mirror/PoC-in-GitHub
1
0
Fork 0
mirror of https://github.com/nomi-sec/PoC-in-GitHub.git synced 2025-01-29 02:54:10 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Auto Update 2023/09/04 00:29:17

Browse source
This commit is contained in:
motikan2010-bot 2023-09-04 09:29:17 +09:00
parent 51c7679c61
commit 44f7398170
19 changed files with 196 additions and 107 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
2014/CVE-2014-0160.json
View file

@ -13,10 +13,10 @@
"description": "A checker (site and tool) for CVE-2014-0160",
"fork": false,
"created_at": "2014-04-07T23:03:09Z",
"updated_at": "2023-09-02T03:15:44Z",
"updated_at": "2023-09-03T18:50:51Z",
"pushed_at": "2021-02-24T09:17:24Z",
"stargazers_count": 2298,
"watchers_count": 2298,
"stargazers_count": 2299,
"watchers_count": 2299,
"has_discussions": false,
"forks_count": 489,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 489,
"watchers": 2298,
"watchers": 2299,
"score": 0,
"subscribers_count": 118
},

8
2020/CVE-2020-0787.json
View file

@ -13,10 +13,10 @@
"description": "Support ALL Windows Version",
"fork": false,
"created_at": "2020-06-16T08:57:51Z",
"updated_at": "2023-09-01T09:05:57Z",
"updated_at": "2023-09-03T21:46:50Z",
"pushed_at": "2020-09-11T07:38:22Z",
"stargazers_count": 692,
"watchers_count": 692,
"stargazers_count": 693,
"watchers_count": 693,
"has_discussions": false,
"forks_count": 175,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 175,
"watchers": 692,
"watchers": 693,
"score": 0,
"subscribers_count": 18
},

38
2020/CVE-2020-1472.json
View file

@ -1853,44 +1853,6 @@
"score": 0,
"subscribers_count": 1
},
{
"id": 606729349,
"name": "zero-effort",
"full_name": "n3rada\/zero-effort",
"owner": {
"login": "n3rada",
"id": 72791564,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72791564?v=4",
"html_url": "https:\/\/github.com\/n3rada"
},
"html_url": "https:\/\/github.com\/n3rada\/zero-effort",
"description": "Exploiting CVE-2020-1472 vulnerability (a.k.a Zerologon) without effort.",
"fork": false,
"created_at": "2023-02-26T11:49:44Z",
"updated_at": "2023-03-06T10:23:44Z",
"pushed_at": "2023-08-18T16:55:04Z",
"stargazers_count": 2,
"watchers_count": 2,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [
"active-directory",
"cve-2020-1472",
"evil-winrm",
"exploit",
"impacket-secretsdump",
"windows",
"zerologon"
],
"visibility": "public",
"forks": 0,
"watchers": 2,
"score": 0,
"subscribers_count": 1
},
{
"id": 634597926,
"name": "CVE-2020-1472",

8
2020/CVE-2020-15368.json
View file

@ -13,10 +13,10 @@
"description": "CVE-2020-15368, aka \"How to exploit a vulnerable driver\"",
"fork": false,
"created_at": "2021-06-29T04:38:24Z",
"updated_at": "2023-08-27T12:12:13Z",
"updated_at": "2023-09-03T21:13:54Z",
"pushed_at": "2022-04-14T03:17:44Z",
"stargazers_count": 387,
"watchers_count": 387,
"stargazers_count": 388,
"watchers_count": 388,
"has_discussions": false,
"forks_count": 43,
"allow_forking": true,
@ -30,7 +30,7 @@
],
"visibility": "public",
"forks": 43,
"watchers": 387,
"watchers": 388,
"score": 0,
"subscribers_count": 7
}

2
2021/CVE-2021-43798.json
View file

@ -1138,6 +1138,6 @@
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
"subscribers_count": 1
}
]

