{"vulnerability": "CVE-2022-2588", "sightings": [{"uuid": "e85a8d26-07db-4d2a-bea5-f138d55497d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2588", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-044-09", "content": "", "creation_timestamp": "2025-02-13T11:00:00.000000Z"}, {"uuid": "9ca98811-f439-4a01-828e-0173de5b4b92", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2588", "type": "seen", "source": "MISP/ab0b745f-bbd5-338e-8b92-97dd0c757e9d", "content": "", "creation_timestamp": "2025-08-31T03:01:01.000000Z"}, {"uuid": "afca8303-3b80-499a-8e93-e603568f458e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2588", "type": "seen", "source": "https://gist.github.com/garagon/a8d92972c465aaeac354cd11668e409a", "content": "", "creation_timestamp": "2026-02-17T13:27:41.000000Z"}, {"uuid": "125f38fa-c5e0-478c-b2e0-0b174a4772ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-25883", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3mf5e4b4px32q", "content": "", "creation_timestamp": "2026-02-18T15:05:24.359375Z"}, {"uuid": "48db1050-ee26-4821-8240-799861abf2d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2022-25881", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0292/", "content": "", "creation_timestamp": "2026-03-13T00:00:00.000000Z"}, {"uuid": "1d01ffc7-68dd-4f9e-bac3-067d0b8f62a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-25883", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3mhdo3de6y72z", "content": "", "creation_timestamp": "2026-03-18T14:10:12.255809Z"}, {"uuid": "d1ad21dc-d6d1-4288-8831-6fa6fed57430", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2022-25883", "type": "seen", "source": "https://www.acn.gov.it/portale/w/aggiornamenti-di-sicurezza-prodotti-atlassian", "content": "", "creation_timestamp": "2026-02-20T13:38:22.000000Z"}, {"uuid": "5061b86a-81a3-4f64-b067-8f8b73faad58", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2022-25883", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0314/", "content": "", "creation_timestamp": "2026-03-18T00:00:00.000000Z"}, {"uuid": "2ac04c61-3254-477c-a658-cb750d35ed39", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2588", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/3001", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-2588\nURL\uff1ahttps://github.com/greek0x0/2022-LPE-UAF\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-08-22T23:52:30.000000Z"}, {"uuid": "ad10ca3b-b634-4be3-a839-5e6452662644", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2588", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2911", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aexploit for CVE-2022-2588\nURL\uff1ahttps://github.com/Markakd/CVE-2022-2588\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-08-11T06:10:49.000000Z"}, {"uuid": "d067f495-3876-482b-a488-342a313f4114", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2588", "type": "seen", "source": "https://t.me/codeby_sec/6450", "content": "\u200b\ud83d\udc27 DirtyCred - \u043d\u043e\u0432\u0430\u044f \u0431\u0440\u0435\u0448\u044c \u0432 \u044f\u0434\u0440\u0435 Linux\n\n\u0421\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b \u0440\u0430\u0441\u043a\u0440\u044b\u043b\u0438 \u0434\u0435\u0442\u0430\u043b\u0438 \u0432\u043e\u0441\u044c\u043c\u0438\u043b\u0435\u0442\u043d\u0435\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u044f\u0434\u0440\u0435 Linux. \u041e\u0448\u0438\u0431\u043a\u0430 \u043d\u0435 \u043c\u0435\u043d\u0435\u0435 \u043e\u043f\u0430\u0441\u043d\u0430, \u0447\u0435\u043c \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u0430\u044f \u0432\u0441\u0435\u043c Dirty Pipe, \u043f\u043e\u043b\u0443\u0447\u0438\u0432\u0448\u0430\u044f 7,8 \u0431\u0430\u043b\u043b\u0430 \u043f\u043e \u0448\u043a\u0430\u043b\u0435 CVSS \u0438 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0430\u044f Unix-\u043a\u043e\u043d\u0432\u0435\u0439\u0435\u0440 (pipeline).\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u0430\u044f \u043a\u0430\u043a CVE-2022-2588, \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 DirtyCred. \u0421 \u043f\u043e\u043c\u043e\u0449\u044c\u044e DirtyCred \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u0441\u0432\u043e\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u0432 \u0443\u0436\u0435 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u0434\u043e \u043c\u0430\u043a\u0441\u0438\u043c\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0443\u0440\u043e\u0432\u043d\u044f.\n\n\u00abDirtyCred \u2014 \u044d\u0442\u043e \u043a\u043e\u043d\u0446\u0435\u043f\u0446\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u044f\u0434\u0440\u0430, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0437\u0430\u043c\u0435\u043d\u044b \u043d\u0435\u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u043d\u0430 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435. DirtyCred \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c \u043f\u043e\u0432\u0442\u043e\u0440\u043d\u043e\u0433\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u043f\u0430\u043c\u044f\u0442\u0438\u00bb, \u2014 \u0440\u0430\u0441\u0441\u043a\u0430\u0437\u0430\u043b\u0438 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438.\n\n\u0421\u0442\u043e\u0438\u0442 \u043e\u0442\u043c\u0435\u0442\u0438\u0442\u044c, \u0447\u0442\u043e \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u043c\u043e\u0436\u0435\u0442 \u043e\u0442\u0440\u0430\u0431\u043e\u0442\u0430\u0442\u044c \u043d\u0430 \u043b\u044e\u0431\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 \u044f\u0434\u0440\u0430.\n\n\ud83d\uddde \u0411\u043b\u043e\u0433 \u041a\u043e\u0434\u0435\u0431\u0430\u0439\n\n#news #linux #exploit", "creation_timestamp": "2022-08-23T11:20:16.000000Z"}, {"uuid": "8453fc87-5018-47b1-b26c-d3783b4e53c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-25881", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/9144", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-25881\n\ud83d\udd25 CVSS Score: 5.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\ud83d\udd39 Description: This affects versions of the package http-cache-semantics before 4.1.1. The issue can be exploited via malicious request header values sent to a server, when that server reads the cache policy from the request using this library.\n\ud83d\udccf Published: 2023-01-31T05:00:01.220Z\n\ud83d\udccf Modified: 2025-03-27T17:16:32.835Z\n\ud83d\udd17 References:\n1. https://security.snyk.io/vuln/SNYK-JS-HTTPCACHESEMANTICS-3248783\n2. https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-3253332\n3. https://github.com/kornelski/http-cache-semantics/blob/master/index.js%23L83\n4. https://security.netapp.com/advisory/ntap-20230622-0008/", "creation_timestamp": "2025-03-27T17:26:31.000000Z"}, {"uuid": "3d9fbc4a-4ddc-4582-8874-16d29ee82c74", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-25885", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/14863", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-25885\n\ud83d\udd25 CVSS Score: 7.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\ud83d\udd39 Description: The package muhammara before 2.6.0; all versions of package hummus are vulnerable to Denial of Service (DoS) when PDFStreamForResponse() is used with invalid data.\n\ud83d\udccf Published: 2022-11-01T05:05:18.156Z\n\ud83d\udccf Modified: 2025-05-05T14:08:27.284Z\n\ud83d\udd17 References:\n1. https://security.snyk.io/vuln/SNYK-JS-MUHAMMARA-3091137\n2. https://security.snyk.io/vuln/SNYK-JS-HUMMUS-3091139\n3. https://github.com/julianhille/MuhammaraJS/commit/0a6427eec82ef2978995e453de2dc0d6224dd46c\n4. https://github.com/julianhille/MuhammaraJS/issues/188\n5. https://github.com/galkahana/HummusJS/issues/439", "creation_timestamp": "2025-05-05T14:20:30.000000Z"}, {"uuid": "c813f95c-9a36-4332-8da2-a061d83c1296", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2588", "type": "seen", "source": "https://t.me/avleonovrus/80", "content": "\u0412 \u043f\u043e\u043b\u043a\u0443 Linux \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0438\u0445 \u043f\u043e\u0434\u043d\u044f\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0434\u043e root-\u0430 \u043f\u0440\u0438\u0431\u044b\u043b\u043e. \u0412\u0441\u0442\u0440\u0435\u0447\u0430\u0435\u043c DirtyCred (CVE-2021-4154 - \u0444\u0435\u0432\u0440\u0430\u043b\u044c\u0441\u043a\u0430\u044f, \u0435\u0441\u0442\u044c PoC; CVE-2022-2588 - \u0441\u0432\u0435\u0436\u0430\u044f, \u043f\u043e\u043a\u0430 \u043d\u0435\u0442 PoC-\u0430). 