what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 8 of 8 RSS Feed

Files from AkkuS

First Active2020-04-27
Last Active2022-02-04
Servisnet Tessa Privilege Escalation
Posted Feb 4, 2022
Authored by AkkuS | Site metasploit.com

This Metasploit module exploits privilege escalation in Servisnet Tessa triggered by the add new sysadmin user flow with any user authorization. An API request to "/data-service/users/[userid]" with any low-authority user returns other users' information in response. The encrypted password information is included here, but privilege escalation is also possible with the active sessionid value.

tags | exploit
advisories | CVE-2022-22832
SHA-256 | 6e59726691f327427ec484da726b6a4c97e638187f4e7fb596cc5e0268c97f94
Servisnet Tessa MQTT Credential Disclosure
Posted Feb 4, 2022
Authored by AkkuS | Site metasploit.com

This Metasploit module exploits an MQTT credential disclosure vulnerability in Servisnet Tessa. The app.js is publicly available which acts as the backend of the application. By exposing a default value for the "Authorization" HTTP header, it is possible to make unauthenticated requests to some areas of the application. Even MQTT (Message Queuing Telemetry Transport) protocol connection information can be obtained with this method. A new admin user can be added to the database with this header obtained in the source code. The module tries to log in to the MQTT service with the credentials it has obtained and reflects the response it receives from the service.

tags | exploit, web, protocol, info disclosure
advisories | CVE-2022-22833
SHA-256 | a526a71a842e124933fbe29b7fe054817479987a1ba9b99072a7022c4655f1ae
Servisnet Tessa Authentication Bypass
Posted Feb 4, 2022
Authored by AkkuS | Site metasploit.com

This Metasploit module exploits an authentication bypass in Servisnet Tessa, triggered by add new sysadmin user. The app.js is publicly available which acts as the backend of the application. By exposing a default value for the "Authorization" HTTP header, it is possible to make unauthenticated requests to some areas of the application. Even MQTT (Message Queuing Telemetry Transport) protocol connection information can be obtained with this method. A new admin user can be added to the database with this header obtained in the source code.

tags | exploit, web, protocol
advisories | CVE-2022-22831
SHA-256 | 119c3c412df82f46d85f91b4ab7d2315fda2836a2057f29636ed9df61fe7a8bd
Ericsson Network Location MPS GMPC21 Privilege Escalation
Posted Nov 2, 2021
Authored by AkkuS | Site metasploit.com

This Metasploit module exploits a privilege escalation vulnerability in Ericsson Network Location Mobile Positioning Systems.

tags | exploit
SHA-256 | 284aef5590fcc1f10a26e571df512ffa20eb2f3e127bfd58c1acdecd315b6627
Ericsson Network Location MPS GMPC21 Remote Code Execution
Posted Nov 2, 2021
Authored by AkkuS | Site metasploit.com

This Metasploit module exploits an arbitrary command execution vulnerability in Ericsson Network Location Mobile Positioning Systems. The export feature in various parts of the application is vulnerable. It is a feature made for the information in the tables to be exported to the server and imported later when required. Export operations contain the file_name parameter. This parameter is assigned as a variable between the server commands on the backend side. It allows command injection.

tags | exploit, arbitrary
SHA-256 | 2b48b3265095eafaddacb4ff1e3bd8e6117f37acaa1faaf23e718d815e6acfc9
Netsia SEBA+ 0.16.1 Authentcation Bypass / Add Root User
Posted Jan 15, 2021
Authored by AkkuS | Site metasploit.com

This Metasploit module exploits an authentication bypass in Netsia SEBA+ versions 0.16.1 and below to add a root user.

tags | exploit, root, bypass
SHA-256 | 81d29e7b25d87b1af18dee2c03c87aac3764dda86e6ebd3821d3086bb0eb9503
Webmin 1.962 Remote Command Execution
Posted Dec 22, 2020
Authored by AkkuS | Site metasploit.com

This Metasploit module exploits an arbitrary command execution vulnerability in Webmin 1.962 and lower versions. Any user authorized to the Package Updates module can execute arbitrary commands with root privileges. It emerged by circumventing the measure taken for CVE-2019-12840.

tags | exploit, arbitrary, root
advisories | CVE-2020-35606
SHA-256 | 0b9d3eed2396c63f8c369c41bb33853aea8748348ce034096856277e638001d6
PHP-Fusion 9.03.50 Arbitrary File Upload
Posted Apr 27, 2020
Authored by Besim Altinok, Ismail Bozkurt, AkkuS

PHP-Fusion version 9.03.50 suffers from an arbitrary file upload vulnerability.

tags | exploit, arbitrary, php, file upload
SHA-256 | 69aa4aacb58fc312485978e341d93b5ea3b1cb194a17714065b2bf439c337cd5
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close