what you don't know can hurt you

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 2 of 2

Files from w3bd3vil

BioTime Directory Traversal / Remote Code Execution

Posted Apr 1, 2024

Authored by w3bd3vil

BioTime versions 8.5.5 and 9.0.1 suffer from directory traversal and file write vulnerabilities. This exploit also achieves remote code execution on version 8.5.5.

tags | exploit, remote, vulnerability, code execution

SHA-256 | 559624309c6e53a8b2b0a2a02ff69a214f19c0f9c1031ae40784ea114742841e

Download | Favorite | View

VMware vCenter Server Unauthenticated Log4Shell JNDI Injection Remote Code Execution

Posted Jan 20, 2022

Authored by Spencer McIntyre, RageLtMan, jbaines-r7, w3bd3vil | Site metasploit.com

VMware vCenter Server is affected by the Log4Shell vulnerability whereby a JNDI string can be sent to the server that will cause it to connect to the attacker and deserialize a malicious Java object. This results in OS command execution in the context of the root user in the case of the Linux virtual appliance and SYSTEM on Windows. This Metasploit module will start an LDAP server that the target will need to connect to. This exploit uses the logon page vector.

tags | exploit, java, root

systems | linux, windows

advisories | CVE-2021-44228

SHA-256 | a640959afe63b432e9f52c735f5ef2799a3bab57bd19790c2fcebb608d3e3a86

Download | Favorite | View