8 \u043b\u0435\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0438\u043a\u0442\u043e \u043d\u0435 \u0437\u0430\u043c\u0435\u0447\u0430\u043b. \u0418\u043b\u0438 \u0437\u0430\u043c\u0435\u0447\u0430\u043b\u0438 \u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438, \u043d\u043e \u043f\u043e\u043c\u0430\u043b\u043a\u0438\u0432\u0430\u043b\u0438. \u0415\u0441\u0442\u0435\u0441\u0442\u0432\u0435\u043d\u043d\u043e NVD \u043a\u0430\u043a \u043e\u0431\u044b\u0447\u043d\u043e \u0442\u043e\u0440\u043c\u043e\u0437\u0438\u0442 \u0438 \u0442\u0430\u043c \u043d\u043e\u0432\u043e\u0433\u043e \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u0430 \u043f\u043e\u043a\u0430 \u043d\u0435\u0442, \u043d\u043e \u043e\u043d \u0432\u043e \u0432\u0441\u044e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0432 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u044f\u0445 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438. \n\n\u0421\u0443\u0434\u044f \u043f\u043e \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u044e \u044d\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u044f\u0434\u0440\u0430, \u043f\u043e\u0445\u043e\u0436\u0430\u044f \u043d\u0430 \u043c\u0430\u0440\u0442\u043e\u0432\u0441\u043a\u0443\u044e Dirty Pipe (CVE-2022-0847), \u0442\u043e\u043b\u044c\u043a\u043e \u043a\u0440\u0443\u0447\u0435, \u0442.\u043a. \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 \u0441\u0442\u0430\u0431\u0438\u043b\u044c\u043d\u0435\u0435:\n\n\"The novel exploitation method, according to the researchers, pushes the dirty pipe to the next level, making it more general as well as potent in a manner that could work on any version of the affected kernel.\"\n\n\u0418 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u0438\u0437\u0430\u0446\u0438\u044f \u043d\u0435 \u0441\u043f\u0430\u0441\u0430\u0435\u0442:\n\n\"Second, while it is like the dirty pipe that could bypass all the kernel protections, our exploitation method could even demonstrate the ability to escape the container actively that Dirty Pipe is not capable of.\"\n\n\u041d\u0443 \u0438 \u0442\u0430\u043a-\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0438\u0435 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0432 Linux root-\u0430 \u043f\u043e\u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u0440\u0435\u0433\u0443\u043b\u044f\u0440\u043d\u043e. \u0418\u0437 \u0433\u0440\u043e\u043c\u043a\u0438\u0445 \u043c\u043e\u0436\u043d\u043e \u0435\u0449\u0451 \u0432\u0441\u043f\u043e\u043c\u043d\u0438\u0442\u044c Dirty Cow (CVE-2016-5195 - \u043e\u0431\u0430\u043b\u0434\u0435\u0442\u044c \ud83d\ude31, 6 \u043b\u0435\u0442 \u043d\u0430\u0437\u0430\u0434, \u043f\u043e\u043c\u043d\u044e \u043a\u0430\u043a \u0432\u0447\u0435\u0440\u0430 \u043a\u0430\u043a \u0442\u0435\u0441\u0442\u0438\u043b) \u0438 Qualys-\u043e\u0432\u0441\u043a\u0438\u0435 PwnKit (CVE-2021-4034) \u0438 Sequoia (CVE-2021-33909).\n\n\u0410 \u0447\u0442\u043e \u0434\u0435\u043b\u0430\u0442\u044c? \u0418\u043c\u0445\u043e, \u043f\u0430\u0442\u0447\u0438\u0442\u044c. \u041b\u0443\u0447\u0448\u0435 \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u0440\u0435\u0433\u0443\u043b\u044f\u0440\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0430, \u0430 \u043d\u0435 \u0432 \u043f\u043e\u0436\u0430\u0440\u043d\u043e\u043c \u0440\u0435\u0436\u0438\u043c\u0435. \u041d\u043e \u0435\u0441\u043b\u0438 \u0440\u0435\u0433\u0443\u043b\u044f\u0440\u043d\u043e\u0433\u043e \u043f\u0430\u0442\u0447\u0438\u043d\u0433\u0430 Linux-\u043e\u0432 \u043d\u0435\u0442, \u0442\u043e \u043b\u0443\u0447\u0448\u0435 \u0440\u0430\u0437\u043e\u0432\u043e \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f, \u043c\u0430\u0445\u0430\u044f \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e (\u0438\u043b\u0438 \u0434\u0430\u0436\u0435 \u0431\u043e\u043b\u0435\u0435 \u0441\u0442\u0430\u0440\u044b\u043c\u0438 \u0441 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u043c\u0438 \u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442\u0430\u043c\u0438) \u043a\u0430\u043a \u0444\u043b\u0430\u0433\u043e\u043c. \u041f\u043e\u0441\u043b\u0435 \u0440\u0430\u0437\u043e\u0432\u043e\u0433\u043e \u0443\u043f\u0440\u0430\u0436\u043d\u0435\u043d\u0438\u044f \u0431\u0443\u0434\u0435\u0442 \u0432\u0438\u0434\u043d\u043e \u043a\u0430\u043a\u0438\u0435 \u0435\u0441\u0442\u044c \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0441 \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u0435\u043c \u0440\u0435\u0433\u0443\u043b\u044f\u0440\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0430, \u0430 \u0433\u0434\u0435-\u0442\u043e \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u0441\u044f \u0435\u0433\u043e \u0432\u043d\u0435\u0434\u0440\u0438\u0442\u044c \u0441 \u043d\u0430\u0441\u043a\u043e\u043a\u0430.\n\n\u041d\u0443 \u0438\u043b\u0438 \u043c\u043e\u0436\u043d\u043e \u043d\u0435 \u043f\u0430\u0442\u0447\u0438\u0442\u044c, \u043e\u0431\u043e\u0441\u043d\u043e\u0432\u044b\u0432\u0430\u044f \u0442\u0435\u043c, \u0447\u0442\u043e \u043e\u043d\u043e (\u0432\u0440\u043e\u0434\u0435) \u043d\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0431\u0435\u043b\u044c\u043d\u043e, \u0430 \u0433\u0434\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0431\u0435\u043b\u044c\u043d\u043e, \u0442\u043e \u0442\u0430\u043c \u043d\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u043d\u043e \u0438\u043b\u0438 \u0442\u0443\u0434\u0430 \u043d\u0435 \u0434\u043e\u0431\u0435\u0440\u0443\u0442\u0441\u044f. \u0418 \u0438\u0437 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u0430 \u043d\u0435 \u0432\u044b\u0431\u0435\u0440\u0443\u0442\u0441\u044f. \u0418 \u0432\u043e\u043e\u0431\u0449\u0435 \u043c\u043e\u0436\u043d\u043e \u0432\u043d\u0435\u0434\u0440\u0438\u0442\u044c EDR \u043d\u0430 \u043b\u0438\u043d\u0443\u043a\u0441\u0430\u0445. \u0418 \u0435\u0449\u0451 \u043c\u043e\u0436\u043d\u043e \u043f\u043e\u043f\u0440\u043e\u0431\u043e\u0432\u0430\u0442\u044c \u043c\u0430\u043d\u0434\u0430\u0442\u043a\u0443 \u043d\u0430\u0441\u0442\u0440\u043e\u0438\u0442\u044c. \n\n\u041d\u043e, \u0438\u043c\u0445\u043e, \u043e\u0446\u0435\u043d\u043a\u0430 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0431\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u0438,  \u0445\u0430\u0440\u0434\u0435\u043d\u0438\u043d\u0433 \u0438 \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u0435 \u0421\u0417\u0418 \u0434\u043b\u044f Linux-\u043e\u0432 \u044d\u0442\u043e \u043a\u043e\u043d\u0435\u0447\u043d\u043e \u0432\u0441\u0435  \u0437\u0430\u043c\u0435\u0447\u0430\u0442\u0435\u043b\u044c\u043d\u043e, \u043d\u043e \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u0435 \u044d\u0442\u043e \u043f\u0430\u0442\u0447\u0438\u043d\u0433 \u0438 \u043f\u0440\u0435\u0436\u0434\u0435 \u0432\u0441\u0435\u0433\u043e \u043d\u0443\u0436\u043d\u043e \u0440\u0430\u0437\u043e\u0431\u0440\u0430\u0442\u044c\u0441\u044f \u0438\u043c\u0435\u043d\u043d\u043e \u0441 \u043d\u0438\u043c. \n\n@avleonovrus #Linux #Kernel #EOP #DirtyCred", "creation_timestamp": "2023-09-21T09:19:24.000000Z"}, {"uuid": "f626f182-e677-49b7-a85a-df096fa9980c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2588", "type": "published-proof-of-concept", "source": "Telegram/ZQhPX1V8GYQ5EYOevxB04s5FpxIRBluCF7hhQG6fyoTGOeU", "content": "", "creation_timestamp": "2025-06-25T15:00:05.000000Z"}, {"uuid": "c50b59e8-44cf-43c7-80ae-0dcd9c623767", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2588", "type": "seen", "source": "Telegram/TXmZ8EBGvdc4uufvEqu6hfgyjEc7K_gjD1Jpp8Uzvu6-KK0", "content": "", "creation_timestamp": "2023-03-23T09:18:19.000000Z"}, {"uuid": "d31f0932-ec8d-42ff-b0cb-eb75ec8e9553", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-25887", "type": "seen", "source": "https://t.me/arpsyndicate/4763", "content": "#ExploitObserverAlert\n\nCVE-2022-25887\n\nDESCRIPTION: Exploit Observer has 8 entries in 2 file formats related to CVE-2022-25887. The package sanitize-html before 2.7.1 are vulnerable to Regular Expression Denial of Service (ReDoS) due to insecure global regular expression replacement logic of HTML comment removal.