8
2022/CVE-2022-0847.json
View file

@ -1185,10 +1185,10 @@
"description": "A collection of exploits and documentation that can be used to exploit the Linux Dirty Pipe vulnerability.",
"fork": false,
"created_at": "2022-03-12T20:57:24Z",
"updated_at": "2023-08-26T16:47:04Z",
"updated_at": "2023-09-03T21:40:50Z",
"pushed_at": "2023-05-20T05:55:45Z",
"stargazers_count": 440,
"watchers_count": 440,
"stargazers_count": 441,
"watchers_count": 441,
"has_discussions": false,
"forks_count": 129,
"allow_forking": true,
@ -1197,7 +1197,7 @@
"topics": [],
"visibility": "public",
"forks": 129,
"watchers": 440,
"watchers": 441,
"score": 0,
"subscribers_count": 15
},

8
2022/CVE-2022-20409.json
View file

@ -13,10 +13,10 @@
"description": "Android kernel exploitation for CVE-2022-20409",
"fork": false,
"created_at": "2022-11-21T22:42:50Z",
"updated_at": "2023-08-30T07:01:21Z",
"updated_at": "2023-09-03T19:51:46Z",
"pushed_at": "2023-08-05T20:56:12Z",
"stargazers_count": 113,
"watchers_count": 113,
"stargazers_count": 114,
"watchers_count": 114,
"has_discussions": false,
"forks_count": 15,
"allow_forking": true,
@ -28,7 +28,7 @@
],
"visibility": "public",
"forks": 15,
"watchers": 113,
"watchers": 114,
"score": 0,
"subscribers_count": 4
}

8
2022/CVE-2022-26134.json
View file

@ -158,10 +158,10 @@
"description": "CVE-2022-26134 Proof of Concept",
"fork": false,
"created_at": "2022-06-03T13:59:19Z",
"updated_at": "2023-08-16T05:38:31Z",
"updated_at": "2023-09-03T20:30:54Z",
"pushed_at": "2022-06-06T16:38:49Z",
"stargazers_count": 151,
"watchers_count": 151,
"stargazers_count": 152,
"watchers_count": 152,
"has_discussions": false,
"forks_count": 47,
"allow_forking": true,
@ -174,7 +174,7 @@
],
"visibility": "public",
"forks": 47,
"watchers": 151,
"watchers": 152,
"score": 0,
"subscribers_count": 1
},

8
2022/CVE-2022-26923.json
View file

@ -43,10 +43,10 @@
"description": "The vulnerability allowed a low-privileged user to escalate privileges to domain administrator in a default Active Directory environment with the Active Directory Certificate Services (AD CS) server role installed.",
"fork": false,
"created_at": "2022-05-14T09:27:06Z",
"updated_at": "2023-08-22T15:30:28Z",
"updated_at": "2023-09-03T20:29:41Z",
"pushed_at": "2022-05-14T20:56:39Z",
"stargazers_count": 38,
"watchers_count": 38,
"stargazers_count": 39,
"watchers_count": 39,
"has_discussions": false,
"forks_count": 14,
"allow_forking": true,
@ -55,7 +55,7 @@
"topics": [],
"visibility": "public",
"forks": 14,
"watchers": 38,
"watchers": 39,
"score": 0,
"subscribers_count": 4
},

8
2022/CVE-2022-31814.json
View file

@ -108,10 +108,10 @@
"description": "CVE-2022-31814",
"fork": false,
"created_at": "2023-03-05T00:56:14Z",
"updated_at": "2023-03-05T01:10:48Z",
"updated_at": "2023-09-03T19:37:24Z",
"pushed_at": "2023-03-05T01:07:54Z",
"stargazers_count": 0,
"watchers_count": 0,
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -130,7 +130,7 @@
],
"visibility": "public",
"forks": 0,
"watchers": 0,
"watchers": 1,
"score": 0,
"subscribers_count": 1
},

