{"vulnerability": "CVE-2023-2822", "sightings": [{"uuid": "79e9cd2c-8666-4711-b8d8-b59df3695faa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28229", "type": "published-proof-of-concept", "source": "https://t.me/WARLOCK_DARK_ARMY_OFFICIALS/3157", "content": "CVE-2023-28229 - Windows CNG KeyIso RPC EoP/SBX\n\nhttps://github.com/Y3A/CVE-2023-28229", "creation_timestamp": "2023-10-02T14:57:46.000000Z"}, {"uuid": "6d5be836-9421-47b3-b1ea-119f83028287", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28229", "type": "published-proof-of-concept", "source": "https://t.me/WARLOCK_DARK_ARMY_OFFICIALS/3056", "content": "CVE-2023-28229\n\nService Elevation of Privilege Vulnerability in Windows CNG Key Isolation\n\nhttps://github.com/Y3A/CVE-2023-28229\n\nReference: https://whereisk0shl.top/post/isolate-me-from-sandbox-explore-elevation-of-privilege-of-cng-key-isolation", "creation_timestamp": "2023-09-06T19:13:17.000000Z"}, {"uuid": "bee14cfc-6093-43d5-a0d6-06d5b1bdef3d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28229", "type": "published-proof-of-concept", "source": "https://t.me/WARLOCK_DARK_ARMY_OFFICIALS/3427", "content": "https://github.com/Y3A/CVE-2023-28229", "creation_timestamp": "2023-10-13T05:12:38.000000Z"}, {"uuid": "862600b2-941b-44be-8f86-8ae79dc41a5b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-2822", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3060", "content": "Tools - Hackers Factory\n\n\u200b\u200binteractsh\n\nOpen-source tool for detecting out-of-band interactions. It is a tool designed to detect vulnerabilities that cause external interactions.\n\nhttps://github.com/projectdiscovery/interactsh\n\n#pentesting #redteam #bugbounty\n\n\u200b\u200bHSTS Parser\n\nA tool to parse Firefox and Chrome HSTS databases into #forensic artifacts!\n\nhttps://github.com/thebeanogamer/hstsparser\n\n#cybersecurity #infosec\n\nOWASP Web Application Security Testing Checklist.\n\nhttps://github.com/0xRadi/OWASP-Web-Checklist\n\n#cybersecurity #infosec #pentesting\n\n\u200b\u200bFile Archiver In The Browser\n\nTwo sample phishing templates that can be used with .zip domains to emulate a file archiver in the browser.\n\nhttps://github.com/mrd0x/file-archiver-in-the-browser\n\nFile Archiver In The Browser:\nhttps://mrd0x.com/file-archiver-in-the-browser/\n\n#infosec #pentesting #redteam\n\n\u200b\u200bRansomchats\n\nHere you'll find #ransomware negotiations normalised as JSON files. Ransomware negotiations are usually not shared widely, limiting the understanding of the process. This project aims at changing that, in a respectful manner for the victims of cyberattacks: chats are anonymized as long as the victim hasn't been publicly disclosed, either by the attackers or in the media.\n\nhttps://github.com/Casualtek/Ransomchats\n\n#cybersecurity #infosec\n\n\u200b\u200bIntroduction to macOS - TCC\n\nTCC (Transparency, Consent and Control) is a macOS mechanism aimed at protecting sensitive information. This includes access to user's private files (e.g. files on the Desktop), access to the camera and the microphone, location services access and many more. Interestingly, TCC protects those even against root-level attacks.\n\nhttps://github.com/yo-yo-yo-jbo/macos_tcc\n\n#cybersecurity #infosec #pentesting\n\n\u200b\u200bNixImports\n\nA .NET malware loader, using API-Hashing and dynamic invoking to evade static analysis.\n\nhttps://github.com/dr4k0nia/NixImports\n\n#malware #cybersecurity #infosec\n\n\u200b\u200bCVE-2023-2822\n\nSimple flask application to implement an intentionally vulnerable web app to demo CVE-2023-2822.