CVE-2020-15505: RCE on MobileIron MDM PoC

CVE-2020-15505

RCE on MobileIron MDM PoC

Usage

git clone https://github.com/swiper/CVE-2020-15505
cd CVE-2020-15505/
chmod +x exploit.sh
./exploit.sh <url> <cmd>

Example

# ./exploit.sh http://localhost/ id
uid=0(root) gid=0(root) groups=0(root)

Original blog post

https://blog.orange.tw/2020/09/how-i-hacked-facebook-again-mobileiron-mdm-rce.html

NOTE this is my personal code, only made for myself. only to be used by myself. don't use.

The MDM Display Manager

ProxyLogon Full Exploit Chain PoC (CVE-2021–26855, CVE-2021–26857, CVE-2021–26858, CVE-2021–27065)

DNSpooq - dnsmasq cache poisoning (CVE-2020-25686, CVE-2020-25684, CVE-2020-25685)

PoC for the CVE-2021-20837 : RCE in MovableType

Alibaba-Nacos-Unauthorized/ApacheDruid-RCE_CVE-2021-25646/MS-Exchange-SSRF-CVE-2021-26885/Oracle-WebLogic-CVE-2021-2109_RCE/RG-CNVD-2021-14536/RJ-SSL-VPN-UltraVires/Redis-Unauthorized-RCE/TDOA-V11.7-GetOnlineCookie/VMware-vCenter-GetAnyFile/yongyou-GRP-U8-XXE/Oracle-WebLogic-CVE-2020-14883/Oracle-WebLogic-CVE-2020-14882/Apache-Solr-GetAnyFile/F5-BIG-IP-CVE-2021-22986/Sonicwall-SSL-VPN-RCE/GitLab-Graphql-CNVD-2021-14193

PoC for CVE-2020-6287, CVE-2020-6286 (SAP RECON vulnerability)

This is a Poc for BIGIP iControl unauth RCE

mdmb is a tool for simulating Apple devices interacting with Apple MDM servers.

CVE-2020-13942 unauthenticated RCE POC through MVEL and OGNL injection

vRealize RCE + Privesc (CVE-2021-21975, CVE-2021-21983, CVE-0DAY-?????)

F5 Big-IP CVE-2020-5902 - LFI and RCE

A basic PoC leak for CVE-2021-28663 (Internal of the Android kernel backdoor vulnerability)

PoC demonstrating the use of cve-2020-1034 for privilege escalation

This is a proof-of-concept exploit for Log4j RCE Unauthenticated (CVE-2021-44228).

Nmap Log4Shell NSE script for discovery Apache Log4j RCE (CVE-2021-44228)

Log4j-RCE (CVE-2021-44228) Proof of Concept with additional information

com_media allowed paths that are not intended for image uploads to RCE

RCE 0-day for GhostScript 9.50 - Payload generator

CVE-2021-44228 - Apache log4j RCE quick test

ProxyLogon(CVE-2021-26855+CVE-2021-27065) Exchange Server RCE(SSRF->GetWebShell)

PoC CVE-2021-30632 - Out of bounds write in V8

Share this repo

Related Repos

Miscellaneous

the ultimate compact fzf gh extension

the ultimate compact fzf gh extension Installation • Usage • Customisation • Feedback gh-f is the ultimate, compact and snappy fzf extension for gh cl

Miscellaneous

MacOS Wallpapers for linux desktop

MacOS Wallpapers for linux desktop WhiteSur (Big Sur) Wallpapers Monterey Wallpapers Installation Install Gnome Backgrounds (wallpaper will change acc

Miscellaneous

A docker bundle with *arr apps ready to deploy on your linux machine.

Plex Home Media integrations This package is created for those who are not experts in linux servers and docker. If you follow these steps you'll be ab

Miscellaneous

Vim-textobj-string is a Vim plugin to provide text objects to select a string

vim-textobj-string is a Vim plugin to provide text objects (as and is by default) to select a string.

Miscellaneous

automatically quote arguments to commands like `git commit -m`

zsh-autoquoter zsh-autoquoter is a zle widget ("zsh plugin") that will automatically put quotes around arguments to certain commands. So instead of ha

Miscellaneous

PyTorchCV: A PyTorch-Based Framework for Deep Learning in Computer Vision.

PyTorchCV: A PyTorch-Based Framework for Deep Learning in Computer Vision @misc{CV2018, author = {Donny You ([email protected])}, howpubl

Miscellaneous

276

Documentation on building a HTTPS stack in AWS with HAProxy

Guidelines for HAProxy termination in AWS Document status NOT READY $Revision: $ @ 2022-01-14 19:00 PST Author Julien Vehent Review CloudOps Table of

Miscellaneous

8.3k

Spinnaker is an open source, multi-cloud continuous delivery platform for releasing softwa...

Welcome to the Spinnaker Project Spinnaker is an open-source continuous delivery platform for releasing software changes with high velocity and confid

Miscellaneous

A must-have configuration for Spacemacs users after defecting to Vim

🪐 My Neovim Configuration 🚀 A must-have configuration for Spacemacs users after defecting to Vim If you want the power of VSCode, the interactivity

Miscellaneous

This repo is for firmware updates, software files, and other important resources for the M...

Miyoo Mini Firmware and Configured SD This repository contains a debloated and improved SD card image for the Miyoo Mini. Latest Firmware Update Packa

Miscellaneous

This app is created that using with Shell Script and Zenity Library.

CV Hazırlama (Shell Script - Zenity Kütüphanesi) Linux Araçları ve Kabuk Programlama dersi kapsamında,Shell script ve Zenity Kütüphanesi kullanılarak

Miscellaneous

Docker container for PlexAutoSkip

PlexAutoSkip Official Docker Container Docker container for PlexAutoSkip Version Tags Tag Description latest Stable release Usage docker-compose ple

Miscellaneous

An open source meme???

Open source spiderman meme Haha spiderman make a presentation lol Install gimp This meme requires gimp, install through install_deps.sh chmod +x insta

Miscellaneous

Script to patch iOS app so we can later use it on Apple Silicon devices.

AppleSiliconUIKitPatch Script to patch iOS app so we can later use it on Apple Silicon devices. App should be decrypted if was downloaded from App Sto

Miscellaneous

dots configured after setting up NixOS on tmpfs

λ Idempotent Dotfiles SETTING UP NIXOS , MY WAY NixOS with tmpfs (Sway WM) Disclaimer: This is not a community framework or distribution. It's a priva

Category: Linux / Miscellaneous
Watchers: 2
Star: 14
Fork: 0
Last update: Sep 16, 2020