Using Netlas.io within Tines automations
This time we will tell you about working with Tines platform and the Netlas.io tools integrated into it. A little automation never hurt anyone :)
Read here 👉🏻
https://medium.com/@netlas/using-netlas-io-within-tines-automations-31518289e5e3
This time we will tell you about working with Tines platform and the Netlas.io tools integrated into it. A little automation never hurt anyone :)
Read here 👉🏻
https://medium.com/@netlas/using-netlas-io-within-tines-automations-31518289e5e3
Medium
Using Netlas.io within Tines automations
Basics of building automated circuits in Tines and using Netlas.io searches in them. Creation of a mechanism for detecting virtual hosting.
👾4👍1
Dork list for Netlas.io has been updated on GitHub!
Two new categories: "Web cameras" and "VoIP", have been added, and old ones have been supplemented.
👉🏻 Link: https://github.com/netlas-io/netlas-dorks
Some new queries just waiting for you to test them.
Two new categories: "Web cameras" and "VoIP", have been added, and old ones have been supplemented.
👉🏻 Link: https://github.com/netlas-io/netlas-dorks
Some new queries just waiting for you to test them.
👍3👾3
CVE-2023-25157: SQL injection for GeoServer, 9.8 rating 🔥
An old vulnerability with working PoC.
Search at Netlas.io:
👉🏻 Dork: http.noscript:"geoserver"
👉🏻 Link: https://nt.ls/g7sTM
Vendor's advisory: https://github.com/geoserver/geoserver/security/advisories/GHSA-7g5f-wrx8-5ccf
An old vulnerability with working PoC.
Search at Netlas.io:
👉🏻 Dork: http.noscript:"geoserver"
👉🏻 Link: https://nt.ls/g7sTM
Vendor's advisory: https://github.com/geoserver/geoserver/security/advisories/GHSA-7g5f-wrx8-5ccf
👾3👏1
CVE-2023-33778: Hard-coded creds in Draytek Vigor Routers, 9.8 rating 🔥
Attackers can bind any affected device to their own account. PoC is available!
Search at Netlas.io:
👉🏻 Dork: http.favicon.hash_sha256:0af4f089d58e919f4ee421727e9ac54d885d6b3b05ec16e4d94b703f45c7eef9
👉🏻 Link: https://nt.ls/NbBpK
PoC and more information: https://gist.github.com/Ji4n1ng/6d028709d39458f5ab95b3ea211225ef
Attackers can bind any affected device to their own account. PoC is available!
Search at Netlas.io:
👉🏻 Dork: http.favicon.hash_sha256:0af4f089d58e919f4ee421727e9ac54d885d6b3b05ec16e4d94b703f45c7eef9
👉🏻 Link: https://nt.ls/NbBpK
PoC and more information: https://gist.github.com/Ji4n1ng/6d028709d39458f5ab95b3ea211225ef
👾4🔥1
CVE-2023-27997: Pre-authentication RCE on Fortigate VPN, 9.8 rating 🔥
Heap overflow, vulnerability potentially affecting multiple versions.
Search at Netlas.io:
👉🏻 Link with tags (recommended): https://nt.ls/jOlSo
👉🏻 Link without tags (less precision): https://nt.ls/3NrQW
Read detailed analysis by LexfoSecurity: https://blog.lexfo.fr/xortigate-cve-2023-27997.html
Heap overflow, vulnerability potentially affecting multiple versions.
Search at Netlas.io:
👉🏻 Link with tags (recommended): https://nt.ls/jOlSo
👉🏻 Link without tags (less precision): https://nt.ls/3NrQW
Read detailed analysis by LexfoSecurity: https://blog.lexfo.fr/xortigate-cve-2023-27997.html
👾5🔥2
CVE-2023-3128: Authentication Bypass in Grafana, 9.4 rating ❗️
CVE vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
During Grafana's Azure AD account validation, an attacker can spoof the profile email field and hijack the account.
Search at Netlas.io:
👉🏻 Link: https://nt.ls/iqMVz
👉🏻 Dork: http.favicon.hash_sha256:80a7f87a79169cf0ac1ed3250d7c509368190a97bc7182cd4705deb8f8c70174 AND http.noscript:"Grafana"
CVE vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
During Grafana's Azure AD account validation, an attacker can spoof the profile email field and hijack the account.
