Saltar al contenido
  • Experiments
  • Notes
  • Scripts
  • OrbiDump
header the dumpster
  • Experiments
  • Notes
  • Scripts
  • OrbiDump
header the dumpster
  • Notes

CVE-2026-44595 User enumeration in YAMCS

User enum yamcs

Severity: MEDIUM (CVSS 4.3)Affected: yamcs-core < 5.12.7Fixed in: yamcs-core 5.12.7Advisory: GHSA-p2rj-mrmc-9w29 YAMCS has an IAM system with privilege levels. One of them is SystemPrivilege.ControlAccess supposed to gate access to user management endpoints. The IAM API has endpoints for listing users,…

  • Daniel Miranda Barcelona - Excal1bur
  • junio 2, 2026
  • Scripts

Vault Exfiltrator – USB Rubber Ducky Payload

vault_exfiltrator_portada

Vault Exfiltrator – USB Rubber Ducky Physical Exfiltration Payload Vault Exfiltrator is a payload designed for the USB Rubber Ducky that physically extracts password manager database files from a target Windows system. Unlike remote exfiltration payloads, it copies the files…

  • Daniel Miranda Barcelona - Excal1bur
  • abril 24, 2026

Copyright © 2026 Daniel Miranda Barcelona Excal1bur - From ZGZ with ❤️