{"vulnerability": "CVE-2021-34527", "sightings": [{"uuid": "325a947c-b9d5-488d-a62b-3e56948e2229", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "MISP/97a71f6f-e974-489a-a6e8-151c098bfaca", "content": "", "creation_timestamp": "2021-08-27T07:25:44.000000Z"}, {"uuid": "12d7bb19-9d84-40dc-9659-10a4b276a5d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "MISP/c6250a7a-63b1-4996-8734-3ab181e12e3e", "content": "", "creation_timestamp": "2021-09-17T13:28:19.000000Z"}, {"uuid": "42f7a9e6-6094-41b9-b048-1b561e05a3eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "MISP/f5030aca-7d5a-43a4-ae03-8f4ac8e85422", "content": "", "creation_timestamp": "2021-11-08T08:58:18.000000Z"}, {"uuid": "9af74ed6-ccf5-4fa3-97d1-daade1eb31c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2021-11-20T09:53:52.000000Z"}, {"uuid": "ebfaddb3-d18d-4cb9-9357-69eded08957e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "MISP/35b42540-d55e-4aed-99e3-be21d39a5a88", "content": "", "creation_timestamp": "2022-07-11T09:22:39.000000Z"}, {"uuid": "f9d6be10-fb80-47f0-b91b-c8b73df680bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "MISP/99138053-ae5d-4bcf-b2f8-0954edb204bc", "content": "", "creation_timestamp": "2022-11-01T20:54:34.000000Z"}, {"uuid": "ec631662-6331-42ed-8d26-bc80e0662179", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "MISP/095ab3f1-cbae-4b5c-8534-34d42a458aa5", "content": "", "creation_timestamp": "2022-05-12T16:19:54.000000Z"}, {"uuid": "75e373c8-2e31-4cdf-819a-88f17f56aa83", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "MISP/aaf97b2c-ad16-4ce6-928a-a440112d0fd3", "content": "", "creation_timestamp": "2024-09-16T19:13:31.000000Z"}, {"uuid": "eeba31b2-3956-4876-bddb-64f0156d4bb6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "https://msrc.microsoft.com/blog/2021/07/clarified-guidance-for-cve-2021-34527-windows-print-spooler-vulnerability/", "content": "", "creation_timestamp": "2021-07-08T05:00:00.000000Z"}, {"uuid": "f16ac25b-8bac-40c2-88cc-7c6462386f63", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "https://msrc.microsoft.com/blog/2021/07/out-of-band-oob-security-update-available-for-cve-2021-34527/", "content": "", "creation_timestamp": "2021-07-06T05:00:00.000000Z"}, {"uuid": "0225b052-60e8-43bc-bfe1-acabe9e7af6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971016", "content": "", "creation_timestamp": "2024-12-24T20:23:05.772575Z"}, {"uuid": "047081a1-54ba-4f67-91ec-6c1388f77ae4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:45.000000Z"}, {"uuid": "32bdccdf-ad81-461b-b899-cb0ae92ca5f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:38.000000Z"}, {"uuid": "167f29e7-f0fc-4165-b92d-bef203837ff8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "https://bsky.app/profile/lukasberan.com/post/3lielmf3dmc2j", "content": "", "creation_timestamp": "2025-02-17T10:57:46.028690Z"}, {"uuid": "86a05eaa-23ee-47a5-aa18-fd5e02f7c30f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "https://bsky.app/profile/lukasberan.com/post/3lielmgc4t22j", "content": "", "creation_timestamp": "2025-02-17T10:57:46.500524Z"}, {"uuid": "ac96508a-43ff-4ee3-bd11-23aa086536a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "https://bsky.app/profile/lukasberan.com/post/3lielmgc5sc2j", "content": "", "creation_timestamp": "2025-02-17T10:57:46.946213Z"}, {"uuid": "350581d0-1798-433a-b535-881dc7e38a0b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "https://bsky.app/profile/lukasberan.com/post/3lielmgc6rk2j", "content": "", "creation_timestamp": "2025-02-17T10:57:47.440194Z"}, {"uuid": "5d95f2c0-ed4b-490d-bb4c-5f1015bd2233", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "https://bsky.app/profile/lukasberan.com/post/3lielmgc7qs2j", "content": "", "creation_timestamp": "2025-02-17T10:57:47.924019Z"}, {"uuid": "0f61e56d-0fb4-477d-856a-3ce3f54153b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "MISP/35b42540-d55e-4aed-99e3-be21d39a5a88", "content": "", "creation_timestamp": "2025-06-04T13:18:47.000000Z"}, {"uuid": "6ed546c9-a935-48c9-afaa-ef574632f667", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:09:56.000000Z"}, {"uuid": "bab0556d-ec36-49cb-aea7-7d847d13ce84", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "https://gist.github.com/morisono/cd3acb70cf84464b5142de89bf6efdb0", "content": "", "creation_timestamp": "2025-11-04T16:28:02.000000Z"}, {"uuid": "f17efb47-c2bb-4011-97dc-32c0c42d9d7b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "https://gist.github.com/Darkcrai86/a70952d5a12091d972ddbd31dd18a195", "content": "", "creation_timestamp": "2025-09-18T09:40:29.000000Z"}, {"uuid": "faedf52e-768f-4acc-8f39-3fb979049152", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "MISP/97a71f6f-e974-489a-a6e8-151c098bfaca", "content": "", "creation_timestamp": "2025-11-07T20:20:40.000000Z"}, {"uuid": "a4209b08-945b-4c9d-b762-d08207b98854", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "MISP/ab0b745f-bbd5-338e-8b92-97dd0c757e9d", "content": "", "creation_timestamp": "2025-08-31T03:00:57.000000Z"}, {"uuid": "e0caa7e7-8677-4da2-9544-332a0c92aabc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2021-34527", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-c39acbe0-91886c343547fcce", "content": "", "creation_timestamp": "2025-12-05T12:35:58.835385Z"}, {"uuid": "85fad449-2965-4b1f-a1fd-57ef99662e52", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/dcerpc/cve_2021_1675_printnightmare.rb", "content": "", "creation_timestamp": "2022-05-24T20:48:33.000000Z"}, {"uuid": "53254ea1-deb9-4cfc-a3df-58abb359e467", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "https://www.kyberturvallisuuskeskus.fi/fi/haavoittuvuus_19/2021", "content": "", "creation_timestamp": "2021-07-01T09:58:27.000000Z"}, {"uuid": "858a28c1-86f4-4e0d-9b61-c7a472851a17", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-1fdfda19-2805a58255f192e9", "content": "", "creation_timestamp": "2026-03-06T10:29:26.945736Z"}, {"uuid": "c161a4ee-80d2-462d-885e-0b55e8ebaeed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "https://gist.github.com/garagon/85a72cafb243e1a793677270ca7fad6d", "content": "", "creation_timestamp": "2026-02-17T13:27:58.000000Z"}, {"uuid": "cd3f262b-932e-471e-a4e1-128711a7625b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "https://gist.github.com/josephb4224/1d49fcfaa37fb1523b5451314f37b669", "content": "", "creation_timestamp": "2026-03-16T13:31:31.000000Z"}, {"uuid": "cce91a33-8941-4846-a28c-c91d811b10ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=608", "content": "", "creation_timestamp": "2021-07-14T04:00:00.000000Z"}, {"uuid": "b3f889f5-4a95-4c02-8ffc-0dbbdb7d7e07", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=605", "content": "", "creation_timestamp": "2021-07-02T04:00:00.000000Z"}, {"uuid": "00dcd0ac-9c97-4b41-8564-37004337ad06", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34527", "type": "exploited", "source": "https://t.me/GithubRedTeam/352", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aTo fight against Windows security breach PrintNightmare! (CVE-2021-34527, CVE-2021-1675)\nURL\uff1ahttps://github.com/Tomparte/PrintNightmare", "creation_timestamp": "2021-08-20T11:43:19.000000Z"}, {"uuid": "b94ef00a-42dc-433c-a2ea-1dc9ad949c20", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34527", "type": "exploited", "source": "https://t.me/GithubRedTeam/150", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aTo fight against Windows security breach PrintNightmare! (CVE-2021-34527, CVE-2021-1675)\nURL\uff1ahttps://github.com/Tomparte/PrintNightmare", "creation_timestamp": "2021-07-28T08:32:17.000000Z"}, {"uuid": "34cc278b-e217-4443-a7c9-d37bc2622c25", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2021-34527", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/ab11cc3b-5777-46c9-ac87-3b5a3b445c23", "content": "", "creation_timestamp": "2026-02-02T12:28:51.976496Z"}, {"uuid": "020871db-eced-4da6-998e-f07ad4f087b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34527", "type": "exploited", "source": "https://t.me/cKure/6065", "content": "\u25a0\u25a0\u25a0\u25a1\u25a1 CVE-2021-34527: Microsoft shares mitigations for Windows PrintNightmare zero-day bug.\n\nhttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34527\n\nhttps://www.bleepingcomputer.com/news/security/microsoft-shares-mitigations-for-windows-printnightmare-zero-day-bug/", "creation_timestamp": "2021-07-02T10:31:33.000000Z"}, {"uuid": "4393c6b7-e6b3-4e00-aa2a-560cd99e701f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "https://t.me/cKure/6118", "content": "\u25a0\u25a0\u25a0\u25a1\u25a1 Microsoft confirms the emergency security updates (KB5005010) to correctly address the PrintNightmare Print Spooler vulnerability (CVE-2021-34527).\n\nThis comes as many researchers doubted the fix for major vulnerability.", "creation_timestamp": "2021-07-09T09:36:24.000000Z"}, {"uuid": "42c070b1-6b74-44a6-acde-b731c7f4530e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "https://t.me/cKure/6111", "content": "\u25a0\u25a0\u25a0\u25a0\u25a0 Microsoft this week pushed an out-of-band patch for\u00a0CVE-2021-34527, which now has a CVSS \u201chigh severity\u201d score of 8.2.