{"vulnerability": "CVE-2023-36424", "sightings": [{"uuid": "7bff7169-adae-4ac6-a2fd-422e71eadc19", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36424", "type": "seen", "source": "https://gist.github.com/stone776/3d08ecfe13c93ecafaa4d45bb1ff7634", "content": "", "creation_timestamp": "2026-04-14T14:13:46.000000Z"}, {"uuid": "bc843260-1383-49fa-8734-b69766a4164a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36424", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3mjibqcn4nv23", "content": "", "creation_timestamp": "2026-04-14T21:03:03.980728Z"}, {"uuid": "52fc2435-35d8-470d-bed8-76c485225bb2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36424", "type": "seen", "source": "https://bsky.app/profile/blackhatnews.tokyo/post/3mjgzlauwzb2j", "content": "", "creation_timestamp": "2026-04-14T09:04:20.146529Z"}, {"uuid": "cc56f19f-fc37-4e2e-9476-fabebe37acc5", "vulnerability_lookup_origin": "405284c2-e461-4670-8979-7fd2c9755a60", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2023-36424", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/6059aa7b-b7b7-45d5-a648-bfb52964a0ff", "content": "", "creation_timestamp": "2026-04-13T18:00:03.091265Z"}, {"uuid": "ed1b567b-dc22-4f09-a7cc-0d7de5d19e96", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36424", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/6244766", "content": "", "creation_timestamp": "2026-04-13T18:07:27.752233Z"}, {"uuid": "a8f9a6a9-320c-44a3-981d-6b62e61e546a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36424", "type": "seen", "source": "https://infosec.exchange/users/AAKL/statuses/116399043810586963", "content": "", "creation_timestamp": "2026-04-13T19:27:37.375875Z"}, {"uuid": "efd2965e-7f1e-4adb-b348-b79c2be9f8e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36424", "type": "published-proof-of-concept", "source": "https://t.me/CyberDilara/310", "content": "Tools - Hackers Factory\n\nGitHub - Nassim-Asrir/CVE-2023-36424: Windows Kernel Pool (clfs.sys) Corruption Privilege Escalation\n\nhttps://github.com/Nassim-Asrir/CVE-2023-36424\n\nGitHub - umutcamliyurt/PingRAT: PingRAT secretly passes C2 traffic through firewalls using ICMP payloads.\n\nhttps://github.com/umutcamliyurt/PingRAT\n\nGitHub - Notselwyn/CVE-2024-1086: Universal local privilege escalation Proof-of-Concept exploit for CVE-2024-1086, working on most Linux kernels between v5.14 and v6.6, including Debian, Ubuntu, and KernelCTF. The success rate is 99.4%\n\nhttps://github.com/Notselwyn/CVE-2024-1086\n\nAnother one in the eBPF game -> Kernel-based Process Monitoring on Linux Endpoints for File System, TCP and UDP Networking Events and optionally DNS and HTTP Application Messages via eBPF Subsystem\n\nhttps://github.com/tarsal-oss/kflowd\n\nGitHub - N0rz3/Phunter: Phunter is an osint tool allowing you to find various information via a phone number\n\nhttps://github.com/N0rz3/Phunter\n\nGitHub - jaykali/maskphish: Introducing \"URL Making Technology\" to the world for the very FIRST TIME. Give a Mask to Phishing URL like a PRO.. A MUST have tool for Phishing.\n\nhttps://github.com/jaykali/maskphish\n\nGitHub - dchrastil/ScrapedIn: A tool to scrape LinkedIn without API restrictions for data reconnaissance\n\nhttps://github.com/dchrastil/ScrapedIn\n\nGitHub - mishakorzik/UserFinder: OSINT tool for finding profiles by username\n\nhttps://github.com/mishakorzik/UserFinder\n\nGitHub - PawanOsman/ChatGPT: OpenAI API Free Reverse Proxy\n\nhttps://github.com/PawanOsman/ChatGPT\n\nGitHub - Sk1dr0wz/Shodan_Scrapper\n\nhttps://github.com/Sk1dr0wz/Shodan_Scrapper\n\n#HackersFactory\nhttps://t.me/dilagrafie", "creation_timestamp": "2024-07-01T16:40:06.000000Z"}, {"uuid": "e4bde192-55c2-4b09-9cec-53096a0c679a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36424", "type": "published-proof-of-concept", "source": "https://t.me/tengkorakcybercrewz/4359", "content": "Tools - Hackers Factory\n\nResources for Mobile Application Testing\n\nhttps://github.com/0xSojalSec/Mobile-Application-Security\n\nCVE-2024-1212: Unauthenticated remote attackers can access the system through the LoadMaster management interface, enabling arbitrary system command execution.\n\nhttps://github.com/Chocapikk/CVE-2024-1212\n\nbug_bounty_scripts\n/firebase-scanner.py\n\nhttps://github.com/geeknik/bug_bounty_scripts/blob/main/firebase-scanner.py\n\nIndirect syscalls + DInvoke made simple.\n\nhttps://github.com/nbaertsch/nimvoke\n\nWindows Kernel Pool (clfs.sys) Corruption Privilege Escalation\n\nhttps://github.com/Nassim-Asrir/CVE-2023-36424\n\nOSINT tools for Information gathering, Cybersecurity, Reverse searching, bugbounty, trust and safety, red team oprations and more.\n\nhttps://github.com/Astrosp/Awesome-OSINT-For-Everything\n\nRembg is a tool to remove images background\n\nhttps://github.com/danielgatis/rembg\n\nHiddenVM \u2014 Use any desktop OS without leaving a trace.\n\nhttps://github.com/aforensics/HiddenVM\n\nGooFuzz is a tool to perform fuzzing with an OSINT approach, managing to enumerate directories, files, subdomains or parameters without leaving evidence on the target's server and by means of advanced Google searches (Google Dorking).\n\nhttps://github.com/m3n0sd0n4ld/GooFuzz\n\nRustRedOps is a repository dedicated to gathering and sharing advanced techniques and offensive malware for Red Team, with a specific focus on the Rust programming language.\n\nhttps://github.com/joaoviictorti/RustRedOps\n\n#HackersFactory", "creation_timestamp": "2024-03-24T01:12:42.000000Z"}, {"uuid": "b40a6237-28cd-4412-a2fc-f08b6969a5ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36424", "type": "published-proof-of-concept", "source": "https://t.me/CyberDilara/149", "content": "Tools - Hackers Factory\n\nResources for Mobile Application Testing\n\nhttps://github.com/0xSojalSec/Mobile-Application-Security\n\nCVE-2024-1212: Unauthenticated remote attackers can access the system through the LoadMaster management interface, enabling arbitrary system command execution.\n\nhttps://github.com/Chocapikk/CVE-2024-1212\n\nbug_bounty_scripts\n/firebase-scanner.py\n\nhttps://github.com/geeknik/bug_bounty_scripts/blob/main/firebase-scanner.py\n\nIndirect syscalls + DInvoke made simple.\n\nhttps://github.com/nbaertsch/nimvoke\n\nWindows Kernel Pool (clfs.sys) Corruption Privilege Escalation\n\nhttps://github.com/Nassim-Asrir/CVE-2023-36424\n\nOSINT tools for Information gathering, Cybersecurity, Reverse searching, bugbounty, trust and safety, red team oprations and more.\n\nhttps://github.com/Astrosp/Awesome-OSINT-For-Everything\n\nRembg is a tool to remove images background\n\nhttps://github.com/danielgatis/rembg\n\nHiddenVM \u2014 Use any desktop OS without leaving a trace.\n\nhttps://github.com/aforensics/HiddenVM\n\nGooFuzz is a tool to perform fuzzing with an OSINT approach, managing to enumerate directories, files, subdomains or parameters without leaving evidence on the target's server and by means of advanced Google searches (Google Dorking).\n\nhttps://github.com/m3n0sd0n4ld/GooFuzz\n\nRustRedOps is a repository dedicated to gathering and sharing advanced techniques and offensive malware for Red Team, with a specific focus on the Rust programming language.