\n\nFIRST-EPSS: 0.001210000\nNVD-IS: 3.6\nNVD-ES: 3.9\nARPS-PRIORITY: 0.7187958", "creation_timestamp": "2024-04-23T18:52:37.000000Z"}, {"uuid": "aaae95f1-5579-4073-868f-1d19d510a9e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2588", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/2727", "content": "#Tools -\u00a0 \ud835\udddb\ud835\uddee\ud835\uddf0\ud835\uddf8\ud835\uddf2\ud835\uddff\ud835\ude00 \ud835\uddd9\ud835\uddee\ud835\uddf0\ud835\ude01\ud835\uddfc\ud835\uddff\ud835\ude06\n\n\u200b\u200bAPKiD\n\nAPKiD gives you information about how an APK was made. It identifies many compilers, packers, obfuscators, and other weird stuff. It's PEiD for Android.\n\nhttps://github.com/rednaga/APKiD\n\n\u200b\u200b3klCon\n\nFull Automation Recon tool which works with Small and Medium scopes.\n\nRecommended to use it on VPS, it'll discover secrets and searching for vulnerabilities\n\nhttps://github.com/eslam3kl/3klCon\n\n\u200b\u200bCiLocks \n\nAndroid/IOS Hacking \ud83d\udcf1\n\nCrack Interface lockscreen, Metasploit and More Android/IOS Hacking.\n\nhttps://github.com/tegal1337/CiLocks\n\n\u200b\u200bJWT authentication bypass via jwk header injection\n\nhttps://github.com/frank-leitner/portswigger-websecurity-academy/tree/main/23_JWT_attacks/JWT_authentication_bypass_via_jwk_header_injection\n\n\u200b\u200bPPID Spoofing and Blocking DLLs in C#\n\nUsing InitializeProcThreadAttributeList and UpdateProcThreadAttribute to update attributes of the process to change parent PID and add PROCESS_CREATION_MITIGATION_POLICY_BLOCK_NON_MICROSOFT_BINARIES_ALWAYS_ON.\n\nhttps://github.com/crypt0ace/PPIDSpoof\n\nStaying Under the Radar - Part 1 - PPID Spoofing and Blocking DLLs\nhttps://crypt0ace.github.io/posts/Staying-under-the-Radar/\n\n\u200b\u200bCVE-2022-2588\n\nThe #DirtyCred version of exploit to CVE-2022-2588 (an 8-year-old bug) along with a brief write-up. Ideally, the exploit could work on different distros if the kernel is vulnerable.\n\nhttps://github.com/Markakd/CVE-2022-2588\n\n#cve\n\n\u200b\u200bPCredz\n\nThis tool extracts Credit card numbers, NTLM(DCE-RPC, HTTP, SQL, LDAP, etc), Kerberos (AS-REQ Pre-Auth etype 23), HTTP Basic, SNMP, POP, SMTP, FTP, IMAP, etc from a pcap file or from a live interface.\n\nhttps://github.com/lgandx/PCredz\n\n\u200b\u200bida_kcpp\n\nAn IDAPython module for way more convienent way to Reverse Engineering iOS kernelcaches.\n\nhttps://github.com/cellebrite-labs/ida_kcpp\n\n\u200b\u200bAwesome-Application-Security-Checklist\n\nIf you are designing, creating, testing your web/mobile application with security in mind, this Checklist of counter-measures can be a good starting point\n\nhttps://github.com/MahdiMashrur/Awesome-Application-Security-Checklist\n\n\u200b\u200buserefuzz\n\nUser-Agent, X-Forwarded-For and Referer SQLI Fuzzer made with python.\n\nhttps://github.com/root-tanishq/userefuzz\n\n\u200b\u200bAPKLab\n\nAndroid Reverse Engineering WorkBench for VS Code.\n\nAPKLab seamlessly integrates the best open-source tools: #Apktool, Jadx, uber-apk-signer, and more to the excellent VS Code so you can focus on app analysis and get it done without leaving the IDE.\n\nhttps://github.com/APKLab/APKLab\n\n\u200b\u200bRemote Method Guesser\n\nA Java RMI vulnerability scanner and can be used to identify and verify common security vulnerabilities on Java RMI endpoints. Java RMI enumeration and bruteforce of remote methods. \n\nhttps://github.com/qtc-de/remote-method-guesser\n\n#java #rmi\n\n\u200b\u200bSyscallslib\n\nA library that automates some clean syscalls to make it easier &amp; faster to implement. its pretty basic code, im using hellsgate (TartarusGate) tech to fetch direct syscalls, and it saves times when needed.\n\nhttps://github.com/ORCx41/Syscallslib\n\n\u200b\u200bCVE-2022-36804 \n\nAtlassian Bitbucket Command Injection\n\nThe script will automatically detect public repositories located on bitbucket instances then select a random repository to check or perform the vulnerability on. If there are no public repositories a valid 'BITBUCKETSESSIONID' cookie is required in order to exploit known vulnerable instances.\n\nhttps://github.com/notxesh/CVE-2022-36804-PoC\n\n\u200b\u200bMCPTool\n\nPentesting tool for Minecraft\n\n\u25ab\ufe0f Uses more reliable create process functions like CreateProcessAsUser() and CreateProcessWithTokenW() if the calling process holds the required privileges (automatic detection)\n\u25ab\ufe0f Allows to specify the logon type, e.g. 8-NetworkCleartext logon (no UAC limitations)\n\u25ab\ufe0f Allows to bypass UAC when an administrator password is known (flag --bypass-uac)\n\u25ab\ufe0f Allows redirecting stdin, stdout and stderr to a remote host\n\nhttps://github.com/antonioCoco/RunasCs\n\nJoin:\nhttps://t.me/dilagrafie\nhttps://t.me/HackerFactory\n\nWebsite:\nwww.ghostclan.org", "creation_timestamp": "2023-10-17T19:32:46.000000Z"}, {"uuid": "181b7f00-d109-4eeb-af54-71d7d88753b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2588", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/198", "content": "#Tools -\u00a0 \ud835\udddb\ud835\uddee\ud835\uddf0\ud835\uddf8\ud835\uddf2\ud835\uddff\ud835\ude00 \ud835\uddd9\ud835\uddee\ud835\uddf0\ud835\ude01\ud835\uddfc\ud835\uddff\ud835\ude06\n\n\u200b\u200bAPKiD\n\nAPKiD gives you information about how an APK was made. It identifies many compilers, packers, obfuscators, and other weird stuff. It's PEiD for Android.\n\nhttps://github.com/rednaga/APKiD\n\n\u200b\u200b3klCon\n\nFull Automation Recon tool which works with Small and Medium scopes.\n\nRecommended to use it on VPS, it'll discover secrets and searching for vulnerabilities\n\nhttps://github.com/eslam3kl/3klCon\n\n\u200b\u200bCiLocks \n\nAndroid/IOS Hacking \ud83d\udcf1\n\nCrack Interface lockscreen, Metasploit and More Android/IOS Hacking.\n\nhttps://github.com/tegal1337/CiLocks\n\n\u200b\u200bJWT authentication bypass via jwk header injection\n\nhttps://github.com/frank-leitner/portswigger-websecurity-academy/tree/main/23_JWT_attacks/JWT_authentication_bypass_via_jwk_header_injection\n\n\u200b\u200bPPID Spoofing and Blocking DLLs in C#\n\nUsing InitializeProcThreadAttributeList and UpdateProcThreadAttribute to update attributes of the process to change parent PID and add PROCESS_CREATION_MITIGATION_POLICY_BLOCK_NON_MICROSOFT_BINARIES_ALWAYS_ON.\n\nhttps://github.com/crypt0ace/PPIDSpoof\n\nStaying Under the Radar - Part 1 - PPID Spoofing and Blocking DLLs\nhttps://crypt0ace.github.io/posts/Staying-under-the-Radar/\n\n\u200b\u200bCVE-2022-2588\n\nThe #DirtyCred version of exploit to CVE-2022-2588 (an 8-year-old bug) along with a brief write-up. Ideally, the exploit could work on different distros if the kernel is vulnerable.\n\nhttps://github.com/Markakd/CVE-2022-2588\n\n#cve\n\n\u200b\u200bPCredz\n\nThis tool extracts Credit card numbers, NTLM(DCE-RPC, HTTP, SQL, LDAP, etc), Kerberos (AS-REQ Pre-Auth etype 23), HTTP Basic, SNMP, POP, SMTP, FTP, IMAP, etc from a pcap file or from a live interface.\n\nhttps://github.com/lgandx/PCredz\n\n\u200b\u200bida_kcpp\n\nAn IDAPython module for way more convienent way to Reverse Engineering iOS kernelcaches.\n\nhttps://github.com/cellebrite-labs/ida_kcpp\n\n\u200b\u200bAwesome-Application-Security-Checklist\n\nIf you are designing, creating, testing your web/mobile application with security in mind, this Checklist of counter-measures can be a good starting point\n\nhttps://github.com/MahdiMashrur/Awesome-Application-Security-Checklist\n\n\u200b\u200buserefuzz\n\nUser-Agent, X-Forwarded-For and Referer SQLI Fuzzer made with python.\n\nhttps://github.com/root-tanishq/userefuzz\n\n\u200b\u200bAPKLab\n\nAndroid Reverse Engineering WorkBench for VS Code.\n\nAPKLab seamlessly integrates the best open-source tools: #Apktool, Jadx, uber-apk-signer, and more to the excellent VS Code so you can focus on app analysis and get it done without leaving the IDE.\n\nhttps://github.com/APKLab/APKLab\n\n\u200b\u200bRemote Method Guesser\n\nA Java RMI vulnerability scanner and can be used to identify and verify common security vulnerabilities on Java RMI endpoints. \n\nhttps://github.com/qtc-de/remote-method-guesser\n\n\u200b\u200bSyscallslib\n\nA library that automates some clean syscalls to make it easier &amp; faster to implement. its pretty basic code, im using hellsgate (TartarusGate) tech to fetch direct syscalls, and it saves times when needed.\n\nhttps://github.com/ORCx41/Syscallslib\n\n\u200b\u200bCVE-2022-36804 \n\nAtlassian Bitbucket Command Injection\n\nThe script will automatically detect public repositories located on bitbucket instances then select a random repository to check or perform the vulnerability on. If there are no public repositories a valid 'BITBUCKETSESSIONID' cookie is required in order to exploit known vulnerable instances.