{"vulnerability": "CVE-2021-3452", "sightings": [{"uuid": "d836042d-c8eb-4ab2-bc37-bccf5e78e914", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34523", "type": "seen", "source": "https://t.me/cibsecurity/26163", "content": "\u203c CVE-2021-33768 \u203c\n\nMicrosoft Exchange Server Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-34470, CVE-2021-34523.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-07-14T22:31:53.000000Z"}, {"uuid": "f785a85e-e050-416d-b2a8-6c430489dfd9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34527", "type": "exploited", "source": "https://t.me/pwnwiki_zhchannel/735", "content": "CVE-2021-34527 Windows Print Spooler \u9060\u7a0b\u4ee3\u78bc\u57f7\u884c\u6f0f\u6d1e\nhttps://www.pwnwiki.org/index.php?title=CVE-2021-34527_Windows_Print_Spooler_%E9%81%A0%E7%A8%8B%E4%BB%A3%E7%A2%BC%E5%9F%B7%E8%A1%8C%E6%BC%8F%E6%B4%9E", "creation_timestamp": "2021-09-21T04:42:19.000000Z"}, {"uuid": "e3860a8e-f78e-4605-93d8-7cd26a6936ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34527", "type": "exploited", "source": "https://t.me/thehackernews/1333", "content": "\ud83d\udd25 WATCH OUT! Microsoft warns of critical PrintNightmare RCE vulnerability (CVE-2021-34527) being exploited in the wild.\n\nDetails: https://thehackernews.com/2021/07/microsoft-warns-of-critical.html\n\nIt is separate from the Windows Print Spooler issue (CVE-2021-1675) Microsoft patched recently.", "creation_timestamp": "2021-07-02T07:44:31.000000Z"}, {"uuid": "51395d8f-76be-46ab-a2ac-338fbae6da28", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34527", "type": "exploited", "source": "https://t.me/thehackernews/1353", "content": "How to Mitigate Microsoft Print Spooler Vulnerability \u2013 PrintNightmare (CVE-2021-34527)\n https://thehackernews.com/2021/07/how-to-mitigate-microsoft-print-spooler.html", "creation_timestamp": "2021-07-08T12:12:50.000000Z"}, {"uuid": "88984457-ae0d-4da5-883b-a02f9f32f731", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34527", "type": "exploited", "source": "https://t.me/club31337/539", "content": "A CVE-2021-34527 (a.k.a PrintNightmare) Python Scanner. Allows you to scan entire subnets for the PrintNightmare RCE (not the LPE) and generates a CSV report with the results. Tests exploitability over MS-PAR and MS-RPRN.\n\nThis tool has \"de-fanged\" versions of the Python exploits, it does not actually exploit the hosts however it does use the same vulnerable RPC calls used during exploitation to determine if hosts are vulnerable.\n\n#Windows #scanner #RCE #PrintNightmare #redteaming #hacking \n\nhttps://github.com/byt3bl33d3r/ItWasAllADream", "creation_timestamp": "2024-11-09T01:33:50.000000Z"}, {"uuid": "44c882c6-9616-473c-b45e-a84d5d053922", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34523", "type": "exploited", "source": "https://t.me/Linux_Arabs/60", "content": "\u0645\u062c\u0645\u0648\u0639\u0629 \u0628\u0631\u0627\u0645\u062c \u0627\u0644\u0641\u062f\u064a\u0629 BlackByte \u062a\u0642\u0648\u0645 \u0628\u0625\u0633\u062a\u063a\u0644\u0627\u0644 \u062b\u063a\u0631\u0627\u062a ProxyShell \u0641\u064a \u062e\u0627\u062f\u0645 Microsoft Exchange \u0644\u0644\u0648\u0635\u0648\u0644 \u0644\u0634\u0628\u0643\u0627\u062a \u0627\u0644\u0634\u0631\u0643\u0627\u062a\n_ \u0641\u064a \u062a\u0642\u0631\u064a\u0631 \u0645\u0641\u0635\u0644 \u0639\u0646 Red Canary \u062d\u0644\u0644 \u0627\u0644\u0628\u0627\u062d\u062b\u0648\u0646 \u0647\u062c\u0648\u0645 BlackByte Ransomware \u0648\u0625\u0633\u062a\u063a\u0644\u0627\u0644\u0647\u0627 \u0644\u062b\u063a\u0631\u0629 ProxyShell \u0644\u062a\u062b\u0628\u064a\u062a web shells \u0639\u0644\u0649 \u062e\u0627\u062f\u0645 Exchange \u0645\u064f\u062e\u062a\u0631\u0642\n\nRed Canary\nhttps://redcanary.com/blog/blackbyte-ransomware\n\nBleeping Computer\nhttps://www.bleepingcomputer.com/news/security/microsoft-exchange-servers-hacked-to-deploy-blackbyte-ransomware\n\n#ProxyShell #exploit #CVE-2021-31207 dCVE-2021-34523 #CVE-2021-34473\nProxyShell #poc\nhttps://github.com/dmaasland/proxyshell-poc\n\nProxyShell poc Exploit : Exchange Server RCE (ACL Bypass + EoP + Arbitrary File Write)\nhttps://github.com/ktecv2000/ProxyShell\n\n#poc for scanning ProxyShell\nhttps://github.com/mithridates1313/ProxyShell_POC\n\nAutomatic ProxyShell #Exploit\nhttps://github.com/Udyz/proxyshell-auto", "creation_timestamp": "2024-11-02T22:56:11.000000Z"}, {"uuid": "48b0c28d-6197-4eb0-973e-c2ebbc80e52f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34523", "type": "seen", "source": "MISP/b4779706-9ec4-44cb-afe8-97771711623b", "content": "", "creation_timestamp": "2021-08-23T11:50:10.000000Z"}, {"uuid": "325a947c-b9d5-488d-a62b-3e56948e2229", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "MISP/97a71f6f-e974-489a-a6e8-151c098bfaca", "content": "", "creation_timestamp": "2021-08-27T07:25:44.000000Z"}, {"uuid": "deb9a7fe-65de-4a6f-9081-043d27558723", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34523", "type": "seen", "source": "MISP/f5030aca-7d5a-43a4-ae03-8f4ac8e85422", "content": "", "creation_timestamp": "2021-11-08T08:58:18.000000Z"}, {"uuid": "12d7bb19-9d84-40dc-9659-10a4b276a5d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "MISP/c6250a7a-63b1-4996-8734-3ab181e12e3e", "content": "", "creation_timestamp": "2021-09-17T13:28:19.000000Z"}, {"uuid": "42f7a9e6-6094-41b9-b048-1b561e05a3eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "MISP/f5030aca-7d5a-43a4-ae03-8f4ac8e85422", "content": "", "creation_timestamp": "2021-11-08T08:58:18.000000Z"}, {"uuid": "cbaa0127-3382-4e9d-8784-14795b58b680", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34523", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2021-11-20T09:53:52.000000Z"}, {"uuid": "9af74ed6-ccf5-4fa3-97d1-daade1eb31c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2021-11-20T09:53:52.000000Z"}, {"uuid": "ebfaddb3-d18d-4cb9-9357-69eded08957e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "MISP/35b42540-d55e-4aed-99e3-be21d39a5a88", "content": "", "creation_timestamp": "2022-07-11T09:22:39.000000Z"}, {"uuid": "be992dde-570a-48c7-8921-1fff05881750", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34523", "type": "seen", "source": "MISP/35b42540-d55e-4aed-99e3-be21d39a5a88", "content": "", "creation_timestamp": "2022-07-11T09:22:39.000000Z"}, {"uuid": "f9d6be10-fb80-47f0-b91b-c8b73df680bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "MISP/99138053-ae5d-4bcf-b2f8-0954edb204bc", "content": "", "creation_timestamp": "2022-11-01T20:54:34.000000Z"}, {"uuid": "13f8ebff-b361-4ae7-8116-3273191f3b8c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34523", "type": "seen", "source": "MISP/5b421c0a-3bc4-4bce-a7cc-daa036ea090b", "content": "", "creation_timestamp": "2021-09-16T11:20:21.000000Z"}, {"uuid": "1a3365dc-6d91-4fa9-9549-047cd936c6ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34523", "type": "seen", "source": "MISP/90e532fb-4efa-4ff2-95ab-ddaf25454791", "content": "", "creation_timestamp": "2022-10-27T20:30:22.000000Z"}, {"uuid": "2421803d-f4c0-453d-8c5c-dfc06d36bb3b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34523", "type": "seen", "source": "MISP/63ddead6-4b82-414c-ad8e-c516b950b446", "content": "", "creation_timestamp": "2021-10-25T22:30:42.000000Z"}, {"uuid": "ec631662-6331-42ed-8d26-bc80e0662179", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "MISP/095ab3f1-cbae-4b5c-8534-34d42a458aa5", "content": "", "creation_timestamp": "2022-05-12T16:19:54.000000Z"}, {"uuid": "798a3375-2634-4637-b39d-d45f5f0820b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34523", "type": "seen", "source": "MISP/5fac61d7-a610-49f6-8b37-440a91c67978", "content": "", "creation_timestamp": "2024-07-17T07:25:22.000000Z"}, {"uuid": "75e373c8-2e31-4cdf-819a-88f17f56aa83", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "MISP/aaf97b2c-ad16-4ce6-928a-a440112d0fd3", "content": "", "creation_timestamp": "2024-09-16T19:13:31.000000Z"}, {"uuid": "d481f4a0-dda2-4626-80ba-ec7c9a04caf0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34523", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:45.000000Z"}, {"uuid": "047081a1-54ba-4f67-91ec-6c1388f77ae4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:45.000000Z"}, {"uuid": "e1433372-064b-4d2a-83d5-d2a2ffa48c6b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34523", "type": "seen", "source": "https://bsky.app/profile/aakl.bsky.social/post/3likimyxics2p", "content": "", "creation_timestamp": "2025-02-19T19:20:21.635179Z"}, {"uuid": "c561971d-ceff-48ff-91c7-fa24f62aafeb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34523", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:09:56.000000Z"}, {"uuid": "6ed546c9-a935-48c9-afaa-ef574632f667", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:09:56.000000Z"}, {"uuid": "0f61e56d-0fb4-477d-856a-3ce3f54153b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "MISP/35b42540-d55e-4aed-99e3-be21d39a5a88", "content": "", "creation_timestamp": "2025-06-04T13:18:47.000000Z"}, {"uuid": "a20ac728-8f00-4209-9777-da862cdc5b4c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34523", "type": "seen", "source": "MISP/35b42540-d55e-4aed-99e3-be21d39a5a88", "content": "", "creation_timestamp": "2025-06-04T13:18:47.000000Z"}, {"uuid": "bab0556d-ec36-49cb-aea7-7d847d13ce84", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "https://gist.github.com/morisono/cd3acb70cf84464b5142de89bf6efdb0", "content": "", "creation_timestamp": "2025-11-04T16:28:02.000000Z"}, {"uuid": "f17efb47-c2bb-4011-97dc-32c0c42d9d7b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "https://gist.github.com/Darkcrai86/a70952d5a12091d972ddbd31dd18a195", "content": "", "creation_timestamp": "2025-09-18T09:40:29.000000Z"}, {"uuid": "faedf52e-768f-4acc-8f39-3fb979049152", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "MISP/97a71f6f-e974-489a-a6e8-151c098bfaca", "content": "", "creation_timestamp": "2025-11-07T20:20:40.000000Z"}, {"uuid": "77ccecc0-1d83-42db-bc1a-f1b7f1334f53", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34523", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/exchange_proxyshell_rce.rb", "content": "", "creation_timestamp": "2021-08-19T15:41:58.000000Z"}, {"uuid": "85fad449-2965-4b1f-a1fd-57ef99662e52", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/dcerpc/cve_2021_1675_printnightmare.rb", "content": "", "creation_timestamp": "2022-05-24T20:48:33.000000Z"}, {"uuid": "e0caa7e7-8677-4da2-9544-332a0c92aabc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "cve-2021-34527", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-c39acbe0-91886c343547fcce", "content": "", "creation_timestamp": "2025-12-05T12:35:58.835385Z"}, {"uuid": "0f577e15-72b4-4390-9029-9d2719a9afae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34523", "type": "seen", "source": "MISP/a9eb9e8e-d894-4f36-a6c2-ca8142f72d29", "content": "", "creation_timestamp": "2026-02-06T21:11:55.000000Z"}, {"uuid": "020871db-eced-4da6-998e-f07ad4f087b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34527", "type": "exploited", "source": "https://t.me/cKure/6065", "content": "\u25a0\u25a0\u25a0\u25a1\u25a1 CVE-2021-34527: Microsoft shares mitigations for Windows PrintNightmare zero-day bug.\n\nhttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34527\n\nhttps://www.bleepingcomputer.com/news/security/microsoft-shares-mitigations-for-windows-printnightmare-zero-day-bug/", "creation_timestamp": "2021-07-02T10:31:33.000000Z"}, {"uuid": "4393c6b7-e6b3-4e00-aa2a-560cd99e701f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "https://t.me/cKure/6118", "content": "\u25a0\u25a0\u25a0\u25a1\u25a1 Microsoft confirms the emergency security updates (KB5005010) to correctly address the PrintNightmare Print Spooler vulnerability (CVE-2021-34527).\n\nThis comes as many researchers doubted the fix for major vulnerability.", "creation_timestamp": "2021-07-09T09:36:24.000000Z"}, {"uuid": "42c070b1-6b74-44a6-acde-b731c7f4530e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "https://t.me/cKure/6111", "content": "\u25a0\u25a0\u25a0\u25a0\u25a0 Microsoft this week pushed an out-of-band patch for\u00a0CVE-2021-34527, which now has a CVSS \u201chigh severity\u201d score of 8.2.\n\nMimikatz creator\u00a0Benjamin Delpy said\u00a0the problem relates to the Point and Print function, which is designed to allow a Windows client to create a connection to a remote printer with first requiring installation media.\nThat effectively means an authenticated user could still gain administrator-level privileges on a machine running the Print Spooler service\u00a0to run arbitrary code.\n\nMicrosoft acknowledged\u00a0the issue at the bottom of its advisory.\n\u201cPoint and Print is not directly related to this vulnerability, but the technology weakens the local security posture in such a way that exploitation will be possible,\u201d it admitted. \u201cTo disallow Point and Print for non-administrators make sure that warning and elevation prompts are shown for printer installs and updates.\u201d", "creation_timestamp": "2021-07-08T10:48:07.000000Z"}, {"uuid": "fc846988-e549-48ca-99f3-a15a17700fa1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "MISP/ed3db5cb-9b15-4548-871d-ed4c22b479a6", "content": "", "creation_timestamp": "2026-04-19T21:02:39.000000Z"}, {"uuid": "f7fe2359-20e5-4a19-bee2-37a4fcebb6e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34527", "type": "published-proof-of-concept", "source": "Telegram/PHoJQGmgGzsQrC8Gnxfc8pLZD55xgKQzGqHQgQ7hPSbJXl0", "content": "", "creation_timestamp": "2025-11-19T15:00:09.000000Z"}, {"uuid": "96f27ad2-0e89-4852-b340-2b2ca86e77a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34523", "type": "exploited", "source": "https://t.me/itsec_news/520", "content": "\u200b\u2694\ufe0f \u041e\u043f\u0435\u0440\u0430\u0442\u043e\u0440\u044b \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u044b-\u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u044f Hive \u0430\u0442\u0430\u043a\u043e\u0432\u0430\u043b\u0438 \u0441\u0435\u0440\u0432\u0435\u0440\u044b Microsoft Exchange.\n\n\ud83d\udcac \u041f\u0430\u0440\u0442\u043d\u0451\u0440 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u044b-\u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u044f Hive \u0430\u0442\u0430\u043a\u043e\u0432\u0430\u043b \u0441\u0435\u0440\u0432\u0435\u0440\u044b Microsoft Exchange, \u043d\u0430 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438\u0441\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 ProxyShell, \u2014 \u0434\u043b\u044f \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 \u0431\u044d\u043a\u0434\u043e\u0440\u043e\u0432, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u043c\u0430\u044f\u0447\u043a\u0438 Cobalt Strike. \u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043f\u0440\u043e\u0432\u043e\u0434\u044f\u0442 \u0441\u0435\u0442\u0435\u0432\u0443\u044e \u0440\u0430\u0437\u0432\u0435\u0434\u043a\u0443, \u043a\u0440\u0430\u0434\u0443\u0442 \u0443\u0447\u0451\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u0443\u0447\u0451\u0442\u043d\u043e\u0439 \u0437\u0430\u043f\u0438\u0441\u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430, \u043f\u043e\u0445\u0438\u0449\u0430\u044e\u0442 \u0446\u0435\u043d\u043d\u0443\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u0438 \u0432 \u043a\u043e\u043d\u0435\u0447\u043d\u043e\u043c \u0438\u0442\u043e\u0433\u0435 \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u044e\u0442 \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u043e\u0435 \u041f\u041e \u0434\u043b\u044f \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0444\u0430\u0439\u043b\u043e\u0432.\n\nProxyShell \u2014 \u043d\u0430\u0431\u043e\u0440 \u0438\u0437 \u0442\u0440\u0451\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 Microsoft Exchange Server, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u0434 \u0431\u0435\u0437 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0441\u0442\u0438 \u0432 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0441\u0440\u0435\u0434\u0430\u0445. \u041f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e \u043a\u0430\u043a \u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442\u044b \u0441\u0442\u0430\u043b\u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u043c\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u0438\u0435 \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0438 Conti, BlackByte, Babuk, Cuba \u0438 LockFile.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 (CVE-2021-34473, CVE-2021-34523 \u0438 CVE-2021-31297) \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0438 \u043e\u0446\u0435\u043d\u043a\u0443 \u043e\u0442 7,2 \u0434\u043e 9,8 \u0438\u0437 \u043c\u0430\u043a\u0441\u0438\u043c\u0430\u043b\u044c\u043d\u044b\u0445 10 \u043f\u043e \u0448\u043a\u0430\u043b\u0435 CVSS \u0438 \u0431\u044b\u043b\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u044b \u0432 \u043c\u0430\u0435 2021-\u0433\u043e \u0433\u043e\u0434\u0430.\n\n\u041f\u043e\u0441\u043b\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 ProxyShell \u0445\u0430\u043a\u0435\u0440\u044b \u0432\u043d\u0435\u0434\u0440\u0438\u043b\u0438 \u0447\u0435\u0442\u044b\u0440\u0435 web-\u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0438 \u0432 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u0443\u044e \u0434\u0438\u0440\u0435\u043a\u0442\u043e\u0440\u0438\u044e Exchange \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u043b\u0438 PowerShell-\u043a\u043e\u0434 \u0441 \u0432\u044b\u0441\u043e\u043a\u0438\u043c\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438 \u0434\u043b\u044f \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 Cobalt Strike. Web-\u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0438 \u0431\u044b\u043b\u0438 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u044b \u0438\u0437 \u043e\u0431\u0449\u0435\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0433\u043e \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u044f Git \u0438 \u0431\u044b\u043b\u0438 \u043f\u0435\u0440\u0435\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u044b \u0441 \u0446\u0435\u043b\u044c\u044e \u0438\u0437\u0431\u0435\u0436\u0430\u0442\u044c \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0432\u043e \u0432\u0440\u0435\u043c\u044f \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0445 \u043f\u0440\u043e\u0432\u0435\u0440\u043e\u043a.\n\n\u0417\u0430\u0442\u0435\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 Mimikatz \u0434\u043b\u044f \u043a\u0440\u0430\u0436\u0438 \u043f\u0430\u0440\u043e\u043b\u044f \u0443\u0447\u0451\u0442\u043d\u043e\u0439 \u0437\u0430\u043f\u0438\u0441\u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u0434\u043e\u043c\u0435\u043d\u0430 \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043f\u0435\u0440\u0435\u043c\u0435\u0449\u0435\u043d\u0438\u044f \u043f\u043e \u0441\u0435\u0442\u0438, \u043f\u043e\u043b\u0443\u0447\u0438\u0432 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0431\u043e\u043b\u044c\u0448\u0435\u043c\u0443 \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u0443 \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432. \u0425\u0430\u043a\u0435\u0440\u044b \u0438\u043d\u0438\u0446\u0438\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u043e\u0431\u0448\u0438\u0440\u043d\u044b\u0435 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0438 \u043f\u043e \u043f\u043e\u0438\u0441\u043a\u0443 \u0431\u043e\u043b\u0435\u0435 \u0446\u0435\u043d\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432, \u0447\u0442\u043e\u0431\u044b \u0437\u0430\u0441\u0442\u0430\u0432\u0438\u0442\u044c \u0436\u0435\u0440\u0442\u0432\u0443 \u0437\u0430\u043f\u043b\u0430\u0442\u0438\u0442\u044c \u043a\u0440\u0443\u043f\u043d\u044b\u0439 \u0432\u044b\u043a\u0443\u043f.\n\n#Microsoft #\u0425\u0430\u043a\u0435\u0440\u044b\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2022-04-21T08:34:18.000000Z"}, {"uuid": "24dfaed9-98de-4243-99f3-3f9bc2e452f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34523", "type": "exploited", "source": "https://t.me/codeby_sec/4863", "content": "\u200b\u200b\u0410\u0442\u0430\u043a\u0430 \u043d\u0430 Microsoft Exchange \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e ProxyShell\n\n\u041d\u043e\u0432\u0430\u044f \u0433\u0440\u0443\u043f\u043f\u0430 \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0435\u0439, \u0438\u043c\u0435\u043d\u0443\u0435\u043c\u0430\u044f \u043a\u0430\u043a LockFile, \u0437\u0430\u043d\u0438\u043c\u0430\u0435\u0442\u0441\u044f \u0432\u0437\u043b\u043e\u043c\u043e\u043c \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 Microsoft Exchange \u0438 \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0434\u043e\u043c\u0435\u043d\u043e\u0432 Windows \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u043d\u0435\u0434\u0430\u0432\u043d\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 ProxyShell.\n\nProxyShell - \u044d\u0442\u043e \u0430\u0442\u0430\u043a\u0430 \u043d\u0430 Microsoft Exchange \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0442\u0440\u0451\u0445 (CVE-2021-34473, CVE-2021-34523, CVE-2021-31207), \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0445 \u043c\u0435\u0436\u0434\u0443 \u0441\u043e\u0431\u043e\u0439, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439. \u041e\u043d\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u0434 \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438. Microsoft \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0430 \u044d\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0435\u0449\u0451 \u0432 \u043c\u0430\u0435 2021 \u0433\u043e\u0434\u0430, \u043d\u043e \u043d\u0435\u0434\u0430\u0432\u043d\u043e \u0431\u044b\u043b\u0438 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u044b \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0434\u0435\u0442\u0430\u043b\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0434\u0430\u043b\u0438 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0443 \u0432\u0442\u043e\u0440\u0443\u044e \u0436\u0438\u0437\u043d\u044c.\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043d\u0430\u0447\u0430\u043b\u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0438 \u0432\u0437\u043b\u0430\u043c\u044b\u0432\u0430\u0442\u044c \u0441\u0435\u0440\u0432\u0435\u0440\u0430 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438. \u041f\u043e\u0441\u043b\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u0441\u0435\u0440\u0432\u0435\u0440\u0430 Exchange, \u043a\u0438\u0431\u0435\u0440\u043f\u0440\u0435\u0441\u0442\u0443\u043f\u043d\u0438\u043a\u0438 \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u043b\u0438 \u0432\u0435\u0431-\u0448\u0435\u043b\u043b \u043d\u0430 \u043d\u0435\u0433\u043e, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0434\u0430\u0432\u0430\u043b \u0434\u043e\u0441\u0442\u0443\u043f \u0434\u043b\u044f \u0431\u043e\u043b\u0435\u0435 \u043e\u0431\u0448\u0438\u0440\u043d\u044b\u0445 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0439. \u041f\u0440\u0438 \u043f\u0440\u043e\u043d\u0438\u043a\u043d\u043e\u0432\u0435\u043d\u0438\u0438 \u0432 \u0441\u0435\u0442\u044c, LockFile \u0441\u043d\u0430\u0447\u0430\u043b\u0430 \u043f\u043e\u043b\u0443\u0447\u0430\u043b\u0430 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0441\u0435\u0440\u0432\u0435\u0440\u0443 Exchange, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0430\u0442\u0430\u043a\u0443 ProxyShell, \u0430 \u043f\u043e\u0441\u043b\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c PetitPotam \u0434\u043b\u044f \u0437\u0430\u0445\u0432\u0430\u0442\u0430 \u0434\u043e\u043c\u0435\u043d\u043e\u0432 Windows \u0438 \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432.