exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 16 of 16 RSS Feed

Files from redtimmysec

First Active2019-03-26
Last Active2021-04-19
Plantronics HUB 3.21 Privilege Escalation
Posted Apr 19, 2021
Authored by redtimmysec | Site redtimmy.com

Plantronics HUB versions 3.21 and below are affected by a privilege escalation vulnerability allowing any local unprivileged user to acquire elevated access rights and take full control of the system.

tags | advisory, local
SHA-256 | 0a0d514bc21c085cf9e640ba4c34a7d7923f5353e8e1fcd3aceb4c3803713a71
FortiSIEM 5.2.8 EL Injection / Remote Code Execution
Posted Oct 7, 2020
Authored by redtimmysec | Site redtimmy.com

FortiSIEM versions 5.2.8 and below are vulnerable to an unauthorized remote command execution vulnerability via Expression Language injection. This advisory notes that the Richsploit exploit can be leveraged to still achieve code execution.

tags | advisory, remote, code execution
SHA-256 | 41a7244cc155ca357017d0f400fa1ea31bc629fca173cb7784ea84fc938847b4
WordPress WP Courses 2.0.29 Information Disclosure / Authorization Bypass
Posted Sep 28, 2020
Authored by redtimmysec | Site redtimmy.com

WordPress WP Courses plugin versions 2.0.29 and below suffer from an issue that allows an unauthenticated attacker the ability to ex-filtrate all the content of courses through the WordPress REST API.

tags | advisory, info disclosure
SHA-256 | 1dc9c867a49c8ff76a931ea288460a80bbe8cba8bbb23f594818102315099698
Pulse Secure Windows Client Privilege Escalation
Posted Sep 4, 2020
Authored by redtimmysec | Site redtimmy.com

The Windows client for Pulse Secure versions prior to 9.1.6 have a TOCTOU bug that allows an attacker to escalate the privilege to NT_AUTHORITY\SYSTEM.

tags | exploit
systems | windows
advisories | CVE-2020-13162
SHA-256 | dca63b6d0e232c655c5aa1e46657175b0a75544592e4c07a004fd3566b85e29b
Pulse Secure Client For Windows Local Privilege Escalation
Posted Jun 16, 2020
Authored by Marco Ortisi, redtimmysec, Giuseppe Cali | Site redtimmy.com

Red Timmy Sec has discovered that Pulse Secure Client for Windows suffers from a local privilege escalation vulnerability in the PulseSecureService.exe service.

tags | advisory, local
systems | windows
advisories | CVE-2020-13162
SHA-256 | 5f5a0396cb9bd8b8918531a470f34efbfce05c416ca68a1d578867b7468c1362
Apache Tomcat CVE-2020-9484 Proof Of Concept
Posted Jun 3, 2020
Authored by redtimmysec, masahiro331

Apache Tomcat is affected by a Java deserialization vulnerability if the PersistentManager is configured as session manager. Successful exploitation requires the attacker to be able to upload an arbitrary file to the server. This archive includes a write up and proof of concept code from multiple researchers.

tags | exploit, java, arbitrary, proof of concept
advisories | CVE-2020-9484
SHA-256 | 5db34fe7e7adcdfc030cf05662a1514025c97b95bc660d4698e532b08ba58604
MicroStrategy Intelligence Server And Web 10.4 XSS / Disclosure / SSRF / Code Execution
Posted Apr 2, 2020
Authored by redtimmysec | Site redtimmy.com

MicroStrategy Intelligence Server and Web version 10.4 suffers from remote code execution, cross site scripting, server-side request forgery, and information disclosure vulnerabilities.

tags | exploit, remote, web, vulnerability, code execution, xss, info disclosure
advisories | CVE-2020-11450, CVE-2020-11451, CVE-2020-11452, CVE-2020-11453, CVE-2020-11454
SHA-256 | 2e452f25b0aabc3741eb00b4ee2e86d5d200045527146eae962c28cf79d36776
Oce Colorwave 500 CSRF / XSS / Authentication Bypass
Posted Mar 19, 2020
Authored by Marco Ortisi, redtimmysec, Giuseppe Cali

Oce Colorwave 500 printer suffers from authentication bypass, cross site request forgery, and cross site scripting vulnerabilities.

tags | advisory, vulnerability, xss, bypass, csrf
advisories | CVE-2020-10667, CVE-2020-10668, CVE-2020-10669, CVE-2020-10670, CVE-2020-10671
SHA-256 | cb5874cc976834228bc185741becb79371ed3b619e098dbdd4244f3a27610bf7
Richsploit RichFaces Exploitation Toolkit
Posted Mar 9, 2020
Authored by redtimmysec

