Published By
Created On
7 Mar 2024 11:55:25 UTC
Transaction ID
Cost
Safe for Work
Free
Yes
Hacking pills #55 :CVE-2024-27198 TeamCity Authentication Bypass
In JetBrains TeamCity before 2023.11.4 allows for authentication bypass and the arbitrary creation of a user with admin privileges.All credit goes to the original creator of the exploit , github repo available in the video. Use responsibly.
Fofa query:app="JET_BRAINS-TeamCity"
Exploit: python3 exploit.py -t target_ip -u new_user -p new_password
#cve-2024 #Team-City #cve-2024-27198
...
https://www.youtube.com/watch?v=lbh8SNGIm8I
Fofa query:app="JET_BRAINS-TeamCity"
Exploit: python3 exploit.py -t target_ip -u new_user -p new_password
#cve-2024 #Team-City #cve-2024-27198
...
https://www.youtube.com/watch?v=lbh8SNGIm8I
Author
Content Type
Unspecified
video/mp4
Language
English
More from the publisher
Controlling
VIDEO
HACKI
hacking-pills-16-temporal-web-ui
Temporal (temporal.io) is an open-source platform that simplifies application development by enhancing reliability. It automates retries and manages timeouts to address issues like network outages and service unresponsiveness. The platform allows for the definition of workflows and activities, reducing code complexity.Used by companies like Snap Engineering, Temporal provides a robust foundation for building scalable and resilient applications. the web UI is often misconfigured to allow unauthenticated attackers to access the admin dashboard without prior authentication.
fofa dork : icon_hash:"557327884"
Target enum: nuclei -t unauth-temporal-web-ui.yaml -u 10.10.10.10
#temporal #unauthorized #vulnerability
...
https://www.youtube.com/watch?v=8s-WHSoG4AQ
Transaction
Created
1 month ago
Content Type
Language
video/mp4
English
Controlling
VIDEO
HACKI
hacking-pills-33-oracle-e-business-suite
A vulnerability has been identified in Oracle E-Business Suite, specifically in the "Manage Proxies" component. The affected version is 12.2. This easily exploitable flaw permits unauthenticated attackers with network access via HTTP to compromise the suite. Successful exploitation can lead to unauthorized access to vital data or full access to all data within Oracle E-Business Suite. While authentication is necessary for a successful attack, users can self-register, lowering the security threshold.
Shodan dork : http.title:"Login" "X-ORACLE-DMS-ECID" 200
Target enum : nuclei -t CVE-2022-21500.yaml -u 10.10.10.10
#oracle #authbypass #cve #bugbountytips
...
https://www.youtube.com/watch?v=vh9atLgUPLs
Transaction
Created
1 month ago
Content Type
Language
video/mp4
English
Controlling
VIDEO
HACKI
hacking-pills-2-circarlife-scada
CirCarlife Scada represents an integral software solution that focuses on the control and parameterisation of smart electric vehicle charging points and units. It gives centralised control of the whole installation for management and maintenance purposes.CirCarLife Scada before 4.3 allows remote attackers to obtain sensitive information via a direct request for the html/log or services/system/info.html URI.
Fofa dork : "CirCarLife"
Nuclei: sudo nuclei -t CVE-2018-12634.yaml -u http://10.10.10.10
#scada #evchargers #iot #CVE-2018-12634
...
https://www.youtube.com/watch?v=IF2qUDRh3Dw
Transaction
Created
1 month ago
Content Type
Language
video/mp4
English
Controlling
VIDEO
ICS N
ics-nmap-6-proconos-enumeration
ICS NMAP #6 : ProCOnOS Enumeration
PROCONOS (Process Control Operating System) is a real-time operating system developed by the company Digital Electronics Corporation. It is commonly used in industrial automation for controlling processes and machinery. PROCONOS provides a stable and reliable platform for programming and executing control applications. It supports various programming languages such as ladder logic and structured text, making it versatile for different automation tasks. With features like deterministic execution and communication capabilities, PROCONOS ensures precise control and monitoring of industrial processes. It is often utilized in sectors such as manufacturing, energy, and infrastructure for its robust performance and scalability.
