mirror/PoC-in-GitHub
1
0
Fork 0
mirror of https://github.com/nomi-sec/PoC-in-GitHub.git synced 2025-12-26 14:15:32 +01:00
Code Issues Projects Releases Packages Wiki Activity
PoC-in-GitHub/2024/CVE-2024-28397.json
motikan2010-bot ea48832a4a Auto Update 2025/12/06 18:43:21
2025-12-07 03:43:21 +09:00

374 lines
No EOL
14 KiB
JSON
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

[
{
"id": 817083025,
"name": "CVE-2024-28397-js2py-Sandbox-Escape",
"full_name": "Marven11\/CVE-2024-28397-js2py-Sandbox-Escape",
"owner": {
"login": "Marven11",
"id": 110723864,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/110723864?v=4",
"html_url": "https:\/\/github.com\/Marven11",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/Marven11\/CVE-2024-28397-js2py-Sandbox-Escape",
"description": "CVE-2024-28397: js2py sandbox escape, bypass pyimport restriction.",
"fork": false,
"created_at": "2024-06-19T01:46:33Z",
"updated_at": "2025-11-16T22:18:06Z",
"pushed_at": "2025-08-28T10:16:03Z",
"stargazers_count": 65,
"watchers_count": 65,
"has_discussions": false,
"forks_count": 12,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 12,
"watchers": 65,
"score": 0,
"subscribers_count": 2
},
{
"id": 818088894,
"name": "CVE-2024-28397-js2py-Sandbox-Escape",
"full_name": "CYBER-WARRIOR-SEC\/CVE-2024-28397-js2py-Sandbox-Escape",
"owner": {
"login": "CYBER-WARRIOR-SEC",
"id": 168237449,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/168237449?v=4",
"html_url": "https:\/\/github.com\/CYBER-WARRIOR-SEC",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/CYBER-WARRIOR-SEC\/CVE-2024-28397-js2py-Sandbox-Escape",
"description": null,
"fork": false,
"created_at": "2024-06-21T04:43:21Z",
"updated_at": "2024-06-29T21:42:12Z",
"pushed_at": "2024-06-29T21:42:10Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 1
},
{
"id": 1039364261,
"name": "CVE-2024-28397-command-execution-poc",
"full_name": "Ghost-Overflow\/CVE-2024-28397-command-execution-poc",
"owner": {
"login": "Ghost-Overflow",
"id": 101213166,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101213166?v=4",
"html_url": "https:\/\/github.com\/Ghost-Overflow",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/Ghost-Overflow\/CVE-2024-28397-command-execution-poc",
"description": "This vulnerability arises from incomplete sandboxing in js2py, where crafted JavaScript can traverse Pythons internal object model and access dangerous classes like subprocess.Popen, leading to arbitrary command execution.",
"fork": false,
"created_at": "2025-08-17T04:00:59Z",
"updated_at": "2025-11-19T14:56:15Z",
"pushed_at": "2025-08-17T04:10:54Z",
"stargazers_count": 5,
"watchers_count": 5,
"has_discussions": false,
"forks_count": 1,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 1,
"watchers": 5,
"score": 0,
"subscribers_count": 0
},
{
"id": 1040192717,
"name": "CVE-2024-28397-RCE",
"full_name": "harutomo-jp\/CVE-2024-28397-RCE",
"owner": {
"login": "harutomo-jp",
"id": 139304582,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/139304582?v=4",
"html_url": "https:\/\/github.com\/harutomo-jp",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/harutomo-jp\/CVE-2024-28397-RCE",
"description": null,
"fork": false,
"created_at": "2025-08-18T15:40:19Z",
"updated_at": "2025-08-20T13:27:01Z",
"pushed_at": "2025-08-18T15:49:43Z",
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 1,
"score": 0,
"subscribers_count": 0
},
{
"id": 1046106441,
"name": "CVE-2024-28397-js2py-Sandbox-Escape",
"full_name": "Naved124\/CVE-2024-28397-js2py-Sandbox-Escape",
"owner": {
"login": "Naved124",
"id": 86107643,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86107643?v=4",
"html_url": "https:\/\/github.com\/Naved124",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/Naved124\/CVE-2024-28397-js2py-Sandbox-Escape",
"description": null,
"fork": false,
"created_at": "2025-08-28T07:39:30Z",
"updated_at": "2025-08-28T15:19:52Z",
"pushed_at": "2025-08-28T15:19:49Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
},
{
"id": 1051622838,
"name": "Remote-Code-Execution-CVE-2024-28397-pyload-ng-js2py-",
"full_name": "ExtremeUday\/Remote-Code-Execution-CVE-2024-28397-pyload-ng-js2py-",
"owner": {
"login": "ExtremeUday",
"id": 100433677,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100433677?v=4",
"html_url": "https:\/\/github.com\/ExtremeUday",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/ExtremeUday\/Remote-Code-Execution-CVE-2024-28397-pyload-ng-js2py-",
