The OWASSRF + TabShell exploit chain (CVE-2022-41076)
detailes:
https://blog.viettelcybersecurity.com/tabshell-owassrf/
POC:
https://gist.github.com/testanull/518871a2e2057caa2bc9c6ae6634103e
#Tabshell #exchange
detailes:
https://blog.viettelcybersecurity.com/tabshell-owassrf/
POC:
https://gist.github.com/testanull/518871a2e2057caa2bc9c6ae6634103e
#Tabshell #exchange
Invicti-Professional-v23-1-0-Pwn3rzs-CyberArsenal.rar
278.1 MB
Password:Pwn3rzs
certsync is tool for Dumping NTDS with golden certificates and UnPAC the hash and Base on Certipy =>https://github.com/ly4k/Certipy
https://github.com/zblurx/certsync
https://github.com/zblurx/certsync
GitHub
GitHub - ly4k/Certipy: Tool for Active Directory Certificate Services enumeration and abuse
Tool for Active Directory Certificate Services enumeration and abuse - ly4k/Certipy
Adobe Acrobat Reader - CVE-2023-21608 - Remote Code Execution Exploit
https://github.com/hacksysteam/CVE-2023-21608
https://github.com/hacksysteam/CVE-2023-21608
GitHub
GitHub - hacksysteam/CVE-2023-21608: Adobe Acrobat Reader - CVE-2023-21608 - Remote Code Execution Exploit
Adobe Acrobat Reader - CVE-2023-21608 - Remote Code Execution Exploit - hacksysteam/CVE-2023-21608
CVE-2023-0179-PoC affecting all Linux versions from 5.5 to 6.2-rc3, although the exploit was tested on 6.1.6
https://github.com/TurtleARM/CVE-2023-0179-PoC
#LPE
https://github.com/TurtleARM/CVE-2023-0179-PoC
#LPE
GitHub
GitHub - TurtleARM/CVE-2023-0179-PoC
Contribute to TurtleARM/CVE-2023-0179-PoC development by creating an account on GitHub.
Security Vulnerabilities fixed in Firefox 97.0.2, Firefox ESR 91.6.1, Firefox for Android 97.3.0, and Focus 97.3.0 (CVE-2022-26485)
https://github.com/mistymntncop/CVE-2022-26485
https://github.com/mistymntncop/CVE-2022-26485
GitHub
GitHub - mistymntncop/CVE-2022-26485
Contribute to mistymntncop/CVE-2022-26485 development by creating an account on GitHub.
A noscript to automate privilege escalation with CVE-2023-22809 vulnerability
https://github.com/n3m1dotsys/CVE-2023-22809-sudoedit-privesc
#LPE
https://github.com/n3m1dotsys/CVE-2023-22809-sudoedit-privesc
#LPE
GitHub
GitHub - n3m1sys/CVE-2023-22809-sudoedit-privesc: A noscript to automate privilege escalation with CVE-2023-22809 vulnerability
A noscript to automate privilege escalation with CVE-2023-22809 vulnerability - n3m1sys/CVE-2023-22809-sudoedit-privesc
Tools and Techniques for Red Team / Penetration Testing
https://github.com/A-poc/RedTeam-Tools
https://github.com/A-poc/RedTeam-Tools
GitHub
GitHub - A-poc/RedTeam-Tools: Tools and Techniques for Red Team / Penetration Testing
Tools and Techniques for Red Team / Penetration Testing - A-poc/RedTeam-Tools
ntdlll-unhooking-collection
different ntdll unhooking techniques : unhooking ntdll from disk, from KnownDlls, from suspended process, from remote server (fileless)
https://github.com/TheD1rkMtr/ntdlll-unhooking-collection
different ntdll unhooking techniques : unhooking ntdll from disk, from KnownDlls, from suspended process, from remote server (fileless)
https://github.com/TheD1rkMtr/ntdlll-unhooking-collection
RasmanPotato
Abuse Impersonate Privilege from Service to SYSTEM like other potatoes do
https://github.com/crisprss/RasmanPotato
#lpe
Abuse Impersonate Privilege from Service to SYSTEM like other potatoes do
https://github.com/crisprss/RasmanPotato
#lpe
Another Local Windows privilege escalation using a new potato technique ;)
The LocalPotato attack is a type of NTLM reflection attack that targets local authentication. This attack allows for arbitrary file read/write and elevation of privilege.
NOTE: This vulnerability has been fixed by Microsoft in the January 2023 Patch Tuesday with the CVE-2023-21746. If you run this exploit against a patched machine it won't work.
More technical details at --> https://www.localpotato.com/localpotato_html/LocalPotato.html
https://github.com/decoder-it/LocalPotato
#LPE
The LocalPotato attack is a type of NTLM reflection attack that targets local authentication. This attack allows for arbitrary file read/write and elevation of privilege.
NOTE: This vulnerability has been fixed by Microsoft in the January 2023 Patch Tuesday with the CVE-2023-21746. If you run this exploit against a patched machine it won't work.
More technical details at --> https://www.localpotato.com/localpotato_html/LocalPotato.html
https://github.com/decoder-it/LocalPotato
#LPE
Localpotato
LocalPotato - When Swapping The Context Leads You To SYSTEM
Here we are again with our new *potato flavor, the LocalPotato! This was a cool finding so we decided to create this dedicated website ;)