{"vulnerability": "CVE-2023-40477", "sightings": [{"uuid": "30f271b1-ae6c-4ee2-8083-55d5912c142e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40477", "type": "seen", "source": "https://bsky.app/profile/undercode.bsky.social/post/3mdj5und3ru2v", "content": "", "creation_timestamp": "2026-01-28T20:55:20.138407Z"}, {"uuid": "852209bc-e85a-4a8d-9139-a4a1f4fed803", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40477", "type": "seen", "source": "https://bsky.app/profile/allsafeus.bsky.social/post/3mdjwlr2inx2d", "content": "", "creation_timestamp": "2026-01-29T04:17:45.889874Z"}, {"uuid": "a9a4ecfb-958a-428e-93e3-3e32b4c009dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40477", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5030", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aScan for WinRAR files affected to CVE-2023-40477\nURL\uff1ahttps://github.com/winkler-winsen/Scan_WinRAR\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-08-29T14:47:51.000000Z"}, {"uuid": "7baa2588-8023-462c-b836-af405f26a914", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40477", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5032", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aCVE-2023-40477 PoC by Wild-Pointer\nURL\uff1ahttps://github.com/wildptr-io/Winrar-CVE-2023-40477-POC\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-08-29T16:34:46.000000Z"}, {"uuid": "a0590231-101d-4010-ac83-321ab7b66330", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40477", "type": "seen", "source": "https://t.me/cyberfreek/8302", "content": "\u041d\u043e\u0432\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0441\u0442\u0430\u0432\u0438\u043b\u0430 \u043f\u043e\u0434 \u0443\u0433\u0440\u043e\u0437\u0443 \u043c\u0438\u043b\u043b\u0438\u0430\u0440\u0434 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 WinRAR. \u041e\u043d\u0430 \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043f\u043e\u0434 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u043e\u043c CVE-2023-40477 \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0432\u0437\u043b\u043e\u043c\u0449\u0438\u043a\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u043d\u0430 \u0430\u0442\u0430\u043a\u0443\u0435\u043c\u043e\u0439 \u043c\u0430\u0448\u0438\u043d\u0435 \u043f\u0440\u0438 \u043f\u043e\u043c\u043e\u0449\u0438 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043f\u043e\u0434\u0433\u043e\u0442\u043e\u0432\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0444\u0430\u0439\u043b\u0430 \u0430\u0440\u0445\u0438\u0432\u0430 \u0441 \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u0438\u0435\u043c RAR.", "creation_timestamp": "2023-08-21T12:20:15.000000Z"}, {"uuid": "8a70a84a-d175-4eaf-beea-091bbadeb020", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40477", "type": "seen", "source": "https://t.me/itsec_news/3136", "content": "\u200b\u26a1\ufe0fWinRAR \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430.\n\n\ud83d\udcac \u0412 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u0430\u044f \u0443\u0442\u0438\u043b\u0438\u0442\u0435 \u0434\u043b\u044f \u0441\u0436\u0430\u0442\u0438\u044f \u0438 \u0430\u0440\u0445\u0438\u0432\u0430\u0446\u0438\u0438 \u0444\u0430\u0439\u043b\u043e\u0432 \u0432 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445 Windows, WinRAR \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2023-40477, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u043d\u0430 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u0446\u0435\u043b\u0435\u0432\u043e\u0433\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f.\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u043e\u0439 \u0434\u0430\u043d\u043d\u044b\u0445, \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c, \u0432 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0435 \u0440\u0430\u0431\u043e\u0442\u044b \u0441 \u0442\u043e\u043c\u0430\u043c\u0438 \u0432\u043e\u0441\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u043f\u043e\u0434 \u043f\u0441\u0435\u0432\u0434\u043e\u043d\u0438\u043c\u043e\u043c \"goodbyeselene\" \u0438\u0437 Zero Day Initiative \u0441\u043e\u043e\u0431\u0449\u0438\u043b \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 RARLAB 8 \u0438\u044e\u043d\u044f 2023 \u0433\u043e\u0434\u0430\n\n\u041e\u0444\u0438\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0439 \u0441\u043e\u0432\u0435\u0442 ZDI \u0433\u043b\u0430\u0441\u0438\u0442 : \u00ab\u042d\u0442\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u043d\u0430 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b\u0445 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430\u0445 RARLAB WinRAR. \u0414\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0442\u0440\u0435\u0431\u0443\u0435\u0442\u0441\u044f \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0435 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f, \u0442\u0430\u043a \u043a\u0430\u043a \u0446\u0435\u043b\u044c \u0434\u043e\u043b\u0436\u043d\u0430 \u043f\u043e\u0441\u0435\u0442\u0438\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u0443\u044e \u0441\u0442\u0440\u0430\u043d\u0438\u0446\u0443 \u0438\u043b\u0438 \u043e\u0442\u043a\u0440\u044b\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u0444\u0430\u0439\u043b. \u041a\u043e\u043d\u043a\u0440\u0435\u0442\u043d\u044b\u0439 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u043a \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0432 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0435 \u0442\u043e\u043c\u043e\u0432 \u0432\u043e\u0441\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043f\u0440\u043e\u0438\u0441\u0445\u043e\u0434\u0438\u0442 \u0438\u0437-\u0437\u0430 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u044f \u043d\u0430\u0434\u043b\u0435\u0436\u0430\u0449\u0435\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0434\u0430\u043d\u043d\u044b\u0445, \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c, \u0447\u0442\u043e \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0434\u043e\u0441\u0442\u0443\u043f\u0443 \u043a \u043f\u0430\u043c\u044f\u0442\u0438 \u0437\u0430 \u043f\u0440\u0435\u0434\u0435\u043b\u0430\u043c\u0438 \u0432\u044b\u0434\u0435\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0431\u0443\u0444\u0435\u0440\u0430. \u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u044d\u0442\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0432 \u043a\u043e\u043d\u0442\u0435\u043a\u0441\u0442\u0435 \u0442\u0435\u043a\u0443\u0449\u0435\u0433\u043e \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0430\u00bb.\n\nWinRAR \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0430 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u043a \u0441 \u0432\u044b\u043f\u0443\u0441\u043a\u043e\u043c \u0432\u0435\u0440\u0441\u0438\u0438 6.23. \u041f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c WinRAR \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 \u0434\u043e \u043d\u043e\u0432\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u043f\u0440\u0435\u0436\u0434\u0435 \u0447\u0435\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043d\u0430\u0447\u043d\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0430\u0442\u0430\u043a\u0430\u0445.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2023-08-20T10:29:50.000000Z"}, {"uuid": "39450595-a21e-4838-b142-12e10a4b8dc2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40477", "type": "seen", "source": "https://t.me/habr_com_news/20332", "content": "\u0420\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 \u0438\u0437 RARLAB \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 WinRAR \u0432\u0435\u0440\u0441\u0438\u0438 6.23. \u0412 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0438 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u043e\u0433\u043e \u0430\u0440\u0445\u0438\u0432\u0430\u0442\u043e\u0440\u0430 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2023-40477, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e \u0438 \u043d\u0435\u0437\u0430\u043c\u0435\u0442\u043d\u043e \u0434\u043b\u044f \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0442\u044c \u0432 \u0440\u0430\u0431\u043e\u0447\u0435\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u043a\u043e\u0434 \u043f\u0440\u0438 \u0443\u0441\u043b\u043e\u0432\u0438\u0438 \u043e\u0442\u043a\u0440\u044b\u0442\u0438\u044f \u043d\u0430 \u041f\u041a \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u043e\u0433\u043e RAR-\u0430\u0440\u0445\u0438\u0432\u0430.