{"vulnerability": "CVE-2023-21939", "sightings": [{"uuid": "58975857-6bca-460b-bcc4-11f05a6670d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21939", "type": "seen", "source": "https://gist.github.com/juank704/8c144f4ae0004f19892c23b19deca658", "content": "", "creation_timestamp": "2025-03-03T15:40:30.000000Z"}, {"uuid": "08864b34-78b0-44c9-a8fd-3f63bf940b7f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21939", "type": "published-proof-of-concept", "source": "Telegram/4_4xyXQTaUbA-YsFB59E5SAxyU6CIetp1U4BNxeizjZ9FQ", "content": "", "creation_timestamp": "2023-08-28T07:37:04.000000Z"}, {"uuid": "e8f455bb-e6ac-448c-8a7e-4248cc2daba1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21939", "type": "published-proof-of-concept", "source": "https://t.me/Shade_Black_Hacker/687", "content": "\ud83e\ude85MIDHCO Data Leak : https://system32.ink/midhco-data-leak/\n\n\ud83d\udcdfNtRemoteLoad \u2013 Remote Shellcode Injector : https://system32.ink/ntremoteload-remote-shellcode-injector/\n\n\ud83d\udc00TelegramRAT : https://system32.ink/telegramrat/\n\n\ud83e\uddeeCVE-2023-38831 Winrar Exploit Generator : https://system32.ink/cve-2023-38831-winrar-exploit-generator/\n\n\ud83d\udc7eCVE-2023-39063 Poc : https://system32.ink/cve-2023-39063-poc/\n\n\ud83e\udeacJupiterX Core Premium Plugin Mass Exploit \u2013 CVE-2023-38388 : https://system32.ink/jupiterx-core-premium-plugin-mass-exploit-cve-2023-38388/\n\n\ud83d\udcefJDK CVE-2023-21939 POC : https://system32.ink/jdk-cve-2023-21939-poc/", "creation_timestamp": "2023-09-30T20:01:41.000000Z"}, {"uuid": "ae6bacab-e25f-4274-840e-cd066590d752", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21939", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4992", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aJDK CVE-2023-21939\nURL\uff1ahttps://github.com/Y4Sec-Team/CVE-2023-21939\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-08-26T07:03:36.000000Z"}, {"uuid": "7f95db86-61e0-4855-927f-0ddaf983e61c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21939", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/4212", "content": "\ud83e\ude85MIDHCO Data Leak : https://system32.ink/midhco-data-leak/\n\n\ud83d\udcdfNtRemoteLoad \u2013 Remote Shellcode Injector : https://system32.ink/ntremoteload-remote-shellcode-injector/\n\n\ud83d\udc00TelegramRAT : https://system32.ink/telegramrat/\n\n\ud83e\uddeeCVE-2023-38831 Winrar Exploit Generator : https://system32.ink/cve-2023-38831-winrar-exploit-generator/\n\n\ud83d\udc7eCVE-2023-39063 Poc : https://system32.ink/cve-2023-39063-poc/\n\n\ud83e\udeacJupiterX Core Premium Plugin Mass Exploit \u2013 CVE-2023-38388 : https://system32.ink/jupiterx-core-premium-plugin-mass-exploit-cve-2023-38388/\n\n\ud83d\udcefJDK CVE-2023-21939 POC : https://system32.ink/jdk-cve-2023-21939-poc/", "creation_timestamp": "2023-08-28T07:49:18.000000Z"}, {"uuid": "2184d102-b880-466a-a8f8-9c709cec1dc9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21939", "type": "published-proof-of-concept", "source": "Telegram/Hl-xhae5gWXK7tw2HlsQ48dSVuT7dVcXsNReL7eVRTh3eA", "content": "", "creation_timestamp": "2023-09-06T15:34:58.000000Z"}, {"uuid": "274a3fdc-47c2-4413-af01-0a81b37f1c67", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21939", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3172", "content": "Hackers Factory \n\n\"waf-bypass-maker/waf-community-bypasses\"\n\nhttps://github.com/waf-bypass-maker/waf-community-bypasses\n\nCross Platform Telegram based RAT that communicates via telegram to evade network restrictions\n\nhttps://github.com/machine1337/TelegramRAT\n\nA CLI utility to find domain's known subdomains from curated passive online sources.\n\nhttps://github.com/hueristiq/xsubfind3r\n\nAD_Enumeration_Hunt\n\nAD Pentesting Toolkit! This repository contains a collection of PowerShell scripts and commands that can be used for Active Directory (AD) penetration testing and security assessment.\n\nhttps://github.com/alperenugurlu/AD_Enumeration_Hunt\n\nThe MSSqlPwner tool empowers ethical hackers and security professionals to conduct comprehensive security assessments on MSSQL environments.\n\nhttps://github.com/ScorpionesLabs/MSSqlPwner\n\nDNSWatch - DNS Traffic Sniffer and Analyzer\n\nhttps://github.com/HalilDeniz/DNSWatch\n\nPython based tool to extract forensic info from EventTranscript.db (Windows Diagnostic Data)\n\nhttps://github.com/stuxnet999/EventTranscriptParser\n\nICS attack simulator for the Tennessee Eastman Process. From the NDSS 2024 paper: \"Attributions for ML-based ICS anomaly detection: From theory to practice\"\n\nhttps://github.com/pwwl/tep-attack-simulator\n\nCVE-2023-21939\n\nVulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Swing).