CVE-2021-31166

CVE-2022-47986: Python, Ruby, NMAP and Metasploit modules to exploit the vulnerability.

CVE-2022-47986 Why This vulnerability is exploited in the wild IceFire use this vulnerability to deploy the ransomware on targeted systems, i would like to help SOC/Blue teams to identify impacted systems and Pentesters/Red teams to exploit and report it Description I propose pure python and ruby scripts, metasploit and nmap modules to exploit the vulnerability that causes a

A curated list of my GitHub stars! Generated by starred

Awesome Stars A curated list of my GitHub stars! Generated by starred Contents Adblock Filter List Awk Brainfuck C C# C++ CMake CSS Clojure CoffeeScript Common Lisp Coq Crystal D2 Dart Dockerfile EJS Elixir Emacs Lisp F# Go HCL HTML Haskell Haxe Java JavaScript Jinja Jsonnet Julia Jupyter Notebook Kotlin Lean Lua MDX Makefile Markdown Mathematica Mustache Nim Nix OCaml Obj

POC for CVE-2022-21907: HTTP Protocol Stack Remote Code Execution Vulnerability.

CVE-2022-21907 Description POC for CVE-2022-21907: HTTP Protocol Stack Remote Code Execution Vulnerability create by Malwareman at 2022-09-17 Detail HTTP Protocol Stack Remote Code Execution Vulnerability Similar to [[githubcom/antx-code/CVE-2021-31166][CVE-2021-31166]] This problem exists, from last year which is repo

Windows HTTP协议栈远程代码执行漏洞 CVE-2021-31166

CVE-2021-31166 Description POC for CVE-2021-31166: Windows HTTP协议栈远程代码执行漏洞 create by antx at 2021-09-27 Detail Poc-Gif CVE Severity attackComplexity: LOW attackVector: NETWORK availabilityImpact: HIGH confidentialityImpact: HIGH integrityImpact: HIGH privilegesRequired: NONE scope: CHANGED userInteraction: NONE version: 31

Read your Gmail based on queries through browser

Oldnews $ go run oldnewsgo -query "label:newsletter after:2021/05/17" 2021/05/17 11:30:23 Processing 3 messages 2021/05/17 11:30:23 total: 222930 2021/05/17 11:30:23 Message URL: mailgooglecom/mail/u/0/#all/179793768715cd32 2021/05/17 11:30:23 Size: 76226, Date: Mon, 17 May 2021 07:25:42 +0000 (UTC), Snippet: "GitHub Explore

simple bash script for exploit CVE-2021-31166

CVE-2021-31166 simple bash script for exploit CVE-2021-31166

CVE-2021-31166: exploitation with Powershell, Python, Ruby, NMAP and Metasploit.

CVE-2021-31166 Why I recently wrote an exploit for CVE-2021-31166, it exploit CVE-2021-31166 and CVE-2021-31166 A pentester should use githubcom/mauricelambert/CVE-2021-31166, but in SOC teams we need to know the specific vulneraility to fix it properly, which is why i wrote this exploit Description I propose pure python, powershell, ruby scripts and metasploit, nmap

WIn-CVE-2021-31166 This Repo is inspired on 0vercl0k for a proof of concept for CVE-2021-31166 ("HTTP Protocol Stack Remote Code Execution Vulnerability"), a use-after-free dereference in httpsys patched by Microsoft in May 2021 Build Infraestructure git clone githubcom/bgsilvait/WIn-CVE-2021-31166git cd WIn-CVE-2021-31166 terraform init terraform plan te

HTTP Protocol Stack CVE-2021-31166

CVE-2021-31166 Detection of attempts to exploit CVE-2021-31166 (HTTP Protocol Stack vulnerability) Suricata rule Zeek Package References corelightblog/2021/05/27/detecting-cve-2021-31166-http-vulnerability/ msrcmicrosoftcom/update-guide/vulnerability/CVE-2021-31166 githubcom/0vercl0k/CVE-2021-31166 wwwbleepingcomputercom/news/security/exp

PoC for CVE-2021-31166, a remote HTTP.sys use-after-free triggered remotely. Although it was defined as remote command execution, it can only cause the system to crash.

CVE-2021-31166 0x00Description This is a proof of concept for CVE-2021-31166 ("HTTP Protocol Stack Remote Code Execution Vulnerability"), a use-after-free dereference in httpsys patched by Microsoft in May 2021 As far as I know, it can only trigger the program to crash, please use it with caution 0x01Impact Windows Server, version 20H2 (Server Core Installation)

Exploit for MS Http Protocol Stack RCE vulnerability (CVE-2021-31166)

CVE-2021-31166-Exploit Exploit for MS Http Protocol Stack RCE vulnerability (CVE-2021-31166) A specially crafted Http request targetting a vulnerable windows version will result into DOS attack And the server will be rebooted with blue screen error Httpsys is a windows kernel driver responsible for handling http requests and crafting a response for those This vulnerable htt

