{"uuid": "b01b50b9-9897-4a3a-ac4d-7f97cb9b5a1a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-2639", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/2816", "content": "#Tools -\u00a0 \ud835\udddb\ud835\uddee\ud835\uddf0\ud835\uddf8\ud835\uddf2\ud835\uddff\ud835\ude00 \ud835\uddd9\ud835\uddee\ud835\uddf0\ud835\ude01\ud835\uddfc\ud835\uddff\ud835\ude06\n\nToRat\n\nA Cross Platform Remote Administration tool written in Go using Tor as its transport mechanism currently supporting Windows, Linux, MacOS clients.\n\nhttps://github.com/lu4p/ToRat\n\n\u200b\u200bSim-Ba\n\nSim-Ba is an in-memory PE Loader designed to simulate the behaviour of Bazar Loader. It downloads the payload from C2 URL (http or https) and uses Process Hollowing method to inject downloaded PE into the new process created in suspended state. \n\nProcess Hollowing is already a well-known and commonly used injection technique by malware developers. Sim-Ba is a modified version of another Process Hollowing repository: idan1288/ProcessHollowing32-64\n\nhttps://github.com/OccamsXor/sim-ba\n\nEvilnoVNC\n\nA Ready to go Phishing Platform.\n\nUnlike other phishing techniques, EvilnoVNC allows 2FA bypassing by using a real browser over a noVNC connection.\n\nIn addition, this tool allows us to see in real time all of the victim's actions, access to their downloaded files and the entire browser profile, including cookies, saved passwords, browsing history and much more.\n\nhttps://github.com/JoelGMSec/EvilnoVNC\n\nResearch:\nhttps://darkbyte.net/robando-sesiones-y-bypasseando-2fa-con-evilnovnc/\n\nSysadmin\n\nSysadmin makes easier to administer multidomain Active Directory-based networks by providing a single tool to do whatever you need - use it to manage domains, servers, computers, users, and groups.\n\nFeatures:\n\u25ab\ufe0f Add, edit and delete objects in Active Directory\n\u25ab\ufe0f View software and hardware\n\u25ab\ufe0f Events, processes, services on computers\n\u25ab\ufe0f Add and delete objects from groups\n\u25ab\ufe0f Reset a user's password\n\u25ab\ufe0f Add photos\n\u25ab\ufe0f Restart and shutdown remote computers\n\u25ab\ufe0f Computers performance\n\u25ab\ufe0f Patterns for add new users\n\u25ab\ufe0f Reports (20+)\n\nhttps://github.com/sysadminanywhere/sysadmin\n\nBLACKHAT_USA2022\n\nJust About BLACKHAT USA2022 PDF Public\n\nhttps://github.com/Mr-xn/BLACKHAT_USA2022\n\nQEMU \n\nA generic and open source machine & userspace emulator and virtualizer.\n\nQEMU is capable of emulating a complete machine in software without any need for hardware virtualization support. By using dynamic translation, it achieves very good performance. QEMU can also integrate with the Xen and KVM hypervisors to provide emulated hardware while allowing the hypervisor to manage the CPU. With hypervisor support, QEMU can achieve near native performance for CPUs. When QEMU emulates CPUs directly it is capable of running operating systems made for one machine (e.g. an ARMv7 board) on a different machine (e.g. an x86_64 PC board).\n\nQEMU is also capable of providing userspace API virtualization for Linux and BSD kernel interfaces. This allows binaries compiled against one architecture ABI (e.g. the Linux PPC64 ABI) to be run on a host using a different architecture ABI (e.g. the Linux x86_64 ABI). This does not involve any hardware emulation, simply CPU and syscall emulation.\n\nhttps://github.com/TrungNguyen1909/qemu-t8030\n\nActiveDirectoryAttackTool\n\nADAT tool is used to assist CTF players and Penetration testers with helpful commands to run against an Active Directory Domain Controller. This tool is best utilized using a set of known working credentials against the host.\n\nhttps://github.com/The-Viper-One/ActiveDirectoryAttackTool\n\nADSearch\n\nA tool written for cobalt-strike's execute-assembly command that allows for more efficent querying of AD.\n\nKey Features:\n\u25ab\ufe0f List all Domain Admins\n\u25ab\ufe0f Custom LDAP Search\n\u25ab\ufe0f Connect to LDAPS Servers\n\u25ab\ufe0f Output JSON data from AD instances\n\u25ab\ufe0f Retrieve custom attributes from a generic query (i.e. All computers)\n\nhttps://github.com/tomcarver16/ADSearch\n\nCVE-2022-2639\n\nLinux kernel openvswitch local privilege escalation.\n\nhttps://github.com/veritas501/CVE-2022-2639-PipeVersion\n\nJoin:\nhttps://t.me/dilagrafie\nhttps://t.me/HackerFactory\n\nWebsite:\nwww.ghostclan.org\n\n#InsoSec #cybersec \ud835\udddb\ud835\uddee\ud835\uddf0\ud835\uddf8\ud835\uddf2\ud835\uddff\ud835\ude00 \ud835\uddd9\ud835\uddee\ud835\uddf0\ud835\ude01\ud835\uddfc\ud835\uddff\ud835\ude06", "creation_timestamp": "2023-04-01T08:24:08.000000Z"}