{"uuid": "d5611bdd-6bf3-41dc-a745-1039339c2e68", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2588", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/2800", "content": "#Tools -\u00a0 \ud835\udddb\ud835\uddee\ud835\uddf0\ud835\uddf8\ud835\uddf2\ud835\uddff\ud835\ude00 \ud835\uddd9\ud835\uddee\ud835\uddf0\ud835\ude01\ud835\uddfc\ud835\uddff\ud835\ude06\n\nAntonioCoco/RunasCs\n\n\u25ab\ufe0f Uses more reliable create process functions like CreateProcessAsUser() and CreateProcessWithTokenW() if the calling process holds the required privileges (automatic detection)\n\u25ab\ufe0f Allows to specify the logon type, e.g. 8-NetworkCleartext logon (no UAC limitations)\n\u25ab\ufe0f Allows to bypass UAC when an administrator password is known \n\nhttps://github.com/antonioCoco/RunasCs\n\nAPKiD\n\nAPKiD gives you information about how an APK was made. It identifies many compilers, packers, obfuscators, and other weird stuff. It's PEiD for Android.\n\nhttps://github.com/rednaga/APKiD\n\n3klCon\n\nFull Automation Recon tool which works with Small and Medium scopes.\n\nRecommended to use it on VPS, it'll discover secrets and searching for vulnerabilities\n\nhttps://github.com/eslam3kl/3klCon\n\nCiLocks \n\nAndroid/IOS Hacking \ud83d\udcf1\n\nCrack Interface lockscreen, Metasploit and More Android/IOS Hacking.\n\nhttps://github.com/tegal1337/CiLocks\n\nJWT authentication bypass via jwk header injection\n\nhttps://github.com/frank-leitner/portswigger-websecurity-academy/tree/main/23_JWT_attacks/JWT_authentication_bypass_via_jwk_header_injection\n\nPPID Spoofing and Blocking DLLs in C#\n\nUsing InitializeProcThreadAttributeList and UpdateProcThreadAttribute to update attributes of the process to change parent PID and add PROCESS_CREATION_MITIGATION_POLICY_BLOCK_NON_MICROSOFT_BINARIES_ALWAYS_ON.\n\nhttps://github.com/crypt0ace/PPIDSpoof\n\nStaying Under the Radar - Part 1 - PPID Spoofing and Blocking DLLs\nhttps://crypt0ace.github.io/posts/Staying-under-the-Radar/\n\nCVE-2022-2588\n\nThe #DirtyCred version of exploit to CVE-2022-2588 (an 8-year-old bug) along with a brief write-up. Ideally, the exploit could work on different distros if the kernel is vulnerable.\n\nhttps://github.com/Markakd/CVE-2022-2588\n\nPCredz\n\nThis tool extracts Credit card numbers, NTLM(DCE-RPC, HTTP, SQL, LDAP, etc), Kerberos (AS-REQ Pre-Auth etype 23), HTTP Basic, SNMP, POP, SMTP, FTP, IMAP, etc from a pcap file or from a live interface.\n\nhttps://github.com/lgandx/PCredz\n\nida_kcpp\n\nAn IDAPython module for way more convienent way to Reverse Engineering iOS kernelcaches.\n\nhttps://github.com/cellebrite-labs/ida_kcpp\n\nAwesome-Application-Security-Checklist\n\nIf you are designing, creating, testing your web/mobile application with security in mind, this Checklist of counter-measures can be a good starting point\n\nhttps://github.com/MahdiMashrur/Awesome-Application-Security-Checklist\n\nuserefuzz\n\nUser-Agent, X-Forwarded-For and Referer SQLI Fuzzer made with python.\n\nhttps://github.com/root-tanishq/userefuzz\n\nAPKLab\n\nAndroid Reverse Engineering WorkBench for VS Code.\n\nAPKLab seamlessly integrates the best open-source tools: #Apktool, Jadx, uber-apk-signer, and more to the excellent VS Code so you can focus on app analysis and get it done without leaving the IDE.\n\nhttps://github.com/APKLab/APKLab\n\nRemote Method Guesser\n\nA Java RMI vulnerability scanner and can be used to identify and verify common security vulnerabilities on Java RMI endpoints. Java RMI enumeration and bruteforce of remote methods. \n\nhttps://github.com/qtc-de/remote-method-guesser\n\nSyscallslib\n\nA library that automates some clean syscalls to make it easier &amp; faster to implement. its pretty basic code, im using hellsgate (TartarusGate) tech to fetch direct syscalls, and it saves times when needed.\n\nhttps://github.com/ORCx41/Syscallslib\n\nCVE-2022-36804 \n\nAtlassian Bitbucket Command Injection\n\nThe script will automatically detect public repositories located on bitbucket instances then select a random repository to check or perform the vulnerability on. If there are no public repositories a valid 'BITBUCKETSESSIONID' cookie is required in order to exploit known vulnerable instances.\n\nThe PoC was designed to take multiple input hosts and pipe vulnerable hosts to stdout allowing for piping of results in order to be processed by other tools.\n\nhttps://github.com/notxesh/CVE-2022-36804-PoC\n\nJoin:\nhttps://t.me/dilagrafie\nhttps://t.me/HackerFactory\n\nWebsite:\nwww.ghostclan.org", "creation_timestamp": "2023-03-31T10:22:47.000000Z"}