CVE-2021-40346 integer overflow enables http smuggling

Last update: Nov 15, 2022

Overview

CVE-2021-40346-POC

CVE-2021-40346 integer overflow enables http smuggling

Reference: https://jfrog.com/blog/critical-vulnerability-in-haproxy-cve-2021-40346-integer-overflow-enables-http-smuggling/

整数溢出导致的http请求走私

Build

git clone https://github.com/donky16/CVE-2021-40346-POC.git
cd CVE-2021-40346-POC 
docker-compose build 
docker-compose up -d

Exploit

Owner

donky16

GitHub Repository

Tool to check if your DNS comply to Polish Ministry of Finance gambling domains restrictions

dns-mf-hazard Tool to check if your DNS comply to Polish Ministry of Finance gambling domains restrictions How to use it? Installation You need python

2 Jan 01, 2022

CVE-2022-21907 Vulnerability PoC

CVE-2022-21907 Description POC for CVE-2022-21907: HTTP Protocol Stack Remote Code Execution Vulnerability. create by antx at 2022-01-17, just some sm

16 Dec 18, 2022

Lite version of my Gatekeeper backdoor for public use.

Gatekeeper Lite Backdoor Fully functioning bind-type backdoor This backdoor is a fully functioning bind shell and lite version of my full functioning

56 Mar 25, 2022

Meterpreter Reverse shell over TOR network using hidden services

Poiana Reverse shell over TOR network using hidden services Features - Create a hidden service - Generate non-staged payload (python/meterpreter_rev

80 Dec 21, 2022

MITMSDR for INDIAN ARMY cybersecurity hackthon

There mainly three things here: MITMSDR spectrum Manual reverse shell MITMSDR Installation Clone the project and run the setup file: ./setup One of th

2 Jul 26, 2022

This is a keylogger in python for Windows, Mac and Linux!

Python-Keylogger This is a keylogger in python for Windows, Mac and Linux! #How to use it by downloading the zip file? Download the zip file first The

2 Nov 12, 2021

Log4j-Scanner with Bind-Receipt and custom hostnames

Hrafna - Log4j-Scanner for the masses Features Scanning-system designed to check your own infra for vulnerable log4j-installations start and stop scan

18 Jan 23, 2022

Ingest GreyNoise.io malicious feed for CVE-2021-44228 and apply null routes

log4j-nullroute Quick script to ingest IP feed from greynoise.io for log4j (CVE-2021-44228) and null route bad addresses. Works w/Cisco IOS-XE and Ari

5 Sep 12, 2022

Hadoop Yan RPC unauthorized RCE

Vuln Impact On November 15, 2021, A security researcher disclosed that there was an unauthorized access vulnerability in Hadoop yarn RPC. This vulnera

25 Nov 24, 2022

Moodle community-based vulnerability scanner

badmoodle Moodle community-based vulnerability scanner Description badmoodle is an unofficial community-based vulnerability scanner for moodle that sc

11 Dec 22, 2022

Natural Language Processing - Sommer Semester 2022

Natural Language Processing (DIS25a/NLP) This course can be taken for the Bachelor Programm Data and Information Science (DIS25a) or the Master Progra

19 Sep 07, 2022

BurpSuite Extension: Log4j2 RCE Scanner

Log4j2 RCE Scanner 作者：[email protected]元亨实验室声明：由于传播、利用本项目所提供的信息而造成的任何直接或者间接的后果及损失，均由使用者本人负责，项目作者不为此承担任何责

87 Dec 29, 2021

Grafana-POC(CVE-2021-43798)

Grafana-Poc 此工具请勿用于违法用途。一、使用方法：python3 grafana_hole.py 在domain.txt中填入ip:port 二、漏洞影响范围影响版本： Grafana 8.0.0 - 8.3.0 安全版本： Grafana 8.3.1, 8.2.7, 8.1.8,

8 Jan 03, 2023

Infoga is a tool gathering email accounts informations (ip,hostname,country,...) from different public source

Infoga - Email OSINT Infoga is a tool gathering email accounts informations (ip,hostname,country,...) from different public source (search engines, pg

1.8k Jan 04, 2023

CSAW 2021 writeups

CSAW 2021 Writeups Challenge Category Solved by The Magic Modbus ics root2thrill Lazy Leaks Forensics root2thrill Poem Collection warm-up root2thrill

7 Oct 06, 2021

Ini membuat tema berbasis bendera Indonesia with Python + Linux.py

tema Ubah Tema Termux Menjadi Linux Ubah Font Termux Jadi Linux dibuat oleh wahyudioputra INSTALL pkg update && pkg upgrade pkg install python pkg ins

2 Nov 30, 2021

Linus-png.github.io - Versionsverwaltung & Open Source Hausaufgabe

Let's Git - Versionsverwaltung & Open Source Hausaufgabe Herzlich Willkommen zu

1 Jan 24, 2022

Deltaspy - an advanced keylogger that can send keylogs and screenshots to gmail

Deltaspy Deltaspy is a advanced keylogger which sends keylogs and screenshot to

1 Dec 31, 2021

An All-In-One Pure Python PoC for CVE-2021-44228

Python Log4RCE An all-in-one pure Python3 PoC for CVE-2021-44228. Configure Replace the global variables at the top of the script to your configuratio

178 Nov 09, 2022

python script for hack gmail account using brute force attack

#Creator: johnry #coded by john ry GBrute python script for hack gmail account using brute force attack Commands apt update && apt upgrade git clone h

6 Dec 09, 2022

CVE-2021-40346 integer overflow enables http smuggling

Related tags

Overview

CVE-2021-40346-POC

Build

Exploit

Owner

donky16

Tool to check if your DNS comply to Polish Ministry of Finance gambling domains restrictions

CVE-2022-21907 Vulnerability PoC

Lite version of my Gatekeeper backdoor for public use.

Meterpreter Reverse shell over TOR network using hidden services

MITMSDR for INDIAN ARMY cybersecurity hackthon

This is a keylogger in python for Windows, Mac and Linux!

Log4j-Scanner with Bind-Receipt and custom hostnames

Ingest GreyNoise.io malicious feed for CVE-2021-44228 and apply null routes

Hadoop Yan RPC unauthorized RCE

Moodle community-based vulnerability scanner

Natural Language Processing - Sommer Semester 2022

BurpSuite Extension: Log4j2 RCE Scanner

Grafana-POC(CVE-2021-43798)

Infoga is a tool gathering email accounts informations (ip,hostname,country,...) from different public source

CSAW 2021 writeups

Ini membuat tema berbasis bendera Indonesia with Python + Linux.py

Linus-png.github.io - Versionsverwaltung & Open Source Hausaufgabe

Deltaspy - an advanced keylogger that can send keylogs and screenshots to gmail

An All-In-One Pure Python PoC for CVE-2021-44228

python script for hack gmail account using brute force attack