{"vulnerability": "CVE-2023-32353", "sightings": [{"uuid": "b9272e3d-9557-4800-b607-f413abff697b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32353", "type": "published-proof-of-concept", "source": "https://t.me/cKure/11100", "content": "\u25a0\u25a0\u25a0\u25a0\u25a1 Proof of Concept Code for CVE-2023-32353: Local privilege escalation via iTunes in Windows.\n\nhttps://github.com/86x/CVE-2023-32353-PoC", "creation_timestamp": "2023-06-11T16:16:44.000000Z"}, {"uuid": "18bde1ed-389a-4ed3-820c-53fafbbbe010", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32353", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4519", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aProof of Concept Code for CVE-2023-32353: Local privilege escalation via iTunes in Windows\nURL\uff1ahttps://github.com/86x/CVE-2023-32353-PoC\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-06-08T21:01:19.000000Z"}, {"uuid": "4ad1d083-3335-4285-90f6-6b9bd9e883c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32353", "type": "seen", "source": "https://t.me/ctinow/115444", "content": "https://ift.tt/2NzPAfp\nCyRC Vulnerability Advisory: CVE-2023-32353, Apple iTunes local privilege escalation on Windows", "creation_timestamp": "2023-06-01T18:26:48.000000Z"}, {"uuid": "05edb4e7-6f7e-4123-8787-c54df4529706", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32353", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8462", "content": "#exploit\n1. CVE-2023-0630:\nSlimstat Analytics <4.9.3 - Subscriber + SQL Injection\nhttps://github.com/RandomRobbieBF/CVE-2023-0630\n\n2. CVE-2023-32353:\nLPE via iTunes in Windows\nhttps://github.com/86x/CVE-2023-32353-PoC\n\n3. Arbitrary File Delete/EoP through Operating System Check of HP Support Assistant\nhttps://github.com/sp3arm4n/Stolen-CVE-2022", "creation_timestamp": "2024-05-25T04:21:50.000000Z"}, {"uuid": "67e1bb71-457e-41d9-99cd-b9366a095f8d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32353", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3081", "content": "proXXy\n\nA super simple multithreaded proxy scraper; scraping & checking ~50k HTTP, HTTPS, SOCKS4, & SOCKS5 proxies.\n\nhttps://github.com/Atropa-Solanaceae/proXXy\n\n#privacy #infosec #pentesting\n\n\u200b\u200bCVE-2023-32353\n\nLocal privilege escalation via iTunes in Windows.\n\nhttps://github.com/86x/CVE-2023-32353-PoC\n\n#cve #cybersecurity #infosec\n\n\u200b\u200bZIP Domains\n\nWelcome to our project dedicated to providing up-to-date data on newly registered .zip domains. With the recent introduction of the .zip top-level domain (TLD) by Google, concerns have arisen within the community regarding potential attack vectors associated with this TLD. To address these concerns and ensure the safety of internet users, we have initiated this workflow aimed at gathering comprehensive information about .zip domains as they are registered.\n\nhttps://github.com/trickest/zip\n\n#cybersecurity #infosec\n\n\u200b\u200bDCMB\n\nDont Call Me Back - Dynamic kernel callback resolver.\n\nhttps://github.com/GetRektBoy724/DCMB\n\n#cybersecurity #infosec\n\n\u200b\u200bThreat hunting/detecting using KQL queries\n\nA repository of KQL queries focused on threat hunting and threat detecting for Microsoft Sentinel & Microsoft 365 Defender.\n\nhttps://github.com/cyb3rmik3/KQL-threat-hunting-queries\n\n#cybersecurity #infosec\n\n\u200b\u200bBanshee\n\nExperimental Windows x64 Kernel Rootkit.