CVE-2021-26084 - Confluence Pre-Auth RCE OGNL injection

Last update: Jul 20, 2022

Overview

CVE-2021-26084 - Confluence Pre-Auth RCE OGNL injection

Usage

usage: cve-2021-26084_confluence_rce.py [-h] --url URL [--cmd CMD] [--shell]

CVE-2021-26084 - Confluence Pre-Auth RCE OGNL injection

optional arguments:
  -h, --help         show this help message and exit
  --url URL, -u URL  Target Url
  --cmd CMD, -c CMD  Command
  --shell            Get shell

python3 cve-2021-26084_confluence_rce.py -u http://target:8090 -c "whoami"

python3 cve-2021-26084_confluence_rce.py -u http://target:8090 -c "cmd.exe /c dir"

GetShsell

python3 cve-2021-26084_confluence_rce.py -u http://target:8090 --shell

Reference:

https://github.com/httpvoid/writeups/blob/main/Confluence-RCE.md

Owner

r0cky

GitHub Repository

Meterpreter Reverse shell over TOR network using hidden services

Poiana Reverse shell over TOR network using hidden services Features - Create a hidden service - Generate non-staged payload (python/meterpreter_rev

80 Dec 21, 2022

TOOLS CRACK FACEBOOK

Installation $ pkg update && pkg upgrade $ pkg install python2 $ pkg install git $ git clone https://github.com/Mark-Zuck/zafi $ cd zafi $ pip2 instal

50 Dec 26, 2022

Obfuscate ip address using different encodings

ipobfuscator How it works? Single ip address can be written in multiple ways. The most popular way is to represent ip as 4 octets separated with dots.

1 Nov 02, 2021

An automated, reliable scanner for the Log4Shell (CVE-2021-44228) vulnerability.

Log4JHunt An automated, reliable scanner for the Log4Shell CVE-2021-44228 vulnerability. Video demo: Usage Here the help usage: $ python3 log4jhunt.py

39 Nov 21, 2022

Writeups for wtf-CTF hosted by Manipal Information Security Team as part of Techweek2021- INCOGNITO

wtf-CTF_Writeups Table of Contents Table of Contents Crypto Misc Reverse Pwn Web Crypto wtf_Bot Author: Madjelly Join the discord server!You know how

6 Jun 07, 2021

IDA Python Script for anti ollvm

62 Dec 23, 2022

Python script that sends CVE-2021-44228 log4j payload requests to url list

scan4log4j Python script that sends CVE-2021-44228 log4j payload requests to url list [VERY BETA] using Supply your url list to urls.txt Put your payl

5 Nov 09, 2022

这次是可可萝病毒！

可可萝病毒！事情是这样的，我又开始不干正事了。众所周知，在Python里，0x0等于0，但是不等于可可萝。这很不好，我们得把它改成可可萝！效果一般的Python—— Python 3.8.0 (tags/v3.8.0:fa919fd, Oct 14 2019, 19:37:50) [MSC

29 Jul 14, 2022

A honey token manager and alert system for AWS.

SpaceSiren SpaceSiren is a honey token manager and alert system for AWS. With this fully serverless application, you can create and manage honey token

287 Nov 09, 2022

Buffer Overflow para SLmail5.5 32 bits

SLmail5.5-Exploit-BoF Buffer Overflow para SLmail5.5 32 bits con un par de utilidades para que puedas hacer el tuyo REQUISITOS PARA QUE FUNCIONE: Desa

15 Jul 30, 2022

Abusing Microsoft 365 OAuth Authorization Flow for Phishing Attack

O365DevicePhish Microsoft365_devicePhish Abusing Microsoft 365 OAuth Authorization Flow for Phishing Attack This is a simple proof-of-concept script t

4 Sep 23, 2022

Tor Relay availability checker, for using it as a bridge in countries with censorship

Tor Relay Availability Checker This small script downloads all Tor Relay IP addresses from onionoo.torproject.org and checks whether random Relays are

161 Dec 30, 2022

An IDA pro python script to decrypt Qbot malware string

Qbot-Strings-Decrypter An IDA pro python script to decrypt Qbot malware strings.

6 Sep 01, 2022

Official repository for Pyew.

pyew Pyew is a (command line) python tool to analyse malware. It does have support for hexadecimal viewing, disassembly (Intel 16, 32 and 64 bits), PE

362 Nov 28, 2022

A Fast Broken Link Hijacker Tool written in Python

Broken Link Hijacker BrokenLinkHijacker(BLH) is a Fast Broken Link Hijacker Tool written in Python.

70 Nov 30, 2022

A python script to turn Ubuntu Desktop in a one stop security platform. The InfoSec Fortress installs the packages,tools, and resources to make Ubuntu 20.04 capable of both offensive and defensive security work.

infosec-fortress A python script to turn Ubuntu Desktop into a strong DFIR/RE System with some teeth (Purple Team Ops)! This is intended to create a s

41 Dec 30, 2022

CVE-2021-26084 - Confluence Pre-Auth RCE OGNL injection

Related tags

Overview

CVE-2021-26084 - Confluence Pre-Auth RCE OGNL injection

Usage

GetShsell

Reference:

Owner

r0cky

Meterpreter Reverse shell over TOR network using hidden services

TOOLS CRACK FACEBOOK

Obfuscate ip address using different encodings

An automated, reliable scanner for the Log4Shell (CVE-2021-44228) vulnerability.

Writeups for wtf-CTF hosted by Manipal Information Security Team as part of Techweek2021- INCOGNITO

IDA Python Script for anti ollvm

Python script that sends CVE-2021-44228 log4j payload requests to url list

这次是可可萝病毒！

A honey token manager and alert system for AWS.

Buffer Overflow para SLmail5.5 32 bits

Abusing Microsoft 365 OAuth Authorization Flow for Phishing Attack

Tor Relay availability checker, for using it as a bridge in countries with censorship

An IDA pro python script to decrypt Qbot malware string

Official repository for Pyew.

A Fast Broken Link Hijacker Tool written in Python

A python script to turn Ubuntu Desktop in a one stop security platform. The InfoSec Fortress installs the packages,tools, and resources to make Ubuntu 20.04 capable of both offensive and defensive security work.

A terminal based web shell controller

Tools ini digunakan untuk krekk pacebuk:v

A simple python script to dump remote files through a local file read or local file inclusion web vulnerability.

Brute-Force-Connected