\n\nMimikatz creator\u00a0Benjamin Delpy said\u00a0the problem relates to the Point and Print function, which is designed to allow a Windows client to create a connection to a remote printer with first requiring installation media.\nThat effectively means an authenticated user could still gain administrator-level privileges on a machine running the Print Spooler service\u00a0to run arbitrary code.\n\nMicrosoft acknowledged\u00a0the issue at the bottom of its advisory.\n\u201cPoint and Print is not directly related to this vulnerability, but the technology weakens the local security posture in such a way that exploitation will be possible,\u201d it admitted. \u201cTo disallow Point and Print for non-administrators make sure that warning and elevation prompts are shown for printer installs and updates.\u201d", "creation_timestamp": "2021-07-08T10:48:07.000000Z"}, {"uuid": "f7fe2359-20e5-4a19-bee2-37a4fcebb6e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34527", "type": "published-proof-of-concept", "source": "Telegram/PHoJQGmgGzsQrC8Gnxfc8pLZD55xgKQzGqHQgQ7hPSbJXl0", "content": "", "creation_timestamp": "2025-11-19T15:00:09.000000Z"}, {"uuid": "cb93719a-e935-4923-8623-da64f7965be2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34527", "type": "exploited", "source": "https://t.me/GithubRedTeam/707", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aPython implementation for PrintNightmare (CVE-2021-1675 / CVE-2021-34527)\nURL\uff1ahttps://github.com/ly4k/PrintNightmare", "creation_timestamp": "2021-10-17T13:34:40.000000Z"}, {"uuid": "fc846988-e549-48ca-99f3-a15a17700fa1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "MISP/ed3db5cb-9b15-4548-871d-ed4c22b479a6", "content": "", "creation_timestamp": "2026-04-19T21:02:39.000000Z"}, {"uuid": "d6d23c24-70bf-44fc-b99f-a5754ce564d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34527", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7341", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aA PrintNightmare (CVE-2021-34527) Python Scanner. Scan entire subnets for hosts vulnerable to the PrintNightmare RCE\nURL\uff1ahttps://github.com/byt3bl33d3r/ItWasAllADream\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2024-05-19T16:54:53.000000Z"}, {"uuid": "e43dabbd-3505-4013-a9c8-68295f93b454", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34527", "type": "published-proof-of-concept", "source": "https://t.me/tech_b0lt_Genona/2703", "content": "> Microsoft strongly recommends installing the June 8, 2021 security updates.\n\nWindows Print Spooler Remote Code Execution Vulnerability\nhttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34527\n+\nA PrintNightmare (CVE-2021-3457) Python Scanner. Scan entire subnets for hosts vulnerable to the PrintNightmare RCE\nhttps://github.com/byt3bl33d3r/ItWasAllADream\n\n\u0417\u0430 \u043d\u0430\u0432\u043e\u0434\u043a\u0443 \u0441\u043f\u0430\u0441\u0438\u0431\u043e @oleg_log", "creation_timestamp": "2021-07-06T10:20:12.000000Z"}, {"uuid": "4ce389c7-0b89-41e1-9020-6299068313c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34527", "type": "published-proof-of-concept", "source": "Telegram/maf2TFOSyoSTf8xOkgyu0UgeCyGF21FfgwtUN3M8h6X6o90", "content": "", "creation_timestamp": "2025-08-24T15:00:06.000000Z"}, {"uuid": "8380aac1-ef42-4511-8499-2da67ada01f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34527", "type": "published-proof-of-concept", "source": "Telegram/HXnB78LZ993EnbGXdL2hofKwYDoKHSeDPKMDrtCNi3QDgzw", "content": "", "creation_timestamp": "2025-08-14T09:00:04.000000Z"}, {"uuid": "e24da1d0-adba-40b7-8899-e401a1f9942e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34527", "type": "exploited", "source": "https://t.me/CyberGovIL/1296", "content": "\u05e2\u05d3\u05db\u05d5\u05df \u05d4\u05d0\u05d1\u05d8\u05d7\u05d4 \u05d4\u05d7\u05d5\u05d3\u05e9\u05d9 \u05e9\u05dc \u05de\u05d9\u05e7\u05e8\u05d5\u05e1\u05d5\u05e4\u05d8 - \u05d9\u05d5\u05dc\u05d9 2021 | Com7752\n\n\u05d1-13 \u05dc\u05d7\u05d5\u05d3\u05e9 \u05e4\u05e8\u05e1\u05de\u05d4 \u05de\u05d9\u05e7\u05e8\u05d5\u05e1\u05d5\u05e4\u05d8 \u05db-117 \u05e2\u05d3\u05db\u05d5\u05e0\u05d9 \u05d0\u05d1\u05d8\u05d7\u05d4 \u05dc\u05e4\u05d2\u05d9\u05e2\u05d5\u05d9\u05d5\u05ea \u05d1\u05ea\u05d5\u05db\u05e0\u05d5\u05ea \u05e0\u05ea\u05de\u05db\u05d5\u05ea. 13 \u05e4\u05d2\u05d9\u05e2\u05d5\u05d9\u05d5\u05ea \u05de\u05e1\u05d5\u05d5\u05d2\u05d5\u05ea \u05db\u05e7\u05e8\u05d9\u05d8\u05d9\u05d5\u05ea. 44 \u05e4\u05d2\u05d9\u05e2\u05d5\u05d9\u05d5\u05ea \u05e0\u05d9\u05ea\u05e0\u05d5\u05ea \u05dc\u05e0\u05d9\u05e6\u05d5\u05dc \u05e2\u05dc \u05d9\u05d3\u05d9 \u05ea\u05d5\u05e7\u05e3 \u05de\u05e8\u05d5\u05d7\u05e7 \u05dc\u05d4\u05e8\u05e6\u05ea \u05e7\u05d5\u05d3 (RCE).\n\n4 \u05e4\u05d2\u05d9\u05e2\u05d5\u05d9\u05d5\u05ea \u05de\u05e0\u05d5\u05e6\u05dc\u05d5\u05ea \u05d1\u05e4\u05d5\u05e2\u05dc \u05e2\u05dc \u05d9\u05d3\u05d9 \u05ea\u05d5\u05e7\u05e4\u05d9\u05dd \u05d1\u05e2\u05d5\u05dc\u05dd (Zero Day), \u05db\u05d5\u05dc\u05dc \u05d4\u05e4\u05d2\u05d9\u05e2\u05d5\u05ea \u05d4\u05de\u05db\u05d5\u05e0\u05d4 PrintNightmare (CVE-2021-34527). \u05e4\u05e8\u05d8\u05d9\u05d4\u05df \u05e9\u05dc 5 \u05e4\u05d2\u05d9\u05e2\u05d5\u05d9\u05d5\u05ea \u05e0\u05d5\u05e1\u05e4\u05d5\u05ea \u05e4\u05d5\u05e8\u05e1\u05de\u05d5, \u05d0\u05da \u05dc\u05d0 \u05d9\u05d3\u05d5\u05e2 \u05e2\u05dc \u05e0\u05d9\u05e6\u05d5\u05dc \u05e9\u05dc\u05d4\u05dd \u05d1\u05e4\u05d5\u05e2\u05dc.\n\n\u05de\u05d5\u05de\u05dc\u05e5 \u05de\u05d0\u05d3 \u05dc\u05d1\u05d7\u05d5\u05df \u05d4\u05e2\u05d3\u05db\u05d5\u05e0\u05d9\u05dd \u05d1\u05e1\u05d1\u05d9\u05d1\u05ea \u05e0\u05d9\u05e1\u05d5\u05d9, \u05d5\u05dc\u05d4\u05ea\u05e7\u05d9\u05e0\u05dd \u05d1\u05d4\u05e7\u05d3\u05dd \u05d4\u05d0\u05e4\u05e9\u05e8\u05d9.", "creation_timestamp": "2021-07-14T12:32:47.000000Z"}, {"uuid": "fbd6df75-b67f-4861-9bb0-6d60c72edbe7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34527", "type": "published-proof-of-concept", "source": "https://t.me/NinjaSec/290", "content": "1. https://github.com/Sachinart/CVE-2025-32432\nCheck for CVE-2025-32432 vulnerability\n#github #exploit\n\n\n2. https://github.com/helidem/CVE-2025-24054-PoC\nProof of Concept for NTLM Hash Leak via .library-ms CVE-2025-24054\n#github #poc\n\n\n3. https://github.com/ajdumanhug/CVE-2023-46818\nCVE-2023-46818 Python3 Exploit for ISPConfig <= 3.2.11 PHP Code Injection\n#github #exploit\n\n\n4. https://github.com/0x6rss/CVE-2025-24071_PoC\nNTLM hash leak via .library-ms inside ZIP/RAR (CVE-2025-24071)\n#github #poc\n\n\n5. https://github.com/trickest/cve/blob/main/2022/CVE-2022-42092.md\nCVE-2022-42092 \u2013 Backdrop CMS RCE PoC\n#github #exploit\n\n\n6. https://github.com/nomi-sec/PoC-in-GitHub\nAggregated CVE Exploits and PoCs from GitHub\n#github #tool\n\n\n7. https://github.com/SofianeHamlaoui/CVE-2022-0492-Checker\nLinux Container Escape CVE-2022-0492 vulnerability checker\n#github #exploit\n\n\n8. https://github.com/xigney/CVE-2025-24054_PoC\nAlternate NTLM Hash Leak via .library-ms CVE-2025-24054\n#github #poc\n\n\n9. https://github.com/bipbopbup/CVE-2023-46818-python-exploit\nPython PoC for CVE-2023-46818 in ISPConfig\n#github #exploit\n\n\n10. https://github.com/Marcejr117/CVE-2025-24071_PoC\nNTLM Hash Leak using .library-ms via ZIP trick (CVE-2025-24071)\n#github #poc\n\n\n11. https://github.com/Ostorlab/KEV\nKnown Exploited Vulnerabilities Detector\n#github #scanner\n\n\n12. https://github.com/edoardottt/missing-cve-nuclei-templates\nMissing CVE Detection via Nuclei Templates\n#github #scanner\n\n\n13. https://github.com/hyp3rlinx/Advisories\nZero-Day Security Advisories and Exploits by Hyp3rlinx\n#github #exploit\n\n\n14. https://github.com/Kubashok/apple-cve-repos\nApple CVE Database Links Repository\n#github #cve\n\n\n15. https://github.com/esnet/Seccubus_v2\nSeccubus Test Data for Vulnerability Scanners\n#github #tool\n\n\n16. https://github.com/skordemir/Xml2Ontology\nNessus XML Vulnerability Report Samples\n#github #data\n\n\n17. https://github.com/madirish/hector\nHector: Vulnerability Management Tool with Sample Nessus Reports\n#github #tool\n\n\n18. https://github.com/projectdiscovery/nuclei-templates/issues/8804\nNuclei Template request for ISPConfig CVE-2023-46818\n#github #scanner\n\n\n19. https://github.com/projectdiscovery/nuclei-templates/issues/12020\nNuclei Template PoC Request for CraftCMS CVE-2025-32432\n#github #scanner\n\n\n20. https://github.com/tanjiti/sec_profile\nSecurity Profile Aggregator \u2013 CVE, CISA, NVD, etc.