Back to directory
WRITEUP #11

Vulnerabilities in Open Source C2 Frameworks

RCEOS command injectionAuthentication bypassArbitrary file downloadPrivilege escalation
byLaurence Tennant
Program
Bishop Fox (Sliver)HavocNinja C2SHAD0WCovenant
Published
Sep 18, 2024
Added to HackDex
Sep 24, 2024
Read Full Writeuphttps://blog.includesecurity.com/2024/09/vulnerabilities-in-open-source-c2-frameworks/
RELATED WRITEUPS
Confusion Attacks: Exploiting Hidden Semantic Ambiguity in Apache HTTP Server!
RCEConfusion attack
SSD Advisory – SonicWall SMA100 Stored XSS To RCE
RCEOS command injection
[2,500$ Bug Bounty Write-Up] Remote Code Execution (RCE) via unclaimed Node package
RCEDependency confusion
Attacking PowerShell CLIXML Deserialization
DeserializationInsecure deserialization
Escalating From Reader To Contributor In Azure API Management
Privilege Escalation

Built with ❤️ by Shubham Rawat