{"vulnerability": "CVE-2022-28368", "sightings": [{"uuid": "9ec2219d-8bf6-4e66-b3bb-7cfd68b2e81a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-28368", "type": "published-proof-of-concept", "source": "Telegram/NK5whMDdXVt7SbkdiM1ZUZppAH_919v1yw_tRRhT6XXw02Y", "content": "", "creation_timestamp": "2023-02-24T12:51:36.000000Z"}, {"uuid": "2aeac83c-bfe4-4c28-a97c-d065ffaeff61", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-28368", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6454", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aDompdf RCE PoC Exploit - CVE-2022-28368\nURL\uff1ahttps://github.com/rvizx/CVE-2022-28368\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2024-01-19T04:40:19.000000Z"}, {"uuid": "d8e6888a-a85b-4d8f-9ee4-89ec4b71a144", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-28368", "type": "published-proof-of-concept", "source": "Telegram/WQpEVimxGvooSSUaCrA0t8uAyFoTwTeQ6cCn5gu5Byz3iRM", "content": "", "creation_timestamp": "2023-02-15T07:32:16.000000Z"}, {"uuid": "0a91ee01-845d-4717-94d7-8a247a01c5f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-28368", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/2321", "content": "#Tools\u00a0 \ud83d\udee0\ufe0f \ud835\udddb\ud835\uddee\ud835\uddf0\ud835\uddf8\ud835\uddf2\ud835\uddff\ud835\ude00 \ud835\uddd9\ud835\uddee\ud835\uddf0\ud835\ude01\ud835\uddfc\ud835\uddff\ud835\ude06\n\n\u200b\u200bCybersecurity Career Path\n\nhttps://github.com/rezaduty/cybersecurity-career-path\n\n\u200b\u200bCVE-2022-28368 - Dompdf RCE\n\nDompdf 1.2.1 allows remote code execution via a .php file in the src:url field of an @font-face Cascading Style Sheets (CSS) statement (within an HTML input file).\n\nhttps://github.com/rvizx/CVE-2022-28368\n\n#cve #poc\n\n\u200b\u200bAwesome Network Security\n\nA collection of awesome resources, tools, and other shiny things for Network Security.\n\nhttps://github.com/SubediBibek-cmd/awesome-network-security\n\n\u200b\u200bInject\n\nPacket crafting, injection and sniffing tool.\n\nhttps://github.com/fksvs/inject\n\n#pentesting #redteam\n\n\u200b\u200bWeb Application Cheatsheet (Vulnhub)\n\nThis cheatsheet is intended for CTF participants and beginners to help them understand web application vulnerability through examples. There are multiple ways to perform the same task. We have performed and compiled this list based on our experience.\n\nhttps://github.com/Ignitetechnologies/Web-Application-Cheatsheet\n\n\u200b\u200bCalico\n\nCalico is a widely adopted, battle-tested open source networking and network security solution for Kubernetes, virtual machines, and bare-metal workloads. Calico provides two major services for Cloud Native applications:\n\n\u25ab\ufe0f Network connectivity between workloads.\n\u25ab\ufe0f Network security policy enforcement between workloads.\n\nhttps://github.com/projectcalico/calico\n\n\u200b\u200bfofax\n\nfofax is a fofa query tool written in go, positioned as a command-line tool and characterized by simplicity and speed. \n\nThe following features are currently available:\n\u25ab\ufe0f Basic FOFA syntax queries\n\u25ab\ufe0f Icon Hash local/online calculation query\n\u25ab\ufe0f Asset filtering\n\u25ab\ufe0f Opening in browser\n\u25ab\ufe0f Linking other security tools\n\u25ab\ufe0f More (waiting for your feedback after using)\n\nIn addition to this it is possible to customize fx syntax queries, and users can write their own specific fx query rules via a configuration file in yaml format.\n\nhttps://github.com/xiecat/fofax\n\n\u200b\u200btls-scan\n\nAn Internet scale, blazing fast SSL/TLS scanner ( non-blocking, event-driven )\n\nA program to scan TLS based servers and collect X.509 certificates, ciphers and related information. It produces results in JSON format. tls-scan is a single threaded asynchronous/event-based program (powered by libevent) capable of concurrently scan thousands of TLS servers. It can be combined with other tools such as GNU parallel to vertically scale in multi-core machines.\n\nhttps://github.com/prbinu/tls-scan\n\n\u200b\u200bosinttools\n\nA collection of random #OSINT files.\n\nhttps://github.com/WebBreacher/osinttools\n\n\u200b\u200bdexios\n\nA secure file encryption utility, written in Rust.\n\nDexios will continue to receive updates. Things are stable for the time being and I consider none of the code broken. In the (somewhat) near future I plan to change the backend entirely and give the CLI a re-write, so that things are both easier to maintain and understand. This will regrettably not be backwards-compatible, but the performance improvements and stability guarantees will be extremely worthwhile.\n\nhttps://github.com/brxken128/dexios\n\nBTC:\nbc1q62lwma4r3w3klq4mcn5hys9nps5h40qmafrc8e\n\n#Tools\u00a0 \ud83d\udee0\ufe0f \ud835\udddb\ud835\uddee\ud835\uddf0\ud835\uddf8\ud835\uddf2\ud835\uddff\ud835\ude00 \ud835\uddd9\ud835\uddee\ud835\uddf0\ud835\ude01\ud835\uddfc\ud835\uddff\ud835\ude06\nwww.ghostclan.org", "creation_timestamp": "2023-02-23T08:39:34.000000Z"}, {"uuid": "1b6c7b16-5403-4c3e-a248-983af9a8763b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-28368", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/7755", "content": "#exploit\n1. CVE-2022-28368:\nDompdf <1.2.1 - RCE\nhttps://github.com/rvizx/CVE-2022-28368\n\n2. Exploiting a remote heap overflow with a custom TCP stack\nhttps://www.synacktiv.com/publications/exploiting-a-remote-heap-overflow-with-a-custom-tcp-stack.html", "creation_timestamp": "2023-02-15T11:03:01.000000Z"}, {"uuid": "5cce7d9b-b108-4afe-bd82-31a55056613f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-28368", "type": "seen", "source": "https://t.me/cibsecurity/40068", "content": "\u203c CVE-2022-28368 \u203c\n\nDompdf 1.2.1 allows remote code execution via a .php file in the src:url field of an @font-face Cascading Style Sheets (CSS) statement (within an HTML input file).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-03T07:21:14.000000Z"}]}