Search at Netlas.io:
👉🏻 Link: https://nt.ls/iqMVz
👉🏻 Dork: http.favicon.hash_sha256:80a7f87a79169cf0ac1ed3250d7c509368190a97bc7182cd4705deb8f8c70174 AND http.noscript:"Grafana"
👾4🔥2
CVE-2023-36630: Privilege Escalation and Authentication Bypass in CloudPanel, critical rating 🔥
Fresh vulnerability based on insecure file uploads.
Search at Netlas.io:
👉🏻 Link: nt.ls/V3hEn
👉🏻 Dork: http.noscript:"cloudpanel" NOT http.body:"2.3.1"
Read vendor's changelog: https://www.cloudpanel.io/docs/v2/changelog/
Fresh vulnerability based on insecure file uploads.
Search at Netlas.io:
👉🏻 Link: nt.ls/V3hEn
👉🏻 Dork: http.noscript:"cloudpanel" NOT http.body:"2.3.1"
Read vendor's changelog: https://www.cloudpanel.io/docs/v2/changelog/
👾5🔥1
CVE-2023-3460: Privilege Escalation in UltimateMember WordPress plugin, 9.8 rating! 🔥
A vulnerability has been observed for several versions of the plugin and is actively exploited by hackers.
Search at Netlas.io:
👉🏻 Link: https://nt.ls/S9Skz
👉🏻 Dork: http.body:"wp-content/plugins/ultimate-member"
Vendor's comments: https://wordpress.org/support/topic/cve-2023-3460/
A vulnerability has been observed for several versions of the plugin and is actively exploited by hackers.
Search at Netlas.io:
👉🏻 Link: https://nt.ls/S9Skz
👉🏻 Dork: http.body:"wp-content/plugins/ultimate-member"
Vendor's comments: https://wordpress.org/support/topic/cve-2023-3460/
👾4🔥1
This media is not supported in your browser
VIEW IN TELEGRAM
The end of Beta Presale II is very close!
Hurry up to get Netlas.io subnoscription with a 50% discount, after 6 days the discount will be reduced ❗️
👉🏻 Buy a subnoscription: https://app.netlas.io/plans/
In the near future, we'll also publish new features of Netlas.io (like in GIF). Sure you'll like them!
Hurry up to get Netlas.io subnoscription with a 50% discount, after 6 days the discount will be reduced ❗️
👉🏻 Buy a subnoscription: https://app.netlas.io/plans/
In the near future, we'll also publish new features of Netlas.io (like in GIF). Sure you'll like them!
👾4👨💻1
Media is too big
VIEW IN TELEGRAM
A new tool in Netlas 🔥
The search engine has received a new functionality - the Attack Surface Discovery tool. Check out Netlas.io to build your surfaces with our data!
Links:
👉🏻 Tool: https://app.netlas.io/asd/
👉🏻 Medium article: https://netlas.medium.com/netlas-io-attack-surface-discovery-tool-6fbd6b3e9706
👉🏻 Overview video: https://youtu.be/98s-Iu5MyRw
The search engine has received a new functionality - the Attack Surface Discovery tool. Check out Netlas.io to build your surfaces with our data!
Links:
👉🏻 Tool: https://app.netlas.io/asd/
👉🏻 Medium article: https://netlas.medium.com/netlas-io-attack-surface-discovery-tool-6fbd6b3e9706
👉🏻 Overview video: https://youtu.be/98s-Iu5MyRw
🔥5🆒2👾2
CVE-2023-34192: Reflected XSS in Zimbra Collaboration Suite, 9.0 rating! 🔥
The vulnerability is actively exploited by hackers.
Search at Netlas.io:
👉🏻 Link: https://nt.ls/ufPn6
👉🏻 Dork: http.favicon.hash_sha256:1afd891aacc433e75265e3ddc9cb4fc63b88259977811384426c535037711637
Read more: https://www.bleepingcomputer.com/news/security/zimbra-urges-admins-to-manually-fix-zero-day-exploited-in-attacks/
The vulnerability is actively exploited by hackers.
Search at Netlas.io:
👉🏻 Link: https://nt.ls/ufPn6
👉🏻 Dork: http.favicon.hash_sha256:1afd891aacc433e75265e3ddc9cb4fc63b88259977811384426c535037711637
Read more: https://www.bleepingcomputer.com/news/security/zimbra-urges-admins-to-manually-fix-zero-day-exploited-in-attacks/
👍3👾3⚡1🔥1
CVE-2023-3519, -3466, -3467: Multiple vulns in Citrix Gateway/ADC, 9.8 rating 🔥
Reflected XSS, privelege escalation, and unauth RCE which already exploiting!
