How I discovered and exploited an unauthenticated SSRF in the Havoc C2 teamserver, allowing attackers to leak origin IPs of teamservers behind redirectors and much more!
How I discovered and exploited an Unauthenticated RCE in BYOB (Build Your Own Botnet), an open-source post-exploitation framework for students, researchers and developers with close to 9k stars on GitHub!
@HackingLZ
> claims to be for students, universities, researchers etc
> ransomware and XMRig installer functionality being developed
> FAQ helps "students" failing to install XMRig properly
๐ค๐
How I discovered and chained and RCE and an XSS on CHAOS RAT v5.01, allowing an attacker to takeover the RAT server. Taking inspiration from , I also added exploit functionality to rickroll RAT operators.
Introducing RogueSliver. A tool to disrupt offensive campaigns that use the Sliver C2 framework.
โข Hijack beacons
โข Send memes to the attacker
โข Flood C2 servers
#DFIR
#RedTeam
I found a preauth path traversal vulnerability in the Jasmin Ransomware panel allowing an attacker to deanonymize panel operators and dump decryption keys. Jasmin ransomware was observed in a recent TeamCity exploitation campaign ()
How I discovered a pre-auth XSS vulnerability in NorthStar C2 (CVE-2024-28741) allowing an attacker to execute commands on NorthStar C2 agents
Thank you
@ACEResponder
and
@0xocdsec
for the inspiration
The unauthenticated SSRF vulnerability affecting Havoc C2 has been assigned CVE-2024-41570 ()
To hotpatch your teamserver:
1) Navigate to the Havoc directory
2) Run the command
sed -i '/case COMMAND_SOCKET:/,/return true/d' teamserver/pkg/agent/agent.go
How I discovered and exploited an unauthenticated SSRF in the Havoc C2 teamserver, allowing attackers to leak origin IPs of teamservers behind redirectors and much more!
@HackingLZ
> claims to be for students, universities, researchers etc
> ransomware and XMRig installer functionality being developed
> FAQ helps "students" failing to install XMRig properly
๐ค๐