\n\nhttps://github.com/cberman/CVE-2023-2822-demo\n\n#cve #cybersecurity #infosec\n\n\u200b\u200bDamn Vulnerable Bank\n\nDamn Vulnerable Bank is designed to be an intentionally vulnerable android application. This provides an interface to assess your android application security hacking skills.\n\nhttps://github.com/rewanthtammana/Damn-Vulnerable-Bank\n\n#cybersecurity #infosec #pentesting\n\n\u200b\u200bCVE 2023 25690 \n\nProof of concept - mod_proxy vulnerable configuration on Apache HTTP Server versions 2.4.0 - 2.4.55 leads to HTTP Request Smuggling vulnerability.\n\nhttps://github.com/dhmosfunk/CVE-2023-25690-POC\n\n#cve #poc #infosec\n\n\u200b\u200bShaco\n\nShaco is a minimal C linux agent for Havoc. Shaco communicate with http to the server using hardcoded socket\n\nhttps://github.com/souzomain/Shaco\n\n#infosec #pentesting #redteam\n\n\u200b\u200bShellcrypt\n\nA single-file cross-platform quality of life tool to obfuscate a given shellcode file and output in a useful format for pasting directly into your source code.\n\nhttps://github.com/iilegacyyii/Shellcrypt\n\n#infosec #pentesting #redteam\n\n\u200b\u200bweb2shell\n\nA Python program used to automate converting webshells into reverse shells. If you regularly do CTF, HTB, or red teaming you've probably spent a good chunk of time testing payloads to convert a webshell into a reverse shell. This tool aims to simplify this process. \n\nhttps://github.com/ejedev/web2shell\n\n#infosec #pentesting #redteam\n\nhttps://t.me/dilagrafie\nhttps://t.me/HackerFactory", "creation_timestamp": "2023-05-23T17:00:05.000000Z"}, {"uuid": "c63715ca-9520-4edd-80ad-d855c5176d65", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28229", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3182", "content": "Hackers Factory \n\nTrack down GitHub users.\n\nhttps://github.com/mxrch/GitFive\n\nHere it is, the VMware newest exploit\n\nhttps://github.com/Cyb3rEnthusiast/CVE-2023-34039\n\nA shellcode injection tool capable of bypassing AMSI. Features the QueueUserAPC() injection technique and supports XOR encryption\n\nhttps://github.com/trevorsaudi/Mshikaki\n\nan exploit of Server-side request forgery (SSRF)\n\nhttps://github.com/errorfiathck/ssrf-exploit\n\nUnauthenticated-RCE-FUXA-CVE-2023-33831\n\nhttps://github.com/rodolfomarianocy/Unauthenticated-RCE-FUXA-CVE-2023-33831\n\nCVE-2023-28229\n\nhttps://github.com/Y3A/CVE-2023-28229\n\nIntroductory guide on the configuration and subsequent exploitation of Active Directory Certificate Services with Certipy. Based on the white paper Certified Pre-Owned.\n\nhttps://github.com/arth0sz/Practice-AD-CS-Domain-Escalation\n\nEternalHush - new free advanced open-source c2 framework\n\nhttps://github.com/APT64/EternalHushFramework\n\nPerforms OSINT scan on email/domain/ip_address/organization using OSINT-SPY. It can be used by Data Miners, Infosec Researchers, Penetration Testers and cyber crime investigator in order to find deep information about their target. \n\nhttps://github.com/SharadKumar97/OSINT-SPY\n\nGitHub - wvanderp/awesome-dutch-osint\n\nhttps://github.com/wvanderp/awesome-dutch-osint\n\n#infosec #cybersecurity #hackersfactory \n\nhttps://t.me/dilagrafie", "creation_timestamp": "2023-09-07T08:00:59.000000Z"}, {"uuid": "935ea75c-3544-4f8c-aff4-23230c4c066d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-2822", "type": "published-proof-of-concept", "source": "https://t.me/RAT070/625", "content": "CVE-2023-2822\n\nSimple flask application to implement an intentionally vulnerable web app to demo CVE-2023-2822.