{"vulnerability": "CVE-2022-46718", "sightings": [{"uuid": "24506fa0-95a4-48de-90c5-d21ecfb05e81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-46718", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/2911", "content": "Tools - Hackers Factory \n\n\u200b\u200bctf-tools\n\nThis is a collection of setup scripts to create an install of various security research tools. Of course, this isn't a hard problem, but it's really nice to have them in one place that's easily deployable to new machines and so forth.\n\nhttps://github.com/zardus/ctf-tools\n\n#cybersecurity #infosec #ctf\n\n\u200b\u200bRESTler\n\nRESTler is the first stateful REST API fuzzing tool for automatically testing cloud services through their REST APIs and finding security and reliability bugs in these services.\n\nhttps://github.com/microsoft/restler-fuzzer\n\n#cybersecurity #infosec #pentesting\n\n\u200b\u200bCVE-2022-46718\n\niOS Vulnerability Exposes Sensitive Location Data.\n\nhttps://github.com/biscuitehh/cve-2022-46718-leaky-location\n\n#cve #cybersecurity #infosec\n\n\u200b\u200bBunkerWeb\n\nA web server based on the notorious NGINX and focused on security.\n\nhttps://github.com/bunkerity/bunkerweb\n\n#cybersecurity #infosec\n\n\u200b\u200bLAUREL\n\nLAUREL is an event post-processing plugin for auditd(8) that generates useful, enriched JSON-based audit logs suitable for modern security monitoring setups.\n\nhttps://github.com/threathunters-io/laurel\n\n#cybersecurity #infosec\n\n\u200b\u200bSecbench.js\n\nSecbench.js is the first benchmark suite of server-side JavaScript vulnerabilities. This benchmark consists of 600 publicly reported vulnerabilities curated from different advisory databases, such as Snyk, GitHub Advisories, and Huntr.dev.\n\nhttps://github.com/cristianstaicu/SecBench.js\n\n#infosec #pentesting #bugbounty\n\n\u200b\u200bCTFd\n\nA Capture The Flag framework focusing on ease of use and customizability. It comes with everything you need to run a CTF and it's easy to customize with plugins and themes.\n\nhttps://github.com/CTFd/CTFd\n\n#cybersecurity #infosec #ctf\n\n\u200b\u200bStackMask\n\nThis is a PoC of encrypting the stack prior to custom sleeping by leveraging CPU cycles. This is the code of the relevant blog post: Masking the Implant with Stack Encryption\n\nhttps://github.com/WKL-Sec/StackMask\n\n#infosec #pentesting #redteam\n\n\u200b\u200bETWHash\n\nA C# POC that is able to extract NetNTLMv2 hashes of incoming authentications via SMB, by consuming ETW events from the Microsoft-Windows-SMBServer provider {D48CE617-33A2-4BC3-A5C7-11AA4F29619E}\n\nhttps://github.com/nettitude/ETWHash\n\n#infosec #pentesting #redteam\n\n\u200b\u200bsh4d0wup\n\nSigning-key abuse and update exploitation framework.\n\nhttps://github.com/kpcyrd/sh4d0wup\n\n#cybersecurity #infosec\n\nhttps://t.me/dilagrafie\nhttps://t.me/HackerFactory", "creation_timestamp": "2023-05-05T15:01:04.000000Z"}, {"uuid": "1b3ccbae-f3d3-4356-863b-ad676592959a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-46718", "type": "published-proof-of-concept", "source": "Telegram/x32OgBFd0aCC92zk7eLPFbtruiIwizixl2f573m9-8FRL4U", "content": "", "creation_timestamp": "2023-07-09T19:53:04.000000Z"}, {"uuid": "4a1b1c69-50cd-441a-a669-060ee96039ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-46718", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8229", "content": "#exploit\n1. CVE-2022-46718:\niOS Vulnerability Exposes Sensitive Location Data\nhttps://github.com/biscuitehh/cve-2022-46718-leaky-location\n\n2. Fortigate 7.0.1 Stack Overflow\nhttps://packetstormsecurity.com/files/172082/Fortigate-7.0.1-Stack-Overflow.html\n]-> https://code610.blogspot.com/2023/04/fuzzing-fortigate-7.html", "creation_timestamp": "2023-05-03T13:26:14.000000Z"}]}