Spamworld.php
24.1 KB
New mini shell :)
⚠️ Bypass All waf
📌 Non Encoded :::)))
⚠️ Bypass All waf
📌 Non Encoded :::)))
linux_injector.zip
5.5 KB
💉linux_injector is a simple ptrace-less shared library injector for x64 Linux(Most Linuxes that use glibc should be supported).
For control flow hijacking, this program needs a hijacking candidate. The code presented here uses malloc(), this can be changed by editing FUN_NAME and recompiling. Make sure the hooked function can run under 100ms, so that it won't be overwritten while it executes. This means calls like sleep or wait are bad candidates for the initial shellcode. The function in question also needs to be more than 0x50 long for the shellcode not to overwrite other functions.
Usage:
linux_injector <pid> <module>
Where pid is target process id & module is a module to inject, will be dlopened in the remote process
⚠️The code expects that the target uses the same libc as available to us. If it does not, then the remote symbols won't be found. This could be fixed by reading the remote libraries and scanning for our symbols in them.
For control flow hijacking, this program needs a hijacking candidate. The code presented here uses malloc(), this can be changed by editing FUN_NAME and recompiling. Make sure the hooked function can run under 100ms, so that it won't be overwritten while it executes. This means calls like sleep or wait are bad candidates for the initial shellcode. The function in question also needs to be more than 0x50 long for the shellcode not to overwrite other functions.
Usage:
linux_injector <pid> <module>
Where pid is target process id & module is a module to inject, will be dlopened in the remote process
⚠️The code expects that the target uses the same libc as available to us. If it does not, then the remote symbols won't be found. This could be fixed by reading the remote libraries and scanning for our symbols in them.
Forwarded from CYBER TRICKS ZONE 🇮🇳🚩 (𝙋𝙧𝙤𝙩𝙤𝙘𝙤𝙡 𝙉𝙞𝙘𝙠)
Linux Hacking Tools
Nessus– this tool can be used for Ubuntu hack, scan configuration settings, patches, and networks etc. it can be found at https://www.tenable.com/products/nessus
NMap. This tool can be used to monitor hosts that are running on the server and the services that they are utilizing. It can also be used to scan for ports. It can be found at https://nmap.org/
SARA – SARA is the acronym for Security Auditor’s Research Assistant. As the name implies, this tool can be used to audit networks against threats such as SQL Injection, XSS etc. it can be found at http://www-arc.com/sara/sara.html
The above list is not exhaustive; it gives you an idea of the tools available for Ubuntu hacking and hacking Linux systems.
Nessus– this tool can be used for Ubuntu hack, scan configuration settings, patches, and networks etc. it can be found at https://www.tenable.com/products/nessus
NMap. This tool can be used to monitor hosts that are running on the server and the services that they are utilizing. It can also be used to scan for ports. It can be found at https://nmap.org/
SARA – SARA is the acronym for Security Auditor’s Research Assistant. As the name implies, this tool can be used to audit networks against threats such as SQL Injection, XSS etc. it can be found at http://www-arc.com/sara/sara.html
The above list is not exhaustive; it gives you an idea of the tools available for Ubuntu hacking and hacking Linux systems.
Tenable®
Nessus Vulnerability Scanner: Network Security Solution
Find out more about Nessus - the trusted gold standard for vulnerability assessment, designed for modern attack surfaces - used by thousands of organizations.
#Malware_analysis
1. VidarStealer analysis
https://github.com/m4now4r/VidarStealer
2. Monster Libra (TA551/Shathak) pushes IcedID (Bokbot) with Dark VNC/Cobalt Strike
https://isc.sans.edu/diary/Monster+Libra+TA551Shathak+pushes+IcedID+Bokbot+with+Dark+VNC+and+Cobalt+Strike/28934
1. VidarStealer analysis
https://github.com/m4now4r/VidarStealer
2. Monster Libra (TA551/Shathak) pushes IcedID (Bokbot) with Dark VNC/Cobalt Strike
https://isc.sans.edu/diary/Monster+Libra+TA551Shathak+pushes+IcedID+Bokbot+with+Dark+VNC+and+Cobalt+Strike/28934
GitHub
GitHub - m4now4r/VidarStealer: Notes some analysis related to VidarStealer sample
Notes some analysis related to VidarStealer sample - m4now4r/VidarStealer
First_Do_No_Harm.pdf
412.7 KB
#Research
"First, Do No Harm: Studying the manipulation of security headers in browser extensions", 2021.