NMAP script : nmap --script proconos-info -p 20547 10.10.10.10
#IoT #nmap #ProConOS #OT #pentesting
...
https://www.youtube.com/watch?v=zXuFFTe1JQU
Transaction
Created
1 month ago
Content Type
Language
video/mp4
English
Controlling
VIDEO
HACKI
hacking-pills-40-cve-2023-34039-vmware
CVE-2023-34039 ,Aria Operations for Networks contains an Authentication Bypass vulnerability due to a lack of unique cryptographic key generation. A malicious actor with network access to Aria Operations for Networks could bypass SSH authentication to gain access to the Aria Operations for Networks CLI.
Fofa query: "VMWare Aria"
Target Enum: nuclei -t CVE-2023-34039.yaml -u 10.10.10.10
Exploit: python3 exploit.py -t http://10.10.10.10.
https://github.com/sinsinology/CVE-2023-34039
#cve-2023-34039 #auth_bypass #vmware
...
https://www.youtube.com/watch?v=v5E_T5EkG3I
Transaction
Created
1 month ago
Content Type
Language
video/mp4
English
Controlling
VIDEO
HACKI
hacking-pills-17-cve-2023-35078-ivanti
CVE-2023-35078
Ivanti Endpoint Manager Mobile (EPMM), formerly MobileIron Core, through 11.10 allows remote attackers to obtain PII including Android work emails and passwords, add an administrative account, and change the configuration because of an authentication bypass, as exploited in the wild in July 2023.
A patch is available.
Shodan dork : http.favicon.hash:362091310
Fofa dork : icon_hash="362091310"
Target enum: nuclei -t CVE-2023-35078.yaml -u 10.10.10.10
Exploit: python3 cve_2023_35078_poc.py -t http://10.10.10.10:80
Exploit repo: https://github.com/vchan-in/CVE-2023-35078-Exploit-POC
Parsing Json : jq -r '.results[] | "\(.firstName), \(.lastName), \(.email), \(.androidWorkEmailAddress), \(.passwordHashSHA256)"' target_result.com.json | awk -F ', ' '{print "First Name: " $1 "\nLast Name: " $2 "\nEmail: " $3 "\nAndroid Work Email: " $4 "\nPassword Hash: " $5 "\n---"}'
#CVE-2023-35078 #ivanti #rce #androidhacking
...
https://www.youtube.com/watch?v=QXR_TiIEqDo
Transaction
Created
1 month ago
Content Type
Language
video/mp4
English
Controlling
VIDEO
ICS N
ics-nmap-4-red-lion-controls-cr3-plc
ICS NMAP #4 : Red Lion Controls CR3 PLC Enumeration
Red Lion Controls CR3 PLC is a programmable logic controller designed for industrial automation applications. It offers a compact and rugged design suitable for harsh environments. The CR3 PLC supports various communication protocols, including Modbus, EtherNet/IP, and ASCII, facilitating integration with diverse systems and devices. With its intuitive programming software, users can easily create and deploy automation logic using ladder logic and function block diagrams. The CR3 PLC provides reliable control and monitoring capabilities, enabling efficient operation and optimization of industrial processes.
NMAP script : nmap --script cr3-fingerprint -sU -p 789 10.10.10.10
#IoT #nmap #redlion-controls #cr3 #pentesting
...
https://www.youtube.com/watch?v=dSJsngjCWd4
Transaction
Created
1 month ago
Content Type
Language
video/mp4
English
Controlling
VIDEO
NMAP
nmap-nse-scripts-for-ics-scada
Collection of NMAP scripts and shodan dorks for OT/ICS SCADA Pentesting.
#nmap #nse_engine #ICS_pentesting
...
https://www.youtube.com/watch?v=Gw7qmhme1Ko
Transaction
Created
1 month ago
Content Type
Language
video/mp4
English
Controlling
VIDEO
HACKI
hacking-pills-37-cve-2023-38433-fujitsu
Fujitsu Real-time Video Transmission Gear “IP series” use hard-coded credentials, which may allow a remote unauthenticated attacker to initialize or reboot the products, and as a result, terminate the video transmission. The credentials cannot be changed by the end-user and provide administrative access to the devices.
Fofa query: "thttpd/2.25b 29dec2003"
Target enum : nuclei -t CVE-2023-38433.yaml -u 10.10.10.10
#cve-2023-38433 #fujitsu #iot
...
https://www.youtube.com/watch?v=upZvB5Fl2Ro
Transaction
Created
1 month ago
Content Type
Language
video/mp4
English