\n\nThe PoC was designed to take multiple input hosts and pipe vulnerable hosts to stdout allowing for piping of results in order to be processed by other tools.\n\nhttps://github.com/notxesh/CVE-2022-36804-PoC\n\nPentesting tool for Minecraft\n\n\u25ab\ufe0f Uses more reliable create process functions like CreateProcessAsUser() and CreateProcessWithTokenW() if the calling process holds the required privileges (automatic detection)\n\u25ab\ufe0f Allows to specify the logon type, e.g. 8-NetworkCleartext logon (no UAC limitations)\n\u25ab\ufe0f Allows to bypass UAC when an administrator password is known (flag --bypass-uac)\n\nhttps://github.com/antonioCoco/RunasCs\n\nJoin:\nhttps://t.me/dilagrafie\nhttps://t.me/HackerFactory\n\n#InsoSec #cybersec \ud835\udddb\ud835\uddee\ud835\uddf0\ud835\uddf8\ud835\uddf2\ud835\uddff\ud835\ude00 \ud835\uddd9\ud835\uddee\ud835\uddf0\ud835\ude01\ud835\uddfc\ud835\uddff\ud835\ude06", "creation_timestamp": "2022-12-20T04:37:50.000000Z"}, {"uuid": "4acf81a6-3f52-4ba0-981d-c5b13c082ef6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2588", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/2153", "content": "#Tools -\u00a0 \ud835\udddb\ud835\uddee\ud835\uddf0\ud835\uddf8\ud835\uddf2\ud835\uddff\ud835\ude00 \ud835\uddd9\ud835\uddee\ud835\uddf0\ud835\ude01\ud835\uddfc\ud835\uddff\ud835\ude06\n\n\u200b\u200bAPKiD\n\nAPKiD gives you information about how an APK was made. It identifies many compilers, packers, obfuscators, and other weird stuff. It's PEiD for Android.\n\nhttps://github.com/rednaga/APKiD\n\n\u200b\u200b3klCon\n\nFull Automation Recon tool which works with Small and Medium scopes.\n\nRecommended to use it on VPS, it'll discover secrets and searching for vulnerabilities\n\nhttps://github.com/eslam3kl/3klCon\n\n\u200b\u200bCiLocks \n\nAndroid/IOS Hacking \ud83d\udcf1\n\nCrack Interface lockscreen, Metasploit and More Android/IOS Hacking.\n\nhttps://github.com/tegal1337/CiLocks\n\n\u200b\u200bJWT authentication bypass via jwk header injection\n\nhttps://github.com/frank-leitner/portswigger-websecurity-academy/tree/main/23_JWT_attacks/JWT_authentication_bypass_via_jwk_header_injection\n\n\u200b\u200bPPID Spoofing and Blocking DLLs in C#\n\nUsing InitializeProcThreadAttributeList and UpdateProcThreadAttribute to update attributes of the process to change parent PID and add PROCESS_CREATION_MITIGATION_POLICY_BLOCK_NON_MICROSOFT_BINARIES_ALWAYS_ON.\n\nhttps://github.com/crypt0ace/PPIDSpoof\n\nStaying Under the Radar - Part 1 - PPID Spoofing and Blocking DLLs\nhttps://crypt0ace.github.io/posts/Staying-under-the-Radar/\n\n\u200b\u200bCVE-2022-2588\n\nThe #DirtyCred version of exploit to CVE-2022-2588 (an 8-year-old bug) along with a brief write-up. Ideally, the exploit could work on different distros if the kernel is vulnerable.\n\nhttps://github.com/Markakd/CVE-2022-2588\n\n#cve\n\n\u200b\u200bPCredz\n\nThis tool extracts Credit card numbers, NTLM(DCE-RPC, HTTP, SQL, LDAP, etc), Kerberos (AS-REQ Pre-Auth etype 23), HTTP Basic, SNMP, POP, SMTP, FTP, IMAP, etc from a pcap file or from a live interface.\n\nhttps://github.com/lgandx/PCredz\n\n\u200b\u200bida_kcpp\n\nAn IDAPython module for way more convienent way to Reverse Engineering iOS kernelcaches.\n\nhttps://github.com/cellebrite-labs/ida_kcpp\n\n\u200b\u200bAwesome-Application-Security-Checklist\n\nIf you are designing, creating, testing your web/mobile application with security in mind, this Checklist of counter-measures can be a good starting point\n\nhttps://github.com/MahdiMashrur/Awesome-Application-Security-Checklist\n\n\u200b\u200buserefuzz\n\nUser-Agent, X-Forwarded-For and Referer SQLI Fuzzer made with python.\n\nhttps://github.com/root-tanishq/userefuzz\n\n\u200b\u200bAPKLab\n\nAndroid Reverse Engineering WorkBench for VS Code.\n\nAPKLab seamlessly integrates the best open-source tools: #Apktool, Jadx, uber-apk-signer, and more to the excellent VS Code so you can focus on app analysis and get it done without leaving the IDE.\n\nhttps://github.com/APKLab/APKLab\n\n\u200b\u200bRemote Method Guesser\n\nA Java RMI vulnerability scanner and can be used to identify and verify common security vulnerabilities on Java RMI endpoints. \n\nhttps://github.com/qtc-de/remote-method-guesser\n\n\u200b\u200bSyscallslib\n\nA library that automates some clean syscalls to make it easier &amp; faster to implement. its pretty basic code, im using hellsgate (TartarusGate) tech to fetch direct syscalls, and it saves times when needed.\n\nhttps://github.com/ORCx41/Syscallslib\n\n\u200b\u200bCVE-2022-36804 \n\nAtlassian Bitbucket Command Injection\n\nThe script will automatically detect public repositories located on bitbucket instances then select a random repository to check or perform the vulnerability on. If there are no public repositories a valid 'BITBUCKETSESSIONID' cookie is required in order to exploit known vulnerable instances.\n\nThe PoC was designed to take multiple input hosts and pipe vulnerable hosts to stdout allowing for piping of results in order to be processed by other tools.\n\nhttps://github.com/notxesh/CVE-2022-36804-PoC\n\nPentesting tool for Minecraft\n\n\u25ab\ufe0f Uses more reliable create process functions like CreateProcessAsUser() and CreateProcessWithTokenW() if the calling process holds the required privileges (automatic detection)\n\u25ab\ufe0f Allows to specify the logon type, e.g. 8-NetworkCleartext logon (no UAC limitations)\n\u25ab\ufe0f Allows to bypass UAC when an administrator password is known (flag --bypass-uac)\n\nhttps://github.com/antonioCoco/RunasCs\n\nJoin:\nhttps://t.me/dilagrafie\nhttps://t.me/HackerFactory\n\n#InsoSec #cybersec \ud835\udddb\ud835\uddee\ud835\uddf0\ud835\uddf8\ud835\uddf2\ud835\uddff\ud835\ude00 \ud835\uddd9\ud835\uddee\ud835\uddf0\ud835\ude01\ud835\uddfc\ud835\uddff\ud835\ude06", "creation_timestamp": "2022-12-20T04:37:50.000000Z"}, {"uuid": "d5611bdd-6bf3-41dc-a745-1039339c2e68", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2588", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/2800", "content": "#Tools -\u00a0 \ud835\udddb\ud835\uddee\ud835\uddf0\ud835\uddf8\ud835\uddf2\ud835\uddff\ud835\ude00 \ud835\uddd9\ud835\uddee\ud835\uddf0\ud835\ude01\ud835\uddfc\ud835\uddff\ud835\ude06\n\nAntonioCoco/RunasCs\n\n\u25ab\ufe0f Uses more reliable create process functions like CreateProcessAsUser() and CreateProcessWithTokenW() if the calling process holds the required privileges (automatic detection)\n\u25ab\ufe0f Allows to specify the logon type, e.g. 8-NetworkCleartext logon (no UAC limitations)\n\u25ab\ufe0f Allows to bypass UAC when an administrator password is known \n\nhttps://github.com/antonioCoco/RunasCs\n\nAPKiD\n\nAPKiD gives you information about how an APK was made. It identifies many compilers, packers, obfuscators, and other weird stuff. It's PEiD for Android.\n\nhttps://github.com/rednaga/APKiD\n\n3klCon\n\nFull Automation Recon tool which works with Small and Medium scopes.\n\nRecommended to use it on VPS, it'll discover secrets and searching for vulnerabilities\n\nhttps://github.com/eslam3kl/3klCon\n\nCiLocks \n\nAndroid/IOS Hacking \ud83d\udcf1\n\nCrack Interface lockscreen, Metasploit and More Android/IOS Hacking.\n\nhttps://github.com/tegal1337/CiLocks\n\nJWT authentication bypass via jwk header injection\n\nhttps://github.com/frank-leitner/portswigger-websecurity-academy/tree/main/23_JWT_attacks/JWT_authentication_bypass_via_jwk_header_injection\n\nPPID Spoofing and Blocking DLLs in C#\n\nUsing InitializeProcThreadAttributeList and UpdateProcThreadAttribute to update attributes of the process to change parent PID and add PROCESS_CREATION_MITIGATION_POLICY_BLOCK_NON_MICROSOFT_BINARIES_ALWAYS_ON.\n\nhttps://github.com/crypt0ace/PPIDSpoof\n\nStaying Under the Radar - Part 1 - PPID Spoofing and Blocking DLLs\nhttps://crypt0ace.github.io/posts/Staying-under-the-Radar/\n\nCVE-2022-2588\n\nThe #DirtyCred version of exploit to CVE-2022-2588 (an 8-year-old bug) along with a brief write-up. Ideally, the exploit could work on different distros if the kernel is vulnerable.\n\nhttps://github.com/Markakd/CVE-2022-2588\n\nPCredz\n\nThis tool extracts Credit card numbers, NTLM(DCE-RPC, HTTP, SQL, LDAP, etc), Kerberos (AS-REQ Pre-Auth etype 23), HTTP Basic, SNMP, POP, SMTP, FTP, IMAP, etc from a pcap file or from a live interface.