]-> Fast JavaScript parser: https://github.com/acornjs/acorn
"First, Do No Harm: Studying the manipulation of security headers in browser extensions", 2021.
]-> Fast JavaScript parser: https://github.com/acornjs/acorn
#Red_Team_Tactics
1. {JS-ON: Security-OFF}: Abusing JSON-Based SQL to Bypass WAF
https://claroty.com/team82/research/js-on-security-off-abusing-json-based-sql-to-bypass-waf
2. How To Exploit File Inclusion Vulnerabilities
https://infosecwriteups.com/how-to-exploit-file-inclusion-vulnerabilities-a-beginners-introduction-stackzero-a55267b5fafb
1. {JS-ON: Security-OFF}: Abusing JSON-Based SQL to Bypass WAF
https://claroty.com/team82/research/js-on-security-off-abusing-json-based-sql-to-bypass-waf
2. How To Exploit File Inclusion Vulnerabilities
https://infosecwriteups.com/how-to-exploit-file-inclusion-vulnerabilities-a-beginners-introduction-stackzero-a55267b5fafb
Claroty
{JS-ON: Security-OFF}: Abusing JSON-Based SQL to Bypass WAF
Team82 developed a generic web application firewall bypass exploiting a lack of JSON syntax support in leading vendors' SQL injection like AWS and Imperva WAF.
FSI_Masscan_Ransomware.pdf
40.7 MB
#Threat_Research
"Operation MaRS: Masscan Ransomware Threat Analysis Report", 2022.
"Operation MaRS: Masscan Ransomware Threat Analysis Report", 2022.
#exploit
1. CVE-2022-41050:
A vulnerability in the MS Windows' User-Mode Printer Drivers
https://ssd-disclosure.com/win32k-user-mode-printer-drivers-startdoc-uaf
2. CVE-2022-46689:
macOS Dirty Cow bug
https://github.com/zhuowei/MacDirtyCowDemo
1. CVE-2022-41050:
A vulnerability in the MS Windows' User-Mode Printer Drivers
https://ssd-disclosure.com/win32k-user-mode-printer-drivers-startdoc-uaf
2. CVE-2022-46689:
macOS Dirty Cow bug
https://github.com/zhuowei/MacDirtyCowDemo
SSD Secure Disclosure
Win32k User-Mode Printer Drivers StartDoc UAF - SSD Secure Disclosure
Summary A vulnerability in the UMPD (User-Mode Printer Drivers) allows local users to trigger a use-after-free vulnerability. The vulnerability works from Windows 8 and above, and is fairly easy to exploit on older Windows machines. Credit An independent…
#tools
#Offensive_security
1. A simple ptrace-less shared library injector for x64 Linux
https://github.com/namazso/linux_injector
2. EDRs Hooked APIs
https://github.com/vysecurity/EDRs
#Offensive_security
1. A simple ptrace-less shared library injector for x64 Linux
https://github.com/namazso/linux_injector
2. EDRs Hooked APIs
https://github.com/vysecurity/EDRs
GitHub
GitHub - namazso/linux_injector: A simple ptrace-less shared library injector for x64 Linux
A simple ptrace-less shared library injector for x64 Linux - namazso/linux_injector
Venom.zip
156.4 KB
🔥Venom is a C++ library that is meant to give an alternative way to communicate, instead of creating a socket that could be traced back to the process, it creates a new "hidden" (there is no window shown) detached edge process (edge was chosen because it is a browser that is installed on every Windows 10+ and won't raise suspicious) and stealing one of its sockets to perform the network operations.
