CVE-2017-9248

Software scan Vulns Web Application

VinaScanHub version 11 Software scan vulnerability web application PHP, dotNet (aspx), Java (jsp) About My Team Eyes Of God team Member: Shaco JX (Toan Vu Van), Trung Lax (Trung La Bao), Daitvd1997 (Dai Trinh Van - githubcom/daitvd1997) Requirement JDK 11 (wwworaclecom/technetwork/java/javase/downloads/jdk11-downloads-5066655html) Vulnerability can de

Another tool for exploiting CVE-2017-9248, a cryptographic weakness in Telerik UI for ASP.NET AJAX dialog handler.

dp_cryptomg Another tool for exploiting CVE-2017-9248, a cryptographic weakness in Telerik UI for ASPNET AJAX dialog handler Exploitation leads to access to a file manager utility capable up uploading arbitrary files, usually leading to remote code execution The vulnerability is caused by an information leak via error messages during decryption of the Telerik "DialogP

A library for detecting known secrets across many web frameworks

badsecrets A pure python library for identifying the use of known or very weak cryptographic secrets across a variety of platforms The project is designed to be both a repository of various "known secrets" (for example, ASPNET machine keys found in examples in tutorials), and to provide a language-agnostic abstraction layer for identifying their use Knowing w

dp_crypto Base64-based encryption oracle exploit for CVE-2017-9248 (Telerik UI for ASPNET AJAX dialog handler) Published on exploit-db wwwexploit-dbcom/exploits/43873/ See also My other Telerik UI exploit (for CVE-2017-11317 and CVE-2017-11357) will probably also be of interest It is available here: githubcom/SABUNMANDICYBERTEAM/ Overview This exploit

Awesome Burp Suite Resources. 400+ open source Burp plugins, 400+ posts and videos.

所有收集类项目 BurpSuite 400+ 开源Burp插件，400+文章和视频。 English Version 目录 资源收集 -> (7)工具 (2)文章 Burp组件 Collaborator -> (10)工具 (17)文章 Intruder -> (1)工具 (15)文章 Repeater -> (4)工具 (3)文章 Extender -> (11)工具 (5)文章 Macros -> (1)工具 (10)文章 (3) Extracto

PoC exploit for Telerik-CVE-2017-9248

Telerik CVE-2017-9248 PoC Click Here to download the PoC file

PoC exploit for Telerik-CVE-2017-9248

Telerik CVE-2017-9248 PoC Click Here to download the PoC file

Telerik UI for ASP.NET AJAX DialogHandler Dialog cracker and site vulnerability checker with revers

Telerik UI for ASPNET AJAX DialogHandler Dialog cracker and site vulnerability checker with reverse ip lookup NIST: nvdnistgov/vuln/detail/CVE-2017-9248 Exploit-db: wwwexploit-dbcom/exploits/43873 Telerik: wwwtelerikcom/support/kb/aspnet-ajax/details/cryptographic-weakness Tenable: wwwtenablecom/cve/CVE-2017-9248 Githu

Telerik UI for ASP.NET AJAX File upload and .NET deserialisation exploit (CVE-2017-11317, CVE-2017-11357, CVE-2019-18935)

RAU_crypto Combined exploit for Telerik UI for ASPNET AJAX File upload for CVE-2017-11317 and CVE-2017-11357 - will automatically upload the file NET deserialisation for CVE-2019-18935 Now supports testing for the target's ability to pull in remote payloads from an attacker-hosted SMB service Use Burp Collaborator and/or Responder to facilitate testing whether the n

This project for CVE-2019-18935

RAU_crypto Combined exploit for Telerik UI for ASPNET AJAX File upload for CVE-2017-11317 and CVE-2017-11357 - will automatically upload the file NET deserialisation for CVE-2019-18935 For exploitation to work, you generally need a version with hard coded keys, or you need to know the key, for example if you can disclose the contents of webconfig The exploit also allows

所有收集类项目 BurpSuite 400+ 开源Burp插件，400+文章和视频。 English Version 目录 资源收集 -> (7)工具 (2)文章 Burp组件 Collaborator -> (10)工具 (17)文章 Intruder -> (1)工具 (15)文章 Repeater -> (4)工具 (3)文章 Extender -> (11)工具 (5)文章 Macros -> (1)工具 (10)文章 (3) Extracto

A Burp extension to detect and exploit versions of Telerik Web UI vulnerable to CVE-2017-9248.

Telewreck A Burp extension to detect and exploit versions of Telerik Web UI vulnerable to CVE-2017-9248 This extension is based on the original exploit tool written by Paul Taylor (@bao7uo) which is available at githubcom/bao7uo/dp_crypto Credits and big thanks to him A related blog post on how to exploit web applications via Telerik Web UI can also be found here

Khai thác lỗ hổng ứng dụng Web qua Telerik Web Ui trên Framework AspNet Đây là CVE 2017-9248, lỗ hổng bảo mật này cực kỳ nghiêm trọng, tồn tại do mã hóa yếu trong tệp tin TelerikWebUIdll (Telerik UI for ASPNET AJAX components) Khai thác lỗ hổng này hacker có thể

Base64-based encryption oracle exploit for CVE-2017-9248 (Telerik UI for ASP.NET AJAX dialog handler)

UI_CVE-2017-9248 Base64-based encryption oracle exploit for CVE-2017-9248 (Telerik UI for ASPNET AJAX dialog handler)

badsecrets A pure python library for identifying the use of known or very weak cryptographic secrets across a variety of platforms The project is designed to be both a repository of various "known secrets" (for example, ASPNET machine keys found in examples in tutorials), and to provide a language-agnostic abstraction layer for identifying their use Knowing w

Base64-based encryption oracle exploit for CVE-2017-9248 (Telerik UI for ASP.NET AJAX dialog handler)

dp_crypto Base64-based encryption oracle exploit for CVE-2017-9248 (Telerik UI for ASPNET AJAX dialog handler) Published on exploit-db Update 2020 - Please note that the version on exploit-db is now very out of date compared to the latest version here on GitHub wwwexploit-dbcom/exploits/43873/ See also My other Telerik UI exploit (for CVE-2017-11317 and CVE-2017-

Scans & Exploits

Scans & Exploits This repository is intented to archive Scans & Exploits written by my own Completed laravel_env_filepy - This script checks (and exploits) for Laravel's env disclosure CVE-2017-16894 laravel_debug_disclosurepy - This script checks for Laravel's Information disclosure via Debug activated cve_2021_3156sh - Checker for Sudo Heap-Base