\n#github #intel\n\n\n21. https://github.com/cube0x0/CVE-2021-1675\nPrintNightmare Exploit PoC (CVE-2021-1675 / CVE-2021-34527)\n#github #exploit\n\n22. https://github.com/Maldev-Academy/LsassHijackingViaReg\n\nInjecting DLL into LSASS at boot\n#github #tools\n\n\nOpen-source tools and proof-of-concept (PoC) repositories related to recent CVEs, exploits, and security research. These resources are valuable for educational purposes and can aid students in understanding real-world vulnerabilities and exploitation techniques.", "creation_timestamp": "2025-05-05T10:30:13.000000Z"}, {"uuid": "92bda216-83dc-4ca6-8676-4714b9c5556c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34527", "type": "published-proof-of-concept", "source": "Telegram/JxyyR7DPCkvNqGXHwYf1FM_TYIK_7LUKbzPocNJOIh8q_94", "content": "", "creation_timestamp": "2025-08-05T21:00:04.000000Z"}, {"uuid": "6ef782f2-5955-44a6-a5c5-b35070caddf4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "https://t.me/YouPentest/4833", "content": "Understanding PrintNightmare Vulnerability | (CVE-2021-1675) and (CVE-2021-34527)\n\nhttps://www.youtube.com/watch?v=qRxzPOSlu3Y", "creation_timestamp": "2022-05-20T09:00:08.000000Z"}, {"uuid": "285c4a50-cea7-4f33-a393-333a9f6cd47f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "https://t.me/YouPentest/4935", "content": "Understanding PrintNightmare Vulnerability | (CVE-2021-1675) and (CVE-2021-34527) TryHackMe\n\nhttps://www.youtube.com/watch?v=qRxzPOSlu3Y", "creation_timestamp": "2022-05-29T13:08:28.000000Z"}, {"uuid": "ca3ccfb3-8f7f-42e9-aa40-b8657c3fa30c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34527", "type": "published-proof-of-concept", "source": "Telegram/RYetcLsOmihSjL6vrmK8b2EEcP3aYfaPpeqAArUjps5i1kk", "content": "", "creation_timestamp": "2025-07-25T03:00:05.000000Z"}, {"uuid": "49ac6f37-999c-4e77-a2c2-00f47375a457", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34527", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/349", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aA PrintNightmare (CVE-2021-34527) Python Scanner. Scan entire subnets for hosts vulnerable to the PrintNightmare RCE\nURL\uff1ahttps://github.com/AlAIAL90/CVE-2021-38534", "creation_timestamp": "2021-08-20T02:41:53.000000Z"}, {"uuid": "1a984c50-88f8-444d-a761-c298b3189600", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "https://t.me/ctinow/36539", "content": "Quick look at CVE-2021-1675 & CVE-2021-34527 (aka PrintNightmare)\n\nhttps://ift.tt/3qUGxTr", "creation_timestamp": "2021-07-08T07:05:33.000000Z"}, {"uuid": "9afa3ec4-a059-40a4-96eb-e511cca7ab9b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34527", "type": "published-proof-of-concept", "source": "https://t.me/alexmakus/4152", "content": "\u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0441\u0441\u044b\u043b\u043e\u043a, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043d\u0430\u043a\u043e\u043f\u0438\u043b\u0438\u0441\u044c \u0437\u0430 \u043d\u0435\u0434\u0435\u043b\u044e, \u043d\u043e \u043d\u0435 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0438 \u0432\u043e\u0432\u0440\u0435\u043c\u044f \u0441\u0432\u043e\u0435\u0433\u043e \u043f\u043e\u0441\u0442\u0430. \n\n1. \u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f PrintNightmare \u0432 Windows Print Spooler \n\nhttps://blog.malwarebytes.com/exploits-and-vulnerabilities/2021/07/printnightmare-0-day-can-be-used-to-take-over-windows-domain-controllers/\n\nhttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34527\n\n\u0438 \u043d\u0430 \u0440\u0443\u0441\u0441\u043a\u043e\u043c \u043e\u0431 \u044d\u0442\u043e\u043c \u0436\u0435 \nhttps://xakep.ru/2021/06/30/printnightmare/", "creation_timestamp": "2021-07-02T15:04:06.000000Z"}, {"uuid": "a8bf0e7a-aa55-44cf-b3d7-1270ddfaf468", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "https://t.me/ctinow/36538", "content": "Quick look at CVE-2021-1675 & CVE-2021-34527 (aka PrintNightmare)\n\nhttps://ift.tt/3qUGxTr", "creation_timestamp": "2021-07-08T07:05:32.000000Z"}, {"uuid": "66199298-b9dd-4691-9b55-ee46b87f16ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "https://t.me/arpsyndicate/53", "content": "#ExploitObserverAlert\n\nCVE-2021-34527\n\nDESCRIPTION: Exploit Observer has 193 entries related to CVE-2021-34527. Windows Print Spooler Remote Code Execution Vulnerability\n\nFIRST-EPSS: 0.967920000\nNVD-IS: 5.9\nNVD-ES: 2.8", "creation_timestamp": "2023-11-10T20:59:27.000000Z"}, {"uuid": "c566476e-bd3b-449b-8422-3e13d361bc70", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "https://t.me/arpsyndicate/1968", "content": "#ExploitObserverAlert\n\nCVE-2021-34527\n\nDESCRIPTION: Exploit Observer has 198 entries related to CVE-2021-34527. Windows Print Spooler Remote Code Execution Vulnerability\n\nFIRST-EPSS: 0.968610000\nNVD-IS: 5.9\nNVD-ES: 2.8", "creation_timestamp": "2023-12-18T10:56:40.000000Z"}, {"uuid": "f4d231ff-bccf-44ea-bd22-17120d10726a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "https://t.me/arpsyndicate/1004", "content": "#ExploitObserverAlert\n\nCVE-2021-34527\n\nDESCRIPTION: Exploit Observer has 198 entries related to CVE-2021-34527. Windows Print Spooler Remote Code Execution Vulnerability\n\nFIRST-EPSS: 0.967920000\nNVD-IS: 5.9\nNVD-ES: 2.8", "creation_timestamp": "2023-12-03T18:54:19.000000Z"}, {"uuid": "8e729a46-a638-436f-b17e-7b84d2c84639", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34527", "type": "published-proof-of-concept", "source": "https://t.me/CyberDilara/315", "content": "Tools - Hackers Factory\n\nGitHub - edoardottt/csprecon: Discover new target domains using Content Security Policy\n\nhttps://github.com/edoardottt/csprecon\n\nOSED Material (Offensive Security Exploit Developer) \n\nhttps://github.com/epi052/osed-scripts\n\nhttps://github.com/nop-tech/OSED\n\nExploitation-course OSED\n\nhttps://github.com/ashemery/exploitation-course\n\nGitHub - classvsoftware/spy-extension: A Chrome extension that will steal literally everything it can.\n\nhttps://github.com/classvsoftware/spy-extension\n\nA signal handler race condition in OpenSSH's server (sshd)\n\nhttps://github.com/zgzhang/cve-2024-6387-poc\n\nGitHub - blackhillsinfosec/skyhook: A round-trip obfuscated HTTP file transfer setup built to bypass IDS detections.\n\nhttps://github.com/blackhillsinfosec/skyhook\n\nRed-Team-Management/Red Team Courses\n\nhttps://github.com/CyberSecurityUP/Red-Team-Management/blob/main/Red%20Team%20Courses.md\n\nA CVE-2021-34527 (a.k.a PrintNightmare) Python Scanner\n\nhttps://github.com/byt3bl33d3r/ItWasAllADream\n\nDOME: A subdomain enumeration tool\n\nDownload: github.com/v4d1/Dome\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-07-03T13:13:10.000000Z"}, {"uuid": "9494d3bc-335a-4220-ab6d-a7e473b1f183", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34527", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/8134", "content": "Tools - Hackers Factory\n\nGitHub - edoardottt/csprecon: Discover new target domains using Content Security Policy\n\nhttps://github.com/edoardottt/csprecon\n\nOSED Material (Offensive Security Exploit Developer) \n\nhttps://github.com/epi052/osed-scripts\n\nhttps://github.com/nop-tech/OSED\n\nExploitation-course OSED\n\nhttps://github.com/ashemery/exploitation-course\n\nGitHub - classvsoftware/spy-extension: A Chrome extension that will steal literally everything it can.\n\nhttps://github.com/classvsoftware/spy-extension\n\nA signal handler race condition in OpenSSH's server (sshd)\n\nhttps://github.com/zgzhang/cve-2024-6387-poc\n\nGitHub - blackhillsinfosec/skyhook: A round-trip obfuscated HTTP file transfer setup built to bypass IDS detections.\n\nhttps://github.com/blackhillsinfosec/skyhook\n\nRed-Team-Management/Red Team Courses\n\nhttps://github.com/CyberSecurityUP/Red-Team-Management/blob/main/Red%20Team%20Courses.md\n\nA CVE-2021-34527 (a.k.a PrintNightmare) Python Scanner\n\nhttps://github.com/byt3bl33d3r/ItWasAllADream\n\nDOME: A subdomain enumeration tool\n\nDownload: github.com/v4d1/Dome\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-07-03T09:29:11.000000Z"}, {"uuid": "24661743-e609-463f-adda-d9439973269f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34527", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/6854", "content": "Tools - Hackers Factory\n\nGitHub - edoardottt/csprecon: Discover new target domains using Content Security Policy\n\nhttps://github.com/edoardottt/csprecon\n\nOSED Material (Offensive Security Exploit Developer) \n\nhttps://github.com/epi052/osed-scripts\n\nhttps://github.com/nop-tech/OSED\n\nExploitation-course OSED\n\nhttps://github.com/ashemery/exploitation-course\n\nGitHub - classvsoftware/spy-extension: A Chrome extension that will steal literally everything it can.\n\nhttps://github.com/classvsoftware/spy-extension\n\nA signal handler race condition in OpenSSH's server (sshd)\n\nhttps://github.com/zgzhang/cve-2024-6387-poc\n\nGitHub - blackhillsinfosec/skyhook: A round-trip obfuscated HTTP file transfer setup built to bypass IDS detections.