\n\nhttps://github.com/eversinc33/Banshee\n\n#infosec #pentesting #redteam\n\n\u200b\u200bKRBTGS \n\nA post-exploitation option for #CobaltStrike to retrieve a working TGT for the current user that Beacon is running as, or impersonating.\n\nhttps://github.com/realoriginal/krbtgs\n\n#infosec #pentesting #redteam\n\n\u200b\u200bhorQRux\n\nBy splitting a #QR code into 7 fragments, we may physically split and distribute a #secret into the real world. For example by printing the QR fragments onto transparent paper and handing them out to multiple people.\n\nhttps://github.com/jzck/horqrux\n\n\u200b\u200bRansomware Map\n\nMap tracking #ransomware ecosystem, by OCD World Watch team.\n\nhttps://github.com/cert-orangecyberdefense/ransomware_map\n\n#cybersecurity #infosec\n\n\u200b\u200bNekoClient\n\nIt appears that the attacker behind CurseForge's June 2023 malware incident posted a deobfuscated version of their malware by accident.\n\nhttps://github.com/clrxbl/NekoClient\n\n#infosec #pentesting #redteam\n\n\u200b\u200bNODESUB\n\nA command-line tool for finding subdomains in bug bounty programs. It supports various subdomain enumeration techniques and provides flexible options for customization.\n\nhttps://github.com/pikpikcu/nodesub\n\n#infosec #pentesting #bugbounty\n\n\u200b\u200bOSINT-SPY \n\nPerforms #OSINT scan on email/domain/ip_address/organization using OSINT-SPY. It can be used by Data Miners, Infosec Researchers, Penetration Testers and cyber crime investigator in order to find deep information about their target.\n\nhttps://github.com/SharadKumar97/OSINT-SPY\n\n#cybersecurity #infosec #pentesting\n\n\u200b\u200bPhoneInfoga\n\nInformation gathering framework for phone numbers.\n\nhttps://github.com/sundowndev/PhoneInfoga\n\n#OSINT #infosec #recon #best\n\n\u200b\u200bmsa-exploit-checker\n\nPoC and checker tool to detect if \"The Exploit\" for Microsoft accounts is enabled.\n\nhttps://github.com/george/msa-exploit-checker\n\n#cybersecurity #infosec\n\n\u200b\u200bHiphp\n\nFree & Open source project for create a BackDoor to control PHP-based sites.\n\nhttps://github.com/yasserbdj96/hiphp\n\n#infosec #pentesting #redteam\n\n\u200b\u200bDavRelayUp\n\nA universal no-fix local privilege escalation in domain-joined windows workstations where LDAP signing is not enforced (the default settings).\n\nhttps://github.com/yasserbdj96/hiphp\n\n#infosec #pentesting #redteam\n\n\u200b\u200bTor\n\nA python based module for using tor proxy/network services on windows, osx, linux with just one click.\n\nhttps://github.com/r0oth3x49/Tor\n\n#cybersecurity #infosec #privacy\n\n\u200b\u200bArts Of Get System\n\nThis directory is for PoCs to help learning how to get SYSTEM privilege.\n\nhttps://github.com/daem0nc0re/PrivFu/tree/main/ArtsOfGetSystem\n\n#infosec #pentesting #redteam\n\nhttps://t.me/dilagrafie\n\n\u200b\u200b2/2", "creation_timestamp": "2023-06-10T08:16:32.000000Z"}, {"uuid": "8642fd44-680d-4d21-af54-c8024911d1b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32353", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/3640", "content": "\ud83d\udda5Database:\n\n\ud83d\udd31leak of the airline Lnea A\u00e9rea Amaszonas S.A. : https://system32.ink/d/leak-of-the-airline-lnea-aerea-amaszonas-s-a/\n\n\ud83d\udd31Leak solicitudesglpi(.)dnsalias(.)net : https://system32.ink/d/leak-solicitudesglpi-dnsalias-net/\n\n\ud83d\udd31Leak goldstockcanada(.)com : https://system32.ink/d/leak-goldstockcanada-com/\n\n\ud83d\udd31Leak realtimetopup(.)com : https://system32.ink/d/leak-realtimetopup-com/\n\n\ud83d\udda5Tools:\n\n\ud83d\udd31UTopia is a tool for automatically generating fuzz drivers : https://system32.ink/d/utopia-is-a-tool-for-automatically-generating-fuzz-drivers/\n\n\ud83d\udd31Instagram-Lookup : https://system32.ink/d/instagram-lookup/\n\n\ud83d\udda5Exploit:\n\n\ud83d\udd31libssh CVE-2023-2283 POC exploit : https://system32.ink/d/libssh-cve-2023-2283-poc-exploit/\n\n\ud83d\udd31CVE-2023-29336 Win32k Privilege Escalation Vulnerability with PoC : https://system32.ink/d/cve-2023-29336-win32k-privilege-escalation-vulnerability-with-poc/\n\n\ud83d\udd31CVE-2023-32353 PoC Exploit : https://system32.ink/d/cve-2023-32353-poc-exploit/\n\n@crackcodes crackcodes.in", "creation_timestamp": "2023-06-09T06:57:28.000000Z"}, {"uuid": "07c3a284-8c56-4c7b-a541-c5c469060fce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32353", "type": "published-proof-of-concept", "source": "Telegram/mFDFDbzjVCtSLc2s1lv1Bps3rXI1qyoKP1ZOuqA1ruijF6w", "content": "", "creation_timestamp": "2023-06-12T21:13:08.000000Z"}, {"uuid": "175e75d0-a6bd-4687-92b4-ebc64328a92e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32353", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/631", "content": "https://github.com/86x/CVE-2023-32353-PoC\n#github", "creation_timestamp": "2023-06-09T10:14:58.000000Z"}, {"uuid": "3e5ccf6d-1020-480c-b371-39d8d425fc55", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32353", "type": "published-proof-of-concept", "source": "Telegram/Br2OpH7o_MWfREYUYid276mb8IdKTXovISPbJMRVK8IsJQ", "content": "", "creation_timestamp": "2023-06-09T06:58:31.000000Z"}, {"uuid": "8cf89a87-f33c-40f3-a395-9d9424351d93", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32353", "type": "published-proof-of-concept", "source": "Telegram/rCarOi-YjRnRDdR4NG12l7T6GA2cIqRGl9VZtl-tMCbYfw", "content": "", "creation_timestamp": "2023-06-10T21:53:44.000000Z"}, {"uuid": "35eb5a08-3bfe-4e18-9c38-ea760abb856f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32353", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/3647", "content": "\ud83d\udda5Database:\n\n\ud83d\udd31Leak shop_goldheart_com : https://system32.ink/d/leak-shop-goldheart-com/\n\n\ud83d\udd31Leak bazar365_com : https://system32.ink/d/leak-bazar365-com/\n\n\ud83d\udd31Leak bananedu_com : https://system32.ink/d/leak-bananedu-com/\n\n\ud83d\udd31Leak clubmaster_com : https://system32.ink/d/leak-clubmaster-com/\n\n\ud83d\udd31Leak leroymerlin_fr : https://system32.ink/d/leak-leroymerlin-fr/\n\n\ud83d\udd31Leak kprayrada_gov_ua : https://system32.ink/d/leak-kprayrada-gov-ua/\n\n\ud83d\udd31Leak kamrairada_gov_ua : https://system32.ink/d/leak-kamrairada-gov-ua/\n\n\ud83d\udda5Tools:\n\n\ud83d\udd31FSUntether \u2013 is a Fucking Simple Untethered code execution PoC for iOS 15,16,17 : https://system32.ink/d/fsuntether-is-a-fucking-simple-untethered-code-execution-poc-for-ios-151617/\n\n\ud83d\udda5POCs:\n\n\ud83d\udd31CVE-2023-32353: Local privilege escalation via iTunes in Windows : https://system32.ink/d/cve-2023-32353-local-privilege-escalation-via-itunes-in-windows/\n\n@crackcodes | (crackcodes.in)", "creation_timestamp": "2023-06-10T05:47:13.000000Z"}]}