pedrib / poc Goto Github PK

The connection failed. What's wrong with this script? Or is my configuration problem. Can you answer it?

Hi Pedrib, I have created channel for CVE videos where I explain latest CVE and upload PoC. I will mention your name/github in video and description box. Could I share your video on my youtube channel?

Youtube channel Link : @Rapidsafeguard

Thank you.

IBM have always been pretty scummy with regards to how they handle bug findings. Since there's no "comment section" to your guide, I just wanted to tell you I enjoyed the writeup and the code. Don't let vendor responses annoy you. I find that at least 1 in 4 vendors respond pathetically with regards to being presented bug findings. Doesn't make what you've found any less interesting or your research any less meaningful. Good stuff man.

Link is not working
https://github.com/pedrib/PoC/blob/master/tracking.csv

Hi Pedrib, I have created channel for CVE videos where I explain latest CVE and upload PoC.
I would like to upload your new vulnerability CVE video Micro Focus Operations Bridge Manager. I will mention credit in video and description box. Could I share your video on YouTube channel?

I have shared your tibco data virtualization vulnerability video on our channel.

Youtube channel Link : @Rapidsafeguard

Thank you.

dear sir,
I am a fresh man and i want to know more about cve-2013-4276. i have read your patch but i don't know how to make a Poc. do you have a more specify article about lcm1.19 or can you send me a poc.
thans very much

[+] Picked port 32801 to receive the shell
[+] Creating AMF payload...
Picked up _JAVA_OPTIONS: -Dawt.useSystemAAFontSettings=on -Dswing.aatext=true
Exception in thread "main" java.lang.IllegalAccessError: class uk.co.agileinfosec.acsflex.ACSFlex (in unnamed module @0x6b162892) cannot access class sun.rmi.transport.tcp.TCPEndpoint (in module java.rmi) because module java.rmi does not export sun.rmi.transport.tcp to unnamed module @0x6b162892
at uk.co.agileinfosec.acsflex.ACSFlex.generateUnicastRef(ACSFlex.java:26)
at uk.co.agileinfosec.acsflex.ACSFlex.main(ACSFlex.java:11)
ISEpwn.rb:141:in binread': No such file or directory @ rb_sysopen - /tmp/d20231212-361622-oix3mk/payload.ser (Errno::ENOENT) from ISEpwn.rb:141:in block in

"From our observation it seems stack addresses are very lightly randomized due to the use of threads being used. Strangely, it seems that our buffer address remains constant, as part of the stack is not always randomised, while some other parts are. Although this is fantastic for exploitation, we're baffled by this and have no idea why it happens. Any comments on this are welcome!"

Hi Pedrib, I encountered Similar issue long time ago. I was baffled by this too. After I tried to modify the value of randomize_va_space, the address was still not randomised，I guess it's probably for efficiency, The function of Address Space Layout Randomization of the kernel is removed, or the current platform does not support this function at all.