{"vulnerability": "CVE-2022-28282", "sightings": [{"uuid": "66ecdf34-37bd-4085-b227-ca49d1d5cd1d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-28282", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/2784", "content": "#Tools -\u00a0 \ud835\udddb\ud835\uddee\ud835\uddf0\ud835\uddf8\ud835\uddf2\ud835\uddff\ud835\ude00 \ud835\uddd9\ud835\uddee\ud835\uddf0\ud835\ude01\ud835\uddfc\ud835\uddff\ud835\ude06\n\nWARF\n\nWith a Dashboard, you will quickly get the metrics of your activity. WARF confined all your targets together and provide you with a clean and efficient way to search them down with their names.\n\nFeatures:\n\u25ab\ufe0f Subdomain Enumeration\n\u25ab\ufe0f Directory BruteForce\n\u25ab\ufe0f Gather Wayback URLs\n\u25ab\ufe0f Gather JavaScript URLs\n\u25ab\ufe0f Extract links from JS files\n\u25ab\ufe0f Extract API/Secret Keys from JS files\n\u25ab\ufe0f Supports Background Scan\n\nhttps://github.com/iamnihal/warf\n\nCVE-2022-30206\n\nThis is the PoC for CVE-2022-30206.\n\nhttps://github.com/Pwnrin/CVE-2022-30206\n\nRecreateCSDownloadsTree\n\nGeneration of TOML metadata for recreating directory structures from Cobalt Strike Beacon downloads.\n\nhttps://github.com/EspressoCake/RecreateCSDownloadsTree\n\n#cobalt\n\nBHHB\n\nView HTTP history exported from Burp Suite Community Edition(CE).\n\nhttps://github.com/adityatelange/bhhb\n\nDeFiHackLabs\n\nReproduce DeFi hack incidents using Foundry. 66 incidents included.\n\nhttps://github.com/SunWeb3Sec/DeFiHackLabs\n\nCronos\n\nPoC for a new sleep obfuscation technique (based on Ekko) leveraging waitable timers to RC4 encrypt the current process and change the permissions from RW to RX to evade memory scanners.\n\nhttps://github.com/Idov31/Cronos\n\nChallenges_2022_Public\n\nFiles + Writeups for DownUnderCTF 2022 Challenges\n\nhttps://github.com/DownUnderCTF/Challenges_2022_Public\n\nDumpThatLSASS\n\nIt's Fully Undetectable and bypass almost all the vendors AV/EDRs, it doesn't bypass RunAsPPL\n\nDumping LSASS by Unhooking MiniDumpWriteDump by getting a fresh DbgHelp.dll copy from the disk , plus functions and strings obfuscation, duplicate lsass handle from existed processes.\n\nhttps://github.com/D1rkMtr/DumpThatLSASS\n\nOSINT/FORENSICS-MOBILE\n\nhttps://github.com/CScorza/OSINT-FORENSICS-MOBILE\n\nCrackMapExec\n\nA swiss army knife for pentesting networks.\n\nA new protocol has been added to CrackMapExec ! You can now try FTP credentials and quickly find FTP with anonymous logon during internal pentest.\n\nhttps://github.com/Porchetta-Industries/CrackMapExec\n\ncpplumber\n\nStatic analysis tool based on clang, which detects source-to-binary information leaks in C/C++ projects\n\nhttps://github.com/ergrelet/cpplumber\n\nCallBackDump\n\nDump lsass process tool that can pass Kaba, nuclear crystal, defender and other anti-software\n\nhttps://github.com/seventeenman/CallBackDump\n\nCifuzz\n\nCLI tool that helps you to integrate and run fuzzing based tests into your project\n\nhttps://github.com/CodeIntelligenceTesting/cifuzz\n\nCVE-2022-28282\n\nPoC for CVE-2022-28282 Firefox: heap-use-after-free in DocumentL10n::TranslateDocument\n\nhttps://github.com/Pwnrin/CVE-2022-28282\n\nmonomorph\n\nMD5-Monomorphic Shellcode Packer all payloads have the same MD5 hash \n\nhttps://github.com/DavidBuchanan314/monomorph\n\nBloodHound py\n\nBloodHound.py is a Python based ingestor for BloodHound, based on Impacket.\n\nhttps://github.com/jazzpizazz/BloodHound.py-Kerberos\n\nSharpNamedPipePTH\n\nThis project is a C# tool to use Pass-the-Hash for authentication on a local Named Pipe for user Impersonation. You need a local administrator or SEImpersonate rights to use this. \n\nhttps://github.com/S3cur3Th1sSh1t/SharpNamedPipePTH\n\nDetails:\nhttps://s3cur3th1ssh1t.github.io/Named-Pipe-PTH/\n\nPassLock\n\nA medium-security password manager that encrypts passwords using Advanced Encryption Standard (AES).\n\nFeatures:\n\u25ab\ufe0f AES Encryption\n\u25ab\ufe0f Custom key\n\u25ab\ufe0f Random encryption type\n\u25ab\ufe0f random password generator\n\u25ab\ufe0f Clipboard Copy\n\u25ab\ufe0f Custom path\n\u25ab\ufe0f Terminal User Interface\n\u25ab\ufe0f Process Monitor\n\nhttps://github.com/Akshay-Vs/PassLock\n\nopencti\n\nOpenCTI is an open source platform allowing organizations to manage their cyber threat intelligence knowledge and observables. It has been created in order to structure, store, organize and visualize technical and non-technical information about cyber threats.\n\nhttps://github.com/OpenCTI-Platform/opencti\n\nJoin:\nhttps://t.me/dilagrafie\nhttps://t.me/HackerFactory\n\nWebsite:\nwww.ghostclan.org\n\n#InsoSec #cybersec \ud835\udddb\ud835\uddee\ud835\uddf0\ud835\uddf8\ud835\uddf2\ud835\uddff\ud835\ude00 \ud835\uddd9\ud835\uddee\ud835\uddf0\ud835\ude01\ud835\uddfc\ud835\uddff\ud835\ude06", "creation_timestamp": "2023-03-30T08:39:43.000000Z"}, {"uuid": "c3e53acf-0cfe-497a-83ad-951c84a90df4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-28282", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/6910", "content": "#exploit\n1. CVE-2022-35914:\nGLPI <10.0.2 - PHP code injection\nhttps://github.com/cosad3s/CVE-2022-35914-poc\n\n2. CVE-2022-28282:\nFirefox - heap-use-after-free in DocumentL10n::TranslateDocument\nhttps://github.com/Pwnrin/CVE-2022-28282", "creation_timestamp": "2022-10-04T11:01:01.000000Z"}, {"uuid": "b911f68d-6a3f-44ba-ad0a-91d1354a9958", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-28282", "type": "seen", "source": "https://t.me/cibsecurity/55128", "content": "\u203c CVE-2022-28282 \u203c\n\nBy using a link with rel=\"localization\" a use-after-free could have been triggered by destroying an object during JavaScript execution and then referencing the object through a freed pointer, leading to a potential exploitable crash. This vulnerability affects Thunderbird < 91.8, Firefox < 99, and Firefox ESR < 91.8.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-22T22:19:56.000000Z"}]}