{"uuid": "be6e14ea-4e09-44f2-97ca-bfc30744ae0f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "https://t.me/anonhamz/2450", "content": "\u200b\u200bNimbo-C2\n\nNimbo-C2 is yet another (simple and lightweight) C2 framework.\n\nNimbo-C2 agent currently supports Windows x64 only. It's written in Nim, with some usage of .NET (by dynamically loading the CLR to the process). Nim is powerful, but interacting with Windows is much more easier and robust using Powershell, hence this combination is made.\n\nAll server components are written in Python:\n\n\u25ab\ufe0f HTTP listener that manages the agents.\n\u25ab\ufe0f Builder that generates the agent payloads.\n\u25ab\ufe0f Nimbo-C2 is the interactive C2 component that rule'em all!\n\nI developed Nimbo-C2 in the past several months mainly at the late evenings while working at my day job and waking up at nights to my boy, in order to learn and maybe contribute my part to the cyber community \ud83d\udcaa.\n\nhttps://github.com/itaymigdal/Nimbo-C2\n\n\u200b\u200b\ud835\udc0e\ud835\udc12\ud835\udc02\ud835\udc0f \ud835\udc0f\ud835\udc2b\ud835\udc1e-\ud835\udc0f\ud835\udc2b\ud835\udc1e\ud835\udc29\ud835\udc1a\ud835\udc2b\ud835\udc1a\ud835\udc2d\ud835\udc22\ud835\udc28\ud835\udc27 \ud835\udc0f\ud835\udc25\ud835\udc1a\ud835\udc27 \ud835\udc1a\ud835\udc27\ud835\udc1d \ud835\udc0d\ud835\udc28\ud835\udc2d\ud835\udc1e\ud835\udc2c\n\nhttps://github.com/shreyaschavhan/oscp-pre-preparation-plan-and-notes\n\n\u200b\u200bHeap-Overflow-Detection\n\nA unit-based symbolic execution method for detecting heap overflow vulnerability in executable codes.\n\nhttps://github.com/SoftwareSecurityLab/Heap-Overflow-Detection\n\n\u200b\u200bMalware-IOCs\n\nThis is where I'll post IOCs from malware investigations\n\nhttps://github.com/executemalware/Malware-IOCs\n\nJanus\n\nJanus is designed to allow for string obfuscation when developing tools. Janus utilizes pre-build and post-build execution steps to apply obfuscation to the tool. If the tool breaks the build, the post-build will always be able to repair it. The pre-build execution step will store clean copies of the code before making modifications. The post-build execution step restores the file to a clean-copy state.\n\nhttps://github.com/echtdefault/Janus\n\n\u200b\u200bAWSome Pentesting Cheatsheet\n\n\u25ab\ufe0f This guide was created to help pentesters learning more about AWS misconfigurations and ways to abuse them.\n\u25ab\ufe0f It was created with my notes gathered with uncontable hours of study and annotations from various places\n\u25ab\ufe0f It's assumed that you have the AWS keys (This is not difficult to find, just look in developer's github)\n\nhttps://github.com/pop3ret/AWSome-Pentesting\n\nJava android magisk burp objection root emulator easy (Jamboee)\n\nWant to pentest or run Android apps in minutes ? Sick of BlueStacks or NOX malware/adware ? Not a single binary in this script and it's open source and downloads are direct from proper sources. There is lots of great powershell tricks (not great code) in this script. I worked hard on thing's like:\n\n\u25ab\ufe0f Making it portable as possible\n\u25ab\ufe0f Setting up and downloading extremely fast environment for Android, Java and Python\n\u25ab\ufe0f Converting ssl certs to Android without openssl using certutil.exe only\n\nhttps://github.com/freeload101/Java-Android-Magisk-Burp-Objection-Root-Emulator-Easy\n\n\u200b\u200bCipherScan\n\nCipherscan tests the ordering of the SSL/TLS ciphers on a given target, for all major versions of SSL and TLS. It also extracts some certificates informations, TLS options, OCSP stapling and more. Cipherscan is a wrapper above the openssl s_client command line.\n\nCipherscan is meant to run on all flavors of unix. It ships with its own built of OpenSSL for Linux/64 and Darwin/64. On other platform, it will use the openssl version provided by the operating system (which may have limited ciphers support), or your own version provided in the -o command line flag.\n\nhttps://github.com/mozilla/cipherscan\n\n\u200b\u200bFortinet RCE (CVE-2022-40684)\n\nFortinet recently patched a critical authentication bypass vulnerability in their FortiOS, FortiProxy, and FortiSwitchManager projects (CVE-2022-40684). This vulnerability gives an attacker the ability to login as an administrator on the affected system.\n\nhttps://github.com/horizon3ai/CVE-2022-40684\n\nResearch:\nhttps://www.horizon3.ai/fortios-fortiproxy-and-fortiswitchmanager-authentication-bypass-technical-deep-dive-cve-2022-40684/\n\n\u200b\u200b3/5", "creation_timestamp": "2022-12-11T18:17:34.000000Z"}