{"vulnerability": "CVE-2023-2489", "sightings": [{"uuid": "08f10216-b129-4c1f-bc2f-b18f834a67f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-24896", "type": "seen", "source": "https://t.me/cibsecurity/66758", "content": "\u203c CVE-2023-24896 \u203c\n\nDynamics 365 Finance Spoofing Vulnerability\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-14T22:22:48.000000Z"}, {"uuid": "41de1c43-6442-447a-8990-21719630704b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-24899", "type": "seen", "source": "https://t.me/cibsecurity/63670", "content": "\u203c CVE-2023-24899 \u203c\n\nWindows Graphics Component Elevation of Privilege Vulnerability\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-09T22:39:10.000000Z"}, {"uuid": "3ac77a1b-3350-477a-b776-e5563d02cda2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-24898", "type": "seen", "source": "https://t.me/cibsecurity/63655", "content": "\u203c CVE-2023-24898 \u203c\n\nWindows SMB Denial of Service Vulnerability\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-09T22:38:46.000000Z"}, {"uuid": "a690cb09-ed5f-409f-8bdd-7733229f14de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-24893", "type": "seen", "source": "https://t.me/cibsecurity/61921", "content": "\u203c CVE-2023-24893 \u203c\n\nVisual Studio Code Remote Code Execution Vulnerability\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-12T00:23:33.000000Z"}, {"uuid": "6a853f95-47fd-44e6-bc5b-19c5ec943341", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-24892", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8696", "content": "#exploit\nWindows 11 Exploits\n(CVE-2023-24892, CVE-2023-33131, CVE-2022-30129, CVE-2023-33137, CVE-2023-33145, CVE-2023-33148, ...)\nhttps://github.com/nu11secur1ty/Windows11Exploits", "creation_timestamp": "2023-07-19T11:01:01.000000Z"}, {"uuid": "6719cb88-d44c-409e-937f-567232f76911", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-24893", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9543", "content": "#exploit\n1. CVE-2023-1326:\nPrivilege escalation in apport-cli 2.26.0\nhttps://github.com/diego-tella/CVE-2023-1326-PoC\n\n2. CVE-2023-45866:\nUnauthenticated Bluetooth keystroke-injection in Android, Linux, macOS and iOS\nhttps://ift.tt/BHxK2mO\n]-> https://github.com/pentestfunctions/BlueDucky\n\n3. CVE-2023-24893:\nVSCode RCE\nhttps://blog.solidsnail.com/posts/vscode-shell-integ-rce", "creation_timestamp": "2025-01-05T12:40:52.000000Z"}, {"uuid": "3ced09d6-8d3d-4198-87c2-6ac233497b65", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-2489", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/734", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-2489\n\ud83d\udd39 Description: The Stop Spammers Security | Block Spam Users, Comments, Forms WordPress plugin before 2023 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)\n\ud83d\udccf Published: 2023-06-05T13:38:59.037Z\n\ud83d\udccf Modified: 2025-01-08T17:03:38.216Z\n\ud83d\udd17 References:\n1. https://wpscan.com/vulnerability/dcbe3334-357a-4744-b50c-309d10cca30d", "creation_timestamp": "2025-01-08T17:13:08.000000Z"}, {"uuid": "297a3c4e-cc0a-4505-a828-7b8082503666", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-24892", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3124", "content": "AnoMark\n\nThis algorithm is a Machine Learning one, using Natural Language Processing (NLP) techniques based on Markov Chains and n-grams. It offers a way to train a theoretical model on command lines  datasets considered clean. Once done it can detect malicious command lines on other datasets.\n\nhttps://github.com/ANSSI-FR/AnoMark\n\n#cybersecurity #infosec\n\n\u200b\u200bCVE-2023-32117\n\nIntegrate Google Drive <= 1.1.99 - Missing Authorization via REST API Endpoints.