\n\nhttps://github.com/blackhillsinfosec/skyhook\n\nRed-Team-Management/Red Team Courses\n\nhttps://github.com/CyberSecurityUP/Red-Team-Management/blob/main/Red%20Team%20Courses.md\n\nA CVE-2021-34527 (a.k.a PrintNightmare) Python Scanner\n\nhttps://github.com/byt3bl33d3r/ItWasAllADream\n\nDOME: A subdomain enumeration tool\n\nDownload: github.com/v4d1/Dome\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-07-03T09:29:11.000000Z"}, {"uuid": "72579b1b-8d98-4d85-9c76-357fd8319af1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "Telegram/OyEnlKyppd2Ylh8X3oW0sPtwBmUxvPHi0K9qUZZP0i_K", "content": "", "creation_timestamp": "2021-07-10T23:31:01.000000Z"}, {"uuid": "84172659-4bdf-432d-8666-a64c695e9375", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34527", "type": "exploited", "source": "Telegram/4V4q-6XkdjSEtZrfEKw8LiqCJ-z8N84ZsfQMHSWoVrFKsw", "content": "", "creation_timestamp": "2022-08-27T09:27:09.000000Z"}, {"uuid": "7a59e309-bd35-43af-9871-b1d26576beb0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34527", "type": "exploited", "source": "https://t.me/dilagrafie/178", "content": "20 #Tools - \ud835\udddb\ud835\uddee\ud835\uddf0\ud835\uddf8\ud835\uddf2\ud835\uddff\ud835\ude00 \ud835\uddd9\ud835\uddee\ud835\uddf0\ud835\ude01\ud835\uddfc\ud835\uddff\ud835\ude06\n\nParanoid \n\nParanoid project checks for well known weaknesses on cryptographic artifacts such as public keys, digital signatures and general pseudorandom numbers. This library contains implementations and optimizations of existing work found in the literature. The existing work showed that the generation of these artifacts was flawed in some cases. The following are some examples of publications the library is based on.\n\nhttps://github.com/google/paranoid_crypto\n\npre2k\n\nPre2k is a tool to query for the existence of pre-windows 2000 computer objects which can be leveraged to gain a foothold in a target domain as discovered by TrustedSec's @Oddvarmoe. \n\nPre2k can be ran from an uanuthenticated context to perform a password spray from a provided list of recovered hostnames (such as from an RPC/LDAP null bind) or from an authenticated context to perform a targeted or broad password spray. \n\nUsers have the flexibility to target every machine or to stop on the first successful authentication as well as the ability to request and store a valid TGT in .ccache form in their current working directory.\n\nhttps://github.com/garrettfoster13/pre2k\n\nPrintNightmare (CVE-2021-34527)\n\nThis version of the PrintNightmare exploit is heavily based on the code created by Cube0x0, with the following features:\n\n\u25ab\ufe0f Ability to target multiple hosts.\n\u25ab\ufe0f Built-in SMB server for payload delivery, removing the need for open file shares.\n\u25ab\ufe0f Exploit includes both MS-RPRN & MS-PAR protocols (define in CMD args).\n\u25ab\ufe0f Implements @gentilkiwi's UNC bypass technique.\n\nhttps://github.com/m8sec/CVE-2021-34527\n\nExploiting PrintNightmare (CVE-2021\u201334527)\nhttps://infosecwriteups.com/exploiting-printnightmare-cve-2021-34527-10c6e0f5b83f\n\n#cve\n\nGeogramint \n\n#OSINT Geolocalization tool for Telegram\n\nGeogramint is an OSINT tool that uses Telegram's API to find nearby users and groups. Inspired by Tejado's Telegram Nearby Map, which is no longer maintained, it aims to provide a more user-friendly alternative.\n\nGeogramint only finds Telegram users and groups which have activated the nearby feature. Per default it is deactivated.\n\nThe tool is fully supported on Windows and partially supported on Mac OS and Linux distributions.\n\nhttps://github.com/Alb-310/Geogramint\n\npynipper-ng \n\nA configuration security analyzer for network devices. The goal of this tool is check the vulnerabilities and misconfigurations of routers, firewalls and switches reporting the issues in a simple way.\n\nThis tool is based on nipper-ng, updated and translated to Python. The project wants to improve the set of rules that detect security misconfigurations of the network devices using multiple standard benchmarks (like CIS Benchmark) and integrate the tool with APIs (like PSIRT Cisco API) to scan known vulnerabilities.\n\nhttps://github.com/syn-4ck/pynipper-ng\n\nBug-Bounty-Methodology\n\nThese are my checklists which I use during my bug bounty hunting.\n\nhttps://github.com/tuhin1729/Bug-Bounty-Methodology\n\nwhids\n\nEDR with artifact collection driven by detection. The detection engine is built on top of a previous project Gene specially designed to match Windows events against user defined rules.\n\nhttps://github.com/0xrawsec/whids\n\nClash\n\nA rule-based tunnel in Go.\n\nFeatures:\n\u25ab\ufe0f Local HTTP/HTTPS/SOCKS server with authentication support\n\u25ab\ufe0f Shadowsocks(R), VMess, Trojan, Snell, SOCKS5, HTTP(S) outbound support\n\u25ab\ufe0f Built-in fake-ip DNS server that aims to minimize DNS pollution attack impact. DoH/DoT upstream supported.\n\u25ab\ufe0f Rules based off domains, GEOIP, IP-CIDR or process names to route packets to different destinations\n\u25ab\ufe0f Proxy groups allow users to implement powerful rules. Supports automatic fallback, load balancing or auto select proxy based off latency\n\u25ab\ufe0f Remote providers, allowing users to get proxy lists remotely instead of hardcoding in config\n\u25ab\ufe0f Transparent proxy: Redirect TCP and TProxy TCP/UDP with automatic route table/rule management\n\u25ab\ufe0f Hot-reload via the comprehensive HTTP RESTful API controller\n\nhttps://github.com/Dreamacro/clash\n\n1/3", "creation_timestamp": "2022-12-17T10:25:12.000000Z"}, {"uuid": "440f678b-ed9f-4168-8cb5-478c14f6ded6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34527", "type": "exploited", "source": "https://t.me/dilagrafie/2148", "content": "20 #Tools - \ud835\udddb\ud835\uddee\ud835\uddf0\ud835\uddf8\ud835\uddf2\ud835\uddff\ud835\ude00 \ud835\uddd9\ud835\uddee\ud835\uddf0\ud835\ude01\ud835\uddfc\ud835\uddff\ud835\ude06\n\nParanoid \n\nParanoid project checks for well known weaknesses on cryptographic artifacts such as public keys, digital signatures and general pseudorandom numbers. This library contains implementations and optimizations of existing work found in the literature. The existing work showed that the generation of these artifacts was flawed in some cases. The following are some examples of publications the library is based on.\n\nhttps://github.com/google/paranoid_crypto\n\npre2k\n\nPre2k is a tool to query for the existence of pre-windows 2000 computer objects which can be leveraged to gain a foothold in a target domain as discovered by TrustedSec's @Oddvarmoe. \n\nPre2k can be ran from an uanuthenticated context to perform a password spray from a provided list of recovered hostnames (such as from an RPC/LDAP null bind) or from an authenticated context to perform a targeted or broad password spray. \n\nUsers have the flexibility to target every machine or to stop on the first successful authentication as well as the ability to request and store a valid TGT in .ccache form in their current working directory.\n\nhttps://github.com/garrettfoster13/pre2k\n\nPrintNightmare (CVE-2021-34527)\n\nThis version of the PrintNightmare exploit is heavily based on the code created by Cube0x0, with the following features:\n\n\u25ab\ufe0f Ability to target multiple hosts.\n\u25ab\ufe0f Built-in SMB server for payload delivery, removing the need for open file shares.\n\u25ab\ufe0f Exploit includes both MS-RPRN & MS-PAR protocols (define in CMD args).\n\u25ab\ufe0f Implements @gentilkiwi's UNC bypass technique.\n\nhttps://github.com/m8sec/CVE-2021-34527\n\nExploiting PrintNightmare (CVE-2021\u201334527)\nhttps://infosecwriteups.com/exploiting-printnightmare-cve-2021-34527-10c6e0f5b83f\n\n#cve\n\nGeogramint \n\n#OSINT Geolocalization tool for Telegram\n\nGeogramint is an OSINT tool that uses Telegram's API to find nearby users and groups. Inspired by Tejado's Telegram Nearby Map, which is no longer maintained, it aims to provide a more user-friendly alternative.\n\nGeogramint only finds Telegram users and groups which have activated the nearby feature. Per default it is deactivated.\n\nThe tool is fully supported on Windows and partially supported on Mac OS and Linux distributions.\n\nhttps://github.com/Alb-310/Geogramint\n\npynipper-ng \n\nA configuration security analyzer for network devices. The goal of this tool is check the vulnerabilities and misconfigurations of routers, firewalls and switches reporting the issues in a simple way.\n\nThis tool is based on nipper-ng, updated and translated to Python. The project wants to improve the set of rules that detect security misconfigurations of the network devices using multiple standard benchmarks (like CIS Benchmark) and integrate the tool with APIs (like PSIRT Cisco API) to scan known vulnerabilities.\n\nhttps://github.com/syn-4ck/pynipper-ng\n\nBug-Bounty-Methodology\n\nThese are my checklists which I use during my bug bounty hunting.\n\nhttps://github.com/tuhin1729/Bug-Bounty-Methodology\n\nwhids\n\nEDR with artifact collection driven by detection. The detection engine is built on top of a previous project Gene specially designed to match Windows events against user defined rules.\n\nhttps://github.com/0xrawsec/whids\n\nClash\n\nA rule-based tunnel in Go.\n\nFeatures:\n\u25ab\ufe0f Local HTTP/HTTPS/SOCKS server with authentication support\n\u25ab\ufe0f Shadowsocks(R), VMess, Trojan, Snell, SOCKS5, HTTP(S) outbound support\n\u25ab\ufe0f Built-in fake-ip DNS server that aims to minimize DNS pollution attack impact. DoH/DoT upstream supported.