DirtyCred-Zhenpeng.pdf
14.3 MB
CVE-2022-2588
Cautious! A New Exploitation Method!
No Pipe but as Nasty as Dirty Pipe
https://github.com/greek0x0/2022-LPE-UAF
Cautious! A New Exploitation Method!
No Pipe but as Nasty as Dirty Pipe
https://github.com/greek0x0/2022-LPE-UAF
Malware sandbox evasion in x64 assembly by checking ram size
Part 1:
https://www.accidentalrebel.com/malware-sandbox-evasion-in-x64-assembly-by-checking-ram-size-part-1.html
Part 2:
https://www.accidentalrebel.com/malware-sandbox-evasion-in-x64-assembly-by-checking-ram-size-part-2.html
https://github.com/accidentalrebel/sandbox-evasion-by-checking-ram-size
Part 1:
https://www.accidentalrebel.com/malware-sandbox-evasion-in-x64-assembly-by-checking-ram-size-part-1.html
Part 2:
https://www.accidentalrebel.com/malware-sandbox-evasion-in-x64-assembly-by-checking-ram-size-part-2.html
https://github.com/accidentalrebel/sandbox-evasion-by-checking-ram-size
Accidentalrebel
Malware sandbox evasion in x64 assembly by checking ram size - Part 1
During my malware sandbox evasion research, I stumbled upon the Unprotect Project website. It is a community-contributed repository of evasion techniques used by malware. I saw that the the Checking Memory Size technique doesn't have a example snippet yet…
Mozilla Firefox
CVE-2022-1802 + CVE-2022-1529 + CVE-2022-2200:
RCE + SBX full chain complete
https://github.com/mistymntncop/CVE-2022-1802
CVE-2022-1802 + CVE-2022-1529 + CVE-2022-2200:
RCE + SBX full chain complete
https://github.com/mistymntncop/CVE-2022-1802
GitHub
GitHub - mistymntncop/CVE-2022-1802
Contribute to mistymntncop/CVE-2022-1802 development by creating an account on GitHub.
Zimbra CVE-2022-37042 Nuclei weaponized template shell
https://github.com/aels/CVE-2022-37042
https://github.com/aels/CVE-2022-37042
GitHub
GitHub - aels/CVE-2022-37042: Zimbra CVE-2022-37042 Nuclei weaponized template
Zimbra CVE-2022-37042 Nuclei weaponized template. Contribute to aels/CVE-2022-37042 development by creating an account on GitHub.
Windows Privilege Escalation
Part 1 - Unquoted service paths
https://medium.com/@tinopreter/windows-privilege-escalation-1-unquoted-service-paths-975e3ea6f1e9
Part 2 - Hijacking DLLs
https://medium.com/@tinopreter/windows-privilege-escalation-2-hijacking-dlls-28505b68a978
Part 1 - Unquoted service paths
https://medium.com/@tinopreter/windows-privilege-escalation-1-unquoted-service-paths-975e3ea6f1e9
Part 2 - Hijacking DLLs
https://medium.com/@tinopreter/windows-privilege-escalation-2-hijacking-dlls-28505b68a978
Medium
Windows PrivEsc (1) — Unquoted service paths
When starting a service, Windows require the path to the service binary. And if the full path to the binary has spaces in between the…
Automated Red Team Infrastructure deployement using Docker
https://github.com/khast3x/Redcloud
https://github.com/khast3x/Redcloud
GitHub
GitHub - khast3x/Redcloud: Automated Red Team Infrastructure deployement using Docker
Automated Red Team Infrastructure deployement using Docker - khast3x/Redcloud
An OSINT Geolocalization tool for Telegram that find nearby users and groups
https://github.com/Alb-310/Geogramint
https://github.com/Alb-310/Geogramint
GitHub
GitHub - Alb-310/Geogramint: An OSINT Geolocalization tool for Telegram that find nearby users and groups 📡🌍🔍
An OSINT Geolocalization tool for Telegram that find nearby users and groups 📡🌍🔍 - Alb-310/Geogramint
Find Microsoft Exchange instance for a given domain and identify the exact version
https://github.com/mhaskar/ExchangeFinder
https://github.com/mhaskar/ExchangeFinder
GitHub
GitHub - mhaskar/ExchangeFinder: Find Microsoft Exchange instance for a given domain and identify the exact version
Find Microsoft Exchange instance for a given domain and identify the exact version - mhaskar/ExchangeFinder
Suborner: The Invisible Account Forger
A simple program to create a Windows account you will only know about :)
https://github.com/r4wd3r/Suborner
A simple program to create a Windows account you will only know about :)
https://github.com/r4wd3r/Suborner
GitHub
GitHub - r4wd3r/Suborner
Contribute to r4wd3r/Suborner development by creating an account on GitHub.