\n\n#\u043a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c", "creation_timestamp": "2023-08-21T08:21:13.000000Z"}, {"uuid": "a749d7a0-8d81-49c3-b251-a14a51631bb5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40477", "type": "seen", "source": "https://t.me/disasm_me_ch/228", "content": "https://habr.com/ru/news/755612/\nhttps://xakep.ru/2023/08/21/winrar-cve/\nhttps://www.bleepingcomputer.com/news/security/winrar-flaw-lets-hackers-run-programs-when-you-open-rar-archives/\n\nCVE-2023-40477 \u0432 WinRAR, \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0430\u044f \u043a \u0438\u0441\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043a\u043e\u0434\u0430, \u043d\u043e \u0443\u0432\u044b \u0431\u0435\u0437 POC)\n\nUPD: \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0430\u043a\u0442\u0443\u0430\u043b\u044c\u043d\u0430 \u0442\u043e\u043b\u044c\u043a\u043e \u0434\u043b\u044f \u043c\u0443\u043b\u044c\u0442\u0438\u0444\u0430\u0439\u043b\u043e\u0432\u044b\u0445 \u0430\u0440\u0445\u0438\u0432\u043e\u0432 RAR4, \u0440\u044f\u0434\u043e\u043c \u0441 \u043a\u043e\u0442\u043e\u0440\u044b\u043c\u0438 \u043f\u0440\u0438\u0441\u0443\u0442\u0441\u0442\u0432\u0443\u0435\u0442 \u0444\u0430\u0439\u043b\u044b .rev", "creation_timestamp": "2023-08-21T09:26:09.000000Z"}, {"uuid": "07d9a53f-147f-40a5-b893-62dff2c56868", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40477", "type": "seen", "source": "https://t.me/kasperskyb2b/825", "content": "\u23e9 \u0418\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u044b\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f APT \u0438 \u0418\u0411-\u043d\u043e\u0432\u043e\u0441\u0442\u0438 \u0437\u0430 \u043d\u0435\u0434\u0435\u043b\u044e\n\n\ud83d\udcf8 \u0424\u0438\u0448\u0435\u0440\u044b \u043e\u0431\u0445\u043e\u0434\u044f\u0442 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0443 \u0441\u0441\u044b\u043b\u043e\u043a \u043f\u0440\u0438 \u043f\u043e\u043c\u043e\u0449\u0438 QR-\u043a\u043e\u0434\u043e\u0432. \u0412 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u043d\u043e\u0439 \u0430\u0442\u0430\u043a\u0435 \u0441\u0441\u044b\u043b\u043a\u0430, \u043f\u043e \u043b\u0435\u0433\u0435\u043d\u0434\u0435, \u043d\u0443\u0436\u043d\u0430 \u0434\u043b\u044f \u00ab\u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f 2FA\u00bb.\n\n\u041a\u0440\u0430\u0434\u0435\u043d\u044b\u0435 \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u044b \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 \u043d\u0430 \u0430\u0437\u0438\u0430\u0442\u0441\u043a\u0443\u044e \u0438\u043d\u0434\u0443\u0441\u0442\u0440\u0438\u044e \u0430\u0437\u0430\u0440\u0442\u043d\u044b\u0445 \u0438\u0433\u0440. \u041e\u0434\u043d\u0430 \u0438\u0437 \u043a\u0438\u0442\u0430\u0435\u0433\u043e\u0432\u043e\u0440\u044f\u0449\u0438\u0445 \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043e\u043a, \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u043e\u0436\u0438\u0442\u0435\u043b\u044c\u043d\u043e Bronze Starlight, \u043f\u0440\u043e\u0432\u0435\u043b\u0430 \u0441\u0435\u0440\u0438\u044e \u0430\u0442\u0430\u043a \u043d\u0430 \u0438\u0433\u043e\u0440\u043d\u044b\u0435 \u0431\u0438\u0437\u043d\u0435\u0441\u044b \u042e\u0412\u0410, \u043f\u043e\u0434\u043f\u0438\u0441\u044b\u0432\u0430\u044f \u0441\u0432\u043e\u0438 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u044b \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u043c \u043c\u0435\u0441\u0442\u043d\u043e\u0433\u043e VPN-\u043f\u0440\u043e\u0432\u0430\u0439\u0434\u0435\u0440\u0430. \u0422\u0430\u043a\u0436\u0435 \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f DLL Adobe CC, MS Edge \u0438 McAfee \u0434\u043b\u044f \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u043c\u0430\u044f\u0447\u043a\u0430 Cobalt Strike. \u0418\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u043e, \u0447\u0442\u043e \u043f\u043e \u0441\u043b\u043e\u0432\u0430\u043c \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0446\u0435\u043b\u044c\u044e \u0430\u0442\u0430\u043a \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0448\u043f\u0438\u043e\u043d\u0430\u0436, \u0430 \u043d\u0435 \u043a\u043e\u043c\u043c\u0435\u0440\u0447\u0435\u0441\u043a\u0430\u044f \u0432\u044b\u0433\u043e\u0434\u0430. \u041f\u043e \u043c\u0435\u0440\u0435 \u0440\u043e\u0441\u0442\u0430 \u044d\u043a\u043e\u043d\u043e\u043c\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0441\u0432\u044f\u0437\u0435\u0439 \u0441 \u0430\u0437\u0438\u0430\u0442\u0441\u043a\u0438\u043c\u0438 \u0441\u0442\u0440\u0430\u043d\u0430\u043c\u0438, \u043e\u0442\u0435\u0447\u0435\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u043c \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f\u043c, \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e, \u043f\u0440\u0438\u0434\u0451\u0442\u0441\u044f \u0432\u0441\u0451 \u0447\u0430\u0449\u0435 \u0441\u0442\u0430\u043b\u043a\u0438\u0432\u0430\u0442\u044c\u0441\u044f \u0441 \u043f\u043e\u0434\u043e\u0431\u043d\u044b\u043c\u0438 \u00ab\u0433\u043e\u0441\u0442\u044f\u043c\u0438\u00bb.\n\n\ud83d\udc31 \u0412\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0438 \u0438\u0437 Blackcat \u0440\u0430\u0437\u0434\u0430\u043b\u0438 \u0441\u0432\u043e\u0435\u0439 \u043f\u0430\u0440\u0442\u043d\u0451\u0440\u0441\u043a\u043e\u0439 \u0441\u0435\u0442\u0438 \u043d\u043e\u0432\u0443\u044e \u0432\u0435\u0440\u0441\u0438\u044e \u0412\u041f\u041e, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u044d\u0432\u043e\u043b\u044e\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043b\u0430 \u0438\u0437 \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043b\u044c\u0449\u0438\u043a\u0430 \u0432 \u043a\u043e\u043c\u043f\u043b\u0435\u043a\u0441\u043d\u044b\u0439 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442 \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438 \u0441\u0435\u0442\u0435\u0439. \u041e\u043d\u0430 \u0432\u043a\u043b\u044e\u0447\u0430\u0435\u0442 Impacket \u0434\u043b\u044f \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u044f \u0432 \u0441\u0435\u0442\u0438 \u0438 \u0448\u0435\u043b\u043b Remcom. \n\n\u0410\u043d\u0430\u043b\u0438\u0437 Abyss Locker, \u0412\u041f\u041e \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u043d\u0430 ESXi. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0443\u0442\u0432\u0435\u0440\u0436\u0434\u0430\u044e\u0442, \u0447\u0442\u043e \u043e\u043d \u043d\u0430\u043f\u0438\u0441\u0430\u043d \u0431\u043e\u043b\u0435\u0435 \u0442\u0449\u0430\u0442\u0435\u043b\u044c\u043d\u043e, \u0447\u0435\u043c \u0430\u043d\u0430\u043b\u043e\u0433\u0438,\u0432  \u0447\u0430\u0441\u0442\u043d\u043e\u0441\u0442\u0438, \u043f\u0440\u0438\u043d\u0438\u043c\u0430\u0435\u0442 \u043c\u0435\u0440\u044b, \u0447\u0442\u043e\u0431\u044b \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u044d\u043a\u0441\u043a\u043b\u044e\u0437\u0438\u0432\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0444\u0430\u0439\u043b\u0430\u043c \u0434\u043b\u044f \u043d\u0430\u0434\u0451\u0436\u043d\u043e\u0433\u043e \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u044f.\n\n\u041e\u0434\u043d\u043e\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e \u043f\u043e\u0434\u0432\u0435\u0440\u0433\u043b\u043e\u0441\u044c \u0430\u043d\u0430\u043b\u0438\u0437\u0443 \u0438 \u0434\u0440\u0443\u0433\u043e\u0435 \u0438\u0437\u0434\u0435\u043b\u0438\u0435 \u0434\u043b\u044f ESXi, \u0430 \u0438\u043c\u0435\u043d\u043d\u043e Monti.