CVE-2021-21978 exp

Overview

CVE-2021-21978

CVE-2021-21978 RCE exp

影响版本 VMware View Planner Harness 4.X

与 CVE-2021-21978 类似,该漏洞可以在未授权访问的情况下,上传任意文件,并通过修改自带 py 脚本实现远程代码执行。 值得注意的是,执行命令是在 docker 容器中,并不是直接在系统中执行。

用法:

go run CVE-2021-21978.go -h  -c 

You might also like...
CVE-2021-26084 - Confluence Server Webwork OGNL injection (Pre-Auth RCE)

CVE-2021-26084 Proof of concept for CVE-2021-26084. Confluence Server Webwork OGNL injection (Pre-Auth RCE) Disclaimer This is for educational purpose

Proof-of-Concept tool for CVE-2021-29156, an LDAP injection vulnerability in ForgeRock OpenAM v13.0.0.

CVE-2021-29156 Proof-of-Concept (c) 2021 GuidePoint Security Charlton Trezevant [email protected] Background Today GuidePoint

A CVE-2021-22205 Gitlab RCE POC written in Golang

Golang-CVE-2021-22205-POC A bare bones CVE-2021-22205 Gitlab RCE POC written in Golang which affects Gitlab CE/EE 13.10.3 Gitlab CE/EE 13.9.6 Gitl

CVE-2021-22205 RCE

CVE-2021-22205 CVE-2021-22205 RCE 工具仅用于分享交流,切勿用于非授权测试,否则与作者无关 -R string VPS to load tools eg: -R 127.0.0.1:8083 -T string Tool nam

CVE 2021 41277

CVE-2021-41277 Usage 1. show help info ~/CVE-2021-41277 ❯ go run main.go -h Usage of main: -f string File containing li

CVE-2021-43798 - Grafana 8.x Path Traversal (Pre-Auth)

CVE-2021-43798 Grafana 8.x Path Traversal (Pre-Auth) All credits go to j0v and his tweet https://twitter.com/j0v0x0/status/1466845212626542607 Disclai

A small server for verifing if a given java program is succeptibel to CVE-2021-44228

CVE-2021-44228-Test-Server A small server for verifing if a given java program is succeptibel to CVE-2021-44228 Usage Build the program using go build

PoC for CVE-2021-41277

CVE-2021-41277 PoC Metabase is an open source data analytics platform. Local File Inclusion issue has been discovered in some versions of metabase. He

Scans files for .jars potentially vulnerable to Log4Shell (CVE-2021-44228) by inspecting the class paths inside the .jar.

log4shelldetect Scans a file or folder recursively for jar files that may be vulnerable to Log4Shell (CVE-2021-44228) by inspecting the class paths in

Owner
null
A FreeSWITCH specific scanning and exploitation toolkit for CVE-2021-37624 and CVE-2021-41157.

PewSWITCH A FreeSWITCH specific scanning and exploitation toolkit for CVE-2021-37624 and CVE-2021-41157. Related blog: https://0xinfection.github.io/p

Pinaki 24 Nov 2, 2022
Poc-cve-2021-4034 - PoC for CVE-2021-4034 dubbed pwnkit

poc-cve-2021-4034 PoC for CVE-2021-4034 dubbed pwnkit Compile exploit.go go buil

Daniele Linguaglossa 96 Nov 9, 2022
CVE-2021-4034 - A Golang implementation of clubby789's implementation of CVE-2021-4034

CVE-2021-4034 January 25, 2022 | An00bRektn This is a golang implementation of C

Ryan S. 10 Feb 3, 2022
CVE-2021-26855 exp

CVE-2021-26855 CVE-2021-26855 ssrf 简单利用 golang 练习 影响版本 Exchange Server 2013 小于 CU23 Exchange Server 2016 小于 CU18 Exchange Server 2019 小于 CU7 利用条件 该漏洞不

Justin Ryan 111 Sep 12, 2022
CVE-2021-26855 exp

CVE-2021-26855 CVE-2021-26855 ssrf 简单利用 golang 练习 影响版本 Exchange Server 2013 小于 CU23 Exchange Server 2016 小于 CU18 Exchange Server 2019 小于 CU7 利用条件 该漏洞不

Charlotte Zhang 111 Sep 12, 2022
A golang based exp for CVE-2021-4034 dubbed pwnkit (more features added......)

PwnKit-go-LPE (CVE-2021-4034) A golang based exp for CVE-2021-4034 dubbed pwnkit @@@@@@@ @@@ @@@ @@@ @@@ @@@ @@@ @@@ @@@ @@@@@@@

lUc1f3r11 4 Nov 9, 2022
A fast tool to mass scan for a vulnerability on Microsoft Exchange Server that allows an attacker bypassing the authentication and impersonating as the admin (CVE-2021-26855).

proxylogscan This tool to mass scan for a vulnerability on Microsoft Exchange Server that allows an attacker bypassing the authentication and imperson

dw1 142 Nov 10, 2022
Exploit for HiveNightmare - CVE-2021–36934

HiveNightmare this is a quick and dirty exploit for HiveNightmare (or SeriousSam) - CVE-2021–36934 This allows non administrator users to read the SAM

Christian Mehlmauer 56 Nov 9, 2022
CVE-2021-3449 OpenSSL denial-of-service exploit 👨🏻‍💻

CVE-2021-3449 OpenSSL <1.1.1k DoS exploit Usage: go run . -host hostname:port This program implements a proof-of-concept exploit of CVE-2021-3449 affe

Richard Patel 223 Nov 19, 2022
Confluence OGNL Injection [CVE-2021-26084].

CVE-2021-26084 this is a script written in golang to exploit Confluence OGNL Injection [CVE-2021-26084]. git clone https://github.com/march0s1as/CVE-

gv1_ 7 Apr 23, 2022