Vulnerable Web Applications

Software Version Vulnerability References Msf
Pfsense <= 2.2.6 Command Injection exploit-db
Pfsense < 2.1.4 Command Injection exploit-db
Drupal 7.x RCE exploit-db
October CMS 1.0.412 RCE, PHP object injection exploit-db
NibbleBlog 0 Usernames /nibbleblog/content/private/users.xml
Apache Struts 2.3.x before 2.3.32 2.5.x before 2.5.10.1 RCE CVE-2017-5638 https://github.com/mazen160/struts-pwn
PHPLiteAdmin 1.9.2 RCE exploit-db
PiHole ANY sudo pihole -a -p PASSWORD
UnrealIRCD 3.2.8.1 Backdoor RCE exploit-db

Pfsense issues

Magento

ExploitDB: 37977 (change password), 37811

  • https://dustri.org/b/writing-a-simple-extensionbackdoor-for-magento.html
  • https://www.foregenix.com/blog/anatomy-of-a-magento-attack-froghopper
  • http://www.ethanjoachimeldridge.info/tech-blog/exploiting-magento
  • https://0xdf.gitlab.io/2019/09/28/htb-swagshop.html

Plugins to exploit: - https://pluginarchive.com/magento/magpleasure_filesystem - https://github.com/lavalamp-/LavaMagentoBD