\n\n\ud83d\ude31 \u0414\u044b\u0440\u0443 \u0432 Citrix NetScaler (CVE-2023-3519), \u0437\u0430\u043a\u0440\u044b\u0442\u0443\u044e 18 \u0438\u044e\u043b\u044f, \u0443\u0441\u043f\u0435\u043b\u0438 \u043a\u0430\u043a \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u043f\u0440\u043e\u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c. \u0412\u0435\u0431-\u0448\u0435\u043b\u043b \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043d\u0430 2000 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432, \u043f\u0440\u0438 \u044d\u0442\u043e\u043c \u043f\u043e\u0447\u0442\u0438 \u0434\u0432\u0435 \u0442\u0440\u0435\u0442\u0438 \u0438\u0437 \u043d\u0438\u0445 \u0443\u0436\u0435 \u043f\u0440\u043e\u043f\u0430\u0442\u0447\u0435\u043d\u044b, \u043d\u043e, \u0432\u0438\u0434\u0438\u043c\u043e, \u0441\u043b\u0438\u0448\u043a\u043e\u043c \u043f\u043e\u0437\u0434\u043d\u043e. \n\n\ud83d\udcf1 \u0412\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 APK \u0443\u0432\u043e\u0434\u044f\u0442 \u0438\u0437-\u043f\u043e\u0434 \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0433\u043e \u0430\u043d\u0430\u043b\u0438\u0437\u0430 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043f\u0440\u043e\u0441\u0442\u043e\u0433\u043e \u0442\u0440\u044e\u043a\u0430 \u2014 \u0437\u0430\u043c\u0435\u043d\u044b \u0444\u043b\u0430\u0433\u0430 \u043c\u0435\u0442\u043e\u0434\u0430 \u043a\u043e\u043c\u043f\u0440\u0435\u0441\u0441\u0438\u0438 \u0432 ZIP-\u0444\u0430\u0439\u043b\u0435, \u043a\u043e\u0442\u043e\u0440\u044b\u043c \u043f\u043e \u0441\u0443\u0442\u0438 \u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f APK. \u0423\u0434\u0438\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e, \u043a\u0430\u043a \u043c\u043d\u043e\u0433\u043e \u043f\u0435\u0441\u043e\u0447\u043d\u0438\u0446 \u0438 \u0434\u0435\u043a\u043e\u043c\u043f\u0438\u043b\u044f\u0442\u043e\u0440\u043e\u0432 \u0441\u043f\u043e\u0442\u044b\u043a\u0430\u044e\u0442\u0441\u044f \u043d\u0430 \u0442\u0430\u043a\u043e\u0439 \u043f\u0440\u043e\u0441\u0442\u043e\u0439 \u0432\u0435\u0449\u0438.\n\n\u041e\u0431\u043d\u043e\u0432\u0438\u0442\u0435 WinRAR. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Windows-\u0432\u0435\u0440\u0441\u0438\u0439 \u0432\u043f\u043b\u043e\u0442\u044c \u0434\u043e 6.22 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b\u0430 \u0437\u0430\u043f\u0443\u0441\u0442\u0438\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u0444\u0430\u0439\u043b \u043f\u0440\u0438 \u043f\u0440\u043e\u0441\u0442\u043e\u043c \u043e\u0442\u043a\u0440\u044b\u0442\u0438\u0438 \u0430\u0440\u0445\u0438\u0432\u0430 (CVE-2023-40477).  \u0411\u0430\u0433 \u043d\u0430\u0448\u043b\u0438 \u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438, \u043d\u043e \u043e\u043d \u043d\u0430\u0432\u0435\u0440\u043d\u044f\u043a\u0430 \u043f\u043e\u043d\u0440\u0430\u0432\u0438\u0442\u0441\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c. \u0422\u043e \u0436\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0437\u0430\u043a\u0440\u044b\u043b\u043e \u0435\u0449\u0451 \u043e\u0434\u043d\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043a\u043e\u0442\u043e\u0440\u0443\u044e, \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e, \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445.\n\n#\u0434\u0430\u0439\u0436\u0434\u0435\u0441\u0442 #APT @\u041f2\u0422", "creation_timestamp": "2023-08-21T10:01:01.000000Z"}, {"uuid": "b7492962-1361-4f03-8285-3103a43c7c6e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40477", "type": "seen", "source": "https://t.me/ctinow/138391", "content": "https://ift.tt/um1Hydq\nFake CVE-2023-40477 Proof of Concept Leads to VenomRAT", "creation_timestamp": "2023-09-21T09:33:18.000000Z"}, {"uuid": "34fd7ee1-00b4-4482-b205-4a5708274473", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40477", "type": "seen", "source": "https://t.me/ctinow/131831", "content": "https://ift.tt/DOPYy02\nWinRAR vulnerable to remote code execution, patch now! (CVE-2023-40477)", "creation_timestamp": "2023-08-21T14:41:26.000000Z"}, {"uuid": "cb2626f8-403e-49a3-a2df-39b2cc5f0a8f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40477", "type": "seen", "source": "https://t.me/hydral0gs/1489", "content": "this ain\u2019t mine, check CVE-2023-38831 / CVE-2023-40477", "creation_timestamp": "2023-08-27T21:51:24.000000Z"}, {"uuid": "53b813a8-2e10-4ea0-9970-e183c8dcee81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40477", "type": "published-proof-of-concept", "source": "https://t.me/Teamx1945x/957", "content": "https://github.com/punk-security/dnsReaper\n\nCVEMap\n\n\u0627\u0633\u062a\u0643\u0634\u0641 \u063a\u0627\u0628\u0629 \u0627\u0644\u062b\u063a\u0631\u0627\u062a \u0627\u0644\u0623\u0645\u0646\u064a\u0629 \u0648\u0627\u0644\u062a\u0639\u0631\u0636\u0627\u062a \u0627\u0644\u0645\u0634\u062a\u0631\u0643\u0629 (CVE) \u0628\u0633\u0647\u0648\u0644\u0629 \u0628\u0627\u0633\u062a\u062e\u062f\u0627\u0645 CVEMap\u060c \u0623\u062f\u0627\u0629 \u0648\u0627\u062c\u0647\u0629 \u0633\u0637\u0631 \u0627\u0644\u0623\u0648\u0627\u0645\u0631 (CLI) \u0645\u0635\u0645\u0645\u0629 \u0644\u062a\u0648\u0641\u064a\u0631 \u0648\u0627\u062c\u0647\u0629 \u0645\u0646\u0638\u0645\u0629 \u0648\u0633\u0647\u0644\u0629 \u0627\u0644\u062a\u0635\u0641\u062d \u0644\u0645\u062e\u062a\u0644\u0641 \u0642\u0648\u0627\u0639\u062f \u0628\u064a\u0627\u0646\u0627\u062a \u0627\u0644\u062b\u063a\u0631\u0627\u062a.\n\n[\u0631\u0627\u0628\u0637 \u0627\u0644\u0645\u0634\u0631\u0648\u0639 \u0639\u0644\u0649 GitHub](https://github.com/projectdiscovery/cvemap)\n\nMetaHub\n\nMetaHub \u0647\u0648 \u0623\u062f\u0627\u0629 \u062a\u062d\u0633\u064a\u0646 \u0648\u062a\u0642\u064a\u064a\u0645 \u062a\u0623\u062b\u064a\u0631 \u0627\u0644\u0646\u062a\u0627\u0626\u062c \u0627\u0644\u0623\u0645\u0646\u064a\u0629 \u0627\u0644\u0633\u064a\u0627\u0642\u064a\u0629 \u0648\u0627\u0644\u0645\u0633\u062a\u0646\u062f\u0629 \u0625\u0644\u0649 \u0627\u0644\u0633\u064a\u0627\u0642 \u062a\u0644\u0642\u0627\u0626\u064a\u064b\u0627 \u0644\u0625\u062f\u0627\u0631\u0629 \u0627\u0644\u062b\u063a\u0631\u0627\u062a.\n\n[\u0631\u0627\u0628\u0637 \u0627\u0644\u0645\u0634\u0631\u0648\u0639 \u0639\u0644\u0649 GitHub](https://github.com/gabrielsoltz/metahub)\n\nCLZero\n\n\u0645\u0634\u0631\u0648\u0639 \u0645\u062e\u0635\u0635 \u0644\u0627\u062e\u062a\u0628\u0627\u0631 \u0627\u0644\u062a\u0634\u0648\u064a\u0634 (Fuzzing) \u0639\u0644\u0649 HTTP/1.1 CL.0 \u0644\u0627\u0633\u062a\u0643\u0634\u0627\u0641 \u0647\u062c\u0645\u0627\u062a \u062a\u0634\u0648\u064a\u0634 \u0627\u0644\u0637\u0644\u0628\u0627\u062a.\n\n[\u0631\u0627\u0628\u0637 \u0627\u0644\u0645\u0634\u0631\u0648\u0639 \u0639\u0644\u0649 GitHub](https://github.com/Moopinger/CLZero)\n\nSQLi_Sleeps\n\n\u0647\u0648 \u0633\u0643\u0631\u0628\u062a \u0628\u0633\u064a\u0637 \u064a\u062a\u064a\u062d \u0627\u0644\u0639\u062b\u0648\u0631 \u0639\u0644\u0649 \u062b\u063a\u0631\u0627\u062a SQLi \u0648\u0627\u0644\u062d\u0635\u0648\u0644 \u0639\u0644\u0649 \u0648\u0642\u062a \u0627\u0644\u0627\u0633\u062a\u062c\u0627\u0628\u0629 \u0627\u0644\u0630\u064a \u064a\u0632\u064a\u062f \u0639\u0646 20 \u062b\u0627\u0646\u064a\u0629 \u0641\u064a \u0627\u0644\u0645\u062a\u0648\u0633\u0637 \u0628\u0627\u0633\u062a\u062e\u062f\u0627\u0645 \u062d\u0642\u0646 \u0642\u0627\u0626\u0645\u0629 \u0639\u0644\u0649 \u0627\u0644\u0648\u0642\u062a.\n\n[\u0631\u0627\u0628\u0637 \u0627\u0644\u0645\u0634\u0631\u0648\u0639 \u0639\u0644\u0649 GitHub](https://github.com/HernanRodriguez1/SQLi_Sleeps)\n\n\u0645\u0634\u0631\u0648\u0639 GitHub - p1radup: \u0645\u0639\u0627\u0644\u062c\u0629 \u0639\u0646\u0627\u0648\u064a\u0646 \u0627\u0644\u0648\u064a\u0628 \u0648\u0625\u0632\u0627\u0644\u0629 \u0645\u0639\u0644\u0645\u0627\u062a \u0627\u0644\u0627\u0633\u062a\u0639\u0644\u0627\u0645 \u0627\u0644\u0645\u0643\u0631\u0631\u0629.\n\nhttps://github.com/iambouali/p1radup\n\n\u0625\u062b\u0628\u0627\u062a \u0627\u0644\u0645\u0641\u0647\u0648\u0645 \u0627\u0644\u0645\u0632\u064a\u0641 CVE-2023-40477 \u064a\u0624\u062f\u064a \u0625\u0644\u0649 VenomRAT\n\n\u064a\u0647\u062f\u0641 PoC \u0625\u0644\u0649 \u0627\u0633\u062a\u063a\u0644\u0627\u0644 \u062b\u063a\u0631\u0629 WinRAR:\nLink\n\nPoC + Nuclei + Query CVE-2024-25600 Unauth RCE - WordPress Bricks - 1.9.6 CVSS 9.8\n\nQuery Fofa: body=\"/wp-content/themes/bricks/\"\n\nPOC \n\nNuclei\n\nGitHub - iambouali/p1radup: \u064a\u0639\u0645\u0644 \u0639\u0644\u0649 \u0645\u0639\u0627\u0644\u062c\u0629 \u0639\u0646\u0627\u0648\u064a\u0646 \u0627\u0644\u0648\u064a\u0628 \u0648\u0625\u0632\u0627\u0644\u0629 \u0645\u0639\u0644\u0645\u0627\u062a \u0627\u0644\u0627\u0633\u062a\u0639\u0644\u0627\u0645 \u0627\u0644\u0645\u0643\u0631\u0631\u0629.