\n\u25ab\ufe0f Rules based off domains, GEOIP, IP-CIDR or process names to route packets to different destinations\n\u25ab\ufe0f Proxy groups allow users to implement powerful rules. Supports automatic fallback, load balancing or auto select proxy based off latency\n\u25ab\ufe0f Remote providers, allowing users to get proxy lists remotely instead of hardcoding in config\n\u25ab\ufe0f Transparent proxy: Redirect TCP and TProxy TCP/UDP with automatic route table/rule management\n\u25ab\ufe0f Hot-reload via the comprehensive HTTP RESTful API controller\n\nhttps://github.com/Dreamacro/clash\n\n1/3", "creation_timestamp": "2022-12-17T10:25:12.000000Z"}, {"uuid": "ccc1f694-02f3-4071-994e-d038128ea61c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34527", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3373", "content": "Tools - Hackers Factory\n\nGitHub - edoardottt/csprecon: Discover new target domains using Content Security Policy\n\nhttps://github.com/edoardottt/csprecon\n\nOSED Material (Offensive Security Exploit Developer) \n\nhttps://github.com/epi052/osed-scripts\n\nhttps://github.com/nop-tech/OSED\n\nExploitation-course OSED\n\nhttps://github.com/ashemery/exploitation-course\n\nGitHub - classvsoftware/spy-extension: A Chrome extension that will steal literally everything it can.\n\nhttps://github.com/classvsoftware/spy-extension\n\nA signal handler race condition in OpenSSH's server (sshd)\n\nhttps://github.com/zgzhang/cve-2024-6387-poc\n\nGitHub - blackhillsinfosec/skyhook: A round-trip obfuscated HTTP file transfer setup built to bypass IDS detections.\n\nhttps://github.com/blackhillsinfosec/skyhook\n\nRed-Team-Management/Red Team Courses\n\nhttps://github.com/CyberSecurityUP/Red-Team-Management/blob/main/Red%20Team%20Courses.md\n\nA CVE-2021-34527 (a.k.a PrintNightmare) Python Scanner\n\nhttps://github.com/byt3bl33d3r/ItWasAllADream\n\nDOME: A subdomain enumeration tool\n\nDownload: github.com/v4d1/Dome\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-07-03T09:46:36.000000Z"}, {"uuid": "52429a27-55f0-4752-b602-c775128cf72e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34527", "type": "published-proof-of-concept", "source": "https://t.me/hacker_trick/297", "content": "#Python implementation for #PrintNightmare #CVE-2021-1675 / #CVE-2021-34527\n\nhttps://github.com/ly4k/PrintNightmare", "creation_timestamp": "2021-10-17T15:37:17.000000Z"}, {"uuid": "709f2330-ac9e-4f9d-b94d-ce9db2821f64", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34527", "type": "exploited", "source": "https://t.me/CyberSecurityIL/4224", "content": "\u05de\u05d9\u05d9\u05e7\u05e8\u05d5\u05e1\u05d5\u05e4\u05d8 \u05de\u05e9\u05d7\u05e8\u05e8\u05ea \u05e2\u05d3\u05db\u05d5\u05df \u05dc\u05e4\u05d2\u05d9\u05e2\u05d5\u05ea PrintNightmare \u05d0\u05da \u05d4\u05e2\u05d3\u05db\u05d5\u05df \u05e9\u05e4\u05d5\u05e8\u05e1\u05dd \u05dc\u05d0 \u05e1\u05d5\u05d2\u05e8 \u05d0\u05ea \u05d4\u05e4\u05d2\u05d9\u05e2\u05d5\u05ea.\n\n\u05dc\u05e4\u05e0\u05d9 \u05de\u05e1\u05e4\u05e8 \u05d9\u05de\u05d9\u05dd \u05e4\u05d5\u05e8\u05e1\u05dd \u05db\u05d9 \u05e7\u05d9\u05d9\u05de\u05ea \u05e4\u05d2\u05d9\u05e2\u05d5\u05ea \u05d1\u05e9\u05d9\u05e8\u05d5\u05ea \u05d4-Print Spooler \u05d4\u05e7\u05d9\u05d9\u05dd \u05d1\u05de\u05e2\u05e8\u05db\u05ea \u05d4\u05d4\u05e4\u05e2\u05dc\u05d4 \u05e9\u05dc \u05de\u05d9\u05d9\u05e7\u05e8\u05d5\u05e1\u05d5\u05e4\u05d8 (CVE-2021-34527)\n\u05d4\u05e4\u05d2\u05d9\u05e2\u05d5\u05ea \u05de\u05d0\u05e4\u05e9\u05e8\u05ea \u05dc\u05d4\u05d0\u05e7\u05e8\u05d9\u05dd \u05dc\u05d4\u05e8\u05d9\u05e5 \u05e7\u05d5\u05d3 \u05de\u05e8\u05d7\u05d5\u05e7 \u05e2\u05dc \u05d4\u05ea\u05d7\u05e0\u05d5\u05ea \u05d5\u05dc\u05d4\u05e9\u05d9\u05d2 \u05d4\u05e8\u05e9\u05d0\u05d5\u05ea \u05e9\u05dc \u05de\u05e9\u05ea\u05de\u05e9 \u05d7\u05d6\u05e7 \u05d1\u05ea\u05d7\u05e0\u05d4.\n\n\u05de\u05d9\u05d9\u05e7\u05e8\u05d5\u05e1\u05d5\u05e4\u05d8 \u05d4\u05d5\u05e6\u05d9\u05d0\u05d4 \u05d0\u05ea\u05de\u05d5\u05dc \u05e2\u05d3\u05db\u05d5\u05df \u05de\u05e2\u05e8\u05db\u05ea \u05e9\u05e0\u05d5\u05e2\u05d3 \u05dc\u05d8\u05e4\u05dc \u05d1\u05e4\u05d2\u05d9\u05e2\u05d5\u05ea \u05d0\u05da \u05d7\u05d5\u05e7\u05e8\u05d9 \u05d0\u05d1\u05d8\"\u05de \u05de\u05d3\u05d5\u05d5\u05d7\u05d9\u05dd \u05db\u05d9 \u05d2\u05dd \u05dc\u05d0\u05d7\u05e8 \u05d4\u05ea\u05e7\u05e0\u05ea \u05d4\u05e2\u05d3\u05db\u05d5\u05df \u05d4\u05e4\u05d2\u05d9\u05e2\u05d5\u05ea \u05e2\u05d3\u05d9\u05d9\u05df \u05e7\u05d9\u05d9\u05de\u05ea.\n\nhttps://t.me/CyberSecurityIL/1153\n\nhttps://www.bleepingcomputer.com/news/security/microsoft-printnightmare-now-patched-on-all-windows-versions/", "creation_timestamp": "2021-07-08T09:22:42.000000Z"}, {"uuid": "53347385-65d5-4c60-903e-85e0de8921a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34527", "type": "exploited", "source": "https://t.me/crackcodes/1093", "content": "Updates On Hackbyte Forum:-\n\n1. PrintNightmare (CVE-2021-34527)\n2. START.ru Leak\n3. SEC Sonora Mexico DataBase Leak\n4. mpa.zj.gov.cn Food and Drug Administration Computers files\n5. Moriarty-Project: This tool gives information about the phone number that you entered\n6. Discord-QR-Token-Logger: Utilises Discord QR Login Feature To Create a Token Logger Scannable QR code\n7. Elevator - Allows to bypass the UAC and spawn an elevated process with full administrator privileges.\n8. Linksys E1200 buffer overflow vulnerability\n9. GrabAccess - A tool for bypassing Windows login passwords and Bitlocker.\n10. FiberHome VDSL2 Modem HG150-Ub_V3.0 (PTCL) \u2013 Admin Credentials are submitted in the URL\n11. Gel4y Mini Shell Backdoor\n12. Wpushell\n13. r77 Rootkit\n14. autodeauth - A tool built to automatically deauth local networks\n\n\ud83d\udc49\ud83c\udffb\ud83d\udc49\ud83c\udffbAll Updates On :- https://bit.ly/3yRyah3 \ud83d\udc48\ud83c\udffb\ud83d\udc48\ud83c\udffb", "creation_timestamp": "2022-09-02T17:32:22.000000Z"}, {"uuid": "b891d104-e26c-4eda-a649-85da3d717f94", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34527", "type": "exploited", "source": "Telegram/jnRWahjJjVo8NewVccxTAO3vtpAuoPi8skWmGsXoQTEsIw", "content": "", "creation_timestamp": "2021-07-07T15:48:46.000000Z"}, {"uuid": "7ec0cf6c-3c28-45d0-a4e9-ee5d51898773", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34527", "type": "exploited", "source": "https://t.me/true_secator/2001", "content": "\u0412 \u0442\u043e \u0432\u0440\u0435\u043c\u044f \u043f\u043e\u043a\u0430 \u0432\u0435\u0441\u044c \u0438\u043d\u0444\u043e\u0441\u0435\u043a \u043f\u043e \u043e\u0447\u0435\u0440\u0435\u0434\u043d\u043e \u0441 Microsoft \u0432\u044b\u043f\u0438\u043b\u0438\u0432\u0430\u0435\u0442 \u0432\u0441\u0435 \u043d\u043e\u0432\u044b\u0435 \u0438 \u043d\u043e\u0432\u044b\u0435 \u0434\u044b\u0440\u044b PrintNightmare (\u0433\u0440\u0443\u043f\u043f\u0430 \u043e\u0448\u0438\u0431\u043e\u043a CVE-2021-1675 , CVE-2021-34527 \u0438 CVE-2021-36958), \u0445\u0430\u043a\u0435\u0440\u0441\u043a\u0430\u044f \u0438\u043d\u0434\u0443\u0441\u0442\u0440\u0438\u044f \u0443\u0441\u043f\u0435\u0448\u043d\u043e \u043f\u0435\u0440\u0435\u043d\u0438\u043c\u0430\u0435\u0442 \u043f\u0435\u0440\u0435\u0434\u043e\u0432\u043e\u0439 \u043e\u043f\u044b\u0442 \u043a\u043e\u043b\u043b\u0435\u0433, \u0434\u043e\u0431\u0430\u0432\u043b\u044f\u044f \u0432 \u0441\u0432\u043e\u0439 \u0430\u0440\u0441\u0435\u043d\u0430\u043b \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b \u0434\u043b\u044f \u0432\u0437\u043b\u043e\u043c\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 Windows.\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u044d\u0442\u0438 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043f\u0440\u0438 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u043c \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 (LPE) \u0434\u043b\u044f \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u043e\u0432 \u0434\u043e\u043c\u0435\u043d\u0430 Windows \u0447\u0435\u0440\u0435\u0437 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430 (RCE) \u0441 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438 SYSTEM.