\n\nhttps://github.com/lgandx/PCredz\n\nida_kcpp\n\nAn IDAPython module for way more convienent way to Reverse Engineering iOS kernelcaches.\n\nhttps://github.com/cellebrite-labs/ida_kcpp\n\nAwesome-Application-Security-Checklist\n\nIf you are designing, creating, testing your web/mobile application with security in mind, this Checklist of counter-measures can be a good starting point\n\nhttps://github.com/MahdiMashrur/Awesome-Application-Security-Checklist\n\nuserefuzz\n\nUser-Agent, X-Forwarded-For and Referer SQLI Fuzzer made with python.\n\nhttps://github.com/root-tanishq/userefuzz\n\nAPKLab\n\nAndroid Reverse Engineering WorkBench for VS Code.\n\nAPKLab seamlessly integrates the best open-source tools: #Apktool, Jadx, uber-apk-signer, and more to the excellent VS Code so you can focus on app analysis and get it done without leaving the IDE.\n\nhttps://github.com/APKLab/APKLab\n\nRemote Method Guesser\n\nA Java RMI vulnerability scanner and can be used to identify and verify common security vulnerabilities on Java RMI endpoints. Java RMI enumeration and bruteforce of remote methods. \n\nhttps://github.com/qtc-de/remote-method-guesser\n\nSyscallslib\n\nA library that automates some clean syscalls to make it easier &amp; faster to implement. its pretty basic code, im using hellsgate (TartarusGate) tech to fetch direct syscalls, and it saves times when needed.\n\nhttps://github.com/ORCx41/Syscallslib\n\nCVE-2022-36804 \n\nAtlassian Bitbucket Command Injection\n\nThe script will automatically detect public repositories located on bitbucket instances then select a random repository to check or perform the vulnerability on. If there are no public repositories a valid 'BITBUCKETSESSIONID' cookie is required in order to exploit known vulnerable instances.\n\nThe PoC was designed to take multiple input hosts and pipe vulnerable hosts to stdout allowing for piping of results in order to be processed by other tools.\n\nhttps://github.com/notxesh/CVE-2022-36804-PoC\n\nJoin:\nhttps://t.me/dilagrafie\nhttps://t.me/HackerFactory\n\nWebsite:\nwww.ghostclan.org", "creation_timestamp": "2023-03-31T10:22:47.000000Z"}, {"uuid": "3adea511-4406-44c4-953f-e13140b4c394", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2588", "type": "published-proof-of-concept", "source": "https://t.me/lcmysecteamch/4167", "content": "#Tools -\u00a0 \ud835\udddb\ud835\uddee\ud835\uddf0\ud835\uddf8\ud835\uddf2\ud835\uddff\ud835\ude00 \ud835\uddd9\ud835\uddee\ud835\uddf0\ud835\ude01\ud835\uddfc\ud835\uddff\ud835\ude06\n\n\u200b\u200bAPKiD\n\nAPKiD gives you information about how an APK was made. It identifies many compilers, packers, obfuscators, and other weird stuff. It's PEiD for Android.\n\nhttps://github.com/rednaga/APKiD\n\n\u200b\u200b3klCon\n\nFull Automation Recon tool which works with Small and Medium scopes.\n\nRecommended to use it on VPS, it'll discover secrets and searching for vulnerabilities\n\nhttps://github.com/eslam3kl/3klCon\n\n\u200b\u200bCiLocks \n\nAndroid/IOS Hacking \ud83d\udcf1\n\nCrack Interface lockscreen, Metasploit and More Android/IOS Hacking.\n\nhttps://github.com/tegal1337/CiLocks\n\n\u200b\u200bJWT authentication bypass via jwk header injection\n\nhttps://github.com/frank-leitner/portswigger-websecurity-academy/tree/main/23_JWT_attacks/JWT_authentication_bypass_via_jwk_header_injection\n\n\u200b\u200bPPID Spoofing and Blocking DLLs in C#\n\nUsing InitializeProcThreadAttributeList and UpdateProcThreadAttribute to update attributes of the process to change parent PID and add PROCESS_CREATION_MITIGATION_POLICY_BLOCK_NON_MICROSOFT_BINARIES_ALWAYS_ON.\n\nhttps://github.com/crypt0ace/PPIDSpoof\n\nStaying Under the Radar - Part 1 - PPID Spoofing and Blocking DLLs\nhttps://crypt0ace.github.io/posts/Staying-under-the-Radar/\n\n\u200b\u200bCVE-2022-2588\n\nThe #DirtyCred version of exploit to CVE-2022-2588 (an 8-year-old bug) along with a brief write-up. Ideally, the exploit could work on different distros if the kernel is vulnerable.\n\nhttps://github.com/Markakd/CVE-2022-2588\n\n#cve\n\n\u200b\u200bPCredz\n\nThis tool extracts Credit card numbers, NTLM(DCE-RPC, HTTP, SQL, LDAP, etc), Kerberos (AS-REQ Pre-Auth etype 23), HTTP Basic, SNMP, POP, SMTP, FTP, IMAP, etc from a pcap file or from a live interface.\n\nhttps://github.com/lgandx/PCredz\n\n\u200b\u200bida_kcpp\n\nAn IDAPython module for way more convienent way to Reverse Engineering iOS kernelcaches.\n\nhttps://github.com/cellebrite-labs/ida_kcpp\n\n\u200b\u200bAwesome-Application-Security-Checklist\n\nIf you are designing, creating, testing your web/mobile application with security in mind, this Checklist of counter-measures can be a good starting point\n\nhttps://github.com/MahdiMashrur/Awesome-Application-Security-Checklist\n\n\u200b\u200buserefuzz\n\nUser-Agent, X-Forwarded-For and Referer SQLI Fuzzer made with python.\n\nhttps://github.com/root-tanishq/userefuzz\n\n\u200b\u200bAPKLab\n\nAndroid Reverse Engineering WorkBench for VS Code.\n\nAPKLab seamlessly integrates the best open-source tools: #Apktool, Jadx, uber-apk-signer, and more to the excellent VS Code so you can focus on app analysis and get it done without leaving the IDE.\n\nhttps://github.com/APKLab/APKLab\n\n\u200b\u200bRemote Method Guesser\n\nA Java RMI vulnerability scanner and can be used to identify and verify common security vulnerabilities on Java RMI endpoints. \n\nhttps://github.com/qtc-de/remote-method-guesser\n\n\u200b\u200bSyscallslib\n\nA library that automates some clean syscalls to make it easier &amp; faster to implement. its pretty basic code, im using hellsgate (TartarusGate) tech to fetch direct syscalls, and it saves times when needed.\n\nhttps://github.com/ORCx41/Syscallslib\n\n\u200b\u200bCVE-2022-36804 \n\nAtlassian Bitbucket Command Injection\n\nThe script will automatically detect public repositories located on bitbucket instances then select a random repository to check or perform the vulnerability on. If there are no public repositories a valid 'BITBUCKETSESSIONID' cookie is required in order to exploit known vulnerable instances.\n\nThe PoC was designed to take multiple input hosts and pipe vulnerable hosts to stdout allowing for piping of results in order to be processed by other tools.\n\nhttps://github.com/notxesh/CVE-2022-36804-PoC\n\nPentesting tool for Minecraft\n\n\u25ab\ufe0f Uses more reliable create process functions like CreateProcessAsUser() and CreateProcessWithTokenW() if the calling process holds the required privileges (automatic detection)\n\u25ab\ufe0f Allows to specify the logon type, e.g. 8-NetworkCleartext logon (no UAC limitations)\n\u25ab\ufe0f Allows to bypass UAC when an administrator password is known (flag --bypass-uac)\n\nhttps://github.com/antonioCoco/RunasCs\n\nJoin:\nhttps://t.me/dilagrafie\nhttps://t.me/HackerFactory\n\n#InsoSec #cybersec \ud835\udddb\ud835\uddee\ud835\uddf0\ud835\uddf8\ud835\uddf2\ud835\uddff\ud835\ude00 \ud835\uddd9\ud835\uddee\ud835\uddf0\ud835\ude01\ud835\uddfc\ud835\uddff\ud835\ude06", "creation_timestamp": "2022-12-19T07:21:28.000000Z"}, {"uuid": "ca060109-9056-475c-af64-36409d769b40", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2588", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/1427", "content": "kernel-linux-factory\n*\n\u0423\u0434\u043e\u0431\u043d\u043e \u0442\u0435\u043c, \u0447\u0442\u043e \u043d\u0435 \u043d\u0443\u0436\u043d\u043e \u043a\u043e\u043c\u043f\u0438\u043b\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0438\u043b\u0438 \u043d\u0430\u0441\u0442\u0440\u0430\u0438\u0432\u0430\u0442\u044c \u0441\u0440\u0435\u0434\u0443, \u0433\u043b\u044f\u043d\u0443\u043b \u043a\u0430\u043a\u043e\u0435 \u044f\u0434\u0440\u043e, \u0437\u0430\u043f\u0443\u0441\u0442\u0438\u043b \u0441\u043f\u043b\u043e\u0435\u0442, \u043f\u043e\u043b\u0443\u0447\u0438\u043b \u043f\u043e \u043c\u043e\u0440\u0434\u0435 #root\n*\n\u0432 \u0441\u043e\u0441\u0442\u0430\u0432\u0435 exploits \u0434\u043b\u044f:\nCVE-2016-9793\n4-20-BPF-integer\nCVE-2017-5123\nCVE-2017-6074\nCVE-2017-7308\nCVE-2017-8890\nCVE-2017-11176\nCVE-2017-16995\nCVE-2017-1000112\nCVE-2018-5333\nCVE-2019-9213 &amp; CVE-2019-8956\nCVE-2019-15666\nCVE-2020-8835\nCVE-2020-27194\nCVE-2021-3156\nCVE-2021-31440\nCVE-2021-3490\nCVE-2021-22555\nCVE-2021-41073\nCVE-2021-4154\nCVE-2021-42008\nCVE-2021-43267\nCVE-2022-0185\nCVE-2022-0847\nCVE-2022-0995\nCVE-2022-1015\nCVE-2022-2588\nCVE-2022-2639\nCVE-2022-25636\nCVE-2022-27666\nCVE-2022-32250\nCVE-2022-34918\n\ndownload\n\n#linux #exploits #kernel", "creation_timestamp": "2023-03-23T06:30:43.000000Z"}, {"uuid": "9503199d-8f52-4795-9edb-108a65799142", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2588", "type": "published-proof-of-concept", "source": "https://t.me/lcmysecteamch/12126", "content": "#Tools -\u00a0 \ud835\udddb\ud835\uddee\ud835\uddf0\ud835\uddf8\ud835\uddf2\ud835\uddff\ud835\ude00 \ud835\uddd9\ud835\uddee\ud835\uddf0\ud835\ude01\ud835\uddfc\ud835\uddff\ud835\ude06\n\n\u200b\u200bAPKiD\n\nAPKiD gives you information about how an APK was made. It identifies many compilers, packers, obfuscators, and other weird stuff. It's PEiD for Android.