PoC for CVE-2021-31166 and CVE-2022-21907

Home-Demolisher PoC for CVE-2021-31166 and CVE-2022-21907 Usage: usage: CVE-2021-31166py [-h] [-u URL] [-l LIST] [-o OUTPUT] Description message options: -h, --help show this help message and exit -u URL, --url URL IIS Server url For instance: 1921681110 -l LIST, --list LIST IIS Server urls list For instance: subdomaintxt -o OUTPUT, --output OUT

CVE-2022-21907 Vulnerability PoC

CVE-2022-21907 Description POC for CVE-2022-21907: HTTP Protocol Stack Remote Code Execution Vulnerability create by antx at 2022-01-17, just some small fixes by Michele “o-zone@zerozoneit” Detail HTTP Protocol Stack Remote Code Execution Vulnerability Similar to CVE-2021-31166 This problem exists, from last year which is reported on CVE-2021-3116

Different rules to detect if CVE-2021-31166 is being exploited

CVE-2021-31166 Detection Rules Different rules to detect if CVE-2021-31166 is being exploited Rules available: Suricata Snort The snort rules also work on suricata Zeek To Do: Make PCAPs available which where used during the development of the signatures Zeek script Detection when the CVE-2021-31166 vulnerability is being exploited Detection if the 'exploited hos

Different rules to detect if CVE-2021-31166 is being exploited

CVE-2021-31166 Detection Rules Different rules to detect if CVE-2021-31166 is being exploited Rules available: Suricata Snort The snort rules also work on suricata Zeek To Do: Make PCAPs available which where used during the development of the signatures Zeek script Detection when the CVE-2021-31166 vulnerability is being exploited Detection if the 'exploited hos

Just a simple CVE-2021-31166 exploit tool

CVE-2021-31166 (HTTP Protocol Stack Remote Code Execution Vulnerability) Attacked version： Microsoft:Windows 10: version 2004 for 32-bit Systems version 2004 for x64-based Systems version 2004 for ARM64-based Systems version 20H2 for 32-bit Systems version 20H2 for x64-based Systems version 20H2 for ARM64-based Systems Microsoft:Windows Server: version 20H2 version 2004

Proof of concept of CVE-2022-21907 Double Free in http.sys driver, triggering a kernel crash on IIS servers

CVE-2022-21907 - Double Free in httpsys driver CVE-2022-21907 - Double Free in httpsys driver Summary An unauthenticated attacker can send an HTTP request with an "Accept-Encoding" HTTP request header triggering a double free in the unknown coding-list inside the HTTP Protocol Stack (httpsys) to process packets, resulting in a kernel c

CVE-2021-31166: exploitation with Powershell, Python, Ruby, NMAP and Metasploit.

CVE-2021-31166 Why I recently wrote an exploit for CVE-2021-31166, it exploit CVE-2021-31166 and CVE-2021-31166 A pentester should use githubcom/mauricelambert/CVE-2021-31166, but in SOC teams we need to know the specific vulneraility to fix it properly, which is why i wrote this exploit Description I propose pure python, powershell, ruby scripts and metasploit, nmap

Web App Government Data Analysis Python Security tools PickleExploit Documentation WebSiteClonerHTTPLogger Documentation WebSiteClonerWebSiteCloner Documentation PyEmailToolsEmail Documentation PyEmailToolsForger Documentation PyEmailToolsImapClient Documentation PyEmailToolsPopClient Documentation PyEmailToolsReader Documentation PyEmailToolsSmtpCli

Vulnerability in HTTP Protocol Stack Enabling Remote Code Execution and Potential System Crash.

CVE-2022-21907 Vulnerability in HTTP Protocol Stack Enabling Remote Code Execution and Potential System Crash Table of Contents CVE-2022-21907 Description Environment Victim Machine Configuration Attacker Machine Configuration Exploit Proof of Concept References Description CVE-2022-21907 is a vulnerability in the HTTP Protocol Stack (httpsys) of Windows 10 that coul

HTTP Protocol Stack Remote Code Execution Vulnerability CVE-2022-21907

CVE-2022-21907 Description POC for CVE-2022-21907: HTTP Protocol Stack Remote Code Execution Vulnerability create by antx at 2022-01-17 Detail HTTP Protocol Stack Remote Code Execution Vulnerability Similar to CVE-2021-31166 This problem exists, from last year which is reported on CVE-2021-31166, and still there CVE Severity attackComplexity: LOW atta

http.sys remote UAF to Leak Credential

CVE-2021-31166 httpsys remote UAF to Leak Credential someday is a good day

Proof of concept for CVE-2021-31166, a remote HTTP.sys use-after-free triggered remotely.

CVE-2021-31166: HTTP Protocol Stack Remote Code Execution Vulnerability This is a proof of concept for CVE-2021-31166 ("HTTP Protocol Stack Remote Code Execution Vulnerability"), a use-after-free dereference in httpsys patched by Microsoft in May 2021 According to this tweet the vulnerability has been found by @_mxms and @fzzyhd1