Search at Netlas.io:
👉🏻 Link: https://nt.ls/HB0b1
👉🏻 Dork: http.noscript:"Citrix ADC" OR http.noscript:"Citrix Gateway"
Vendor's bulletin: https://support.citrix.com/article/CTX561482/citrix-adc-and-citrix-gateway-security-bulletin-for-cve20233519-cve20233466-cve20233467
Reflected XSS, privelege escalation, and unauth RCE which already exploiting!
Search at Netlas.io:
👉🏻 Link: https://nt.ls/HB0b1
👉🏻 Dork: http.noscript:"Citrix ADC" OR http.noscript:"Citrix Gateway"
Vendor's bulletin: https://support.citrix.com/article/CTX561482/citrix-adc-and-citrix-gateway-security-bulletin-for-cve20233519-cve20233466-cve20233467
🔥2👾2
Share an attack surface graph
Did you notice share button appeared in Netlas.io Attack Surface Discovery tool? Here is OKX.com attack surface as they published on Hacker0x01 for example:
https://nt.ls/63dRu
https://hackerone.com/okx
Did you notice share button appeared in Netlas.io Attack Surface Discovery tool? Here is OKX.com attack surface as they published on Hacker0x01 for example:
https://nt.ls/63dRu
https://hackerone.com/okx
👾5👍3
CVE-2023-35078: Ivanti EPMM Remote Unauthenticated API Access Vulnerability
🚨 PoC is already available for Ivanti Endpoint Manager Mobile API vuln CVE-2023-35078 (❗️CVSS 10.0❗️)
A limited number of customers have been impacted already 😖
Search at Netlas.io:
👉🏻 Link: https://nt.ls/QdWH7
👉🏻 Dork: http.headers.set_cookie:("JSESSIONID" "Path" "/mifs")
Vendor’s advisory: https://forums.ivanti.com/s/article/CVE-2023-35078-Remote-unauthenticated-API-access-vulnerability
🚨 PoC is already available for Ivanti Endpoint Manager Mobile API vuln CVE-2023-35078 (❗️CVSS 10.0❗️)
A limited number of customers have been impacted already 😖
Search at Netlas.io:
👉🏻 Link: https://nt.ls/QdWH7
👉🏻 Dork: http.headers.set_cookie:("JSESSIONID" "Path" "/mifs")
Vendor’s advisory: https://forums.ivanti.com/s/article/CVE-2023-35078-Remote-unauthenticated-API-access-vulnerability
👾3🔥2
☝🏻 Another one for the same product published today: CVE-2023-35082, CVSS 10.0
A second vulnerability affecting Ivanti EPMM (formerly MobileIron Core) API has been discovered today.
Search at Netlas.io:
👉🏻 Link: https://nt.ls/QdWH7
👉🏻 Dork: http.headers.set_cookie:("JSESSIONID" "Path" "/mifs")
Vendor’s advisory: https://forums.ivanti.com/s/article/CVE-2023-35082-Remote-Unauthenticated-API-Access-Vulnerability-in-MobileIron-Core-11-2-and-older
A second vulnerability affecting Ivanti EPMM (formerly MobileIron Core) API has been discovered today.
Search at Netlas.io:
👉🏻 Link: https://nt.ls/QdWH7
👉🏻 Dork: http.headers.set_cookie:("JSESSIONID" "Path" "/mifs")
Vendor’s advisory: https://forums.ivanti.com/s/article/CVE-2023-35082-Remote-Unauthenticated-API-Access-Vulnerability-in-MobileIron-Core-11-2-and-older
👾3🔥2🤔1
CVE-2023-39143: RCE in PaperCut MF/NG, 8.4 rating 🔥
Vuln enables unauthenticated attackers to potentially work with arbitrary files to the PaperCut MF/NG application server (< 21.2.3 version), resulting in RCE in certain configurations.
