⚓️𝔇𝔬𝔠𝔲𝔪𝔢𝔫𝔱𝔬𝔯
رفتن به کانال در Telegram
⚓️Selling Pv Database ⛓Account & Data ⚓️User information ⛓KYC Documents ⚓️Edit and Draw All Documents 🏴 A Collection Of The World Of Darka Team 🛎 Make Our Order : @Darkamo
نمایش بیشترکشور مشخص نشده استرمزارزها49 992
2 892
مشترکین
اطلاعاتی وجود ندارد24 ساعت
اطلاعاتی وجود ندارد7 روز
اطلاعاتی وجود ندارد30 روز
آرشیو پست ها
2 892
⚙️shodanIDB is a command-line tool to fetch data (open ports, CVEs, CPEs, ...) from Shodan internetDB API.
⚠️NO API key required!
2 892
💥CVE-2022-30075 PoC exploit(Authenticated RCE in Tp-Link Routers)
⚠️Affected Devices:
Tp-Link routers with backup and restore functionality and firmware is older than june 2022
usage:
tplink.py [-h] -t target -p password [-b] [-r backup_directory] [-c cmd]
2 892
🔥🔥🔥Cisco Secure Manager Appliance jwt_api_impl Hardcoded JWT Secret Elevation of Privilege(CVE-2022-20868 + PoC exploit)
2 892
#BurpSuite Professional x64 2022.11.1 with h3110w0r1d-y keygen 20221117
UPDATED BurpSuitePro, Keygen, Java JDK, jruby, jython
(#zen bundle)
📄For Questions and Purchase and place Orders
Contact us:
🛎 @darkamo
https://t.me/documentors
2 892
2 892
📲 In the neural engine from apple (ANE), which is essentially an NPU and the first generation appeared in the A11 chip, as part of it.
💾CVE-2022-32845 - aned signature check bypass for model.hwx
💾CVE-2022-32948 - DeCxt::FileIndexToWeight() OOB Read due to lack of array index validation
💾CVE-2022-42805 : ZinComputeProgramUpdateMutables() potential arbitrary read due to Integer overflow issue.
💾CVE-2022-32899 - DeCxt::RasterizeScaleBiasData() Buffer underflow due to integer overflow issue.
Actually, these kernel waves affected almost all iOS versions from 15 to 16 (15 - 15.5), except for sbx, which was fixed in iOS 15.6. Therefore, for successful operation on iOS 15.6/15.7 devices, it is necessary to break the sploitchain and re-make sbx. WeightBufs - nuclear r / w splits (as stated - affects all apple devices with ANE support, which combines these waves and, in addition to the aforementioned iOS versions, also affects macOS versions: 12 - 12.4.
https://t.me/documentors
2 892
kernel r/w exploit for iOS 15 and macOS 12
*
Эксплойт объединяет 4 уязвимости:
CVE-2022-32845 : aned signature check bypass for model.hwx.
CVE-2022-32948 : DeCxt::FileIndexToWeight() OOB Read due to lack of array index validation.
CVE-2022-42805 : ZinComputeProgramUpdateMutables() potential arbitrary read due to Integer overflow issue.
CVE-2022-32899 : DeCxt::RasterizeScaleBiasData() Buffer underflow due to integer overflow issue.
Протестировано на:
iPhone12 Pro (iPhone13,3) with iOS 15.5.
iPad Pro (iPad8,10) with iPadOS 15.5.
iPhone11 Pro (iPhone12,3) with iOS 15.4.1.
MacBookAir10,1 M1 with macOS 12.4.2 892
🇷🇺 #Reversing #Yandex.navigator in order to parse yandex.tanker clients
https://github.com/fuad00/yandex.tanker
📄For Questions and Purchase and place Orders
Contact us:
🛎 @darkamo
https://t.me/documentors
2 892
#CVE-2022-3699 #LPE
https://github.com/alfarom256/CVE-2022-3699/
📄For Questions and Purchase and place Orders
Contact us:
🛎 @darkamo
https://t.me/documentors
2 892
Burp Suite Professional v2022.11 + Crack
Early Adopter, Released Monday, 7 November 2022
📄For Questions and Purchase and place Orders
Contact us:
🛎 @darkamo
https://t.me/documentors
#pentest2 892
Burp Suite Professional v2022.11 + Crack
Early Adopter, Released Monday, 7 November 2022
https://www.virustotal.com/gui/file/266681ff8d838dd6ecb041068e89194fc49dfc45485d3ef6a5a8a0d7f19a2c06@zer0daylab #pentest #security
2 892
💥Apache Commons JXPath
RCE (CVE-2022-41852)
People who use JXPath to interpret untrusted XPath expressions may be vulnerable to RCE attacks. All JXPathContext class functions that deal with XPath strings are vulnerable, except the compile() and compilePath() functions. An attacker can use an XPath expression to load any Java class from the classpath, resulting in code execution.
To load remote configuration to achieve RCE we can use two class constructors in spring:
org.springframework.context.support.ClassPathXmlApplicationContext org.springframework.context.support.FileSystemXmlApplicationContext💾Another analysis + PoC
2 892
💥zipslip is a handy python script to test for zip slip vulnerabilities
usage:
python3 zipslip.py -f file_to_zip -e /../../../path/to/explode/filename.extention -n zip_name.zip
📄For Questions and Purchase and place Orders
Contact us:
🛎 @darkamo
https://t.me/documentors