\n\nhttps://gist.github.com/win3zz/308c6567e38e096c7071d3564ef164ad\n\nUnderstanding WinRAR Code Execution Vulnerability (CVE-2023-38831)\n\nhttps://github.com/knight0x07/WinRAR-Code-Execution-Vulnerability-CVE-2023-38831\n\nautomatically tests prompt injection attacks on ChatGPT instances\n\nhttps://github.com/utkusen/promptmap\n\n#infosec #cybersecurity #hackersfactory \n\nhttps://t.me/dilagrafie", "creation_timestamp": "2023-08-30T13:46:02.000000Z"}, {"uuid": "7b610207-8e9f-4653-bd7e-102a802763d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21939", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3171", "content": "Hackers Factory \n\nRun PowerShell command without invoking powershell.exe\n\nhttps://github.com/Mr-Un1k0d3r/PowerLessShell\n\nOSCP 2023 Preparation Guide | Courses, Tricks, Tutorials, Exercises, Machines\n\nhttps://github.com/rodolfomarianocy/OSCP-Tricks-2023\n\nCVE-2023-41080\n\nApache Tomcat FORM Authentication redirect\n\nhttps://github.com/shiomiyan/CVE-2023-41080\n\nJDK CVE-2023-21939\n\nhttps://github.com/Y4Sec-Team/CVE-2023-21939\n\nA high-performance, parallel, compilation-based symbolic execution engine\n\nhttps://github.com/Generative-Program-Analysis/GenSym\n\nCVE-2023-38831 winrar exploit generator\n\nhttps://github.com/b1tg/CVE-2023-38831-winrar-exploit\n\nThis lightweight C# demo application showcases interactive remote shell access via named pipes and the SMB protocol.\n\nhttps://github.com/DarkCoderSc/SharpShellPipe\n\nApple BLE proximity pairing message spoofing\n\nhttps://github.com/ECTO-1A/AppleJuice\n\nAssociated-Threat-Analyzer detects malicious IPv4 addresses and domain names associated with your web application using local malicious domain and IPv4 lists.\n\nhttps://github.com/OsmanKandemir/associated-threat-analyzer\n\nIvanti Sentry CVE-2023-38035\n\nhttps://github.com/horizon3ai/CVE-2023-38035\n\n#infosec #cybersecurity #hackersfactory \n\nhttps://t.me/dilagrafie", "creation_timestamp": "2023-08-29T14:27:53.000000Z"}, {"uuid": "74379353-9f81-4530-85f7-4e5997400f4f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21939", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/4263", "content": "\ud83e\ude85MIDHCO Data Leak : https://system32.ink/midhco-data-leak/\n\n\ud83d\udcdfNtRemoteLoad \u2013 Remote Shellcode Injector : https://system32.ink/ntremoteload-remote-shellcode-injector/\n\n\ud83d\udc00TelegramRAT : https://system32.ink/telegramrat/\n\n\ud83e\uddeeCVE-2023-38831 Winrar Exploit Generator : https://system32.ink/cve-2023-38831-winrar-exploit-generator/\n\n\ud83d\udc7eCVE-2023-39063 Poc : https://system32.ink/cve-2023-39063-poc/\n\n\ud83e\udeacJupiterX Core Premium Plugin Mass Exploit \u2013 CVE-2023-38388 : https://system32.ink/jupiterx-core-premium-plugin-mass-exploit-cve-2023-38388/\n\n\ud83d\udcefJDK CVE-2023-21939 POC : https://system32.ink/jdk-cve-2023-21939-poc/", "creation_timestamp": "2023-09-06T18:21:21.000000Z"}, {"uuid": "647297b7-a9ea-4567-bf8d-2f0782a92fc3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21939", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/4217", "content": "\ud83e\ude85MIDHCO Data Leak : https://system32.ink/midhco-data-leak/\n\n\ud83d\udcdfNtRemoteLoad \u2013 Remote Shellcode Injector : https://system32.ink/ntremoteload-remote-shellcode-injector/\n\n\ud83d\udc00TelegramRAT : https://system32.ink/telegramrat/\n\n\ud83e\uddeeCVE-2023-38831 Winrar Exploit Generator : https://system32.ink/cve-2023-38831-winrar-exploit-generator/\n\n\ud83d\udc7eCVE-2023-39063 Poc : https://system32.ink/cve-2023-39063-poc/\n\n\ud83e\udeacJupiterX Core Premium Plugin Mass Exploit \u2013 CVE-2023-38388 : https://system32.ink/jupiterx-core-premium-plugin-mass-exploit-cve-2023-38388/\n\n\ud83d\udcefJDK CVE-2023-21939 POC : https://system32.ink/jdk-cve-2023-21939-poc/", "creation_timestamp": "2023-08-29T06:55:55.000000Z"}, {"uuid": "fe5cfafb-e864-43f4-97ed-154bd9a6b65f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21939", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8919", "content": "#exploit\n1. CVE-2023-21939:\nOracle Java SE Vulnerability\nhttps://github.com/Y4Sec-Team/CVE-2023-21939\n\n2. CVE-2023-38388:\nJupiterX Core Premium Plugin - unrestricted upload\nhttps://github.com/codeb0ss/CVE-2023-38388", "creation_timestamp": "2023-08-26T21:07:12.000000Z"}]}