{"version":1,"pages":[{"id":"-MOWsmkbSJqcvBVapPp1","title":"ABOUT US","pathname":"/","siteSpaceId":"sitesp_cEU0V","description":""},{"id":"-MPypDihnLK7lWQ8z4gY","title":"UNSAFE","pathname":"/unsafe","siteSpaceId":"sitesp_cEU0V","description":""},{"id":"oSNCosHrpbVtGtFfQ7Vc","title":"sAMAccountName Spoofing in the Forest","pathname":"/unsafe/samaccountname-spoofing-in-the-forest","siteSpaceId":"sitesp_cEU0V","description":"Exploiting sAMAccountName spoofing (CVE-2021-42278 & CVE-2021-42287) from the child domain can led to compromise the parent domain","breadcrumbs":[{"label":"UNSAFE"}]},{"id":"-MgBMRPdU9KcEbKBRAQg","title":"Pass-the-Hash Attack Over Named Pipes Against ESET Server Security","pathname":"/unsafe/pass-the-hash-attack-over-named-pipes-against-eset-server-security","siteSpaceId":"sitesp_cEU0V","description":"","breadcrumbs":[{"label":"UNSAFE"}]},{"id":"-MQBMsOgeG24Omzlm-h8","title":"Netcat Relay","pathname":"/unsafe/netcat-relay","siteSpaceId":"sitesp_cEU0V","description":"","breadcrumbs":[{"label":"UNSAFE"}]},{"id":"-MOWsqnOChTU0KTwjMYd","title":"Hiren's BootCD in the AD","pathname":"/unsafe/hirens-bootcd-in-the-ad","siteSpaceId":"sitesp_cEU0V","description":"","breadcrumbs":[{"label":"UNSAFE"}]},{"id":"-MSCNZp4yqetoMaf520C","title":"Abusing LAPS","pathname":"/unsafe/abusing-laps","siteSpaceId":"sitesp_cEU0V","description":"Default value of ms-DSMachine-Account-QuotaAttribute with LAPS Leading to Persistence and Information Disclosure","breadcrumbs":[{"label":"UNSAFE"}]},{"id":"-MPynNvaUIcezhh30Sr9","title":"INLINE","pathname":"/inline","siteSpaceId":"sitesp_cEU0V","description":""},{"id":"-MOWsu8evqQUe5ed4ZJt","title":"Asena","pathname":"/inline/asena-tool","siteSpaceId":"sitesp_cEU0V","description":"","breadcrumbs":[{"label":"INLINE"}]},{"id":"-MOWtHJyDgSq6rUkBpDO","title":"Suyla","pathname":"/inline/suyla-tool","siteSpaceId":"sitesp_cEU0V","description":"Suyla is the god takes the victim's soul to Ulgen. This for reason has been put tool name Suyla. Suyla's main purpace by changing http header values sending to target system.","breadcrumbs":[{"label":"INLINE"}]},{"id":"-MOWtLRnWASMlFXpbE3I","title":"dcFinder","pathname":"/inline/dcfinder","siteSpaceId":"sitesp_cEU0V","description":"Find Domain Controllers using SRV records","breadcrumbs":[{"label":"INLINE"}]},{"id":"imLtQ9RPmI0vpwauUcFv","title":"ADManager Plus Build < 7230 Elevation Of Privilege Vulnerability (CVE-2025-9435)","pathname":"/0day/admanager-plus-build-less-than-7230-elevation-of-privilege-vulnerability-cve-2025-9435","siteSpaceId":"sitesp_cEU0V","breadcrumbs":[{"label":"0DAY"}]},{"id":"a22gVM93tOFRzY3U0JdR","title":"ADManager Plus Build < 7210 Elevation of Privilege Vulnerability (CVE-2024-24409)","pathname":"/0day/admanager-plus-build-less-than-7210-elevation-of-privilege-vulnerability-cve-2024-24409","siteSpaceId":"sitesp_cEU0V","description":"","breadcrumbs":[{"label":"0DAY"}]},{"id":"9W3nraNULI8N6jDj3Mqi","title":"Asp.Net Zero v12.3.0 - HTML Injection Leads To Open Redirect via Websockets (CVE-2023-48003)","pathname":"/0day/asp.net-zero-v12.3.0-html-injection-leads-to-open-redirect-via-websockets-cve-2023-48003","siteSpaceId":"sitesp_cEU0V","breadcrumbs":[{"label":"0DAY"}]},{"id":"8RLoTIGztzhWc3E0aGBM","title":"ManageEngine ADManager Plus Build < 7183 - Recovery Password Disclosure (CVE-2023-31492)","pathname":"/0day/manageengine-admanager-plus-build-less-than-7183-recovery-password-disclosure-cve-2023-31492","siteSpaceId":"sitesp_cEU0V","breadcrumbs":[{"label":"0DAY"}]},{"id":"WIFuCKZlALUZa33kWx13","title":"Multiple