\n\n\u0427\u0442\u043e\u0431\u044b \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 ProxyShell, \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f Microsoft Exchange. \u0410\u0442\u0430\u043a\u0443 PetitPotam \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u0442\u044c  \u043d\u0435 \u0442\u0430\u043a \u043f\u0440\u043e\u0441\u0442\u043e, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 Microsoft \u043d\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u044f\u044e\u0442 \u0432\u0441\u0435 \u0432\u0435\u043a\u0442\u043e\u0440\u044b \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439. \u0427\u0442\u043e\u0431\u044b \u0437\u0430\u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u044d\u0442\u043e\u0442 \u0432\u0435\u043a\u0442\u043e\u0440 \u0430\u0442\u0430\u043a\u0438 \u0440\u0435\u0442\u0440\u0430\u043d\u0441\u043b\u044f\u0446\u0438\u0438 NTLM, \u043c\u043e\u0436\u043d\u043e \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u043d\u0435\u043e\u0444\u0438\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0439 \u043f\u0430\u0442\u0447 \u043e\u0442 0patch, \u043b\u0438\u0431\u043e \u0436\u0435 \u043f\u0440\u0438\u043c\u0435\u043d\u0438\u0442\u044c \u0444\u0438\u043b\u044c\u0442\u0440\u044b NETSH RPC,  \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0431\u043b\u043e\u043a\u0438\u0440\u0443\u044e\u0442 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u043c \u0444\u0443\u043d\u043a\u0446\u0438\u044f\u043c \u0432 MS-EFSRPC API.\n\n\u0418\u0441\u0442\u043e\u0447\u043d\u0438\u043a\n\n#infosec #microsoft #exploit", "creation_timestamp": "2024-03-12T14:43:07.000000Z"}, {"uuid": "e43dabbd-3505-4013-a9c8-68295f93b454", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34527", "type": "published-proof-of-concept", "source": "https://t.me/tech_b0lt_Genona/2703", "content": "> Microsoft strongly recommends installing the June 8, 2021 security updates.\n\nWindows Print Spooler Remote Code Execution Vulnerability\nhttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34527\n+\nA PrintNightmare (CVE-2021-3457) Python Scanner. Scan entire subnets for hosts vulnerable to the PrintNightmare RCE\nhttps://github.com/byt3bl33d3r/ItWasAllADream\n\n\u0417\u0430 \u043d\u0430\u0432\u043e\u0434\u043a\u0443 \u0441\u043f\u0430\u0441\u0438\u0431\u043e @oleg_log", "creation_timestamp": "2021-07-06T10:20:12.000000Z"}, {"uuid": "825caa2b-7a3d-47d1-86a1-8d8e0da84e48", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34523", "type": "exploited", "source": "https://t.me/BleepingComputer/11058", "content": "Microsoft Exchange servers hacked to deploy BlackByte ransomware\n\nBlackByte ransomware actors were observed exploiting the ProxyShell set of vulnerabilities (CVE-2021-34473, CVE-2021-34523, CVE-2021-31207) to compromise Microsoft Exchange servers. [...]\n\nhttps://www.bleepingcomputer.com/news/security/microsoft-exchange-servers-hacked-to-deploy-blackbyte-ransomware/", "creation_timestamp": "2021-12-03T16:36:50.000000Z"}, {"uuid": "8380aac1-ef42-4511-8499-2da67ada01f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34527", "type": "published-proof-of-concept", "source": "Telegram/HXnB78LZ993EnbGXdL2hofKwYDoKHSeDPKMDrtCNi3QDgzw", "content": "", "creation_timestamp": "2025-08-14T09:00:04.000000Z"}, {"uuid": "1a984c50-88f8-444d-a761-c298b3189600", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "https://t.me/ctinow/36539", "content": "Quick look at CVE-2021-1675 & CVE-2021-34527 (aka PrintNightmare)\n\nhttps://ift.tt/3qUGxTr", "creation_timestamp": "2021-07-08T07:05:33.000000Z"}, {"uuid": "87e11956-dd58-4934-9a36-c22f32225ba2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "https://t.me/cibsecurity/25909", "content": "\u203c CVE-2021-34527 \u203c\n\nWindows Print Spooler Remote Code Execution Vulnerability\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-07-03T02:32:40.000000Z"}, {"uuid": "00d15691-e8ad-4e3b-849c-4e8aaae38a64", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/3750", "content": "#Blue_Team_Techniques\n1. CVE-2021-1675/CVE-2021-34527 Detection Info\nhttps://github.com/LaresLLC/CVE-2021-1675\n]-> Restricting the ACLs:\nhttps://blog.truesec.com/2021/06/30/fix-for-printnightmare-cve-2021-1675-exploit-to-keep-your-print-servers-running-while-a-patch-is-not-available\n]-> Mitigation:\nhttps://doublepulsar.com/zero-day-for-every-supported-windows-os-version-in-the-wild-printnightmare-b3fdb82f840c\n\n2. Fail2exploit: a security audit of Fail2ban\nhttps://securitylab.github.com/research/Fail2exploit", "creation_timestamp": "2021-07-03T18:33:01.000000Z"}, {"uuid": "687413f5-feb1-4ce3-b501-5b705f9fff42", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34527", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/3786", "content": "#Blue_Team_Techniques\n1. A PrintNightmare (CVE-2021-34527) Python Scanner. Scan entire subnets for hosts vulnerable to the PrintNightmare RCE\nhttps://github.com/byt3bl33d3r/ItWasAllADream\n2. RdpCacheStitcher is a tool that supports forensic analysts in reconstructing useful images out of RDP cache bitmaps\nhttps://github.com/BSI-Bund/RdpCacheStitcher", "creation_timestamp": "2021-07-07T11:47:05.000000Z"}, {"uuid": "bd22c4a7-8820-44ba-af33-794b03ae51e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34527", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/4016", "content": "#Analytics\nTop 10 Most Used Vulns of the Month (July 1-31)\nCVE-2021-1675 - Windows Print Spooler EoP\nhttps://t.me/cybersecuritytechnologies/3723\nCVE-2021-34527 - Windows Print Spooler RCE\nhttps://t.me/cybersecuritytechnologies/3750\nCVE-2021-36934 - Windows SeriousSAM EoP\nhttps://t.me/cybersecuritytechnologies/3891\nCVE-2021-33909 - Sequoia - A LPE Vulnerability in Linux\u2019s Filesystem Layer\nhttps://t.me/cybersecuritytechnologies/3884\nCVE-2021-22555 - Heap out-of-bounds write vuln in Linux Netfilter\nhttps://t.me/cybersecuritytechnologies/3841\nCVE-2021-30807 - OOBR in AppleCLCD/IOMobileFrameBuffer\nhttps://t.me/cybersecuritytechnologies/3930\nCVE-2020-27020 - Vulnerability in Kaspersky Password Manager\nhttps://donjon.ledger.com/kaspersky-password-manager\nCVE-2021-35211 - SolarWinds Serv-U Managed File Transfer Vuln\nhttps://t.me/CyberSecurityTechnologies/4714\nCVE-2021-34481 - Windows Print Spooler EoP\nhttps://mobile.twitter.com/gentilkiwi/status/1416429860566847490\nCVE-2021-3438 - Printer\u2019s Drivers Vulnerability\nhttps://t.me/cybersecuritytechnologies/3969", "creation_timestamp": "2024-01-18T03:22:33.000000Z"}, {"uuid": "22c81f2b-0084-46b2-82bd-aef8fe72db18", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34527", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/4815", "content": "#Whitepaper\n\"CVE 2021-1675, CVE-2021-34527 PrintNightmare Vulnerability\", 2021.", "creation_timestamp": "2021-11-23T11:01:25.000000Z"}, {"uuid": "3e9ff675-a9dc-4bf3-91b2-65416b1c7d22", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34523", "type": "seen", "source": "https://www.thezdi.com/blog/2024/9/4/exploiting-exchange-powershell-after-proxynotshell-part-1-multivaluedproperty", "content": "", "creation_timestamp": "2024-09-05T15:39:37.000000Z"}, {"uuid": "1b52c675-a578-4329-ab2b-ae80ccf120f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34523", "type": "seen", "source": "MISP/cec219ff-8f6d-45c9-bdbb-b4fb8c9c0f2b", "content": "", "creation_timestamp": "2023-09-20T10:33:09.000000Z"}, {"uuid": "973a65fd-5b92-4ec1-80aa-b4a728de7028", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34523", "type": "seen", "source": "MISP/a9eb9e8e-d894-4f36-a6c2-ca8142f72d29", "content": "", "creation_timestamp": "2024-05-21T13:04:43.000000Z"}, {"uuid": "e60fca9d-9d17-4711-8abb-225d873e8bcf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34523", "type": "seen", "source": "MISP/fb8794e7-3965-40fc-ac5a-80fd9be85476", "content": "", "creation_timestamp": "2024-07-30T09:15:03.000000Z"}, {"uuid": "0225b052-60e8-43bc-bfe1-acabe9e7af6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971016", "content": "", "creation_timestamp": "2024-12-24T20:23:05.772575Z"}, {"uuid": "469b684a-a379-4749-a77b-5bb223032780", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34523", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971027", "content": "", "creation_timestamp": "2024-12-24T20:23:14.606162Z"}, {"uuid": "7ed9fd63-3f01-4b54-b3e4-6782fe5fa69f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34523", "type": "seen", "source": "https://bsky.app/profile/ytroncal.bsky.social/post/3lswtzea4w22p", "content": "", "creation_timestamp": "2025-07-01T23:28:04.054168Z"}, {"uuid": "856ec436-4b2e-4e8e-a818-b7bbd13d2d10", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2021-34520", "type": "seen", "source": "https://www.kyberturvallisuuskeskus.fi/fi/haavoittuvuus_21/2021", "content": "", "creation_timestamp": "2026-03-17T15:05:20.444486Z"}, {"uuid": "d6f838bf-a48c-4ee8-bb37-fdc622a7ca28", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2021-34522", "type": "seen", "source": "https://www.kyberturvallisuuskeskus.fi/fi/haavoittuvuus_21/2021", "content": "", "creation_timestamp": "2026-03-17T15:05:16.902295Z"}, {"uuid": "c83d0808-796d-4516-9a37-ae1f279dbf79", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2021-34525", "type": "seen", "source": "https://www.kyberturvallisuuskeskus.fi/fi/haavoittuvuus_21/2021", "content": "", "creation_timestamp": "2026-03-17T15:05:15.136788Z"}, {"uuid": "e87d994a-c2a6-4370-b47c-c138786692f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2021-34523", "type": "seen", "source": "https://www.kyberturvallisuuskeskus.fi/fi/haavoittuvuus_21/2021", "content": "", "creation_timestamp": "2026-03-17T15:01:21.684844Z"}, {"uuid": "27a9c370-b6d6-4239-982b-004a37877350", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=608", "content": "", "creation_timestamp": "2026-03-17T15:01:09.909181Z"}, {"uuid": "0651ff30-c6bb-4448-a5c4-50144762db24", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=605", "content": "", "creation_timestamp": "2026-03-17T15:01:02.986240Z"}, {"uuid": "d1c019a7-829a-4ce8-aba4-d350600c4d56", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "https://www.kyberturvallisuuskeskus.fi/fi/haavoittuvuus_19/2021", "content": "", "creation_timestamp": "2026-03-17T15:01:01.355037Z"}, {"uuid": "cd3f262b-932e-471e-a4e1-128711a7625b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "https://gist.github.com/josephb4224/1d49fcfaa37fb1523b5451314f37b669", "content": "", "creation_timestamp": "2026-03-16T13:31:31.000000Z"}, {"uuid": "858a28c1-86f4-4e0d-9b61-c7a472851a17", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-1fdfda19-2805a58255f192e9", "content": "", "creation_timestamp": "2026-03-06T10:29:26.945736Z"}, {"uuid": "34cc278b-e217-4443-a7c9-d37bc2622c25", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34527", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/ab11cc3b-5777-46c9-ac87-3b5a3b445c23", "content": "", "creation_timestamp": "2026-02-02T12:28:51.976496Z"}, {"uuid": "4ff9934d-d6ad-456e-828b-3c786e294518", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34523", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/d8d4bf5a-324b-4e70-bab3-be55d588d75d", "content": "", "creation_timestamp": "2026-02-02T12:28:50.775159Z"}, {"uuid": "c161a4ee-80d2-462d-885e-0b55e8ebaeed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "https://gist.github.com/garagon/85a72cafb243e1a793677270ca7fad6d", "content": "", "creation_timestamp": "2026-02-17T13:27:58.000000Z"}, {"uuid": "367252d6-faba-44ec-a714-dafec71c4bfe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2021-34523", "type": "seen", "source": "MISP/c2d3cd1d-c08d-4312-8a7f-882826e2d83b", "content": "", "creation_timestamp": "2026-04-19T02:35:52.000000Z"}, {"uuid": "e9018aa4-c34d-4325-95b4-d6630eff25a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34527", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/ab11cc3b-5777-46c9-ac87-3b5a3b445c23", "content": "", "creation_timestamp": "2026-02-02T12:28:51.976496Z"}, {"uuid": "cd705a00-2309-4214-ac10-42dea0c2271b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34523", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/d41ef7ed-39b6-4408-a718-2c3bce5fc99e", "content": "", "creation_timestamp": "2025-03-03T08:51:11.190614Z"}, {"uuid": "64d336d4-dafa-42e3-b7b2-adf33d3e8dcb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34523", "type": "published-proof-of-concept", "source": "https://t.me/Linux_Arabss/84", "content": "\u0645\u062c\u0645\u0648\u0639\u0629 \u0628\u0631\u0627\u0645\u062c \u0627\u0644\u0641\u062f\u064a\u0629 BlackByte \u062a\u0642\u0648\u0645 \u0628\u0625\u0633\u062a\u063a\u0644\u0627\u0644 \u062b\u063a\u0631\u0627\u062a ProxyShell \u0641\u064a \u062e\u0627\u062f\u0645 Microsoft Exchange \u0644\u0644\u0648\u0635\u0648\u0644 \u0644\u0634\u0628\u0643\u0627\u062a \u0627\u0644\u0634\u0631\u0643\u0627\u062a\n_ \u0641\u064a \u062a\u0642\u0631\u064a\u0631 \u0645\u0641\u0635\u0644 \u0639\u0646 Red Canary \u062d\u0644\u0644 \u0627\u0644\u0628\u0627\u062d\u062b\u0648\u0646 \u0647\u062c\u0648\u0645 BlackByte Ransomware \u0648\u0625\u0633\u062a\u063a\u0644\u0627\u0644\u0647\u0627 \u0644\u062b\u063a\u0631\u0629 ProxyShell \u0644\u062a\u062b\u0628\u064a\u062a web shells \u0639\u0644\u0649 \u062e\u0627\u062f\u0645 Exchange \u0645\u064f\u062e\u062a\u0631\u0642\n\nRed Canary\nhttps://redcanary.com/blog/blackbyte-ransomware\n\nBleeping Computer\nhttps://www.bleepingcomputer.com/news/security/microsoft-exchange-servers-hacked-to-deploy-blackbyte-ransomware\n\n#ProxyShell #exploit #CVE-2021-31207 dCVE-2021-34523 #CVE-2021-34473\nProxyShell #poc\nhttps://github.com/dmaasland/proxyshell-poc\n\nProxyShell poc Exploit : Exchange Server RCE (ACL Bypass + EoP + Arbitrary File Write)\nhttps://github.com/ktecv2000/ProxyShell\n\n#poc for scanning ProxyShell\nhttps://github.com/mithridates1313/ProxyShell_POC\n\nAutomatic ProxyShell #Exploit\nhttps://github.com/Udyz/proxyshell-auto", "creation_timestamp": "2025-08-15T00:31:25.000000Z"}, {"uuid": "b94ef00a-42dc-433c-a2ea-1dc9ad949c20", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34527", "type": "exploited", "source": "https://t.me/GithubRedTeam/150", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aTo fight against Windows security breach PrintNightmare! (CVE-2021-34527, CVE-2021-1675)\nURL\uff1ahttps://github.com/Tomparte/PrintNightmare", "creation_timestamp": "2021-07-28T08:32:17.000000Z"}, {"uuid": "00dcd0ac-9c97-4b41-8564-37004337ad06", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34527", "type": "exploited", "source": "https://t.me/GithubRedTeam/352", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aTo fight against Windows security breach PrintNightmare! (CVE-2021-34527, CVE-2021-1675)\nURL\uff1ahttps://github.com/Tomparte/PrintNightmare", "creation_timestamp": "2021-08-20T11:43:19.000000Z"}, {"uuid": "88738d9a-f01a-4b1c-a66d-769f6af60856", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34523", "type": "published-proof-of-concept", "source": "https://t.me/ggfcvj/2954", "content": "\u0645\u062c\u0645\u0648\u0639\u0629 \u0628\u0631\u0627\u0645\u062c \u0627\u0644\u0641\u062f\u064a\u0629 BlackByte \u062a\u0642\u0648\u0645 \u0628\u0625\u0633\u062a\u063a\u0644\u0627\u0644 \u062b\u063a\u0631\u0627\u062a ProxyShell \u0641\u064a \u062e\u0627\u062f\u0645 Microsoft Exchange \u0644\u0644\u0648\u0635\u0648\u0644 \u0644\u0634\u0628\u0643\u0627\u062a \u0627\u0644\u0634\u0631\u0643\u0627\u062a\n_ \u0641\u064a \u062a\u0642\u0631\u064a\u0631 \u0645\u0641\u0635\u0644 \u0639\u0646 Red Canary \u062d\u0644\u0644 \u0627\u0644\u0628\u0627\u062d\u062b\u0648\u0646 \u0647\u062c\u0648\u0645 BlackByte Ransomware \u0648\u0625\u0633\u062a\u063a\u0644\u0627\u0644\u0647\u0627 \u0644\u062b\u063a\u0631\u0629 ProxyShell \u0644\u062a\u062b\u0628\u064a\u062a web shells \u0639\u0644\u0649 \u062e\u0627\u062f\u0645 Exchange \u0645\u064f\u062e\u062a\u0631\u0642\n\nRed Canary\nhttps://redcanary.com/blog/blackbyte-ransomware\n\nBleeping Computer\nhttps://www.bleepingcomputer.com/news/security/microsoft-exchange-servers-hacked-to-deploy-blackbyte-ransomware\n\n#ProxyShell #exploit #CVE-2021-31207 dCVE-2021-34523 #CVE-2021-34473\nProxyShell #poc\nhttps://github.com/dmaasland/proxyshell-poc\n\nProxyShell poc Exploit : Exchange Server RCE (ACL Bypass + EoP + Arbitrary File Write)\nhttps://github.com/ktecv2000/ProxyShell\n\n#poc for scanning ProxyShell\nhttps://github.com/mithridates1313/ProxyShell_POC\n\nAutomatic ProxyShell #Exploit\nhttps://github.com/Udyz/proxyshell-auto", "creation_timestamp": "2021-12-03T14:02:51.000000Z"}, {"uuid": "cb93719a-e935-4923-8623-da64f7965be2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34527", "type": "exploited", "source": "https://t.me/GithubRedTeam/707", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aPython implementation for PrintNightmare (CVE-2021-1675 / CVE-2021-34527)\nURL\uff1ahttps://github.com/ly4k/PrintNightmare", "creation_timestamp": "2021-10-17T13:34:40.000000Z"}, {"uuid": "d6d23c24-70bf-44fc-b99f-a5754ce564d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34527", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7341", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aA PrintNightmare (CVE-2021-34527) Python Scanner. Scan entire subnets for hosts vulnerable to the PrintNightmare RCE\nURL\uff1ahttps://github.com/byt3bl33d3r/ItWasAllADream\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2024-05-19T16:54:53.000000Z"}, {"uuid": "4ce389c7-0b89-41e1-9020-6299068313c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34527", "type": "published-proof-of-concept", "source": "Telegram/maf2TFOSyoSTf8xOkgyu0UgeCyGF21FfgwtUN3M8h6X6o90", "content": "", "creation_timestamp": "2025-08-24T15:00:06.000000Z"}, {"uuid": "6ef782f2-5955-44a6-a5c5-b35070caddf4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "https://t.me/YouPentest/4833", "content": "Understanding PrintNightmare Vulnerability | (CVE-2021-1675) and (CVE-2021-34527)\n\nhttps://www.youtube.com/watch?v=qRxzPOSlu3Y", "creation_timestamp": "2022-05-20T09:00:08.000000Z"}, {"uuid": "285c4a50-cea7-4f33-a393-333a9f6cd47f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "https://t.me/YouPentest/4935", "content": "Understanding PrintNightmare Vulnerability | (CVE-2021-1675) and (CVE-2021-34527) TryHackMe\n\nhttps://www.youtube.com/watch?v=qRxzPOSlu3Y", "creation_timestamp": "2022-05-29T13:08:28.000000Z"}, {"uuid": "ca3ccfb3-8f7f-42e9-aa40-b8657c3fa30c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34527", "type": "published-proof-of-concept", "source": "Telegram/RYetcLsOmihSjL6vrmK8b2EEcP3aYfaPpeqAArUjps5i1kk", "content": "", "creation_timestamp": "2025-07-25T03:00:05.000000Z"}, {"uuid": "61a5c41c-7072-4ea7-9d17-cafe6cb1a4fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34523", "type": "seen", "source": "https://t.me/avleonovrus/54", "content": "\u0412 \u0442\u043e\u043c \u0436\u0435 \u043e\u0442\u0447\u0435\u0442\u0435 Palo Alto 2022 Unit 42 Incident Response Report \u0435\u0441\u0442\u044c \u0435\u0449\u0451 \u043e\u0434\u0438\u043d \u043f\u0440\u0438\u043a\u043e\u043b\u044c\u043d\u044b\u0439 \u043c\u043e\u043c\u0435\u043d\u0442. \u0413\u0440\u0443\u043f\u043f\u044b \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0447\u0435\u0440\u0435\u0437 \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0447\u0430\u0449\u0435 \u0432\u0441\u0435\u0433\u043e \u043b\u043e\u043c\u0430\u043b\u0438 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438. \"\u0412 \u0441\u043b\u0443\u0447\u0430\u044f\u0445, \u043a\u043e\u0433\u0434\u0430 \u0440\u0435\u0441\u043f\u043e\u043d\u0434\u0435\u043d\u0442\u044b \u043f\u043e\u043b\u043e\u0436\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u0443\u044e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u043c, \u0431\u043e\u043b\u0435\u0435 87% \u0438\u0437 \u043d\u0438\u0445 \u043f\u043e\u043f\u0430\u043b\u0438 \u0432 \u043e\u0434\u043d\u0443 \u0438\u0437 \u0448\u0435\u0441\u0442\u0438 \u043a\u0430\u0442\u0435\u0433\u043e\u0440\u0438\u0439 CVE\".\n\n\u041a\u0430\u0442\u0435\u0433\u043e\u0440\u0438\u0438: \n\n\u2022 55% Microsoft Exchange ProxyShell (CVE-2021-34473, CVE-2021-34523, CVE-2021-31207)\n\u2022 14% Log4j\n\u2022 7% SonicWall CVEs\n\u2022 5% Microsoft Exchange ProxyLogon (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065)\n\u2022 4% Zoho ManageEngine ADSelfService Plus (CVE-2021-40539)\n\u2022 3% Fortinet CVEs\n\n\u2022 13% Other\n\n\u0421 \u043e\u0434\u043d\u043e\u0439 \u0441\u0442\u043e\u0440\u043e\u043d\u044b \u044d\u0442\u043e \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u043f\u0440\u0438\u043e\u0440\u0438\u0442\u0438\u0437\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0438 \u0434\u043b\u044f \u043e\u0431\u0449\u0438\u0445 \u0440\u0430\u0437\u043c\u044b\u0448\u043b\u0435\u043d\u0438\u0439 \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u043a\u0430\u043a\u043e\u043c \u0441\u043e\u0444\u0442\u0435 \u0441\u0442\u043e\u0438\u0442 \u0432 \u043f\u0435\u0440\u0432\u0443\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c \u043e\u0431\u0440\u0430\u0449\u0430\u0442\u044c \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u0435. \u041d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0438\u0437 Other \u044f \u0431\u044b \u0442\u043e\u0436\u0435 \u043f\u043e\u0441\u043c\u043e\u0442\u0440\u0435\u043b, \u043d\u043e \u0438\u0445 \u043a \u0441\u043e\u0436\u0430\u043b\u0435\u043d\u0438\u044e \u043d\u0435 \u043f\u0440\u0438\u0432\u0435\u043b\u0438 \u0432 \u043e\u0442\u0447\u0435\u0442\u0435. \n\n\u0421 \u0434\u0440\u0443\u0433\u043e\u0439 \u0441\u0442\u043e\u0440\u043e\u043d\u044b \u044d\u0442\u043e \u043f\u043e\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442 \u043d\u0430\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0442\u0435\u043c\u0430 \u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c\u0438 \u0438 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0437\u0430\u0432\u0438\u0441\u0438\u0442 \u043e\u0442 \u043a\u043e\u043d\u043a\u0440\u0435\u0442\u043d\u043e\u0433\u043e \u0440\u0435\u0433\u0438\u043e\u043d\u0430. \u041d\u0443 \u0434\u043e\u043f\u0443\u0441\u0442\u0438\u043c Exchange \u0432\u0435\u0437\u0434\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442, \u044d\u0442\u043e \u0434\u0430. Log4j \u0442\u0430\u043a\u0436\u0435 \u0432\u0441\u0435\u0445 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u043b \u0442\u0430\u043a \u0438\u043b\u0438 \u0438\u043d\u0430\u0447\u0435. \u041c\u043e\u0436\u043d\u043e \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u0442\u044c, \u0447\u0442\u043e \u0432 \u043d\u0430\u0448\u0438\u0445 \u0448\u0438\u0440\u043e\u0442\u0430\u0445 \u043a\u043e\u0435-\u043a\u0442\u043e \u043a\u0440\u0435\u043f\u043a\u043e \u0441\u0438\u0434\u0438\u0442 \u043d\u0430 Fortinet. \u041d\u043e \u0432\u043e\u0442 SonicWall \u0438 Zoho \u043a\u0430\u0436\u0443\u0442\u0441\u044f \u0447\u0435\u043c-\u0442\u043e \u0441\u043e\u0432\u0441\u0435\u043c \u044d\u043a\u0437\u043e\u0442\u0438\u0447\u043d\u044b\u043c. \u0410 \u0442\u0430\u043c, \u0433\u0434\u0435 Unit 42  incident response \u043a\u0435\u0439\u0441\u044b \u0440\u0435\u0448\u0430\u0435\u0442, \u044d\u0442\u043e \u043e\u0447\u0435\u043d\u044c \u0437\u043d\u0430\u0447\u0438\u043c\u044b\u0435 \u0448\u0442\u0443\u043a\u0438. \u0418\u043b\u0438 \u0432\u0441\u043f\u043e\u043c\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0448\u043b\u043e\u0433\u043e\u0434\u043d\u044e\u044e \u044d\u043f\u043e\u043f\u0435\u044e, \u043a\u043e\u0433\u0434\u0430  \u043c\u0430\u0441\u0441\u043e\u0432\u043e \u043f\u043e\u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043b\u0438 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u0447\u0435\u0440\u0435\u0437 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 Kaseya VSA. \u0411\u043e\u043b\u044c\u0448\u0435 \u0442\u044b\u0441\u044f\u0447\u0438 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0439 \u043f\u043e\u0441\u0442\u0440\u0430\u0434\u0430\u043b\u0438, \u043d\u043e \u043e\u043f\u044f\u0442\u044c \u0436\u0435 \u044d\u0442\u043e \u043d\u0435 \u0432 \u043d\u0430\u0448\u0435\u043c \u0440\u0435\u0433\u0438\u043e\u043d\u0435, \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u043d\u0430\u043c \u043d\u0435 \u043e\u0441\u043e\u0431\u043e \u044d\u0442\u043e \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u043e \u0431\u044b\u043b\u043e. \n\n\u0421 \u0443\u0447\u0435\u0442\u043e\u043c \u0438\u0441\u0445\u043e\u0434\u0430 \u0437\u0430\u043f\u0430\u0434\u043d\u044b\u0445 \u0432\u0435\u043d\u0434\u043e\u0440\u043e\u0432 \u0441 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u043e\u0433\u043e \u0440\u044b\u043d\u043a\u0430 IT \u043b\u0430\u043d\u0434\u0448\u0430\u0444\u0442\u044b \"\u0437\u0434\u0435\u0441\u044c\" \u0438 \"\u0442\u0430\u043c\" \u0431\u0443\u0434\u0443\u0442 \u0432\u0441\u0435 \u0431\u043e\u043b\u044c\u0448\u0435 \u0438 \u0431\u043e\u043b\u044c\u0448\u0435 \u0440\u0430\u0437\u043b\u0438\u0447\u0430\u0442\u044c\u0441\u044f. \u0418 \u0432\u0441\u0435 \u0431\u043e\u043b\u044c\u0448\u0443\u044e \u0440\u043e\u043b\u044c \u0432 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u0445 \u0431\u0443\u0434\u0443\u0442 \u0438\u0433\u0440\u0430\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0441\u043e\u0444\u0442\u0435, \u043e \u043a\u043e\u0442\u043e\u0440\u043e\u043c \u0437\u0430\u043f\u0430\u0434\u043d\u044b\u0435 \u0418\u0411 \u0432\u0435\u043d\u0434\u043e\u0440\u044b \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e \u0438 \u043d\u0435 \u0441\u043b\u044b\u0448\u0430\u043b\u0438 \u043d\u0438\u043a\u043e\u0433\u0434\u0430. \u0418 \u044d\u0442\u043e \u0432 \u043e\u0431\u0435 \u0441\u0442\u043e\u0440\u043e\u043d\u044b \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442. \u0417\u043d\u0430\u0447\u0438\u0442 \u043b\u0438 \u044d\u0442\u043e, \u0447\u0442\u043e \u0438 Vulnerability Management \u0440\u0435\u0448\u0435\u043d\u0438\u044f \u043d\u0430\u043c \u043f\u043e\u043d\u0430\u0434\u043e\u0431\u044f\u0442\u0441\u044f \u0432\u0441\u0435 \u0431\u043e\u043b\u0435\u0435 \u0438 \u0431\u043e\u043b\u0435\u0435 \u0437\u0430\u0442\u043e\u0447\u0435\u043d\u043d\u044b\u0435 \u043f\u043e\u0434 \u043d\u0430\u0448\u0438 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0435 \u0440\u0435\u0430\u043b\u0438\u0438? \u041d\u0443 \u0432\u0438\u0434\u0438\u043c\u043e \u0434\u0430. \n\n\u041f\u043e\u0445\u043e\u0436\u0435, \u0447\u0442\u043e \u0432\u0440\u0435\u043c\u044f \u0431\u0435\u0437\u0443\u0441\u043b\u043e\u0432\u043d\u043e\u0439 \u0433\u043b\u043e\u0431\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u0432 IT \u0443\u0445\u043e\u0434\u0438\u0442, \u0430 \u0432\u043c\u0435\u0441\u0442\u0435 \u0441 \u0442\u0435\u043c \u0438 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 VM-\u0432\u0435\u043d\u0434\u043e\u0440\u043e\u0432 \u043e\u0442\u043d\u043e\u0441\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u043f\u0440\u043e\u0441\u0442\u043e \u0432\u043d\u0435\u0434\u0440\u044f\u0442\u044c \u0441\u0432\u043e\u0438 \u0440\u0435\u0448\u0435\u043d\u0438\u044f \u0432 \u043d\u043e\u0432\u044b\u0445 \u0440\u0435\u0433\u0438\u043e\u043d\u0430\u0445. \u0427\u0442\u043e \u043f\u043e\u0434\u0435\u043b\u0430\u0442\u044c.