This gist gather a list of log4shell payloads seen on my twitter feeds.
💨 I will update it every time I see new payloads.
The goal is to allows testing detection regexes defined in protection systems.
emadshanab
/ CVE-2002-0561.yaml
Created
December 18, 2023 06:50
— forked from ihebski/CVE-2002-0561.yaml
nuclei template for [CVE-2002-0561] Oracle 9iAS PL/SQL Gateway Web Admin Interface Null Authentication
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| id: CVE-2002-0561 | |
| info: | |
| name: Oracle 9iAS PL/SQL Gateway Web Admin Interface Null Authentication | |
| author: Segfolt | |
| severity: High | |
| requests: | |
| - method: GET | |
| path: |
emadshanab
/ CVE-2023-36845.yaml
Created
December 18, 2023 06:50
— forked from hxlxmj/CVE-2023-36845.yaml
Nuclei Template For Juniper Networks Junos OS PHP External Variable Modification Vulnerability
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| id: CVE-2023-36845 | |
| info: | |
| name: Juniper Networks Junos OS PHP External Variable Modification Vulnerability | |
| author: hxlxmj | |
| severity: medium | |
| description: | | |
| A PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX Series and SRX Series allows an unauthenticated, network-based attacker to control certain environments variables. | |
| reference: | |
| - https://nvd.nist.gov/vuln/detail/CVE-2023-36845 |
emadshanab
/ hp-ilo4-CVE-2017-12542.yaml
Created
December 18, 2023 06:50
— forked from ihebski/hp-ilo4-CVE-2017-12542.yaml
nuclei template for [CVE-2017-12542] iLO 4 < 2.53 - Add New Administrator User
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| id: CVE-2017-12542 | |
| info: | |
| name: iLO 4 < 2.53 - Add New Administrator User | |
| author: segfolt | |
| severity: High | |
| # Exploit Source: https://www.exploit-db.com/exploits/44005 | |
| # Reference: https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbhf03769en_us | |
| requests: | |
| - raw: |
emadshanab
/ nacos_bypass_nuclei_template.yaml
Created
December 18, 2023 06:50
— forked from Esonhugh/nacos_bypass_nuclei_template.yaml
nacos default jwt secret encryption vuln nuclei poc leaking all passwords and create user automatically exploit.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| id: nacos-bypass-authentication | |
| variables: | |
| #token: eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJuYWNvcyIsImV4cCI6OTk5OTk5OTk5OTl9.vqhkMLKmquQ6R5AD6VWrTOqgClC599nnAQgQLHhPcLc | |
| # token is signed with a very long time expire. | |
| # token exp -1 | |
| token: eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJuYWNvcyIsImV4cCI6LTF9.ybUomrBRXZhbUMWVgXRz3Q6zndbF-Zdk4RGpCnV-Ofs | |
| info: | |
| name: Nacos Bypass Auth with default jwt secret |
emadshanab
/ CVE-2022-21449.yaml
Created
December 18, 2023 06:50
— forked from righettod/CVE-2022-21449.yaml
Nuclei template to detect exposure to CVE-2022-21449 by the JWT validation API in place.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| id: CVE-2022-21449 | |
| info: | |
| name: CVE-2022-21449 test exposure | |
| description: The JDK 15-18 have a vulnerability in validation of ECDSA signature so this template detect exposure to CVE-2022-21449 by the JWT validation API in place. | |
| author: righettod | |
| severity: info | |
| tags: cve,2022,java | |
| reference: https://neilmadden.blog/2022/04/19/psychic-signatures-in-java |
emadshanab
/ ssrf-via-oauth-misconfig.yaml
Created
December 18, 2023 06:50
— forked from mrsin15/ssrf-via-oauth-misconfig.yaml
I created this YAML script to work with Nuclei to find possible SSRF Vulnerabilities in an automated way
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| id: ssrf-via-oauth-misconfig | |
| info: | |
| name: SSRF due to misconfiguration in OAuth | |
| author: KabirSuda | |
| severity: medium | |
| description: Sends a POST request with the endpoint "/connect/register" to check external Interaction with multiple POST parameters. | |
| tags: misconfig,oob,oauth | |
| reference: https://portswigger.net/research/hidden-oauth-attack-vectors |
emadshanab
/ maltrail-command-injection.nuclei.yaml
Created
December 18, 2023 06:50
— forked from Esonhugh/maltrail-command-injection.nuclei.yaml
Maltrail <= v0.54 is vulnerable to unauthenticated OS command injection during the login process.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| id: maltrail-os-command-injection | |
| info: | |
| author: Esonhugh | |
| name: Unauthenticated OS Command Injection in stamparm/maltrail | |
| severity: critical | |
| description: | | |
| Maltrail <= v0.54 is vulnerable to unauthenticated OS command injection during the login process. | |
| reference: | |
| - "https://huntr.dev/bounties/be3c5204-fbd9-448d-b97c-96a8d2941e87/" |
emadshanab
/ Header-Injection.yaml
Created
December 18, 2023 06:48
— forked from ResistanceIsUseless/Header-Injection.yaml
Nuclei SSRF Fuzzing Template
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| id: header-injection | |
| info: | |
| name: Header SSRF Injection | |
| author: nullrabbit | |
| severity: high | |
| description: Fuzzing headers for OOB SSRF | |
| tags: fuzz,ssrf | |
| requests: |
emadshanab
/ nuclei-rce.yaml
Created
December 18, 2023 06:48
— forked from c3l3si4n/nuclei-rce.yaml
POC demonstrating RCE on Nuclei v2.5.1. The following PoC will execute `touch /tmp/rce_on_nuclei`. JS exploit based on CVE-2021-21224 PoCs
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| id: nuclei-rce | |
| info: | |
| name: Nuclei Template RCE by Chromium | |
| author: c3l3si4n | |
| severity: critical | |
| tags: rce,hackback | |
| headless: | |
| - steps: |
emadshanab
/ log4shell-payloads.md
Created
December 18, 2023 06:41
— forked from righettod/log4shell-payloads.md
List of log4shell payloads seen on my twitter feeds