\n\nhttps://github.com/RandomRobbieBF/CVE-2023-32117\n\n#cve #cybersecurity #infosec\n\n\u200b\u200bGeoPincer\n\nA script that leverages OpenStreetMap's Overpass API in order to search for locations. These locations will be queried using a collection of establishments that are somewhat adjacent.\n\nhttps://github.com/tloja/GeoPincer\n\n#OSINT #cybersecurity #infosec\n\n\u200b\u200bAwesome Industrial Protocols\n\nCompilation of industrial network protocols resources focusing on offensive security.\n\n\u2022 You are currently viewing the Awesome Industrial Protocols page.\n\u2022 etailed pages for protocols are available in protocols.\n\u2022 All data is stored in MongoDB databases in db.\n\u2022 Turn/IP (in srcs) is a handy tool to manipulate this data, generate the awesome list and protocol pages, and simplify the research and test process on industrial protocols\n\nhttps://github.com/Orange-Cyberdefense/awesome-industrial-protocols\n\n#cybersecurity #infosec\n\n\u200b\u200bCVE-2023-36884-Checker\n\nScript to check for CVE-2023-36884 hardening.\n\nhttps://github.com/tarraschk/CVE-2023-36884-Checker\n\n#cve #cybersecurity #infosec\n\n\u200b\u200bAlcatraz\n\nA x64 binary obfuscator that is able to obfuscate various different pe files including:\n\n\u2022 .exe\n\u2022 .dll\n\u2022 .sys\n\nhttps://github.com/weak1337/Alcatraz\n\n#infosec #pentesting #redteam\n\n\u200b\u200bCobalt Strike BOFs\n\nBeacon object files I made to use with #CobaltStrike.\n\nhttps://github.com/Und3rf10w/CobaltStrikeBOFs\n\n#infosec #pentesting #redteam\n\n\u200b\u200bWindows 11 Exploits\n\nCVE-2023-24892, CVE-2023-33131, CVE-2022-30129, CVE-2023-33137, CVE-2023-33145, CVE-2023-33148, CVE-2022-30190.\n\nhttps://github.com/nu11secur1ty/Windows11Exploits\n\n#cve #cybersecurity #infosec\n\n\u200b\u200bADHunt v2.0\n\nA tool for enumerating Active Directory Enviroments looking for interesting AD objects, vulnerabilities, and misconfigurations. It currently uses a combination ldap queries and available tooling. It was built as a follow up to LinWinPwn.\n\nhttps://github.com/Auto19/ADHunt\n\n#infosec #pentesting #redteam\n\n\u200b\u200bIAMActionHunter\n\nIAMActionHunter is an IAM policy statement parser and query tool aims to simplify the process of collecting and understanding permission policy statements for users and roles in AWS Identity and Access Management (IAM). Although its functionality is straightforward, this tool was developed in response to the need for an efficient solution during day-to-day AWS penetration testing.\n\nhttps://github.com/RhinoSecurityLabs/IAMActionHunter\n\n#cybersecurity #infosec #pentesting\n\n\u200b\u200bSysPlant\n\nA small implementation in NIM of the currently known syscall hooking methods.\n\nhttps://github.com/x42en/sysplant\n\n#infosec #pentesting #redteam\n\n\u200b\u200bUnshackle\n\nOpen-source tool to bypass windows and linux passwords from bootable usb.\n\nhttps://github.com/Fadi002/unshackle\n\n#infosec #pentesting #redteam\n\n\u200b\u200bCASR\n\nCollect crash reports, triage, and estimate severity.\n\nhttps://github.com/ispras/casr\n\n#cybersecurity #infosec\n\n\u200b\u200bCVE-2023-27163\n\nTo assist in enumerating the webserver behind the webserver SSRF.\n\nhttps://github.com/seanrdev/cve-2023-27163\n\n#cve #cybersecurity #infosec\n\n\u200b\u200bCS2BR BOF\n\nYou would like to execute BOFs written for #CobaltStrike in #BruteRatel C4? Look no further, we got you covered! CS2BR implements a compatibility-layer that make CS BOFs use the BRC4 API. This allows you to use the vast landscape that is BOFs in BRC4.\n\nhttps://github.com/NVISOsecurity/cs2br-bof\n\nDetails:\nhttps://blog.nviso.eu/2023/07/17/introducing-cs2br-pt-ii-one-tool-to-port-them-all/\n \n#infosec #pentesting #redteam\n\n\u200b\u200bhypobrychium\n\nAV/EDR completely ignore me. Duplicate the token of a running process and run a command.\n\nhttps://github.com/foxlox/hypobrychium\n\n#cve #infosec\n\n2/3", "creation_timestamp": "2023-07-22T17:37:23.000000Z"}]}