\n\nhttps://github.com/rednaga/APKiD\n\n\u200b\u200b3klCon\n\nFull Automation Recon tool which works with Small and Medium scopes.\n\nRecommended to use it on VPS, it'll discover secrets and searching for vulnerabilities\n\nhttps://github.com/eslam3kl/3klCon\n\n\u200b\u200bCiLocks \n\nAndroid/IOS Hacking \ud83d\udcf1\n\nCrack Interface lockscreen, Metasploit and More Android/IOS Hacking.\n\nhttps://github.com/tegal1337/CiLocks\n\n\u200b\u200bJWT authentication bypass via jwk header injection\n\nhttps://github.com/frank-leitner/portswigger-websecurity-academy/tree/main/23_JWT_attacks/JWT_authentication_bypass_via_jwk_header_injection\n\n\u200b\u200bPPID Spoofing and Blocking DLLs in C#\n\nUsing InitializeProcThreadAttributeList and UpdateProcThreadAttribute to update attributes of the process to change parent PID and add PROCESS_CREATION_MITIGATION_POLICY_BLOCK_NON_MICROSOFT_BINARIES_ALWAYS_ON.\n\nhttps://github.com/crypt0ace/PPIDSpoof\n\nStaying Under the Radar - Part 1 - PPID Spoofing and Blocking DLLs\nhttps://crypt0ace.github.io/posts/Staying-under-the-Radar/\n\n\u200b\u200bCVE-2022-2588\n\nThe #DirtyCred version of exploit to CVE-2022-2588 (an 8-year-old bug) along with a brief write-up. Ideally, the exploit could work on different distros if the kernel is vulnerable.\n\nhttps://github.com/Markakd/CVE-2022-2588\n\n#cve\n\n\u200b\u200bPCredz\n\nThis tool extracts Credit card numbers, NTLM(DCE-RPC, HTTP, SQL, LDAP, etc), Kerberos (AS-REQ Pre-Auth etype 23), HTTP Basic, SNMP, POP, SMTP, FTP, IMAP, etc from a pcap file or from a live interface.\n\nhttps://github.com/lgandx/PCredz\n\n\u200b\u200bida_kcpp\n\nAn IDAPython module for way more convienent way to Reverse Engineering iOS kernelcaches.\n\nhttps://github.com/cellebrite-labs/ida_kcpp\n\n\u200b\u200bAwesome-Application-Security-Checklist\n\nIf you are designing, creating, testing your web/mobile application with security in mind, this Checklist of counter-measures can be a good starting point\n\nhttps://github.com/MahdiMashrur/Awesome-Application-Security-Checklist\n\n\u200b\u200buserefuzz\n\nUser-Agent, X-Forwarded-For and Referer SQLI Fuzzer made with python.\n\nhttps://github.com/root-tanishq/userefuzz\n\n\u200b\u200bAPKLab\n\nAndroid Reverse Engineering WorkBench for VS Code.\n\nAPKLab seamlessly integrates the best open-source tools: #Apktool, Jadx, uber-apk-signer, and more to the excellent VS Code so you can focus on app analysis and get it done without leaving the IDE.\n\nhttps://github.com/APKLab/APKLab\n\n\u200b\u200bRemote Method Guesser\n\nA Java RMI vulnerability scanner and can be used to identify and verify common security vulnerabilities on Java RMI endpoints. \n\nhttps://github.com/qtc-de/remote-method-guesser\n\n\u200b\u200bSyscallslib\n\nA library that automates some clean syscalls to make it easier &amp; faster to implement. its pretty basic code, im using hellsgate (TartarusGate) tech to fetch direct syscalls, and it saves times when needed.\n\nhttps://github.com/ORCx41/Syscallslib\n\n\u200b\u200bCVE-2022-36804 \n\nAtlassian Bitbucket Command Injection\n\nThe script will automatically detect public repositories located on bitbucket instances then select a random repository to check or perform the vulnerability on. If there are no public repositories a valid 'BITBUCKETSESSIONID' cookie is required in order to exploit known vulnerable instances.\n\nThe PoC was designed to take multiple input hosts and pipe vulnerable hosts to stdout allowing for piping of results in order to be processed by other tools.\n\nhttps://github.com/notxesh/CVE-2022-36804-PoC\n\nPentesting tool for Minecraft\n\n\u25ab\ufe0f Uses more reliable create process functions like CreateProcessAsUser() and CreateProcessWithTokenW() if the calling process holds the required privileges (automatic detection)\n\u25ab\ufe0f Allows to specify the logon type, e.g. 8-NetworkCleartext logon (no UAC limitations)\n\u25ab\ufe0f Allows to bypass UAC when an administrator password is known (flag --bypass-uac)\n\nhttps://github.com/antonioCoco/RunasCs\n\nJoin:\nhttps://t.me/dilagrafie\nhttps://t.me/HackerFactory\n\n#InsoSec #cybersec \ud835\udddb\ud835\uddee\ud835\uddf0\ud835\uddf8\ud835\uddf2\ud835\uddff\ud835\ude00 \ud835\uddd9\ud835\uddee\ud835\uddf0\ud835\ude01\ud835\uddfc\ud835\uddff\ud835\ude06", "creation_timestamp": "2022-12-19T07:21:28.000000Z"}, {"uuid": "49d91873-01a1-43d8-ac97-bf03e9e3ec54", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2588", "type": "published-proof-of-concept", "source": "Telegram/nzJTYhWKt_14lkW5H67GmbPE2btt8PGtt7eaKaC73aRBYw", "content": "", "creation_timestamp": "2022-08-23T08:27:23.000000Z"}, {"uuid": "2ee5ae53-d87f-4ff8-98a0-fdf952bfde6b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2588", "type": "published-proof-of-concept", "source": "Telegram/ZBOHQxTIwY0gaiwZP_ylwecidOP31RVK_BxVtNuHoqXllG4", "content": "", "creation_timestamp": "2022-10-12T09:13:04.000000Z"}, {"uuid": "ecf4f5d6-1eff-40a4-a096-b12301fd441c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2588", "type": "published-proof-of-concept", "source": "https://t.me/MrVGunz/513", "content": "CVE-2022-2588 : Linux Kernel &lt; \n4.19.249-2 cls_route - Use After Free \nhttps://github.com/sang-chu/CVE-2022-2588", "creation_timestamp": "2022-10-03T16:30:19.000000Z"}, {"uuid": "cf30ae55-291d-4958-9725-cd7d9ea000cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-25883", "type": "seen", "source": "https://t.me/true_secator/5358", "content": "\u0423 Splunk \u043d\u043e\u0432\u044b\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b: \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u043b \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0442\u0440\u0435\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 \u0432 \u0441\u0432\u043e\u0438\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445.\n\n\u041f\u0435\u0440\u0432\u0430\u044f CVE-2023-46230 \u0438\u043c\u0435\u0435\u0442 \u043e\u0446\u0435\u043d\u043a\u0443 CVSS \u00a08,2 \u0438 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u0435\u043c \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0432\u043e \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0438\u0445 \u0444\u0430\u0439\u043b\u0430\u0445 \u0436\u0443\u0440\u043d\u0430\u043b\u043e\u0432 \u0432 Splunk Add-on Builder.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0442\u0440\u0435\u0431\u0443\u0435\u0442 \u043b\u0438\u0431\u043e \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0444\u0430\u0439\u043b\u0430\u043c \u0436\u0443\u0440\u043d\u0430\u043b\u043e\u0432, \u043b\u0438\u0431\u043e \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0438\u043c \u0438\u043d\u0434\u0435\u043a\u0441\u0430\u043c, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e \u043f\u043e\u043b\u0443\u0447\u0430\u0435\u0442 \u0442\u043e\u043b\u044c\u043a\u043e \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440.\n\nCVE-2023-46231 \u0441 CVSS 8,8 \u043e\u0431\u0443\u0441\u043b\u043e\u0432\u043b\u0435\u043d\u0430 \u0442\u0435\u043c, \u0447\u0442\u043e \u0432 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 Splunk Add-on Builder \u043d\u0438\u0436\u0435 4.1.4 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0435 \u0437\u0430\u043f\u0438\u0441\u044b\u0432\u0430\u0435\u0442 \u0442\u043e\u043a\u0435\u043d\u044b \u0441\u0435\u0430\u043d\u0441\u0430 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u0432\u043e \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0438\u0435 \u0444\u0430\u0439\u043b\u044b \u0436\u0443\u0440\u043d\u0430\u043b\u043e\u0432.