38
2022/CVE-2022-41082.json
View file

@ -13,10 +13,10 @@
"description": "Nmap scripts to detect exchange 0-day (CVE-2022-41082) vulnerability",
"fork": false,
"created_at": "2022-10-01T11:53:14Z",
"updated_at": "2023-07-30T01:29:26Z",
"updated_at": "2023-09-03T21:36:58Z",
"pushed_at": "2023-01-03T08:37:33Z",
"stargazers_count": 78,
"watchers_count": 78,
"stargazers_count": 79,
"watchers_count": 79,
"has_discussions": false,
"forks_count": 23,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 23,
"watchers": 78,
"watchers": 79,
"score": 0,
"subscribers_count": 1
},
@ -186,5 +186,35 @@
"watchers": 0,
"score": 0,
"subscribers_count": 1
},
{
"id": 686757637,
"name": "CVE-2022-41082",
"full_name": "SUPRAAA-1337\/CVE-2022-41082",
"owner": {
"login": "SUPRAAA-1337",
"id": 128395905,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/128395905?v=4",
"html_url": "https:\/\/github.com\/SUPRAAA-1337"
},
"html_url": "https:\/\/github.com\/SUPRAAA-1337\/CVE-2022-41082",
"description": null,
"fork": false,
"created_at": "2023-09-03T20:55:20Z",
"updated_at": "2023-09-03T21:35:10Z",
"pushed_at": "2023-09-03T21:02:22Z",
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 1,
"score": 0,
"subscribers_count": 0
}
]

8
2023/CVE-2023-0297.json
View file

@ -103,10 +103,10 @@
"description": null,
"fork": false,
"created_at": "2023-06-15T14:28:05Z",
"updated_at": "2023-06-15T21:36:25Z",
"updated_at": "2023-09-03T21:03:02Z",
"pushed_at": "2023-06-15T14:35:24Z",
"stargazers_count": 1,
"watchers_count": 1,
"stargazers_count": 2,
"watchers_count": 2,
"has_discussions": false,
"forks_count": 1,
"allow_forking": true,
@ -115,7 +115,7 @@
"topics": [],
"visibility": "public",
"forks": 1,
"watchers": 1,
"watchers": 2,
"score": 0,
"subscribers_count": 1
}

32
2023/CVE-2023-33831.json Normal file
View file

@ -0,0 +1,32 @@
[
{
"id": 686738266,
"name": "Unauthenticated-RCE-FUXA-CVE-2023-33831",
"full_name": "rodolfomarianocy\/Unauthenticated-RCE-FUXA-CVE-2023-33831",
"owner": {
"login": "rodolfomarianocy",
"id": 54555784,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54555784?v=4",
"html_url": "https:\/\/github.com\/rodolfomarianocy"
},
"html_url": "https:\/\/github.com\/rodolfomarianocy\/Unauthenticated-RCE-FUXA-CVE-2023-33831",
"description": null,
"fork": false,
"created_at": "2023-09-03T19:25:15Z",
"updated_at": "2023-09-03T19:28:13Z",
"pushed_at": "2023-09-03T19:34:57Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

12
2023/CVE-2023-34039.json
View file

@ -13,19 +13,19 @@
"description": "VMWare Aria Operations for Networks (vRealize Network Insight) Static SSH key RCE (CVE-2023-34039)",
"fork": false,
"created_at": "2023-09-01T16:17:10Z",
"updated_at": "2023-09-03T16:41:25Z",
"updated_at": "2023-09-03T22:44:54Z",
"pushed_at": "2023-09-01T16:21:56Z",
"stargazers_count": 23,
"watchers_count": 23,
"stargazers_count": 26,
"watchers_count": 26,
"has_discussions": false,
"forks_count": 8,
"forks_count": 9,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 8,
"watchers": 23,
"forks": 9,
"watchers": 26,
"score": 0,
"subscribers_count": 1
},

8
2023/CVE-2023-35001.json
View file

@ -13,10 +13,10 @@
"description": "Pwn2Own Vancouver 2023 Ubuntu LPE exploit",
"fork": false,
"created_at": "2023-09-01T07:41:23Z",
"updated_at": "2023-09-03T12:51:53Z",
"updated_at": "2023-09-03T23:22:41Z",
"pushed_at": "2023-09-01T07:48:43Z",
"stargazers_count": 38,
"watchers_count": 38,
"stargazers_count": 39,
"watchers_count": 39,
"has_discussions": false,
"forks_count": 7,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 7,
"watchers": 38,
"watchers": 39,
"score": 0,
"subscribers_count": 2
}

