I will try to write some walk-through for HTB boxes as a practice for my OSCP exam and record for myself. First as usual I start with running Nmap to discover more information about this remote server. nmap -sC -sV -O -oN nmap/Buff 10.10.10.198 There is a Apache web server […]
Testing Apache Unomi Remote Code Execution (CVE-2020-13942) PoC
Reference: https://www.checkmarx.com/blog/apache-unomi-cve-2020-13942-rce-vulnerabilities-discovered/https://twitter.com/pyn3rd/status/1328920545442680837 Popup a calculator on the machine
testing CVE-2020-13958 PoC
Reference : https://github.com/irsl/apache-openoffice-rce-via-uno-links
WebLogic Pre-Auth RCE (cve-2020-14882) PoC exploit
Reference : 1. https://testbnull.medium.com/weblogic-rce-by-only-one-get-request-cve-2020-14882-analysis-6e4b09981dbf 2. https://github.com/jas502n/CVE-2020-14882 (bypass patch) cve-2020-14882 is a pre-auth RCE vulnerability in WebLogic discovered by voidfyoo of Chaitin Security Research Lab. This is a high impact and easy to exploit vulnerability. Wrote a poc exploit to pop up calculator on target server
YT mp3 Downloader
Wrote a python script for myself to download mp3/music from YouTube.Use python3 + Qt5 to give the script to have cross-platform and GUI ability. Tested on: Win 10 and Kali Linux.
line bot by python script
Wrote this line bot to gather the daily information from the pandemic status site.