/exploits

Some personal exploits/pocs

Primary LanguageCBSD 3-Clause "New" or "Revised" LicenseBSD-3-Clause

Exploits

Miscellaneous proof of concept exploit code for testing purposes.

Current Exploits

  • Fortinet FortiOS 6.0.0 <= 6.0.4, 5.6.0 <= 5.6.8, 5.4.1 <= 5.4.10: The magic backdoor (CVE-2018-13382)
  • Strato HiDrive <= 5.0.1.0 LPE (CVE-2019-9486)
  • Exim 4.87 < 4.91 LPE (CVE-2019-10149)
  • ASUS Aura Sync <= 1.07.71 Stack-Based Buffer Overflow (CVE-2019-17603)

Licence

See individual exploits for their respective licences.

Bug Reports

I'll take the quality of our exploit code very seriously. If you find a bug, or an edge case where an exploit fails to succeed against a vulnerable target, do let me know via issues or via email/twitter.

Changes

There is no changelogs here, as that would be too much effort, just git commits. Exploits may be updated regularly for greater stability, reliability or stealthiness.