84
2023/CVE-2023-38831.json
View file

@ -43,10 +43,10 @@
"description": "CVE-2023-38831 winrar exploit generator",
"fork": false,
"created_at": "2023-08-25T09:44:08Z",
"updated_at": "2023-09-03T15:48:51Z",
"updated_at": "2023-09-03T22:36:54Z",
"pushed_at": "2023-08-30T14:20:43Z",
"stargazers_count": 547,
"watchers_count": 547,
"stargazers_count": 549,
"watchers_count": 549,
"has_discussions": false,
"forks_count": 84,
"allow_forking": true,
@ -59,7 +59,7 @@
],
"visibility": "public",
"forks": 84,
"watchers": 547,
"watchers": 549,
"score": 0,
"subscribers_count": 6
},
@ -137,10 +137,10 @@
"description": "An easy to install and easy to run tool for generating exploit payloads for CVE-2023-38831, WinRAR RCE before versions 6.23",
"fork": false,
"created_at": "2023-08-27T21:49:37Z",
"updated_at": "2023-09-02T18:22:33Z",
"updated_at": "2023-09-03T20:23:42Z",
"pushed_at": "2023-08-27T22:17:56Z",
"stargazers_count": 94,
"watchers_count": 94,
"stargazers_count": 95,
"watchers_count": 95,
"has_discussions": false,
"forks_count": 16,
"allow_forking": true,
@ -156,7 +156,7 @@
],
"visibility": "public",
"forks": 16,
"watchers": 94,
"watchers": 95,
"score": 0,
"subscribers_count": 1
},
@ -234,10 +234,10 @@
"description": "Understanding WinRAR Code Execution Vulnerability (CVE-2023-38831) ",
"fork": false,
"created_at": "2023-08-28T14:48:22Z",
"updated_at": "2023-09-02T11:58:37Z",
"updated_at": "2023-09-03T21:15:31Z",
"pushed_at": "2023-08-28T15:33:27Z",
"stargazers_count": 32,
"watchers_count": 32,
"stargazers_count": 34,
"watchers_count": 34,
"has_discussions": false,
"forks_count": 7,
"allow_forking": true,
@ -246,7 +246,7 @@
"topics": [],
"visibility": "public",
"forks": 7,
"watchers": 32,
"watchers": 34,
"score": 0,
"subscribers_count": 4
},
@ -661,5 +661,65 @@
"watchers": 0,
"score": 0,
"subscribers_count": 0
},
{
"id": 686761346,
"name": "WinRAR-CVE-2023-38831",
"full_name": "xaitax\/WinRAR-CVE-2023-38831",
"owner": {
"login": "xaitax",
"id": 5014849,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5014849?v=4",
"html_url": "https:\/\/github.com\/xaitax"
},
"html_url": "https:\/\/github.com\/xaitax\/WinRAR-CVE-2023-38831",
"description": "This module exploits a vulnerability in WinRAR (CVE-2023-38831). When a user opens a crafted RAR file and its embedded document, a script is executed, leading to code execution.",
"fork": false,
"created_at": "2023-09-03T21:14:05Z",
"updated_at": "2023-09-03T21:40:28Z",
"pushed_at": "2023-09-03T21:43:29Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
},
{
"id": 686761368,
"name": "CVE-2023-38831_WinRAR",
"full_name": "LuxCodeDev\/CVE-2023-38831_WinRAR",
"owner": {
"login": "LuxCodeDev",
"id": 130206074,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/130206074?v=4",
"html_url": "https:\/\/github.com\/LuxCodeDev"
},
"html_url": "https:\/\/github.com\/LuxCodeDev\/CVE-2023-38831_WinRAR",
"description": "Steps needed to obtain a reverse shell exploiting the winrar vulnerability CVE-2023-38831 in versions prior to 6.23.",
"fork": false,
"created_at": "2023-09-03T21:14:14Z",
"updated_at": "2023-09-03T21:17:38Z",
"pushed_at": "2023-09-03T21:17:35Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

8
2023/CVE-2023-41717.json
View file

@ -13,10 +13,10 @@
"description": "This repository is to provide a write-up and PoC for CVE-2023-41717.",
"fork": false,
"created_at": "2023-08-31T08:10:22Z",
"updated_at": "2023-09-03T15:51:32Z",
"updated_at": "2023-09-03T18:57:27Z",
"pushed_at": "2023-08-31T09:51:35Z",
"stargazers_count": 7,
"watchers_count": 7,
"stargazers_count": 8,
"watchers_count": 8,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 7,
"watchers": 8,
"score": 0,
"subscribers_count": 1
}