\n\nhttps://github.com/joaoviictorti/RustRedOps\n\n#HackersFactory", "creation_timestamp": "2024-06-17T13:58:11.000000Z"}, {"uuid": "01c61882-9a2a-4738-a2ae-3077ff060b47", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36424", "type": "published-proof-of-concept", "source": "https://t.me/tengkorakcybercrewz/791", "content": "Tools - Hackers Factory\n\nResources for Mobile Application Testing\n\nhttps://github.com/0xSojalSec/Mobile-Application-Security\n\nCVE-2024-1212: Unauthenticated remote attackers can access the system through the LoadMaster management interface, enabling arbitrary system command execution.\n\nhttps://github.com/Chocapikk/CVE-2024-1212\n\nbug_bounty_scripts\n/firebase-scanner.py\n\nhttps://github.com/geeknik/bug_bounty_scripts/blob/main/firebase-scanner.py\n\nIndirect syscalls + DInvoke made simple.\n\nhttps://github.com/nbaertsch/nimvoke\n\nWindows Kernel Pool (clfs.sys) Corruption Privilege Escalation\n\nhttps://github.com/Nassim-Asrir/CVE-2023-36424\n\nOSINT tools for Information gathering, Cybersecurity, Reverse searching, bugbounty, trust and safety, red team oprations and more.\n\nhttps://github.com/Astrosp/Awesome-OSINT-For-Everything\n\nRembg is a tool to remove images background\n\nhttps://github.com/danielgatis/rembg\n\nHiddenVM \u2014 Use any desktop OS without leaving a trace.\n\nhttps://github.com/aforensics/HiddenVM\n\nGooFuzz is a tool to perform fuzzing with an OSINT approach, managing to enumerate directories, files, subdomains or parameters without leaving evidence on the target's server and by means of advanced Google searches (Google Dorking).\n\nhttps://github.com/m3n0sd0n4ld/GooFuzz\n\nRustRedOps is a repository dedicated to gathering and sharing advanced techniques and offensive malware for Red Team, with a specific focus on the Rust programming language.\n\nhttps://github.com/joaoviictorti/RustRedOps\n\n#HackersFactory", "creation_timestamp": "2024-03-24T01:12:42.000000Z"}, {"uuid": "e423148e-76f9-49eb-a1d0-1c74dbb3d3bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36424", "type": "published-proof-of-concept", "source": "https://t.me/GhostsForum/20641", "content": "Tools - Hackers Factory\n\nResources for Mobile Application Testing\n\nhttps://github.com/0xSojalSec/Mobile-Application-Security\n\nCVE-2024-1212: Unauthenticated remote attackers can access the system through the LoadMaster management interface, enabling arbitrary system command execution.\n\nhttps://github.com/Chocapikk/CVE-2024-1212\n\nbug_bounty_scripts\n/firebase-scanner.py\n\nhttps://github.com/geeknik/bug_bounty_scripts/blob/main/firebase-scanner.py\n\nIndirect syscalls + DInvoke made simple.\n\nhttps://github.com/nbaertsch/nimvoke\n\nWindows Kernel Pool (clfs.sys) Corruption Privilege Escalation\n\nhttps://github.com/Nassim-Asrir/CVE-2023-36424\n\nOSINT tools for Information gathering, Cybersecurity, Reverse searching, bugbounty, trust and safety, red team oprations and more.\n\nhttps://github.com/Astrosp/Awesome-OSINT-For-Everything\n\nRembg is a tool to remove images background\n\nhttps://github.com/danielgatis/rembg\n\nHiddenVM \u2014 Use any desktop OS without leaving a trace.\n\nhttps://github.com/aforensics/HiddenVM\n\nGooFuzz is a tool to perform fuzzing with an OSINT approach, managing to enumerate directories, files, subdomains or parameters without leaving evidence on the target's server and by means of advanced Google searches (Google Dorking).\n\nhttps://github.com/m3n0sd0n4ld/GooFuzz\n\nRustRedOps is a repository dedicated to gathering and sharing advanced techniques and offensive malware for Red Team, with a specific focus on the Rust programming language.