In JetBrains TeamCity before 2023.11.4 allows for authentication bypass and the arbitrary creation of a user with admin privileges.All credit goes to the original creator of the exploit , github repo available in the video. Use responsibly.
Temporal (temporal.io) is an open-source platform that simplifies application development by enhancing reliability. It automates retries and manages timeouts to address issues like network outages and service unresponsiveness. The platform allows for the definition of workflows and activities, reducing code complexity.Used by companies like Snap Engineering, Temporal provides a robust foundation for building scalable and resilient applications. the web UI is often misconfigured to allow unauthenticated attackers to access the admin dashboard without prior authentication.
fofa dork : icon_hash:"557327884"
Target enum: nuclei -t unauth-temporal-web-ui.yaml -u 10.10.10.10
#temporal #unauthorized #vulnerability
...
https://www.youtube.com/watch?v=8s-WHSoG4AQ
A vulnerability has been identified in Oracle E-Business Suite, specifically in the "Manage Proxies" component. The affected version is 12.2. This easily exploitable flaw permits unauthenticated attackers with network access via HTTP to compromise the suite. Successful exploitation can lead to unauthorized access to vital data or full access to all data within Oracle E-Business Suite. While authentication is necessary for a successful attack, users can self-register, lowering the security threshold.
Shodan dork : http.title:"Login" "X-ORACLE-DMS-ECID" 200
Target enum : nuclei -t CVE-2022-21500.yaml -u 10.10.10.10
#oracle #authbypass #cve #bugbountytips
...
https://www.youtube.com/watch?v=vh9atLgUPLs
CirCarlife Scada represents an integral software solution that focuses on the control and parameterisation of smart electric vehicle charging points and units. It gives centralised control of the whole installation for management and maintenance purposes.CirCarLife Scada before 4.3 allows remote attackers to obtain sensitive information via a direct request for the html/log or services/system/info.html URI.
Fofa dork : "CirCarLife"
Nuclei: sudo nuclei -t CVE-2018-12634.yaml -u http://10.10.10.10
#scada #evchargers #iot #CVE-2018-12634
...
https://www.youtube.com/watch?v=IF2qUDRh3Dw
ICS NMAP #6 : ProCOnOS Enumeration
PROCONOS (Process Control Operating System) is a real-time operating system developed by the company Digital Electronics Corporation. It is commonly used in industrial automation for controlling processes and machinery. PROCONOS provides a stable and reliable platform for programming and executing control applications. It supports various programming languages such as ladder logic and structured text, making it versatile for different automation tasks. With features like deterministic execution and communication capabilities, PROCONOS ensures precise control and monitoring of industrial processes. It is often utilized in sectors such as manufacturing, energy, and infrastructure for its robust performance and scalability.
NMAP script : nmap --script proconos-info -p 20547 10.10.10.10
#IoT #nmap #ProConOS #OT #pentesting
...
https://www.youtube.com/watch?v=zXuFFTe1JQU
CVE-2023-34039 ,Aria Operations for Networks contains an Authentication Bypass vulnerability due to a lack of unique cryptographic key generation. A malicious actor with network access to Aria Operations for Networks could bypass SSH authentication to gain access to the Aria Operations for Networks CLI.
Fofa query: "VMWare Aria"
Target Enum: nuclei -t CVE-2023-34039.yaml -u 10.10.10.10
Exploit: python3 exploit.py -t http://10.10.10.10.
https://github.com/sinsinology/CVE-2023-34039
#cve-2023-34039 #auth_bypass #vmware
...
https://www.youtube.com/watch?v=v5E_T5EkG3I
ICS NMAP #4 : Red Lion Controls CR3 PLC Enumeration
Red Lion Controls CR3 PLC is a programmable logic controller designed for industrial automation applications. It offers a compact and rugged design suitable for harsh environments. The CR3 PLC supports various communication protocols, including Modbus, EtherNet/IP, and ASCII, facilitating integration with diverse systems and devices. With its intuitive programming software, users can easily create and deploy automation logic using ladder logic and function block diagrams. The CR3 PLC provides reliable control and monitoring capabilities, enabling efficient operation and optimization of industrial processes.
NMAP script : nmap --script cr3-fingerprint -sU -p 789 10.10.10.10
#IoT #nmap #redlion-controls #cr3 #pentesting
...
https://www.youtube.com/watch?v=dSJsngjCWd4
Fujitsu Real-time Video Transmission Gear “IP series” use hard-coded credentials, which may allow a remote unauthenticated attacker to initialize or reboot the products, and as a result, terminate the video transmission. The credentials cannot be changed by the end-user and provide administrative access to the devices.
Fofa query: "thttpd/2.25b 29dec2003"
Target enum : nuclei -t CVE-2023-38433.yaml -u 10.10.10.10
#cve-2023-38433 #fujitsu #iot
...
https://www.youtube.com/watch?v=upZvB5Fl2Ro