Basically, the SMTP server can count on messages that come in 80 characters per line (and always less than 1000 characters per line), and email clients can trust that they only have to render up to the 78th column of text. This limitation is hardly useful in the modern age, but persist...
(Writeup/POC/Exploit) https://github.com/coffeehb/Some-PoC-oR-ExP/blob/master/check_icmp_dos.py CVE-2018-4407,macos/ios 缓冲区溢出可导致系统崩溃 https://github.com/vulnersCom/getsploit py2,仿照 searchsploit 通过各种数据库的官方接口进行 payload 的查找 https://github.com/SecWiki/CMS-Hunter ...
Bash - 'Shellshock' Environment Variables Command Injection 本地验证方法 env x='() { :;}; echo Vulnerable CVE-2014-6271 ' bash -c "echo test" 执行命令后,如果显示 Vulnerable CVE-2014-6271,证系统存在漏洞,可改变 echo Vulnerable CVE-2014-6271 为任意命令进行执行. User-Agent: () { :;}; ...
LinuxFlaw:Linux 平台的漏洞 PoC、Writeup 收集 fuso:扶桑一款RUST 编写的快速, 稳定, 高效, 轻量的内网穿透, 端口转发工具 SpringMemShell:Spring内存马检测和隐形马研究 SharpMemshell:.NET写的内存shell jsForward:解决web及移动端H5数据加密Burp调试问题|JS-Forward:原版 Command2API:将执行命令的结果返回到Web...
【Windows提权】dazzleUP是一款用来帮助渗透测试人员进行权限提升的工具,可以在window系统中查找脆弱面进行攻击。工具包括两部分检查内容,exploit检查和错误配置检查。 PC 微软RDP远程代码执行漏洞(CVE-2019-0708) CVE-2019-0708-python版 MS17-010-微软永恒之蓝漏洞 macOS-Kernel-Exploit CVE-2019-1388 UAC提权 (nt ...