\n\nhttps://github.com/joaoviictorti/RustRedOps\n\n#HackersFactory", "creation_timestamp": "2024-03-23T23:50:48.000000Z"}, {"uuid": "7a7530fc-1520-4eac-acdb-a0457e3682d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36424", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatCommunity/7670", "content": "Tools - Hackers Factory\n\nResources for Mobile Application Testing\n\nhttps://github.com/0xSojalSec/Mobile-Application-Security\n\nCVE-2024-1212: Unauthenticated remote attackers can access the system through the LoadMaster management interface, enabling arbitrary system command execution.\n\nhttps://github.com/Chocapikk/CVE-2024-1212\n\nbug_bounty_scripts\n/firebase-scanner.py\n\nhttps://github.com/geeknik/bug_bounty_scripts/blob/main/firebase-scanner.py\n\nIndirect syscalls + DInvoke made simple.\n\nhttps://github.com/nbaertsch/nimvoke\n\nWindows Kernel Pool (clfs.sys) Corruption Privilege Escalation\n\nhttps://github.com/Nassim-Asrir/CVE-2023-36424\n\nOSINT tools for Information gathering, Cybersecurity, Reverse searching, bugbounty, trust and safety, red team oprations and more.\n\nhttps://github.com/Astrosp/Awesome-OSINT-For-Everything\n\nRembg is a tool to remove images background\n\nhttps://github.com/danielgatis/rembg\n\nHiddenVM \u2014 Use any desktop OS without leaving a trace.\n\nhttps://github.com/aforensics/HiddenVM\n\nGooFuzz is a tool to perform fuzzing with an OSINT approach, managing to enumerate directories, files, subdomains or parameters without leaving evidence on the target's server and by means of advanced Google searches (Google Dorking).\n\nhttps://github.com/m3n0sd0n4ld/GooFuzz\n\nRustRedOps is a repository dedicated to gathering and sharing advanced techniques and offensive malware for Red Team, with a specific focus on the Rust programming language.\n\nhttps://github.com/joaoviictorti/RustRedOps\n\n#HackersFactory", "creation_timestamp": "2024-03-23T23:50:30.000000Z"}, {"uuid": "87e66b29-00cc-49a4-a063-f29c9f72ae7f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36424", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/8098", "content": "Tools - Hackers Factory\n\nGitHub - Nassim-Asrir/CVE-2023-36424: Windows Kernel Pool (clfs.sys) Corruption Privilege Escalation\n\nhttps://github.com/Nassim-Asrir/CVE-2023-36424\n\nGitHub - umutcamliyurt/PingRAT: PingRAT secretly passes C2 traffic through firewalls using ICMP payloads.\n\nhttps://github.com/umutcamliyurt/PingRAT\n\nGitHub - Notselwyn/CVE-2024-1086: Universal local privilege escalation Proof-of-Concept exploit for CVE-2024-1086, working on most Linux kernels between v5.14 and v6.6, including Debian, Ubuntu, and KernelCTF. The success rate is 99.4%\n\nhttps://github.com/Notselwyn/CVE-2024-1086\n\nAnother one in the eBPF game -> Kernel-based Process Monitoring on Linux Endpoints for File System, TCP and UDP Networking Events and optionally DNS and HTTP Application Messages via eBPF Subsystem\n\nhttps://github.com/tarsal-oss/kflowd\n\nGitHub - N0rz3/Phunter: Phunter is an osint tool allowing you to find various information via a phone number\n\nhttps://github.com/N0rz3/Phunter\n\nGitHub - jaykali/maskphish: Introducing \"URL Making Technology\" to the world for the very FIRST TIME. Give a Mask to Phishing URL like a PRO.. A MUST have tool for Phishing.