\n\n\u041d\u0430 \u0434\u043d\u044f\u0445 Crowdstrike \u0443\u043b\u0438\u0447\u0438\u043b\u0438 \u0432 \u044d\u0442\u043e\u043c \u0431\u0430\u043d\u0434\u0443 \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0435\u0439 Magniber, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0442\u0435\u043f\u0435\u0440\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b PrintNightmare \u0434\u043b\u044f \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044f \u043f\u043e\u043b\u0435\u0437\u043d\u044b\u0445 \u043d\u0430\u0433\u0440\u0443\u0437\u043e\u043a \u0432 \u0445\u043e\u0434\u0435 \u0430\u0442\u0430\u043a \u043d\u0430 \u044e\u0436\u043d\u043e\u043a\u043e\u0440\u0435\u0439\u0441\u043a\u0438\u0445 \u0436\u0435\u0440\u0442\u0432. \u0423\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u043e, \u0447\u0442\u043e \u043f\u043e\u0441\u043b\u0435 \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432, \u043d\u0430 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043d\u0435 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435, Magniber \u0443\u0434\u0430\u043b\u044f\u0435\u0442 \u0437\u0430\u043f\u0443\u0442\u0430\u043d\u043d\u044b\u0439 \u0437\u0430\u0433\u0440\u0443\u0437\u0447\u0438\u043a DLL, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0441\u043d\u0430\u0447\u0430\u043b\u0430 \u0432\u0432\u043e\u0434\u0438\u0442\u0441\u044f \u0432 \u043f\u0440\u043e\u0446\u0435\u0441\u0441, \u0430 \u0437\u0430\u0442\u0435\u043c \u0440\u0430\u0441\u043f\u0430\u043a\u043e\u0432\u044b\u0432\u0430\u0435\u0442\u0441\u044f \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043e\u0431\u0445\u043e\u0434\u0430 \u0444\u0430\u0439\u043b\u043e\u0432 \u0438 \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0444\u0430\u0439\u043b\u043e\u0432 \u043d\u0430 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435.\n\nMagniber \u0430\u043a\u0442\u0438\u0432\u043d\u0430 \u0441 \u043e\u043a\u0442\u044f\u0431\u0440\u044f 2017 \u0433\u043e\u0434\u0430, \u043f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u044f\u043b\u0430\u0441\u044c \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0439 \u0440\u0435\u043a\u043b\u0430\u043c\u044b \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u043a\u043e\u043c\u043f\u043b\u0435\u043a\u0442\u0430 Magnitude Exploit Kit (EK) \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u043f\u0440\u0435\u0435\u043c\u043d\u0438\u043a\u0430 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u044b-\u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u044f Cerber, \u0441\u0435\u0439\u0447\u0430\u0441 \u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0447\u0435\u0440\u0435\u0437 Magnitude EK \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u043f\u043e\u0434 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c Internet Explorer \u0441 \u043d\u0435\u043f\u0440\u043e\u043f\u0430\u0442\u0447\u0435\u043d\u043d\u043e\u0439 CVE-2020-0968. \u0413\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0430 \u0441\u043e\u0441\u0440\u0435\u0434\u043e\u0442\u043e\u0447\u0435\u043d\u0430 \u043d\u0430 \u042e\u0436\u043d\u0443\u044e \u041a\u043e\u0440\u0435\u044e, \u041a\u0438\u0442\u0430\u0439, \u0422\u0430\u0439\u0432\u0430\u043d\u044c, \u0413\u043e\u043d\u043a\u043e\u043d\u0433, \u0421\u0438\u043d\u0433\u0430\u043f\u0443\u0440, \u041c\u0430\u043b\u0430\u0439\u0437\u0438\u044e \u0438 \u0434\u0440\u0443\u0433\u0438\u0435. \u0418 \u0432 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0435 30 \u0434\u043d\u0435\u0439 \u0441\u0442\u0430\u043b\u0430 \u043e\u0441\u043e\u0431\u0435\u043d\u043d\u043e \u0430\u043a\u0442\u0438\u0432\u043d\u0430, \u0442\u0435\u043f\u0435\u0440\u044c \u043f\u043e\u043d\u044f\u0442\u043d\u043e \u043f\u043e\u0447\u0435\u043c\u0443.\n\n\u041a \u0430\u0442\u0430\u043a\u0430\u043c PrintNightmare \u043f\u0440\u0438\u0441\u043e\u0441\u0435\u0434\u0438\u043b\u0438\u0441\u044c \u0438 ransomware Vice Society (\u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0435 \u0441 HelloKitty), \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u0431\u043e\u043a\u043e\u0432\u043e\u0433\u043e \u043f\u0435\u0440\u0435\u043c\u0435\u0449\u0435\u043d\u0438\u044f \u043f\u043e \u0441\u0435\u0442\u044f\u043c \u0441\u0432\u043e\u0438\u0445 \u0436\u0435\u0440\u0442\u0432. \u0410\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u044c \u0431\u0430\u043d\u0434\u044b \u043f\u043e\u043f\u0430\u043b\u0430 \u043f\u043e\u0434 \u043f\u0440\u0438\u0446\u0435\u043b Cisco Talos, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0443\u0432\u0438\u0434\u0435\u043b\u0438, \u043a\u0430\u043a Vice Society \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u044e\u0442 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u0443\u044e \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0443 \u0434\u0438\u043d\u0430\u043c\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u043a\u043e\u043c\u043f\u043e\u043d\u043e\u0432\u043a\u0438 (DLL) \u0434\u043b\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u0434\u0432\u0443\u0445 \u043e\u0448\u0438\u0431\u043e\u043a CVE-2021-1675 \u0438 CVE-2021-34527.\n\n\u041a\u0430\u043a \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e, Vice Society \u0448\u0438\u0444\u0440\u0443\u0435\u0442 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Windows \u0438 Linux \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e OpenSSL (AES256 + secp256k1 + ECDSA) \u0438 \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u0430 \u043d\u0430 \u043c\u0430\u043b\u0435\u043d\u044c\u043a\u0438\u0445 \u0438\u043b\u0438 \u0441\u0440\u0435\u0434\u043d\u0438\u0445 \u0436\u0435\u0440\u0442\u0432, \u043f\u0440\u0430\u043a\u0442\u0438\u043a\u0443\u0435\u0442 \u0434\u0432\u043e\u0439\u043d\u043e\u0435 \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u043e, \u043f\u0440\u0438 \u044d\u0442\u043e\u043c \u043e\u0441\u043e\u0431\u043e\u0435 \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u0435 \u0443\u0434\u0435\u043b\u044f\u0435\u0442\u0441\u044f \u043e\u0431\u0440\u0430\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u043d\u044b\u043c \u0443\u0447\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u044f\u043c. TTP \u0432\u043a\u043b\u044e\u0447\u0430\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u0438\u0435 \u0440\u0435\u0437\u0435\u0440\u0432\u043d\u044b\u0445 \u043a\u043e\u043f\u0438\u0439 \u0434\u043b\u044f \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0449\u0435\u043d\u0438\u044f \u0432\u043e\u0441\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0437\u0430\u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u0436\u0435\u0440\u0442\u0432\u0430\u043c\u0438 \u0438 \u043e\u0431\u0445\u043e\u0434 \u0441\u0440\u0435\u0434\u0441\u0442\u0432 \u0437\u0430\u0449\u0438\u0442\u044b Windows \u0434\u043b\u044f \u043a\u0440\u0430\u0436\u0438 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u0438 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u043a \u043d\u043e\u0432\u0438\u0447\u043a\u0430\u043c \u043b\u0435\u043d\u0442\u044b \u0441\u043e\u0432\u0441\u0435\u043c \u043d\u0435\u0434\u0430\u0432\u043d\u043e \u0442\u0430\u043a\u0436\u0435 \u043f\u0440\u0438\u0441\u043e\u0435\u0434\u0438\u043d\u0438\u043b\u0438\u0441\u044c \u0438 Conti, \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u0443\u044f \u0441\u0435\u0440\u0432\u0435\u0440\u0430 Windows \u043f\u043e\u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e\u043c \u0438\u0437\u043b\u044e\u0431\u043b\u0435\u043d\u043d\u043e\u0439  PrintNightmare.\n\n\u0414\u0430 \u0438 \u0432\u043e\u043e\u0431\u0449\u0435 \u044d\u0442\u043e\u0442 \u0441\u043f\u0438\u0441\u043e\u043a \u0431\u0443\u0434\u0435\u0442 \u0440\u0430\u0441\u0442\u0438 \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u0431\u044b\u0441\u0442\u0440\u043e, \u0440\u0430\u0432\u043d\u043e \u043a\u0430\u043a \u0438 \u0441\u043f\u0438\u0441\u043e\u043a \u0438\u0445 \u0436\u0435\u0440\u0442\u0432. \u0422\u0435\u043d\u0434\u0435\u043d\u0446\u0438\u044f, \u043a\u0430\u043a \u0433\u043e\u0432\u043e\u0440\u0438\u0442\u0441\u044f, \u043d\u0430 \u043b\u0438\u0446\u043e.", "creation_timestamp": "2021-08-13T16:07:13.000000Z"}, {"uuid": "8ef49163-85f1-4646-a414-2d6ae82d6caa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34527", "type": "published-proof-of-concept", "source": "Telegram/Ou-Kzzl3nLkADt9_Yue4jZMgPKq1aQqAvVswhjnvvkETSg", "content": "", "creation_timestamp": "2021-07-16T14:35:20.000000Z"}, {"uuid": "0dd54206-d052-4538-987e-14e7d1c92f00", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "https://t.me/NeKaspersky/1034", "content": "Microsoft \u0432\u043d\u0435\u043f\u043b\u0430\u043d\u043e\u0432\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u044f\u0435\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c PrintNightmare\n\n\u042d\u043a\u0441\u0442\u0440\u0435\u043d\u043d\u043e\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c(CVE-2021-34527) \u0432 \u0441\u0435\u0440\u0432\u0438\u0441\u0435 \u043f\u0435\u0447\u0430\u0442\u0438 Windows Print Spooler. \u041e\u043d\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e \u0437\u0430\u0445\u0432\u0430\u0442\u0438\u0442\u044c \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u043d\u0430\u0434 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u043c\u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u043c\u0438. \u041f\u0430\u0442\u0447\u0438 \u0443\u0436\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b. \n\nhttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34527", "creation_timestamp": "2021-07-07T20:09:48.000000Z"}, {"uuid": "a0755326-c2f5-474b-9b72-9b7e6f311468", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "https://t.me/true_secator/1917", "content": "\u200b\u200b\u041e\u0442\u043b\u0438\u0447\u0438\u043b\u0441\u044f \u043d\u0435 \u0442\u043e\u043b\u044c\u043a\u043e SAP, \u043e\u0442\u043c\u0435\u0442\u0438\u043b\u0441\u044f \u0438 Microsoft \u0441\u0432\u043e\u0438\u043c \u044d\u043f\u0438\u0447\u0435\u0441\u043a\u0438\u043c \u043f\u0430\u0442\u0447\u0435\u043c, \u0432\u043a\u043b\u044e\u0447\u0430\u044e\u0449\u0438\u043c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0432 \u043e\u0431\u0449\u0435\u0439 \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u0438 117 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0432\u043a\u043b\u044e\u0447\u0430\u044f 9 \u043e\u0448\u0438\u0431\u043e\u043a \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0442\u0441\u044f \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435.