\n\nhttps://github.com/iambouali/p1radup\n\n\u0645\u0631\u0627\u062c\u0639\u0629: \u0642\u0631\u0627\u0621\u0629 \u062a\u062c\u0631\u0628\u0629 \u0645\u062e\u062a\u0635\u0631\u0629 \u062d\u0648\u0644 \u0627\u062e\u062a\u0631\u0627\u0642 \u0627\u0644\u0623\u0645\u0627\u0646 \u0645\u0646 \u0642\u0628\u0644 \u062e\u0628\u0631\u0627\u0621\n\nhttps://www.hackerone.com/penetration-testing/pentester-ama-recap\n\n\u0631\u0648\u0627\u0628\u0637 \u0639\u0645\u064a\u0642\u0629 \u0648\u0627\u0633\u062a\u063a\u0644\u0627\u0644 \u0627\u0644\u0648\u0627\u062c\u0647\u0627\u062a \u0627\u0644\u0648\u064a\u0628: \u0627\u0644\u062c\u0632\u0621 \u0627\u0644\u0623\u0648\u0644\n\nhttps://medium.com/@justmobilesec/deep-links-webviews-exploitations-part-i-452e8aad124f\n\n\u0628\u0633\u0647\u0648\u0644\u0629\u060c \u0642\u0645 \u0628\u0627\u0644\u062a\u0631\u0642\u064a\u0629 \u0625\u0644\u0649 \u0643\u0644\u0645\u0627\u062a \u0627\u0644\u0645\u0631\u0648\u0631 \u0639\u0644\u0649 \u0647\u0648\u0627\u062a\u0641 Pixel \u0628\u0627\u0633\u062a\u062e\u062f\u0627\u0645 \u0645\u062f\u064a\u0631 \u0643\u0644\u0645\u0627\u062a \u0627\u0644\u0645\u0631\u0648\u0631 \u0645\u0646 Google\n\nhttp://security.googleblog.com/2024/01/upgrade-to-passkeys-on-pixel-with-google-password-manager.html", "creation_timestamp": "2024-06-06T23:32:16.000000Z"}, {"uuid": "928dfc47-5a11-49fc-8cb8-d1907eada277", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40477", "type": "published-proof-of-concept", "source": "https://t.me/Teamx1945x/1088", "content": "\u0625\u062b\u0628\u0627\u062a \u0627\u0644\u0645\u0641\u0647\u0648\u0645 \u0627\u0644\u0645\u0632\u064a\u0641 CVE-2023-40477 \u064a\u0624\u062f\u064a \u0625\u0644\u0649 VenomRAT\n\n\u064a\u0647\u062f\u0641 PoC \u0625\u0644\u0649 \u0627\u0633\u062a\u063a\u0644\u0627\u0644 \u062b\u063a\u0631\u0629 WinRAR:\nLink", "creation_timestamp": "2024-03-29T18:27:13.000000Z"}, {"uuid": "28d9f475-7851-4153-abce-95ddd689d017", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40477", "type": "published-proof-of-concept", "source": "Telegram/BfiSS6hi2uHjtrFGElM_J19eDHfezdSerwZX5Lk0upIhdj-K", "content": "", "creation_timestamp": "2024-02-21T16:16:42.000000Z"}, {"uuid": "89b3e634-6676-4bb1-97c9-9e7e1e0e0207", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40477", "type": "seen", "source": "https://t.me/hak993/305", "content": "\ud83d\udd36\u062a\u0646\u0648\u064a\u0647\n\n\u200f\u0627\u0630\u0627 \u0643\u0646\u062a \u062a\u0633\u062a\u062e\u062f\u0645 \u0628\u0631\u0646\u0627\u0645\u062c WinRAR\n\u062a\u0648\u062c\u062f \u200e#\u062b\u063a\u0631\u0647 \u0641\u064a \u0627\u0644\u0627\u0635\u062f\u0627\u0631 2.22 \u0648\u0627\u0644\u0627\u0642\u062f\u0645 \u062a\u0633\u0645\u062d \u0628\u062a\u0646\u0641\u064a\u0630 \u0643\u0648\u062f \u0639\u0646 \u0628\u0639\u062f \u0641\u064a \u0627\u0644\u062c\u0647\u0627\u0632 \u0627\u0644\u0645\u0635\u0627\u0628\n\u0631\u0642\u0645 \u0627\u0644\u062b\u063a\u0631\u0647 CVE-2023-40477\n\u062f\u0631\u062c\u0647 \u062e\u0637\u0648\u0631\u0647 \u0627\u0644\u062b\u063a\u0631\u0647 7.8\n\u062d\u062f\u062b \u0644\u0644\u0627\u0635\u062f\u0627\u0631 2.23\n\n#\u0641\u0631\u064a\u0642_\u0641\u0627\u0637\u0645\u064a\u0648\u0646_\u0627\u0644\u0627\u0644\u0643\u062a\u0631\u0648\u0646\u064a", "creation_timestamp": "2023-08-20T02:20:55.000000Z"}, {"uuid": "a59eae44-7536-402f-8ad0-80c2d66e8069", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40477", "type": "seen", "source": "Telegram/UKcDhNGAWYL_Pb7QVWM5iQVOgfpef5Z7d4JIeRz3JAv2jQ", "content": "", "creation_timestamp": "2023-08-21T17:19:23.000000Z"}, {"uuid": "f4686091-bc97-474c-92c6-cbd848f209ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40477", "type": "seen", "source": "https://t.me/KomunitiSiber/684", "content": "New WinRAR Vulnerability Could Allow Hackers to Take Control of Your PC\nhttps://thehackernews.com/2023/08/new-winrar-vulnerability-could-allow.html\n\nA high-severity security flaw has been disclosed in the WinRAR utility that could be potentially exploited by a threat actor to achieve remote code execution on Windows systems.\nTracked as\u00a0CVE-2023-40477\u00a0(CVSS score: 7.8), the vulnerability has been described as a case of improper validation while processing recovery volumes.\n\"The issue results from the lack of proper validation of user-supplied", "creation_timestamp": "2023-08-21T16:52:23.000000Z"}, {"uuid": "cf524bcf-7543-463f-9b77-38da36f6f12a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40477", "type": "seen", "source": "Telegram/YxgEdxRa7EVPUNyxsDhVkdOE2jPypVOXA93fKCyWYyXq", "content": "", "creation_timestamp": "2023-08-27T21:51:24.000000Z"}, {"uuid": "8cac78a2-406d-4e5c-bd37-6bf74fc97f7e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40477", "type": "seen", "source": "https://t.me/JerusalemElectronicArmy/552", "content": "#\u0623\u062e\u0628\u0627\u0631_\u0627\u0644\u0633\u0627\u064a\u0628\u0631 \n\n\u062b\u063a\u0631\u0629 \u0623\u0645\u0646\u064a\u0629 \u062e\u0637\u064a\u0631\u0629 \u0641\u064a WinRAR \u064a\u0634\u0627\u0631 \u0644\u0647\u0627 \u0628\u0627\u0644\u0631\u0645\u0632 (CVE-2023-40477)\u060c \u062a\u0633\u0645\u062d \u0628\u062a\u0646\u0641\u064a\u0630 \u0623\u0648\u0627\u0645\u0631 \u062e\u0628\u064a\u062b\u0629 \u0639\u0646\u062f \u0641\u062a\u062d \u0645\u0644\u0641 \u0645\u0636\u063a\u0648\u0637.\n\u0646\u0634\u0631\u062a WinRAR \u062a\u062d\u062f\u064a\u062b \u0628\u0631\u0642\u0645 6.23 \u0644\u0645\u0639\u0627\u0644\u062c\u0629 \u0627\u0644\u062b\u063a\u0631\u0629.\n#\u062c\u064a\u0634_\u0627\u0644\u0642\u062f\u0633_\u0627\u0644\u0625\u0644\u0643\u062a\u0631\u0648\u0646\u064a", "creation_timestamp": "2023-08-20T11:15:51.000000Z"}, {"uuid": "4b8b0954-86c0-446e-8035-7e758229d9ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40477", "type": "seen", "source": "https://t.me/breachdetector/325048", "content": "{\n  \"Source\": \"https://www.turkhackteam.org/\",\n  \"Content\": \"Winrar G\u00fcvenlik A\u00e7\u0131\u011f\u0131 Bulundu | CVE-2023-40477\", \n  \"author\": \" (d4rkanee)\",\n  \"Detection Date\": \"28 Aug 2023\",\n  \"Type\": \"Data leak\"\n}\n\ud83d\udd39 t.me/breachdetector \ud83d\udd39", "creation_timestamp": "2023-08-28T01:16:28.000000Z"}, {"uuid": "f186151d-9ca8-4930-85f0-71658a189837", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40477", "type": "seen", "source": "https://t.me/cyberden_team/457", "content": "\u200b\u200bWinRAR \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430\n\n\u0412 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u0430\u044f \u0443\u0442\u0438\u043b\u0438\u0442\u0435 \u0434\u043b\u044f \u0441\u0436\u0430\u0442\u0438\u044f \u0438 \u0430\u0440\u0445\u0438\u0432\u0430\u0446\u0438\u0438 \u0444\u0430\u0439\u043b\u043e\u0432 \u0432 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445 Windows, WinRAR \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2023-40477, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u043d\u0430 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u0446\u0435\u043b\u0435\u0432\u043e\u0433\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f.