\n\nhttps://github.com/jaykali/maskphish\n\nGitHub - dchrastil/ScrapedIn: A tool to scrape LinkedIn without API restrictions for data reconnaissance\n\nhttps://github.com/dchrastil/ScrapedIn\n\nGitHub - mishakorzik/UserFinder: OSINT tool for finding profiles by username\n\nhttps://github.com/mishakorzik/UserFinder\n\nGitHub - PawanOsman/ChatGPT: OpenAI API Free Reverse Proxy\n\nhttps://github.com/PawanOsman/ChatGPT\n\nGitHub - Sk1dr0wz/Shodan_Scrapper\n\nhttps://github.com/Sk1dr0wz/Shodan_Scrapper\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-07-01T16:39:53.000000Z"}, {"uuid": "28c9c6c4-ed05-4f8c-b33a-6fe76e64f92c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36424", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3239", "content": "Tools - Hackers Factory\n\nResources for Mobile Application Testing\n\nhttps://github.com/0xSojalSec/Mobile-Application-Security\n\nCVE-2024-1212: Unauthenticated remote attackers can access the system through the LoadMaster management interface, enabling arbitrary system command execution.\n\nhttps://github.com/Chocapikk/CVE-2024-1212\n\nbug_bounty_scripts\n/firebase-scanner.py\n\nhttps://github.com/geeknik/bug_bounty_scripts/blob/main/firebase-scanner.py\n\nIndirect syscalls + DInvoke made simple.\n\nhttps://github.com/nbaertsch/nimvoke\n\nWindows Kernel Pool (clfs.sys) Corruption Privilege Escalation\n\nhttps://github.com/Nassim-Asrir/CVE-2023-36424\n\nOSINT tools for Information gathering, Cybersecurity, Reverse searching, bugbounty, trust and safety, red team oprations and more.\n\nhttps://github.com/Astrosp/Awesome-OSINT-For-Everything\n\nRembg is a tool to remove images background\n\nhttps://github.com/danielgatis/rembg\n\nHiddenVM \u2014 Use any desktop OS without leaving a trace.\n\nhttps://github.com/aforensics/HiddenVM\n\nGooFuzz is a tool to perform fuzzing with an OSINT approach, managing to enumerate directories, files, subdomains or parameters without leaving evidence on the target's server and by means of advanced Google searches (Google Dorking).\n\nhttps://github.com/m3n0sd0n4ld/GooFuzz\n\nRustRedOps is a repository dedicated to gathering and sharing advanced techniques and offensive malware for Red Team, with a specific focus on the Rust programming language.\n\nhttps://github.com/joaoviictorti/RustRedOps\n\n#HackersFactory", "creation_timestamp": "2024-03-27T20:09:16.000000Z"}, {"uuid": "001ef74b-bf9c-4a6d-804e-ba9c7d9cfef6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36424", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3367", "content": "Tools - Hackers Factory\n\nGitHub - Nassim-Asrir/CVE-2023-36424: Windows Kernel Pool (clfs.sys) Corruption Privilege Escalation\n\nhttps://github.com/Nassim-Asrir/CVE-2023-36424\n\nGitHub - umutcamliyurt/PingRAT: PingRAT secretly passes C2 traffic through firewalls using ICMP payloads.\n\nhttps://github.com/umutcamliyurt/PingRAT\n\nGitHub - Notselwyn/CVE-2024-1086: Universal local privilege escalation Proof-of-Concept exploit for CVE-2024-1086, working on most Linux kernels between v5.14 and v6.6, including Debian, Ubuntu, and KernelCTF. The success rate is 99.4%\n\nhttps://github.com/Notselwyn/CVE-2024-1086\n\nAnother one in the eBPF game -> Kernel-based Process Monitoring on Linux Endpoints for File System, TCP and UDP Networking Events and optionally DNS and HTTP Application Messages via eBPF Subsystem\n\nhttps://github.com/tarsal-oss/kflowd\n\nGitHub - N0rz3/Phunter: Phunter is an osint tool allowing you to find various information via a phone number\n\nhttps://github.com/N0rz3/Phunter\n\nGitHub - jaykali/maskphish: Introducing \"URL Making Technology\" to the world for the very FIRST TIME. Give a Mask to Phishing URL like a PRO.. A MUST have tool for Phishing.