{"vulnerability": "CVE-2024-38396", "sightings": [{"uuid": "a42e4595-aba1-4686-9955-7ea591e33333", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38396", "type": "seen", "source": "MISP/bb3804ec-d19b-4521-9b88-42b6d05c969f", "content": "", "creation_timestamp": "2024-06-26T16:06:39.000000Z"}, {"uuid": "a24ca755-59f7-4e73-bc7d-e2b43a9be7b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38396", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/6836", "content": "Tools - Hackers Factory \n\nOfficial Kali Linux tool to check all urls of a domain for SQL injections.\n\nhttps://github.com/malvads/sqlmc\n\nAn ADCS honeypot to catch attackers in your internal network.\n\nhttps://github.com/srlabs/Certiception\n\nActive Directory Cheat Sheet\n\nhttps://github.com/Integration-IT/Active-Directory-Exploitation-Cheat-Sheet\n\nA decompiler-agnostic plugin for interacting with AI in your decompiler. GPT-4, Claude, and local models supported.\n\nhttps://github.com/mahaloz/DAILA\n\nA SOCKS proxy written in Python that randomizes your source IP address. Round-robin your evil packets through SSH tunnels or give them billions of unique source addresses.\n\nhttps://github.com/blacklanternsecurity/TREVORproxy\n\nCloud-Based Identity to Exfiltration Attack\n\nhttps://github.com/LearningKijo/SecurityResearcher-Note/blob/main/SecurityResearcher-Note-Folder%2FDay16-CloudId-Exfiltration-AttackReport-Part1.md\n\nPoC for iTerm2 CVEs CVE-2024-38396 and CVE-2024-38395 which allow code execution\n\nhttps://github.com/vin01/poc-cve-2024-38396\n\nReflective DLL to privesc from NT Service to SYSTEM using SeImpersonateToken privilege.\n https://github.com/sokaRepo/CoercedPotatoRDLL\n\nEyes is an OSINT tool to get existing accounts from an email\n\nhttps://github.com/C3n7ral051nt4g3ncy/Eyes\n\nTunnel all your traffic over Websocket or HTTP2 - Bypass firewalls/DPI - Static binary available \n\ngithub.com/erebe/wstunnel\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-06-30T13:56:15.000000Z"}, {"uuid": "46f5c933-1046-469f-a4c6-a4a904a257ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38396", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3363", "content": "Tools - Hackers Factory \n\nOfficial Kali Linux tool to check all urls of a domain for SQL injections.\n\nhttps://github.com/malvads/sqlmc\n\nAn ADCS honeypot to catch attackers in your internal network.\n\nhttps://github.com/srlabs/Certiception\n\nActive Directory Cheat Sheet\n\nhttps://github.com/Integration-IT/Active-Directory-Exploitation-Cheat-Sheet\n\nA decompiler-agnostic plugin for interacting with AI in your decompiler. GPT-4, Claude, and local models supported.\n\nhttps://github.com/mahaloz/DAILA\n\nA SOCKS proxy written in Python that randomizes your source IP address. Round-robin your evil packets through SSH tunnels or give them billions of unique source addresses.\n\nhttps://github.com/blacklanternsecurity/TREVORproxy\n\nCloud-Based Identity to Exfiltration Attack\n\nhttps://github.com/LearningKijo/SecurityResearcher-Note/blob/main/SecurityResearcher-Note-Folder%2FDay16-CloudId-Exfiltration-AttackReport-Part1.md\n\nPoC for iTerm2 CVEs CVE-2024-38396 and CVE-2024-38395 which allow code execution\n\nhttps://github.com/vin01/poc-cve-2024-38396\n\nReflective DLL to privesc from NT Service to SYSTEM using SeImpersonateToken privilege.\n https://github.com/sokaRepo/CoercedPotatoRDLL\n\nEyes is an OSINT tool to get existing accounts from an email\n\nhttps://github.com/C3n7ral051nt4g3ncy/Eyes\n\nTunnel all your traffic over Websocket or HTTP2 - Bypass firewalls/DPI - Static binary available \n\ngithub.com/erebe/wstunnel\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-06-29T18:04:14.000000Z"}, {"uuid": "37069027-1b1a-4b49-acbd-2d86e6092d2a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38396", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7677", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aPoC for iTerm2 CVEs CVE-2024-38396 and CVE-2024-38395 which allow code execution\nURL\uff1ahttps://github.com/vin01/poc-cve-2024-38396\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-06-16T18:51:02.000000Z"}, {"uuid": "2c63980b-27d1-4946-a391-11c2cce059c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38396", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/8087", "content": "Tools - Hackers Factory \n\nOfficial Kali Linux tool to check all urls of a domain for SQL injections.