This tool can be used to exploit vulnerable versions of RichFaces. It has payloads for 4 vulnerabilities that have been identified, which can lead to remote code execution via java deserialization and EL injection.

tags | exploit, tool, java, remote, vulnerability, code execution
advisories | CVE-2013-2165, CVE-2015-0279, CVE-2018-14667
SHA-256 | 648af6bc429ca530648d01005b86d127e64fe5a21538da847835939211cb2f63
Running Encrypted ELF Binaries In Memory
Posted Mar 4, 2020
Authored by Marco Ortisi, redtimmysec

Whitepaper called Blue Team vs. Red Team: How to run your encrypted binaries in memory and go undetected. This paper discusses the golden frieza project.

tags | paper
SHA-256 | 326178d7c2a2126ac27509f46a4346cfb02ff83ca3fc2a5d381a2e1d830ce3ec
Golden Frieza
Posted Mar 3, 2020
Authored by redtimmysec

Imagine finding yourself in a "hostile" environment, one where you cannot run exploits, tools, and applications without worrying about prying eyes spying on you, be they a legitimate system administrator, a colleague sharing an access with you or a software solution that scans the machine you are logged in to for malicious files. Your binary should live in encrypted form in the filesystem so that no static analysis would be possible even if identified and copied somewhere else. It should be only decrypted on the fly in memory when executed, so preventing dynamic analysis too, unless the decryption key is known. To experiment with such an idea Red Timmy Sec have created the "golden frieza" project.

tags | tool
systems | unix
SHA-256 | 41f188a8a31adc549c15b975f94febb25727777ba9bf32f0242c38f4b2c03bc0
SerialTweaker 1.1
Posted Feb 28, 2020
Authored by Stefan Broeder, redtimmysec

SerialTweaker is a tool that can be used to load a serialized object, change its contents, and reserialize it to a new serialized object with modified fields inside.

tags | tool
systems | unix
SHA-256 | f07b0cb7767fe9ecacd5cc0f2aacef08a3520cd39de4d809fae2a85d1b7c8bb0
Web Application Firewall Bypass Via Bluecoat Device
Posted Feb 17, 2020
Authored by redtimmysec

Whitepaper called Web Application Firewall Bypass via Bluecoat Device.

tags | paper, web
SHA-256 | a7866388d1501e972c85add7da1749c0587312eed8461805b75236def544a63f
EnumJavaLibs Java Classpath Enumerator
Posted Feb 14, 2020
Authored by redtimmysec | Site github.com

EnumJavaLibs is a tool that can be used to discover which libraries are loaded (i.e. available on the classpath) by a remote Java application when it supports deserialization.

tags | tool, java, remote, scanner
systems | unix
SHA-256 | da5559bc7f4710283fa54efb778574987ae6e5d69dd60d06904a9fadf495e067
OAMbuster Multi-Threaded CVE-2018-2879 Scanner
Posted Apr 17, 2019
Authored by redtimmysec | Site github.com

OAMbuster is a multi-threaded exploit for CVE-2018-2879.

tags | exploit
advisories | CVE-2018-2879
SHA-256 | b68302c74939716ec55aa081bbd6419f01985352ca4eb583f4c9417195876784
JMX RMI - Multiple Applications RCE
Posted Mar 26, 2019
Authored by redtimmysec

This whitepaper discusses highlights of findings related to remote code execution leveraging JMX/RMI.

tags | paper, remote, code execution
advisories | CVE-2018-11247, CVE-2018-8016, CVE-2019-7727
SHA-256 | c1c6d49b75e30398fa5a7dacd39a13e739823cc3f93d713506d4b6e32f8da33d
Page 1 of 1

File Archive:

November 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    1 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    0 Files
  • 5
    Nov 5th
    0 Files
  • 6
    Nov 6th
    0 Files
  • 7
    Nov 7th
    0 Files
  • 8
    Nov 8th
    0 Files
  • 9
    Nov 9th
    0 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    0 Files
  • 12
    Nov 12th
    0 Files
  • 13
    Nov 13th
    219 Files
  • 14
    Nov 14th
    19 Files
  • 15
    Nov 15th
    66 Files
  • 16
    Nov 16th
    38 Files
  • 17
    Nov 17th
    9 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    11 Files
  • 22
    Nov 22nd
    56 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    36 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    14 Files
  • 28
    Nov 28th
    30 Files
  • 29
    Nov 29th
    35 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2022 Packet Storm. All rights reserved.

Security Services
Hosting By