\n\nhttps://github.com/jaykali/maskphish\n\nGitHub - dchrastil/ScrapedIn: A tool to scrape LinkedIn without API restrictions for data reconnaissance\n\nhttps://github.com/dchrastil/ScrapedIn\n\nGitHub - mishakorzik/UserFinder: OSINT tool for finding profiles by username\n\nhttps://github.com/mishakorzik/UserFinder\n\nGitHub - PawanOsman/ChatGPT: OpenAI API Free Reverse Proxy\n\nhttps://github.com/PawanOsman/ChatGPT\n\nGitHub - Sk1dr0wz/Shodan_Scrapper\n\nhttps://github.com/Sk1dr0wz/Shodan_Scrapper\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-07-01T16:42:32.000000Z"}, {"uuid": "d0117c28-df92-44e3-9cd6-681cb6631c06", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36424", "type": "published-proof-of-concept", "source": "Telegram/waYTBnHPXLzIIxoFXGfEcQB8OuBxgvQ-fk7YAIMOuxkXokc", "content": "", "creation_timestamp": "2024-05-11T20:18:42.000000Z"}, {"uuid": "34a18e80-ede0-48f6-acd4-f8f8552684fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36424", "type": "seen", "source": "https://t.me/proxy_bar/1949", "content": "CVE-2023-36424\nWindows Kernel Pool (clfs.sys) Corruption Privilege Escalation \nexploit", "creation_timestamp": "2024-03-23T08:51:43.000000Z"}, {"uuid": "f108ac6e-4894-4d29-bc1a-9445ba8c4490", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36424", "type": "published-proof-of-concept", "source": "https://t.me/GhostClanInt/24801", "content": "Tools - Hackers Factory\n\nResources for Mobile Application Testing\n\nhttps://github.com/0xSojalSec/Mobile-Application-Security\n\nCVE-2024-1212: Unauthenticated remote attackers can access the system through the LoadMaster management interface, enabling arbitrary system command execution.\n\nhttps://github.com/Chocapikk/CVE-2024-1212\n\nbug_bounty_scripts\n/firebase-scanner.py\n\nhttps://github.com/geeknik/bug_bounty_scripts/blob/main/firebase-scanner.py\n\nIndirect syscalls + DInvoke made simple.\n\nhttps://github.com/nbaertsch/nimvoke\n\nWindows Kernel Pool (clfs.sys) Corruption Privilege Escalation\n\nhttps://github.com/Nassim-Asrir/CVE-2023-36424\n\nOSINT tools for Information gathering, Cybersecurity, Reverse searching, bugbounty, trust and safety, red team oprations and more.\n\nhttps://github.com/Astrosp/Awesome-OSINT-For-Everything\n\nRembg is a tool to remove images background\n\nhttps://github.com/danielgatis/rembg\n\nHiddenVM \u2014 Use any desktop OS without leaving a trace.\n\nhttps://github.com/aforensics/HiddenVM\n\nGooFuzz is a tool to perform fuzzing with an OSINT approach, managing to enumerate directories, files, subdomains or parameters without leaving evidence on the target's server and by means of advanced Google searches (Google Dorking).\n\nhttps://github.com/m3n0sd0n4ld/GooFuzz\n\nRustRedOps is a repository dedicated to gathering and sharing advanced techniques and offensive malware for Red Team, with a specific focus on the Rust programming language.\n\nhttps://github.com/joaoviictorti/RustRedOps\n\n#HackersFactory", "creation_timestamp": "2024-03-25T00:00:20.000000Z"}, {"uuid": "00a795f1-4f92-4146-9730-a8c14be18b90", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36424", "type": "published-proof-of-concept", "source": "https://t.me/reverse_dungeon/3619", "content": "CVE-2023-36424\nWindows Kernel Pool (clfs.sys) Corruption Privilege Escalation \nexploit", "creation_timestamp": "2024-03-27T18:11:25.000000Z"}, {"uuid": "2e7facba-e2a4-4e55-aa4c-4954c23f4519", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36424", "type": "published-proof-of-concept", "source": "https://t.me/theninjaway1337/1510", "content": "Windows Kernel Pool (clfs.sys) Corruption Privilege Escalation\n\nWindows Common Log File System Driver Elevation of Privilege Vulnerability\n\nhttps://github.com/Nassim-Asrir/CVE-2023-36424", "creation_timestamp": "2024-04-03T17:36:59.000000Z"}, {"uuid": "3849d8d7-3db2-47af-8e66-7f5c632d8c6b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36424", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/6839", "content": "Tools - Hackers Factory\n\nGitHub - Nassim-Asrir/CVE-2023-36424: Windows Kernel Pool (clfs.sys) Corruption Privilege Escalation\n\nhttps://github.com/Nassim-Asrir/CVE-2023-36424\n\nGitHub - umutcamliyurt/PingRAT: PingRAT secretly passes C2 traffic through firewalls using ICMP payloads.