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0442\u0440\u0435\u0431\u0443\u0435\u0442 \u043b\u0438\u0431\u043e \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0444\u0430\u0439\u043b\u0430\u043c \u0436\u0443\u0440\u043d\u0430\u043b\u043e\u0432, \u043b\u0438\u0431\u043e \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0438\u043c \u0438\u043d\u0434\u0435\u043a\u0441\u0430\u043c, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e \u043f\u043e\u043b\u0443\u0447\u0430\u0435\u0442 \u0442\u043e\u043b\u044c\u043a\u043e \u0440\u043e\u043b\u044c \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430.\n\n\u041f\u043e\u0441\u043b\u0435\u0434\u043d\u044f\u044f \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2023-32681 \u0438 CVE-2022-25883, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0442 \u0441\u0442\u043e\u0440\u043e\u043d\u043d\u0438\u0435 \u043f\u0430\u043a\u0435\u0442\u044b \u0432 Splunk Add-on Builder.\n\n\u0414\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0431\u043b\u0435\u043c \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c Splunk Add-on Builder \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 4.1.4 \u0438\u043b\u0438 \u0432\u044b\u0448\u0435, \u0443\u0434\u0430\u043b\u0438\u0442\u044c \u0432\u0441\u0435 \u0441\u043e\u0431\u044b\u0442\u0438\u044f \u0438 \u0444\u0430\u0439\u043b\u044b \u0436\u0443\u0440\u043d\u0430\u043b\u043e\u0432, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0438\u0437\u043c\u0435\u043d\u0438\u0442\u044c \u0443\u0447\u0435\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435, \u0442\u043e\u043a\u0435\u043d\u044b \u0438 \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u0443\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e, \u0445\u0440\u0430\u043d\u044f\u0449\u0443\u044e\u0441\u044f \u0432 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u0430\u0445 \u0432\u0432\u043e\u0434\u0430 \u0434\u0430\u043d\u043d\u044b\u0445 \u0438 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u0430\u0445 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438 \u043d\u0430\u0434\u0441\u0442\u0440\u043e\u0435\u043a \u0434\u043b\u044f \u043c\u043e\u0434\u0443\u043b\u044c\u043d\u044b\u0445 \u0432\u0445\u043e\u0434\u043e\u0432.\n\n\u0411\u043e\u043b\u0435\u0435 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u044b\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u043e\u0432 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u044b \u0432 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u044f\u0445 \u043f\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u0430. \u041c\u0435\u0440\u044b \u043f\u043e \u0441\u043c\u044f\u0433\u0447\u0435\u043d\u0438\u044e \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0443\u044e\u0442.", "creation_timestamp": "2024-01-31T14:50:05.000000Z"}, {"uuid": "87f32d45-a644-49f2-bac0-b96fe8b3df8b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2588", "type": "published-proof-of-concept", "source": "https://t.me/true_secator/3325", "content": "\u0412 \u043f\u0435\u0440\u0432\u0443\u044e \u0434\u0435\u043a\u0430\u0434\u0443 \u0430\u0432\u0433\u0443\u0441\u0442\u0430 \u043f\u0440\u043e\u0448\u043b\u0430 \u043a\u043e\u043d\u0444\u0435\u0440\u0435\u043d\u0446\u0438\u044f \u043f\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 Black Hat, \u043d\u0430 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0431\u044b\u043b\u0430 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u044f\u0434\u0440\u0435 Linux \u043f\u043e\u0434 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435\u043c Dirty Cred.\n\n\u041e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u0432\u0435\u0434\u0430\u043b\u0438 \u043f\u044b\u0442\u043b\u0438\u0432\u044b\u0435 \u0443\u043c\u044b \u0438\u0437 \u0423\u043d\u0438\u0432\u0435\u0440\u0441\u0438\u0442\u0435\u0442\u0430 \u041d\u043e\u0440\u0442\u0443\u044d\u0441\u0442\u0435\u0440\u043d, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0440\u0430\u0431\u043e\u0442\u0430\u043b\u0438 \u043d\u0430\u0434 \u043f\u0435\u0447\u0430\u043b\u044c\u043d\u043e \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e\u0439 \u0431\u0430\u0433\u043e\u0439 Dirty Pipe \u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u043e\u0448\u0438\u0431\u043a\u0443 \u0432\u043e\u0441\u044c\u043c\u0438\u043b\u0435\u0442\u043d\u0435\u0439 \u0434\u0430\u0432\u043d\u043e\u0441\u0442\u0438, \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u043f\u0440\u0430\u0432\u0430 \u0434\u043e \u043c\u0430\u043a\u0441\u0438\u043c\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0443\u0440\u043e\u0432\u043d\u044f.\n\n\u041a\u0430\u043a \u043f\u043e\u0434\u0447\u0435\u0440\u043a\u043d\u0443\u043b\u0438 \u0441\u0430\u043c\u0438 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438, DirtyCred \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u043a\u043e\u043d\u0446\u0435\u043f\u0446\u0438\u044e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043d\u0430 \u0443\u0440\u043e\u0432\u043d\u0435 \u044f\u0434\u0440\u0430, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0443\u044e \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u043f\u0440\u0430\u0432\u0430 \u0432 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0435 \u0437\u0430\u043c\u0435\u043d\u044b \u043d\u0435\u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u043d\u0430 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435.\n\n\u0414\u043b\u044f \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 DirtyCred \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u0440\u0430\u043d\u0435\u0435 \u043d\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u043d\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u0443\u044e \u043a\u0430\u043a CVE-2022-2588. \u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u043a \u0432 \u0441\u0432\u044f\u0437\u0430\u043d \u0441 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u043e\u0439 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u043f\u043e\u0441\u043b\u0435 \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u044f, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043d\u0430\u0445\u043e\u0434\u0438\u0442\u0441\u044f \u0432 route4_change \u043f\u0440\u0438 \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u0444\u0438\u043b\u044c\u0442\u0440\u0430 net/sched/cls_route.c \u0432 \u044f\u0434\u0440\u0435 Linux.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u043c\u0443 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u044b\u0432\u0435\u0441\u0442\u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u0443 \u0438\u0437 \u0441\u0442\u0440\u043e\u044f, \u0447\u0442\u043e \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044e \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u0445 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439. \n\n\u042d\u043a\u0441\u043f\u0435\u0440\u0442\u044b \u043e\u0442\u043c\u0435\u0447\u0430\u044e\u0442, \u0447\u0442\u043e \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b, \u043d\u0430\u043f\u0438\u0441\u0430\u043d\u043d\u044b\u0435 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e DirtyCred, \u0431\u0443\u0434\u0443\u0442 \u0440\u0430\u0431\u043e\u0442\u0430\u0442\u044c \u0441 \u0440\u0430\u0437\u043d\u044b\u043c\u0438 \u044f\u0434\u0440\u0430\u043c\u0438 \u0438 \u0430\u0440\u0445\u0438\u0442\u0435\u043a\u0442\u0443\u0440\u0430\u043c\u0438, \u0447\u0442\u043e \u043d\u0430\u0433\u043b\u044f\u0434\u043d\u043e \u043f\u0440\u043e\u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u0443 \u0441\u0435\u0431\u044f \u043d\u0430 \u0441\u0442\u0440\u0430\u043d\u0438\u0446\u0435.\n\n\u041f\u0440\u0438\u0447\u0435\u043c \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b \u043e\u043f\u0438\u0441\u0430\u043b\u0438 \u043f\u043e\u0434\u0445\u043e\u0434, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043c\u043e\u0436\u043d\u043e \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u0442\u044c \u0438 \u0434\u043b\u044f Android.\n\n\u041a\u0441\u0442\u0430\u0442\u0438, POC \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d \u043d\u0430 GitHub.", "creation_timestamp": "2022-08-23T14:16:21.000000Z"}, {"uuid": "6046a5a3-bd18-4fba-956c-71a2ebfd4847", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2588", "type": "seen", "source": "https://t.me/ctinow/164575", "content": "https://ift.tt/NpU7S0z\nCVE-2022-2588", "creation_timestamp": "2024-01-08T19:26:20.000000Z"}, {"uuid": "ae587c49-493f-4108-a85c-a70edea38e30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-25889", "type": "seen", "source": "https://t.me/cibsecurity/59642", "content": "\u203c CVE-2022-25889 \u203c\n\nThis candidate was in a CNA pool that was not assigned to any issues during 2022.