Search results

JavaScript: #! /usr/bin/env python #coding=utf-8 import hashlib import time import math import base64 import urllib import urllib2 import sys def microtime(get_as_float = False) : if get_as_float: return time.time() else: return '%.8f %d' % math.modf(time.time()) def...

JavaScript: ## Django上传文件目录穿越漏洞——CVE-2021-31542 ## 漏洞描述 Django 3.2.1, 3.1.9, and 2.2.21: CVE-2021-31542: Potential directory-traversal via uploaded files 在这些版本的Django中使用`MultiPartParser`, `UploadedFile`, 和 `FieldFile` 时，存在构造特别的文件名../等进行目录穿越漏洞。 构造文件名参考：/tmp/../path ## 修复方案： 空文件名和带..的文件名都将拒绝...

JavaScript: ## 漏洞标题为：Django 任意文件读取 ## 漏洞类型为：路径遍历 ## 漏洞等级为：中危 ## 漏洞简介为 Django是Django基金会的一套基于Python语言的开源Web应用框架。该框架包括面向对象的映射器、视图系统、模板系统等。 在 django 中发现了一个路径注入问题，如果启用了模块 django.contrib.admindocs，恶意管理员用户就可以披露文件系统上文件的存在。 经过身份验证的恶意管理员可以披露任意文件的存在。 ## 漏洞cve为：CVE-2021-33203...

Python: 1. Dubbo端口未授权访问 ``` 一条命令判断： echo ls | nc -i 1 116.62.162.75 20880 telnet远程连接 root@vulhunt:~# telnet 116.62.162.75 20880 Trying 116.62.162.75... Connected to 116.62.162.75. Escape character is '^]'. ls + 类 + 方法，查看注册的生产者，使用invoke未授权调用 dubbo>ls...

Python: import urlparse import requests if messageIsRequest: request = messageInfo.getRequest() analyzedRequest = helpers.analyzeRequest(messageInfo) # returns IResponseInfo headers = analyzedRequest.getHeaders() print(headers) url =...

JavaScript: #!/usr/bin/python # Quick and dirty demonstration of CVE-2014-0160 by Jared Stafford ([email protected]) # The author disclaims copyright to this source code. import sys import struct import socket import time import select import re from optparse import OptionParser options...

JavaScript: #JMET The Java Message Exploitation Tool ____ _______________ / / |/ / ____/_ __/ __ / / /|_/ / __/ / / / /_/ / / / / /___ / / \____/_/ /_/_____/ /_/ https://github.com/matthiaskaiser/jmet Description JMET was released at Blackhat USA 2016 and is an...

Reconnaissance is the first phase of penetration testing, which means gathering information before planning any actual attack . Therefore, Ashok is an incredibly fast reconnaissance tool designed specifically for the reconnaissance phase. In Ashok-v1.1, you can find advanced google dorker and...

Tool for fingerprinting HTTP requests of malware. Based on Tshark and written in Python3. Working prototype stage :-) Its main purpose is to provide unique representations (fingerprints) of malware requests to help identify them. Unique means that each fingerprint is only seen in one specific...

Pip-Intel is a powerful tool designed for OSINT (Open Source Intelligence ) and Cyber Intelligence gathering activities. It combines various open source tools into a user-friendly interface, simplifying the data collection and analysis process for researchers and cybersecurity professionals ...

Modify SEOmanagerenewUnfollow ••• Yesterday 1:52 AM Views: 17 Add Bookmark Thief Raccoon is a tool designed for educational purposes to demonstrate how to conduct phishing attacks on various operating systems . The tool aims to raise awareness of cybersecurity threats and help users...

Make the LKM rootkit visible again. For example, it involves getting the memory address of the rootkit's "show_module" function and using it to call it, add it back to lsmod so that the LKM rootkit can be removed. We can get the function address in a very simple kernel using /sys/ kernel...

Mass-Assigner - A simple tool to detect mass assignment vulnerabilities by modifying JSON fields in HTTP requests. 4 months ago at 8:30 AM | Sponsored Post by FaradaySEC | Multi-User Penetration Testing Environment Zion 3R Mass Assigner is a powerful tool designed to identify and exploit...

Damn Vulnerable Drone is a deliberately vulnerable drone hacking simulator based on the popular ArduPilot/MAVLink architecture, providing a realistic environment for practical drone hacking. Damn Vulnerable Drone is a virtual simulation environment designed for offensive security professionals...

Analysis process cs clone Compare the cloned HTML with the original HTML feature: The IFRAME tag is uppercase and has a length and width of 0. The script tag loads the js path as "/jquery/jquery.min.js" Order Features: When the IFRAME tag and the script tag appear at the same...

Executing commands using COM (The Ole Automation Procedures component needs to be enabled) declare @luan <span>int</span>,@exec <span>int</span>,@text <span>int</span>,@str varchar(<span>8000 </span>);<br><span>exec</span> sp_oacreate <span>'{72C24DD5-D70A-438B-8A42-98424B88AFB8}'</span>,@luan...

Capabilities Introduction What are Capabilities in Linux Before we got capabilities, we only had a binary system of privileged and unprivileged processes, and for the purpose of performing permission checks, traditional UNIX implementations divided processes into two categories: privileged...

Request a comparison: GET: Use GET to request a path to get the returned response. Request parameters will be exposed. HEAD: Especially suitable for priority speed and bandwidth 1. Check the validity of resources. 2. Check the validity of hyperlinks. 3. Check whether the web page has been...

The function exported by the task scheduling service in Windows 10 does not verify the caller's permissions. Users with any permissions can obtain write permissions for sensitive system files by calling this function, thereby escalating privileges. Scope of impact: Windows 10, Windows Server...

0x00 Preface This morning I saw an article on a public account that said they found a Starbucks XXE vulnerability and got a bonus. I decided to take a look at this hole in the evening. XXE is also known as XML External Entity Injection <br><!ENTITY entity name<span>"entity...