\n\nhttps://github.com/umutcamliyurt/PingRAT\n\nGitHub - Notselwyn/CVE-2024-1086: Universal local privilege escalation Proof-of-Concept exploit for CVE-2024-1086, working on most Linux kernels between v5.14 and v6.6, including Debian, Ubuntu, and KernelCTF. The success rate is 99.4%\n\nhttps://github.com/Notselwyn/CVE-2024-1086\n\nAnother one in the eBPF game -> Kernel-based Process Monitoring on Linux Endpoints for File System, TCP and UDP Networking Events and optionally DNS and HTTP Application Messages via eBPF Subsystem\n\nhttps://github.com/tarsal-oss/kflowd\n\nGitHub - N0rz3/Phunter: Phunter is an osint tool allowing you to find various information via a phone number\n\nhttps://github.com/N0rz3/Phunter\n\nGitHub - jaykali/maskphish: Introducing \"URL Making Technology\" to the world for the very FIRST TIME. Give a Mask to Phishing URL like a PRO.. A MUST have tool for Phishing.\n\nhttps://github.com/jaykali/maskphish\n\nGitHub - dchrastil/ScrapedIn: A tool to scrape LinkedIn without API restrictions for data reconnaissance\n\nhttps://github.com/dchrastil/ScrapedIn\n\nGitHub - mishakorzik/UserFinder: OSINT tool for finding profiles by username\n\nhttps://github.com/mishakorzik/UserFinder\n\nGitHub - PawanOsman/ChatGPT: OpenAI API Free Reverse Proxy\n\nhttps://github.com/PawanOsman/ChatGPT\n\nGitHub - Sk1dr0wz/Shodan_Scrapper\n\nhttps://github.com/Sk1dr0wz/Shodan_Scrapper\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-07-01T16:39:53.000000Z"}, {"uuid": "fede05b0-974b-4dbc-8c4d-0b52f2359aea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36424", "type": "seen", "source": "https://t.me/Rootsec_2/2265", "content": "#exploit\n1. CVE-2023-36424:\nWindows Kernel Pool (clfs.sys) Corruption Privilege Escalation\nhttps://ssd-disclosure.com/ssd-advisory-windows-kernel-pool-clfs-sys-corruption-privilege-escalation\n\n2. CVE-2023-46818:\nISPConfig <=3.2.11 (language_edit.php) PHP Code Injection\nhttps://seclists.org/fulldisclosure/2023/Dec/2\n\n3. CVE-2023-26035:\nUnauth RCE in ZoneMinder Snapshots\nhttps://github.com/rvizx/CVE-2023-26035", "creation_timestamp": "2024-08-16T08:56:17.000000Z"}, {"uuid": "45ff1782-9208-4554-ac7c-520ff6f40f57", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36424", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/2159", "content": "https://github.com/Nassim-Asrir/CVE-2023-36424\n\nWindows Kernel Pool (clfs.sys) Corruption Privilege Escalation\n#github", "creation_timestamp": "2024-03-22T17:30:37.000000Z"}, {"uuid": "f11ab62d-c054-408d-9a0c-9532fe9da150", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36424", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/9584", "content": "#exploit\n1. CVE-2023-36424:\nWindows Kernel Pool (clfs.sys) Corruption Privilege Escalation\nhttps://ssd-disclosure.com/ssd-advisory-windows-kernel-pool-clfs-sys-corruption-privilege-escalation\n\n2. CVE-2023-46818:\nISPConfig <=3.2.11 (language_edit.php) PHP Code Injection\nhttps://seclists.org/fulldisclosure/2023/Dec/2\n\n3. CVE-2023-26035:\nUnauth RCE in ZoneMinder Snapshots\nhttps://github.com/rvizx/CVE-2023-26035", "creation_timestamp": "2024-03-20T05:06:02.000000Z"}]}