mirror/PoC-in-GitHub
1
0
Fork 0
mirror of https://github.com/nomi-sec/PoC-in-GitHub.git synced 2025-01-16 04:42:22 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Auto Update 2020/08/17 18:09:22

Browse source
This commit is contained in:
motikan2010-bot 2020-08-17 18:09:22 +09:00
parent 63cf4a9dd1
commit dc8f723602
18 changed files with 102 additions and 54 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
2012/CVE-2012-2982.json
View file

@ -13,8 +13,8 @@
"description": "This was converted from a metasploit module as an exercise for OSCP studying",
"fork": false,
"created_at": "2020-08-05T02:54:10Z",
"updated_at": "2020-08-07T00:25:30Z",
"pushed_at": "2020-08-07T00:25:28Z",
"updated_at": "2020-08-17T04:18:32Z",
"pushed_at": "2020-08-17T04:18:30Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,

4
2017/CVE-2017-0213.json
View file

@ -132,8 +132,8 @@
"pushed_at": "2018-04-17T23:14:39Z",
"stargazers_count": 1,
"watchers_count": 1,
"forks_count": 1,
"forks": 1,
"forks_count": 2,
"forks": 2,
"watchers": 1,
"score": 0
},

4
2017/CVE-2017-12635.json
View file

@ -36,8 +36,8 @@
"description": null,
"fork": false,
"created_at": "2020-06-19T20:48:28Z",
"updated_at": "2020-06-19T20:48:28Z",
"pushed_at": "2020-06-19T20:48:29Z",
"updated_at": "2020-08-17T08:39:21Z",
"pushed_at": "2020-08-17T08:39:18Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,

8
2018/CVE-2018-7600.json
View file

@ -36,13 +36,13 @@
"description": "Exploit for Drupal v7.x + v8.x (Drupalgeddon 2 \/ CVE-2018-7600 \/ SA-CORE-2018-002)",
"fork": false,
"created_at": "2018-04-12T22:53:14Z",
"updated_at": "2020-08-15T14:07:37Z",
"updated_at": "2020-08-17T07:24:20Z",
"pushed_at": "2019-03-13T07:11:23Z",
"stargazers_count": 430,
"watchers_count": 430,
"stargazers_count": 431,
"watchers_count": 431,
"forks_count": 142,
"forks": 142,
"watchers": 430,
"watchers": 431,
"score": 0
},
{

4
2018/CVE-2018-8639.json
View file

@ -40,8 +40,8 @@
"pushed_at": "2019-12-27T07:44:08Z",
"stargazers_count": 3,
"watchers_count": 3,
"forks_count": 2,
"forks": 2,
"forks_count": 3,
"forks": 3,
"watchers": 3,
"score": 0
}

23
2019/CVE-2019-13115.json
View file

@ -1,4 +1,27 @@
[
{
"id": 212638065,
"name": "Libssh2-Exploit",
"full_name": "viz27\/Libssh2-Exploit",
"owner": {
"login": "viz27",
"id": 9962088,
"avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/9962088?v=4",
"html_url": "https:\/\/github.com\/viz27"
},
"html_url": "https:\/\/github.com\/viz27\/Libssh2-Exploit",
"description": "Create an exploit to libssh2 vulnerabulity described in CVE-2019-13115",
"fork": false,
"created_at": "2019-10-03T17:26:08Z",
"updated_at": "2020-08-17T07:07:43Z",
"pushed_at": "2020-08-17T07:05:37Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"forks": 0,
"watchers": 0,
"score": 0
},
{
"id": 212644372,
"name": "libssh2-Exploit",

8
2019/CVE-2019-17558.json
View file

@ -36,13 +36,13 @@
"description": "Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本最新添加CVE-2020-5902、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340",
"fork": false,
"created_at": "2020-04-01T09:33:35Z",
"updated_at": "2020-08-15T17:07:38Z",
"updated_at": "2020-08-17T08:07:22Z",
"pushed_at": "2020-08-03T04:37:30Z",
"stargazers_count": 1491,
"watchers_count": 1491,
"stargazers_count": 1492,
"watchers_count": 1492,
"forks_count": 385,
"forks": 385,
"watchers": 1491,
"watchers": 1492,
"score": 0
},
{