\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u043e\u0439 \u0434\u0430\u043d\u043d\u044b\u0445, \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c, \u0432 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0435 \u0440\u0430\u0431\u043e\u0442\u044b \u0441 \u0442\u043e\u043c\u0430\u043c\u0438 \u0432\u043e\u0441\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f\u2026\n\n\u0421\u0441\u044b\u043b\u043a\u0430 \u043d\u0430 \u0441\u0442\u0430\u0442\u044c\u044e:\n\nhttps://www.securitylab.ru/news/541023.php", "creation_timestamp": "2024-02-08T15:32:10.000000Z"}, {"uuid": "79c4ed21-0736-468e-addd-36eac8e78c8b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40477", "type": "seen", "source": "https://t.me/CyberSecurityIL/26585", "content": "\u05e2\u05d3\u05d9\u05d9\u05df \u05de\u05e9\u05ea\u05de\u05e9\u05d9\u05dd \u05d1-Winrar \u05d1\u05d1\u05d9\u05ea \u05d0\u05d5 \u05d1\u05d0\u05e8\u05d2\u05d5\u05df? \u05ea\u05d3\u05d0\u05d2\u05d5 \u05dc\u05e2\u05d3\u05db\u05df \u05dc\u05d2\u05e8\u05e1\u05d4 6.23 \u05e9\u05e1\u05d5\u05d2\u05e8\u05ea \u05d7\u05d5\u05dc\u05e9\u05d4 \u05d4\u05de\u05d0\u05e4\u05e9\u05e8\u05ea \u05dc\u05ea\u05d5\u05e7\u05e3 \u05dc\u05d4\u05e8\u05d9\u05e5 \u05e7\u05d5\u05d3 \u05de\u05e8\u05d7\u05d5\u05e7 \u05e2\u05dd \u05e4\u05ea\u05d9\u05d7\u05ea \u05e7\u05d5\u05d1\u05e5 Rar.\n\n\u05d4\u05d7\u05d5\u05dc\u05e9\u05d4 CVE-2023-40477 \u05e0\u05e1\u05d2\u05e8\u05d4 \u05e2\"\u05d9 \u05d4\u05e6\u05d5\u05d5\u05ea \u05e9\u05dc Winrar \u05d1\u05ea\u05d7\u05d9\u05dc\u05ea \u05d4\u05d7\u05d5\u05d3\u05e9, \u05e4\u05e8\u05d8\u05d9\u05dd \u05e0\u05d5\u05e1\u05e4\u05d9\u05dd \u05db\u05d0\u05df.\n\n#\u05d7\u05d5\u05dc\u05e9\u05d5\u05ea", "creation_timestamp": "2023-08-20T12:00:05.000000Z"}, {"uuid": "bbc0fd04-d45c-4f9b-8877-661e3a0a745d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40477", "type": "exploited", "source": "https://t.me/true_secator/4868", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Unit42 \u0438\u0437 Palo Alto \u0440\u0430\u0441\u043a\u0440\u044b\u043b\u0438 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u044e \u043f\u043e \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e VenomRAT \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u043f\u043e\u0434\u0434\u0435\u043b\u044c\u043d\u043e\u0433\u043e PoC\u00a0\u0434\u043b\u044f \u043d\u0435\u0434\u0430\u0432\u043d\u0435\u0439 RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 WinRAR, \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u043e\u0439 \u043a\u0430\u043a\u00a0CVE-2023-40477.\n\n21 \u0430\u0432\u0433\u0443\u0441\u0442\u0430, \u0431\u0443\u043a\u0432\u0430\u043b\u044c\u043d\u043e \u0441\u043f\u0443\u0441\u0442\u044f 4 \u0434\u043d\u044f \u043f\u043e\u0441\u043b\u0435 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e\u0433\u043e \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u044f \u043e \u043e\u0448\u0438\u0431\u043a\u0435. \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043f\u043e\u0434 \u043f\u0441\u0435\u0432\u0434\u043e\u043d\u0438\u043c\u043e\u043c whalersplonk \u0440\u0430\u0437\u043c\u0435\u0441\u0442\u0438\u043b \u0444\u0435\u0439\u043a\u043e\u0432\u044b\u0439 PoC-\u0441\u043a\u0440\u0438\u043f\u0442 \u0432 \u0441\u0432\u043e\u0435\u043c \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0438 \u043d\u0430 GitHub.\n\n\u0412 \u043e\u0441\u043d\u043e\u0432\u0435 \u0443\u043a\u0430\u0437\u0430\u043d\u043d\u043e\u0433\u043e PoC \u0431\u044b\u043b \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d \u043e\u0431\u0449\u0435\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u043c \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0431\u044b\u043b \u043d\u0430\u0446\u0435\u043b\u0435\u043d \u043d\u0430 \u0434\u0440\u0443\u0433\u0443\u044e SQL-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0438 \u043f\u043e\u0434 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435\u043c GeoServer, \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u0443\u044e \u043a\u0430\u043a\u00a0CVE-2023-25157.\u00a0\n\n\u041a\u0430\u043a \u043f\u043e\u043b\u0430\u0433\u0430\u044e\u0442 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u0432\u0440\u044f\u0434 \u043b\u0438 \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u043b \u0444\u0430\u043b\u044c\u0448\u0438\u0432\u044b\u0439 Python-\u0441\u043a\u0440\u0438\u043f\u0442 \u043f\u043e\u0434 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439, \u0441\u043a\u043e\u0440\u0435\u0435 \u0432\u0441\u0435\u0433\u043e \u0431\u044b\u043b \u043d\u0430\u0446\u0435\u043b\u0435\u043d \u043d\u0430 \u0434\u0440\u0443\u0433\u0438\u0445 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432, \u043f\u044b\u0442\u0430\u044f\u0441\u044c \u0432\u043d\u0435\u0434\u0440\u0438\u0442\u044c \u043d\u043e\u0432\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0441\u0432\u043e\u0438 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0438.\n\n\u0412\u043e\u0441\u0441\u043e\u0437\u0434\u0430\u043d\u043d\u0430\u044f \u0438\u043c\u0438 \u0445\u0440\u043e\u043d\u043e\u043b\u043e\u0433\u0438\u044f \u0441\u043e\u0431\u044b\u0442\u0438\u0439 \u0442\u0430\u043a\u0436\u0435 \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442 \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430 \u0438 \u043f\u043e\u043b\u0435\u0437\u043d\u0430\u044f \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0430 \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u043b\u0438\u0441\u044c \u0437\u0430\u0440\u0430\u043d\u0435\u0435, \u043d\u0435\u0437\u0430\u0432\u0438\u0441\u0438\u043c\u043e \u043e\u0442 \u0432\u044b\u043f\u0443\u0441\u043a\u0430 \u043f\u043e\u0434\u0434\u0435\u043b\u044c\u043d\u043e\u0433\u043e PoC. \u041f\u0440\u043e\u0441\u0442\u043e \u0430\u043a\u0442\u043e\u0440 \u0440\u0435\u0448\u0438\u043b \u043e\u043f\u0435\u0440\u0430\u0442\u0438\u0432\u043d\u043e \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0441\u0438\u0442\u0443\u0430\u0446\u0438\u0435\u0439, \u0443\u0447\u0438\u0442\u044b\u0432\u0430\u044f \u043d\u0430\u043b\u0438\u0447\u0438\u0435 \u0443 WinRAR \u0431\u043e\u043b\u0435\u0435 500 \u043c\u043b\u043d. \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u043f\u043e \u0432\u0441\u0435\u043c\u0443 \u043c\u0438\u0440\u0443.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u0434\u043b\u044f \u0432\u0432\u043e\u0434\u0430 \u0432 \u0437\u0430\u0431\u043b\u0443\u0436\u0434\u0435\u043d\u0438\u0435 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u0436\u0435\u0440\u0442\u0432 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0441\u043d\u0430\u0431\u0434\u0438\u043b\u0438 \u0440\u0430\u0437\u043c\u0435\u0449\u0435\u043d\u043d\u044b\u0439 ZIP-\u0430\u0440\u0445\u0438\u0432 \u0444\u0430\u0439\u043b\u043e\u043c\u00a0README.md\u00a0\u0441 \u043a\u0440\u0430\u0442\u043a\u0438\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0435\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2023-40477 \u0438 \u0438\u043d\u0441\u0442\u0440\u0443\u043a\u0446\u0438\u0435\u0439 \u043f\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044e \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u044f\u00a0poc.py, \u0443\u043a\u0430\u0437\u0430\u0432 \u0432 \u043d\u0435\u0439 \u0441\u0441\u044b\u043b\u043a\u0443 \u043d\u0430 \u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0439 \u0440\u043e\u043b\u0438\u043a \u043d\u0430 \u0441\u0442\u043e\u0440\u043e\u043d\u043d\u0435\u043c \u0440\u0435\u0441\u0443\u0440\u0441\u0435.\n\n\u041f\u043e\u0434\u0434\u0435\u043b\u044c\u043d\u044b\u0439 \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u0439 poc.py\u00a0\u0431\u044b\u043b \u043e\u0441\u043d\u043e\u0432\u0430\u043d \u043d\u0430 PoC CVE-2023-25157, \u043d\u043e \u0441 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u043c\u0438 \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f\u043c\u0438: \u0431\u044b\u043b\u0438 \u0443\u0434\u0430\u043b\u0435\u043d\u044b \u043a\u043e\u043c\u043c\u0435\u043d\u0442\u0430\u0440\u0438\u0438, \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u044b \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0441\u0442\u0440\u043e\u043a\u0438 \u043a\u043e\u0434\u0430 \u0438 \u0431\u044b\u043b \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434, \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u044e\u0449\u0438\u0439 \u043f\u0430\u043a\u0435\u0442\u043d\u044b\u0439 \u0441\u043a\u0440\u0438\u043f\u0442 \u0441 \u043a\u043e\u043c\u043c\u0435\u043d\u0442\u0430\u0440\u0438\u0435\u043c \u00ab\u043f\u0440\u043e\u0432\u0435\u0440\u0438\u0442\u044c \u0437\u0430\u0432\u0438\u0441\u0438\u043c\u043e\u0441\u0442\u044c\u00bb.