{"vulnerability": "CVE-2023-3235", "sightings": [{"uuid": "18bde1ed-389a-4ed3-820c-53fafbbbe010", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32353", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4519", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aProof of Concept Code for CVE-2023-32353: Local privilege escalation via iTunes in Windows\nURL\uff1ahttps://github.com/86x/CVE-2023-32353-PoC\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-06-08T21:01:19.000000Z"}, {"uuid": "b9272e3d-9557-4800-b607-f413abff697b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32353", "type": "published-proof-of-concept", "source": "https://t.me/cKure/11100", "content": "\u25a0\u25a0\u25a0\u25a0\u25a1 Proof of Concept Code for CVE-2023-32353: Local privilege escalation via iTunes in Windows.\n\nhttps://github.com/86x/CVE-2023-32353-PoC", "creation_timestamp": "2023-06-11T16:16:44.000000Z"}, {"uuid": "4ad1d083-3335-4285-90f6-6b9bd9e883c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32353", "type": "seen", "source": "https://t.me/ctinow/115444", "content": "https://ift.tt/2NzPAfp\nCyRC Vulnerability Advisory: CVE-2023-32353, Apple iTunes local privilege escalation on Windows", "creation_timestamp": "2023-06-01T18:26:48.000000Z"}, {"uuid": "3e5ccf6d-1020-480c-b371-39d8d425fc55", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32353", "type": "published-proof-of-concept", "source": "Telegram/Br2OpH7o_MWfREYUYid276mb8IdKTXovISPbJMRVK8IsJQ", "content": "", "creation_timestamp": "2023-06-09T06:58:31.000000Z"}, {"uuid": "215ca9cd-dd8c-40e6-bbef-a9301f3ca83a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3235", "type": "seen", "source": "https://t.me/arpsyndicate/2394", "content": "#ExploitObserverAlert\n\nCVE-2023-3235\n\nDESCRIPTION: Exploit Observer has 3 entries related to CVE-2023-3235. A vulnerability was found in mccms up to 2.6.5. It has been rated as critical. Affected by this issue is the function pic_api of the file sys/apps/controllers/admin/Comic.php. The manipulation of the argument url leads to server-side request forgery. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-231506 is the identifier assigned to this vulnerability.\n\nFIRST-EPSS: 0.000540000\nNVD-IS: 5.9\nNVD-ES: 2.8", "creation_timestamp": "2024-01-04T01:04:37.000000Z"}, {"uuid": "67e1bb71-457e-41d9-99cd-b9366a095f8d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32353", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3081", "content": "proXXy\n\nA super simple multithreaded proxy scraper; scraping & checking ~50k HTTP, HTTPS, SOCKS4, & SOCKS5 proxies.\n\nhttps://github.com/Atropa-Solanaceae/proXXy\n\n#privacy #infosec #pentesting\n\n\u200b\u200bCVE-2023-32353\n\nLocal privilege escalation via iTunes in Windows.\n\nhttps://github.com/86x/CVE-2023-32353-PoC\n\n#cve #cybersecurity #infosec\n\n\u200b\u200bZIP Domains\n\nWelcome to our project dedicated to providing up-to-date data on newly registered .zip domains. With the recent introduction of the .zip top-level domain (TLD) by Google, concerns have arisen within the community regarding potential attack vectors associated with this TLD. To address these concerns and ensure the safety of internet users, we have initiated this workflow aimed at gathering comprehensive information about .zip domains as they are registered.\n\nhttps://github.com/trickest/zip\n\n#cybersecurity #infosec\n\n\u200b\u200bDCMB\n\nDont Call Me Back - Dynamic kernel callback resolver.\n\nhttps://github.com/GetRektBoy724/DCMB\n\n#cybersecurity #infosec\n\n\u200b\u200bThreat hunting/detecting using KQL queries\n\nA repository of KQL queries focused on threat hunting and threat detecting for Microsoft Sentinel & Microsoft 365 Defender.\n\nhttps://github.com/cyb3rmik3/KQL-threat-hunting-queries\n\n#cybersecurity #infosec\n\n\u200b\u200bBanshee\n\nExperimental Windows x64 Kernel Rootkit.\n\nhttps://github.com/eversinc33/Banshee\n\n#infosec #pentesting #redteam\n\n\u200b\u200bKRBTGS \n\nA post-exploitation option for #CobaltStrike to retrieve a working TGT for the current user that Beacon is running as, or impersonating.