{"uuid": "157ff7ee-95a8-4260-a5a3-7e994e35c58f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-46740", "type": "published-proof-of-concept", "source": "https://t.me/InfoSecInsider/23832", "content": "Tools - Hackers Factory \n\nThis a adaption of tomnomnom's kxss tool with a different output format.\n\nhttps://github.com/Emoe/kxss\n\nIdentify and extract files from container formats using.\n\nhttps://github.com/Vector35/blob_extractor\n\n(CVE-2024-46740)[binder ]fix UAF caused by offsets overwrite\n\nhttps://github.com/torvalds/linux/commit/4df153652cc46545722879415937582028c18af5\n\nSmall tip for those who use xsshunter express as their blind xss framework: If you want to use import() function for your payloads (which is pretty good for some filter bypasses), you need to change the line 197 of probe.js file \n\nhttps://github.com/mandatoryprogrammer/xsshunter-express/blob/main/probe.js#L197 \n\nDump Kerberos tickets from the KCM database of SSSD.\n\nhttps://github.com/synacktiv/kcmdump\n\nGenerate AES128 and AES256 Kerberos keys from a given username, password, and realm\n\nhttps://github.com/seriotonctf/kerberos_aes_key\n\nConfuserEx2 String Decryptor & Full Deobfuscation Guide\n\nhttps://github.com/Dump-GUY/ConfuserEx2_String_Decryptor\n\nConverted and added a C BOF version of \n\nhttps://github.com/rotarydrone/GlobalUnProtect to the TrustedSec BOF repo at \n\nhttps://github.com/trustedsec/CS-Remote-OPs-BOF/tree/main\n\nSubOwner - A Simple tool check for subdomain takeovers\n\nhttps://github.com/ifconfig-me/subowner\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-09-21T10:52:31.000000Z"}