{"uuid": "cb1883b9-4fee-437c-bb43-b9a6b71d18ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-33246", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3076", "content": "Tools - Hackers Factory \n\nCVE-2023-33733\n\nThis write-up details how an RCE in Reportlab - was found and exploited. Due to the prevalence of Reportlab in HTML to PDF processing, this vulnerability may be reachable in many applications that process PDF files, making this an important one to patch and look out for.\n\nhttps://github.com/c53elyas/CVE-2023-33733\n\n#cve #cybersecurity #infosec\n\nLoki\n\nA Little Web Honeypot.\n\nhttps://github.com/TheKingOfDuck/Loki\n\n#cybersecurity #infosec\n\nPyrai - Mirai python variant\n\nThis is a working variant of the Mirai IOT botnet, this is fully written in Python3. In this paper I'm going to show you how to configure each script in order to setup your PyRai.\n\nhttps://github.com/readloud/PyRai\n\n#cybersecurity #infosec #redteam\n\nCVE-2023-33781\n\nD-Link DIR-842V2 v1.0.3 was discovered to allow a user to run an arbitrary binary when connecting to telnet. This vulnerability can be triggered using backup/restore functionality.\n\nhttps://github.com/s0tr/CVE-2023-33781\n\n#cve #cybersecurity #infosec\n\nCVE-2023-33782\n\nD-Link DIR-842V2 v1.0.3 was discovered to contain a command injection vulnerability in the iperf3 diagnostics functionality.\n\nhttps://github.com/s0tr/CVE-2023-33782\n\n#cve #cybersecurity #infosec\n\nHackBrowserData \n\nCommand-line tool for decrypting and exporting browser data ( passwords, history, cookies, bookmarks, credit cards, download records, localStorage and extension ) from the browser. It supports the most popular browsers on the market and runs on Windows, macOS and Linux.\n\nhttps://github.com/moonD4rk/HackBrowserData\n\n#infosec #pentesting #redteam\n\nVMClarity \n\nOpen source tool for agentless detection and management of Virtual Machine Software Bill Of Materials (SBOM) and security threats such as vulnerabilities, exploits, malware, rootkits, misconfigurations and leaked secrets.\n\nhttps://github.com/openclarity/vmclarity\n\n#cybersecurity #infosec #pentesting\n\nCVE-2023-33246 \n\nRocketMQ Remote Code Execution #Exploit.\n\nhttps://github.com/Malayke/CVE-2023-33246_RocketMQ_RCE_EXPLOIT\n\n#cve #cybersecurity #infosec\n\n2023-33381\n\nOS command injection on MitraStar GPT-2741GNAC.\n\nhttps://github.com/duality084/CVE-2023-33381-MitraStar-GPT-2741GNAC\n\n#cve #cybersecurity #infosec\n\nEyeballer\n\nEyeballer is meant for large-scope network penetration tests where you need to find \"interesting\" targets from a huge set of web-based hosts. Go ahead and use your favorite screenshotting tool like normal (EyeWitness or GoWitness) and then run them through Eyeballer to tell you what's likely to contain vulnerabilities, and what isn't.\n\nhttps://github.com/BishopFox/eyeballer\n\n#cybersecurity #infosec #pentesting\n\nMultichain Auditor\n\nObservations and tips for auditing protocols on multiple chains \ud83e\uddd0\n\nhttps://github.com/0xJuancito/multichain-auditor\n\n#cybersecurity #infosec\n\nCoraza - Web Application Firewall\n\nCoraza is an open source, enterprise-grade, high performance Web Application Firewall (WAF) ready to protect your beloved applications. It written in Go, supports ModSecurity SecLang rulesets and is 100% compatible with the OWASP Core Rule Set.\n\nhttps://github.com/corazawaf/coraza\n\n#cybersecurity #infosec\n\nCVE-2020-35489\n\nCVE-2020-35489 Vulnerability Scanner in #Wordpress Websites.\n\nhttps://github.com/reneoliveirajr/wp_CVE-2020-35489_checker\n\n#cybersecurity #infosec\n\nRegStrike\n\nA .reg payload generator.\n\nhttps://github.com/itaymigdal/RegStrike\n\n#infosec #pentesting #redteam\n\nhttps://t.me/dilagrafie", "creation_timestamp": "2023-06-05T06:48:53.000000Z"}