8
2019/CVE-2019-17570.json
View file

@ -36,13 +36,13 @@
"description": "CVE-2019-17570 details and proof of concept",
"fork": false,
"created_at": "2020-01-24T11:32:18Z",
"updated_at": "2020-08-17T03:02:49Z",
"updated_at": "2020-08-17T03:17:57Z",
"pushed_at": "2020-06-15T22:01:13Z",
"stargazers_count": 73,
"watchers_count": 73,
"stargazers_count": 74,
"watchers_count": 74,
"forks_count": 7,
"forks": 7,
"watchers": 73,
"watchers": 74,
"score": 0
}
]

4
2020/CVE-2020-0787.json
View file

@ -17,8 +17,8 @@
"pushed_at": "2020-06-18T00:42:57Z",
"stargazers_count": 390,
"watchers_count": 390,
"forks_count": 93,
"forks": 93,
"forks_count": 94,
"forks": 94,
"watchers": 390,
"score": 0
}

12
2020/CVE-2020-0796.json
View file

@ -82,13 +82,13 @@
"description": "Scanner for CVE-2020-0796 - SMBv3 RCE",
"fork": false,
"created_at": "2020-03-11T15:21:27Z",
"updated_at": "2020-08-12T12:55:56Z",
"updated_at": "2020-08-17T03:13:23Z",
"pushed_at": "2020-03-13T09:54:16Z",
"stargazers_count": 520,
"watchers_count": 520,
"forks_count": 179,
"forks": 179,
"watchers": 520,
"stargazers_count": 521,
"watchers_count": 521,
"forks_count": 180,
"forks": 180,
"watchers": 521,
"score": 0
},
{

4
2020/CVE-2020-1.json
View file

@ -13,8 +13,8 @@
"description": "Telia Technicolor TG389ac v.17.1.7992 Samba privilege escalation exploit",
"fork": false,
"created_at": "2020-08-14T11:47:37Z",
"updated_at": "2020-08-15T09:55:41Z",
"pushed_at": "2020-08-14T17:50:56Z",
"updated_at": "2020-08-17T07:43:44Z",
"pushed_at": "2020-08-17T07:43:41Z",
"stargazers_count": 1,
"watchers_count": 1,
"forks_count": 1,

31
2020/CVE-2020-2551.json
View file

@ -59,13 +59,13 @@
"description": "how detect CVE-2020-2551 poc exploit python Weblogic RCE with IIOP",
"fork": false,
"created_at": "2020-01-19T13:01:32Z",
"updated_at": "2020-08-16T14:37:55Z",
"updated_at": "2020-08-17T03:43:31Z",
"pushed_at": "2020-05-22T08:46:20Z",
"stargazers_count": 136,
"watchers_count": 136,
"stargazers_count": 137,
"watchers_count": 137,
"forks_count": 31,
"forks": 31,
"watchers": 136,
"watchers": 137,
"score": 0
},
{
@ -91,6 +91,29 @@
"watchers": 24,
"score": 0
},
{
"id": 243717144,
"name": "CVE-2020-2551",
"full_name": "Y4er\/CVE-2020-2551",
"owner": {
"login": "Y4er",
"id": 40487319,
"avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/40487319?v=4",
"html_url": "https:\/\/github.com\/Y4er"
},
"html_url": "https:\/\/github.com\/Y4er\/CVE-2020-2551",
"description": "Weblogic IIOP CVE-2020-2551",
"fork": false,
"created_at": "2020-02-28T08:46:21Z",
"updated_at": "2020-08-17T06:46:59Z",
"pushed_at": "2020-04-07T03:32:24Z",
"stargazers_count": 218,
"watchers_count": 218,
"forks_count": 54,
"forks": 54,
"watchers": 218,
"score": 0
},
{
"id": 264347023,
"name": "weblogicPoc",

8
2020/CVE-2020-2555.json
View file

@ -82,13 +82,13 @@
"description": "Weblogic com.tangosol.util.extractor.ReflectionExtractor RCE",
"fork": false,
"created_at": "2020-03-07T18:58:09Z",
"updated_at": "2020-08-16T08:20:50Z",
"updated_at": "2020-08-17T03:35:37Z",
"pushed_at": "2020-03-09T05:25:05Z",
"stargazers_count": 127,
"watchers_count": 127,
"stargazers_count": 128,
"watchers_count": 128,
"forks_count": 43,
"forks": 43,
"watchers": 127,
"watchers": 128,
"score": 0
},
{

8
2020/CVE-2020-3452.json
View file

@ -36,13 +36,13 @@
"description": "unauth file read in cisco asa & firepower.",
"fork": false,
"created_at": "2020-07-24T05:56:32Z",
"updated_at": "2020-07-24T06:02:21Z",
"updated_at": "2020-08-17T08:48:02Z",
"pushed_at": "2020-07-24T06:02:19Z",
"stargazers_count": 0,
"watchers_count": 0,
"stargazers_count": 1,
"watchers_count": 1,
"forks_count": 0,
"forks": 0,
"watchers": 0,
"watchers": 1,
"score": 0
},
{

