Пропускане към основното съдържание

CURL-RCE-Windows-11 * -PWNED-0Day

WARNING! If you have installed Python or other powerful programming languages on your Windows machine, and you don't know what are using, please remove them all immediately!
NOTE: The vulnerable versions are Windows 10 - the latest update which uses a Curl protocol and also 11 all builds! There is no restriction on executions for the usual user. There is no security for the home environment of the usual user. No warnings Direct execution from cmd by user interaction. Nothing! The attacker can trick easily some victims to execute his command by using a good lure, then the attacker can get full control of the PC, even more, worst than ever. If an attacker receives a click from an admin account he will get access to all other accounts on the victim's machine, also if the victim corresponds with some of the accounts on his machine, the attacker can easily use this user account to hack all other accounts, except for the administrator, and vice versa, so nice a. This is a Microsoft!


Popular Posts


REPRODUCE OF THE VULNERABILITY =): Collaboration: silentsignal

DVWA - Brute Force (High Level) - Anti-CSRF Tokens

This is the final "how to" guide which brute focuses Damn Vulnerable Web Application (DVWA), this time on the high security level. It is an expansion from the "low" level (which is a straightforward HTTP GET form attack). The main login screen shares similar issues (brute force-able and with anti-CSRF tokens). The only other posting is the "medium" security level post (which deals with timing issues). For the final time, let's pretend we do not know any credentials for DVWA.... Let's play dumb and brute force DVWA... once and for all! TL;DR: Quick copy/paste 1: CSRF=$(curl -s -c dvwa.cookie "" | awk -F 'value=' '/user_token/ {print $2}' | cut -d "'" -f2) 2: SESSIONID=$(grep PHPSESSID dvwa.cookie | cut -d $'\t' -f7) 3: curl -s -b dvwa.cookie -d "username=admin&password=password&user_token=${CSRF}&Login=Login" "192.168.1


Donate if you are not shame!