cK-bot

January 20, 2023 at 04:18PM

January 20, 2023cK-botUncategorized

■■■■■ CVE-2022-21587 (Oracle E-Business Suite Unauthenticated RCE). https://blog.viettelcybersecurity.com/cve-2022-21587-oracle-e-business-suite-unauth-rce/ https://t.me/cKure/12077

■■■■■ Zero-Day: A critical remote code execution (RCE) flaw discovered impacting multiple services related to Microsoft Azure could be exploited by a malicious actor to completely take control of a targeted application. The vulnerability is achieved through CSRF (cross-site request forgery) on the ubiquitous SCM service Kudu. https://thehackernews.com/2023/01/new-microsoft-azure-vulnerability.html https://t.me/cKure/12076

January 20, 2023 at 12:15PM

January 20, 2023cK-botUncategorized

■■■■■ Gold Digger is a simple tool used to help quickly discover sensitive information in files recursively. Originally written to assist in rapidly searching files obtained during a penetration test. https://github.com/ustayready/golddigger https://t.me/cKure/12075

January 20, 2023 at 11:11AM

January 20, 2023cK-botUncategorized

Exploiting null-dereferences in the Linux kernel. https://googleprojectzero.blogspot.com/2023/01/exploiting-null-dereferences-in-linux.html https://t.me/cKure/12074

January 20, 2023 at 11:11AM

January 20, 2023cK-botUncategorized

■■■■□ A tiny tool to identify and remediate common misconfigurations in Active Directory Certificate Services. https://github.com/TrimarcJake/Locksmith https://t.me/cKure/12073

January 20, 2023 at 11:07AM

January 20, 2023cK-botUncategorized

■■■■□ MemProcFS is an easy and convenient way of viewing physical memory as files in a virtual file system. https://github.com/ufrisk/MemProcFS https://t.me/cKure/12072

January 20, 2023 at 10:23AM

January 20, 2023cK-botUncategorized

■■■■□ PoC for cve-2022-47966 affecting ManageEngine Products. https://github.com/shameem-testing/PoC-for-ME-SAML-Vulnerability https://twitter.com/_M_Shahnawaz/status/1616039880894648320 https://t.me/cKure/12071

January 19, 2023 at 01:06PM

January 19, 2023cK-botUncategorized

■■■■■ EntryBleed: Breaking KASLR under KPTI with Prefetch. (CVE-2022-4543)https://www.willsroot.io/2022/12/entrybleed.html https://t.me/cKure/12070

January 18, 2023 at 10:46AM

January 18, 2023cK-botUncategorized

■■■□□ Over 4,000 Sophos Firewall devices vulnerable to RCE attacks viz. CVE-2022-3236. https://nvd.nist.gov/vuln/detail/CVE-2022-3236 https://www.bleepingcomputer.com/news/security/over-4-000-sophos-firewall-devices-vulnerable-to-rce-attacks/ https://t.me/cKure/12069

January 17, 2023 at 11:29PM

January 17, 2023cK-botUncategorized

■■■■■ Reverse Engineering Yaesu FT-70D Firmware Encryption. 1https://landaire.net/reversing-yaesu-firmware-encryption/ https://t.me/cKure/12068