exploit the possibilities

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 3 of 3

Files from Brandon Roach

Hashicorp Boundary Clickjacking

Posted Oct 7, 2022

Authored by Brandon Roach

Hashicorp Boundary versions prior to 0.11.0 suffer from a clickjacking vulnerability.

tags | advisory

advisories | CVE-2022-36182

SHA-256 | 688bdcf30f14fbf2ce794382918920689f96690ff9f6f1d579a58c8f1c457244

Download | Favorite | View

Teleport 10.1.1 Remote Code Execution

Posted Sep 23, 2022

Authored by Brian Landrum, Brandon Roach

Teleport version 10.1.1 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution

advisories | CVE-2022-36633

SHA-256 | c6d52b424ef6fecae4f1b523bd776835ab95ce19413a32ddacde1e3e5c128f9e

Download | Favorite | View

Teleport 9.3.6 Command Injection

Posted Aug 23, 2022

Authored by Brian Landrum, Brandon Roach

Teleport 9.3.6 is vulnerable to command injection leading to remote code execution. An attacker can craft a malicious ssh agent installation link by URL encoding a bash escape with carriage return line feed. This url encoded payload can be used in place of a token and sent to a user in a social engineering attack. This is fully unauthenticated attack utilizing the trusted teleport server to deliver the payload.

tags | exploit, remote, code execution, bash

advisories | CVE-2022-36633

SHA-256 | 5228298638858e0e106cda75b65bd4c283027b5bc6dff934d99ebc3b59a112f7

Download | Favorite | View