\n\nhttps://github.com/malvads/sqlmc\n\nAn ADCS honeypot to catch attackers in your internal network.\n\nhttps://github.com/srlabs/Certiception\n\nActive Directory Cheat Sheet\n\nhttps://github.com/Integration-IT/Active-Directory-Exploitation-Cheat-Sheet\n\nA decompiler-agnostic plugin for interacting with AI in your decompiler. GPT-4, Claude, and local models supported.\n\nhttps://github.com/mahaloz/DAILA\n\nA SOCKS proxy written in Python that randomizes your source IP address. Round-robin your evil packets through SSH tunnels or give them billions of unique source addresses.\n\nhttps://github.com/blacklanternsecurity/TREVORproxy\n\nCloud-Based Identity to Exfiltration Attack\n\nhttps://github.com/LearningKijo/SecurityResearcher-Note/blob/main/SecurityResearcher-Note-Folder%2FDay16-CloudId-Exfiltration-AttackReport-Part1.md\n\nPoC for iTerm2 CVEs CVE-2024-38396 and CVE-2024-38395 which allow code execution\n\nhttps://github.com/vin01/poc-cve-2024-38396\n\nReflective DLL to privesc from NT Service to SYSTEM using SeImpersonateToken privilege.\n https://github.com/sokaRepo/CoercedPotatoRDLL\n\nEyes is an OSINT tool to get existing accounts from an email\n\nhttps://github.com/C3n7ral051nt4g3ncy/Eyes\n\nTunnel all your traffic over Websocket or HTTP2 - Bypass firewalls/DPI - Static binary available \n\ngithub.com/erebe/wstunnel\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-06-30T13:56:15.000000Z"}, {"uuid": "e6fb7d5c-dada-4f27-b3ed-965e98394fbc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38396", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/10697", "content": "#Red_Team_Tactics\n1. ScriptBlock Smuggling:\nSpoofing PowerShell Security Logs and Bypassing AMSI Without Reflection/Patching\nhttps://bc-security.org/scriptblock-smuggling\n2. Abusing title reporting and tmux integration in iTerm2 for code execution (PoC for CVE-2024-38396)\nhttps://vin01.github.io/piptagole/escape-sequences/iterm2/rce/2024/06/16/iterm2-rce-window-title-tmux-integration.html", "creation_timestamp": "2024-06-18T11:31:25.000000Z"}, {"uuid": "30cf7965-75da-4312-a7d5-6571e9db85da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38396", "type": "published-proof-of-concept", "source": "https://t.me/GhostClanInt/25179", "content": "Tools - Hackers Factory \n\nOfficial Kali Linux tool to check all urls of a domain for SQL injections.\n\nhttps://github.com/malvads/sqlmc\n\nAn ADCS honeypot to catch attackers in your internal network.\n\nhttps://github.com/srlabs/Certiception\n\nActive Directory Cheat Sheet\n\nhttps://github.com/Integration-IT/Active-Directory-Exploitation-Cheat-Sheet\n\nA decompiler-agnostic plugin for interacting with AI in your decompiler. GPT-4, Claude, and local models supported.\n\nhttps://github.com/mahaloz/DAILA\n\nA SOCKS proxy written in Python that randomizes your source IP address. Round-robin your evil packets through SSH tunnels or give them billions of unique source addresses.\n\nhttps://github.com/blacklanternsecurity/TREVORproxy\n\nCloud-Based Identity to Exfiltration Attack\n\nhttps://github.com/LearningKijo/SecurityResearcher-Note/blob/main/SecurityResearcher-Note-Folder%2FDay16-CloudId-Exfiltration-AttackReport-Part1.md\n\nPoC for iTerm2 CVEs CVE-2024-38396 and CVE-2024-38395 which allow code execution\n\nhttps://github.com/vin01/poc-cve-2024-38396\n\nReflective DLL to privesc from NT Service to SYSTEM using SeImpersonateToken privilege.\n https://github.com/sokaRepo/CoercedPotatoRDLL\n\nEyes is an OSINT tool to get existing accounts from an email\n\nhttps://github.com/C3n7ral051nt4g3ncy/Eyes\n\nTunnel all your traffic over Websocket or HTTP2 - Bypass firewalls/DPI - Static binary available \n\ngithub.com/erebe/wstunnel\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-06-29T14:34:01.000000Z"}]}