what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 5 of 5 RSS Feed

Files from Takahiro Yokoyama

First Active2024-08-23
Last Active2024-11-21
Judge0 Sandbox Escape
Posted Nov 21, 2024
Authored by Takahiro Yokoyama | Site metasploit.com

Judge0 does not account for symlinks placed inside the sandbox directory, which can be leveraged by an attacker to write to arbitrary files and gain code execution outside of the sandbox.

tags | exploit, arbitrary, code execution
advisories | CVE-2024-28185, CVE-2024-28189
SHA-256 | a1ba2cf035b4baf95b438349ee60b5d61abfbe14ea74073871109b698ce41265
Linux OverlayFS Local Privilege Escalation
Posted Sep 27, 2024
Authored by Takahiro Yokoyama, xkaneiki, sxlmnwb | Site metasploit.com

This Metasploit module exploit targets the Linux kernel bug in OverlayFS. A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a local user to escalate their privileges on the system.

tags | exploit, kernel, local
systems | linux
advisories | CVE-2023-0386
SHA-256 | 6c56ce8217d90e114635700a314b8fcfb2c5a11cfda46c96a6c0e2d713c433bb
Ray Static Arbitrary File Read
Posted Aug 31, 2024
Authored by byt3bl33d3r, Takahiro Yokoyama, danmcinerney | Site metasploit.com

Ray versions prior to 2.8.1 are vulnerable to a local file inclusion vulnerability.

tags | exploit, local, file inclusion
advisories | CVE-2023-6020
SHA-256 | bd052a339883d4fb2b7584d0b637a7cf11576c8925a84f832d496feb70c87eff
Ray cpu_profile Command Injection
Posted Aug 23, 2024
Authored by sierrabearchell, byt3bl33d3r, Takahiro Yokoyama | Site metasploit.com

This Metasploit module demonstrates a command injection vulnerability in Ray via cpu_profile.

tags | exploit
advisories | CVE-2023-6019
SHA-256 | 8df2df72517b571d9dd8bd6cfcba7d7a0e2e3adcc491da6ac95c7d5c7f943993
Ray Agent Job Remote Code Execution
Posted Aug 23, 2024
Authored by sierrabearchell, byt3bl33d3r, Takahiro Yokoyama | Site metasploit.com

This Metasploit modules demonstrates remote code execution in Ray via the agent job submission endpoint. This is intended functionality as Ray's main purpose is executing arbitrary workloads. By default Ray has no authentication.

tags | exploit, remote, arbitrary, code execution
advisories | CVE-2023-48022
SHA-256 | 276fa27f2b7f4e3368e29c64a43eb5175c7a06d6b1f36b8ce2b8c3203b044082
Page 1 of 1
Back1Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    25 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close