exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 3 of 3 RSS Feed

Files from Alyssa Herrera

First Active2019-08-21
Last Active2024-08-31
Pulse Secure VPN Arbitrary File Disclosure
Posted Aug 31, 2024
Authored by Orange Tsai, wvu, Alyssa Herrera, Justin Wagner, Meh Chang | Site metasploit.com

This Metasploit module exploits a pre-auth directory traversal in the Pulse Secure VPN server to dump an arbitrary file. Dumped files are stored in loot. If the "Automatic" action is set, plaintext and hashed credentials, as well as session IDs, will be dumped. Valid sessions can be hijacked by setting the "DSIG" browser cookie to a valid session ID. For the "Manual" action, please specify a file to dump via the "FILE" option. /etc/passwd will be dumped by default. If the "PRINT" option is set, file contents will be printed to the screen, with any unprintable characters replaced by a period. Please see related module exploit/linux/http/pulse_secure_cmd_exec for a post-auth exploit that can leverage the results from this module.

tags | exploit, web, arbitrary
systems | linux
advisories | CVE-2019-11510
SHA-256 | 9434228fa1dc2af2393abd6886ea6161415b95086765f63406754e8064f448e0
Pulse Secure 8.1R15.1 / 8.2 / 8.3 / 9.0 SSL VPN Remote Code Execution
Posted Sep 6, 2019
Authored by Alyssa Herrera, Justin Wagner

Pulse Secure versions 8.1R15.1, 8.2, 8.3, and 9.0 SSL VPN remote code execution exploit.

tags | exploit, remote, code execution
advisories | CVE-2019-11539
SHA-256 | 428ddb0b67961d1a87be1c6c6acc41e678e23d1cbb23562598e8a6d6caf8b149
Pulse Secure SSL VPN 8.1R15.1 / 8.2 / 8.3 / 9.0 Arbitrary File Disclosure
Posted Aug 21, 2019
Authored by Alyssa Herrera, 0xDezzy | Site metasploit.com

This Metasploit module exploits Pulse Secure SSL VPN versions 8.1R15.1, 8.2, 8.3, and 9.0 which suffer from an arbitrary file disclosure vulnerability.

tags | exploit, arbitrary, info disclosure
advisories | CVE-2019-11510
SHA-256 | c4c06bbd40df833eb2f186640de391e2da4dc98aaffb460369cdb39d17627ab0
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close