All posts in Uncategorized

■■□□□ Shambles: The Next-Generation IoT Reverse Engineering Tool to Discover Zero-Day Vulnerabilities. https://boschko.ca/shambles/ https://t.me/cKure/12822

■□□□□ Apple BLE Proximity Pairing Message Spoofing. https://github.com/ECTO-1A/AppleJuice https://t.me/cKure/12821

■■□□□ Session Hijacking Visual Exploitation is a tool that allows for the hijacking of user sessions by injecting malicious JavaScript code. https://github.com/doyensec/Session-Hijacking-Visual-Exploitation https://t.me/cKure/12820

■■■□□ Interesting thread on SQLi. https://twitter.com/therceman/status/1643863898485841920 https://t.me/cKure/12819

■■■■■ Pwn2Own Vancouver 2023 Ubuntu LPE exploit. https://github.com/Synacktiv/CVE-2023-35001 https://t.me/cKure/12818

■■■■■ #Untested CVE-2023-26818: Exploit MacOS TCC Bypass W/ Telegram. You can read the vulnerability analysis Part 1 and Part 2 for sandbox bypass. https://github.com/Zeyad-Azima/CVE-2023-26818 https://t.me/cKure/12817

■■■■□ CVE-2023-41717: Inappropriate file type control in Zscaler Proxy versions 3.6.1.25 and prior allows local attackers to bypass file download/upload restrictions. https://github.com/federella/CVE-2023-41717 https://t.me/cKure/12816

■■■■■ Infamous Chisel: A collection of components associated with Sandworm designed to enable remote access and exfiltrate information from Android phones. Infamous Chisel also provides remote access by configuring and executing Tor with a hidden service which forwards to a modified Dropbear binary providing a SSH connection. https://github.com/blackorbird/APT_REPORT/blob/master/Sandworm/NCSC-MAR-Infamous-Chisel.pdf https://t.me/cKure/12815

■■■■■ Window-Hijack Exploring the Ingenious Utilization of Overwolf’s Overlay Framework While Preserving its Native Window Flags Employing SetWindowsHookEx for Acquiring Keyboard and Mouse Inputs. https://github.com/SurgeGotTappedAgain/Window-Hijack https://t.me/cKure/12814

■■■■□ Supernova – Shellcode Encrypter. https://github.com/nickvourd/Supernova https://t.me/cKure/12813