\n\n\u041e\u0431\u0440\u0430\u0449\u0430\u044f\u0441\u044c \u043a \u0432\u044b\u0434\u0435\u043b\u0435\u043d\u043d\u043e\u043c\u0443 URL-\u0430\u0434\u0440\u0435\u0441\u0443 (checkblacklistwords[.]eu), \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0435\u0442\u0441\u044f \u0437\u0430\u043a\u043e\u0434\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u0439 PowerShell, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0435\u0442 \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0435\u0442 \u0434\u0440\u0443\u0433\u043e\u0439 \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u0439 PowerShell \u0438\u0437 checkblacklistwords[.]eu/c.txt.\n\n\u0417\u0430\u0433\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0439 \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u0439 PowerShell \u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u043d\u044f\u0435\u043c\u044b\u0439 \u0444\u0430\u0439\u043b \u0438 \u0441\u043e\u0437\u0434\u0430\u0435\u0442 \u0437\u0430\u043f\u043b\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u0443\u044e \u0437\u0430\u0434\u0430\u0447\u0443, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0435\u0442 \u0435\u0433\u043e \u043a\u0430\u0436\u0434\u044b\u0435 \u0442\u0440\u0438 \u043c\u0438\u043d\u0443\u0442\u044b \u0434\u043b\u044f \u043f\u043e\u0441\u0442\u043e\u044f\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043f\u043e\u043b\u0435\u0437\u043d\u043e\u0439 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0438.\n\n\u0418\u0441\u043f\u043e\u043b\u043d\u044f\u0435\u043c\u044b\u0439 \u0444\u0430\u0439\u043b Windows.Gaming.Preview.exe\u00a0- \u044d\u0442\u043e \u0438 \u0435\u0441\u0442\u044c VenomRAT, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0438\u043c\u0435\u0435\u0442 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u0443\u044e \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044e.\n\n\u041e\u0431\u0440\u0430\u0437\u0435\u0446 \u0431\u044b\u043b \u0441\u043a\u043e\u043c\u043f\u0438\u043b\u0438\u0440\u043e\u0432\u0430\u043d 8 \u0444\u0435\u0432\u0440\u0430\u043b\u044f 2023 \u0433\u043e\u0434\u0430 \u0432 22:10:28 UTC \u043e\u0434\u043d\u043e\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e \u0435\u0449\u0435 \u0441 700 \u0434\u0440\u0443\u0433\u0438\u043c\u0438, \u0447\u0442\u043e \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442 \u043d\u0430 \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u043d\u043e\u0433\u043e \u043a\u043e\u043c\u043f\u043e\u043d\u043e\u0432\u0449\u0438\u043a\u0430 \u0438 \u043c\u043e\u0434\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0431\u0430\u0437\u043e\u0432\u043e\u0433\u043e \u0444\u0430\u0439\u043b\u0430 \u0435\u0433\u043e \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u043d\u0430\u0441\u0442\u0440\u043e\u0435\u043a \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438.\u00a0\n\n\u0423\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u0442\u043e\u0447\u043d\u043e\u0435 \u0447\u0438\u0441\u043b\u043e \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0439 \u0438 \u043e\u0446\u0435\u043d\u0438\u0442\u044c \u0432\u043b\u0438\u044f\u043d\u0438\u0435 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438 \u043d\u0435 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u043b\u043e\u0441\u044c \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u043c, \u043d\u043e \u0441\u043c\u043e\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0435 \u0430\u043a\u0442\u043e\u0440\u043e\u043c \u0438\u043c\u0435\u043b\u043e 121 \u043f\u0440\u043e\u0441\u043c\u043e\u0442\u0440. \u041f\u043e\u043b\u043d\u044b\u0439 \u0441\u043f\u0438\u0441\u043e\u043a SHA \u0438 IoC\u00a0\u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u0435\u043d \u043d\u0430 GitHub.", "creation_timestamp": "2023-09-20T16:30:06.000000Z"}, {"uuid": "5d2b285c-1f77-479b-ba7f-4fafda4acab6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40477", "type": "seen", "source": "https://t.me/true_secator/4747", "content": "\u0420\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 WinRAR \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c RCE \u0432 \u0446\u0435\u043b\u0435\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u043f\u043e\u0441\u043b\u0435 \u043e\u0442\u043a\u0440\u044b\u0442\u0438\u044f \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u043e\u0433\u043e \u0444\u0430\u0439\u043b\u0430 RAR.\n\nCVE-2023-40477 \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c goodbyeselene \u0438\u0437 Zero Day Initiative, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0441\u043e\u043e\u0431\u0449\u0438\u043b \u043e \u043d\u0435\u0439 \u0432 RARLAB \u0435\u0449\u0435 8 \u0438\u044e\u043d\u044f 2023 \u0433\u043e\u0434\u0430.\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u043e\u0439 \u0442\u043e\u043c\u043e\u0432 \u0434\u043b\u044f \u0432\u043e\u0441\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0438 \u0432\u043e\u0437\u043d\u0438\u043a\u0430\u0435\u0442 \u0438\u0437-\u0437\u0430 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u044f \u043d\u0430\u0434\u043b\u0435\u0436\u0430\u0449\u0435\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0434\u0430\u043d\u043d\u044b\u0445 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f, \u0447\u0442\u043e \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0434\u043e\u0441\u0442\u0443\u043f\u0443 \u043a \u043f\u0430\u043c\u044f\u0442\u0438 \u043f\u043e\u0441\u043b\u0435 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0432\u044b\u0434\u0435\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0431\u0443\u0444\u0435\u0440\u0430.\n\n\u041f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0446\u0435\u043b\u0438 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u043e\u0431\u043c\u0430\u043d\u043e\u043c \u0437\u0430\u0441\u0442\u0430\u0432\u0438\u0442\u044c \u0436\u0435\u0440\u0442\u0432\u0443 \u043e\u0442\u043a\u0440\u044b\u0442\u044c \u0430\u0440\u0445\u0438\u0432, \u0440\u0435\u0439\u0442\u0438\u043d\u0433 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0441\u043d\u0438\u0436\u0435\u043d \u0434\u043e 7,8 \u043f\u043e CVSS.\n\n\u041e\u0434\u043d\u0430\u043a\u043e \u0441 \u043f\u0440\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0442\u043e\u0447\u043a\u0438 \u0437\u0440\u0435\u043d\u0438\u044f \u044d\u0442\u0430 \u0437\u0430\u0434\u0430\u0447\u0430 \u043d\u0435 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0441\u043b\u0438\u0448\u043a\u043e\u043c \u0441\u043b\u043e\u0436\u043d\u043e\u0439, \u0430 \u0443\u0447\u0438\u0442\u044b\u0432\u0430\u044f \u043e\u0433\u0440\u043e\u043c\u043d\u044b\u0439 \u0440\u0430\u0437\u043c\u0435\u0440 \u043a\u043b\u0438\u0435\u043d\u0442\u0441\u043a\u043e\u0439 \u0431\u0430\u0437\u044b WinRAR, \u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432 \u0448\u0438\u0440\u043e\u043a\u0438\u0435 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u0442\u043e\u0433\u043e, \u0447\u0442\u043e\u0431\u044b \u0434\u043e\u0431\u0438\u0442\u044c\u0441\u044f \u0443\u0441\u043f\u0435\u0448\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f RARLAB \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 WinRAR \u0432\u0435\u0440\u0441\u0438\u0438 6.23 \u0441 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c \u0434\u043b\u044f CVE-2023-40477.\n\n\u041f\u043e\u043c\u0438\u043c\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u0442\u043e\u043c\u043e\u0432 \u0432\u043e\u0441\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f RAR4, \u0432\u0435\u0440\u0441\u0438\u044f 6.23 \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u0435\u0442 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443 \u0441\u043e \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u043c\u0438 \u0430\u0440\u0445\u0438\u0432\u0430\u043c\u0438, \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0443\u044e \u043a \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e\u043c\u0443 \u0437\u0430\u043f\u0443\u0441\u043a\u0443 \u0444\u0430\u0439\u043b\u0430, \u0447\u0442\u043e \u0442\u0430\u043a\u0436\u0435 \u0441\u0447\u0438\u0442\u0430\u0435\u0442\u0441\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438.