\n\n@avleonovrus #VMnews #PaloAlto", "creation_timestamp": "2023-09-21T09:23:10.000000Z"}, {"uuid": "1b2aa65e-aedc-429d-9dec-dc29e3e3bb3b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34523", "type": "seen", "source": "https://t.me/justsecurity/116", "content": "\u041f\u043e\u0437\u043d\u0430\u0439 \u0441\u0432\u043e\u0439 Exchange \u0441\u0435\u0440\u0432\u0435\u0440 \u0438 OWA\n\n\u041c\u043d\u043e\u0433\u0438\u0435 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0440\u0435\u0448\u0435\u043d\u0438\u0435 \u043e\u0442 Microsoft \u0434\u043b\u044f \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438 \u043e\u0442\u043f\u0440\u0430\u0432\u043a\u0438 \u0438 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u043f\u0438\u0441\u0435\u043c, \u043d\u043e \u043c\u0430\u043b\u043e \u043a\u0442\u043e \u0437\u043d\u0430\u0435\u0442, \u043a\u0430\u043a\u0438\u0435 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0438 \u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0433\u0443\u0442 \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043e\u0432\u0430\u0442\u044c \u0432 Exchange \u0438 OWA.\n\n\u041e\u0431\u0449\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0438\u0437 \u043d\u0438\u0445:\n\n\u25ab\ufe0f ProxyLogon: \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043e\u0431\u043e\u0439\u0442\u0438 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044e \u0438 \u0432\u044b\u0434\u0430\u0442\u044c \u0441\u0435\u0431\u044f \u0437\u0430 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430.\n\n\u25ab\ufe0f ProxyShell: \u043d\u0430\u0431\u043e\u0440 \u0438\u0437 \u0442\u0440\u0435\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430 \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438.\n\n\u25ab\ufe0f ProxyToken: \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u0438\u0441\u044c\u043c\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0445 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439.\n\n\u041c\u043d\u043e\u0433\u0438\u0435 \u0438\u0445 \u043d\u0438\u0445 \u2014 \u0446\u0435\u043f\u043e\u0447\u043a\u0438 \u0438\u0437 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, ProxyShell \u043e\u0431\u044a\u0435\u0434\u0438\u043d\u044f\u0435\u0442 \u0432 \u0441\u0435\u0431\u044f CVE-2021-34473, CVE-2021-34523, CVE-2021-31207.\n\n\u0427\u0442\u043e\u0431\u044b \u043f\u0440\u043e\u0432\u0435\u0440\u0438\u0442\u044c, \u0443\u044f\u0437\u0432\u0438\u043c \u043b\u0438 \u0441\u0435\u0440\u0432\u0435\u0440 \u043a \u043f\u043e\u0434\u043e\u0431\u043d\u044b\u043c \u0431\u0430\u0433\u0430\u043c, \u043c\u043e\u0436\u043d\u043e \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0441\u043a\u0430\u043d\u0435\u0440\u0430\u043c\u0438, \u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, Nuclei \u0438\u043b\u0438 \u0433\u043e\u0442\u043e\u0432\u044b\u043c\u0438 \u0441\u043a\u0440\u0438\u043f\u0442\u0430\u043c\u0438 \u043e\u0442 \u0441\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u0430.\n\n\u041d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u0438\u043c\u0435\u044e\u0442 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u043f\u043e\u043c\u043e\u0447\u044c \u0432 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438 \u0431\u0443\u0448\u0443\u044e\u0449\u0438\u0445 \u0430\u0442\u0430\u043a.\n\n\u0418\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0435 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0438:\n\n\u25ab\ufe0f\u041f\u0435\u0440\u0435\u0447\u0438\u0441\u043b\u0435\u043d\u0438\u0435 \u0438\u043c\u0435\u043d\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 \u0432\u0440\u0435\u043c\u0435\u043d\u0438 (Timing-Based Username Enumeration): \u0430\u0442\u0430\u043a\u0430 \u0437\u0430\u043a\u043b\u044e\u0447\u0430\u0435\u0442\u0441\u044f \u0432 \u0442\u043e\u043c, \u0447\u0442\u043e OWA \u043e\u0442\u0432\u0435\u0447\u0430\u0435\u0442 \u0441 \u0437\u0430\u0434\u0435\u0440\u0436\u043a\u043e\u0439, \u0435\u0441\u043b\u0438 \u043f\u0440\u0438 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0443\u043a\u0430\u0437\u0430\u043d\u0430 \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u044e\u0449\u0430\u044f \u0443\u0447\u0435\u0442\u043d\u0430\u044f \u0437\u0430\u043f\u0438\u0441\u044c, \u0434\u0430\u0436\u0435 \u0435\u0441\u043b\u0438 \u043f\u0430\u0440\u043e\u043b\u044c \u043d\u0435\u0432\u0435\u0440\u043d\u044b\u0439. \u0422\u0430\u043a\u0438\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0438\u0442\u044c email-\u0430\u0434\u0440\u0435\u0441\u0430 \u0441\u043e\u0442\u0440\u0443\u0434\u043d\u0438\u043a\u043e\u0432 \u0434\u043b\u044f \u043f\u043e\u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0445 \u0430\u0442\u0430\u043a.\n\n\u25ab\ufe0fPassword Spraying: \u0430\u0442\u0430\u043a\u0430, \u043f\u0440\u0438 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0444\u0438\u043a\u0441\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u043f\u0430\u0440\u043e\u043b\u044c, \u0430 \u043b\u043e\u0433\u0438\u043d \u043f\u0435\u0440\u0435\u0431\u0438\u0440\u0430\u0435\u0442\u0441\u044f. \u041f\u0440\u0438\u043c\u0435\u043d\u044f\u0435\u0442\u0441\u044f, \u0447\u0442\u043e\u0431\u044b \u043e\u0431\u043e\u0439\u0442\u0438 \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c \u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u043a\u0438 \u0443\u0447\u0435\u0442\u043d\u043e\u0439 \u0437\u0430\u043f\u0438\u0441\u0438 \u043f\u0440\u0438 \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e \u0432\u0432\u0435\u0434\u0435\u043d\u043d\u043e\u043c \u043f\u0430\u0440\u043e\u043b\u0435 \u0431\u043e\u043b\u0435\u0435 N-\u0440\u0430\u0437 \u0437\u0430 \u043f\u0440\u043e\u043c\u0435\u0436\u0443\u0442\u043e\u043a \u0432\u0440\u0435\u043c\u0435\u043d\u0438. \n\n\u041a\u0430\u043a \u0431\u044b\u0442\u044c?\n\n\u2192 \u0414\u0435\u0440\u0436\u0438\u043c \u0441\u0432\u043e\u0435 \u041f\u041e \u0432 \u0430\u043a\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u043c \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0438 \u0438 \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u0435\u043c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438.\n\u2192 \u0418\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c \u0441\u0442\u0440\u043e\u0433\u0443\u044e \u043f\u0430\u0440\u043e\u043b\u044c\u043d\u0443\u044e \u043f\u043e\u043b\u0438\u0442\u0438\u043a\u0443 \u0438 \u0434\u0432\u0443\u0445\u0444\u0430\u043a\u0442\u043e\u0440\u043d\u0443\u044e \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044e.\n\u2192 \u0415\u0441\u043b\u0438 \u0433\u0435\u043e\u0433\u0440\u0430\u0444\u0438\u044f \u043b\u0435\u0433\u0438\u0442\u0438\u043c\u043d\u044b\u0445 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u0430\u044f, \u0431\u043b\u043e\u043a\u0438\u0440\u0443\u0435\u043c \u043e\u0441\u0442\u0430\u043b\u044c\u043d\u044b\u0445 \u043f\u043e \u0413\u0435\u043e-\u043f\u0440\u0438\u0437\u043d\u0430\u043a\u0430\u043c.\n\u2192 \u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 CAPTCHA (\u0441\u043b\u043e\u0436\u043d\u043e \u0434\u043b\u044f OWA, \u043d\u043e \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e).\n\n\u041a\u0441\u0442\u0430\u0442\u0438, \u0443 \u043a\u043e\u0433\u043e-\u0442\u043e \u0431\u044b\u043b \u043e\u043f\u044b\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f https://www.messageware.com/epg/? \u041f\u043e\u0434\u0435\u043b\u0438\u0442\u0435\u0441\u044c \u0441\u0432\u043e\u0438\u043c \u043c\u043d\u0435\u043d\u0438\u0435\u043c)", "creation_timestamp": "2022-10-22T09:21:32.000000Z"}, {"uuid": "fbd6df75-b67f-4861-9bb0-6d60c72edbe7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34527", "type": "published-proof-of-concept", "source": "https://t.me/NinjaSec/290", "content": "1. https://github.com/Sachinart/CVE-2025-32432\nCheck for CVE-2025-32432 vulnerability\n#github #exploit\n\n\n2. https://github.com/helidem/CVE-2025-24054-PoC\nProof of Concept for NTLM Hash Leak via .library-ms CVE-2025-24054\n#github #poc\n\n\n3. https://github.com/ajdumanhug/CVE-2023-46818\nCVE-2023-46818 Python3 Exploit for ISPConfig <= 3.2.11 PHP Code Injection\n#github #exploit\n\n\n4. https://github.com/0x6rss/CVE-2025-24071_PoC\nNTLM hash leak via .library-ms inside ZIP/RAR (CVE-2025-24071)\n#github #poc\n\n\n5. https://github.com/trickest/cve/blob/main/2022/CVE-2022-42092.md\nCVE-2022-42092 \u2013 Backdrop CMS RCE PoC\n#github #exploit\n\n\n6. https://github.com/nomi-sec/PoC-in-GitHub\nAggregated CVE Exploits and PoCs from GitHub\n#github #tool\n\n\n7. https://github.com/SofianeHamlaoui/CVE-2022-0492-Checker\nLinux Container Escape CVE-2022-0492 vulnerability checker\n#github #exploit\n\n\n8. https://github.com/xigney/CVE-2025-24054_PoC\nAlternate NTLM Hash Leak via .library-ms CVE-2025-24054\n#github #poc\n\n\n9. https://github.com/bipbopbup/CVE-2023-46818-python-exploit\nPython PoC for CVE-2023-46818 in ISPConfig\n#github #exploit\n\n\n10. https://github.com/Marcejr117/CVE-2025-24071_PoC\nNTLM Hash Leak using .library-ms via ZIP trick (CVE-2025-24071)\n#github #poc\n\n\n11. https://github.com/Ostorlab/KEV\nKnown Exploited Vulnerabilities Detector\n#github #scanner\n\n\n12. https://github.com/edoardottt/missing-cve-nuclei-templates\nMissing CVE Detection via Nuclei Templates\n#github #scanner\n\n\n13. https://github.com/hyp3rlinx/Advisories\nZero-Day Security Advisories and Exploits by Hyp3rlinx\n#github #exploit\n\n\n14. https://github.com/Kubashok/apple-cve-repos\nApple CVE Database Links Repository\n#github #cve\n\n\n15. https://github.com/esnet/Seccubus_v2\nSeccubus Test Data for Vulnerability Scanners\n#github #tool\n\n\n16. https://github.com/skordemir/Xml2Ontology\nNessus XML Vulnerability Report Samples\n#github #data\n\n\n17. https://github.com/madirish/hector\nHector: Vulnerability Management Tool with Sample Nessus Reports\n#github #tool\n\n\n18. https://github.com/projectdiscovery/nuclei-templates/issues/8804\nNuclei Template request for ISPConfig CVE-2023-46818\n#github #scanner\n\n\n19. https://github.com/projectdiscovery/nuclei-templates/issues/12020\nNuclei Template PoC Request for CraftCMS CVE-2025-32432\n#github #scanner\n\n\n20. https://github.com/tanjiti/sec_profile\nSecurity Profile Aggregator \u2013 CVE, CISA, NVD, etc.\n#github #intel\n\n\n21. https://github.com/cube0x0/CVE-2021-1675\nPrintNightmare Exploit PoC (CVE-2021-1675 / CVE-2021-34527)\n#github #exploit\n\n22. https://github.com/Maldev-Academy/LsassHijackingViaReg\n\nInjecting DLL into LSASS at boot\n#github #tools\n\n\nOpen-source tools and proof-of-concept (PoC) repositories related to recent CVEs, exploits, and security research. These resources are valuable for educational purposes and can aid students in understanding real-world vulnerabilities and exploitation techniques.", "creation_timestamp": "2025-05-05T10:30:13.000000Z"}, {"uuid": "a8bf0e7a-aa55-44cf-b3d7-1270ddfaf468", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "https://t.me/ctinow/36538", "content": "Quick look at CVE-2021-1675 & CVE-2021-34527 (aka PrintNightmare)\n\nhttps://ift.tt/3qUGxTr", "creation_timestamp": "2021-07-08T07:05:32.000000Z"}, {"uuid": "e27dedae-e7de-45b2-9324-25188e06775d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34523", "type": "published-proof-of-concept", "source": "https://t.me/anwar1213xx/1411", "content": "\u0645\u062c\u0645\u0648\u0639\u0629 \u0628\u0631\u0627\u0645\u062c \u0627\u0644\u0641\u062f\u064a\u0629 BlackByte \u062a\u0642\u0648\u0645 \u0628\u0625\u0633\u062a\u063a\u0644\u0627\u0644 \u062b\u063a\u0631\u0627\u062a ProxyShell \u0641\u064a \u062e\u0627\u062f\u0645 Microsoft Exchange \u0644\u0644\u0648\u0635\u0648\u0644 \u0644\u0634\u0628\u0643\u0627\u062a \u0627\u0644\u0634\u0631\u0643\u0627\u062a\n_ \u0641\u064a \u062a\u0642\u0631\u064a\u0631 \u0645\u0641\u0635\u0644 \u0639\u0646 Red Canary \u062d\u0644\u0644 \u0627\u0644\u0628\u0627\u062d\u062b\u0648\u0646 \u0647\u062c\u0648\u0645 BlackByte Ransomware \u0648\u0625\u0633\u062a\u063a\u0644\u0627\u0644\u0647\u0627 \u0644\u062b\u063a\u0631\u0629 ProxyShell \u0644\u062a\u062b\u0628\u064a\u062a web shells \u0639\u0644\u0649 \u062e\u0627\u062f\u0645 Exchange \u0645\u064f\u062e\u062a\u0631\u0642\n\nRed Canary\nhttps://redcanary.com/blog/blackbyte-ransomware\n\nBleeping Computer\nhttps://www.bleepingcomputer.com/news/security/microsoft-exchange-servers-hacked-to-deploy-blackbyte-ransomware\n\n#ProxyShell #exploit #CVE-2021-31207 dCVE-2021-34523 #CVE-2021-34473\nProxyShell #poc\nhttps://github.com/dmaasland/proxyshell-poc\n\nProxyShell poc Exploit : Exchange Server RCE (ACL Bypass + EoP + Arbitrary File Write)\nhttps://github.com/ktecv2000/ProxyShell\n\n#poc for scanning ProxyShell\nhttps://github.com/mithridates1313/ProxyShell_POC\n\nAutomatic ProxyShell #Exploit\nhttps://github.com/Udyz/proxyshell-auto", "creation_timestamp": "2021-12-03T15:03:05.000000Z"}, {"uuid": "78bef00a-7ad4-4a65-8ba1-c66a9d447318", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34523", "type": "published-proof-of-concept", "source": "https://t.me/ViralCyber/5196", "content": "\u0622\u0632\u0645\u0627\u06cc\u0634\u06af\u0627\u0647 \u06a9\u0633\u067e\u0631\u0633\u06a9\u06cc \u0628\u0647 \u0628\u0645\u0628\u0627\u0631\u0627\u0646 \u06af\u0632\u0627\u0631\u0634 \u0647\u0627\u06cc \u062c\u062f\u06cc\u062f \u0627\u062f\u0627\u0645\u0647 \u0645\u06cc \u062f\u0647\u062f.\n\n\u062f\u0631 \u06cc\u06a9\u06cc \u0627\u0632 \u062c\u062f\u06cc\u062f\u062a\u0631\u06cc\u0646 \u0647\u0627\u060c \u0645\u062d\u0642\u0642\u0627\u0646 \u0628\u0647 \u062a\u0641\u0635\u06cc\u0644 \u06cc\u06a9 \u062d\u0645\u0644\u0647 \u0647\u062f\u0641\u0645\u0646\u062f \u062a\u0648\u0633\u0637 \u06af\u0631\u0648\u0647 APT \u0686\u06cc\u0646\u06cc Tropic Trooper \u0631\u0627 \u06a9\u0647 \u062a\u062d\u0642\u06cc\u0642\u0627\u062a \u062d\u0642\u0648\u0642 \u0628\u0634\u0631 \u062f\u0631 \u062e\u0627\u0648\u0631\u0645\u06cc\u0627\u0646\u0647 \u0631\u0627 \u0647\u062f\u0641 \u0642\u0631\u0627\u0631 \u0645\u06cc \u062f\u0647\u062f\u060c \u062a\u062c\u0632\u06cc\u0647 \u0648 \u062a\u062d\u0644\u06cc\u0644 \u0645\u06cc \u06a9\u0646\u0646\u062f.\n\nTropic Trooper \u06a9\u0647 \u0627\u0632 \u0633\u0627\u0644 2011 \u0641\u0639\u0627\u0644 \u0627\u0633\u062a\u060c \u0647\u0645\u0686\u0646\u06cc\u0646 \u0628\u0627 \u0646\u0627\u0645 \u0647\u0627\u06cc APT23\u060c Earth Centaur\u060c KeyBoy \u0648 Pirate Panda \u0634\u0646\u0627\u062e\u062a\u0647 \u0645\u06cc \u0634\u0648\u062f\u060c \u0628\u0647 \u062f\u0644\u06cc\u0644 \u062d\u0645\u0644\u0627\u062a \u062e\u0648\u062f \u0628\u0647 \u062f\u0648\u0644\u062a\u060c \u0645\u0631\u0627\u0642\u0628\u062a \u0647\u0627\u06cc \u0628\u0647\u062f\u0627\u0634\u062a\u06cc\u060c \u062d\u0645\u0644 \u0648 \u0646\u0642\u0644 \u0648 \u0634\u0631\u06a9\u062a \u0647\u0627\u06cc \u0641\u0646\u0627\u0648\u0631\u06cc \u067e\u06cc\u0634\u0631\u0641\u062a\u0647 \u062f\u0631 \u062a\u0627\u06cc\u0648\u0627\u0646\u060c \u0647\u0646\u06af \u06a9\u0646\u06af \u0648 \u0641\u06cc\u0644\u06cc\u067e\u06cc\u0646 \u0634\u0646\u0627\u062e\u062a\u0647 \u0634\u062f\u0647 \u0627\u0633\u062a. \n\n\u0631\u0648\u0627\u0628\u0637 \u0646\u0632\u062f\u06cc\u06a9\u06cc \u0628\u0627 \u06af\u0631\u0648\u0647 \u062f\u06cc\u06af\u0631\u06cc \u062f\u0627\u0631\u062f \u06a9\u0647 \u0628\u0627 \u0646\u0627\u0645 FamousSparrow \u062f\u0646\u0628\u0627\u0644 \u0645\u06cc \u0634\u0648\u062f.\n\n\u0645\u062d\u0642\u0642\u0627\u0646 \u06af\u0632\u0627\u0631\u0634 \u0645\u06cc \u062f\u0647\u0646\u062f \u06a9\u0647 \u062d\u062f\u0627\u0642\u0644 \u0627\u0632 \u0698\u0648\u0626\u0646 2023\u060c Tropic Trooper \u06cc\u06a9 \u06a9\u0645\u067e\u06cc\u0646 \u062c\u0627\u0633\u0648\u0633\u06cc \u0633\u0627\u06cc\u0628\u0631\u06cc \u0631\u0627 \u0628\u0627 \u0647\u062f\u0641 \u0642\u0631\u0627\u0631 \u062f\u0627\u062f\u0646 \u0633\u0627\u0632\u0645\u0627\u0646 \u0647\u0627\u06cc \u062f\u0648\u0644\u062a\u06cc \u0646\u0627\u0634\u0646\u0627\u0633 \u062f\u0631 \u062e\u0627\u0648\u0631\u0645\u06cc\u0627\u0646\u0647 \u0648 \u0645\u0627\u0644\u0632\u06cc \u0627\u0646\u062c\u0627\u0645 \u062f\u0627\u062f\u0647 \u0627\u0633\u062a.\n\n\u0627\u06cc\u0646 \u0622\u0632\u0645\u0627\u06cc\u0634\u06af\u0627\u0647 \u062f\u0631 \u0698\u0648\u0626\u0646 2024 \u0641\u0639\u0627\u0644\u06cc\u062a\u06cc \u0631\u0627 \u0634\u0646\u0627\u0633\u0627\u06cc\u06cc \u06a9\u0631\u062f \u0648 \u0646\u0633\u062e\u0647 \u062c\u062f\u06cc\u062f\u06cc \u0627\u0632 \u067e\u0648\u0633\u062a\u0647 \u0648\u0628 China Chopper \u0631\u0627 \u0634\u0646\u0627\u0633\u0627\u06cc\u06cc \u06a9\u0631\u062f - \u0627\u0628\u0632\u0627\u0631\u06cc \u06a9\u0647 \u0645\u0648\u0631\u062f \u0639\u0644\u0627\u0642\u0647 \u0628\u0633\u06cc\u0627\u0631\u06cc \u0627\u0632 APT\u0647\u0627\u06cc \u0686\u06cc\u0646\u06cc \u0632\u0628\u0627\u0646 \u0628\u0631\u0627\u06cc \u062f\u0633\u062a\u0631\u0633\u06cc \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0628\u0647 \u0633\u0631\u0648\u0631\u0647\u0627\u06cc \u062f\u0631 \u0645\u0639\u0631\u0636 \u062e\u0637\u0631 \u0627\u0633\u062a - \u062f\u0631 \u06cc\u06a9 \u0648\u0628 \u0633\u0631\u0648\u0631 \u0639\u0645\u0648\u0645\u06cc \u06a9\u0647 \u062a\u0648\u0633\u0637 Umbraco CMS \u0645\u06cc\u0632\u0628\u0627\u0646\u06cc \u0634\u062f\u0647 \u0627\u0633\u062a.\n\n\u0632\u0646\u062c\u06cc\u0631\u0647 \u0627\u06cc \u0627\u0632 \u062d\u0645\u0644\u0627\u062a \u0634\u0627\u0645\u0644 \u062a\u0632\u0631\u06cc\u0642 \u0628\u062f\u0627\u0641\u0632\u0627\u0631\u06cc \u0628\u0647 \u0646\u0627\u0645 Crowdoor \u0628\u0648\u062f \u06a9\u0647 \u0646\u0648\u0639\u06cc \u0627\u0632 \u062f\u0631\u067e\u0634\u062a\u06cc SparrowDoor \u0627\u0633\u062a \u06a9\u0647 \u062a\u0648\u0633\u0637 ESET \u062f\u0631 \u0633\u067e\u062a\u0627\u0645\u0628\u0631 2021 \u0645\u0633\u062a\u0646\u062f \u0634\u062f\u0647 \u0628\u0648\u062f.\n\n\u0628\u0647\u0631\u0647 \u0628\u0631\u062f\u0627\u0631\u06cc \u0628\u0639\u062f\u06cc \u0645\u0646\u062c\u0631 \u0628\u0647 \u0627\u0633\u062a\u0642\u0631\u0627\u0631 \u0627\u0628\u0632\u0627\u0631\u0647\u0627\u06cc \u0627\u0633\u06a9\u0646 \u0634\u0628\u06a9\u0647\u060c \u062d\u0631\u06a9\u062a \u062c\u0627\u0646\u0628\u06cc \u0648 \u0628\u0627\u06cc \u067e\u0633 \u0627\u0645\u0646\u06cc\u062a\u06cc \u0628\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u062a\u06a9\u0646\u06cc\u06a9 \u0647\u0627\u06cc \u0628\u0627\u0631\u06af\u0630\u0627\u0631\u06cc \u062c\u0627\u0646\u0628\u06cc DLL (Fscan\u060c Swor\u060c Neo-reGeorg\u060c ByPassGodzilla) \u0645\u06cc \u0634\u0648\u062f.\n\n\u0628\u0627 \u0627\u06cc\u0646 \u062d\u0627\u0644\u060c \u067e\u0648\u0633\u062a\u0647 \u0647\u0627\u06cc \u0648\u0628 \u0628\u0627 \u0628\u0647\u0631\u0647 \u0628\u0631\u062f\u0627\u0631\u06cc \u0627\u0632 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0647\u0627\u06cc \u0634\u0646\u0627\u062e\u062a\u0647 \u0634\u062f\u0647 \u062f\u0631 \u0628\u0631\u0646\u0627\u0645\u0647 \u0647\u0627\u06cc \u06a9\u0627\u0631\u0628\u0631\u062f\u06cc \u0648\u0628 \u062f\u0631 \u062f\u0633\u062a\u0631\u0633 \u0639\u0645\u0648\u0645 \u0645\u0627\u0646\u0646\u062f Adobe ColdFusion (CVE-2023-26360) \u0648 Microsoft Exchange Server (CVE-2021-34473\u060c CVE-2021-34523 \u0648 CVE-2021-31) \u0627\u0631\u0627\u0626\u0647 \u0645\u06cc \u0634\u0648\u0646\u062f.\n\n\u0628\u0647 \u0646\u0648\u0628\u0647 \u062e\u0648\u062f\u060c Crowdoor \u06a9\u0647 \u0628\u0631\u0627\u06cc \u0627\u0648\u0644\u06cc\u0646 \u0628\u0627\u0631 \u062f\u0631 \u0698\u0648\u0626\u0646 2023 \u06a9\u0634\u0641 \u0634\u062f\u060c \u0647\u0645\u0686\u0646\u06cc\u0646 \u0628\u0647 \u0639\u0646\u0648\u0627\u0646 \u06cc\u06a9 \u062f\u0627\u0646\u0644\u0648\u062f \u06a9\u0646\u0646\u062f\u0647 \u0628\u0631\u0627\u06cc \u0646\u0635\u0628 Cobalt Strike \u0648 \u062d\u0641\u0638 \u067e\u0627\u06cc\u062f\u0627\u0631\u06cc \u0631\u0648\u06cc \u0645\u06cc\u0632\u0628\u0627\u0646 \u0647\u0627\u06cc \u0622\u0644\u0648\u062f\u0647 \u0639\u0645\u0644 \u0645\u06cc \u06a9\u0646\u062f.\n\n\u0639\u0644\u0627\u0648\u0647 \u0628\u0631 \u0627\u06cc\u0646\u060c \u0639\u0645\u0644\u06a9\u0631\u062f Backdoor \u0631\u0627 \u0628\u0631\u0627\u06cc \u062c\u0645\u0639 \u0622\u0648\u0631\u06cc \u0627\u0637\u0644\u0627\u0639\u0627\u062a \u0645\u062d\u0631\u0645\u0627\u0646\u0647\u060c \u0631\u0627\u0647 \u0627\u0646\u062f\u0627\u0632\u06cc \u067e\u0648\u0633\u062a\u0647 \u0645\u0639\u06a9\u0648\u0633\u060c \u062f\u0627\u0646\u0644\u0648\u062f \u0641\u0627\u06cc\u0644 \u0647\u0627\u06cc \u0628\u062f\u0627\u0641\u0632\u0627\u0631 \u062f\u06cc\u06af\u0631 \u0648 \u062a\u06a9\u0645\u06cc\u0644 \u06a9\u0627\u0631 \u062e\u0648\u062f \u067e\u06cc\u0627\u062f\u0647 \u0633\u0627\u0632\u06cc \u0645\u06cc \u06a9\u0646\u062f.\n\n\u0628\u0627 \u062a\u0648\u062c\u0647 \u0628\u0647 \u0627\u06cc\u0646 \u062d\u0627\u062f\u062b\u0647\u060c \u0645\u062d\u0642\u0642\u0627\u0646 LC \u0645\u062a\u0648\u062c\u0647 \u0634\u062f\u0646\u062f \u06a9\u0647 \u0645\u0647\u0627\u062c\u0645\u0627\u0646 \u067e\u0633 \u0627\u0632 \u0627\u0637\u0644\u0627\u0639 \u0627\u0632 \u06a9\u0634\u0641 \u062f\u0631\u0647\u0627\u06cc \u067e\u0634\u062a\u06cc\u060c \u0633\u0639\u06cc \u06a9\u0631\u062f\u0646\u062f \u0646\u0645\u0648\u0646\u0647 \u0647\u0627\u06cc \u062c\u062f\u06cc\u062f\u062a\u0631\u06cc \u0631\u0627 \u062f\u0627\u0646\u0644\u0648\u062f \u06a9\u0646\u0646\u062f \u0648 \u062a\u0645\u0627\u0645 \u062a\u0644\u0627\u0634 \u062e\u0648\u062f \u0631\u0627 \u0628\u0631\u0627\u06cc \u062d\u0641\u0638 \u062f\u0633\u062a\u0631\u0633\u06cc \u0628\u0647 \u06a9\u0627\u0631 \u06af\u0631\u0641\u062a\u0646\u062f.