Unobtainium
https://github.com/electron
https://www.electronjs.org/
Spectra
Spectra- wordpress
wp_admin_shell_upload
Atom
Atom
Shield
wordpress website. with msfconsole upload nc.ex to wordpress uploads. start nc.exe and connect back to attacker’s nc listener.
Vaccine
SQL injection vulnerabilities
Oopsie
Session hijack with burpsuite to get reverse shell uploaded. setuid used to run cat=/bin/sh in /tmp
Archetype
The ports smb, mssql are open. impacket tools are used.
TheNotebook
jwt – java web token exploit
Schooled
Exploiting Moodle vulnerabilities and FreeBSD custom pkg
Ready
Ready, GitLab remote code excution, escaping docker privileged containers.