8
2020/CVE-2020-5902.json
View file

@ -13,13 +13,13 @@
"description": "Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本最新添加CVE-2020-5902、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340",
"fork": false,
"created_at": "2020-04-01T09:33:35Z",
"updated_at": "2020-08-15T17:07:38Z",
"updated_at": "2020-08-17T08:07:22Z",
"pushed_at": "2020-08-03T04:37:30Z",
"stargazers_count": 1491,
"watchers_count": 1491,
"stargazers_count": 1492,
"watchers_count": 1492,
"forks_count": 385,
"forks": 385,
"watchers": 1491,
"watchers": 1492,
"score": 0
},
{

8
2020/CVE-2020-6287.json
View file

@ -36,13 +36,13 @@
"description": "PoC for CVE-2020-6287 The PoC in python for add user only, no administrator permission set. Inspired by @zeroSteiner from metasploit. Original Metasploit PR module: https:\/\/github.com\/rapid7\/metasploit-framework\/pull\/13852\/commits\/d1e2c75b3eafa7f62a6aba9fbe6220c8da97baa8 This PoC only create user with unauthentication permission and no more administrator permission set. This project is created only for educational purposes and cannot be used for law violation or personal gain. The author of this project is not responsible for any possible harm caused by the materials of this project. Original finding: CVE-2020-6287: Pablo Artuso CVE-2020-6286: Yvan 'iggy' G. Usage: python sap-CVE-2020-6287-add-user.py <HTTP(s):\/\/IP:Port",
"fork": false,
"created_at": "2020-07-20T18:45:53Z",
"updated_at": "2020-08-05T06:58:36Z",
"updated_at": "2020-08-17T06:12:38Z",
"pushed_at": "2020-07-21T18:50:07Z",
"stargazers_count": 61,
"watchers_count": 61,
"stargazers_count": 62,
"watchers_count": 62,
"forks_count": 18,
"forks": 18,
"watchers": 61,
"watchers": 62,
"score": 0
},
{

8
2020/CVE-2020-7661.json
View file

@ -13,13 +13,13 @@
"description": "Regular expression matching for URL's. Maintained, safe, and browser-friendly version of url-regex. Resolves CVE-2020-7661 for Node.js servers.",
"fork": false,
"created_at": "2020-08-15T07:42:50Z",
"updated_at": "2020-08-15T21:49:19Z",
"updated_at": "2020-08-17T04:54:17Z",
"pushed_at": "2020-08-15T10:17:21Z",
"stargazers_count": 4,
"watchers_count": 4,
"stargazers_count": 5,
"watchers_count": 5,
"forks_count": 0,
"forks": 0,
"watchers": 4,
"watchers": 5,
"score": 0
}
]

2
README.md
View file

@ -552,6 +552,7 @@ Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware
- [jas502n/CVE-2020-2551](https://github.com/jas502n/CVE-2020-2551)
- [hktalent/CVE-2020-2551](https://github.com/hktalent/CVE-2020-2551)
- [0nise/CVE-2020-2551](https://github.com/0nise/CVE-2020-2551)
- [Y4er/CVE-2020-2551](https://github.com/Y4er/CVE-2020-2551)
- [zzwlpx/weblogicPoc](https://github.com/zzwlpx/weblogicPoc)
- [Dido1960/Weblogic-CVE-2020-2551-To-Internet](https://github.com/Dido1960/Weblogic-CVE-2020-2551-To-Internet)
@ -4146,6 +4147,7 @@ An issue was discovered on D-Link DIR-600M 3.02, 3.03, 3.04, and 3.06 devices. w
In libssh2 before 1.9.0, kex_method_diffie_hellman_group_exchange_sha256_key_exchange in kex.c has an integer overflow that could lead to an out-of-bounds read in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to disclose sensitive information or cause a denial of service condition on the client system when a user connects to the server. This is related to an _libssh2_check_length mistake, and is different from the various issues fixed in 1.8.1, such as CVE-2019-3855.
</code>
- [viz27/Libssh2-Exploit](https://github.com/viz27/Libssh2-Exploit)
- [CSSProject/libssh2-Exploit](https://github.com/CSSProject/libssh2-Exploit)
### CVE-2019-13143