\n\n\u0639\u0644\u0627\u0648\u0647 \u0628\u0631 \u0646\u0641\u0648\u0630 \u0647\u062f\u0641\u0645\u0646\u062f \u0645\u0634\u0627\u0647\u062f\u0647 \u0634\u062f\u0647 \u0628\u0647 \u06cc\u06a9 \u0645\u0631\u06a9\u0632 \u062f\u0648\u0644\u062a\u06cc \u062f\u0631 \u062e\u0627\u0648\u0631\u0645\u06cc\u0627\u0646\u0647\u060c \u0645\u062d\u0642\u0642\u0627\u0646 \u0645\u0634\u0627\u0647\u062f\u0647 \u06a9\u0631\u062f\u0646\u062f \u06a9\u0647 \u0632\u06cc\u0631 \u0645\u062c\u0645\u0648\u0639\u0647 \u0627\u06cc \u0627\u0632 \u0646\u0645\u0648\u0646\u0647 \u0647\u0627\u06cc \u0645\u0634\u0627\u0647\u062f\u0647 \u0634\u062f\u0647 \u0628\u0631\u0627\u06cc \u062d\u0645\u0644\u0647 \u0628\u0647 \u06cc\u06a9 \u0645\u0631\u06a9\u0632 \u062f\u0648\u0644\u062a\u06cc \u062f\u0631 \u0645\u0627\u0644\u0632\u06cc \u0645\u0648\u0631\u062f \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0642\u0631\u0627\u0631 \u06af\u0631\u0641\u062a.\n\n\u062a\u062c\u0632\u06cc\u0647 \u0648 \u062a\u062d\u0644\u06cc\u0644 \u0646\u0641\u0648\u0630 \u0647\u062f\u0641\u0645\u0646\u062f \u0646\u0634\u0627\u0646 \u062f\u0627\u062f \u06a9\u0647 \u06cc\u06a9 \u067e\u0644\u062a\u0641\u0631\u0645 \u0628\u0627 \u0646\u0634\u0631\u06cc\u0627\u062a \u062f\u0631 \u0645\u0648\u0631\u062f \u0645\u0633\u0627\u0626\u0644 \u062d\u0642\u0648\u0642 \u0628\u0634\u0631 \u062f\u0631 \u062e\u0627\u0648\u0631\u0645\u06cc\u0627\u0646\u0647 \u062a\u0646\u0647\u0627 \u0647\u062f\u0641 \u0628\u0648\u062f \u06a9\u0647 \u0646\u0634\u0627\u0646 \u062f\u0647\u0646\u062f\u0647 \u0639\u0644\u0627\u0642\u0647 \u0627\u0633\u062a\u0631\u0627\u062a\u0698\u06cc\u06a9 \u0648\u06cc\u0698\u0647 \u0628\u0627\u0632\u06cc\u06af\u0631 \u062f\u0631 \u0631\u0627\u0628\u0637\u0647 \u0628\u0627 \u062f\u0631\u06af\u06cc\u0631\u06cc \u0628\u06cc\u0646 \u0627\u0633\u0631\u0627\u0626\u06cc\u0644 \u0648 \u062d\u0645\u0627\u0633 \u0627\u0633\u062a.\n\n\u0634\u0627\u062e\u0635 \u0647\u0627\u06cc \u0645\u0635\u0627\u0644\u062d\u0647 \u0648 \u062a\u062d\u0644\u06cc\u0644 \u0641\u0646\u06cc \u062f\u0642\u06cc\u0642 \u062f\u0631 \u0627\u06cc\u0646 \u06af\u0632\u0627\u0631\u0634 \u0622\u0645\u062f\u0647 \u0627\u0633\u062a.\n\nhttps://securelist.com/new-tropic-trooper-web-shell-infection/113737/\n\n\ud83d\udc6e\u200d\u2640\ufe0f\ud83d\udc6e\u200d\u2640\ufe0f \u0628\u0627\u0632\u0646\u0634\u0631 \u0645\u0637\u0627\u0644\u0628 \u0627\u06cc\u0646 \u06a9\u0627\u0646\u0627\u0644 \u0635\u0631\u0641\u0627 \u0628\u0627 \u0630\u06a9\u0631 \u0645\u0646\u0628\u0639 \u0648 \u0622\u062f\u0631\u0633 \u06a9\u0627\u0645\u0644 \u06a9\u0627\u0646\u0627\u0644 \u0645\u062c\u0627\u0632 \u0645\u06cc\u0628\u0627\u0634\u062f.\n\n\ud83e\udd81\u00ab\u06a9\u062a\u0627\u0633\u00bb\n\u200fhttp://t.me/ict_security", "creation_timestamp": "2024-09-08T21:55:02.000000Z"}, {"uuid": "c566476e-bd3b-449b-8422-3e13d361bc70", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "https://t.me/arpsyndicate/1968", "content": "#ExploitObserverAlert\n\nCVE-2021-34527\n\nDESCRIPTION: Exploit Observer has 198 entries related to CVE-2021-34527. Windows Print Spooler Remote Code Execution Vulnerability\n\nFIRST-EPSS: 0.968610000\nNVD-IS: 5.9\nNVD-ES: 2.8", "creation_timestamp": "2023-12-18T10:56:40.000000Z"}, {"uuid": "f4d231ff-bccf-44ea-bd22-17120d10726a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "https://t.me/arpsyndicate/1004", "content": "#ExploitObserverAlert\n\nCVE-2021-34527\n\nDESCRIPTION: Exploit Observer has 198 entries related to CVE-2021-34527. Windows Print Spooler Remote Code Execution Vulnerability\n\nFIRST-EPSS: 0.967920000\nNVD-IS: 5.9\nNVD-ES: 2.8", "creation_timestamp": "2023-12-03T18:54:19.000000Z"}, {"uuid": "66199298-b9dd-4691-9b55-ee46b87f16ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "https://t.me/arpsyndicate/53", "content": "#ExploitObserverAlert\n\nCVE-2021-34527\n\nDESCRIPTION: Exploit Observer has 193 entries related to CVE-2021-34527. Windows Print Spooler Remote Code Execution Vulnerability\n\nFIRST-EPSS: 0.967920000\nNVD-IS: 5.9\nNVD-ES: 2.8", "creation_timestamp": "2023-11-10T20:59:27.000000Z"}, {"uuid": "9494d3bc-335a-4220-ab6d-a7e473b1f183", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34527", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/8134", "content": "Tools - Hackers Factory\n\nGitHub - edoardottt/csprecon: Discover new target domains using Content Security Policy\n\nhttps://github.com/edoardottt/csprecon\n\nOSED Material (Offensive Security Exploit Developer) \n\nhttps://github.com/epi052/osed-scripts\n\nhttps://github.com/nop-tech/OSED\n\nExploitation-course OSED\n\nhttps://github.com/ashemery/exploitation-course\n\nGitHub - classvsoftware/spy-extension: A Chrome extension that will steal literally everything it can.\n\nhttps://github.com/classvsoftware/spy-extension\n\nA signal handler race condition in OpenSSH's server (sshd)\n\nhttps://github.com/zgzhang/cve-2024-6387-poc\n\nGitHub - blackhillsinfosec/skyhook: A round-trip obfuscated HTTP file transfer setup built to bypass IDS detections.\n\nhttps://github.com/blackhillsinfosec/skyhook\n\nRed-Team-Management/Red Team Courses\n\nhttps://github.com/CyberSecurityUP/Red-Team-Management/blob/main/Red%20Team%20Courses.md\n\nA CVE-2021-34527 (a.k.a PrintNightmare) Python Scanner\n\nhttps://github.com/byt3bl33d3r/ItWasAllADream\n\nDOME: A subdomain enumeration tool\n\nDownload: github.com/v4d1/Dome\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-07-03T09:29:11.000000Z"}, {"uuid": "ccc1f694-02f3-4071-994e-d038128ea61c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34527", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3373", "content": "Tools - Hackers Factory\n\nGitHub - edoardottt/csprecon: Discover new target domains using Content Security Policy\n\nhttps://github.com/edoardottt/csprecon\n\nOSED Material (Offensive Security Exploit Developer) \n\nhttps://github.com/epi052/osed-scripts\n\nhttps://github.com/nop-tech/OSED\n\nExploitation-course OSED\n\nhttps://github.com/ashemery/exploitation-course\n\nGitHub - classvsoftware/spy-extension: A Chrome extension that will steal literally everything it can.\n\nhttps://github.com/classvsoftware/spy-extension\n\nA signal handler race condition in OpenSSH's server (sshd)\n\nhttps://github.com/zgzhang/cve-2024-6387-poc\n\nGitHub - blackhillsinfosec/skyhook: A round-trip obfuscated HTTP file transfer setup built to bypass IDS detections.\n\nhttps://github.com/blackhillsinfosec/skyhook\n\nRed-Team-Management/Red Team Courses\n\nhttps://github.com/CyberSecurityUP/Red-Team-Management/blob/main/Red%20Team%20Courses.md\n\nA CVE-2021-34527 (a.k.a PrintNightmare) Python Scanner\n\nhttps://github.com/byt3bl33d3r/ItWasAllADream\n\nDOME: A subdomain enumeration tool\n\nDownload: github.com/v4d1/Dome\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-07-03T09:46:36.000000Z"}, {"uuid": "72579b1b-8d98-4d85-9c76-357fd8319af1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "Telegram/OyEnlKyppd2Ylh8X3oW0sPtwBmUxvPHi0K9qUZZP0i_K", "content": "", "creation_timestamp": "2021-07-10T23:31:01.000000Z"}, {"uuid": "84172659-4bdf-432d-8666-a64c695e9375", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34527", "type": "exploited", "source": "Telegram/4V4q-6XkdjSEtZrfEKw8LiqCJ-z8N84ZsfQMHSWoVrFKsw", "content": "", "creation_timestamp": "2022-08-27T09:27:09.000000Z"}, {"uuid": "709f2330-ac9e-4f9d-b94d-ce9db2821f64", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34527", "type": "exploited", "source": "https://t.me/CyberSecurityIL/4224", "content": "\u05de\u05d9\u05d9\u05e7\u05e8\u05d5\u05e1\u05d5\u05e4\u05d8 \u05de\u05e9\u05d7\u05e8\u05e8\u05ea \u05e2\u05d3\u05db\u05d5\u05df \u05dc\u05e4\u05d2\u05d9\u05e2\u05d5\u05ea PrintNightmare \u05d0\u05da \u05d4\u05e2\u05d3\u05db\u05d5\u05df \u05e9\u05e4\u05d5\u05e8\u05e1\u05dd \u05dc\u05d0 \u05e1\u05d5\u05d2\u05e8 \u05d0\u05ea \u05d4\u05e4\u05d2\u05d9\u05e2\u05d5\u05ea.\n\n\u05dc\u05e4\u05e0\u05d9 \u05de\u05e1\u05e4\u05e8 \u05d9\u05de\u05d9\u05dd \u05e4\u05d5\u05e8\u05e1\u05dd \u05db\u05d9 \u05e7\u05d9\u05d9\u05de\u05ea \u05e4\u05d2\u05d9\u05e2\u05d5\u05ea \u05d1\u05e9\u05d9\u05e8\u05d5\u05ea \u05d4-Print Spooler \u05d4\u05e7\u05d9\u05d9\u05dd \u05d1\u05de\u05e2\u05e8\u05db\u05ea \u05d4\u05d4\u05e4\u05e2\u05dc\u05d4 \u05e9\u05dc \u05de\u05d9\u05d9\u05e7\u05e8\u05d5\u05e1\u05d5\u05e4\u05d8 (CVE-2021-34527)\n\u05d4\u05e4\u05d2\u05d9\u05e2\u05d5\u05ea \u05de\u05d0\u05e4\u05e9\u05e8\u05ea \u05dc\u05d4\u05d0\u05e7\u05e8\u05d9\u05dd \u05dc\u05d4\u05e8\u05d9\u05e5 \u05e7\u05d5\u05d3 \u05de\u05e8\u05d7\u05d5\u05e7 \u05e2\u05dc \u05d4\u05ea\u05d7\u05e0\u05d5\u05ea \u05d5\u05dc\u05d4\u05e9\u05d9\u05d2 \u05d4\u05e8\u05e9\u05d0\u05d5\u05ea \u05e9\u05dc \u05de\u05e9\u05ea\u05de\u05e9 \u05d7\u05d6\u05e7 \u05d1\u05ea\u05d7\u05e0\u05d4.\n\n\u05de\u05d9\u05d9\u05e7\u05e8\u05d5\u05e1\u05d5\u05e4\u05d8 \u05d4\u05d5\u05e6\u05d9\u05d0\u05d4 \u05d0\u05ea\u05de\u05d5\u05dc \u05e2\u05d3\u05db\u05d5\u05df \u05de\u05e2\u05e8\u05db\u05ea \u05e9\u05e0\u05d5\u05e2\u05d3 \u05dc\u05d8\u05e4\u05dc \u05d1\u05e4\u05d2\u05d9\u05e2\u05d5\u05ea \u05d0\u05da \u05d7\u05d5\u05e7\u05e8\u05d9 \u05d0\u05d1\u05d8\"\u05de \u05de\u05d3\u05d5\u05d5\u05d7\u05d9\u05dd \u05db\u05d9 \u05d2\u05dd \u05dc\u05d0\u05d7\u05e8 \u05d4\u05ea\u05e7\u05e0\u05ea \u05d4\u05e2\u05d3\u05db\u05d5\u05df \u05d4\u05e4\u05d2\u05d9\u05e2\u05d5\u05ea \u05e2\u05d3\u05d9\u05d9\u05df \u05e7\u05d9\u05d9\u05de\u05ea.\n\nhttps://t.me/CyberSecurityIL/1153\n\nhttps://www.bleepingcomputer.com/news/security/microsoft-printnightmare-now-patched-on-all-windows-versions/", "creation_timestamp": "2021-07-08T09:22:42.000000Z"}, {"uuid": "9d8c2fb7-dff4-45c3-9567-06dd5cee4bf9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34523", "type": "published-proof-of-concept", "source": "https://t.me/hack77z99/9372", "content": "\u0645\u062c\u0645\u0648\u0639\u0629 \u0628\u0631\u0627\u0645\u062c \u0627\u0644\u0641\u062f\u064a\u0629 BlackByte \u062a\u0642\u0648\u0645 \u0628\u0625\u0633\u062a\u063a\u0644\u0627\u0644 \u062b\u063a\u0631\u0627\u062a ProxyShell \u0641\u064a \u062e\u0627\u062f\u0645 Microsoft Exchange \u0644\u0644\u0648\u0635\u0648\u0644 \u0644\u0634\u0628\u0643\u0627\u062a \u0627\u0644\u0634\u0631\u0643\u0627\u062a\n_ \u0641\u064a \u062a\u0642\u0631\u064a\u0631 \u0645\u0641\u0635\u0644 \u0639\u0646 Red Canary \u062d\u0644\u0644 \u0627\u0644\u0628\u0627\u062d\u062b\u0648\u0646 \u0647\u062c\u0648\u0645 BlackByte Ransomware \u0648\u0625\u0633\u062a\u063a\u0644\u0627\u0644\u0647\u0627 \u0644\u062b\u063a\u0631\u0629 ProxyShell \u0644\u062a\u062b\u0628\u064a\u062a web shells \u0639\u0644\u0649 \u062e\u0627\u062f\u0645 Exchange \u0645\u064f\u062e\u062a\u0631\u0642\n\nRed Canary\nhttps://redcanary.com/blog/blackbyte-ransomware\n\nBleeping Computer\nhttps://www.bleepingcomputer.com/news/security/microsoft-exchange-servers-hacked-to-deploy-blackbyte-ransomware\n\n#ProxyShell #exploit #CVE-2021-31207 dCVE-2021-34523 #CVE-2021-34473\nProxyShell #poc\nhttps://github.com/dmaasland/proxyshell-poc\n\nProxyShell poc Exploit : Exchange Server RCE (ACL Bypass + EoP + Arbitrary File Write)\nhttps://github.com/ktecv2000/ProxyShell\n\n#poc for scanning ProxyShell\nhttps://github.com/mithridates1313/ProxyShell_POC\n\nAutomatic ProxyShell #Exploit\nhttps://github.com/Udyz/proxyshell-auto", "creation_timestamp": "2021-12-03T15:02:58.000000Z"}, {"uuid": "53347385-65d5-4c60-903e-85e0de8921a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34527", "type": "exploited", "source": "https://t.me/crackcodes/1093", "content": "Updates On Hackbyte Forum:-\n\n1. PrintNightmare (CVE-2021-34527)\n2. START.ru Leak\n3. SEC Sonora Mexico DataBase Leak\n4. mpa.zj.gov.cn Food and Drug Administration Computers files\n5. Moriarty-Project: This tool gives information about the phone number that you entered\n6. Discord-QR-Token-Logger: Utilises Discord QR Login Feature To Create a Token Logger Scannable QR code\n7. Elevator - Allows to bypass the UAC and spawn an elevated process with full administrator privileges.\n8. Linksys E1200 buffer overflow vulnerability\n9. GrabAccess - A tool for bypassing Windows login passwords and Bitlocker.\n10. FiberHome VDSL2 Modem HG150-Ub_V3.0 (PTCL) \u2013 Admin Credentials are submitted in the URL\n11. Gel4y Mini Shell Backdoor\n12. Wpushell\n13. r77 Rootkit\n14. autodeauth - A tool built to automatically deauth local networks\n\n\ud83d\udc49\ud83c\udffb\ud83d\udc49\ud83c\udffbAll Updates On :- https://bit.ly/3yRyah3 \ud83d\udc48\ud83c\udffb\ud83d\udc48\ud83c\udffb", "creation_timestamp": "2022-09-02T17:32:22.000000Z"}, {"uuid": "67f9989b-7b30-40ce-820b-077219e7dde3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34523", "type": "exploited", "source": "https://t.me/true_secator/3223", "content": "\u0423 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0445 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u043e\u0432 \u043e\u0441\u0442\u0430\u0435\u0442\u0441\u044f \u0435\u0449\u0435 \u043c\u0435\u043d\u044c\u0448\u0435 \u0432\u0440\u0435\u043c\u0435\u043d\u0438 \u043d\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0447\u0435\u043c \u0441\u0447\u0438\u0442\u0430\u043b\u043e\u0441\u044c \u0440\u0430\u043d\u0435\u0435.\n\n\u041d\u043e\u0432\u044b\u0439\u00a0\u043e\u0442\u0447\u0435\u0442 \u0437\u0430 2022 \u0433\u043e\u0434 Palo Alto Unit 42 \u043f\u043e\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442, \u0447\u0442\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0441\u043a\u0430\u043d\u0438\u0440\u0443\u044e\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u0445\u043e\u0441\u0442\u044b \u0432 \u0442\u0435\u0447\u0435\u043d\u0438\u0435 15 \u043c\u0438\u043d\u0443\u0442 \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a \u043d\u043e\u0432\u044b\u0439 CVE \u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u0441\u044f \u043e\u0431\u0449\u0435\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u043c.\n\nPalo Alto Unit 42 \u0437\u0430\u043c\u0435\u0442\u0438\u043b\u0438, \u0447\u0442\u043e \u0445\u0430\u043a\u0435\u0440\u044b \u043f\u043e\u0441\u0442\u043e\u044f\u043d\u043d\u043e \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u044e\u0442 \u043e\u0431\u044a\u044f\u0432\u043b\u0435\u043d\u0438\u044f \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u043e\u0432 \u041f\u041e \u043d\u0430 \u043f\u0440\u0435\u0434\u043c\u0435\u0442 \u043d\u043e\u0432\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u0439 \u0441\u0435\u0442\u0438 \u0438\u043b\u0438 \u0434\u043b\u044f RCE. \n\n\u041e\u0434\u043d\u0430\u043a\u043e \u0441\u043a\u043e\u0440\u043e\u0441\u0442\u044c, \u0441 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043d\u0430\u0447\u0438\u043d\u0430\u044e\u0442 \u043f\u043e\u0438\u0441\u043a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0438 \u043f\u0440\u0435\u0434\u043f\u0440\u0438\u043d\u0438\u043c\u0430\u0442\u044c \u043f\u043e\u043f\u044b\u0442\u043a\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0432\u044b\u0440\u043e\u0441\u043b\u0430.\n\n\u041f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u043d\u0435 \u0442\u0440\u0435\u0431\u0443\u0435\u0442 \u043e\u0441\u043e\u0431\u044b\u0445 \u0443\u0441\u0438\u043b\u0438\u0439 \u043d\u0438\u0437\u043a\u043e\u043a\u0432\u0430\u043b\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0432\u0435\u0434\u0443\u0442 \u043c\u043e\u043c\u0435\u043d\u0442\u0430\u043b\u044c\u043d\u044b\u0439 \u043f\u043e\u0438\u0441\u043a \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u043a\u043e\u043d\u0435\u0447\u043d\u044b\u0445 \u0442\u043e\u0447\u0435\u043a \u0438 \u043f\u0435\u0440\u0435\u043f\u0440\u043e\u0434\u0430\u044e\u0442 \u0432 \u0442\u0435\u0447\u0435\u043d\u0438\u0435 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u0445 \u0447\u0430\u0441\u043e\u0432 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u044b \u0441\u0432\u043e\u0435\u0439 \u0440\u0430\u0431\u043e\u0442\u044b \u0432 \u0434\u0430\u0440\u043a\u043d\u0435\u0442\u0435 \u0431\u043e\u043b\u0435\u0435 \u043e\u043f\u044b\u0442\u043d\u044b\u043c \u0445\u0430\u043a\u0435\u0440\u0430\u043c, \u0441\u043f\u043e\u0441\u043e\u0431\u043d\u044b\u043c \u0438\u0445 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c.\n\n\u0422\u0430\u043a, \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2022-1388 \u0432 F5 BIG-IP \u0431\u044b\u043b\u0430 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0430 4 \u043c\u0430\u044f 2022 \u0433\u043e\u0434\u0430, \u0438, \u043f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Unit 42, \u0441\u043f\u0443\u0441\u0442\u044f \u0434\u0435\u0441\u044f\u0442\u044c \u0447\u0430\u0441\u043e\u0432 \u0441 \u043c\u043e\u043c\u0435\u043d\u0442\u0430 \u043e\u0431\u044a\u044f\u0432\u043b\u0435\u043d\u0438\u044f, \u0431\u044b\u043b\u043e \u0437\u0430\u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043d\u043e 2552 \u043f\u043e\u043f\u044b\u0442\u043a\u0438 \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438.\n\n\u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u0430\u043d\u0430\u043b\u0438\u0442\u0438\u043a\u0435 Palo Alto, \u0441\u0440\u0435\u0434\u0438 \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0434\u043b\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0441\u0435\u0442\u0438 \u0432 \u043f\u0435\u0440\u0432\u043e\u043c \u043f\u043e\u043b\u0443\u0433\u043e\u0434\u0438\u0438 2022\u00a0\u0433\u043e\u0434\u0430 \u0440\u0435\u0441\u0435\u0440\u0447\u0435\u0440\u044b \u0432\u044b\u0434\u0435\u043b\u0438\u043b\u0438 \u0446\u0435\u043f\u043e\u0447\u043a\u0443 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432 ProxyShell (CVE-2021-34473, CVE-2021-34523 \u0438 CVE-2021-31207), \u043d\u0430 \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u043f\u0440\u0438\u0445\u043e\u0434\u0438\u0442\u0441\u044f \u0434\u043e 55% \u043e\u0442 \u043e\u0431\u0449\u0435\u0433\u043e \u0447\u0438\u0441\u043b\u0430 \u0437\u0430\u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u043e\u0432.\u00a0\n\n\u041d\u0430 \u0432\u0442\u043e\u0440\u043e\u043c \u043c\u0435\u0441\u0442\u0435 \u0437\u0430\u043a\u0440\u0435\u043f\u0438\u043b\u0441\u044f Log4Shell \u0441 14%, \u0434\u0430\u043b\u0435\u0435 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0435 CVE SonicWall \u2014 7%, ProxyLogon \u2014 5%, \u0430 RCE \u0432\u00a0Zoho ManageEngine ADSelfService Plus \u0431\u044b\u043b \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d \u0432 3% \u0441\u043b\u0443\u0447\u0430\u0435\u0432.\n\n\u041a\u0430\u043a \u0432\u0438\u0434\u043d\u043e \u0438\u0437 \u044d\u0442\u043e\u0439 \u0441\u0442\u0430\u0442\u0438\u0441\u0442\u0438\u043a\u0438, \u043b\u044c\u0432\u0438\u043d\u0430\u044f \u0434\u043e\u043b\u044f \u0432 \u043e\u0431\u044a\u0435\u043c\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043f\u0440\u0438\u0445\u043e\u0434\u0438\u0442\u0441\u044f \u043d\u0435 \u0441\u0430\u043c\u044b\u0435 \u0441\u0432\u0435\u0436\u0438\u0435, \u0430 \u0443\u0436\u0435 \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0435 CVE, \u0447\u0442\u043e \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u0440\u0430\u0437\u043c\u0435\u0440\u043e\u043c \u043f\u043e\u0432\u0435\u0440\u0445\u043d\u043e\u0441\u0442\u0438 \u0430\u0442\u0430\u043a\u0438, \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0438 \u043f\u0440\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438.\n\n\u041d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0438 \u0437\u0430\u0449\u0438\u0449\u0435\u043d\u043d\u044b\u0435 \u0436\u0435\u0440\u0442\u0432\u044b \u0430\u0442\u0430\u043a\u0443\u044e\u0442\u0441\u044f \u0447\u0430\u0449\u0435 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c 0-day \u0438\u043b\u0438 \u0441\u0432\u0435\u0436\u0435\u043e\u0431\u044a\u044f\u0432\u043b\u044f\u0435\u043c\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Unit 42, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u041f\u041e \u0434\u043b\u044f \u043f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e\u0439 \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438 \u0441\u0435\u0442\u0438 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u043f\u0440\u0438\u043c\u0435\u0440\u043d\u043e \u043e\u0434\u043d\u0443 \u0442\u0440\u0435\u0442\u044c \u0441\u0442\u0430\u0442\u0438\u0441\u0442\u0438\u043a\u0438 \u0432\u0441\u0435\u0445 \u043d\u0430\u0440\u0443\u0448\u0435\u043d\u0438\u0439.\n\n\u0412 37% \u0441\u043b\u0443\u0447\u0430\u0435\u0432 \u0444\u0438\u0448\u0438\u043d\u0433 \u0431\u044b\u043b \u043f\u0440\u0435\u0434\u043f\u043e\u0447\u0442\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u043c \u0441\u043f\u043e\u0441\u043e\u0431\u043e\u043c \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430.\u00a0\u0412 15% \u0441\u043b\u0443\u0447\u0430\u0435\u0432 \u0445\u0430\u043a\u0435\u0440\u044b \u043f\u0440\u043e\u043d\u0438\u043a\u0430\u043b\u0438 \u0432 \u0441\u0435\u0442\u0438 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043f\u0435\u0440\u0435\u0431\u043e\u0440\u0430 \u0438\u043b\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445.\n\n\u0421\u043e\u0446\u0438\u0430\u043b\u044c\u043d\u0430\u044f \u0438\u043d\u0436\u0435\u043d\u0435\u0440\u0438\u044f \u0438\u043b\u0438 \u043f\u043e\u0434\u043a\u0443\u043f \u0438\u043d\u0441\u0430\u0439\u0434\u0435\u0440\u0430 \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0441\u0435\u0442\u0438 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u0435\u0442 10% \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u043e\u0432.\n\n\u0412\u044b\u0432\u043e\u0434\u044b \u0434\u0435\u043b\u0430\u0439\u0442\u0435 \u0441\u0430\u043c\u0438: \u0441\u0442\u0430\u0442\u0438\u0441\u0442\u0438\u043a\u0430 \u0432\u0435\u0441\u044c\u043c\u0430 \u043f\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044c\u043d\u0430.", "creation_timestamp": "2022-07-27T13:35:05.000000Z"}, {"uuid": "7ec0cf6c-3c28-45d0-a4e9-ee5d51898773", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34527", "type": "exploited", "source": "https://t.me/true_secator/2001", "content": "\u0412 \u0442\u043e \u0432\u0440\u0435\u043c\u044f \u043f\u043e\u043a\u0430 \u0432\u0435\u0441\u044c \u0438\u043d\u0444\u043e\u0441\u0435\u043a \u043f\u043e \u043e\u0447\u0435\u0440\u0435\u0434\u043d\u043e \u0441 Microsoft \u0432\u044b\u043f\u0438\u043b\u0438\u0432\u0430\u0435\u0442 \u0432\u0441\u0435 \u043d\u043e\u0432\u044b\u0435 \u0438 \u043d\u043e\u0432\u044b\u0435 \u0434\u044b\u0440\u044b PrintNightmare (\u0433\u0440\u0443\u043f\u043f\u0430 \u043e\u0448\u0438\u0431\u043e\u043a CVE-2021-1675 , CVE-2021-34527 \u0438 CVE-2021-36958), \u0445\u0430\u043a\u0435\u0440\u0441\u043a\u0430\u044f \u0438\u043d\u0434\u0443\u0441\u0442\u0440\u0438\u044f \u0443\u0441\u043f\u0435\u0448\u043d\u043e \u043f\u0435\u0440\u0435\u043d\u0438\u043c\u0430\u0435\u0442 \u043f\u0435\u0440\u0435\u0434\u043e\u0432\u043e\u0439 \u043e\u043f\u044b\u0442 \u043a\u043e\u043b\u043b\u0435\u0433, \u0434\u043e\u0431\u0430\u0432\u043b\u044f\u044f \u0432 \u0441\u0432\u043e\u0439 \u0430\u0440\u0441\u0435\u043d\u0430\u043b \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b \u0434\u043b\u044f \u0432\u0437\u043b\u043e\u043c\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 Windows.\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u044d\u0442\u0438 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043f\u0440\u0438 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u043c \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 (LPE) \u0434\u043b\u044f \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u043e\u0432 \u0434\u043e\u043c\u0435\u043d\u0430 Windows \u0447\u0435\u0440\u0435\u0437 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430 (RCE) \u0441 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438 SYSTEM.