All Activity
- Past hour
-
zinnu556 started following Wireshark 101: Packet Analysis Essentials
-
zinnu556 joined the community
-
Guille0254 joined the community
- Today
-
OTRABIKHUBchanged their profile photo -
lthfsm changed their profile photo
-
chico1212 started following StealerChecker by Temnij v9.2
-
chico1212 joined the community
-
es3301 joined the community
-
rtoizp joined the community
- Yesterday
-
alucardi joined the community
-
MaxTier joined the community
-
gfdg45 joined the community
-
Inferno666 joined the community
-
ZeroDayF34r started following DWG FastView-CAD Viewer
-
You can search game you want ..Like Mortal Kombat,Injustice,STAR WARS etc.. Also account:password is above like in the picture Don't Leach <3 ENJOY !! [hide][Hidden Content]]
-
Don't Leach ❤️ [hide][Hidden Content]]
-
Don't Leach <3 ENJOY !! [hide][Hidden Content]]
-
🚨 CVE-2023-45866 - BlueDucky Implementation (Using DuckyScript) 🔓 Unauthenticated Peering Leading to Code Execution (Using HID Keyboard) Introduction 📢 BlueDucky is a powerful tool for exploiting a vulnerability in Bluetooth devices. By running this script, you can: 📡 Load saved Bluetooth devices that are no longer visible but have Bluetooth still enabled. 📂 Automatically save any devices you scan. 💌 Send messages via ducky script format to interact with devices. I've successfully run this on a Raspberry Pi 4 using the default Bluetooth module. It works against various phones, with an interesting exception for a New Zealand brand, Vodafone. Installation and Usage 🛠️ Setup Instructions # update apt sudo apt-get update sudo apt-get -y upgrade # install dependencies from apt sudo apt install -y bluez-tools bluez-hcidump libbluetooth-dev \ git gcc python3-pip python3-setuptools \ python3-pydbus # install pybluez from source git clone [Hidden Content] cd pybluez sudo python3 setup.py install # build bdaddr from the bluez source cd ~/ git clone --depth=1 [Hidden Content] gcc -o bdaddr ~/bluez/tools/bdaddr.c ~/bluez/src/oui.c -I ~/bluez -lbluetooth sudo cp bdaddr /usr/local/bin/ Running BlueDucky [Hidden Content] Operational Steps 🕹️ On running, it prompts for the target MAC address. Pressing nothing triggers an automatic scan for devices. Devices previously found are stored in known_devices.txt. If known_devices.txt exists, it checks this file before scanning. Executes using payload.txt file. Successful execution will result in automatic connection and script running. Download: [hide][Hidden Content]] Mirror: [hide][Hidden Content]]
-
This Metasploit module exploits two vulnerabilities in Sharepoint 2019 - an authentication bypass as noted in CVE-2023-29357 which was patched in June of 2023 and CVE-2023-24955 which was a remote command execution vulnerability patched in May of 2023. The authentication bypass allows attackers to impersonate the Sharepoint Admin user. This vulnerability stems from the signature validation check used to verify JSON Web Tokens (JWTs) used for OAuth authentication. If the signing algorithm of the user-provided JWT is set to none, SharePoint skips the signature validation step due to a logic flaw in the ReadTokenCore() method. After impersonating the administrator user, the attacker has access to the Sharepoint API and is able to exploit CVE-2023-24955. This authenticated remote command execution vulnerability leverages the impersonated privileged account to replace the /BusinessDataMetadataCatalog/BDCMetadata.bdcm file in the webroot directory with a payload. The payload is then compiled and executed by Sharepoint allowing attackers to remotely execute commands via the API.View the full article
-
This Metasploit module exploits an unauthenticated remote code execution vulnerability in the Bricks Builder Theme versions 1.9.6 and below for WordPress. The vulnerability allows attackers to execute arbitrary PHP code by leveraging a nonce leakage to bypass authentication and exploit the eval() function usage within the theme. Successful exploitation allows for full control of the affected WordPress site. It is recommended to upgrade to version 1.9.6.1 or higher.View the full article
-
A command injection vulnerability in Artica Proxy appliance versions 4.50 and 4.40 allows remote attackers to run arbitrary commands via an unauthenticated HTTP request. The Artica Proxy administrative web application will deserialize arbitrary PHP objects supplied by unauthenticated users and subsequently enable code execution as the www-data user.View the full article
-
Payload-Based Approach (GitHub Project): There’s a GitHub project called Bypass-G-Protect that aims to bypass Google Play Protect. The steps involve building an Android payload, installing it (even if Play Protect detects it as unsafe), deleting the payload, changing the Target Sdk to ‘39’ or above using an Android editor app, and then reinstalling the payload .
-
[Hidden Content]
-
[Hidden Content]
-
[Hidden Content]
-
DeepDl started following Hackus 2 [Mail Access Checker ] Cracked by Maksim
- Last week
-
cashman230 started following WinLicense x32/x64 v3.1.3.0 Licensed
-
Bublick started following MANYVIDS.COM EXPLOIT - GET ALL VIDEOS FOR FREE
-
Bludit version 3.13.0 suffers from a cross site scripting vulnerability.View the full article
-
Craft CMS version 4.4.14 suffers from an unauthenticated remote code execution vulnerability.View the full article
-
Orange Station version 1.0 suffers from a remote shell upload vulnerability.View the full article
-
Nagios XI versions 2024R1.01 suffers from a remote SQL injection vulnerability.View the full article
-
MobileShop Master version 1.0 suffers from a remote SQL injection vulnerability.View the full article
-
LBT-T300-mini1 suffers from a remote buffer overflow vulnerability.View the full article
-
dz_ibo started following Dazn Fucker - Dazn Checker + Capture