Search at Netlas.io:
👉🏻 Link: https://nt.ls/ZGjrR
👉🏻 Dork: (http.noscript:"PaperCut Login" AND (http.denoscription:"PaperCut NG" OR http.denoscription:"PaperCut MF")) OR (http.favicon.perceptual_hash:3e7e66667e7c6000)
Vendor's advisory: https://www.papercut.com/kb/Main/securitybulletinjuly2023/
Vuln enables unauthenticated attackers to potentially work with arbitrary files to the PaperCut MF/NG application server (< 21.2.3 version), resulting in RCE in certain configurations.
Search at Netlas.io:
👉🏻 Link: https://nt.ls/ZGjrR
👉🏻 Dork: (http.noscript:"PaperCut Login" AND (http.denoscription:"PaperCut NG" OR http.denoscription:"PaperCut MF")) OR (http.favicon.perceptual_hash:3e7e66667e7c6000)
Vendor's advisory: https://www.papercut.com/kb/Main/securitybulletinjuly2023/
👾3🔥2❤1👍1
CVE-2023-38035: Auth Bypass in Ivanti (MobileIron) Sentry, 9.8 rating 🔥
The vulnerability allows unauthenticated attackers to access sensitive APIs on port 8443.
Search at Netlas.io:
👉 Link: https://nt.ls/CwTWz
👉 Dork: http.body:"images/sentry-mi-logo" AND port:8443
Vendor's advisory: https://forums.ivanti.com/s/article/CVE-2023-38035-API-Authentication-Bypass-on-Sentry-Administrator-Interface?language=en_US
The vulnerability allows unauthenticated attackers to access sensitive APIs on port 8443.
Search at Netlas.io:
👉 Link: https://nt.ls/CwTWz
👉 Dork: http.body:"images/sentry-mi-logo" AND port:8443
Vendor's advisory: https://forums.ivanti.com/s/article/CVE-2023-38035-API-Authentication-Bypass-on-Sentry-Administrator-Interface?language=en_US
🔥2👾2👍1😁1
CVE-2023-40176, -40177, -40572, -40573: Multiple vuln in XWiki, 9.0-9.9 rating 🔥
Fresh RCE, Privelege Escalation and stored XSS in XWiki Platform.
Search at Netlas.io:
👉 Link: https://nt.ls/SSzCU
👉 Dork: http.noscript:"XWiki" OR http.favicon.hash_sha256:6f0fdef9a229150fbc7183a1bbb136d7b44b6df7c34369c14bebb6adae8aaf20
Fresh RCE, Privelege Escalation and stored XSS in XWiki Platform.
Search at Netlas.io:
👉 Link: https://nt.ls/SSzCU
👉 Dork: http.noscript:"XWiki" OR http.favicon.hash_sha256:6f0fdef9a229150fbc7183a1bbb136d7b44b6df7c34369c14bebb6adae8aaf20
👾3👍2❤1
CVE-2023-4596: RCE in Forminator plugin for WordPress, 9.8 rating 🔥
The Forminator plugin in WP is vulnerable to arbitraty file upload for unauthenticated users, which may make RCE possible. PoC is available❗️
Search at Netlas.io:
👉🏻 Link: https://nt.ls/3Tgzc
👉🏻 Dork: http.body:"/wp-content/plugins/forminator"
PoC is here: https://github.com/E1A/CVE-2023-4596
The Forminator plugin in WP is vulnerable to arbitraty file upload for unauthenticated users, which may make RCE possible. PoC is available❗️
Search at Netlas.io:
👉🏻 Link: https://nt.ls/3Tgzc
👉🏻 Dork: http.body:"/wp-content/plugins/forminator"
PoC is here: https://github.com/E1A/CVE-2023-4596
🔥3👾3👍1
CVE-2023-39361, -31132, -39359 and other: Multiple vuln (17 CVE's!) in Cacti, from 3.5 to 9.8 rating 🔥
Stored XSS, SQL injection, RCE, Privilege Escalation... Vulnerabilities for every taste!
Search at Netlas.io:
👉🏻 Link: https://nt.ls/tTozX
👉🏻 Dork: http.noscript:"Login to Cacti"
Read more: https://github.com/Cacti/cacti/security
Stored XSS, SQL injection, RCE, Privilege Escalation... Vulnerabilities for every taste!
Search at Netlas.io:
👉🏻 Link: https://nt.ls/tTozX
👉🏻 Dork: http.noscript:"Login to Cacti"
Read more: https://github.com/Cacti/cacti/security
👾4🤯1