🔥2👍1
CVE-2022-34715:
Microsoft Windows NFS v4 RCE
https://www.zerodayinitiative.com/blog/2022/8/31/cve-2022-34715-more-microsoft-windows-nfs-v4-remote-code-execution
Microsoft Windows NFS v4 RCE
https://www.zerodayinitiative.com/blog/2022/8/31/cve-2022-34715-more-microsoft-windows-nfs-v4-remote-code-execution
Zero Day Initiative
Zero Day Initiative — CVE-2022-34715: More Microsoft Windows NFS v4 Remote Code Execution
In this excerpt of a Trend Micro Vulnerability Research Service vulnerability report, Quintin Crist and Dusan Stevanovic of the Trend Micro Research Team detail a recently patched remote code execution vulnerability in the Microsoft Windows operating system…
1. Bypass UAC on Windows 10/11 x64 using ms-settings DelegateExecute registry key
https://github.com/hackerhouse-opensource/MsSettingsDelegateExecute
2. UAC bypass for x64 Windows 7-11
https://github.com/zha0gongz1/iscsicpl_bypassUAC
https://github.com/hackerhouse-opensource/MsSettingsDelegateExecute
2. UAC bypass for x64 Windows 7-11
https://github.com/zha0gongz1/iscsicpl_bypassUAC
GitHub
GitHub - hackerhouse-opensource/MsSettingsDelegateExecute: Bypass UAC on Windows 10/11 x64 using ms-settings DelegateExecute registry…
Bypass UAC on Windows 10/11 x64 using ms-settings DelegateExecute registry key. - hackerhouse-opensource/MsSettingsDelegateExecute
👍5
r77-rootkit
Fileless ring 3 rootkit with installer and persistence that hides processes, files, network connections, etc.
https://github.com/bytecode77/r77-rootkit
Fileless ring 3 rootkit with installer and persistence that hides processes, files, network connections, etc.
https://github.com/bytecode77/r77-rootkit
GitHub
GitHub - bytecode77/r77-rootkit: Fileless ring 3 rootkit with installer and persistence that hides processes, files, network connections…
Fileless ring 3 rootkit with installer and persistence that hides processes, files, network connections, etc. - bytecode77/r77-rootkit
👍1
#Malware
1. Spymax Android RAT
https://insinuator.net/2022/09/spymax-the-android-rat-and-it-works-like-that
2. Play Ransomware
https://www.trendmicro.com/en_us/research/22/i/play-ransomware-s-attack-playbook-unmasks-it-as-another-hive-aff.html
3. Analyzing Obfuscated VBS with CyberChef
https://isc.sans.edu/diary/29028
1. Spymax Android RAT
https://insinuator.net/2022/09/spymax-the-android-rat-and-it-works-like-that
2. Play Ransomware
https://www.trendmicro.com/en_us/research/22/i/play-ransomware-s-attack-playbook-unmasks-it-as-another-hive-aff.html
3. Analyzing Obfuscated VBS with CyberChef
https://isc.sans.edu/diary/29028
Tool to automatically exploit AD privilege escalation paths shown by BloodHound
https://github.com/CravateRouge/autobloody
https://github.com/CravateRouge/autobloody
GitHub
GitHub - CravateRouge/autobloody: Tool to automatically exploit Active Directory privilege escalation paths shown by BloodHound
Tool to automatically exploit Active Directory privilege escalation paths shown by BloodHound - CravateRouge/autobloody
Default Credentials Cheat Sheet
https://github.com/ihebski/DefaultCreds-cheat-sheet
https://github.com/ihebski/DefaultCreds-cheat-sheet
GitHub
GitHub - ihebski/DefaultCreds-cheat-sheet: One place for all the default credentials to assist the Blue/Red teamers identifying…
One place for all the default credentials to assist the Blue/Red teamers identifying devices with default password 🛡️ - ihebski/DefaultCreds-cheat-sheet
Root shell exploit for several Xiaomi routers:
4A Gigabit, 4A 100M, 4C, 3Gv2, 4Q, miWifi 3C...
https://github.com/acecilia/OpenWRTInvasion
4A Gigabit, 4A 100M, 4C, 3Gv2, 4Q, miWifi 3C...
https://github.com/acecilia/OpenWRTInvasion
GitHub
GitHub - acecilia/OpenWRTInvasion: Root shell exploit for several Xiaomi routers: 4A Gigabit, 4A 100M, 4, 4C, 3Gv2, 4Q, miWifi…
Root shell exploit for several Xiaomi routers: 4A Gigabit, 4A 100M, 4, 4C, 3Gv2, 4Q, miWifi 3C... - acecilia/OpenWRTInvasion
vMass Bot
vMass Bot automates the exploitation of remote hosts by trying to find environment files (.env) in target hosts and extract tools and info insde, then the bot detects the target host CMS and tries to auto exploit and upload shell payload using the vMass vulnerability set ( 108 exploits in the current version 1.2)
https://github.com/c99tn/vMass
vMass Bot automates the exploitation of remote hosts by trying to find environment files (.env) in target hosts and extract tools and info insde, then the bot detects the target host CMS and tries to auto exploit and upload shell payload using the vMass vulnerability set ( 108 exploits in the current version 1.2)
https://github.com/c99tn/vMass
GitHub
GitHub - aziz0x48/vMass: vMass Bot Vulnerability Scanner & Auto Exploiter Tool Written in Perl.
vMass Bot :hook: Vulnerability Scanner & Auto Exploiter Tool Written in Perl. - aziz0x48/vMass