"description": "PoC exploit for CVE-2024-28397 Remote Code Execution in pyload-ng via js2py sandbox escape",
"fork": false,
"created_at": "2025-09-06T11:39:44Z",
"updated_at": "2025-09-06T11:50:45Z",
"pushed_at": "2025-09-06T11:50:41Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
},
{
"id": 1053333854,
"name": "CVE-2024-28397",
"full_name": "naclapor\/CVE-2024-28397",
"owner": {
"login": "naclapor",
"id": 144923083,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/144923083?v=4",
"html_url": "https:\/\/github.com\/naclapor",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/naclapor\/CVE-2024-28397",
"description": "This repository contains a python exploit code for CVE-2024-28397 intended for use on the \"CodePartTwo\" machine on Hack The Box (HTB).",
"fork": false,
"created_at": "2025-09-09T09:57:26Z",
"updated_at": "2025-11-23T00:09:47Z",
"pushed_at": "2025-09-09T10:04:14Z",
"stargazers_count": 7,
"watchers_count": 7,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 7,
"score": 0,
"subscribers_count": 0
},
{
"id": 1057324274,
"name": "js2py-Sandbox-Escape-CVE-2024-28397-RCE",
"full_name": "0xDTC\/js2py-Sandbox-Escape-CVE-2024-28397-RCE",
"owner": {
"login": "0xDTC",
"id": 95960398,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/95960398?v=4",
"html_url": "https:\/\/github.com\/0xDTC",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/0xDTC\/js2py-Sandbox-Escape-CVE-2024-28397-RCE",
"description": null,
"fork": false,
"created_at": "2025-09-15T15:16:20Z",
"updated_at": "2025-09-15T15:28:24Z",
"pushed_at": "2025-09-15T15:28:20Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
},
{
"id": 1058433325,
"name": "CVE-2024-28397-Js2Py-RCE",
"full_name": "D3ltaFormation\/CVE-2024-28397-Js2Py-RCE",
"owner": {
"login": "D3ltaFormation",
"id": 232729796,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/232729796?v=4",
"html_url": "https:\/\/github.com\/D3ltaFormation",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/D3ltaFormation\/CVE-2024-28397-Js2Py-RCE",
"description": "This repository contains a Proof of Concept (PoC) for CVE-2024-28397, a vulnerability in the js2py library allowing a sandbox escape to achieve remote code execution.",
"fork": false,
"created_at": "2025-09-17T04:56:29Z",
"updated_at": "2025-09-24T04:36:32Z",
"pushed_at": "2025-09-24T04:36:27Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
},
{
"id": 1058926820,
"name": "CVE-2024-28397-RCE",
"full_name": "vitaciminIPI\/CVE-2024-28397-RCE",
"owner": {
"login": "vitaciminIPI",
"id": 95865624,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/95865624?v=4",
"html_url": "https:\/\/github.com\/vitaciminIPI",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/vitaciminIPI\/CVE-2024-28397-RCE",
"description": "CVE-2024-28397 - Remote Code Execution From Vulnerable JS2PY",
"fork": false,
"created_at": "2025-09-17T18:32:39Z",
"updated_at": "2025-09-17T18:35:32Z",
"pushed_at": "2025-09-17T18:35:28Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
},
{
"id": 1074514301,
"name": "CVE-2024-28397-Reverse-Shell",
"full_name": "0xPadme\/CVE-2024-28397-Reverse-Shell",
"owner": {
"login": "0xPadme",
"id": 219488496,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/219488496?v=4",
"html_url": "https:\/\/github.com\/0xPadme",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/0xPadme\/CVE-2024-28397-Reverse-Shell",
"description": "Reverse shell for CVE-2024-28397.",
"fork": false,
"created_at": "2025-10-12T00:00:15Z",
"updated_at": "2025-10-12T00:14:00Z",
"pushed_at": "2025-10-12T00:13:57Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
},
{
"id": 1111292901,
"name": "CVE-2024-28397-Exploit-Automation",
"full_name": "L1337Xi\/CVE-2024-28397-Exploit-Automation",
"owner": {
"login": "L1337Xi",
"id": 104053455,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/104053455?v=4",
"html_url": "https:\/\/github.com\/L1337Xi",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/L1337Xi\/CVE-2024-28397-Exploit-Automation",
"description": "A Python automation script for exploiting the **js2py Sandbox Escape** vulnerability (CVE-2024-28397). This tool automates the payload generation and delivery process to achieve Remote Code Execution (RCE) on vulnerable instances.",
"fork": false,
"created_at": "2025-12-06T16:48:49Z",
"updated_at": "2025-12-06T17:51:41Z",
"pushed_at": "2025-12-06T17:51:38Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]
Reference in a new issue View git blame Copy permalink