{"uuid": "e70f2d09-b388-4bcc-937f-40e0f8489997", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-26411", "type": "published-proof-of-concept", "source": "https://t.me/orderofsixangles/1338", "content": "\u0410\u043d\u0430\u043b\u0438\u0437 IcedID\n\nhttps://4rchib4ld.github.io/blog/IcedIDOnMyNeckImTheCoolest/\n\n\u041e\u0431\u0440\u0430\u0437\u0446\u044b \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u043d\u043e\u0433\u043e \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f APKpure\n\n\u0418\u043d\u0444\u0430:https://news.drweb.ru/show/?i=14188\nhttps://bazaar.abuse.ch/browse/tag/Triada.4912/\nhttps://bazaar.abuse.ch/browse/tag/Triada.566/\n\nPersistence \u0432 macos\n\nhttps://github.com/CyborgSecurity/PoisonApple\n\nUnofficial Guide to Mimikatz\n\nhttps://adsecurity.org/?page_id=1821\n\nExploiting Windows RPC to bypass CFG mitigation: analysis of CVE-2021-26411 in-the-wild sample\n\nhttps://iamelli0t.github.io/2021/04/10/RPC-Bypass-CFG.html\n\nProcess Herpaderping (POC + info)\n\nhttps://movaxbx.ru/2021/04/11/process-herpaderping/\n\n\u041a\u043d\u0438\u0433\u0430 The Antivirus Hacker's Handbook, 2015 \u0433\u043e\u0434\n\nhttps://t.me/OrderOfSixAnglesFiles/41\n\n\u041e\u0431\u043d\u043e\u0432\u0438\u043b\u0441\u044f ViperMonkey (VBA Emulation)\n\nhttps://github.com/decalage2/ViperMonkey\n\n.NET Internals Cookbook\n\nhttps://blog.adamfurmanek.pl/net-internals-cookbook/\n\nhttps://adamsitnik.com/files/ExceptionalExceptions.pdf\n\nWindows kernel mitigations\n\nhttps://public.cnotools.studio/kernel-mitigati", "creation_timestamp": "2021-04-11T18:30:17.000000Z"}