\n\n\u041d\u0430 \u0434\u043d\u044f\u0445 Crowdstrike \u0443\u043b\u0438\u0447\u0438\u043b\u0438 \u0432 \u044d\u0442\u043e\u043c \u0431\u0430\u043d\u0434\u0443 \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0435\u0439 Magniber, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0442\u0435\u043f\u0435\u0440\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b PrintNightmare \u0434\u043b\u044f \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044f \u043f\u043e\u043b\u0435\u0437\u043d\u044b\u0445 \u043d\u0430\u0433\u0440\u0443\u0437\u043e\u043a \u0432 \u0445\u043e\u0434\u0435 \u0430\u0442\u0430\u043a \u043d\u0430 \u044e\u0436\u043d\u043e\u043a\u043e\u0440\u0435\u0439\u0441\u043a\u0438\u0445 \u0436\u0435\u0440\u0442\u0432. \u0423\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u043e, \u0447\u0442\u043e \u043f\u043e\u0441\u043b\u0435 \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432, \u043d\u0430 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043d\u0435 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435, Magniber \u0443\u0434\u0430\u043b\u044f\u0435\u0442 \u0437\u0430\u043f\u0443\u0442\u0430\u043d\u043d\u044b\u0439 \u0437\u0430\u0433\u0440\u0443\u0437\u0447\u0438\u043a DLL, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0441\u043d\u0430\u0447\u0430\u043b\u0430 \u0432\u0432\u043e\u0434\u0438\u0442\u0441\u044f \u0432 \u043f\u0440\u043e\u0446\u0435\u0441\u0441, \u0430 \u0437\u0430\u0442\u0435\u043c \u0440\u0430\u0441\u043f\u0430\u043a\u043e\u0432\u044b\u0432\u0430\u0435\u0442\u0441\u044f \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043e\u0431\u0445\u043e\u0434\u0430 \u0444\u0430\u0439\u043b\u043e\u0432 \u0438 \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0444\u0430\u0439\u043b\u043e\u0432 \u043d\u0430 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435.\n\nMagniber \u0430\u043a\u0442\u0438\u0432\u043d\u0430 \u0441 \u043e\u043a\u0442\u044f\u0431\u0440\u044f 2017 \u0433\u043e\u0434\u0430, \u043f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u044f\u043b\u0430\u0441\u044c \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0439 \u0440\u0435\u043a\u043b\u0430\u043c\u044b \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u043a\u043e\u043c\u043f\u043b\u0435\u043a\u0442\u0430 Magnitude Exploit Kit (EK) \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u043f\u0440\u0435\u0435\u043c\u043d\u0438\u043a\u0430 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u044b-\u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u044f Cerber, \u0441\u0435\u0439\u0447\u0430\u0441 \u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0447\u0435\u0440\u0435\u0437 Magnitude EK \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u043f\u043e\u0434 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c Internet Explorer \u0441 \u043d\u0435\u043f\u0440\u043e\u043f\u0430\u0442\u0447\u0435\u043d\u043d\u043e\u0439 CVE-2020-0968. \u0413\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0430 \u0441\u043e\u0441\u0440\u0435\u0434\u043e\u0442\u043e\u0447\u0435\u043d\u0430 \u043d\u0430 \u042e\u0436\u043d\u0443\u044e \u041a\u043e\u0440\u0435\u044e, \u041a\u0438\u0442\u0430\u0439, \u0422\u0430\u0439\u0432\u0430\u043d\u044c, \u0413\u043e\u043d\u043a\u043e\u043d\u0433, \u0421\u0438\u043d\u0433\u0430\u043f\u0443\u0440, \u041c\u0430\u043b\u0430\u0439\u0437\u0438\u044e \u0438 \u0434\u0440\u0443\u0433\u0438\u0435. \u0418 \u0432 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0435 30 \u0434\u043d\u0435\u0439 \u0441\u0442\u0430\u043b\u0430 \u043e\u0441\u043e\u0431\u0435\u043d\u043d\u043e \u0430\u043a\u0442\u0438\u0432\u043d\u0430, \u0442\u0435\u043f\u0435\u0440\u044c \u043f\u043e\u043d\u044f\u0442\u043d\u043e \u043f\u043e\u0447\u0435\u043c\u0443.\n\n\u041a \u0430\u0442\u0430\u043a\u0430\u043c PrintNightmare \u043f\u0440\u0438\u0441\u043e\u0441\u0435\u0434\u0438\u043b\u0438\u0441\u044c \u0438 ransomware Vice Society (\u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0435 \u0441 HelloKitty), \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u0431\u043e\u043a\u043e\u0432\u043e\u0433\u043e \u043f\u0435\u0440\u0435\u043c\u0435\u0449\u0435\u043d\u0438\u044f \u043f\u043e \u0441\u0435\u0442\u044f\u043c \u0441\u0432\u043e\u0438\u0445 \u0436\u0435\u0440\u0442\u0432. \u0410\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u044c \u0431\u0430\u043d\u0434\u044b \u043f\u043e\u043f\u0430\u043b\u0430 \u043f\u043e\u0434 \u043f\u0440\u0438\u0446\u0435\u043b Cisco Talos, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0443\u0432\u0438\u0434\u0435\u043b\u0438, \u043a\u0430\u043a Vice Society \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u044e\u0442 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u0443\u044e \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0443 \u0434\u0438\u043d\u0430\u043c\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u043a\u043e\u043c\u043f\u043e\u043d\u043e\u0432\u043a\u0438 (DLL) \u0434\u043b\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u0434\u0432\u0443\u0445 \u043e\u0448\u0438\u0431\u043e\u043a CVE-2021-1675 \u0438 CVE-2021-34527.\n\n\u041a\u0430\u043a \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e, Vice Society \u0448\u0438\u0444\u0440\u0443\u0435\u0442 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Windows \u0438 Linux \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e OpenSSL (AES256 + secp256k1 + ECDSA) \u0438 \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u0430 \u043d\u0430 \u043c\u0430\u043b\u0435\u043d\u044c\u043a\u0438\u0445 \u0438\u043b\u0438 \u0441\u0440\u0435\u0434\u043d\u0438\u0445 \u0436\u0435\u0440\u0442\u0432, \u043f\u0440\u0430\u043a\u0442\u0438\u043a\u0443\u0435\u0442 \u0434\u0432\u043e\u0439\u043d\u043e\u0435 \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u043e, \u043f\u0440\u0438 \u044d\u0442\u043e\u043c \u043e\u0441\u043e\u0431\u043e\u0435 \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u0435 \u0443\u0434\u0435\u043b\u044f\u0435\u0442\u0441\u044f \u043e\u0431\u0440\u0430\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u043d\u044b\u043c \u0443\u0447\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u044f\u043c. TTP \u0432\u043a\u043b\u044e\u0447\u0430\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u0438\u0435 \u0440\u0435\u0437\u0435\u0440\u0432\u043d\u044b\u0445 \u043a\u043e\u043f\u0438\u0439 \u0434\u043b\u044f \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0449\u0435\u043d\u0438\u044f \u0432\u043e\u0441\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0437\u0430\u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u0436\u0435\u0440\u0442\u0432\u0430\u043c\u0438 \u0438 \u043e\u0431\u0445\u043e\u0434 \u0441\u0440\u0435\u0434\u0441\u0442\u0432 \u0437\u0430\u0449\u0438\u0442\u044b Windows \u0434\u043b\u044f \u043a\u0440\u0430\u0436\u0438 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u0438 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u043a \u043d\u043e\u0432\u0438\u0447\u043a\u0430\u043c \u043b\u0435\u043d\u0442\u044b \u0441\u043e\u0432\u0441\u0435\u043c \u043d\u0435\u0434\u0430\u0432\u043d\u043e \u0442\u0430\u043a\u0436\u0435 \u043f\u0440\u0438\u0441\u043e\u0435\u0434\u0438\u043d\u0438\u043b\u0438\u0441\u044c \u0438 Conti, \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u0443\u044f \u0441\u0435\u0440\u0432\u0435\u0440\u0430 Windows \u043f\u043e\u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e\u043c \u0438\u0437\u043b\u044e\u0431\u043b\u0435\u043d\u043d\u043e\u0439  PrintNightmare.\n\n\u0414\u0430 \u0438 \u0432\u043e\u043e\u0431\u0449\u0435 \u044d\u0442\u043e\u0442 \u0441\u043f\u0438\u0441\u043e\u043a \u0431\u0443\u0434\u0435\u0442 \u0440\u0430\u0441\u0442\u0438 \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u0431\u044b\u0441\u0442\u0440\u043e, \u0440\u0430\u0432\u043d\u043e \u043a\u0430\u043a \u0438 \u0441\u043f\u0438\u0441\u043e\u043a \u0438\u0445 \u0436\u0435\u0440\u0442\u0432. \u0422\u0435\u043d\u0434\u0435\u043d\u0446\u0438\u044f, \u043a\u0430\u043a \u0433\u043e\u0432\u043e\u0440\u0438\u0442\u0441\u044f, \u043d\u0430 \u043b\u0438\u0446\u043e.", "creation_timestamp": "2021-08-13T16:07:13.000000Z"}, {"uuid": "8df6f7fd-ac69-4063-9b13-8766b0e78107", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34523", "type": "seen", "source": "https://t.me/true_secator/1917", "content": "\u200b\u200b\u041e\u0442\u043b\u0438\u0447\u0438\u043b\u0441\u044f \u043d\u0435 \u0442\u043e\u043b\u044c\u043a\u043e SAP, \u043e\u0442\u043c\u0435\u0442\u0438\u043b\u0441\u044f \u0438 Microsoft \u0441\u0432\u043e\u0438\u043c \u044d\u043f\u0438\u0447\u0435\u0441\u043a\u0438\u043c \u043f\u0430\u0442\u0447\u0435\u043c, \u0432\u043a\u043b\u044e\u0447\u0430\u044e\u0449\u0438\u043c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0432 \u043e\u0431\u0449\u0435\u0439 \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u0438 117 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0432\u043a\u043b\u044e\u0447\u0430\u044f 9 \u043e\u0448\u0438\u0431\u043e\u043a \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0442\u0441\u044f \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435.\n\n\u0412 \u043e\u0431\u0449\u0435\u043c \u0440\u0430\u0441\u043a\u043b\u0430\u0434 \u0442\u0430\u043a\u043e\u0439: 13 \u0438\u043c\u0435\u044e\u0442 \u0440\u0435\u0439\u0442\u0438\u043d\u0433 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445, 103 - \u0432\u0430\u0436\u043d\u044b\u0445, \u0430 1 - \u0441\u0440\u0435\u0434\u043d\u0435\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438.\n\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u043e\u0445\u0432\u0430\u0442\u044b\u0432\u0430\u044e\u0442 Windows, Bing, Dynamics, Exchange Server, Office, Scripting Engine, Windows DNS \u0438 Visual Studio Code.\n\n\u041f\u043e\u0434 \u0437\u0430\u043a\u0430\u0442\u043e\u0447\u043d\u044b\u0439 \u043a\u043e\u043d\u0432\u0435\u0439\u0435\u0440 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u043e\u0432 \u043a\u043e\u043d\u0435\u0447\u043d\u043e \u0436\u0435 \u043f\u043e\u043f\u0430\u043b \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u043d\u044b\u0439 \u0434\u0438\u0441\u043f\u0435\u0442\u0447\u0435\u0440 \u043e\u0447\u0435\u0440\u0435\u0434\u0438 \u043f\u0435\u0447\u0430\u0442\u0438 (CVE-2021-34527), \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u044f\u0434\u0440\u0430 Windows, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0435 \u0441 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435\u043c\u00a0\u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 (CVE-2021-31979\u00a0\u0438 33771), \u043a\u043e\u0441\u044f\u043a\u0438 \u043c\u043e\u0434\u0443\u043b\u044f \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u0435\u0432, \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0438\u0435 \u043a \u043f\u043e\u0432\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u044e\u00a0\u043f\u0430\u043c\u044f\u0442\u0438 (CVE-2021-34448).\n\n\u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f \u0442\u0430\u043a\u0436\u0435 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0442: Microsoft Exchange Server (CVE-2021-34473\u00a0- \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430 \u0438 CVE-2021-34523\u00a0- \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439), Active Directory (CVE-2021-33781\u00a0- \u043e\u0431\u0445\u043e\u0434 \u0444\u0443\u043d\u043a\u0446\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438), Windows ADFS (CVE-2021-33779\u00a0- \u0430\u043d\u0430\u043b\u043e\u0433\u0438\u0447\u043d\u043e), Windows (CVE-2021-34492\u00a0- \u043f\u043e\u0434\u0434\u0435\u043b\u043a\u0430 \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0432 \u0438 CVE-2021-34458 - \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430), Windows DNS Server (CVE-2021-34494 - \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430).\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, Microsoft \u0442\u0430\u043a\u0436\u0435 \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0431\u0445\u043e\u0434\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0432 \u0431\u0438\u043e\u043c\u0435\u0442\u0440\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 Windows hello (CVE-2021-34466), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b\u0430\u00a0\u043f\u043e\u0434\u0434\u0435\u043b\u0430\u0442\u044c \u043b\u0438\u0446\u043e \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0443.\n\nMSFT \u0432 \u0446\u0435\u043b\u043e\u043c \u0443\u0436\u0435 \u0431\u043b\u0438\u0437\u043a\u0438 \u0432 \u0442\u043e\u043c\u0443 \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u044e, \u043a\u043e\u0433\u0434\u0430 \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e \u0442\u0440\u0430\u043d\u0441\u0444\u043e\u0440\u043c\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u043e: \u0432 \u043c\u0430\u0435 \u0438 \u0438\u044e\u043d\u0435 \u043e\u043d\u0438 \u0437\u0430\u043a\u0440\u044b\u043b\u0438 55 \u0438 50 \u0434\u044b\u0440 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0435\u043d\u043d\u043e. \u041d\u043e, \u0447\u0442\u043e-\u0442\u043e \u0437\u043d\u0430\u044f \u043c\u0435\u043b\u043a\u043e\u043c\u044f\u0433\u043a\u0438\u0445, \u0434\u0443\u043c\u0430\u0435\u0442, \u0447\u0442\u043e \u0438\u043c \u0435\u0449\u0451 \u0434\u043e\u043b\u0433\u043e \u0432\u0435\u0441\u0442\u0438 \u0431\u043e\u0439 \u0432 \u0442\u0435\u043d\u044c\u044e.", "creation_timestamp": "2021-07-14T16:59:39.000000Z"}, {"uuid": "50571a46-18c6-416e-94b2-9cd503b7fff8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "https://t.me/SecLabNews/10506", "content": "\u0412\u043e \u0432\u0442\u043e\u0440\u043d\u0438\u043a, 6 \u0438\u044e\u043b\u044f, \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Microsoft \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u044d\u043a\u0441\u0442\u0440\u0435\u043d\u043d\u043e\u0435 \u0432\u043d\u0435\u043f\u043b\u0430\u043d\u043e\u0432\u043e\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u044f\u044e\u0449\u0435\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0441\u0435\u0440\u0432\u0438\u0441\u0435 \u043f\u0435\u0447\u0430\u0442\u0438 Windows Print Spooler. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c (CVE-2021-34527), \u043f\u043e\u043b\u0443\u0447\u0438\u0432\u0448\u0430\u044f \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 PrintNightmare, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0435\u043c\u0443 \u0437\u0430\u0445\u0432\u0430\u0442\u044b\u0432\u0430\u0442\u044c \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u043d\u0430\u0434 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u043c\u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u043c\u0438.\n\n \n\nhttps://www.securitylab.ru/news/521980.php", "creation_timestamp": "2021-07-07T11:40:03.000000Z"}, {"uuid": "1ed00889-5ebe-4f4a-908a-01d5ab1c439e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34523", "type": "exploited", "source": "https://t.me/SecLabNews/12481", "content": "\u0423 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0445 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u043e\u0432 \u043e\u0441\u0442\u0430\u0435\u0442\u0441\u044f \u0435\u0449\u0435 \u043c\u0435\u043d\u044c\u0448\u0435 \u0432\u0440\u0435\u043c\u0435\u043d\u0438 \u043d\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0447\u0435\u043c \u0441\u0447\u0438\u0442\u0430\u043b\u043e\u0441\u044c \u0440\u0430\u043d\u0435\u0435.\n\n\u041d\u043e\u0432\u044b\u0439\u00a0\u043e\u0442\u0447\u0435\u0442 \u0437\u0430 2022 \u0433\u043e\u0434 Palo Alto Unit 42 \u043f\u043e\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442, \u0447\u0442\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0441\u043a\u0430\u043d\u0438\u0440\u0443\u044e\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u0445\u043e\u0441\u0442\u044b \u0432 \u0442\u0435\u0447\u0435\u043d\u0438\u0435 15 \u043c\u0438\u043d\u0443\u0442 \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a \u043d\u043e\u0432\u044b\u0439 CVE \u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u0441\u044f \u043e\u0431\u0449\u0435\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u043c.\n\nPalo Alto Unit 42 \u0437\u0430\u043c\u0435\u0442\u0438\u043b\u0438, \u0447\u0442\u043e \u0445\u0430\u043a\u0435\u0440\u044b \u043f\u043e\u0441\u0442\u043e\u044f\u043d\u043d\u043e \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u044e\u0442 \u043e\u0431\u044a\u044f\u0432\u043b\u0435\u043d\u0438\u044f \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u043e\u0432 \u041f\u041e \u043d\u0430 \u043f\u0440\u0435\u0434\u043c\u0435\u0442 \u043d\u043e\u0432\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u0439 \u0441\u0435\u0442\u0438 \u0438\u043b\u0438 \u0434\u043b\u044f RCE. \n\n\u041e\u0434\u043d\u0430\u043a\u043e \u0441\u043a\u043e\u0440\u043e\u0441\u0442\u044c, \u0441 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043d\u0430\u0447\u0438\u043d\u0430\u044e\u0442 \u043f\u043e\u0438\u0441\u043a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0438 \u043f\u0440\u0435\u0434\u043f\u0440\u0438\u043d\u0438\u043c\u0430\u0442\u044c \u043f\u043e\u043f\u044b\u0442\u043a\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0432\u044b\u0440\u043e\u0441\u043b\u0430.\n\n\u041f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u043d\u0435 \u0442\u0440\u0435\u0431\u0443\u0435\u0442 \u043e\u0441\u043e\u0431\u044b\u0445 \u0443\u0441\u0438\u043b\u0438\u0439 \u043d\u0438\u0437\u043a\u043e\u043a\u0432\u0430\u043b\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0432\u0435\u0434\u0443\u0442 \u043c\u043e\u043c\u0435\u043d\u0442\u0430\u043b\u044c\u043d\u044b\u0439 \u043f\u043e\u0438\u0441\u043a \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u043a\u043e\u043d\u0435\u0447\u043d\u044b\u0445 \u0442\u043e\u0447\u0435\u043a \u0438 \u043f\u0435\u0440\u0435\u043f\u0440\u043e\u0434\u0430\u044e\u0442 \u0432 \u0442\u0435\u0447\u0435\u043d\u0438\u0435 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u0445 \u0447\u0430\u0441\u043e\u0432 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u044b \u0441\u0432\u043e\u0435\u0439 \u0440\u0430\u0431\u043e\u0442\u044b \u0432 \u0434\u0430\u0440\u043a\u043d\u0435\u0442\u0435 \u0431\u043e\u043b\u0435\u0435 \u043e\u043f\u044b\u0442\u043d\u044b\u043c \u0445\u0430\u043a\u0435\u0440\u0430\u043c, \u0441\u043f\u043e\u0441\u043e\u0431\u043d\u044b\u043c \u0438\u0445 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c.\n\n\u0422\u0430\u043a, \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2022-1388 \u0432 F5 BIG-IP \u0431\u044b\u043b\u0430 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0430 4 \u043c\u0430\u044f 2022 \u0433\u043e\u0434\u0430, \u0438, \u043f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Unit 42, \u0441\u043f\u0443\u0441\u0442\u044f \u0434\u0435\u0441\u044f\u0442\u044c \u0447\u0430\u0441\u043e\u0432 \u0441 \u043c\u043e\u043c\u0435\u043d\u0442\u0430 \u043e\u0431\u044a\u044f\u0432\u043b\u0435\u043d\u0438\u044f, \u0431\u044b\u043b\u043e \u0437\u0430\u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043d\u043e 2552 \u043f\u043e\u043f\u044b\u0442\u043a\u0438 \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438.\n\n\u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u0430\u043d\u0430\u043b\u0438\u0442\u0438\u043a\u0435 Palo Alto, \u0441\u0440\u0435\u0434\u0438 \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0434\u043b\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0441\u0435\u0442\u0438 \u0432 \u043f\u0435\u0440\u0432\u043e\u043c \u043f\u043e\u043b\u0443\u0433\u043e\u0434\u0438\u0438 2022\u00a0\u0433\u043e\u0434\u0430 \u0440\u0435\u0441\u0435\u0440\u0447\u0435\u0440\u044b \u0432\u044b\u0434\u0435\u043b\u0438\u043b\u0438 \u0446\u0435\u043f\u043e\u0447\u043a\u0443 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432 ProxyShell (CVE-2021-34473, CVE-2021-34523 \u0438 CVE-2021-31207), \u043d\u0430 \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u043f\u0440\u0438\u0445\u043e\u0434\u0438\u0442\u0441\u044f \u0434\u043e 55% \u043e\u0442 \u043e\u0431\u0449\u0435\u0433\u043e \u0447\u0438\u0441\u043b\u0430 \u0437\u0430\u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u043e\u0432.\u00a0\n\n\u041d\u0430 \u0432\u0442\u043e\u0440\u043e\u043c \u043c\u0435\u0441\u0442\u0435 \u0437\u0430\u043a\u0440\u0435\u043f\u0438\u043b\u0441\u044f Log4Shell \u0441 14%, \u0434\u0430\u043b\u0435\u0435 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0435 CVE SonicWall \u2014 7%, ProxyLogon \u2014 5%, \u0430 RCE \u0432\u00a0Zoho ManageEngine ADSelfService Plus \u0431\u044b\u043b \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d \u0432 3% \u0441\u043b\u0443\u0447\u0430\u0435\u0432.\n\n\u041a\u0430\u043a \u0432\u0438\u0434\u043d\u043e \u0438\u0437 \u044d\u0442\u043e\u0439 \u0441\u0442\u0430\u0442\u0438\u0441\u0442\u0438\u043a\u0438, \u043b\u044c\u0432\u0438\u043d\u0430\u044f \u0434\u043e\u043b\u044f \u0432 \u043e\u0431\u044a\u0435\u043c\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043f\u0440\u0438\u0445\u043e\u0434\u0438\u0442\u0441\u044f \u043d\u0435 \u0441\u0430\u043c\u044b\u0435 \u0441\u0432\u0435\u0436\u0438\u0435, \u0430 \u0443\u0436\u0435 \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0435 CVE, \u0447\u0442\u043e \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u0440\u0430\u0437\u043c\u0435\u0440\u043e\u043c \u043f\u043e\u0432\u0435\u0440\u0445\u043d\u043e\u0441\u0442\u0438 \u0430\u0442\u0430\u043a\u0438, \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0438 \u043f\u0440\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438.\n\n\u041d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0438 \u0437\u0430\u0449\u0438\u0449\u0435\u043d\u043d\u044b\u0435 \u0436\u0435\u0440\u0442\u0432\u044b \u0430\u0442\u0430\u043a\u0443\u044e\u0442\u0441\u044f \u0447\u0430\u0449\u0435 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c 0-day \u0438\u043b\u0438 \u0441\u0432\u0435\u0436\u0435\u043e\u0431\u044a\u044f\u0432\u043b\u044f\u0435\u043c\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Unit 42, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u041f\u041e \u0434\u043b\u044f \u043f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e\u0439 \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438 \u0441\u0435\u0442\u0438 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u043f\u0440\u0438\u043c\u0435\u0440\u043d\u043e \u043e\u0434\u043d\u0443 \u0442\u0440\u0435\u0442\u044c \u0441\u0442\u0430\u0442\u0438\u0441\u0442\u0438\u043a\u0438 \u0432\u0441\u0435\u0445 \u043d\u0430\u0440\u0443\u0448\u0435\u043d\u0438\u0439.\n\n\u0412 37% \u0441\u043b\u0443\u0447\u0430\u0435\u0432 \u0444\u0438\u0448\u0438\u043d\u0433 \u0431\u044b\u043b \u043f\u0440\u0435\u0434\u043f\u043e\u0447\u0442\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u043c \u0441\u043f\u043e\u0441\u043e\u0431\u043e\u043c \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430.\u00a0\u0412 15% \u0441\u043b\u0443\u0447\u0430\u0435\u0432 \u0445\u0430\u043a\u0435\u0440\u044b \u043f\u0440\u043e\u043d\u0438\u043a\u0430\u043b\u0438 \u0432 \u0441\u0435\u0442\u0438 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043f\u0435\u0440\u0435\u0431\u043e\u0440\u0430 \u0438\u043b\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445.\n\n\u0421\u043e\u0446\u0438\u0430\u043b\u044c\u043d\u0430\u044f \u0438\u043d\u0436\u0435\u043d\u0435\u0440\u0438\u044f \u0438\u043b\u0438 \u043f\u043e\u0434\u043a\u0443\u043f \u0438\u043d\u0441\u0430\u0439\u0434\u0435\u0440\u0430 \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0441\u0435\u0442\u0438 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u0435\u0442 10% \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u043e\u0432.\n\n\u0412\u044b\u0432\u043e\u0434\u044b \u0434\u0435\u043b\u0430\u0439\u0442\u0435 \u0441\u0430\u043c\u0438: \u0441\u0442\u0430\u0442\u0438\u0441\u0442\u0438\u043a\u0430 \u0432\u0435\u0441\u044c\u043c\u0430 \u043f\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044c\u043d\u0430.", "creation_timestamp": "2022-07-28T07:20:54.000000Z"}, {"uuid": "89c1a673-101f-4256-ad57-90040099cd02", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34527", "type": "published-proof-of-concept", "source": "https://t.me/GhostClanInt/25200", "content": "Tools - Hackers Factory\n\nGitHub - edoardottt/csprecon: Discover new target domains using Content Security Policy\n\nhttps://github.com/edoardottt/csprecon\n\nOSED Material (Offensive Security Exploit Developer) \n\nhttps://github.com/epi052/osed-scripts\n\nhttps://github.com/nop-tech/OSED\n\nExploitation-course OSED\n\nhttps://github.com/ashemery/exploitation-course\n\nGitHub - classvsoftware/spy-extension: A Chrome extension that will steal literally everything it can.\n\nhttps://github.com/classvsoftware/spy-extension\n\nA signal handler race condition in OpenSSH's server (sshd)\n\nhttps://github.com/zgzhang/cve-2024-6387-poc\n\nGitHub - blackhillsinfosec/skyhook: A round-trip obfuscated HTTP file transfer setup built to bypass IDS detections.