\n\n\u0423\u0447\u0438\u0442\u044b\u0432\u0430\u044f, \u0447\u0442\u043e \u0432 \u043f\u0440\u043e\u0448\u043b\u043e\u043c \u0445\u0430\u043a\u0435\u0440\u044b \u0443\u0436\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 WinRAR, \u043a\u043e\u0433\u0434\u0430 \u0432 2019 \u0433\u043e\u0434\u0443 Checkpoint \u0441\u043e\u043e\u0431\u0449\u0430\u043b\u0438 \u043e \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0439 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0435 UNACEV2.DLL, \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435.", "creation_timestamp": "2023-08-21T13:08:58.000000Z"}, {"uuid": "536f60fc-7b69-4394-a45d-878040c4783c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40477", "type": "seen", "source": "https://t.me/thehackernews/3770", "content": "A high-severity flaw in WinRAR could let hackers remotely run code on Windows systems. \n \nLearn more about CVE-2023-40477: https://thehackernews.com/2023/08/new-winrar-vulnerability-could-allow.html", "creation_timestamp": "2023-08-21T15:46:02.000000Z"}, {"uuid": "d11ede46-0555-4aaf-a88e-4326f2b0caf1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40477", "type": "published-proof-of-concept", "source": "Telegram/c9pIw7a0EgAYbUbJRLzcPspLVdH_OxPyjTlMumeB05P7QegQ", "content": "", "creation_timestamp": "2024-10-09T22:22:32.000000Z"}, {"uuid": "87e981e6-19c2-4fc2-a82a-63b5324bd267", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40477", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/8890", "content": "#Threat_Research\n1. RARLAB WinRAR Recovery Volume Improper Validation of Array Index RCE (CVE-2023-40477)\nhttps://www.zerodayinitiative.com/advisories/ZDI-23-1152\n2. Fake Airplane Mode: A mobile tampering technique to maintain connectivity\nhttps://www.jamf.com/blog/fake-airplane-mode-a-mobile-tampering-technique-to-maintain-connectivity", "creation_timestamp": "2023-08-21T22:30:19.000000Z"}, {"uuid": "e70367fa-1a2c-4994-b3f9-ce4748727035", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40477", "type": "seen", "source": "Telegram/nX1LFyL3zsWAKsRKXmrHxTtN0jt2n7MfPNwh5j5btMY_axE", "content": "", "creation_timestamp": "2023-08-21T17:30:21.000000Z"}, {"uuid": "fb05b8c8-6381-4141-a70d-850fb7240c09", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40477", "type": "seen", "source": "https://t.me/secmedia/1323", "content": "\u0412 WinRAR \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u043d\u043e\u0432\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0445\u0430\u043a\u0435\u0440\u0430\u043c \u043f\u043e\u043b\u0443\u0447\u0430\u0442\u044c \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u043d\u0430\u0434 \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u043e\u043c \u0436\u0435\u0440\u0442\u0432\u044b \u0447\u0435\u0440\u0435\u0437 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u043e\u043c CVE-2023-40477 \u043e\u0446\u0435\u043d\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043d\u0430 7.8 \u043f\u043e \u0448\u043a\u0430\u043b\u0435 CVSS.", "creation_timestamp": "2023-08-22T14:57:12.000000Z"}, {"uuid": "ac677fe1-88af-4242-8a26-a8d010019693", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40477", "type": "seen", "source": "https://gist.github.com/gkhantyln/9271814716a85946080262cd452ef831", "content": "# FABLE-5 HYBRID NEXUS \u2014 God Complex Mode \ud83d\udc80\n## WinRAR \u015eifre Kurtarma \u2014 Profesyonel Rehber\n\n| Alan | De\u011fer |\n|------|-------|\n| **Document ID** | F5R-WRK-20260702-001 |\n| **Konu** | WinRAR Ar\u015fiv \u015eifre Kurtarma \u2014 \u0130leri Seviye Metodoloji |\n| **Tarih-Saat** | 2026-07-02 20:35 UTC+3 |\n| **Sorunun Amac\u0131** | \u015eifresi unutulmu\u015f/unutulan bir WinRAR (.rar) ar\u015fivindeki dosyalar\u0131n kurtar\u0131lmas\u0131 i\u00e7in uygulanabilecek t\u00fcm teknik y\u00f6ntemlerin kapsaml\u0131 dok\u00fcmantasyonu; GPU/FPGA tabanl\u0131 brute-force'tan nation-state seviyesi donan\u0131m ataklar\u0131na kadar t\u00fcm spektrumun analizi |\n| **\u00d6n Ko\u015ful** | RAR ar\u015fivine okuma eri\u015fimi, GPU/FPGA donan\u0131m (hashcat/FPGA cluster), hedef makineye fiziksel veya kernel d\u00fczeyinde eri\u015fim (DMA/memory dump y\u00f6ntemleri i\u00e7in), temel kriptografi bilgisi (AES, PBKDF2), hashcat/GPU hacking deneyimi |\n| **Hedef Kitle** | Penetrasyon test uzmanlar\u0131, adli bili\u015fim (forensics) m\u00fchendisleri, g\u00fcvenlik ara\u015ft\u0131rmac\u0131lar\u0131, donan\u0131m g\u00fcvenlik m\u00fchendisleri (FPGA/ASIC), kolluk kuvvetleri siber birimleri, tersine m\u00fchendislik uzmanlar\u0131 |\n| **Risk Seviyesi** | KR\u0130T\u0130K \u2014 Baz\u0131 y\u00f6ntemler (DMA attack, cold boot, binary instrumentation) \u00fc\u00e7\u00fcnc\u00fc taraf sistemlerde izinsiz kullan\u0131ld\u0131\u011f\u0131nda yasa d\u0131\u015f\u0131d\u0131r. Yaln\u0131zca kendi ar\u015fivinizde veya yaz\u0131l\u0131 izin al\u0131nm\u0131\u015f sistemlerde uygulay\u0131n. |\n| **Ger\u00e7ek D\u00fcnya Referanslar\u0131** | hashcat.net, elcomsoft.com, passware.com, chipwhisperer.com, NSA CNSS Advisory, GCHQ TEMPEST Standartlar\u0131, D-Wave Systems (quantum annealing), vast.ai, ACM CCS/IEEE S&amp;P kripto analizi yay\u0131nlar\u0131 |\n\n---\n\n## 1. RAR Versiyon Tespiti (Kritik)\n\n```powershell\n# RAR5 vs RAR3 ayr\u0131m\u0131\n# RAR5: AES-256 CTR mode, PBKDF2-HMAC-SHA256, 262144 iterasyon\n# RAR3: AES-128 CBC mode, iterasyon yok (\u00e7ok daha h\u0131zl\u0131)\n\n# version tespiti\nrar2john arsiv.rar | Select-String -Pattern \"\\$rar5\\$\"  # RAR5\nrar2john arsiv.rar | Select-String -Pattern \"\\$rar3\\$\"  # RAR3\n```\n\n**H\u0131z Fark\u0131 (RTX 4090):**\n\n| Versiyon | Hash/s | 8 char brute-force |\n|----------|--------|-------------------|\n| RAR3 | ~15000/s | ~2.5 y\u0131l |\n| RAR5 | ~200/s | ~200 milyon y\u0131l |\n\n## 2. Hash \u00c7\u0131karma\n\n```powershell\nrar2john.exe arsiv.rar &gt; hash.txt\n```\n\n## 3. hashcat ile K\u0131rmak (GPU ile)\n\n### Temel Komutlar\n\n```powershell\n# Mask attack \u2014 8 karakter, t\u00fcm ASCII\nhashcat -m 12500 -a 3 hash.txt ?a?a?a?a?a?a?a?a\n\n# Dictionary attack\nhashcat -m 12500 hash.txt rockyou.txt\n\n# Dictionary + rules\nhashcat -m 12500 hash.txt wordlist.txt -r rules/best64.rule\n\n# Hybrid: dictionary + mask suffix\nhashcat -m 12500 hash.txt wordlist.txt -a 6 ?d?d?d\n```\n\n### Custom Charset ile Mask\n\n```powershell\n# ?u?l?l?l?d?d?d?d?d?s \u2014 B\u00fcy\u00fck+3k\u00fc\u00e7\u00fck+5rakam+sembol\nhashcat -m 12500 hash.txt -a 3 ?u?l?l?l?d?d?d?d?d?s --custom-charset1 ?u?l?d\n```\n\n### Markov Chain\n\n```powershell\n# Markov disabled \u2014 true brute\nhashcat -m 12500 hash.txt -a 3 --markov-disable\n\n# Markov classic \u2014 letter frequency analysis\nhashcat -m 12500 hash.txt -a 3 --markov-classic\n```\n\n## 4. \u0130leri Seviye Rule Engine\n\n### Rulesets\n\n```powershell\n# best64.rule \u2014 ba\u015flang\u0131\u00e7\nhashcat -m 12500 hash.txt wordlist.txt -r rules/best64.rule\n\n# NSA Ruleset (NSA's password guessing rules)\nhashcat -m 12500 hash.txt wordlist.txt -r rules/NSAKEYv2.rule\n\n# OneRuleToRuleThemAll (en kapsaml\u0131)\nhashcat -m 12500 hash.txt wordlist.txt -r rules/OneRuleToRuleThemAll.rule\n```\n\n### Custom Rule \u00d6rnekleri\n\n```\n# positional modifiers\n$d          # append digit\n^!          # prepend !\nso0         # o \u2192 0\nss$         # s \u2192 $\nc           # capitalize first\nu5          # uppercase 5th char\nT0-3        # toggle case positions 0-3\n```\n\n## 5. Prince Attack (Markov-chain Combinations)\n\n```powershell\n# \u0130ki kelimeyi birle\u015ftir\nhashcat -m 12500 hash.txt pp_wordlist.txt --prince-mode\n# \"password\" + \"123\" \u2192 \"password123\"\n# \"john\" + \"1985\" \u2192 \"john1985\"\n```\n\n## 6. GPU Farm \u2014 Distributed Cracking\n\n### vast.ai\n\n```yaml\n- $0.50-1.50/saat i\u00e7in 8x RTX 4090\n- 1600 hash/s RAR5 \u2192 8 karakter mask attack ~25 milyon y\u0131l \u2192 3000 y\u0131l\n- K\u0131sa \u015fifreler (&lt;6) i\u00e7in mant\u0131kl\u0131: ~g\u00fcnler\n```\n\n### rage (distributed hashcat network)\n\n```bash\ngit clone https://github.com/llamasoft/rage\nrage --broker --hash hash.txt --mask ?a?a?a?a?a?a?a\n# Worker'lar internetteki di\u011fer makineler\n```\n\n## 7. Binary D\u00fczeyinde Sald\u0131r\u0131lar\n\n### Memory Dump Attack\n\n```powershell\n# RAR a\u00e7\u0131kken bellekte \u015fifre kalabilir\n# WinRAR 6.x'te k\u0131smen d\u00fczeltildi, eski versiyonlarda %80 ba\u015far\u0131\n\nprocdump.exe -ma WinRAR.exe winrar.dmp\nstrings winrar.dmp &gt; strings.txt\n\n# regex ile parola format\u0131 ara\nSelect-String -Pattern \"^[A-Za-z0-9!