2
2023/CVE-2023-4596.json
View file

@ -14,7 +14,7 @@
"fork": false,
"created_at": "2023-08-30T22:40:10Z",
"updated_at": "2023-09-03T12:26:30Z",
"pushed_at": "2023-09-03T15:00:05Z",
"pushed_at": "2023-09-03T19:43:35Z",
"stargazers_count": 6,
"watchers_count": 6,
"has_discussions": false,

7
README.md
View file

@ -2331,6 +2331,9 @@
- [n3gox/CVE-2023-33829](https://github.com/n3gox/CVE-2023-33829)
- [CKevens/CVE-2023-33829-POC](https://github.com/CKevens/CVE-2023-33829-POC)
### CVE-2023-33831
- [rodolfomarianocy/Unauthenticated-RCE-FUXA-CVE-2023-33831](https://github.com/rodolfomarianocy/Unauthenticated-RCE-FUXA-CVE-2023-33831)
### CVE-2023-33977 (2023-06-06)
<code>Kiwi TCMS is an open source test management system for both manual and automated testing. Kiwi TCMS allows users to upload attachments to test plans, test cases, etc. Earlier versions of Kiwi TCMS had introduced upload validators in order to prevent potentially dangerous files from being uploaded and Content-Security-Policy definition to prevent cross-site-scripting attacks. The upload validation checks were not 100% robust which left the possibility to circumvent them and upload a potentially dangerous file which allows execution of arbitrary JavaScript in the browser. Additionally we've discovered that Nginx's `proxy_pass` directive will strip some headers negating protections built into Kiwi TCMS when served behind a reverse proxy. This issue has been addressed in version 12.4. Users are advised to upgrade. Users unable to upgrade who are serving Kiwi TCMS behind a reverse proxy should make sure that additional header values are still passed to the client browser. If they aren't redefining them inside the proxy configuration.
@ -2944,6 +2947,8 @@
- [asepsaepdin/CVE-2023-38831](https://github.com/asepsaepdin/CVE-2023-38831)
- [K3rnel-Dev/WinrarExploit](https://github.com/K3rnel-Dev/WinrarExploit)
- [Fa1c0n35/CVE-2023-38831-winrar-exploit](https://github.com/Fa1c0n35/CVE-2023-38831-winrar-exploit)
- [xaitax/WinRAR-CVE-2023-38831](https://github.com/xaitax/WinRAR-CVE-2023-38831)
- [LuxCodeDev/CVE-2023-38831_WinRAR](https://github.com/LuxCodeDev/CVE-2023-38831_WinRAR)
### CVE-2023-38836 (2023-08-21)
@ -8171,6 +8176,7 @@
- [balki97/OWASSRF-CVE-2022-41082-POC](https://github.com/balki97/OWASSRF-CVE-2022-41082-POC)
- [bigherocenter/CVE-2022-41082-POC](https://github.com/bigherocenter/CVE-2022-41082-POC)
- [notareaperbutDR34P3r/vuln-CVE-2022-41082](https://github.com/notareaperbutDR34P3r/vuln-CVE-2022-41082)
- [SUPRAAA-1337/CVE-2022-41082](https://github.com/SUPRAAA-1337/CVE-2022-41082)
### CVE-2022-41099 (2022-11-09)
@ -16527,7 +16533,6 @@
- [likeww/MassZeroLogon](https://github.com/likeww/MassZeroLogon)
- [dr4g0n23/CVE-2020-1472](https://github.com/dr4g0n23/CVE-2020-1472)
- [RicYaben/CVE-2020-1472-LAB](https://github.com/RicYaben/CVE-2020-1472-LAB)
- [n3rada/zero-effort](https://github.com/n3rada/zero-effort)
- [Akash7350/CVE-2020-1472](https://github.com/Akash7350/CVE-2020-1472)
- [G0urmetD/Zerologon-CVE-2020-1472](https://github.com/G0urmetD/Zerologon-CVE-2020-1472)
- [deadyP00l/ZeroLogon-to-Shell](https://github.com/deadyP00l/ZeroLogon-to-Shell)