{"vulnerability": "CVE-2018-11479", "sightings": [{"uuid": "e9041dc1-0f45-48dd-a2bc-507d553c5aa9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-11479", "type": "exploited", "source": "https://www.exploit-db.com/exploits/48021", "content": "", "creation_timestamp": "2020-02-07T00:00:00.000000Z"}, {"uuid": "a2b3dfb8-419a-4031-97a2-24f70b155194", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-11479", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:43.000000Z"}, {"uuid": "e5b549b8-ac43-4571-90fa-24fa85cb25ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-11479", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:03.000000Z"}, {"uuid": "ce5d6f12-04df-4e3d-a284-079948b59049", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-11479", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/local/windscribe_windscribeservice_priv_esc.rb", "content": "", "creation_timestamp": "2020-02-05T18:50:53.000000Z"}, {"uuid": "f6417bb3-6a0a-48e5-be42-2696507ac451", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-11479", "type": "exploited", "source": "https://t.me/S_E_Reborn/4351", "content": "\u0418\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u043f\u0430\u0439\u043f\u044b \u2014 \u043e\u0434\u0438\u043d \u0438\u0437 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0445 \u0441\u043f\u043e\u0441\u043e\u0431\u043e\u0432 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0432 Windows. \n\nCVE-2018-11479 \u2014 \u0435\u0441\u043b\u0438 \u043d\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0438, \u0442\u043e \u0441\u043b\u044b\u0448\u0430\u043b\u0438 \u043f\u0440\u043e \u044d\u0442\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Windscribe VPN.\n\n\u0421\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0439 \u043f\u0440\u043e\u0446\u0435\u0441\u0441 WindScribeService.exe \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0435\u0442 \u043f\u0430\u0439\u043f \\\\.\\pipe\\WindscribeService \u0441 CreateProcess, \u0432 \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043c\u043e\u0436\u043d\u043e \u043e\u0442\u043f\u0440\u0430\u0432\u0438\u0442\u044c \u043f\u0443\u0442\u044c \u043a \u043b\u044e\u0431\u043e\u043c\u0443 \u0438\u0441\u043f\u043e\u043b\u043d\u044f\u0435\u043c\u043e\u043c\u0443 \u0444\u0430\u0439\u043b\u0443 \u0438 \u043f\u043e\u0440\u043e\u0434\u0438\u0442\u044c \u043d\u043e\u0432\u044b\u0439 \u043f\u0440\u043e\u0446\u0435\u0441\u0441 \u043e\u0442 \u0438\u043c\u0435\u043d\u0438 SYSTEM.\n\n\u041e\u0441\u0432\u0435\u0436\u0438\u0442\u044c \u043f\u0430\u043c\u044f\u0442\u044c \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u043c \u043c\u043e\u0436\u043d\u043e \u0442\u0443\u0442 https://pastebin.com/eLG3dpYK, \u0430 \u0434\u043b\u044f Metasploit \u0434\u0430\u0432\u043d\u043e \u0435\u0441\u0442\u044c \u0433\u043e\u0442\u043e\u0432\u044b\u0439 \u043c\u043e\u0434\u0443\u043b\u044c https://www.exploit-db.com/exploits/48021.\n\n\u0418 \u0435\u0441\u043b\u0438 \u0440\u0430\u043d\u044c\u0448\u0435 \u0440\u0435\u0441\u0435\u0440\u0447\u0438\u0442\u044c \u043f\u0440\u0438\u0445\u043e\u0434\u0438\u043b\u043e\u0441\u044c \u0447\u0435\u0440\u0435\u0437 Powershell, \u0442\u043e \u0442\u0435\u043f\u0435\u0440\u044c \u043f\u043e\u044f\u0432\u0438\u043b\u0441\u044f \u0432\u043f\u043e\u043b\u043d\u0435 \u043d\u0435\u043f\u043b\u043e\u0445\u043e\u0439 https://github.com/cyberark/PipeViewer/, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043b\u0438\u0441\u0442\u0438\u0442 \u0432\u0441\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u043e \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0445 \u043f\u0430\u0439\u043f\u0430\u0445 \u0441 \u0438\u0445 \u0440\u0430\u0437\u0440\u0435\u0448\u0435\u043d\u0438\u044f\u043c\u0438 (\u043f\u043e\u0434\u0441\u0432\u0435\u0447\u0438\u0432\u0430\u044f \u043e\u043f\u0430\u0441\u043d\u044b\u0435), \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0433\u043e\u0442\u043e\u0432\u044b\u0435 \u0444\u0438\u043b\u044c\u0442\u0440\u044b \u0438 \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u0442\u044c \u0438\u043d\u0442\u0435\u0440\u0430\u043a\u0442\u0438\u0432\u043d\u044b\u0435 \u043f\u0430\u0439\u043f-\u0447\u0430\u0442\u044b.", "creation_timestamp": "2023-12-22T18:05:17.000000Z"}]}