{"uuid": "f942afbe-84b5-4911-bcb7-bffc2f9a0637", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-7928", "type": "published-proof-of-concept", "source": "https://t.me/InfoSecInsider/18", "content": "Tools  - Hackers Factory \n\nSharpToken is a tool for exploiting Token leaks. It can find leaked Tokens from all processes in the system and use them. If you are a low-privileged service user, you can even use it to upgrade to \"NT AUTHORITY\\SYSTEM\" privileges, and you can switch to the target user's desktop to do more without the target user's password.\n\nhttps://github.com/BeichenDream/SharpToken\n\nCVE-2024-7928 POC for CVE-2024-7928. Will attempt to retrieve DB details for FastAdmin instances.\n\nhttps://github.com/bigb0x/CVE-2024-7928\n\nTunnel TCP connections through a file.\n\nhttps://github.com/fiddyschmitt/File-Tunnel\n\nFor Ethical Usage only, Any harmful or malicious activities are not allowed. And it's your own responsibility.\n\nCVE-2024-38856: Apache OFBiz remote code execution Scanner & Exploit\n\nhttps://github.com/securelayer7/CVE-2024-38856_Scanner\n\ntoxssin is an open-source penetration testing tool that automates the process of exploiting Cross-Site Scripting (XSS) vulnerabilities. It consists of an https server that works as an interpreter for the traffic generated by the malicious JavaScript payload that powers this tool (toxin.js).\n\nhttps://github.com/t3l3machus/toxssin\n\nWapiti - Web Vulnerability Scanner\n\nhttps://github.com/wapiti-scanner/wapiti\n\nWhatWaf\n\nDetect and bypass web application firewalls and protection systems \n\nhttps://github.com/Ekultek/WhatWaf\n\nThe Web Application Firewall Fingerprinting Tool\n\nhttps://github.com/EnableSecurity/wafw00f\n\n#CyberDilara #CyberBulletin #HackersFactory\n\nhttps://t.me/dilagrafie\nhttps://t.me/CyberDilara\nhttps://t.me/CyberBulletin", "creation_timestamp": "2024-08-22T12:10:29.000000Z"}