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-08T02:23:13.000000Z"}, {"uuid": "d58428fa-dd29-4c67-9b7f-27c862ec5c79", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-25881", "type": "seen", "source": "https://t.me/cibsecurity/57203", "content": "\u203c CVE-2022-25881 \u203c\n\nThis affects versions of the package http-cache-semantics before 4.1.1. The issue can be exploited via malicious request header values sent to a server, when that server reads the cache policy from the request using this library.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-31T07:37:48.000000Z"}, {"uuid": "420f8620-2fd3-48bc-a764-d14879f8f162", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-25887", "type": "seen", "source": "https://t.me/cibsecurity/49038", "content": "\u203c CVE-2022-25887 \u203c\n\nThe package sanitize-html before 2.7.1 are vulnerable to Regular Expression Denial of Service (ReDoS) due to insecure global regular expression replacement logic of HTML comment removal.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-30T12:54:07.000000Z"}, {"uuid": "83011014-2cac-499b-91cd-7fa59e9f8d59", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-25880", "type": "seen", "source": "https://t.me/cibsecurity/39749", "content": "\u203c CVE-2022-25880 \u203c\n\nDelta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability that exists in DIAE_hierarchyHandler.ashx. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-29T20:11:20.000000Z"}, {"uuid": "11a6a6a5-abdb-4839-8d39-431395689098", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2588", "type": "published-proof-of-concept", "source": "https://t.me/reverse_dungeon/2398", "content": "CVE-2022-2588\nCautious! A New Exploitation Method! \nNo Pipe but as Nasty as Dirty Pipe\nhttps://github.com/greek0x0/2022-LPE-UAF", "creation_timestamp": "2022-08-23T06:42:54.000000Z"}, {"uuid": "5b69c798-2deb-4dcb-96aa-7df563d36c98", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2588", "type": "published-proof-of-concept", "source": "https://t.me/SecLabNews/12594", "content": "\u0412 \u043f\u0435\u0440\u0432\u0443\u044e \u0434\u0435\u043a\u0430\u0434\u0443 \u0430\u0432\u0433\u0443\u0441\u0442\u0430 \u043f\u0440\u043e\u0448\u043b\u0430 \u043a\u043e\u043d\u0444\u0435\u0440\u0435\u043d\u0446\u0438\u044f \u043f\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 Black Hat, \u043d\u0430 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0431\u044b\u043b\u0430 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u044f\u0434\u0440\u0435 Linux \u043f\u043e\u0434 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435\u043c Dirty Cred.\n\n\u041e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u0432\u0435\u0434\u0430\u043b\u0438 \u043f\u044b\u0442\u043b\u0438\u0432\u044b\u0435 \u0443\u043c\u044b \u0438\u0437 \u0423\u043d\u0438\u0432\u0435\u0440\u0441\u0438\u0442\u0435\u0442\u0430 \u041d\u043e\u0440\u0442\u0443\u044d\u0441\u0442\u0435\u0440\u043d, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0440\u0430\u0431\u043e\u0442\u0430\u043b\u0438 \u043d\u0430\u0434 \u043f\u0435\u0447\u0430\u043b\u044c\u043d\u043e \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e\u0439 \u0431\u0430\u0433\u043e\u0439 Dirty Pipe \u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u043e\u0448\u0438\u0431\u043a\u0443 \u0432\u043e\u0441\u044c\u043c\u0438\u043b\u0435\u0442\u043d\u0435\u0439 \u0434\u0430\u0432\u043d\u043e\u0441\u0442\u0438, \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u043f\u0440\u0430\u0432\u0430 \u0434\u043e \u043c\u0430\u043a\u0441\u0438\u043c\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0443\u0440\u043e\u0432\u043d\u044f.\n\n\u041a\u0430\u043a \u043f\u043e\u0434\u0447\u0435\u0440\u043a\u043d\u0443\u043b\u0438 \u0441\u0430\u043c\u0438 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438, DirtyCred \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u043a\u043e\u043d\u0446\u0435\u043f\u0446\u0438\u044e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043d\u0430 \u0443\u0440\u043e\u0432\u043d\u0435 \u044f\u0434\u0440\u0430, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0443\u044e \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u043f\u0440\u0430\u0432\u0430 \u0432 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0435 \u0437\u0430\u043c\u0435\u043d\u044b \u043d\u0435\u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u043d\u0430 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435.\n\n\u0414\u043b\u044f \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 DirtyCred \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u0440\u0430\u043d\u0435\u0435 \u043d\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u043d\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u0443\u044e \u043a\u0430\u043a CVE-2022-2588. \u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u043a \u0432 \u0441\u0432\u044f\u0437\u0430\u043d \u0441 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u043e\u0439 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u043f\u043e\u0441\u043b\u0435 \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u044f, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043d\u0430\u0445\u043e\u0434\u0438\u0442\u0441\u044f \u0432 route4_change \u043f\u0440\u0438 \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u0444\u0438\u043b\u044c\u0442\u0440\u0430 net/sched/cls_route.c \u0432 \u044f\u0434\u0440\u0435 Linux.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u043c\u0443 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u044b\u0432\u0435\u0441\u0442\u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u0443 \u0438\u0437 \u0441\u0442\u0440\u043e\u044f, \u0447\u0442\u043e \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044e \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u0445 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439. \n\n\u042d\u043a\u0441\u043f\u0435\u0440\u0442\u044b \u043e\u0442\u043c\u0435\u0447\u0430\u044e\u0442, \u0447\u0442\u043e \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b, \u043d\u0430\u043f\u0438\u0441\u0430\u043d\u043d\u044b\u0435 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e DirtyCred, \u0431\u0443\u0434\u0443\u0442 \u0440\u0430\u0431\u043e\u0442\u0430\u0442\u044c \u0441 \u0440\u0430\u0437\u043d\u044b\u043c\u0438 \u044f\u0434\u0440\u0430\u043c\u0438 \u0438 \u0430\u0440\u0445\u0438\u0442\u0435\u043a\u0442\u0443\u0440\u0430\u043c\u0438, \u0447\u0442\u043e \u043d\u0430\u0433\u043b\u044f\u0434\u043d\u043e \u043f\u0440\u043e\u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u0443 \u0441\u0435\u0431\u044f \u043d\u0430 \u0441\u0442\u0440\u0430\u043d\u0438\u0446\u0435.\n\n\u041f\u0440\u0438\u0447\u0435\u043c \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b \u043e\u043f\u0438\u0441\u0430\u043b\u0438 \u043f\u043e\u0434\u0445\u043e\u0434, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043c\u043e\u0436\u043d\u043e \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u0442\u044c \u0438 \u0434\u043b\u044f Android.\n\n\u041a\u0441\u0442\u0430\u0442\u0438, POC \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d \u043d\u0430 GitHub.", "creation_timestamp": "2022-08-23T17:19:17.000000Z"}, {"uuid": "b2ad232f-b87d-4167-a226-99ee90671f60", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2588", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/7190", "content": "#Threat_Research\n1. RCE in Spotify\u2019s Backstage via vm2 Sandbox Escape\nhttps://www.oxeye.io/blog/remote-code-execution-in-spotifys-backstage\n2. Analysis and verification of Linux kernel cls_route filter\nUAF vulnerability (CVE-2022-2588)\nhttps://paper.seebug.org/2019", "creation_timestamp": "2022-11-18T11:00:24.000000Z"}, {"uuid": "e7bbe5aa-987b-4f6f-a0ca-a8df4577b52b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2588", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/6835", "content": "#exploit\n1. CVE-2022-34728:\nOut-of-bounds read information disclosure vulnerability in MS Windows GDI+ EMR_SETPIXELV record\nhttps://www.seljan.hu/posts/out-of-bounds-read-information-disclosure-vulnerability-in-microsoft-windows-gdi-emr_setpixelv-record\n\n2. CVE-2022-2588:\nLinux kernel cls_route UAF\nhttps://github.com/Markakd/CVE-2022-2588\nhttps://github.com/sang-chu/CVE-2022-2588", "creation_timestamp": "2022-09-21T04:25:21.000000Z"}]}