Leaderboard

CVE-2022-33679 One day based on https://googleprojectzero.blogspot.com/2022/10/rc4-is-still-considered-harmful.html Usage usage: CVE-2022-33079.py [-h] [-ts] [-debug] [-dc-ip ip address] target serverName Example Sursa: https://github.com/Bdenneu/CVE-2022-33679

(CVE-2022-41352) Zimbra Unauthenticated RCE CVE-2022-41352 is an arbitrary file write vulnerability in Zimbra mail servers due to the use of a vulnerable cpio version. CVE-2022-41352 (NIST.gov) CVE-2022-41352 (Rapid7 Analysis) Affected Zimbra versions: Zimbra <9.0.0.p27 Zimbra <8.8.15.p34 (Refer to the patch notes for more details.) Remediation: In order to fix the vulnerability apply the latest patch (9.0.0.p27 and 8.8.15.p34 respectively) - or install pax and restart the server. Usage: You can either use flags or manipulate the default configuration in the script manually (config block at the top). Use -h for help. $ python cve-2022-41352.py -h $ vi cve-2022-41352.py # Change the config items. $ python cve-2022-41352.py manual # This will create an attachment that you can then send to the target server. # The recipient does not necessarily have to exist - if the email with the attachment is parsed by the server the arbitrary file write in cpio will be triggered. Example: Demo: zimbra-rce-demo-cve-2022-41352.mp4 About Zimbra <9.0.0.p27 RCE Sursa: https://github.com/Cr4ckC4t/cve-2022-41352-zimbra-rce

https://rustdesk.com/

Va salut si respect, all RST veterans & beginners, I'm here for all I can learn from you guys, I love everything 0's and 1's have to offer.