CVE-2021-40346 integer overflow enables http smuggling

Last update: Nov 15, 2022

Overview

CVE-2021-40346-POC

CVE-2021-40346 integer overflow enables http smuggling

Reference: https://jfrog.com/blog/critical-vulnerability-in-haproxy-cve-2021-40346-integer-overflow-enables-http-smuggling/

整数溢出导致的http请求走私

Build

git clone https://github.com/donky16/CVE-2021-40346-POC.git
cd CVE-2021-40346-POC 
docker-compose build 
docker-compose up -d

Exploit

Owner

donky16

GitHub Repository

Cookiecutter for creating open source Python packages

Cookiecutter for rapidly developing new open source Python packages. Best practices with all the modern bells and whistles included.

177 Dec 22, 2022

This repository detects a system vulnerable to CVE-2022-21907 and protects against this vulnerability if desired

26 Dec 26, 2022

Obfuscate your Python scripts better, faster.

⚜️ Berserker ⚜️ An unique Python3 obfuscator using Kyrie Eleison's encryption protocol, written in Python3. 📋 Examples 📋 Unobfuscated: input("Hello

81 Dec 07, 2022

This is a simple Port Flooder written in Python 3.

This is a simple Port Flooder written in Python 3. Use this tool to quickly stress test your network devices and measure your router's or server's load.

4 Feb 20, 2022

PoC for CVE-2020-6207 (Missing Authentication Check in SAP Solution Manager)

PoC for CVE-2020-6207 (Missing Authentication Check in SAP Solution Manager) This script allows to check and exploit missing authentication checks in

82 Nov 09, 2022

A wordlist generator tool, that allows you to supply a set of words, giving you the possibility to craft multiple variations from the given words, creating a unique and ideal wordlist to use regarding a specific target.

A wordlist generator tool, that allows you to supply a set of words, giving you the possibility to craft multiple variations from the given words, creating a unique and ideal wordlist to use regardin

39 Dec 10, 2022

Evil-stalker - A simple tool written in python, it is so simple that it is based on google dorks

evil-stalker How to run First of all, you must install the necessary libraries.

6 Nov 16, 2022

Mad Spammer is a python webhook spammer which is very easy and safe to use.

Mad Spammer 👿 Pre-Setup: Open your terminal/console and type: pip install module colorama python MadSpammer.py Setup: After doing that, you should be

1 Nov 26, 2021

A Python Tool that uses Shodan API's to perform quick recon for vulnerabilities

Shodan Quick Recon A Python Tool that uses Shodan API's to perform quick recon for vulnerabilities Configuration You must edit the python code, and in

5 Aug 09, 2022

ssh-audit is a tool for ssh server & client configuration auditing.

SSH server & client auditing (banner, key exchange, encryption, mac, compression, compatibility, security, etc)

1.4k Dec 31, 2022

OMIGOD! OM I GOOD? A free scanner to detect VMs vulnerable to one of the

omigood (OM I GOOD?) This repository contains a free scanner to detect VMs vulnerable to one of the "OMIGOD" vulnerabilities discovered by Wiz's threa

13 Jul 13, 2022

Fuck - Multi Brute Force 🚶‍♂

f-mbf Fuck - Multi Brute Force 🚶‍♂ Install Script $ pkg update && pkg upgrade $ pkg install python2 $ pkg install git $ pip2 install requests $ pip2

1 Dec 03, 2021

Code to do NF in HDR,HEVC,HPL,MPL

Netflix-DL 6.0 |HDR-HEVC-MPL-HPL NOT Working| ! Buy working netflix cdm from [em

4 Dec 28, 2021

I hacked my own webcam from a Kali Linux VM in my local network, using Ettercap to do the MiTM ARP poisoning attack, sniffing with Wireshark, and using metasploit

plan I - Linux Fundamentals Les utilisateurs et les droits Installer des programmes avec apt-get Surveiller l'activité du système Exécuter des program

148 Dec 22, 2022

DirBruter is a Python based CLI tool. It looks for hidden or existing directories/files using brute force method. It basically works by launching a dictionary based attack against a webserver and analyse its response.

DirBruter DirBruter is a Python based CLI tool. It looks for hidden or existing directories/files using brute force method. It basically works by laun

12 Dec 17, 2022

CVE-2021-40346 integer overflow enables http smuggling

Related tags

Overview

CVE-2021-40346-POC

Build

Exploit

Owner

donky16

Cookiecutter for creating open source Python packages

This repository detects a system vulnerable to CVE-2022-21907 and protects against this vulnerability if desired

Obfuscate your Python scripts better, faster.

This is a simple Port Flooder written in Python 3.

PoC for CVE-2020-6207 (Missing Authentication Check in SAP Solution Manager)

A wordlist generator tool, that allows you to supply a set of words, giving you the possibility to craft multiple variations from the given words, creating a unique and ideal wordlist to use regarding a specific target.

Evil-stalker - A simple tool written in python, it is so simple that it is based on google dorks

Mad Spammer is a python webhook spammer which is very easy and safe to use.

A Python Tool that uses Shodan API's to perform quick recon for vulnerabilities

ssh-audit is a tool for ssh server & client configuration auditing.

OMIGOD! OM I GOOD? A free scanner to detect VMs vulnerable to one of the

Fuck - Multi Brute Force 🚶‍♂

Code to do NF in HDR,HEVC,HPL,MPL

I hacked my own webcam from a Kali Linux VM in my local network, using Ettercap to do the MiTM ARP poisoning attack, sniffing with Wireshark, and using metasploit

DirBruter is a Python based CLI tool. It looks for hidden or existing directories/files using brute force method. It basically works by launching a dictionary based attack against a webserver and analyse its response.

MVT is a forensic tool to look for signs of infection in smartphone devices

evtx-hunter helps to quickly spot interesting security-related activity in Windows Event Viewer (EVTX) files.

A quick script to spot the usage of Unicode Bidi (bidirectional) characters that could lead to an Invisible Backdoor

Simple script to have LDAP authentication in Home Assistant Docker, using NGINX's ldap-auth container

Python Password Generator