-
Earn real money by being active: Hello Guest, earn real money by simply being active on the forum — post quality content, get reactions, and help the community. Once you reach the minimum credit amount, you’ll be able to withdraw your balance directly. Learn how it works.
credentials
-
ShadowSpray: spray Shadow Credentials
A tool to spray Shadow Credentials across an entire domain in hopes of abusing long-forgotten GenericWrite/GenericAll DACLs over other objects in the domain. Why this tool In a lot of engagements, I see (in BloodHound) that the group “Everyone” / “Authenticated Users” / “Domain Users” or some...- itsMe
- Thread
- credentials shadow shadowspray: spray
- Replies: 0
- Forum: Pentesting
-
Masky: remotely dump domain user credentials via an ADCS
Masky is a python library providing an alternative way to remotely dump domain users’ credentials thanks to an ADCS. A command line tool has been built on top of this library in order to easily gather PFX, NT hashes, and TGT on a larger scope. This tool does not exploit any new vulnerability...- itsMe
- Thread
- adcs credentials domain dump masky: remotely user via
- Replies: 0
- Forum: Pentesting
-
C# CrypticVPN Credentials Stealer
Hidden content- itsMe
- Thread
- credentials crypticvpn stealer
- Replies: 0
- Forum: .NET & C# Development
-
C# SMTP Credentials Cracker
Unfinished program for checking the combination of logins and passwords from a text file against the SMTP server Hidden content- itsMe
- Thread
- cracker credentials smtp
- Replies: 0
- Forum: .NET & C# Development
-
SharpHook: uses various API hooks to steal credentials
SharpHook is inspired by the SharpRDPThief project, It uses various API hooks in order to give us the desired credentials. In the background it uses the EasyHook project, Once the desired process is up and running SharpHook will automatically inject its dependencies into the target process and...- itsMe
- Thread
- api credentials hooks sharphook: steal uses various
- Replies: 0
- Forum: Pentesting
-
Credential digger: identifies hardcoded credentials
Credential Digger is a GitHub scanning tool that identifies hardcoded credentials (Passwords, API Keys, Secret Keys, Tokens, personal information, etc), filtering the false positive data through machine learning models. It supports Python 3.6 and works only with LINUX systems. Architecture...- itsMe
- Thread
- credential credentials digger: hardcoded identifies
- Replies: 0
- Forum: Pentesting
-
1
Exploits ham3d 1.1 Information Disclosure / Default Credentials
ham3d version 1.1 suffers from information disclosure and default credential vulnerabilities. View the full article- 1337day-Exploits
- Thread
- 1.1 credentials default disclosure exploits ham3d information
- Replies: 0
- Forum: Exploit Development & Bugs
-
1
Exploits Cisco Device Hardcoded Credentials / GNU glibc / BusyBox
Many Cisco devices such as Cisco RV340, Cisco RV340W, Cisco RV345, Cisco RV345P, Cisco RV260, Cisco RV260P, Cisco RV260W, Cisco 160, and Cisco 160W suffer from having hard-coded credentials, known GNU glibc, known BusyBox, and IoT Inspector identified vulnerabilities. View the full article- 1337day-Exploits
- Thread
- busybox cisco credentials device exploits glibc gnu hardcoded
- Replies: 0
- Forum: Exploit Development & Bugs
-
1
Exploits Zyxel NWA/NAP/WAC Hardcoded Credentials
An FTP service runs on the Zyxel wireless access point that contains the configuration file for the WiFi network. This FTP server can be accessed with hard-coded credentials that are embedded in the firmware of the AP. When the WiFi network is bound to another VLAN, an attacker can cross the...- 1337day-Exploits
- Thread
- credentials exploits hardcoded nwa/nap/wac zyxel
- Replies: 0
- Forum: Exploit Development & Bugs
-
1
