Index

  • ManageEngine ServiceDesk plus 10.0 Privilege Escalation

    Bypassing Authentication Guest to NT AUTHORITY/SYSTEM SHELL Ata Hakçıl, Melih Kaan Yıldız Overview CVE-2019-10008 Allows any user of ServiceDesk Plus to authenticate as another user. Platform allows for authenticating as any user if session cookies are juggled in a very precise way between the platform and the mobile container. It...

  • How google is your enemy if you have no idea what you are doing

    # What is GHDB? First of all, GHDB (Google Hacking Database) is a collection of google search queries aiming to find vulnerable software without a specific scope/target. You can find a vulnerability which was crawled by google, as an example, you can find every website which has its home folder...

  • PWDB - New generation of Password Mass-Analysis

    ## Goal Leaving the 20 year old stuff of red team behind. Stuff works fine, and no one bothers to check/replace it through decades. ## Included dumps You can check the status.txt in this repository to keep track of included dumps. --- ## Mystery List of 40k high entropy passwords...