The benefit of creating a detached browser process is that there is no danger that it will be closed accidentally by the user and the sockets exist but not communicating with any site, therefore avoiding possible collisions.
The benefit of creating a detached browser process is that there is no danger that it will be closed accidentally by the user and the sockets exist but not communicating with any site, therefore avoiding possible collisions.
#Malware_analysis
1. Munin - Online hash checker for Virustotal and other services
https://github.com/Neo23x0/munin
2. Hunting for Attestation Signed Malware
https://www.mandiant.com/resources/blog/hunting-attestation-signed-malware
1. Munin - Online hash checker for Virustotal and other services
https://github.com/Neo23x0/munin
2. Hunting for Attestation Signed Malware
https://www.mandiant.com/resources/blog/hunting-attestation-signed-malware
#tools
#OSINT
OctoSuite - A framework fro gathering OSINT on GitHub users, repositories and organizations
https://github.com/bellingcat/octosuite
#OSINT
OctoSuite - A framework fro gathering OSINT on GitHub users, repositories and organizations
https://github.com/bellingcat/octosuite
Hardware_Trojans.pdf
4.3 MB
#Hardware_Security
"Security Closure of IC Layouts Against Hardware Trojans", 2022.
]-> Repo: https://drive.google.com/drive/u/0/mobile/folders/1A_Cy6w2n31_wuPKVayz50R-1lfXfC4vH?usp=sharing
]-> OMLA attack: https://github.com/DfX-NYUAD/OMLA
]-> MuxLink attack: https://github.com/lilasrahis/MuxLink
"Security Closure of IC Layouts Against Hardware Trojans", 2022.
]-> Repo: https://drive.google.com/drive/u/0/mobile/folders/1A_Cy6w2n31_wuPKVayz50R-1lfXfC4vH?usp=sharing
]-> OMLA attack: https://github.com/DfX-NYUAD/OMLA
]-> MuxLink attack: https://github.com/lilasrahis/MuxLink
#tools
#Offensive_security
1. Venom - library that meant to perform evasive communication using stolen browser socket
https://github.com/Idov31/Venom
2. Pingoor - Linux Backdoor based on ICMP protocol
https://github.com/MrEmpy/Pingoor
#Offensive_security
1. Venom - library that meant to perform evasive communication using stolen browser socket
https://github.com/Idov31/Venom
2. Pingoor - Linux Backdoor based on ICMP protocol
https://github.com/MrEmpy/Pingoor
#exploit
CVE-2022-42823:
1. Apple Safari JavaScriptCore Inspector Type Confusion
https://ssd-disclosure.com/apple-safari-javascriptcore-inspector-type-confusion
2. CVE-2021-22015:
VMware vCenter vScalation Privilege Escalation
https://packetstormsecurity.com/files/170116/VMware-vCenter-vScalation-Privilege-Escalation.html
CVE-2022-42823:
1. Apple Safari JavaScriptCore Inspector Type Confusion
https://ssd-disclosure.com/apple-safari-javascriptcore-inspector-type-confusion
2. CVE-2021-22015:
VMware vCenter vScalation Privilege Escalation
https://packetstormsecurity.com/files/170116/VMware-vCenter-vScalation-Privilege-Escalation.html
💥Ban-R
•Features:
~Reports Time Delay To Secure Your Acc
~Temp Ban & Permanent Ban
~Fully Safe & Accessible
~Works Without Proxies
~Anti Virtual Machine
•Use 2013 Insta Accounts For Fast Banning
Download Link: Click Here 👈
Password: #CyberRatsBanR
By Cyber_Rats ❤️
•Features:
~Reports Time Delay To Secure Your Acc
~Temp Ban & Permanent Ban
~Fully Safe & Accessible
~Works Without Proxies
~Anti Virtual Machine
•Use 2013 Insta Accounts For Fast Banning
Download Link: Click Here 👈
Password: #CyberRatsBanR
By Cyber_Rats ❤️