This module exploits a JNDI injection present in the log4j library. The deployed agent will run with the root user account privileges on Linux systems and with SYSTEM privileges on Windows systems.
This module exploits a JNDI injection present in the log4j library. The deployed agent will run with the root user account privileges on Linux systems and with the same privileges than the user account that ran Apache James on Windows systems. This exploit will fail if the target system has jdk11.0.1 or newer.
Improper initialization of the flags member of the pipe buffer structure in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel, could allow an unprivileged local user to write to pages in the page cache backed by read-only files and escalate privileges on the system. This module creates a new pipe buffer with the PIPE_BUF_FLAG_CAN_MERGE flag which controls coalescing of writes into a pipe buffer and thus allows for writing to an existing page spliced into the pipe. When a file backs this spliced page, the change is reflected to the shared system-wide view of the file in memory and any subsequent cache flush will write the manipulated data to disk ignoring existing Linux permissions settings.
A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c. This allows an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name space.
This module exploits a default credentials on Raspberry pi because it has default username and password.
This module exploits a heap overflow in ntfs.sys by calling to the "NtQueryEaFile" function with crafted parameters.
This module exploits a path traversal vulnerability present in the getPluginAssets function of Grafana which allows an attacker to download system files through specially crafted HTTP resource requests.
This module exploits a JNDI injection present in the log4j library. The deployed agent will run with the admin user account privileges.
This module exploits a JNDI injection present in the log4j library. The deployed agent will run with the root user account privileges on Linux systems and with SYSTEM privileges on Windows systems.
This module exploits a deserialization vulnerability present in the TypedBinaryFormatter class. The deployed agent will run with the SYSTEM privileges.