Skip to content

Instantly share code, notes, and snippets.

View T0NG-J's full-sized avatar
💻
Still enumerating...

Tonggy T0NG-J

💻
Still enumerating...
3 followers · 10 following
View GitHub Profile
@to016
to016 / CVE-2023-41892-POC.md
Last active November 27, 2024 18:01
CVE-2023-41892 (Craft CMS Remote Code Execution) - POC

This Gist provides a Proof-of-Concept (POC) for CVE-2023-41892, a Craft CMS vulnerability that allows Remote Code Execution (RCE).

Overview

CVE-2023-41892 is a security vulnerability discovered in Craft CMS, a popular content management system. Craft CMS versions affected by this vulnerability allow attackers to execute arbitrary code remotely, potentially compromising the security and integrity of the application.

POC

This POC is depending on writing webshell, so finding a suitable folder with writable permission is necessary.

@S3cur3Th1sSh1t
S3cur3Th1sSh1t / Invoke-winPEAS.ps1
Created April 8, 2020 13:10
winPEAS in powershell
function Invoke-winPEAS
{
[CmdletBinding()]
Param (
[Parameter(Position = 0, Mandatory = $true)]
[ValidateNotNullorEmpty()]
[String]
$Command
)
@rustymagnet3000
rustymagnet3000 / ios_introspection.md
Last active April 4, 2025 02:43
Static and Dynamic iOS inspection