top of page

Apache Log4J in 2 Minutes

CVE-2021-44228

Apache Log4J

A zero-day vulnerability discovered in 2022 in the Apache Log4j that allows easy-to-exploit remote code execution in Java applications. Log4J is a popular Java-based logging utility widely used for generating log messages. An attacker can exploit CVE-2021-44228 by sending a specially crafted log message to a vulnerable application that uses Log4J. 

CVE-2020–25627, CVE-2020–14321,

CVE-2020–25629, CVE-2019-11631

Moodle

Moodle is our course management system. Here we demonstrated four vulnerabilities on Moodle 3.9, released on 5 June 2020, along with three opportunities you've missed if you are a senior/junior:

1: Log in as a teacher and change your grades

2: Become a site manager 

3: Taking over the system with a remote shell

Taking Over Moodle Demo

Windows 7 Eternal Blue Demo

CVE-2017-0144

Windows 7 EternalBlue

EternalBlue is a Windows exploit created by the National Security Agency (NSA) of the United States. NSA analysts spent a year hunting for a bug in Microsoft’s software, and developed EternalBlue as part of their cyber-arsenal stockpile for (ostensibly) counterterrorism missions. In April 2017, the Shadow Brokers hacking group leaked it. It uses a flaw in the Microsoft implementation of the SMB Protocol, which allows remote attackers to execute arbitrary code on a target system by sending crafted messages to the SMBv1 server

CVE-2022-1329

WordPress

WordPress is a commonly used website builder with many third-party plugins available for download to extend functionality. One of them, the Elementor plugin (versions 6.0.0 - 6.3.0), handles AJAX requests insecurely, which can result in the upload and execution of a .zip file containing any code as long as the labels and headers appear correct.

Wordpress Elementor Plugin Demo

Confluence ONGL Injection in 2 Minutes

CVE 2022-26134

Confluence

CVE-2022-26134 was a zero-day OGNL injection vulnerability discovered in the Atlassian Confluence Server and Data Center software. Confluence is a widely used collaboration and documentation tool (basically a wiki for your team).

The vulnerability allows arbitrary remote code execution on a targeted server.

CVE-2014-6271

Shellshock

Bash is the default Unix shell for most Linux distributions. Shellshock is a Bash vulnerability first discovered in 2014—but the software has been vulnerable since 1989. Typical Shellshock exploits attempt remote command execution by telling Bash to assign an empty function declaration to an environment variable

Shellshock Demo with Captions

Andriod NMap Exploit Demo

CVE-2014-2630

Android NMap

NMap is a very common utility for network discovery and security auditing. When installed with high privilege levels it can create exploitable issues within linux kernel systems such as Android. Once a low level shell has been obtained, attackers can use this exploit to escalate their privileges to those NMap has, often resulting in root access. 

bottom of page