\n\n\u0412 \u043e\u0431\u0449\u0435\u043c \u0440\u0430\u0441\u043a\u043b\u0430\u0434 \u0442\u0430\u043a\u043e\u0439: 13 \u0438\u043c\u0435\u044e\u0442 \u0440\u0435\u0439\u0442\u0438\u043d\u0433 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445, 103 - \u0432\u0430\u0436\u043d\u044b\u0445, \u0430 1 - \u0441\u0440\u0435\u0434\u043d\u0435\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438.\n\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u043e\u0445\u0432\u0430\u0442\u044b\u0432\u0430\u044e\u0442 Windows, Bing, Dynamics, Exchange Server, Office, Scripting Engine, Windows DNS \u0438 Visual Studio Code.\n\n\u041f\u043e\u0434 \u0437\u0430\u043a\u0430\u0442\u043e\u0447\u043d\u044b\u0439 \u043a\u043e\u043d\u0432\u0435\u0439\u0435\u0440 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u043e\u0432 \u043a\u043e\u043d\u0435\u0447\u043d\u043e \u0436\u0435 \u043f\u043e\u043f\u0430\u043b \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u043d\u044b\u0439 \u0434\u0438\u0441\u043f\u0435\u0442\u0447\u0435\u0440 \u043e\u0447\u0435\u0440\u0435\u0434\u0438 \u043f\u0435\u0447\u0430\u0442\u0438 (CVE-2021-34527), \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u044f\u0434\u0440\u0430 Windows, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0435 \u0441 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435\u043c\u00a0\u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 (CVE-2021-31979\u00a0\u0438 33771), \u043a\u043e\u0441\u044f\u043a\u0438 \u043c\u043e\u0434\u0443\u043b\u044f \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u0435\u0432, \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0438\u0435 \u043a \u043f\u043e\u0432\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u044e\u00a0\u043f\u0430\u043c\u044f\u0442\u0438 (CVE-2021-34448).\n\n\u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f \u0442\u0430\u043a\u0436\u0435 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0442: Microsoft Exchange Server (CVE-2021-34473\u00a0- \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430 \u0438 CVE-2021-34523\u00a0- \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439), Active Directory (CVE-2021-33781\u00a0- \u043e\u0431\u0445\u043e\u0434 \u0444\u0443\u043d\u043a\u0446\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438), Windows ADFS (CVE-2021-33779\u00a0- \u0430\u043d\u0430\u043b\u043e\u0433\u0438\u0447\u043d\u043e), Windows (CVE-2021-34492\u00a0- \u043f\u043e\u0434\u0434\u0435\u043b\u043a\u0430 \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0432 \u0438 CVE-2021-34458 - \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430), Windows DNS Server (CVE-2021-34494 - \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430).\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, Microsoft \u0442\u0430\u043a\u0436\u0435 \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0431\u0445\u043e\u0434\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0432 \u0431\u0438\u043e\u043c\u0435\u0442\u0440\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 Windows hello (CVE-2021-34466), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b\u0430\u00a0\u043f\u043e\u0434\u0434\u0435\u043b\u0430\u0442\u044c \u043b\u0438\u0446\u043e \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0443.\n\nMSFT \u0432 \u0446\u0435\u043b\u043e\u043c \u0443\u0436\u0435 \u0431\u043b\u0438\u0437\u043a\u0438 \u0432 \u0442\u043e\u043c\u0443 \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u044e, \u043a\u043e\u0433\u0434\u0430 \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e \u0442\u0440\u0430\u043d\u0441\u0444\u043e\u0440\u043c\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u043e: \u0432 \u043c\u0430\u0435 \u0438 \u0438\u044e\u043d\u0435 \u043e\u043d\u0438 \u0437\u0430\u043a\u0440\u044b\u043b\u0438 55 \u0438 50 \u0434\u044b\u0440 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0435\u043d\u043d\u043e. \u041d\u043e, \u0447\u0442\u043e-\u0442\u043e \u0437\u043d\u0430\u044f \u043c\u0435\u043b\u043a\u043e\u043c\u044f\u0433\u043a\u0438\u0445, \u0434\u0443\u043c\u0430\u0435\u0442, \u0447\u0442\u043e \u0438\u043c \u0435\u0449\u0451 \u0434\u043e\u043b\u0433\u043e \u0432\u0435\u0441\u0442\u0438 \u0431\u043e\u0439 \u0432 \u0442\u0435\u043d\u044c\u044e.", "creation_timestamp": "2021-07-14T16:59:39.000000Z"}, {"uuid": "c733ec03-8dd3-4d56-a2ce-53517884e98b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34527", "type": "exploited", "source": "https://t.me/true_secator/1894", "content": "\u200b\u200bMicrosoft \u0432 \u043a\u043e\u0438-\u0442\u043e \u0432\u0435\u043a\u0438 \u043e\u043f\u0435\u0440\u0430\u0442\u0438\u0432\u043d\u043e \u043e\u0442\u0440\u0435\u0430\u0433\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u043d\u0430 \u043f\u043e\u043f\u0430\u0432\u0448\u0443\u044e \u0432 \u043f\u0430\u0431\u043b\u0438\u043a 0-day \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2021-34527 aka PrintNightmare \u0438 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u0432\u043d\u0435\u043e\u0447\u0435\u0440\u0435\u0434\u043d\u043e\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438.\n\nPrintNightmare \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0438\u0442\u044c RCE \u0441 \u043f\u043e\u0437\u0438\u0446\u0438\u0438 \u043b\u044e\u0431\u043e\u0433\u043e \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u0447\u0435\u0440\u0435\u0437 \u043e\u0448\u0438\u0431\u043a\u0443 \u0432 \u0441\u043b\u0443\u0436\u0431\u0435 spoolsv.exe. \u0422\u0430\u043a \u0447\u0442\u043e \u0432\u0441\u0435\u043c \u0441\u0440\u043e\u0447\u043d\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u044f\u0442\u044c\u0441\u044f!", "creation_timestamp": "2021-07-07T10:07:30.000000Z"}, {"uuid": "31b413b1-eef6-47e0-8dd7-b629d78b3f7b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34527", "type": "exploited", "source": "https://t.me/true_secator/1880", "content": "\u200b\u200b\u0418\u0442\u0430\u043a, \u043b\u043e\u0433\u0438\u0447\u043d\u043e\u0435 \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0435\u043d\u0438\u0435 \u0438\u0441\u0442\u043e\u0440\u0438\u0438 \u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e PrintNightmare \u0432 \u0434\u0438\u0441\u043f\u0435\u0442\u0447\u0435\u0440\u0435 \u043e\u0447\u0435\u0440\u0435\u0434\u0438 \u043f\u0435\u0447\u0430\u0442\u0438 Windows spoolsv.exe.\n\nMicrosoft \u0442\u0430\u043a\u0438 \u0432\u044b\u0434\u0430\u043b\u0438 \u043e\u0448\u0438\u0431\u043a\u0435 \u043d\u043e\u0432\u044b\u0439 CVE-2021-34527, \u0444\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0432 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u043e \u0442\u043e\u043c, \u0447\u0442\u043e \u044d\u0442\u043e \u0441\u043e\u0432\u0435\u0440\u0448\u0435\u043d\u043d\u043e \u0441\u0432\u0435\u0436\u0430\u044f \u0434\u044b\u0440\u043a\u0430, \u043e\u0442\u043b\u0438\u0447\u043d\u0430\u044f \u043e\u0442 CVE-2021-1675, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0442\u0430\u043a\u0438 \u0431\u044b\u043b\u0430 \u0437\u0430\u043a\u0440\u044b\u0442\u0430 \u0438\u044e\u043d\u044c\u0441\u043a\u0438\u043c \u043f\u0430\u0442\u0447\u0435\u043c \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438. \u041f\u0430\u0440\u0430\u043b\u043b\u0435\u043b\u044c\u043d\u043e Microsoft \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0438, \u0447\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0430\u043a\u0442\u0443\u0430\u043b\u044c\u043d\u0430 \u0434\u043b\u044f \u0432\u0441\u0435\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 Windows, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0442\u043e, \u0447\u0442\u043e PrintNightmare \u0443\u0436\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u0445\u0430\u043a\u0435\u0440\u0430\u043c\u0438 \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435 (\u0435\u0449\u0435 \u0431\u044b, PoC-\u0442\u043e \u0443\u0436\u0435 \u0434\u0430\u0432\u043d\u043e \u0432 \u043f\u0430\u0431\u043b\u0438\u043a\u0435).\n\n\u041e\u0444\u0438\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 Microsoft \u043f\u043e \u0441\u043d\u0438\u0436\u0435\u043d\u0438\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0435\u0441\u0442\u044c \u043f\u043e \u043f\u0440\u0438\u0432\u0435\u0434\u0435\u043d\u043d\u043e\u0439 \u0441\u0441\u044b\u043b\u043a\u0435.", "creation_timestamp": "2021-07-02T10:23:45.000000Z"}, {"uuid": "f4eac7ca-fcd5-47a8-9593-7c07aef678d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34527", "type": "exploited", "source": "https://t.me/crackcodes/1079", "content": "\u200b\u200bPrintNightmare (CVE-2021-34527)\n\nThis version of the PrintNightmare exploit is heavily based on the code created by Cube0x0, with the following features:\n\n\u25ab\ufe0f Ability to target multiple hosts.