ManageEngine Applications Critical Information Disclosure Vulnerability","pathname":"/0day/multiple-manageengine-applications-critical-information-disclosure-vulnerability","siteSpaceId":"sitesp_cEU0V","description":"The NTLMv2 hash of the domain user or the computer accounts, can be obtained coercing the target server authenticates an arbitrary SMB server. (CVE-2022-29457)","breadcrumbs":[{"label":"0DAY"}]},{"id":"-Mahy3KLANELp5ulyJtB","title":"Thecus N4800Eco Nas Server Control Panel Comand Injection","pathname":"/0day/thecus-n4800eco-nas-server-control-panel-comand-injection","siteSpaceId":"sitesp_cEU0V","description":"Command Injection vulnerability that lets attacker for executing command with root privileges.","breadcrumbs":[{"label":"0DAY"}]},{"id":"-M_HcCmVXMwSWcG-BigX","title":"ManageEngine ADSelfService Plus 6.1 CSV Injection (CVE-2021-33256)","pathname":"/0day/manageengine-adselfservice-plus-6.1-csv-injection","siteSpaceId":"sitesp_cEU0V","description":"Obtain reverse shell in the domain environment exploiting CSV injection vulnerability","breadcrumbs":[{"label":"0DAY"}]},{"id":"-MXbZNJwr7PsXsOcyGdv","title":"Openlitespeed Web Server 1.7.8 - Privilege Escalation (CVE-2021-26758)","pathname":"/0day/openlitespeed-web-server-1.7.8-command-injection-to-privilege-escalation-cve-2021-26758","siteSpaceId":"sitesp_cEU0V","description":"Openlitespeed Web Server 1.7.8 - Command Injection to Privilege Escalation (CVE-2021-26758)","breadcrumbs":[{"label":"0DAY"}]},{"id":"-MRvQR7ykBklMl-i92x3","title":"KLOG Server (Authenticated) Command Injection (CVE-2021-3317)","pathname":"/0day/klog-server-authenticated-command-injection","siteSpaceId":"sitesp_cEU0V","description":"Klog Server 2.4.1 - Command Injection (Authenticated)","breadcrumbs":[{"label":"0DAY"}]},{"id":"-MQWjHHl_T2YeL8muCom","title":"Cokpit version 234 - Server Side Request Forgery (CVE-2020-35850)","pathname":"/0day/cokpit-version-234-server-side-request-forgery-cve-2020-35850","siteSpaceId":"sitesp_cEU0V","description":"Cockpit Version 234 - sshd Service Scanning via Server-Side Request Forgery (Unauthenticated)","breadcrumbs":[{"label":"0DAY"}]},{"id":"-MQ747wojAvWJ5i6qiyA","title":"KLOG Server Unauthenticated Command Injection (CVE-2020-35729)","pathname":"/0day/klog-server-unauthentication-command-injection","siteSpaceId":"sitesp_cEU0V","description":"","breadcrumbs":[{"label":"0DAY"}]},{"id":"-MQ74x28mW-z6nG0lqKQ","title":"Pearson Vue - VUEApplicationWrapper Unquoted Service Path (CVE-2020-36154)","pathname":"/0day/pearson-vue-vueapplicationwrapper-unquoted-service-path","siteSpaceId":"sitesp_cEU0V","description":"Pearson Vue VTS 2.3.1911 Installer - VUEApplicationWrapper Unquoted Service Path","breadcrumbs":[{"label":"0DAY"}]},{"id":"-MOWtt5bKviDrK_3bqEV","title":"Intel(r) Management and Security Application 5.2 - UNS Unquoted Service Path","pathname":"/0day/intel-uns-unquoted-service-path","siteSpaceId":"sitesp_cEU0V","description":"Intel(r) Management and Security Application 5.2 - User Notification Service Unquoted Service Path Privilege Escalation","breadcrumbs":[{"label":"0DAY"}]},{"id":"-MW5NH6ZbMiO1aO0WqJq","title":"BRAdmin Professional 3.75 - Unquoted Service Path","pathname":"/0day/bradmin-professional-3.75-unquoted-service-path","siteSpaceId":"sitesp_cEU0V","description":"BRAdmin Professional 3.75 - BRA_Scheduler Unquoted Service Path Privilege Escalation","breadcrumbs":[{"label":"0DAY"}]}]}