.webp.8407a83ac96563f75e1c428a1f0d4c3e.webp)
.webp.9a04cec050a656fab081ac190f971c3f.webp)
Search the Community
Showing results for tags 'credential'.
-
Credential Digger is a GitHub scanning tool that identifies hardcoded credentials (Passwords, API Keys, Secret Keys, Tokens, personal information, etc), filtering the false positive data through machine learning models. It supports Python 3.6 and works only with LINUX systems. Architecture Credential Digger finds credentials hardcoded in a repository. The tool is composed of: Postgres database Python client User interface [hide][Hidden Content]]
-
- 2
-
-
- credential
- digger:
- (and 3 more)
-
Chalumeau is automated,extendable and customizable credential dumping tool based on powershell and python. Main Features Write your own Payloads In-Memory execution Extract Password List Dashboard reporting / Web Interface Parsing Mimikatz Dumping Tickets Known Issues Parsing Mimikatz dcsync (working on fix) Bypassing Antivirus and EDRs , you will need to maintain your payloads TODO Encrypted Communication Automated Lateral movement Automated Password Spraying Automated Hash Cracking [hide][Hidden Content]] -
The Carel pCOWeb card stores password hashes in the file /etc/passwd, allowing privilege escalation by authenticated users. Additionally, plaintext copies of the passwords are stored. Version A 1.4.11 - B 1.4.2 is affected. View the full article -
Hisilicon HiIpcam V100R003 suffers from a remote credential disclosure vulnerability. View the full article
-
Western Digital My Book World II NAS versions 1.02.12 and below have a hard-coded ssh credential that allows for remote command execution. View the full article
-
Exploits LastPass Credential Leak From Previous Site
1337day-Exploits posted a topic in Updated Exploits
LastPass suffers from an issue where bypassing do_popupregister() leaks credentials from the previous site. View the full article-
- 3
-
-
- lastpass
- credential
- (and 4 more)
-
Exploits FortiOS 5.6.7 / 6.0.4 Credential Disclosure
1337day-Exploits posted a topic in Updated Exploits
FortiOS versions 5.6.3 through 5.6.7 and 6.0.0 through 6.0.4 suffer from a credential disclosure vulnerability. View the full article -
Exploits FortiOS 5.6.7 / 6.0.4 Credential Disclosure
1337day-Exploits posted a topic in Updated Exploits
This Metasploit module exploits FortiOS versions 5.6.3 through 5.6.7 and 6.0.0 through 6.0.4 to leverage a credential disclosure vulnerability by reading the /dev/cmdb/sslvpn_websession file. View the full article -
WolfVision Cynap versions 1.18g and 1.28j suffer from a hardcoded credential vulnerability. View the full article
-
FaceSentry Access Control System version 6.4.8 suffers from a cleartext transmission of sensitive information. This allows a remote attacker to intercept the HTTP Cookie authentication credentials via a man-in-the-middle attack. View the full article
-
Telus Actiontec T2200H with firmware T2200H-31.128L.08 suffers from a credential disclosure vulnerability. An HTTP interface used by wireless extenders to pull the modem's wifi settings uses DHCP client-provided option values to restrict access to this API. By forging DHCP packets, one can access this interface without any authentication and obtain details such as SSID name, encryption type, and WPA/WEP keys. This can be leveraged if an attacker is on the same Layer 2 network as the modem. View the full article
-
Amcrest IPM-721S suffers from credential disclosure, privilege escalation, and a long list of other vulnerabilities. View the full article
-
Just the code of my OSINT bot searching for sensitive data leaks on different paste sites. Search terms: credentials private RSA keys Wordpress configuration files MySQL connect strings onion links links to files hosted inside the onion network (PDF, DOC, DOCX, XLS, XLSX) [HIDE][Hidden Content]]
-
Administrative credentials submitted to the Arris Touchstone TG1672 are sent over HTTP base64 encoded in a GET request. View the full article
-
Exploits Avast Anti-Virus Local Credential Disclosure
1337day-Exploits posted a topic in Updated Exploits
Avast Anti-Virus versions prior to 19.1.2360 suffer from a local credential disclosure vulnerability. View the full article-
- 1
-
-
- avast
- anti-virus
- (and 3 more)
-
Exploits BEWARD Intercom 2.3.1 Credential Disclosure
1337day-Exploits posted a topic in Updated Exploits
BEWARD Intercom version 2.3.1 suffers from a credential disclosure vulnerability. View the full article -
Exploits FortiGate FortiOS LDAP Credential Disclosure
1337day-Exploits posted a topic in Updated Exploits
FortiGate FortiOS versions prior to 6.0.3 suffer from an LDAP credential disclosure vulnerability. View the full article -
D-Link DIR-140L and DIR-640L suffer from an administrative credential disclosure vulnerability. View the full article
-
D-Link DSL-2770L, DIR-140L, DIR-640L, DWR-116, DWR-512, DWR-555, and DWR-921 all suffer from an administrative credential disclosure vulnerability. View the full article
-
D-Link DSL-2770L suffers from an administrative credential disclosure vulnerability. View the full article
-
NETGEAR WiFi Router R6120 suffers from a credential disclosure vulnerability. View the full article
-
Exploits ZyXEL VMG3312-B10B Credential Disclosure
1337day-Exploits posted a topic in Updated Exploits
ZyXEL VMG3312-B10B versions prior to 1.00 (AAPP.7) suffer from a credential disclosure vulnerability. View the full article -
Exploits CirCarLife SCADA 4.3.0 Credential Disclosure
1337day-Exploits posted a topic in Updated Exploits
CirCarLife SCADA version 4.3.0 suffers from a credential disclosure vulnerability. View the full article -
SynaMan version 4.0 build 1488 suffers from an SMTP credential disclosure vulnerability. View the full article
-
This Metasploit module gathers phpMyAdmin credentials from a target linux machine. View the full article
itsMe