\n\u25ab\ufe0f Built-in SMB server for payload delivery, removing the need for open file shares.\n\u25ab\ufe0f Exploit includes both MS-RPRN & MS-PAR protocols (define in CMD args).\n\u25ab\ufe0f Implements @gentilkiwi's UNC bypass technique.\n\nhttps://github.com/m8sec/CVE-2021-34527\n\nExploiting PrintNightmare (CVE-2021\u201334527)\nhttps://infosecwriteups.com/exploiting-printnightmare-cve-2021-34527-10c6e0f5b83f\n\n#cve", "creation_timestamp": "2022-08-28T11:46:21.000000Z"}, {"uuid": "f785a85e-e050-416d-b2a8-6c430489dfd9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34527", "type": "exploited", "source": "https://t.me/pwnwiki_zhchannel/735", "content": "CVE-2021-34527 Windows Print Spooler \u9060\u7a0b\u4ee3\u78bc\u57f7\u884c\u6f0f\u6d1e\nhttps://www.pwnwiki.org/index.php?title=CVE-2021-34527_Windows_Print_Spooler_%E9%81%A0%E7%A8%8B%E4%BB%A3%E7%A2%BC%E5%9F%B7%E8%A1%8C%E6%BC%8F%E6%B4%9E", "creation_timestamp": "2021-09-21T04:42:19.000000Z"}, {"uuid": "87e11956-dd58-4934-9a36-c22f32225ba2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "https://t.me/cibsecurity/25909", "content": "\u203c CVE-2021-34527 \u203c\n\nWindows Print Spooler Remote Code Execution Vulnerability\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-07-03T02:32:40.000000Z"}, {"uuid": "50571a46-18c6-416e-94b2-9cd503b7fff8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "https://t.me/SecLabNews/10506", "content": "\u0412\u043e \u0432\u0442\u043e\u0440\u043d\u0438\u043a, 6 \u0438\u044e\u043b\u044f, \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Microsoft \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u044d\u043a\u0441\u0442\u0440\u0435\u043d\u043d\u043e\u0435 \u0432\u043d\u0435\u043f\u043b\u0430\u043d\u043e\u0432\u043e\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u044f\u044e\u0449\u0435\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0441\u0435\u0440\u0432\u0438\u0441\u0435 \u043f\u0435\u0447\u0430\u0442\u0438 Windows Print Spooler. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c (CVE-2021-34527), \u043f\u043e\u043b\u0443\u0447\u0438\u0432\u0448\u0430\u044f \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 PrintNightmare, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0435\u043c\u0443 \u0437\u0430\u0445\u0432\u0430\u0442\u044b\u0432\u0430\u0442\u044c \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u043d\u0430\u0434 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u043c\u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u043c\u0438.\n\n \n\nhttps://www.securitylab.ru/news/521980.php", "creation_timestamp": "2021-07-07T11:40:03.000000Z"}, {"uuid": "e3860a8e-f78e-4605-93d8-7cd26a6936ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34527", "type": "exploited", "source": "https://t.me/thehackernews/1333", "content": "\ud83d\udd25 WATCH OUT! Microsoft warns of critical PrintNightmare RCE vulnerability (CVE-2021-34527) being exploited in the wild.\n\nDetails: https://thehackernews.com/2021/07/microsoft-warns-of-critical.html\n\nIt is separate from the Windows Print Spooler issue (CVE-2021-1675) Microsoft patched recently.", "creation_timestamp": "2021-07-02T07:44:31.000000Z"}, {"uuid": "51395d8f-76be-46ab-a2ac-338fbae6da28", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34527", "type": "exploited", "source": "https://t.me/thehackernews/1353", "content": "How to Mitigate Microsoft Print Spooler Vulnerability \u2013 PrintNightmare (CVE-2021-34527)\n https://thehackernews.com/2021/07/how-to-mitigate-microsoft-print-spooler.html", "creation_timestamp": "2021-07-08T12:12:50.000000Z"}, {"uuid": "687413f5-feb1-4ce3-b501-5b705f9fff42", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34527", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/3786", "content": "#Blue_Team_Techniques\n1. A PrintNightmare (CVE-2021-34527) Python Scanner. Scan entire subnets for hosts vulnerable to the PrintNightmare RCE\nhttps://github.com/byt3bl33d3r/ItWasAllADream\n2. RdpCacheStitcher is a tool that supports forensic analysts in reconstructing useful images out of RDP cache bitmaps\nhttps://github.com/BSI-Bund/RdpCacheStitcher", "creation_timestamp": "2021-07-07T11:47:05.000000Z"}, {"uuid": "bd22c4a7-8820-44ba-af33-794b03ae51e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34527", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/4016", "content": "#Analytics\nTop 10 Most Used Vulns of the Month (July 1-31)\nCVE-2021-1675 - Windows Print Spooler EoP\nhttps://t.me/cybersecuritytechnologies/3723\nCVE-2021-34527 - Windows Print Spooler RCE\nhttps://t.me/cybersecuritytechnologies/3750\nCVE-2021-36934 - Windows SeriousSAM EoP\nhttps://t.me/cybersecuritytechnologies/3891\nCVE-2021-33909 - Sequoia - A LPE Vulnerability in Linux\u2019s Filesystem Layer\nhttps://t.me/cybersecuritytechnologies/3884\nCVE-2021-22555 - Heap out-of-bounds write vuln in Linux Netfilter\nhttps://t.me/cybersecuritytechnologies/3841\nCVE-2021-30807 - OOBR in AppleCLCD/IOMobileFrameBuffer\nhttps://t.me/cybersecuritytechnologies/3930\nCVE-2020-27020 - Vulnerability in Kaspersky Password Manager\nhttps://donjon.ledger.com/kaspersky-password-manager\nCVE-2021-35211 - SolarWinds Serv-U Managed File Transfer Vuln\nhttps://t.me/CyberSecurityTechnologies/4714\nCVE-2021-34481 - Windows Print Spooler EoP\nhttps://mobile.twitter.com/gentilkiwi/status/1416429860566847490\nCVE-2021-3438 - Printer\u2019s Drivers Vulnerability\nhttps://t.me/cybersecuritytechnologies/3969", "creation_timestamp": "2024-01-18T03:22:33.000000Z"}, {"uuid": "22c81f2b-0084-46b2-82bd-aef8fe72db18", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34527", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/4815", "content": "#Whitepaper\n\"CVE 2021-1675, CVE-2021-34527 PrintNightmare Vulnerability\", 2021.", "creation_timestamp": "2021-11-23T11:01:25.000000Z"}, {"uuid": "88984457-ae0d-4da5-883b-a02f9f32f731", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34527", "type": "exploited", "source": "https://t.me/club31337/539", "content": "A CVE-2021-34527 (a.k.a PrintNightmare) Python Scanner. Allows you to scan entire subnets for the PrintNightmare RCE (not the LPE) and generates a CSV report with the results. Tests exploitability over MS-PAR and MS-RPRN.\n\nThis tool has \"de-fanged\" versions of the Python exploits, it does not actually exploit the hosts however it does use the same vulnerable RPC calls used during exploitation to determine if hosts are vulnerable.\n\n#Windows #scanner #RCE #PrintNightmare #redteaming #hacking \n\nhttps://github.com/byt3bl33d3r/ItWasAllADream", "creation_timestamp": "2024-11-09T01:33:50.000000Z"}, {"uuid": "89c1a673-101f-4256-ad57-90040099cd02", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34527", "type": "published-proof-of-concept", "source": "https://t.me/GhostClanInt/25200", "content": "Tools - Hackers Factory\n\nGitHub - edoardottt/csprecon: Discover new target domains using Content Security Policy\n\nhttps://github.com/edoardottt/csprecon\n\nOSED Material (Offensive Security Exploit Developer) \n\nhttps://github.com/epi052/osed-scripts\n\nhttps://github.com/nop-tech/OSED\n\nExploitation-course OSED\n\nhttps://github.com/ashemery/exploitation-course\n\nGitHub - classvsoftware/spy-extension: A Chrome extension that will steal literally everything it can.\n\nhttps://github.com/classvsoftware/spy-extension\n\nA signal handler race condition in OpenSSH's server (sshd)\n\nhttps://github.com/zgzhang/cve-2024-6387-poc\n\nGitHub - blackhillsinfosec/skyhook: A round-trip obfuscated HTTP file transfer setup built to bypass IDS detections.\n\nhttps://github.com/blackhillsinfosec/skyhook\n\nRed-Team-Management/Red Team Courses\n\nhttps://github.com/CyberSecurityUP/Red-Team-Management/blob/main/Red%20Team%20Courses.md\n\nA CVE-2021-34527 (a.k.a PrintNightmare) Python Scanner\n\nhttps://github.com/byt3bl33d3r/ItWasAllADream\n\nDOME: A subdomain enumeration tool\n\nDownload: github.com/v4d1/Dome\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-07-03T12:09:51.000000Z"}, {"uuid": "00d15691-e8ad-4e3b-849c-4e8aaae38a64", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/3750", "content": "#Blue_Team_Techniques\n1. CVE-2021-1675/CVE-2021-34527 Detection Info\nhttps://github.com/LaresLLC/CVE-2021-1675\n]-> Restricting the ACLs:\nhttps://blog.truesec.com/2021/06/30/fix-for-printnightmare-cve-2021-1675-exploit-to-keep-your-print-servers-running-while-a-patch-is-not-available\n]-> Mitigation:\nhttps://doublepulsar.com/zero-day-for-every-supported-windows-os-version-in-the-wild-printnightmare-b3fdb82f840c\n\n2. Fail2exploit: a security audit of Fail2ban\nhttps://securitylab.github.com/research/Fail2exploit", "creation_timestamp": "2021-07-03T18:33:01.000000Z"}]}