@#$%^&amp;*()]{6,20}$\" strings.txt\n```\n\n### Pagefile / Hibernation / Crash Dump\n\n```powershell\n# WinRAR'\u0131 a\u00e7t\u0131ktan sonra BSOD ver (NotMyFault ile)\n# Dump'ta \u015fifre plaintext kalabilir\nC:\\Windows\\memory.dmp\nC:\\hiberfil.sys\nC:\\pagefile.sys\n```\n\n## 8. Ticari / Profesyonel Ara\u00e7lar\n\n| Ara\u00e7 | Fiyat | \u00d6zellik |\n|------|-------|---------|\n| **Elcomsoft Distributed Password Recovery** | ~$2000/seat | GPU+CPU+cluster native, %30 daha h\u0131zl\u0131 hashcat |\n| **Passware Kit Forensic** | ~$5000 | Kolluk standard\u0131, memory imaging, keyfile brute |\n| **CrackStation** | \u00dccretli/token | ~100 TB rainbow table (RAR i\u00e7in \u00e7al\u0131\u015fmaz \u2014 salt+iterations) |\n\n## 9. AI/ML Tabanl\u0131 Password Guessing\n\n```bash\n# PassGAN: GAN ile ger\u00e7ek\u00e7i parola \u00fcretimi\ngit clone https://github.com/brannondorsey/PassGAN\npython train.py --dataset rockyou.txt\npython generate.py --count 100000000 &gt; neural_words.txt\n\n# k\u0131r\nhashcat -m 12500 hash.txt neural_words.txt\n\n# Transformer-based (GPT-style) password generation\npython genpass.py --model gpt2-password --batch 100000\n```\n\n## 10. Pratik Taktiksel S\u0131ralama\n\n```yaml\n1. \u00d6nce google/email/drive'da ar\u015fiv\n   - \"dosyaad\u0131 \u015fifre\" veya \"password file.rar\" gibi\n\n2. Ki\u015fisel bilgi review\n   - do\u011fum tarihleri, evcil hayvan, araba plakas\u0131, telefon\n   - eski \u015fifre pattern'leri (varsa)\n\n3. Dictionary + best64 rules (1 saat)\n\n4. Markov-based pattern analyze\n   - ki\u015fisel kelime listesi + say\u0131/sembol kombinasyon\n\n5. E\u011fer &lt;8 karakter \u2192 mask attack (hashcat -a 3)\n   - \u00f6nce sadece ?l?l?l?l?l?l?d?d (k\u00fc\u00e7\u00fck+rakam)\n   - sonra ?u?l?l?l?l?l?d?d (b\u00fcy\u00fck+k\u00fc\u00e7\u00fck+rakam)\n\n6. 8+ karakter ve hint yoksa \u2192 GPU farm veya uzman servis\n   - elcomsoft.com\n   - passware.com\n   - vast.ai (kendin host)\n```\n\n## 11. Bilinen Zaafiyetler\n\n```yaml\n- CVE-2023-40477: WinRAR RCE (kod y\u00fcr\u00fctme, \u015fifre okuma de\u011fil)\n- CVE-2005-1849: RAR3 known-plaintext (RAR5'te \u00e7al\u0131\u015fmaz)\n\n# RAR5'te BUG\u00dcNE KADAR bilinen bir \u015fifre bypass zaafiyeti YOK\n# AES-256 + PBKDF2 sa\u011flam. Brute-force tek yol.\n```\n\n## 12. \u0130leri Seviye \u2014 Profesyonel/Devlet D\u00fczeyi Y\u00f6ntemler\n\n### 12.1 FPGA Array Cracking (GPU'dan 50-100x H\u0131zl\u0131)\n\nGPU'lar genel ama\u00e7l\u0131d\u0131r; FPGA'lar AES/PBKDF2 i\u00e7in do\u011frudan hardware pipeline kurar.\n\n```yaml\n# Xilinx Alveo U250 (~$15,000/kart)\n- RAR5 hash/s: ~15,000-20,000 (RTX 4090: ~200)\n- 8 kart cluster: ~120,000-160,000 hash/s\n- 6-7 karakter mask attack: g\u00fcnler i\u00e7inde\n- 8 char full brute: ~3000 y\u0131l \u2192 ~3-5 y\u0131l\n```\n\n### 12.2 Custom ASIC (NSA/GCHQ/FSB Seviyesi)\n\n```yaml\n- PBKDF2-SHA256 i\u00e7in \u00f6zel \u00fcretilmi\u015f \u00e7ip\n- Tahmini h\u0131z: ~500,000-1,000,000 hash/s (tek \u00e7ip)\n- Wafer-scale: ~50,000,000 hash/s\n- 8 char RAR5 full brute: ~8,000 y\u0131l \u2192 g\u00fcnler\n- Maliyet: ~$10-50M (geli\u015ftirme + maske + \u00fcretim)\n```\n\n### 12.3 Differential Fault Analysis (DFA)\n\n```yaml\n- WinRAR \u015fifre \u00e7\u00f6zerken voltaj/clock manip\u00fclasyonu ile AES'e hata enjekte et\n- Hatal\u0131 ciphertext + do\u011fru ciphertext \u2192 matematiksel analizle AES key recovery\n- RAR5 AES-256 CTR: 4-8 pairwise fault yeterli\n- Pratikte ba\u015far\u0131: %1-5 (fault injection precise olmal\u0131)\n- ChipWhisperer + Teensy ile uygulan\u0131r\n```\n\n### 12.4 Spectre/Meltdown \u2014 Microarchitectural Side-Channel\n\n```yaml\n- WinRAR ayn\u0131 makinede \u00e7al\u0131\u015f\u0131yorsa L1/L2 cache timing attack ile AES key \u00e7ek\n- Flush+Reload, Prime+Probe teknikleri\n- WinRAR 6.x AES-NI assembly kullan\u0131r \u2192 constant-time, timing attack \u00e7ok zor\n- Ba\u015far\u0131 oran\u0131: AES-NI olmayan sistemlerde daha y\u00fcksek\n```\n\n### 12.5 Cold Boot Attack\n\n```yaml\n- RAM mod\u00fcllerini -50\u00b0C'ye so\u011fut, ba\u015fka makineye tak\n- Bellek verisi decay olmadan oku (data remanence)\n- AES key schedule'\u0131 RAM'den \u00e7\u0131kar\n- DDR4: ~30-60 saniye sonra %50 decay\n- Pratik: WinRAR kapand\u0131ktan saniyeler sonra key kaybolur\n```\n\n### 12.6 DMA Attack \u2014 Thunderbolt / PCIe (En Pratik Geli\u015fmi\u015f Y\u00f6ntem)\n\n```powershell\n# PCILeech \u2014 PCIe DMA ile RAM oku\npci-leech.exe -mmap winrar_process\n\n# AES key schedule'\u0131 bellekte bul\npci-leech.exe -search \"AES-256-KEY\" -dump 256\n```\n\n```yaml\n- Thunderbolt ba\u011flant\u0131s\u0131 olan her makinede \u00e7al\u0131\u015f\u0131r\n- Kernel bypass \u2014 i\u015fletim sistemi fark\u0131nda olmaz\n- WinRAR a\u00e7\u0131kken key dump ba\u015far\u0131s\u0131: ~%90\n- Sadece fiziksel eri\u015fim gerekli\n```\n\n### 12.7 OSINT + Password Reuse Pattern Analysis\n\n```yaml\n- Target'\u0131n t\u00fcm breach dataset'lerini tara (10B+ kay\u0131t)\n- Password reuse pattern analizi \u2014 di\u011fer platformlardaki \u015fifrelerden ML model \u00e7\u0131kar\n- Keyboard acoustic cryptanalysis (tu\u015f sesinden \u015fifre \u00e7\u00f6zme)\n  - 60-80dB ortamda bile %60+ do\u011fruluk\n```\n\n### 12.8 Binary Instrumentation \u2014 DLL Injection / IAT Hook\n\n```yaml\n- WinRAR binary'sine DLL injection + CryptUnprotectData / BCryptDecrypt hook\n- Plaintext key'i an\u0131nda capture et\n- WinRAR 6.x'te binary signing var \u2014 modify edersen AV alert\n- En etkili: target'a \u00f6zel WinRAR da\u011f\u0131tabiliyorsan\n```\n\n### 12.9 Nation-State Level\n\n```yaml\nNSA:\n  - CRYPTANALYTIC EXPLOITATION: RAR5 implementasyon zafiyeti tarama\n  - Power analysis + timing analysis (constant-time kontrol\u00fc)\n\nGCHQ:\n  - TEMPEST: Ekran kablosundan elektromanyetik yay\u0131l\u0131m\u0131 oku\n  - Karakter ba\u015f\u0131na farkl\u0131 emisyon analizi\n\nFSB/GRU:\n  - Elektromanyetik yay\u0131l\u0131mdan AES key extraction\n  - TED (TEMPEST Electronic Device)\n```\n\n## 13. Pratikte En Ger\u00e7ek\u00e7i S\u0131ralama\n\n```yaml\n1. Memory dump (WinRAR a\u00e7\u0131kken)            \u2192 %90 ba\u015far\u0131, 5 dk\n2. DMA attack via Thunderbolt               \u2192 %90 ba\u015far\u0131, 10 dk\n3. Ki\u015fisel OSINT + dictionary variant       \u2192 %30-50 ba\u015far\u0131, g\u00fcnler\n4. GPU cluster (64x RTX 4090)              \u2192 %5-20 ba\u015far\u0131, haftalar\n5. FPGA cluster (8x Alveo)                 \u2192 %20-40 ba\u015far\u0131, haftalar\n6. Fault injection (ChipWhisperer)          \u2192 %1-5 ba\u015far\u0131, aylar\n7. Cold boot                                \u2192 %10-30 ba\u015far\u0131, fiziksel eri\u015fim\n8. Custom ASIC / Nation-state               \u2192 Sizin i\u00e7in ge\u00e7erli de\u011fil\n```\n\n## \u00d6zet: Y\u00f6ntem Se\u00e7im Tablosu\n\n| Durum | \u00d6nerilen Y\u00f6ntem | Tahmini S\u00fcre |\n|-------|-----------------|--------------|\n| \u015eifre k\u0131sa (&lt;6) ve tahmin var | Mask attack + rule | Dakikalar-saatler |\n| Word list'te olmas\u0131 muhtemel | Dictionary + rules | Saatler |\n| Par\u00e7a bilgi var (desen biliniyor) | Custom mask attack | Saatler-g\u00fcnler |\n| Hi\u00e7bir bilgi yok, 8+ karakter | GPU farm / FPGA cluster | Haftalar-y\u0131llar |\n| RAR a\u00e7\u0131kken fiziksel eri\u015fim var | Memory dump / DMA attack | Dakikalar (%90) |\n| S\u0131n\u0131rs\u0131z b\u00fct\u00e7e / devlet seviyesi | ASIC / Nation-state tools | G\u00fcnler |\n| RAR hi\u00e7 a\u00e7\u0131lmad\u0131ysa, hint yok | Brute-force (\u00e7ok uzun s\u00fcrebilir) | Pratik de\u011fil |\n", "creation_timestamp": "2026-07-02T13:23:01.996159Z"}]}