Exploits ProGrade/Lierda Grill Temperature 1.00_50006 Hardcoded Credentials
ProGrade/Lierda Grill Temperature version 1.00_50006 suffers from having hard-coded credentials that allow for denial of service and information disclosure attacks. View the full article- 1337day-Exploits
- Thread
- 1.00_50006 credentials exploits grill hardcoded prograde/lierda temperature
- Replies: 0
- Forum: Exploit Development & Bugs
-
Seth - Perform A MitM Attack And Extract Clear Text Credentials From RDP Connections
Seth is a tool written in Python and Bash to MitM RDP connections by attempting to downgrade the connection in order to extract clear text credentials. It was developed to raise awareness and educate about the importance of properly configured RDP connections in the context of pentests...- itsMe
- Thread
- and attack clear connections credentials extract from mitm perform rdp seth text
- Replies: 0
- Forum: Pentesting
-
1
Exploits WAGO 852 Industrial Managed Switch Series Code Execution / Hardcoded Credentials
The industrial managed switch series 852 from WAGO is affected by multiple vulnerabilities such as old software components embedded in the firmware. Furthermore, hardcoded password hashes and credentials were also found by doing an automated scan with IoT Inspector. View the full article- 1337day-Exploits
- Thread
- 852 code credentials execution exploits hardcoded industrial managed series switch wago
- Replies: 0
- Forum: Exploit Development & Bugs
-
1
Exploits Sierra Wireless AirLink ES450 SNMPD Hard-Coded Credentials
A hard-coded credentials vulnerability exists in the snmpd function of the Sierra Wireless AirLink ES450 FW 4.9.3. Activating snmpd outside of the WebUI can cause the activation of the hard-coded credentials, resulting in a hard-coded, in the exposure of a privileged user. An attacker can...- 1337day-Exploits
- Thread
- airlink credentials es450 exploits hard-coded sierra snmpd wireless
- Replies: 0
- Forum: Exploit Development & Bugs
-
1
Exploits NC450 1.5.0 Build 181022 Rel.3A033D Hardcoded Credentials
NC450 version 1.5.0 Build 181022 Rel.3A033D contains a hardcoded root credential within its Linux distribution image. View the full article- 1337day-Exploits
- Thread
- 1.5.0 181022 build credentials exploits hardcoded nc450 rel.3a033d
- Replies: 0
- Forum: Exploit Development & Bugs
-
1
Exploits Siglent Technologies SDS 1202X-E Digital Oscilloscope 5.1.3.13 Hardcoded Credentials
Siglent Technologies SDS 1202X-E Digital Oscilloscope version 5.1.3.13 suffers from multiple security vulnerabilities including hardcoded backdoor accounts, missing authentication, and more. View the full article- 1337day-Exploits
- Thread
- 1202x-e 5.1.3.13 credentials digital exploits hardcoded oscilloscope sds siglent technologies
- Replies: 0
- Forum: Exploit Development & Bugs
-
1
Exploits Ricoh myPrint Hardcoded Credentials / Information Disclosure
Ricoh myPrint suffers from hardcoded application credential and information disclosure vulnerabilities. The myPrint windows client version 2.9.2.4 and myPrint android client version 2.2.7 are both affected. View the full article- 1337day-Exploits
- Thread
- credentials disclosure exploits hardcoded information myprint ricoh
- Replies: 0
- Forum: Exploit Development & Bugs
-
1
Exploits FLIR Systems FLIR AX8 Thermal Camera 1.32.16 Hard-coded Credentials Shell Access
FLIR AX8 thermal sensor camera devices version 1.32.16 utilize hard-coded credentials within its Linux distribution image. These sets of credentials (SSH) are never exposed to the end-user and cannot be changed through any normal operation of the camera. Attacker could exploit this vulnerability...- 1337day-Exploits
- Thread
- 1.32.16 access ax8 camera credentials exploits flir hard-coded shell systems thermal
- Replies: 0
- Forum: Exploit Development & Bugs
credentials