\n\nhttps://github.com/realoriginal/krbtgs\n\n#infosec #pentesting #redteam\n\n\u200b\u200bhorQRux\n\nBy splitting a #QR code into 7 fragments, we may physically split and distribute a #secret into the real world. For example by printing the QR fragments onto transparent paper and handing them out to multiple people.\n\nhttps://github.com/jzck/horqrux\n\n\u200b\u200bRansomware Map\n\nMap tracking #ransomware ecosystem, by OCD World Watch team.\n\nhttps://github.com/cert-orangecyberdefense/ransomware_map\n\n#cybersecurity #infosec\n\n\u200b\u200bNekoClient\n\nIt appears that the attacker behind CurseForge's June 2023 malware incident posted a deobfuscated version of their malware by accident.\n\nhttps://github.com/clrxbl/NekoClient\n\n#infosec #pentesting #redteam\n\n\u200b\u200bNODESUB\n\nA command-line tool for finding subdomains in bug bounty programs. It supports various subdomain enumeration techniques and provides flexible options for customization.\n\nhttps://github.com/pikpikcu/nodesub\n\n#infosec #pentesting #bugbounty\n\n\u200b\u200bOSINT-SPY \n\nPerforms #OSINT scan on email/domain/ip_address/organization using OSINT-SPY. It can be used by Data Miners, Infosec Researchers, Penetration Testers and cyber crime investigator in order to find deep information about their target.\n\nhttps://github.com/SharadKumar97/OSINT-SPY\n\n#cybersecurity #infosec #pentesting\n\n\u200b\u200bPhoneInfoga\n\nInformation gathering framework for phone numbers.\n\nhttps://github.com/sundowndev/PhoneInfoga\n\n#OSINT #infosec #recon #best\n\n\u200b\u200bmsa-exploit-checker\n\nPoC and checker tool to detect if \"The Exploit\" for Microsoft accounts is enabled.\n\nhttps://github.com/george/msa-exploit-checker\n\n#cybersecurity #infosec\n\n\u200b\u200bHiphp\n\nFree & Open source project for create a BackDoor to control PHP-based sites.\n\nhttps://github.com/yasserbdj96/hiphp\n\n#infosec #pentesting #redteam\n\n\u200b\u200bDavRelayUp\n\nA universal no-fix local privilege escalation in domain-joined windows workstations where LDAP signing is not enforced (the default settings).\n\nhttps://github.com/yasserbdj96/hiphp\n\n#infosec #pentesting #redteam\n\n\u200b\u200bTor\n\nA python based module for using tor proxy/network services on windows, osx, linux with just one click.\n\nhttps://github.com/r0oth3x49/Tor\n\n#cybersecurity #infosec #privacy\n\n\u200b\u200bArts Of Get System\n\nThis directory is for PoCs to help learning how to get SYSTEM privilege.\n\nhttps://github.com/daem0nc0re/PrivFu/tree/main/ArtsOfGetSystem\n\n#infosec #pentesting #redteam\n\nhttps://t.me/dilagrafie\n\n\u200b\u200b2/2", "creation_timestamp": "2023-06-10T08:16:32.000000Z"}, {"uuid": "8cf89a87-f33c-40f3-a395-9d9424351d93", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32353", "type": "published-proof-of-concept", "source": "Telegram/rCarOi-YjRnRDdR4NG12l7T6GA2cIqRGl9VZtl-tMCbYfw", "content": "", "creation_timestamp": "2023-06-10T21:53:44.000000Z"}, {"uuid": "35eb5a08-3bfe-4e18-9c38-ea760abb856f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32353", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/3647", "content": "\ud83d\udda5Database:\n\n\ud83d\udd31Leak shop_goldheart_com : https://system32.ink/d/leak-shop-goldheart-com/\n\n\ud83d\udd31Leak bazar365_com : https://system32.ink/d/leak-bazar365-com/\n\n\ud83d\udd31Leak bananedu_com : https://system32.ink/d/leak-bananedu-com/\n\n\ud83d\udd31Leak clubmaster_com : https://system32.ink/d/leak-clubmaster-com/\n\n\ud83d\udd31Leak leroymerlin_fr : https://system32.ink/d/leak-leroymerlin-fr/\n\n\ud83d\udd31Leak kprayrada_gov_ua : https://system32.ink/d/leak-kprayrada-gov-ua/\n\n\ud83d\udd31Leak kamrairada_gov_ua : https://system32.ink/d/leak-kamrairada-gov-ua/\n\n\ud83d\udda5Tools:\n\n\ud83d\udd31FSUntether \u2013 is a Fucking Simple Untethered code execution PoC for iOS 15,16,17 : https://system32.ink/d/fsuntether-is-a-fucking-simple-untethered-code-execution-poc-for-ios-151617/\n\n\ud83d\udda5POCs:\n\n\ud83d\udd31CVE-2023-32353: Local privilege escalation via iTunes in Windows : https://system32.ink/d/cve-2023-32353-local-privilege-escalation-via-itunes-in-windows/\n\n@crackcodes | (crackcodes.in)", "creation_timestamp": "2023-06-10T05:47:13.000000Z"}, {"uuid": "8642fd44-680d-4d21-af54-c8024911d1b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32353", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/3640", "content": "\ud83d\udda5Database:\n\n\ud83d\udd31leak of the airline Lnea A\u00e9rea Amaszonas S.A. : https://system32.ink/d/leak-of-the-airline-lnea-aerea-amaszonas-s-a/\n\n\ud83d\udd31Leak solicitudesglpi(.)dnsalias(.)net : https://system32.ink/d/leak-solicitudesglpi-dnsalias-net/\n\n\ud83d\udd31Leak goldstockcanada(.)com : https://system32.ink/d/leak-goldstockcanada-com/\n\n\ud83d\udd31Leak realtimetopup(.)com : https://system32.ink/d/leak-realtimetopup-com/\n\n\ud83d\udda5Tools:\n\n\ud83d\udd31UTopia is a tool for automatically generating fuzz drivers : https://system32.ink/d/utopia-is-a-tool-for-automatically-generating-fuzz-drivers/\n\n\ud83d\udd31Instagram-Lookup : https://system32.ink/d/instagram-lookup/\n\n\ud83d\udda5Exploit:\n\n\ud83d\udd31libssh CVE-2023-2283 POC exploit : https://system32.ink/d/libssh-cve-2023-2283-poc-exploit/\n\n\ud83d\udd31CVE-2023-29336 Win32k Privilege Escalation Vulnerability with PoC : https://system32.ink/d/cve-2023-29336-win32k-privilege-escalation-vulnerability-with-poc/\n\n\ud83d\udd31CVE-2023-32353 PoC Exploit : https://system32.ink/d/cve-2023-32353-poc-exploit/\n\n@crackcodes crackcodes.in", "creation_timestamp": "2023-06-09T06:57:28.000000Z"}, {"uuid": "07c3a284-8c56-4c7b-a541-c5c469060fce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32353", "type": "published-proof-of-concept", "source": "Telegram/mFDFDbzjVCtSLc2s1lv1Bps3rXI1qyoKP1ZOuqA1ruijF6w", "content": "", "creation_timestamp": "2023-06-12T21:13:08.000000Z"}, {"uuid": "175e75d0-a6bd-4687-92b4-ebc64328a92e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32353", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/631", "content": "https://github.com/86x/CVE-2023-32353-PoC\n#github", "creation_timestamp": "2023-06-09T10:14:58.000000Z"}, {"uuid": "fd68328d-26d4-4ab2-a499-02a09f3cd346", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32358", "type": "seen", "source": "https://t.me/cibsecurity/68511", "content": "\u203c CVE-2023-32358 \u203c\n\nA type confusion issue was addressed with improved checks. This issue is fixed in iOS 16.4 and iPadOS 16.4, macOS Ventura 13.3. Processing web content may lead to arbitrary code execution.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-15T02:19:58.000000Z"}, {"uuid": "2255dbdf-ec50-433b-889f-6bceb81238c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32350", "type": "seen", "source": "https://t.me/cibsecurity/64548", "content": "\u203c CVE-2023-32350 \u203c\n\nVersions 00.07.00 through 00.07.03 of Teltonika\u00e2\u20ac\u2122s RUT router firmware contain an operating system (OS) command injection vulnerability in a Lua service. An attacker could exploit a parameter in the vulnerable function that calls a user-provided package name by instead providing a package with a malicious name that contains an OS command injection payload.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-22T20:25:36.000000Z"}, {"uuid": "05edb4e7-6f7e-4123-8787-c54df4529706", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32353", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8462", "content": "#exploit\n1. CVE-2023-0630:\nSlimstat Analytics <4.9.3 - Subscriber + SQL Injection\nhttps://github.com/RandomRobbieBF/CVE-2023-0630\n\n2. CVE-2023-32353:\nLPE via iTunes in Windows\nhttps://github.com/86x/CVE-2023-32353-PoC\n\n3. Arbitrary File Delete/EoP through Operating System Check of HP Support Assistant\nhttps://github.com/sp3arm4n/Stolen-CVE-2022", "creation_timestamp": "2024-05-25T04:21:50.000000Z"}]}