Forwarded from
просто чтобы не потерять
VMware Workstation Pro 17 license keys
VMware Workstation Pro 17 license keys
--checked
MC60H-DWHD5-H80U9-6V85M-8280D
4A4RR-813DK-M81A9-4U35H-06KND
--unchecked
NZ4RR-FTK5H-H81C1-Q30QH-1V2LA
JU090-6039P-08409-8J0QH-2YR7F
4Y09U-AJK97-089Z0-A3054-83KLA
4C21U-2KK9Q-M8130-4V2QH-CF810Forwarded from 1N73LL1G3NC3
NetExec
This tool is based on CrackMapExec and was originally created by bytebleeder and maintained by mpgn over the years, shout out to them! With the retirement of mpgn, we decided to maintain the tool NetExec, formerly known as CrackMapExec, as a completely free open source tool.
Today will be our first release of NetExec version 1.0.0
NetExec wiki
This tool is based on CrackMapExec and was originally created by bytebleeder and maintained by mpgn over the years, shout out to them! With the retirement of mpgn, we decided to maintain the tool NetExec, formerly known as CrackMapExec, as a completely free open source tool.
Today will be our first release of NetExec version 1.0.0
NetExec wiki
Forwarded from sdnv's funk-hole
Пентестеры в СНГ часто сталкиваются с 1С-серверами внутри инфраструктур, один из векторов атак - Консоль Администрирования Кластеров 1С (RAS).
Чтобы попытаться подключиться к нему - подбирают версию клиента коноли аналогичную серверу, скачивают нужный серверный дистрибутив под винду и только тогда смогут зайти под имеющимися/пустыми кредами получая кучу полезной информации.
Я автоматизировал этот процесс благодаря консольной утилите
Этапы: Скан nmap с поиском открытых портов RAS, Сбор информации при успешном подключении к серверу, Выгрузка полученной информации в
https://github.com/sdnv0x4d/rasoff
Чтобы попытаться подключиться к нему - подбирают версию клиента коноли аналогичную серверу, скачивают нужный серверный дистрибутив под винду и только тогда смогут зайти под имеющимися/пустыми кредами получая кучу полезной информации.
Я автоматизировал этот процесс благодаря консольной утилите
rac от 1С для Linux. Более того, больше не нужно подбирать версию клиента и сервера - утилита rac работает с разными версиями серверов.Этапы: Скан nmap с поиском открытых портов RAS, Сбор информации при успешном подключении к серверу, Выгрузка полученной информации в
.csv под каждый сервер. Более подробно в READMEhttps://github.com/sdnv0x4d/rasoff
GitHub
GitHub - sdnv0x4d/rasoff: 1C RAS Offensive Security Tool
1C RAS Offensive Security Tool. Contribute to sdnv0x4d/rasoff development by creating an account on GitHub.
Forwarded from Cybred
https://www.qualys.com/2023/10/03/cve-2023-4911/looney-tunables-local-privilege-escalation-glibc-ld-so.txt
Fedora 37 и 38, Ubuntu 22.04 и 23.04, Debian 12 и 13, и все остальные дистрибутивы, использующие Glibc.
Проверить у себя
Fedora 37 и 38, Ubuntu 22.04 и 23.04, Debian 12 и 13, и все остальные дистрибутивы, использующие Glibc.
Проверить у себя
env -i "GLIBC_TUNABLES=glibc.malloc.mxfast=glibc.malloc.mxfast=A" "Z=`printf '%08192x' 1`" /usr/bin/su --help
Forwarded from Cybred
CVE-2023-36845
Fileless Remote Code Execution on Juniper Firewalls
Blog: https://vulncheck.com/blog/juniper-cve-2023-36845
PoC: https://github.com/kljunowsky/CVE-2023-36845
Shodan:
CVE-2023-36845 represents a notable PHP environment variable manipulation vulnerability that impacts Juniper SRX firewalls and EX switches. While Juniper has categorized this vulnerability as being of medium severity, in this article, we will elucidate how this singular vulnerability can be leveraged for remote, unauthenticated code execution.
Fileless Remote Code Execution on Juniper Firewalls
Blog: https://vulncheck.com/blog/juniper-cve-2023-36845
PoC: https://github.com/kljunowsky/CVE-2023-36845
Shodan:
title:"Juniper" http.favicon.hash:2141724739CVE-2023-36845 represents a notable PHP environment variable manipulation vulnerability that impacts Juniper SRX firewalls and EX switches. While Juniper has categorized this vulnerability as being of medium severity, in this article, we will elucidate how this singular vulnerability can be leveraged for remote, unauthenticated code execution.
VulnCheck
VulnCheck - Outpace Adversaries
Vulnerability intelligence that predicts avenues of attack with speed and accuracy.
Cybred
https://www.qualys.com/2023/10/03/cve-2023-4911/looney-tunables-local-privilege-escalation-glibc-ld-so.txt Fedora 37 и 38, Ubuntu 22.04 и 23.04, Debian 12 и 13, и все остальные дистрибутивы, использующие Glibc. Проверить у себя env -i "GLIBC_TUNABLES=gl…
Please open Telegram to view this post
VIEW IN TELEGRAM
GitHub
GitHub - leesh3288/CVE-2023-4911: PoC for CVE-2023-4911
PoC for CVE-2023-4911. Contribute to leesh3288/CVE-2023-4911 development by creating an account on GitHub.
Forwarded from Pwn3rzs
Acunetix Windows v23.9 - 28 Sep 2023
Download:
Password:
Setup:
See README.txt
Enjoy!
NOTE:
The job _not_found issue seems to be fixed.
Practically it was caused by the telemetry multiple fails to reach destination (since we've set it to localhost) and was restarting the whole server.
To fix you set any IP that will answer on port 443 with any status code and any ssl cert.
No need to be 200 or whatever, just to be alive and reachable.
We've set the IP to Google's ones, but you can change it to whatever you'd like.
We've tested the solution with long scans , and the issue never happened once.
Changelog:
Too long for a post, refer here:
Download:
https://ponies.cloud/scanner_web/acunetix/Acunetix-v23.9-Windows-Pwn3rzs-CyberArsenal.7zPassword:
Pwn3rzsSetup:
See README.txt
Enjoy!
NOTE:
The job _not_found issue seems to be fixed.
Practically it was caused by the telemetry multiple fails to reach destination (since we've set it to localhost) and was restarting the whole server.
To fix you set any IP that will answer on port 443 with any status code and any ssl cert.
No need to be 200 or whatever, just to be alive and reachable.
We've set the IP to Google's ones, but you can change it to whatever you'd like.
We've tested the solution with long scans , and the issue never happened once.
Changelog:
Too long for a post, refer here:
https://www.acunetix.com/changelogs/acunetix-premium/v23-9-28-september-2023/Forwarded from APT
🥔 Coerced Potato
New tool for local privilege escalation on a Windows machine, from a service account to NT SYSTEM. Should work on any recent versions of Windows.
⚙️ Tool:
https://github.com/hackvens/CoercedPotato
📝 Research:
https://blog.hackvens.fr/articles/CoercedPotato.html
#windows #lpe #seimpersonateprivilege #potato
New tool for local privilege escalation on a Windows machine, from a service account to NT SYSTEM. Should work on any recent versions of Windows.
⚙️ Tool:
https://github.com/hackvens/CoercedPotato
📝 Research:
https://blog.hackvens.fr/articles/CoercedPotato.html
#windows #lpe #seimpersonateprivilege #potato