\n\nhttps://github.com/blackhillsinfosec/skyhook\n\nRed-Team-Management/Red Team Courses\n\nhttps://github.com/CyberSecurityUP/Red-Team-Management/blob/main/Red%20Team%20Courses.md\n\nA CVE-2021-34527 (a.k.a PrintNightmare) Python Scanner\n\nhttps://github.com/byt3bl33d3r/ItWasAllADream\n\nDOME: A subdomain enumeration tool\n\nDownload: github.com/v4d1/Dome\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-07-03T12:09:51.000000Z"}, {"uuid": "565cd207-4ef9-4e79-924f-3b045fd59738", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34523", "type": "exploited", "source": "https://t.me/forensictools/469", "content": "RedTeam Toolkit\n[https://github.com/signorrayan/RedTeam_toolkit]\n\nweb-\u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0435 \u043d\u0430 \u044f\u0437\u044b\u043a\u0435 Python (Django), \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u0449\u0435\u0435 \u043d\u0430\u0431\u043e\u0440 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u043e\u0432, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0445 red-team \u0434\u043b\u044f \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439. \u0412 \u043e\u0441\u043d\u043e\u0432\u0435 \u043b\u0435\u0436\u0430\u0442 \u0442\u0430\u043a\u0438\u0435 \u043f\u0440\u043e\u0435\u043a\u0442\u044b, \u043a\u0430\u043a nmap, rustscan, dirsearch, shreder, circl, crowbar \u0438 \u0442.\u0434.\n\n\u2022 \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u043f\u043e\u0440\u0442\u043e\u0432 \u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0446\u0435\u043b\u0438\n\u2022 \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0432\u0441\u0435\u0445 \u0436\u0438\u0432\u044b\u0445 \u0445\u043e\u0441\u0442\u043e\u0432 \u0432 \u043f\u043e\u0434\u0441\u0435\u0442\u0438\n\u2022 \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0432\u0441\u0435\u0445 \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u043e\u0432 \u0446\u0435\u043b\u0438\n\u2022 \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 CVE \u043f\u043e CveID\n\u2022 \u0430\u0442\u0430\u043a\u0430 \u043f\u043e \u0441\u043b\u043e\u0432\u0430\u0440\u044e SSH\n\u2022 RDP BruteForce\n\u2022 \u0440\u0430\u0437\u0434\u0435\u043b WebApps: Apache Path Traversal PoC (CVE-2021-41773), \u0412\u0435\u0431-\u043a\u0440\u0430\u0443\u043b\u0435\u0440 \u0434\u043b\u044f \u0441\u0431\u043e\u0440\u0430 URL-\u0430\u0434\u0440\u0435\u0441\u043e\u0432, \u041f\u0435\u0440\u0435\u0447\u0438\u0441\u043b\u0435\u043d\u0438\u0435 \u0441\u0443\u0431\u0434\u043e\u043c\u0435\u043d\u043e\u0432\n\u2022 \u0440\u0430\u0437\u0434\u0435\u043b Windows (\u043e\u0431\u043d\u043e\u0432\u043b\u044f\u0435\u0442\u0441\u044f, \u0434\u0440\u0443\u0433\u0438\u0435 \u043e\u0441\u043d\u043e\u0432\u043d\u044b\u0435 CVE \u0431\u0443\u0434\u0443\u0442 \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u044b): Microsoft Exchange ProxyShell PoC (CVE-2021-34523, CVE-2021-34473, CVE-2021-31207)\n\u2022 \u0440\u0430\u0437\u0434\u0435\u043b Linux \u0434\u043b\u044f \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u043e\u0441\u043d\u043e\u0432\u043d\u044b\u0445 CVE \u0432 Linux \u0442\u0430\u043a\u0436\u0435 \u0432 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f\n\n#pentest #python #redteam #vulns", "creation_timestamp": "2021-11-29T11:51:06.000000Z"}, {"uuid": "eeba31b2-3956-4876-bddb-64f0156d4bb6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "https://msrc.microsoft.com/blog/2021/07/clarified-guidance-for-cve-2021-34527-windows-print-spooler-vulnerability/", "content": "", "creation_timestamp": "2021-07-08T05:00:00.000000Z"}, {"uuid": "f16ac25b-8bac-40c2-88cc-7c6462386f63", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "https://msrc.microsoft.com/blog/2021/07/out-of-band-oob-security-update-available-for-cve-2021-34527/", "content": "", "creation_timestamp": "2021-07-06T05:00:00.000000Z"}, {"uuid": "6f35a71c-c344-4cae-8270-c4c3f6f7f9c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34523", "type": "seen", "source": "https://msrc.microsoft.com/blog/2021/04/april-2021-update-tuesday-packages-now-available/", "content": "", "creation_timestamp": "2021-04-13T05:00:00.000000Z"}, {"uuid": "32bdccdf-ad81-461b-b899-cb0ae92ca5f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:38.000000Z"}, {"uuid": "79e323c1-9be1-4152-bd5a-b686827cd1e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34523", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:38.000000Z"}, {"uuid": "167f29e7-f0fc-4165-b92d-bef203837ff8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "https://bsky.app/profile/lukasberan.com/post/3lielmf3dmc2j", "content": "", "creation_timestamp": "2025-02-17T10:57:46.028690Z"}, {"uuid": "86a05eaa-23ee-47a5-aa18-fd5e02f7c30f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "https://bsky.app/profile/lukasberan.com/post/3lielmgc4t22j", "content": "", "creation_timestamp": "2025-02-17T10:57:46.500524Z"}, {"uuid": "ac96508a-43ff-4ee3-bd11-23aa086536a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "https://bsky.app/profile/lukasberan.com/post/3lielmgc5sc2j", "content": "", "creation_timestamp": "2025-02-17T10:57:46.946213Z"}, {"uuid": "350581d0-1798-433a-b535-881dc7e38a0b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "https://bsky.app/profile/lukasberan.com/post/3lielmgc6rk2j", "content": "", "creation_timestamp": "2025-02-17T10:57:47.440194Z"}, {"uuid": "5d95f2c0-ed4b-490d-bb4c-5f1015bd2233", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "https://bsky.app/profile/lukasberan.com/post/3lielmgc7qs2j", "content": "", "creation_timestamp": "2025-02-17T10:57:47.924019Z"}, {"uuid": "0b3dcbf5-1284-4fe7-a2ad-41c0676dfb64", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34523", "type": "seen", "source": "https://bsky.app/profile/bilaltariq01.bsky.social/post/3lseujqi4mt2q", "content": "", "creation_timestamp": "2025-06-24T19:49:14.269273Z"}, {"uuid": "441a3c72-cda0-4eb1-b6ca-56428b05d916", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34523", "type": "seen", "source": "MISP/90e532fb-4efa-4ff2-95ab-ddaf25454791", "content": "", "creation_timestamp": "2025-07-01T21:18:45.000000Z"}, {"uuid": "ae742cd3-e7aa-49f6-a799-f9616b9509e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34523", "type": "seen", "source": "https://gist.github.com/Hamid-K/f4288dae3a1f2dea8905b1cf16d59c1b", "content": "", "creation_timestamp": "2025-10-03T16:37:38.000000Z"}, {"uuid": "fe01fb99-9f89-48e7-85ab-713ec6ed47ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34523", "type": "seen", "source": "MISP/d17bd6ef-d68b-317b-ac33-cdbc44c5fc57", "content": "", "creation_timestamp": "2025-08-31T03:12:40.000000Z"}, {"uuid": "5c3215de-a7dc-4415-b1a0-6207a8c43a5e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34523", "type": "seen", "source": "MISP/ab0b745f-bbd5-338e-8b92-97dd0c757e9d", "content": "", "creation_timestamp": "2025-08-31T03:00:50.000000Z"}, {"uuid": "a4209b08-945b-4c9d-b762-d08207b98854", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "MISP/ab0b745f-bbd5-338e-8b92-97dd0c757e9d", "content": "", "creation_timestamp": "2025-08-31T03:00:57.000000Z"}, {"uuid": "3303e1d2-eee6-4b8c-bbec-20b740a12006", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34523", "type": "seen", "source": "https://gist.github.com/Darkcrai86/52f50f5d0ddb5131ec29c2994cfdb19c", "content": "", "creation_timestamp": "2025-09-19T17:07:08.000000Z"}, {"uuid": "01ea20ef-c101-4660-90d1-45a575a56c0f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2021-34522", "type": "seen", "source": "https://www.kyberturvallisuuskeskus.fi/fi/haavoittuvuus_21/2021", "content": "", "creation_timestamp": "2021-07-15T10:13:10.000000Z"}, {"uuid": "3322a6f2-7e28-4a81-abeb-d580d6c34422", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2021-34520", "type": "seen", "source": "https://www.kyberturvallisuuskeskus.fi/fi/haavoittuvuus_21/2021", "content": "", "creation_timestamp": "2021-07-15T10:13:10.000000Z"}, {"uuid": "15de587f-e834-4a42-9dca-34002fc2e0f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2021-34523", "type": "seen", "source": "https://www.kyberturvallisuuskeskus.fi/fi/haavoittuvuus_21/2021", "content": "", "creation_timestamp": "2021-07-15T10:13:10.000000Z"}, {"uuid": "9ece8cf3-43cb-4608-87a7-3145b45e3eb9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2021-34525", "type": "seen", "source": "https://www.kyberturvallisuuskeskus.fi/fi/haavoittuvuus_21/2021", "content": "", "creation_timestamp": "2021-07-15T10:13:10.000000Z"}, {"uuid": "cce91a33-8941-4846-a28c-c91d811b10ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=608", "content": "", "creation_timestamp": "2021-07-14T04:00:00.000000Z"}, {"uuid": "b3f889f5-4a95-4c02-8ffc-0dbbdb7d7e07", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=605", "content": "", "creation_timestamp": "2021-07-02T04:00:00.000000Z"}, {"uuid": "53254ea1-deb9-4cfc-a3df-58abb359e467", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "https://www.kyberturvallisuuskeskus.fi/fi/haavoittuvuus_19/2021", "content": "", "creation_timestamp": "2021-07-01T09:58:27.000000Z"}, {"uuid": "753d00c7-1d40-4f3a-b1cb-2871984e38a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34523", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/d8d4bf5a-324b-4e70-bab3-be55d588d75d", "content": "", "creation_timestamp": "2026-02-02T12:28:50.775159Z"}, {"uuid": "92bda216-83dc-4ca6-8676-4714b9c5556c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34527", "type": "published-proof-of-concept", "source": "Telegram/JxyyR7DPCkvNqGXHwYf1FM_TYIK_7LUKbzPocNJOIh8q_94", "content": "", "creation_timestamp": "2025-08-05T21:00:04.000000Z"}, {"uuid": "e24da1d0-adba-40b7-8899-e401a1f9942e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34527", "type": "exploited", "source": "https://t.me/CyberGovIL/1296", "content": "\u05e2\u05d3\u05db\u05d5\u05df \u05d4\u05d0\u05d1\u05d8\u05d7\u05d4 \u05d4\u05d7\u05d5\u05d3\u05e9\u05d9 \u05e9\u05dc \u05de\u05d9\u05e7\u05e8\u05d5\u05e1\u05d5\u05e4\u05d8 - \u05d9\u05d5\u05dc\u05d9 2021 | Com7752\n\n\u05d1-13 \u05dc\u05d7\u05d5\u05d3\u05e9 \u05e4\u05e8\u05e1\u05de\u05d4 \u05de\u05d9\u05e7\u05e8\u05d5\u05e1\u05d5\u05e4\u05d8 \u05db-117 \u05e2\u05d3\u05db\u05d5\u05e0\u05d9 \u05d0\u05d1\u05d8\u05d7\u05d4 \u05dc\u05e4\u05d2\u05d9\u05e2\u05d5\u05d9\u05d5\u05ea \u05d1\u05ea\u05d5\u05db\u05e0\u05d5\u05ea \u05e0\u05ea\u05de\u05db\u05d5\u05ea. 13 \u05e4\u05d2\u05d9\u05e2\u05d5\u05d9\u05d5\u05ea \u05de\u05e1\u05d5\u05d5\u05d2\u05d5\u05ea \u05db\u05e7\u05e8\u05d9\u05d8\u05d9\u05d5\u05ea. 44 \u05e4\u05d2\u05d9\u05e2\u05d5\u05d9\u05d5\u05ea \u05e0\u05d9\u05ea\u05e0\u05d5\u05ea \u05dc\u05e0\u05d9\u05e6\u05d5\u05dc \u05e2\u05dc \u05d9\u05d3\u05d9 \u05ea\u05d5\u05e7\u05e3 \u05de\u05e8\u05d5\u05d7\u05e7 \u05dc\u05d4\u05e8\u05e6\u05ea \u05e7\u05d5\u05d3 (RCE).\n\n4 \u05e4\u05d2\u05d9\u05e2\u05d5\u05d9\u05d5\u05ea \u05de\u05e0\u05d5\u05e6\u05dc\u05d5\u05ea \u05d1\u05e4\u05d5\u05e2\u05dc \u05e2\u05dc \u05d9\u05d3\u05d9 \u05ea\u05d5\u05e7\u05e4\u05d9\u05dd \u05d1\u05e2\u05d5\u05dc\u05dd (Zero Day), \u05db\u05d5\u05dc\u05dc \u05d4\u05e4\u05d2\u05d9\u05e2\u05d5\u05ea \u05d4\u05de\u05db\u05d5\u05e0\u05d4 PrintNightmare (CVE-2021-34527). \u05e4\u05e8\u05d8\u05d9\u05d4\u05df \u05e9\u05dc 5 \u05e4\u05d2\u05d9\u05e2\u05d5\u05d9\u05d5\u05ea \u05e0\u05d5\u05e1\u05e4\u05d5\u05ea \u05e4\u05d5\u05e8\u05e1\u05de\u05d5, \u05d0\u05da \u05dc\u05d0 \u05d9\u05d3\u05d5\u05e2 \u05e2\u05dc \u05e0\u05d9\u05e6\u05d5\u05dc \u05e9\u05dc\u05d4\u05dd \u05d1\u05e4\u05d5\u05e2\u05dc.\n\n\u05de\u05d5\u05de\u05dc\u05e5 \u05de\u05d0\u05d3 \u05dc\u05d1\u05d7\u05d5\u05df \u05d4\u05e2\u05d3\u05db\u05d5\u05e0\u05d9\u05dd \u05d1\u05e1\u05d1\u05d9\u05d1\u05ea \u05e0\u05d9\u05e1\u05d5\u05d9, \u05d5\u05dc\u05d4\u05ea\u05e7\u05d9\u05e0\u05dd \u05d1\u05d4\u05e7\u05d3\u05dd \u05d4\u05d0\u05e4\u05e9\u05e8\u05d9.", "creation_timestamp": "2021-07-14T12:32:47.000000Z"}, {"uuid": "49ac6f37-999c-4e77-a2c2-00f47375a457", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34527", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/349", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aA PrintNightmare (CVE-2021-34527) Python Scanner. Scan entire subnets for hosts vulnerable to the PrintNightmare RCE\nURL\uff1ahttps://github.com/AlAIAL90/CVE-2021-38534", "creation_timestamp": "2021-08-20T02:41:53.000000Z"}, {"uuid": "8e729a46-a638-436f-b17e-7b84d2c84639", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34527", "type": "published-proof-of-concept", "source": "https://t.me/CyberDilara/315", "content": "Tools - Hackers Factory\n\nGitHub - edoardottt/csprecon: Discover new target domains using Content Security Policy\n\nhttps://github.com/edoardottt/csprecon\n\nOSED Material (Offensive Security Exploit Developer) \n\nhttps://github.com/epi052/osed-scripts\n\nhttps://github.com/nop-tech/OSED\n\nExploitation-course OSED\n\nhttps://github.com/ashemery/exploitation-course\n\nGitHub - classvsoftware/spy-extension: A Chrome extension that will steal literally everything it can.\n\nhttps://github.com/classvsoftware/spy-extension\n\nA signal handler race condition in OpenSSH's server (sshd)\n\nhttps://github.com/zgzhang/cve-2024-6387-poc\n\nGitHub - blackhillsinfosec/skyhook: A round-trip obfuscated HTTP file transfer setup built to bypass IDS detections.\n\nhttps://github.com/blackhillsinfosec/skyhook\n\nRed-Team-Management/Red Team Courses\n\nhttps://github.com/CyberSecurityUP/Red-Team-Management/blob/main/Red%20Team%20Courses.md\n\nA CVE-2021-34527 (a.k.a PrintNightmare) Python Scanner\n\nhttps://github.com/byt3bl33d3r/ItWasAllADream\n\nDOME: A subdomain enumeration tool\n\nDownload: github.com/v4d1/Dome\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-07-03T13:13:10.000000Z"}, {"uuid": "7a59e309-bd35-43af-9871-b1d26576beb0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34527", "type": "exploited", "source": "https://t.me/dilagrafie/178", "content": "20 #Tools - \ud835\udddb\ud835\uddee\ud835\uddf0\ud835\uddf8\ud835\uddf2\ud835\uddff\ud835\ude00 \ud835\uddd9\ud835\uddee\ud835\uddf0\ud835\ude01\ud835\uddfc\ud835\uddff\ud835\ude06\n\nParanoid \n\nParanoid project checks for well known weaknesses on cryptographic artifacts such as public keys, digital signatures and general pseudorandom numbers. This library contains implementations and optimizations of existing work found in the literature. The existing work showed that the generation of these artifacts was flawed in some cases. The following are some examples of publications the library is based on.\n\nhttps://github.com/google/paranoid_crypto\n\npre2k\n\nPre2k is a tool to query for the existence of pre-windows 2000 computer objects which can be leveraged to gain a foothold in a target domain as discovered by TrustedSec's @Oddvarmoe. \n\nPre2k can be ran from an uanuthenticated context to perform a password spray from a provided list of recovered hostnames (such as from an RPC/LDAP null bind) or from an authenticated context to perform a targeted or broad password spray. \n\nUsers have the flexibility to target every machine or to stop on the first successful authentication as well as the ability to request and store a valid TGT in .ccache form in their current working directory.\n\nhttps://github.com/garrettfoster13/pre2k\n\nPrintNightmare (CVE-2021-34527)\n\nThis version of the PrintNightmare exploit is heavily based on the code created by Cube0x0, with the following features:\n\n\u25ab\ufe0f Ability to target multiple hosts.\n\u25ab\ufe0f Built-in SMB server for payload delivery, removing the need for open file shares.\n\u25ab\ufe0f Exploit includes both MS-RPRN & MS-PAR protocols (define in CMD args).\n\u25ab\ufe0f Implements @gentilkiwi's UNC bypass technique.\n\nhttps://github.com/m8sec/CVE-2021-34527\n\nExploiting PrintNightmare (CVE-2021\u201334527)\nhttps://infosecwriteups.com/exploiting-printnightmare-cve-2021-34527-10c6e0f5b83f\n\n#cve\n\nGeogramint \n\n#OSINT Geolocalization tool for Telegram\n\nGeogramint is an OSINT tool that uses Telegram's API to find nearby users and groups. Inspired by Tejado's Telegram Nearby Map, which is no longer maintained, it aims to provide a more user-friendly alternative.\n\nGeogramint only finds Telegram users and groups which have activated the nearby feature. Per default it is deactivated.\n\nThe tool is fully supported on Windows and partially supported on Mac OS and Linux distributions.\n\nhttps://github.com/Alb-310/Geogramint\n\npynipper-ng \n\nA configuration security analyzer for network devices. The goal of this tool is check the vulnerabilities and misconfigurations of routers, firewalls and switches reporting the issues in a simple way.\n\nThis tool is based on nipper-ng, updated and translated to Python. The project wants to improve the set of rules that detect security misconfigurations of the network devices using multiple standard benchmarks (like CIS Benchmark) and integrate the tool with APIs (like PSIRT Cisco API) to scan known vulnerabilities.\n\nhttps://github.com/syn-4ck/pynipper-ng\n\nBug-Bounty-Methodology\n\nThese are my checklists which I use during my bug bounty hunting.\n\nhttps://github.com/tuhin1729/Bug-Bounty-Methodology\n\nwhids\n\nEDR with artifact collection driven by detection. The detection engine is built on top of a previous project Gene specially designed to match Windows events against user defined rules.\n\nhttps://github.com/0xrawsec/whids\n\nClash\n\nA rule-based tunnel in Go.\n\nFeatures:\n\u25ab\ufe0f Local HTTP/HTTPS/SOCKS server with authentication support\n\u25ab\ufe0f Shadowsocks(R), VMess, Trojan, Snell, SOCKS5, HTTP(S) outbound support\n\u25ab\ufe0f Built-in fake-ip DNS server that aims to minimize DNS pollution attack impact. DoH/DoT upstream supported.\n\u25ab\ufe0f Rules based off domains, GEOIP, IP-CIDR or process names to route packets to different destinations\n\u25ab\ufe0f Proxy groups allow users to implement powerful rules. Supports automatic fallback, load balancing or auto select proxy based off latency\n\u25ab\ufe0f Remote providers, allowing users to get proxy lists remotely instead of hardcoding in config\n\u25ab\ufe0f Transparent proxy: Redirect TCP and TProxy TCP/UDP with automatic route table/rule management\n\u25ab\ufe0f Hot-reload via the comprehensive HTTP RESTful API controller\n\nhttps://github.com/Dreamacro/clash\n\n1/3", "creation_timestamp": "2022-12-17T10:25:12.000000Z"}, {"uuid": "440f678b-ed9f-4168-8cb5-478c14f6ded6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34527", "type": "exploited", "source": "https://t.me/dilagrafie/2148", "content": "20 #Tools - \ud835\udddb\ud835\uddee\ud835\uddf0\ud835\uddf8\ud835\uddf2\ud835\uddff\ud835\ude00 \ud835\uddd9\ud835\uddee\ud835\uddf0\ud835\ude01\ud835\uddfc\ud835\uddff\ud835\ude06\n\nParanoid \n\nParanoid project checks for well known weaknesses on cryptographic artifacts such as public keys, digital signatures and general pseudorandom numbers. This library contains implementations and optimizations of existing work found in the literature. The existing work showed that the generation of these artifacts was flawed in some cases. The following are some examples of publications the library is based on.\n\nhttps://github.com/google/paranoid_crypto\n\npre2k\n\nPre2k is a tool to query for the existence of pre-windows 2000 computer objects which can be leveraged to gain a foothold in a target domain as discovered by TrustedSec's @Oddvarmoe. \n\nPre2k can be ran from an uanuthenticated context to perform a password spray from a provided list of recovered hostnames (such as from an RPC/LDAP null bind) or from an authenticated context to perform a targeted or broad password spray. \n\nUsers have the flexibility to target every machine or to stop on the first successful authentication as well as the ability to request and store a valid TGT in .ccache form in their current working directory.\n\nhttps://github.com/garrettfoster13/pre2k\n\nPrintNightmare (CVE-2021-34527)\n\nThis version of the PrintNightmare exploit is heavily based on the code created by Cube0x0, with the following features:\n\n\u25ab\ufe0f Ability to target multiple hosts.\n\u25ab\ufe0f Built-in SMB server for payload delivery, removing the need for open file shares.\n\u25ab\ufe0f Exploit includes both MS-RPRN & MS-PAR protocols (define in CMD args).\n\u25ab\ufe0f Implements @gentilkiwi's UNC bypass technique.\n\nhttps://github.com/m8sec/CVE-2021-34527\n\nExploiting PrintNightmare (CVE-2021\u201334527)\nhttps://infosecwriteups.com/exploiting-printnightmare-cve-2021-34527-10c6e0f5b83f\n\n#cve\n\nGeogramint \n\n#OSINT Geolocalization tool for Telegram\n\nGeogramint is an OSINT tool that uses Telegram's API to find nearby users and groups. Inspired by Tejado's Telegram Nearby Map, which is no longer maintained, it aims to provide a more user-friendly alternative.\n\nGeogramint only finds Telegram users and groups which have activated the nearby feature. Per default it is deactivated.\n\nThe tool is fully supported on Windows and partially supported on Mac OS and Linux distributions.\n\nhttps://github.com/Alb-310/Geogramint\n\npynipper-ng \n\nA configuration security analyzer for network devices. The goal of this tool is check the vulnerabilities and misconfigurations of routers, firewalls and switches reporting the issues in a simple way.\n\nThis tool is based on nipper-ng, updated and translated to Python. The project wants to improve the set of rules that detect security misconfigurations of the network devices using multiple standard benchmarks (like CIS Benchmark) and integrate the tool with APIs (like PSIRT Cisco API) to scan known vulnerabilities.\n\nhttps://github.com/syn-4ck/pynipper-ng\n\nBug-Bounty-Methodology\n\nThese are my checklists which I use during my bug bounty hunting.\n\nhttps://github.com/tuhin1729/Bug-Bounty-Methodology\n\nwhids\n\nEDR with artifact collection driven by detection. The detection engine is built on top of a previous project Gene specially designed to match Windows events against user defined rules.\n\nhttps://github.com/0xrawsec/whids\n\nClash\n\nA rule-based tunnel in Go.\n\nFeatures:\n\u25ab\ufe0f Local HTTP/HTTPS/SOCKS server with authentication support\n\u25ab\ufe0f Shadowsocks(R), VMess, Trojan, Snell, SOCKS5, HTTP(S) outbound support\n\u25ab\ufe0f Built-in fake-ip DNS server that aims to minimize DNS pollution attack impact. DoH/DoT upstream supported.\n\u25ab\ufe0f Rules based off domains, GEOIP, IP-CIDR or process names to route packets to different destinations\n\u25ab\ufe0f Proxy groups allow users to implement powerful rules. Supports automatic fallback, load balancing or auto select proxy based off latency\n\u25ab\ufe0f Remote providers, allowing users to get proxy lists remotely instead of hardcoding in config\n\u25ab\ufe0f Transparent proxy: Redirect TCP and TProxy TCP/UDP with automatic route table/rule management\n\u25ab\ufe0f Hot-reload via the comprehensive HTTP RESTful API controller\n\nhttps://github.com/Dreamacro/clash\n\n1/3", "creation_timestamp": "2022-12-17T10:25:12.000000Z"}, {"uuid": "ca8b63a3-4193-4b71-a261-8688c1f52889", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34523", "type": "published-proof-of-concept", "source": "https://t.me/Termux_AND_Security7667/408", "content": "\u0645\u062c\u0645\u0648\u0639\u0629 \u0628\u0631\u0627\u0645\u062c \u0627\u0644\u0641\u062f\u064a\u0629 BlackByte \u062a\u0642\u0648\u0645 \u0628\u0625\u0633\u062a\u063a\u0644\u0627\u0644 \u062b\u063a\u0631\u0627\u062a ProxyShell \u0641\u064a \u062e\u0627\u062f\u0645 Microsoft Exchange \u0644\u0644\u0648\u0635\u0648\u0644 \u0644\u0634\u0628\u0643\u0627\u062a \u0627\u0644\u0634\u0631\u0643\u0627\u062a\n_ \u0641\u064a \u062a\u0642\u0631\u064a\u0631 \u0645\u0641\u0635\u0644 \u0639\u0646 Red Canary \u062d\u0644\u0644 \u0627\u0644\u0628\u0627\u062d\u062b\u0648\u0646 \u0647\u062c\u0648\u0645 BlackByte Ransomware \u0648\u0625\u0633\u062a\u063a\u0644\u0627\u0644\u0647\u0627 \u0644\u062b\u063a\u0631\u0629 ProxyShell \u0644\u062a\u062b\u0628\u064a\u062a web shells \u0639\u0644\u0649 \u062e\u0627\u062f\u0645 Exchange \u0645\u064f\u062e\u062a\u0631\u0642\n\nRed Canary\nhttps://redcanary.com/blog/blackbyte-ransomware\n\nBleeping Computer\nhttps://www.bleepingcomputer.com/news/security/microsoft-exchange-servers-hacked-to-deploy-blackbyte-ransomware\n\n#ProxyShell #exploit #CVE-2021-31207 dCVE-2021-34523 #CVE-2021-34473\nProxyShell #poc\nhttps://github.com/dmaasland/proxyshell-poc\n\nProxyShell poc Exploit : Exchange Server RCE (ACL Bypass + EoP + Arbitrary File Write)\nhttps://github.com/ktecv2000/ProxyShell\n\n#poc for scanning ProxyShell\nhttps://github.com/mithridates1313/ProxyShell_POC\n\nAutomatic ProxyShell #Exploit\nhttps://github.com/Udyz/proxyshell-auto", "creation_timestamp": "2021-12-03T15:02:36.000000Z"}, {"uuid": "24661743-e609-463f-adda-d9439973269f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34527", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/6854", "content": "Tools - Hackers Factory\n\nGitHub - edoardottt/csprecon: Discover new target domains using Content Security Policy\n\nhttps://github.com/edoardottt/csprecon\n\nOSED Material (Offensive Security Exploit Developer) \n\nhttps://github.com/epi052/osed-scripts\n\nhttps://github.com/nop-tech/OSED\n\nExploitation-course OSED\n\nhttps://github.com/ashemery/exploitation-course\n\nGitHub - classvsoftware/spy-extension: A Chrome extension that will steal literally everything it can.