmp/commuos.log showing remote code execution via protocol.csp.
The attacker injects a wget | sh payload in the time parameter.

Chocapikk / wpprobe-crit-unauth-2025.md

Created June 16, 2025 02:37

WordPress Critical Unauthenticated Vulnerabilities from 2025

$ wpprobe search --severity critical --auth Unauth --cve "CVE-2025" -d                                                                         4:35:19 AM

 __    __  ___  ___           _
/ / /\ \ \/ _ \/ _ \_ __ ___ | |__   ___
\ \/  \/ / /_)/ /_)/ '__/ _ \| '_ \ / _ \
 \  /\  / ___/ ___/| | | (_) | |_) |  __/
  \/  \/\/   \/    |_|  \___/|_.__/ \___|
                                   v0.7.0 [latest]