CVE-2021-40346 integer overflow enables http smuggling

Last update: Nov 15, 2022

Overview

CVE-2021-40346-POC

CVE-2021-40346 integer overflow enables http smuggling

Reference: https://jfrog.com/blog/critical-vulnerability-in-haproxy-cve-2021-40346-integer-overflow-enables-http-smuggling/

整数溢出导致的http请求走私

Build

git clone https://github.com/donky16/CVE-2021-40346-POC.git
cd CVE-2021-40346-POC 
docker-compose build 
docker-compose up -d

Exploit

Owner

donky16

GitHub Repository

🔍 IRIS: An open-source intelligence framework

IRIS is an open-source OSINT framework, consisting of modules to find information about a target by scraping sites and fetching data from APIs.

79 Dec 20, 2022

Scan your logs for CVE-2021-44228 related activity and report the attackers

jndiRep - CVE-2021-44228 Basically a bad grep on even worse drugs. search for malicious strings decode payloads print results to stdout or file report

2 Nov 24, 2022

A local Socks5 server written in python, used for integrating Multi-hop

proxy-Zata proxy-Zata v1.0 This is a local Socks5 server written in python, used for integrating Multi-hop (Socks4/Socks5/HTTP) forward proxy then pro

4 Feb 24, 2022

IDAPatternSearch adds a capability of finding functions according to bit-patterns into the well-known IDA Pro disassembler based on Ghidra’s function patterns format.

IDA Pattern Search by Argus Cyber Security Ltd. The IDA Pattern Search plugin adds a capability of finding functions according to bit-patterns into th

48 Dec 29, 2022

A Burp Suite extension made to automate the process of finding reverse proxy path based SSRF.

TProxer A Burp Suite extension made to automate the process of finding reverse proxy path based SSRF. How • Install • Todo • Join Discord How it works

162 Nov 25, 2022

This collection of tools that makes it easy to secure and/or obfuscate messages, files, and data.

Scrambler App This collection of tools that makes it easy to secure and/or obfuscate messages, files, and data. It leverages encryption tools such as

2 Aug 31, 2022

Seamless deployment and management of cybersecurity solutions 🏗️

Description 🖼️ Background 👴🏼 Vision 📜 Concepts 💬 Solutions' Lifecycle. Operations ⭕ Functionalities 🚀 Supported Cybersecurity Solutions 📦 Insta

36 Nov 10, 2022

Tool for finding PHP source code vulnerabilities.

vulnz Tool for finding php source code vulnerabilities. Scans PHP source code and prints out potentially dangerous lines. This tool is useful for secu

1 Jan 14, 2022

Web3 Pancakeswap Sniper & honeypot detector Take Profit/StopLose bot written in python3, For ANDROID WIN MAC & LINUX

🏆 Pancakeswap BSC Sniper Bot web3 with honeypot detector (ANDROID WINDOWS MAC LINUX) 🥇 ⭐️ ⭐️ ⭐️ First SNIPER BOT for ANDROID & WINDOWS with honeypot

12 Jan 07, 2023

RDP Stealer

RDP Stealer RDP Stealer by lamp Require Python How To Use Download This Source Extract The Zip File Change webhook url Convert to exe send to target I

14 Nov 26, 2022

About Hive Burp Suite Extension

Hive Burp Suite Extension Description Hive extension for Burp Suite. This extension allows you to send data from Burp to Hive in one click. Create iss

7 Dec 07, 2022

Client script for the fisherman phishing tool

1 Feb 23, 2022

ORector - A Fast Python tool designed to detect open redirects vulnerabilities on websites

ORector is a Fast Python tool designed to detect open redirects vulnerabilities

11 Apr 02, 2022

CC CAMERA HACKING TOOL

CAM-HACK CC CAMERA HACKING TOOL Installation On Termux $ apt update

10 Sep 25, 2022

Transparent proxy server that works as a poor man's VPN. Forwards over ssh. Doesn't require admin. Works with Linux and MacOS. Supports DNS tunneling.

sshuttle: where transparent proxy meets VPN meets ssh As far as I know, sshuttle is the only program that solves the following common case: Your clien

9.4k Jan 04, 2023

CVE-2021-40346 integer overflow enables http smuggling

Related tags

Overview

CVE-2021-40346-POC

Build

Exploit

Owner

donky16

🔍 IRIS: An open-source intelligence framework

Scan your logs for CVE-2021-44228 related activity and report the attackers

A local Socks5 server written in python, used for integrating Multi-hop

IDAPatternSearch adds a capability of finding functions according to bit-patterns into the well-known IDA Pro disassembler based on Ghidra’s function patterns format.

A Burp Suite extension made to automate the process of finding reverse proxy path based SSRF.

This collection of tools that makes it easy to secure and/or obfuscate messages, files, and data.

Seamless deployment and management of cybersecurity solutions 🏗️

Tool for finding PHP source code vulnerabilities.

Web3 Pancakeswap Sniper & honeypot detector Take Profit/StopLose bot written in python3, For ANDROID WIN MAC & LINUX

RDP Stealer

About Hive Burp Suite Extension

Client script for the fisherman phishing tool

ORector - A Fast Python tool designed to detect open redirects vulnerabilities on websites

CC CAMERA HACKING TOOL

Transparent proxy server that works as a poor man's VPN. Forwards over ssh. Doesn't require admin. Works with Linux and MacOS. Supports DNS tunneling.

A small Minecraft server to help players detect vulnerability to the Log4Shell exploit 🐚

Facebook account cloning/hacking advanced tool + dictionary attack added | Facebook automation tool

威胁情报播报

Password Manager is a simple Python project which helps users in managing their passwords in a easier way

PyFUD - Fully Undetectable payload generator for metasploit