\n\nhttps://github.com/cberman/CVE-2023-2822-demo\n\n#cve #cybersecurity #infosec", "creation_timestamp": "2023-05-23T19:20:44.000000Z"}, {"uuid": "1e7586db-663c-400d-ba27-11d54a682564", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28229", "type": "published-proof-of-concept", "source": "Telegram/rHnKW8vRtqy60QWa3MSfn1VkHvdSHD70BkeJGq_U2qcpQ9E", "content": "", "creation_timestamp": "2023-09-19T15:32:10.000000Z"}, {"uuid": "0fa7c971-865c-4bb9-a4e7-585ea53a8d5b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28221", "type": "seen", "source": "https://t.me/cibsecurity/61937", "content": "\u203c CVE-2023-28221 \u203c\n\nWindows Error Reporting Service Elevation of Privilege Vulnerability\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-12T00:23:56.000000Z"}, {"uuid": "2593dd8e-e48d-4e36-9cae-896e54204b7a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28228", "type": "seen", "source": "https://t.me/cibsecurity/61957", "content": "\u203c CVE-2023-28228 \u203c\n\nWindows Spoofing Vulnerability\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-12T00:30:04.000000Z"}, {"uuid": "184eb5d0-4617-4d22-992d-ca0043d77e00", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28222", "type": "seen", "source": "https://t.me/cibsecurity/61931", "content": "\u203c CVE-2023-28222 \u203c\n\nWindows Kernel Elevation of Privilege Vulnerability\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-12T00:23:50.000000Z"}, {"uuid": "57f9d3b4-5899-4881-a28a-cd8cc9a84bec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28229", "type": "exploited", "source": "https://t.me/thehackernews/3967", "content": "\ud83d\udea8 Alert: CISA flags active exploits. Two recent vulnerabilities come under the scanner: \n \n\u2014 CVE-2023-42793: TeamCity Auth Bypass \n\u2014 CVE-2023-28229: Win CNG Flaw \n \nRead details here: https://thehackernews.com/2023/10/cisa-warns-of-active-exploitation-of.html \n \nAct fast, secure your networks\u2014patch by Oct 25!", "creation_timestamp": "2023-10-05T11:35:50.000000Z"}, {"uuid": "9219aba4-12e1-42ba-9743-8de7008e1ee4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28229", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/1270", "content": "https://github.com/Y3A/CVE-2023-28229\n#github", "creation_timestamp": "2023-10-13T05:10:10.000000Z"}, {"uuid": "7f7af2cf-492b-4f2b-8878-3dd43f285c94", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28229", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/1004", "content": "https://github.com/Y3A/CVE-2023-28229\n#github #\u63d0\u6743", "creation_timestamp": "2023-09-04T17:10:23.000000Z"}, {"uuid": "c8cd99e4-c4fd-4856-b52e-ef630d54eee5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-2822", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8347", "content": "#exploit\n1. CVE-2023-25690:\nMod_proxy vulnerable configuration on Apache HTTP Server 2.4.0 - 2.4.55 leads to HTTP Request Smuggling vulnerability\nhttps://github.com/dhmosfunk/CVE-2023-25690-POC\n\n2. CVE-2023-2822:\nReflected Cross-Site Scripting Vulnerability in Ellucian Ethos Identity CAS Logout Page\nhttps://github.com/cberman/CVE-2023-2822-demo\n]-> https://medium.com/@cyberninja717/reflected-cross-site-scripting-vulnerability-in-ellucian-ethos-identity-cas-logout-page-685bb1675dfb", "creation_timestamp": "2023-05-23T11:01:08.000000Z"}, {"uuid": "44abe608-544c-42a7-ba09-5195e6a8c52f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28229", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9190", "content": "#exploit\n1. CVE-2023-28229:\nWindows CNG KeyIso RPC EoP/SBX\nhttps://github.com/Y3A/CVE-2023-28229\n\n2. Polygon Smart Contract Bug\nhttps://blog.chain.link/smart-contract-bug-hunting\n\n3. CVE-2023-36723:\nPoC for arbitrary directory creation bug in Container Manager service\nhttps://github.com/Wh04m1001/CVE-2023-36723", "creation_timestamp": "2023-10-13T10:59:01.000000Z"}, {"uuid": "ec9b3707-50b1-4958-8bc2-ce3c3c33d803", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28229", "type": "published-proof-of-concept", "source": "https://t.me/LearnExploit/5546", "content": "CVE-2023-28229 - Windows CNG KeyIso RPC EoP/SBX\n\nGithub\n\n#redteam #CVE \n\u2014\u2014\u2014\u2014\u2014\u2014\n0Day.Today\n@LearnExploit\n@Tech_Army", "creation_timestamp": "2023-10-01T13:13:53.000000Z"}, {"uuid": "632747b3-2ae9-440e-8b73-ead6d25240b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28229", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/1347", "content": "#exploit\n1. CVE-2023-28229:\nWindows CNG KeyIso RPC EoP/SBX\nhttps://github.com/Y3A/CVE-2023-28229\n\n2. Polygon Smart Contract Bug\nhttps://blog.chain.link/smart-contract-bug-hunting\n\n3. CVE-2023-36723:\nPoC for arbitrary directory creation bug in Container Manager service\nhttps://github.com/Wh04m1001/CVE-2023-36723", "creation_timestamp": "2024-08-16T08:33:55.000000Z"}, {"uuid": "1270628c-1629-4185-9a57-544af2712762", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28229", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971895", "content": "", "creation_timestamp": "2024-12-24T20:35:21.761224Z"}, {"uuid": "90e5bb1d-4d7b-473e-8ded-387f8f0e49ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28220", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1005", "content": "", "creation_timestamp": "2023-04-12T14:53:28.000000Z"}, {"uuid": "f5dd0d3e-cba8-40e2-b535-27826dfbe0e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28229", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/5b549e4e-a327-4519-b117-70c5c2df9b88", "content": "", "creation_timestamp": "2026-02-02T12:26:49.353924Z"}, {"uuid": "6ba1e08f-7677-4e49-817a-255132ed8c84", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-2822", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4395", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aSimple flask application to implement an intentionally vulnerable web app to demo CVE-2023-2822.\nURL\uff1ahttps://github.com/cberman/CVE-2023-2822-demo\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-05-22T00:50:54.000000Z"}, {"uuid": "8937bf2f-f5c7-4f00-98c3-83a64fa84e48", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28226", "type": "seen", "source": "https://t.me/cibsecurity/61947", "content": "\u203c CVE-2023-28226 \u203c\n\nWindows Enroll Engine Security Feature Bypass Vulnerability\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-12T00:29:48.000000Z"}, {"uuid": "2dfdc9a3-cec9-4ed7-8fa2-604e95b836c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28229", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/5b549e4e-a327-4519-b117-70c5c2df9b88", "content": "", "creation_timestamp": "2026-02-02T12:26:49.353924Z"}, {"uuid": "7ea6eae0-79ff-4ea3-afb4-c0b8d7982b81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28229", "type": "published-proof-of-concept", "source": "https://t.me/HackerArsenal/202", "content": "\ud83d\udc7b Ghost in the PPL Part 2: From BYOVDLL to Arbitrary Code Execution in LSASS\n\nIn this second installment, the author deepens the exploration of techniques for bypassing LSASS protection, focusing on arbitrary code execution by refining the PoC, exploiting vulnerabilities like CVE-2023-28229, and bypassing Control Flow Guard (CFG) through RPC-based process handle duplication.\n\n\ud83d\udd17 Source:\nhttps://itm4n.github.io/ghost-in-the-ppl-part-2/\n\n#lsa #lsass #ppl #dll #maldev", "creation_timestamp": "2024-08-22T18:04:01.000000Z"}, {"uuid": "6cbb407a-b5ca-4947-8843-2369d5492d3d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28229", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-10-04T18:10:02.000000Z"}, {"uuid": "865e84e9-f366-4135-bcaa-b1a9a4ec0ce2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28229", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:47.000000Z"}]}