\n\nhttps://github.com/classvsoftware/spy-extension\n\nA signal handler race condition in OpenSSH's server (sshd)\n\nhttps://github.com/zgzhang/cve-2024-6387-poc\n\nGitHub - blackhillsinfosec/skyhook: A round-trip obfuscated HTTP file transfer setup built to bypass IDS detections.\n\nhttps://github.com/blackhillsinfosec/skyhook\n\nRed-Team-Management/Red Team Courses\n\nhttps://github.com/CyberSecurityUP/Red-Team-Management/blob/main/Red%20Team%20Courses.md\n\nA CVE-2021-34527 (a.k.a PrintNightmare) Python Scanner\n\nhttps://github.com/byt3bl33d3r/ItWasAllADream\n\nDOME: A subdomain enumeration tool\n\nDownload: github.com/v4d1/Dome\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-07-03T09:29:11.000000Z"}, {"uuid": "52429a27-55f0-4752-b602-c775128cf72e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34527", "type": "published-proof-of-concept", "source": "https://t.me/hacker_trick/297", "content": "#Python implementation for #PrintNightmare #CVE-2021-1675 / #CVE-2021-34527\n\nhttps://github.com/ly4k/PrintNightmare", "creation_timestamp": "2021-10-17T15:37:17.000000Z"}, {"uuid": "53efcbe0-9fe3-4d2c-8170-4647fc6167f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34523", "type": "published-proof-of-concept", "source": "https://t.me/true_secator/6178", "content": "\u041b\u0430\u0431\u043e\u0440\u0430\u0442\u043e\u0440\u0438\u044f \u041a\u0430\u0441\u043f\u0435\u0440\u0441\u043a\u043e\u0433\u043e \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u0442 \u0431\u043e\u043c\u0431\u0438\u0442\u044c \u043d\u043e\u0432\u044b\u043c\u0438 \u043e\u0442\u0447\u0435\u0442\u0430\u043c\u0438.\n\n\u0412 \u043e\u0434\u043d\u043e\u043c \u0438\u0437 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0445 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e \u0430\u043d\u0430\u043b\u0438\u0437\u0438\u0440\u0443\u044e\u0442 \u0446\u0435\u043b\u0435\u0432\u0443\u044e \u0430\u0442\u0430\u043a\u0443 \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u043e\u0439 APT-\u0433\u0440\u0443\u043f\u043f\u044b Tropic Trooper, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u0443\u044e \u043d\u0430 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f \u0432 \u043e\u0431\u043b\u0430\u0441\u0442\u0438 \u043f\u0440\u0430\u0432 \u0447\u0435\u043b\u043e\u0432\u0435\u043a\u0430 \u043d\u0430 \u0411\u043b\u0438\u0436\u043d\u0435\u043c \u0412\u043e\u0441\u0442\u043e\u043a\u0435.\n\n\u0414\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0430\u044f \u0441 2011, Tropic Trooper, \u0442\u0430\u043a\u0436\u0435 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u0430\u044f \u043a\u0430\u043a APT23, Earth Centaur, KeyBoy \u0438 Pirate Panda, \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u0430 \u0441\u0432\u043e\u0438\u043c\u0438 \u0430\u0442\u0430\u043a\u0430\u043c\u0438 \u043d\u0430 \u043f\u0440\u0430\u0432\u0438\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0435, \u043c\u0435\u0434\u0438\u0446\u0438\u043d\u0441\u043a\u0438\u0435, \u0442\u0440\u0430\u043d\u0441\u043f\u043e\u0440\u0442\u043d\u044b\u0435 \u0438 \u0432\u044b\u0441\u043e\u043a\u043e\u0442\u0435\u0445\u043d\u043e\u043b\u043e\u0433\u0438\u0447\u043d\u044b\u0435 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u0432 \u0422\u0430\u0439\u0432\u0430\u043d\u0435, \u0413\u043e\u043d\u043a\u043e\u043d\u0433\u0435 \u0438 \u043d\u0430 \u0424\u0438\u043b\u0438\u043f\u043f\u0438\u043d\u0430\u0445. \n\n\u0418\u043c\u0435\u0435\u0442 \u0442\u0435\u0441\u043d\u044b\u0435 \u0441\u0432\u044f\u0437\u0438 \u0441 \u0434\u0440\u0443\u0433\u043e\u0439 \u0433\u0440\u0443\u043f\u043f\u043e\u0439 \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u043e\u0439, \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u043e\u0439 \u043a\u0430\u043a FamousSparrow.\n\n\u041a\u0430\u043a \u0441\u043e\u043e\u0431\u0449\u0430\u044e\u0442 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438, \u043a\u0430\u043a \u043c\u0438\u043d\u0438\u043c\u0443\u043c \u0441 \u0438\u044e\u043d\u044f 2023 \u0433\u043e\u0434\u0430, Tropic Trooper \u0440\u0435\u0430\u043b\u0438\u0437\u0443\u0435\u0442 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u044e \u043a\u0438\u0431\u0435\u0440\u0448\u043f\u0438\u043e\u043d\u0430\u0436\u0430, \u043e\u0431\u044a\u0435\u043a\u0442\u0430\u043c\u0438 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u043d\u0435\u043d\u0430\u0437\u0432\u0430\u043d\u043d\u044b\u0435 \u0433\u043e\u0441\u0443\u0434\u0430\u0440\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b \u043d\u0430 \u0411\u043b\u0438\u0436\u043d\u0435\u043c \u0412\u043e\u0441\u0442\u043e\u043a\u0435 \u0438 \u0432 \u041c\u0430\u043b\u0430\u0439\u0437\u0438\u0438.\n\n\u041b\u0430\u0431\u043e\u0440\u0430\u0442\u043e\u0440\u0438\u044f \u0437\u0430\u0434\u0435\u0442\u0435\u043a\u0442\u0438\u043b\u0430 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u044c \u0432 \u0438\u044e\u043d\u0435 2024 \u0433\u043e\u0434\u0430, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0432 \u043d\u043e\u0432\u0443\u044e \u0432\u0435\u0440\u0441\u0438\u044e \u0432\u0435\u0431-\u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0438 China Chopper - \u0438\u0437\u043b\u044e\u0431\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u043c\u043d\u043e\u0433\u0438\u043c\u0438 \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u043e\u044f\u0437\u044b\u0447\u043d\u044b\u043c\u0438 APT \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u0430 \u0434\u043b\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0432\u0437\u043b\u043e\u043c\u0430\u043d\u043d\u044b\u043c \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u043c, - \u043d\u0430 \u043e\u0431\u0449\u0435\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u043c \u0432\u0435\u0431-\u0441\u0435\u0440\u0432\u0435\u0440\u0435 \u0441 \u0440\u0430\u0437\u043c\u0435\u0449\u0435\u043d\u043d\u043e\u0439 Umbraco CMS.\n\n\u0426\u0435\u043f\u043e\u0447\u043a\u0430 \u0430\u0442\u0430\u043a \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u0430\u0433\u0430\u043b\u0430 \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u0435 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e \u043f\u043e\u0434 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435\u043c Crowdoor, \u0432\u0430\u0440\u0438\u0430\u043d\u0442\u0430 \u0431\u044d\u043a\u0434\u043e\u0440\u0430\u00a0SparrowDoor, \u0437\u0430\u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e ESET \u0435\u0449\u0435 \u0432 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u0435 2021 \u0433\u043e\u0434\u0430.\n\n\u041f\u043e\u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044e \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u043e\u0432 \u0434\u043b\u044f \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0441\u0435\u0442\u0438, \u0431\u043e\u043a\u043e\u0432\u043e\u0433\u043e \u043f\u0435\u0440\u0435\u043c\u0435\u0449\u0435\u043d\u0438\u044f \u0438 \u043e\u0431\u0445\u043e\u0434\u0430 \u0437\u0430\u0449\u0438\u0442\u044b \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u043c\u0435\u0442\u043e\u0434\u043e\u0432 \u0431\u043e\u043a\u043e\u0432\u043e\u0439 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 DLL (Fscan, Swor, Neo-reGeorg, ByPassGodzilla).\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0432\u0435\u0431-\u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0438 \u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u043f\u0443\u0442\u0435\u043c \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u043e\u0431\u0449\u0435\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0445 \u0432\u0435\u0431-\u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f\u0445, \u0442\u0430\u043a\u0438\u0445 \u043a\u0430\u043a Adobe ColdFusion (CVE-2023-26360) \u0438 Microsoft Exchange Server (CVE-2021-34473, CVE-2021-34523 \u0438 CVE-2021-31207).\n\n\u0412 \u0441\u0432\u043e\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c, Crowdoor, \u0432\u043f\u0435\u0440\u0432\u044b\u0435 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0439 \u0432 \u0438\u044e\u043d\u0435 2023 \u0433\u043e\u0434\u0430, \u0442\u0430\u043a\u0436\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0435\u0442 \u0444\u0443\u043d\u043a\u0446\u0438\u044e \u0437\u0430\u0433\u0440\u0443\u0437\u0447\u0438\u043a\u0430 \u0434\u043b\u044f \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 Cobalt Strike \u0438 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0430\u043d\u0438\u044f \u0443\u0441\u0442\u043e\u0439\u0447\u0438\u0432\u043e\u0441\u0442\u0438 \u043d\u0430 \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u043d\u044b\u0445 \u0445\u043e\u0441\u0442\u0430\u0445.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u0440\u0435\u0430\u043b\u0438\u0437\u0443\u0435\u0442 \u0444\u0443\u043d\u043a\u0446\u0438\u043e\u043d\u0430\u043b \u0431\u044d\u043a\u0434\u043e\u0440\u0430 \u0434\u043b\u044f \u0441\u0431\u043e\u0440\u0430 \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438, \u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u043e\u0431\u0440\u0430\u0442\u043d\u043e\u0439 \u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0438, \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0434\u0440\u0443\u0433\u0438\u0445 \u0444\u0430\u0439\u043b\u043e\u0432 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e \u0438 \u0437\u0430\u0432\u0435\u0440\u0448\u0435\u043d\u0438\u044f \u0441\u0432\u043e\u0435\u0439 \u0440\u0430\u0431\u043e\u0442\u044b.\n\n\u041a\u0430\u0441\u0430\u0435\u043c\u043e \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u041b\u041a \u0437\u0430\u043c\u0435\u0442\u0438\u043b\u0438, \u0447\u0442\u043e \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0443\u0437\u043d\u0430\u043b\u0438 \u043e\u0431 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u0438 \u0431\u044d\u043a\u0434\u043e\u0440\u043e\u0432 \u0438\u043c\u0438 \u043f\u0440\u0435\u0434\u043f\u0440\u0438\u043d\u0438\u043c\u0430\u043b\u0438\u0441\u044c \u043f\u043e\u043f\u044b\u0442\u043a\u0438 \u0437\u0430\u0433\u0440\u0443\u0437\u0438\u0442\u044c \u0431\u043e\u043b\u0435\u0435 \u043d\u043e\u0432\u044b\u0435 \u043e\u0431\u0440\u0430\u0437\u0446\u044b, \u043f\u0440\u0438\u043b\u0430\u0433\u0430\u044f \u0432\u0441\u0435 \u0443\u0441\u0438\u043b\u0438\u044f \u0434\u043b\u044f \u0441\u043e\u0445\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430.\n\n\u041f\u043e\u043c\u0438\u043c\u043e \u0437\u0430\u043c\u0435\u0447\u0435\u043d\u043d\u043e\u0433\u043e \u0446\u0435\u043b\u0435\u0432\u043e\u0433\u043e \u0432\u0442\u043e\u0440\u0436\u0435\u043d\u0438\u044f \u0432 \u043f\u0440\u0430\u0432\u0438\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0439 \u043e\u0431\u044a\u0435\u043a\u0442 \u043d\u0430 \u0411\u043b\u0438\u0436\u043d\u0435\u043c \u0412\u043e\u0441\u0442\u043e\u043a\u0435, \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0443\u0432\u0438\u0434\u0435\u043b\u0438, \u0447\u0442\u043e \u043f\u043e\u0434\u043c\u043d\u043e\u0436\u0435\u0441\u0442\u0432\u043e \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u0432\u0448\u0438\u0445\u0441\u044f \u043e\u0431\u0440\u0430\u0437\u0446\u043e\u0432 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u043e\u0441\u044c \u0434\u043b\u044f \u0430\u0442\u0430\u043a\u0438 \u043d\u0430 \u043f\u0440\u0430\u0432\u0438\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0439 \u043e\u0431\u044a\u0435\u043a\u0442 \u0432 \u041c\u0430\u043b\u0430\u0439\u0437\u0438\u0438.\n\n\u0410\u043d\u0430\u043b\u0438\u0437 \u0446\u0435\u043b\u0435\u0432\u043e\u0433\u043e \u0432\u0442\u043e\u0440\u0436\u0435\u043d\u0438\u044f \u043f\u043e\u043a\u0430\u0437\u0430\u043b, \u0447\u0442\u043e \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0430 \u0441 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u044f\u043c\u0438 \u043f\u043e \u0442\u0435\u043c\u0430\u0442\u0438\u043a\u0435 \u043f\u0440\u0430\u0432 \u0447\u0435\u043b\u043e\u0432\u0435\u043a\u0430 \u043d\u0430 \u0411\u043b\u0438\u0436\u043d\u0435\u043c \u0412\u043e\u0441\u0442\u043e\u043a\u0435 \u0431\u044b\u043b\u0430 \u0435\u0434\u0438\u043d\u0441\u0442\u0432\u0435\u043d\u043d\u043e\u0439 \u0446\u0435\u043b\u044c\u044e, \u0441\u0432\u0438\u0434\u0435\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0443\u044f \u043e\u0431 \u043e\u0441\u043e\u0431\u043e\u0439 \u0441\u0442\u0440\u0430\u0442\u0435\u0433\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0437\u0430\u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043e\u0432\u0430\u043d\u043d\u043e\u0441\u0442\u0438 \u0430\u043a\u0442\u043e\u0440\u0430 \u0432 \u043e\u0442\u043d\u043e\u0448\u0435\u043d\u0438\u0438 \u043a\u043e\u043d\u0444\u043b\u0438\u043a\u0442\u0430 \u043c\u0435\u0436\u0434\u0443 \u0418\u0437\u0440\u0430\u0438\u043b\u0435\u043c \u0438 \u0425\u0410\u041c\u0410\u0421.\n\n\u0418\u043d\u0434\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438 \u0438 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u044b\u0439 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0440\u0430\u0437\u0431\u043e\u0440 - \u0432 \u043e\u0442\u0447\u0435\u0442\u0435.", "creation_timestamp": "2024-09-06T18:10:05.000000Z"}, {"uuid": "b891d104-e26c-4eda-a649-85da3d717f94", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34527", "type": "exploited", "source": "Telegram/jnRWahjJjVo8NewVccxTAO3vtpAuoPi8skWmGsXoQTEsIw", "content": "", "creation_timestamp": "2021-07-07T15:48:46.000000Z"}, {"uuid": "8ef49163-85f1-4646-a414-2d6ae82d6caa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34527", "type": "published-proof-of-concept", "source": "Telegram/Ou-Kzzl3nLkADt9_Yue4jZMgPKq1aQqAvVswhjnvvkETSg", "content": "", "creation_timestamp": "2021-07-16T14:35:20.000000Z"}, {"uuid": "f4eac7ca-fcd5-47a8-9593-7c07aef678d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34527", "type": "exploited", "source": "https://t.me/crackcodes/1079", "content": "\u200b\u200bPrintNightmare (CVE-2021-34527)\n\nThis version of the PrintNightmare exploit is heavily based on the code created by Cube0x0, with the following features:\n\n\u25ab\ufe0f Ability to target multiple hosts.\n\u25ab\ufe0f Built-in SMB server for payload delivery, removing the need for open file shares.\n\u25ab\ufe0f Exploit includes both MS-RPRN & MS-PAR protocols (define in CMD args).\n\u25ab\ufe0f Implements @gentilkiwi's UNC bypass technique.\n\nhttps://github.com/m8sec/CVE-2021-34527\n\nExploiting PrintNightmare (CVE-2021\u201334527)\nhttps://infosecwriteups.com/exploiting-printnightmare-cve-2021-34527-10c6e0f5b83f\n\n#cve", "creation_timestamp": "2022-08-28T11:46:21.000000Z"}, {"uuid": "38f7b966-7bd5-4b77-9086-bafd283fa7f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34523", "type": "exploited", "source": "https://t.me/true_secator/2402", "content": "\u0421\u0435\u0440\u0432\u0435\u0440\u0430 Microsoft Exchange \u0432\u043d\u043e\u0432\u044c \u043f\u043e\u0434 \u0443\u0434\u0430\u0440\u043e\u043c.\n \nRed Canary \u0441\u043e\u043e\u0431\u0449\u0430\u044e\u0442 \u043e\u0431 \u0430\u0442\u0430\u043a\u0430\u0445 BlackByte, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0432\u0437\u043b\u0430\u043c\u044b\u0432\u0430\u044e\u0442 \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u0435 \u0441\u0435\u0442\u0438, \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044f \u0441\u0435\u0440\u0432\u0435\u0440\u044b Microsoft Exchange \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 ProxyShell. \n \n\u0412\u0441\u0435 \u043c\u044b \u043f\u043e\u043c\u043d\u0438\u043c \u043e \u043a\u043e\u043c\u0431\u0438\u043d\u0430\u0446\u0438\u0438 \u0442\u0440\u0435\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 Microsoft Exchange, \u0432\u043a\u043b\u044e\u0447\u0430\u044f CVE-2021-34473, CVE-2021-34523 \u0438 CVE-2021-31207, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0445\u043e\u0442\u044c \u0438 \u0431\u044b\u043b\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u044b \u0432 \u0430\u043f\u0440\u0435\u043b\u0435-\u043c\u0430\u0435 \u044d\u0442\u043e\u0433\u043e \u0433\u043e\u0434\u0430, \u043d\u043e \u043d\u0430 \u043d\u0435\u043f\u0440\u043e\u043f\u0430\u0442\u0447\u0435\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u0434 \u0431\u0435\u0437 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0441\u0442\u0438 \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0435.\n \n\u0414\u0435\u0439\u0441\u0442\u0432\u0443\u044f \u043f\u043e \u043d\u0430\u043a\u0430\u0442\u0430\u043d\u043d\u043e\u0439 \u0442\u0435\u0445\u043d\u043e\u043b\u043e\u0433\u0438\u0438, BlackByte \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e ProxyShell \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u044e\u0442 \u0432\u0435\u0431-\u0448\u0435\u043b\u043b\u044b \u043d\u0430 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 Microsoft Exchange, \u0437\u0430\u0442\u0435\u043c \u0446\u0435\u043f\u043b\u044f\u044e\u0442 Cobalt Strike, \u0430 \u043f\u043e\u0441\u043b\u0435 \u0437\u0430\u0445\u0432\u0430\u0442\u0430 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u043f\u0440\u0438\u0441\u0442\u0443\u043f\u0430\u044e\u0442 \u043a \u0440\u0430\u0431\u043e\u0442\u0435 \u0441\u043e \u0441\u0432\u043e\u0438\u043c \u0441\u043e\u0444\u0442\u043e\u043c, \u0447\u0442\u043e \u043e\u0442\u043b\u0438\u0447\u0430\u0435\u0442 BlackByte \u043e\u0442 \u043a\u043e\u043b\u043b\u0435\u0433, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0432 \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u043c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0441\u0442\u043e\u0440\u043e\u043d\u043d\u0438\u0435 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u044b \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u043d\u044b\u0445 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0438\u043b\u0438 \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044f ransomware.\n \n\u0418\u0441\u043f\u043e\u043b\u043d\u044f\u0435\u043c\u044b\u0439 \u0444\u0430\u0439\u043b BlackByte \u0438\u0433\u0440\u0430\u0435\u0442 \u043a\u043b\u044e\u0447\u0435\u0432\u0443\u044e \u0440\u043e\u043b\u044c, \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0432\u0430\u044f \u043a\u0430\u043a \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439, \u0442\u0430\u043a \u0438 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0431\u043e\u043a\u043e\u0432\u043e\u0433\u043e \u043f\u0435\u0440\u0435\u043c\u0435\u0449\u0435\u043d\u0438\u044f \u0432 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0439 \u0441\u0440\u0435\u0434\u0435. \u041f\u041e \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0435\u0442 \u0442\u0440\u0438 \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u044f \u0440\u0435\u0435\u0441\u0442\u0440\u0430: \u043e\u0434\u043d\u043e \u0434\u043b\u044f \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u0445 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439, \u043e\u0434\u043d\u043e \u0434\u043b\u044f \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u044f \u0441\u043e\u0432\u043c\u0435\u0441\u0442\u043d\u043e\u0433\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u044f \u043c\u0435\u0436\u0434\u0443 \u0432\u0441\u0435\u043c\u0438 \u0443\u0440\u043e\u0432\u043d\u044f\u043c\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0438 \u043e\u0434\u043d\u043e \u0434\u043b\u044f \u0440\u0430\u0437\u0440\u0435\u0448\u0435\u043d\u0438\u044f \u0434\u043b\u0438\u043d\u043d\u044b\u0445 \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0439 \u043f\u0443\u0442\u0438 \u0434\u043b\u044f \u043f\u0443\u0442\u0435\u0439 \u043a \u0444\u0430\u0439\u043b\u0430\u043c.\n \n\u041f\u0435\u0440\u0435\u0434 \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u0435\u043c malware \u0443\u0434\u0430\u043b\u044f\u0435\u0442 \u0437\u0430\u0434\u0430\u0447\u0443 Raccine Rules Updater \u0438 \u0441\u0442\u0438\u0440\u0430\u0435\u0442 \u0442\u0435\u043d\u0435\u0432\u044b\u0435 \u043a\u043e\u043f\u0438\u0438 \u043d\u0430\u043f\u0440\u044f\u043c\u0443\u044e \u0447\u0435\u0440\u0435\u0437 WMI \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043e\u0431\u0444\u0443\u0441\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0439 \u043a\u043e\u043c\u0430\u043d\u0434\u044b PowerShell. \u0412 \u0442\u043e \u0432\u0440\u0435\u043c\u044f \u043a\u0430\u043a, \u0443\u043a\u0440\u0430\u0434\u0435\u043d\u043d\u044b\u0435 \u0444\u0430\u0439\u043b\u044b \u0438\u0437\u0432\u043b\u0435\u043a\u0430\u044e\u0442\u0441\u044f \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e WinRAR \u0434\u043b\u044f \u0430\u0440\u0445\u0438\u0432\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0444\u0430\u0439\u043b\u043e\u0432 \u0438 \u0430\u043d\u043e\u043d\u0438\u043c\u043d\u044b\u0445 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c \u043e\u0431\u043c\u0435\u043d\u0430 \u0444\u0430\u0439\u043b\u0430\u043c\u0438, \u0442\u0430\u043a\u0438\u0445 \u043a\u0430\u043a file.io \u0438\u043b\u0438 anonymfiles.com.\n \n\u0420\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u044b \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0439 Red Canary \u0432\u0440\u044f\u0434 \u043b\u0438 \u043f\u043e\u0440\u0430\u0434\u0443\u044e\u0442, \u0432\u0435\u0434\u044c \u0441\u0442\u0430\u043b\u043e \u043f\u043e\u043d\u044f\u0442\u043d\u043e, \u0447\u0442\u043e \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u043d\u044b\u0439 Trustwave \u0432 \u043e\u043a\u0442\u044f\u0431\u0440\u0435 2021 \u0433\u043e\u0434\u0430 \u0434\u0435\u043a\u0440\u0438\u043f\u0442\u043e\u0440 \u0443\u0436\u0435 \u0431\u0435\u0441\u043f\u043e\u043b\u0435\u0437\u0435\u043d \u043f\u0435\u0440\u0435\u0434  \u043c\u043d\u043e\u0436\u0435\u0441\u0442\u0432\u043e\u043c \u043f\u043e\u044f\u0432\u0438\u0432\u0448\u0438\u0445\u0441\u044f \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435 \u0431\u043e\u043b\u0435\u0435 \u0441\u0432\u0435\u0436\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 BlackByte.