fuelcms-rce
log4j2-rce-poc
| fuelcms-rce | log4j2-rce-poc | |
|---|---|---|
| 1 | 1 | |
| 6 | 3 | |
| - | - | |
| 0.0 | 4.1 | |
| over 2 years ago | over 2 years ago | |
| Ruby | Kotlin | |
| MIT License | - |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
fuelcms-rce
-
Exploiting Fuel CMS CVE-2018-16763 | TryHackMe Ignite
Hello, I'm noraj, I'm the author of a Fuel CMS RCE exploit / PoC, it's not the one you used but another one that has some advantages compared to the one you used:
log4j2-rce-poc
-
Log4J - Have your customer been breached? What have you seen if anything?
However, when using JNDI lookups, if you return properly formatted JNDI data (from a malicious server) then Java will execute that code. You can see this in PoC code: https://github.com/unlimitedsola/log4j2-rce-poc/blob/master/payload-server/src/main/kotlin/Main.kt
What are some alternatives?
tryhackme-writeups - Write-Ups for TryHackMe
Log4j-RCE-Scanner - Remote command execution vulnerability scanner for Log4j.
DogWalk-rce-poc - š¾Dogwalk PoC (using diagcab file to obtain RCE on windows)
ysoserial - A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
log4shell - Operational information regarding the log4shell vulnerabilities in the Log4j logging library.
CVE-2021-40444 - CVE-2021-40444 - Fully Weaponized Microsoft Office Word RCE Exploit
CVE-2021-44228_scanner - Scanners for Jar files that may be vulnerable to CVE-2021-44228
Discord-Cache-Exploit-POC - Exploit Discord's cache system to remote upload payloads on Discord users machines [Moved to: https://github.com/ecriminal/Exploit-Discord-Cache-System-PoC]