\n\n\u041a\u043e\u043d\u0435\u0447\u043d\u043e, \u0430\u0442\u0430\u043a\u0430\u043c\u0438 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f\u043c ProxyShell \u043a \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u043c\u0443 \u0432\u0440\u0435\u043c\u0435\u043d\u0438, \u043a\u0430\u0437\u0430\u043b\u043e\u0441\u044c \u0431\u044b, \u0443\u0436\u0435 \u043d\u0438\u043a\u043e\u0433\u043e \u043d\u0435 \u0443\u0434\u0438\u0432\u0438\u0448\u044c, \u043d\u043e \u0432\u0441\u0435 \u0436\u0435 \u0441\u0445\u0435\u043c\u0430 \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 \u0441 \u0442\u043e\u0447\u043a\u0438 \u0437\u0440\u0435\u043d\u0438\u044f \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0435\u0439, \u0430 \u0437\u043d\u0430\u0447\u0438\u0442 \u0432\u0440\u0435\u043c\u044f \u0434\u043b\u044f \u043f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043d\u0430\u0441\u0442\u0443\u043f\u0438\u043b\u043e \u0435\u0449\u0435 \u043f\u043e\u0437\u0430\u0432\u0447\u0435\u0440\u0430, \u043f\u0440\u0435\u0436\u0434\u0435 \u0432\u0441\u0435\u0433\u043e, \u0434\u043b\u044f \u0442\u0435\u0445, \u043a\u0442\u043e \u0435\u0449\u0435 \u043d\u0435 \u0437\u043d\u0430\u043a\u043e\u043c \u0441 ransomware.", "creation_timestamp": "2021-12-02T18:01:00.000000Z"}, {"uuid": "3b2b04e8-e4f9-4c8e-b73c-657a54a19b88", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34523", "type": "exploited", "source": "https://t.me/NeKaspersky/1158", "content": "\u041d\u043e\u0432\u044b\u0439 \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043b\u044c\u0449\u0438\u043a \u0430\u0442\u0430\u043a\u0443\u0435\u0442 \u0441\u0435\u0440\u0432\u0435\u0440\u044b Microsoft Exchange\n\nLockFile - \u043a\u0438\u0431\u0435\u0440\u043f\u0440\u0435\u0441\u0442\u0443\u043f\u043d\u0430\u044f \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0430 \u0438 \u043e\u043f\u0435\u0440\u0430\u0442\u043e\u0440 \u043e\u0434\u043d\u043e\u0438\u043c\u0451\u043d\u043d\u043e\u0433\u043e \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043b\u044c\u0449\u0438\u043a\u0430, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0448\u0438\u0444\u0440\u0443\u0435\u0442 \u0434\u043e\u043c\u0435\u043d\u044b Windows \u043f\u043e\u0441\u043b\u0435 \u0432\u0437\u043b\u043e\u043c\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 Microsoft Exchange. \u0412\u0441\u0435\u0433\u043e \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442\u0430 \u0434\u043b\u044f ProxyShell \u0431\u044b\u043b\u043e \u0432\u0437\u043b\u043e\u043c\u0430\u043d\u043e \u0438 \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u043e \u0431\u044d\u043a\u0434\u043e\u0440\u0430\u043c\u0438 \u0431\u043e\u043b\u0435\u0435 2000 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432. \n\n\u041e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u0445, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043a\u043e\u0434 \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u0445 Microsoft, \u0440\u0430\u0441\u0441\u043a\u0430\u0437\u0430\u043b\u0438 \u0435\u0449\u0451 \u0432 \u043d\u0430\u0447\u0430\u043b\u0435 \u0430\u0432\u0433\u0443\u0441\u0442\u0430. \u041e\u0431\u0449\u0435\u0435 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u0434\u043b\u044f \u043d\u0438\u0445 ProxyShell: \n\nCVE-2021-34473: Path Confusion \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438, \u0432\u0435\u0434\u0443\u0449\u0438\u0439 \u043a \u043e\u0431\u0445\u043e\u0434\u0443 ACL (\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e \u0432 \u0430\u043f\u0440\u0435\u043b\u0435 \u0432\u00a0KB5001779);\n\nCVE-2021-34523: \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0432 \u0431\u044d\u043a\u044d\u043d\u0434\u0435 Exchange PowerShell (\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e \u0432 \u0430\u043f\u0440\u0435\u043b\u0435 \u0432\u00a0KB5001779);\n\nCVE-2021-31207: \u0437\u0430\u043f\u0438\u0441\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432 \u043f\u043e\u0441\u043b\u0435 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438, \u0447\u0442\u043e \u0432\u0435\u0434\u0435\u0442 \u043a \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043a\u043e\u0434\u0430 (\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e \u0432 \u043c\u0430\u0435 \u0432\u00a0KB5003435).\n\nPoC \u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442\u0430 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0438 6 \u0430\u0432\u0433\u0443\u0441\u0442\u0430, \u043d\u043e 8 \u0430\u0432\u0433\u0443\u0441\u0442\u0430 \u0431\u043e\u043b\u0435\u0435 30 000 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 \u043e\u0441\u0442\u0430\u0432\u0430\u043b\u0438\u0441\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u043c\u0438 \u0434\u043b\u044f \u0430\u0442\u0430\u043a. \u0423\u043f\u0440\u043e\u0441\u0442\u0438\u043b\u043e \u0437\u0430\u0434\u0430\u0447\u0443 \u0445\u0430\u043a\u0435\u0440\u0430\u043c \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u044f \u043d\u0430 \u043e\u0434\u043d\u043e\u043c \u0438\u0437 \u0444\u043e\u0440\u0443\u043c\u043e\u0432 \u0441\u043f\u0438\u0441\u043a\u0430 100 000 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0445 \u0447\u0435\u0440\u0435\u0437 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 Exchange. \n\nMicrosoft \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043d\u043e \u043f\u043e\u0447\u0435\u043c\u0443-\u0442\u043e \u043d\u0435 \u0432\u0441\u0435 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u044b \u0442\u043e\u0440\u043e\u043f\u044f\u0442\u0441\u044f \u0441 \u0441\u0432\u043e\u0435\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e\u0439 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u043e\u0439 \u043f\u0430\u0442\u0447\u0435\u0439.", "creation_timestamp": "2021-08-23T23:01:21.000000Z"}, {"uuid": "a0755326-c2f5-474b-9b72-9b7e6f311468", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "https://t.me/true_secator/1917", "content": "\u200b\u200b\u041e\u0442\u043b\u0438\u0447\u0438\u043b\u0441\u044f \u043d\u0435 \u0442\u043e\u043b\u044c\u043a\u043e SAP, \u043e\u0442\u043c\u0435\u0442\u0438\u043b\u0441\u044f \u0438 Microsoft \u0441\u0432\u043e\u0438\u043c \u044d\u043f\u0438\u0447\u0435\u0441\u043a\u0438\u043c \u043f\u0430\u0442\u0447\u0435\u043c, \u0432\u043a\u043b\u044e\u0447\u0430\u044e\u0449\u0438\u043c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0432 \u043e\u0431\u0449\u0435\u0439 \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u0438 117 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0432\u043a\u043b\u044e\u0447\u0430\u044f 9 \u043e\u0448\u0438\u0431\u043e\u043a \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0442\u0441\u044f \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435.\n\n\u0412 \u043e\u0431\u0449\u0435\u043c \u0440\u0430\u0441\u043a\u043b\u0430\u0434 \u0442\u0430\u043a\u043e\u0439: 13 \u0438\u043c\u0435\u044e\u0442 \u0440\u0435\u0439\u0442\u0438\u043d\u0433 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445, 103 - \u0432\u0430\u0436\u043d\u044b\u0445, \u0430 1 - \u0441\u0440\u0435\u0434\u043d\u0435\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438.\n\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u043e\u0445\u0432\u0430\u0442\u044b\u0432\u0430\u044e\u0442 Windows, Bing, Dynamics, Exchange Server, Office, Scripting Engine, Windows DNS \u0438 Visual Studio Code.\n\n\u041f\u043e\u0434 \u0437\u0430\u043a\u0430\u0442\u043e\u0447\u043d\u044b\u0439 \u043a\u043e\u043d\u0432\u0435\u0439\u0435\u0440 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u043e\u0432 \u043a\u043e\u043d\u0435\u0447\u043d\u043e \u0436\u0435 \u043f\u043e\u043f\u0430\u043b \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u043d\u044b\u0439 \u0434\u0438\u0441\u043f\u0435\u0442\u0447\u0435\u0440 \u043e\u0447\u0435\u0440\u0435\u0434\u0438 \u043f\u0435\u0447\u0430\u0442\u0438 (CVE-2021-34527), \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u044f\u0434\u0440\u0430 Windows, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0435 \u0441 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435\u043c\u00a0\u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 (CVE-2021-31979\u00a0\u0438 33771), \u043a\u043e\u0441\u044f\u043a\u0438 \u043c\u043e\u0434\u0443\u043b\u044f \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u0435\u0432, \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0438\u0435 \u043a \u043f\u043e\u0432\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u044e\u00a0\u043f\u0430\u043c\u044f\u0442\u0438 (CVE-2021-34448).\n\n\u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f \u0442\u0430\u043a\u0436\u0435 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0442: Microsoft Exchange Server (CVE-2021-34473\u00a0- \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430 \u0438 CVE-2021-34523\u00a0- \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439), Active Directory (CVE-2021-33781\u00a0- \u043e\u0431\u0445\u043e\u0434 \u0444\u0443\u043d\u043a\u0446\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438), Windows ADFS (CVE-2021-33779\u00a0- \u0430\u043d\u0430\u043b\u043e\u0433\u0438\u0447\u043d\u043e), Windows (CVE-2021-34492\u00a0- \u043f\u043e\u0434\u0434\u0435\u043b\u043a\u0430 \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0432 \u0438 CVE-2021-34458 - \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430), Windows DNS Server (CVE-2021-34494 - \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430).\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, Microsoft \u0442\u0430\u043a\u0436\u0435 \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0431\u0445\u043e\u0434\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0432 \u0431\u0438\u043e\u043c\u0435\u0442\u0440\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 Windows hello (CVE-2021-34466), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b\u0430\u00a0\u043f\u043e\u0434\u0434\u0435\u043b\u0430\u0442\u044c \u043b\u0438\u0446\u043e \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0443.\n\nMSFT \u0432 \u0446\u0435\u043b\u043e\u043c \u0443\u0436\u0435 \u0431\u043b\u0438\u0437\u043a\u0438 \u0432 \u0442\u043e\u043c\u0443 \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u044e, \u043a\u043e\u0433\u0434\u0430 \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e \u0442\u0440\u0430\u043d\u0441\u0444\u043e\u0440\u043c\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u043e: \u0432 \u043c\u0430\u0435 \u0438 \u0438\u044e\u043d\u0435 \u043e\u043d\u0438 \u0437\u0430\u043a\u0440\u044b\u043b\u0438 55 \u0438 50 \u0434\u044b\u0440 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0435\u043d\u043d\u043e. \u041d\u043e, \u0447\u0442\u043e-\u0442\u043e \u0437\u043d\u0430\u044f \u043c\u0435\u043b\u043a\u043e\u043c\u044f\u0433\u043a\u0438\u0445, \u0434\u0443\u043c\u0430\u0435\u0442, \u0447\u0442\u043e \u0438\u043c \u0435\u0449\u0451 \u0434\u043e\u043b\u0433\u043e \u0432\u0435\u0441\u0442\u0438 \u0431\u043e\u0439 \u0432 \u0442\u0435\u043d\u044c\u044e.", "creation_timestamp": "2021-07-14T16:59:39.000000Z"}, {"uuid": "130f0346-0909-4ff6-b4d2-8633bd23c4e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34523", "type": "exploited", "source": "https://t.me/NeKaspersky/2147", "content": "Hive \u043d\u0430\u0446\u0435\u043b\u0438\u043b\u0438\u0441\u044c \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u044b Microsoft Exchange\n\n\u041f\u043e \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u044f\u043c \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0438\u0437 Varonis, \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0440\u0430\u043d\u0441\u043e\u043c\u0432\u0430\u0440\u0449\u0438\u043a\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 ProxyShell \u2014 \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u0441\u0442\u0430\u0440\u044b\u0439 \u043d\u0430\u0431\u043e\u0440 \u0438\u0437 \u0442\u0440\u0435\u0445 \u0431\u0430\u0433\u043e\u0432 (CVE-2021-34473, CVE-2021-34523 \u0438 CVE-2021-31297), \u0434\u0430\u044e\u0449\u0438\u0439 RCE \u0431\u0435\u0437 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e\u0441\u0442\u0438 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438. \n\n\u0412 \u0438\u0441\u0441\u043b\u0435\u0434\u0443\u0435\u043c\u043e\u043c \u043a\u0435\u0439\u0441\u0435 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u043c \u0448\u0430\u0433\u043e\u043c \u0441\u0442\u0430\u043b\u043e \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u0435 \u0447\u0435\u0442\u044b\u0440\u0435\u0445 \u043e\u043f\u0435\u043d\u0441\u043e\u0440\u0441\u043d\u044b\u0445 \u0432\u0435\u0431-\u0448\u0435\u043b\u043b\u043e\u0432 \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 .ps-\u0441\u043a\u0440\u0438\u043f\u0442\u0430 \u0434\u043b\u044f \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 Cobalt Strike. \u0417\u0430\u043f\u0443\u0441\u0442\u0438\u0432 Mimikatz \u043e\u0442 \u0438\u043c\u0435\u043d\u0438 \u0437\u0430\u0431\u0435\u043a\u0434\u043e\u0440\u0435\u043d\u043d\u043e\u0439 \u0442\u0430\u043a\u0438\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c \u0443\u0447\u0435\u0442\u043a\u0438, \u0438\u043c \u0443\u0434\u0430\u043b\u043e\u0441\u044c \u0434\u043e\u0431\u044b\u0442\u044c \u043a\u0440\u0435\u0434\u0435\u043d\u0448\u043b\u044b \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u0434\u043e\u043c\u0435\u043d\u0430 \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u0431\u043e\u043a\u043e\u0432\u043e\u0435 \u043f\u0435\u0440\u0435\u043c\u0435\u0449\u0435\u043d\u0438\u0435.  \u0414\u043b\u044f \u044d\u0442\u043e\u0433\u043e, \u0447\u0442\u043e \u0437\u0430\u043d\u044f\u0442\u043d\u043e, \u0440\u0435\u0448\u0438\u043b\u0438 \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u043b\u0435\u0433\u0438\u0442\u0438\u043c\u043d\u043e\u0439 \u0442\u0443\u043b\u0437\u043e\u0439 \u00abSoftPerfect Network Scanner\u00bb: \u0441 \u0435\u0433\u043e \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0438\u0441\u043a\u0430\u043b\u0438 \u0436\u0438\u0432\u044b\u0435 \u0445\u043e\u0441\u0442\u044b \u0432 \u0441\u0435\u0442\u0438, \u043d\u0430 \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0432 \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u0438 \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u044f\u043b\u0438 \u0441\u0432\u043e\u044e \u043c\u0430\u043b\u0432\u0430\u0440\u044c.\n\n\u0417\u0430\u0442\u0435\u043c \u043d\u0430 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u043c\u0430\u0448\u0438\u043d\u0430\u0445 \u0438\u0441\u043a\u0430\u043b\u0438 \u0432\u0430\u0436\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435, \u0447\u0442\u043e\u0431\u044b \u043f\u0440\u0438\u0433\u0440\u043e\u0437\u0438\u0442\u044c \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u0438\u0445 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0435\u0439, \u0442\u0435\u043c \u0441\u0430\u043c\u044b\u043c \u0443\u0432\u0435\u043b\u0438\u0447\u0438\u0432 \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e\u0441\u0442\u044c \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u0432\u044b\u043a\u0443\u043f\u0430.  \u041a\u043e\u0433\u0434\u0430 \u0441 \u044d\u0442\u0438\u043c \u0431\u044b\u043b\u043e \u043f\u043e\u043a\u043e\u043d\u0447\u0435\u043d\u043e, \u0440\u0430\u043d\u0441\u043e\u043c\u0432\u0430\u0440\u0449\u0438\u043a\u0438 (\u0435\u0441\u0442\u0435\u0441\u0442\u0432\u0435\u043d\u043d\u043e, \u043f\u043e\u0441\u043b\u0435 \u0443\u0434\u0430\u043b\u0435\u043d\u0438\u044f \u0431\u044d\u043a\u0430\u043f\u043e\u0432, \u043e\u0442\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u044f \u0417\u0430\u0449\u0438\u0442\u043d\u0438\u043a\u0430 Windows \u0438 \u0437\u0430\u043c\u0435\u0442\u0430\u043d\u0438\u044f \u0441\u043b\u0435\u0434\u043e\u0432) \u0441\u0432\u0430\u043b\u0438\u043b\u0438 \u0432 \u0437\u0430\u043a\u0430\u0442, \u043e\u0441\u0442\u0430\u0432\u0438\u0432 \u043f\u043e\u0441\u043b\u0435 \u0441\u0435\u0431\u044f \u043b\u0438\u0448\u044c \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043b\u044c\u0449\u0438\u043a, \u0431\u0438\u043d\u0430\u0440\u043d\u0438\u043a \u043a\u043e\u0442\u043e\u0440\u043e\u0433\u043e \u043d\u0430\u0437\u0432\u0430\u043b\u0438 Windows.exe.\n@NeKaspersky", "creation_timestamp": "2022-04-21T16:39:23.000000Z"}, {"uuid": "0dd54206-d052-4538-987e-14e7d1c92f00", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34527", "type": "seen", "source": "https://t.me/NeKaspersky/1034", "content": "Microsoft \u0432\u043d\u0435\u043f\u043b\u0430\u043d\u043e\u0432\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u044f\u0435\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c PrintNightmare\n\n\u042d\u043a\u0441\u0442\u0440\u0435\u043d\u043d\u043e\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c(CVE-2021-34527) \u0432 \u0441\u0435\u0440\u0432\u0438\u0441\u0435 \u043f\u0435\u0447\u0430\u0442\u0438 Windows Print Spooler. \u041e\u043d\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e \u0437\u0430\u0445\u0432\u0430\u0442\u0438\u0442\u044c \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u043d\u0430\u0434 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u043c\u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u043c\u0438. \u041f\u0430\u0442\u0447\u0438 \u0443\u0436\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b. \n\nhttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34527", "creation_timestamp": "2021-07-07T20:09:48.000000Z"}, {"uuid": "f90902d9-5597-4d60-9d4b-23eb62e96a2e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34523", "type": "seen", "source": "https://t.me/SpadSec/25", "content": "\u203c\ufe0f \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0633\u06cc\u06a9\u06cc\u0645 \u062e\u06cc\u0627\u0631\u06cc \u067e\u0648\u0631\u062a 443 \u0633\u0631\u0648\u0631\u0647\u0627\u06cc Exchange \u0632\u06cc\u0631 \u062d\u0645\u0644\u0627\u062a ProxyShell  !!!\n\n\u25aa\ufe0f  \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0647\u0627\u06cc \u0628\u062d\u0631\u0627\u0646\u06cc \u0628\u0627 \u0634\u0646\u0627\u0633\u0647\u200c\u0647\u0627\u06cc CVE-2021-34473, CVE-2021-34523, CVE-2021-31207 \u062f\u0631 Exchange \u0628\u0647 \u0627\u062c\u0631\u0627\u06cc \u06a9\u0627\u0645\u0644 ProxyShell Attack \u0645\u06cc\u200c\u0627\u0646\u062c\u0627\u0645\u062f \u0648 \u0647\u06a9\u0631 \u0644\u0627\u0634\u06cc \u062a\u06a9 \u062e\u0648\u0631 \u0645\u06cc\u062a\u0648\u0627\u0646\u062f \u06a9\u062f \u0647\u0627\u06cc \u0645\u0648\u0631\u062f \u0646\u0638\u0631 \u062e\u0648\u062f \u0631\u0627 \u0627\u0632 \u0637\u0631\u06cc\u0642 \u067e\u0648\u0631\u062a 443 \u0628\u0627 \u0628\u0627\u0644\u0627\u062a\u0631\u06cc\u0646 \u0633\u0637\u062d \u062f\u0631 \u0633\u0631\u0648\u0631 \u0627\u062c\u0631\u0627 \u0646\u0645\u0627\u06cc\u062f.\n\n\u203c\ufe0f \u0627\u06af\u0631 \u0639\u0628\u0627\u0631\u0627\u062a \" /mapi/nspi/ \" \u0648 \" /autodiscover/autodiscover.json \" \u062f\u0631 \u0641\u0627\u06cc\u0644\u200c\u0647\u0627\u06cc Log \u0633\u0631\u0648\u06cc\u0633 \u062f\u0647\u0646\u062f\u0647 IIS \u0633\u0631\u0648\u0631\u0634\u0645\u0627 \u0648\u062c\u0648\u062f \u062f\u0627\u0634\u062a\u0647 \u0628\u0627\u0634\u062f \u06cc\u0639\u0646\u06cc \u0647\u06a9\u0631\u0647\u0627 \u0628\u0647 \u0633\u0648\u0644\u0627\u062e\u06cc \u0633\u0631\u0648\u0631 \u0634\u0645\u0627 \u0631\u0627 \u0628\u0631\u0627\u06cc \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc\u0647\u0627 \u0645\u0648\u0631\u062f \u0627\u0633\u06a9\u0646 \u0642\u0631\u0627\u0631 \u062f\u0627\u062f\u0647 \u0648 \u0628\u0627\u06cc\u062f \u0633\u0631\u0648\u0631 \u0628\u0631\u0631\u0633\u06cc \u0627\u0645\u0646\u06cc\u062a\u06cc \u06a9\u0627\u0645\u0644 \u0634\u0648\u062f.\n\n\u203c\ufe0f \u0628\u0627 \u062a\u0648\u062c\u0647 \u0628\u0647 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0647\u0627\u06cc \u0645\u062a\u0639\u062f\u062f \u06a9\u0634\u0641 \u0634\u062f\u0647 \u0631\u0648\u06cc \u067e\u0648\u0631\u062a 443 \u0633\u0631\u0648\u0631\u0647\u0627\u06cc Exchange \u062f\u0631 \u0633\u0627\u0644 2021 \u0627\u06a9\u06cc\u062f\u0627 \u062a\u0648\u0635\u06cc\u0647 \u0645\u06cc\u06af\u0631\u062f\u062f \u0627\u06cc\u0646 \u067e\u0648\u0631\u062a \u062a\u0648\u0633\u0637 \u0645\u062d\u062f\u0648\u062f \u06af\u0631\u062f\u062f.\n\n#\u0628\u06af\u0627\u06cc\u06cc\n#\u0627\u06cc\u06a9\u0633_\u0686\u0646\u062c\n\n\ud83c\uddee\ud83c\uddf7 @SpadSec", "creation_timestamp": "2021-08-23T12:25:04.000000Z"}, {"uuid": "9afa3ec4-a059-40a4-96eb-e511cca7ab9b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34527", "type": "published-proof-of-concept", "source": "https://t.me/alexmakus/4152", "content": "\u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0441\u0441\u044b\u043b\u043e\u043a, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043d\u0430\u043a\u043e\u043f\u0438\u043b\u0438\u0441\u044c \u0437\u0430 \u043d\u0435\u0434\u0435\u043b\u044e, \u043d\u043e \u043d\u0435 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0438 \u0432\u043e\u0432\u0440\u0435\u043c\u044f \u0441\u0432\u043e\u0435\u0433\u043e \u043f\u043e\u0441\u0442\u0430. \n\n1. \u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f PrintNightmare \u0432 Windows Print Spooler \n\nhttps://blog.malwarebytes.com/exploits-and-vulnerabilities/2021/07/printnightmare-0-day-can-be-used-to-take-over-windows-domain-controllers/\n\nhttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34527\n\n\u0438 \u043d\u0430 \u0440\u0443\u0441\u0441\u043a\u043e\u043c \u043e\u0431 \u044d\u0442\u043e\u043c \u0436\u0435 \nhttps://xakep.ru/2021/06/30/printnightmare/", "creation_timestamp": "2021-07-02T15:04:06.000000Z"}, {"uuid": "c733ec03-8dd3-4d56-a2ce-53517884e98b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34527", "type": "exploited", "source": "https://t.me/true_secator/1894", "content": "\u200b\u200bMicrosoft \u0432 \u043a\u043e\u0438-\u0442\u043e \u0432\u0435\u043a\u0438 \u043e\u043f\u0435\u0440\u0430\u0442\u0438\u0432\u043d\u043e \u043e\u0442\u0440\u0435\u0430\u0433\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u043d\u0430 \u043f\u043e\u043f\u0430\u0432\u0448\u0443\u044e \u0432 \u043f\u0430\u0431\u043b\u0438\u043a 0-day \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2021-34527 aka PrintNightmare \u0438 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u0432\u043d\u0435\u043e\u0447\u0435\u0440\u0435\u0434\u043d\u043e\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438.\n\nPrintNightmare \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0438\u0442\u044c RCE \u0441 \u043f\u043e\u0437\u0438\u0446\u0438\u0438 \u043b\u044e\u0431\u043e\u0433\u043e \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u0447\u0435\u0440\u0435\u0437 \u043e\u0448\u0438\u0431\u043a\u0443 \u0432 \u0441\u043b\u0443\u0436\u0431\u0435 spoolsv.exe. \u0422\u0430\u043a \u0447\u0442\u043e \u0432\u0441\u0435\u043c \u0441\u0440\u043e\u0447\u043d\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u044f\u0442\u044c\u0441\u044f!", "creation_timestamp": "2021-07-07T10:07:30.000000Z"}, {"uuid": "31b413b1-eef6-47e0-8dd7-b629d78b3f7b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34527", "type": "exploited", "source": "https://t.me/true_secator/1880", "content": "\u200b\u200b\u0418\u0442\u0430\u043a, \u043b\u043e\u0433\u0438\u0447\u043d\u043e\u0435 \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0435\u043d\u0438\u0435 \u0438\u0441\u0442\u043e\u0440\u0438\u0438 \u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e PrintNightmare \u0432 \u0434\u0438\u0441\u043f\u0435\u0442\u0447\u0435\u0440\u0435 \u043e\u0447\u0435\u0440\u0435\u0434\u0438 \u043f\u0435\u0447\u0430\u0442\u0438 Windows spoolsv.exe.\n\nMicrosoft \u0442\u0430\u043a\u0438 \u0432\u044b\u0434\u0430\u043b\u0438 \u043e\u0448\u0438\u0431\u043a\u0435 \u043d\u043e\u0432\u044b\u0439 CVE-2021-34527, \u0444\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0432 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u043e \u0442\u043e\u043c, \u0447\u0442\u043e \u044d\u0442\u043e \u0441\u043e\u0432\u0435\u0440\u0448\u0435\u043d\u043d\u043e \u0441\u0432\u0435\u0436\u0430\u044f \u0434\u044b\u0440\u043a\u0430, \u043e\u0442\u043b\u0438\u0447\u043d\u0430\u044f \u043e\u0442 CVE-2021-1675, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0442\u0430\u043a\u0438 \u0431\u044b\u043b\u0430 \u0437\u0430\u043a\u0440\u044b\u0442\u0430 \u0438\u044e\u043d\u044c\u0441\u043a\u0438\u043c \u043f\u0430\u0442\u0447\u0435\u043c \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438. \u041f\u0430\u0440\u0430\u043b\u043b\u0435\u043b\u044c\u043d\u043e Microsoft \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0438, \u0447\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0430\u043a\u0442\u0443\u0430\u043b\u044c\u043d\u0430 \u0434\u043b\u044f \u0432\u0441\u0435\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 Windows, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0442\u043e, \u0447\u0442\u043e PrintNightmare \u0443\u0436\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u0445\u0430\u043a\u0435\u0440\u0430\u043c\u0438 \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435 (\u0435\u0449\u0435 \u0431\u044b, PoC-\u0442\u043e \u0443\u0436\u0435 \u0434\u0430\u0432\u043d\u043e \u0432 \u043f\u0430\u0431\u043b\u0438\u043a\u0435).\n\n\u041e\u0444\u0438\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 Microsoft \u043f\u043e \u0441\u043d\u0438\u0436\u0435\u043d\u0438\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0435\u0441\u0442\u044c \u043f\u043e \u043f\u0440\u0438\u0432\u0435\u0434\u0435\u043d\u043d\u043e\u0439 \u0441\u0441\u044b\u043b\u043a\u0435.", "creation_timestamp": "2021-07-02T10:23:45.000000Z"}]}