{"vulnerability": "CVE-2024-3008", "sightings": [{"uuid": "e66fba95-e44d-4ae5-94b6-07195206d5f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-30088", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/10741", "content": "#exploit\n1. CVE-2024-22729:\nNetis MW5360 RCE\nhttps://packetstormsecurity.com/files/179200/Netis-MW5360-Remote-Command-Execution.html\n\n2. CVE-2024-30088:\nWindows Kernel\u00a0EoP/TOCTOU LPE\nhttps://github.com/tykawaii98/CVE-2024-30088\n]-> kernel exploit for Xbox SystemOS:\nhttps://github.com/exploits-forsale/collateral-damage", "creation_timestamp": "2024-09-19T17:03:59.000000Z"}, {"uuid": "b7015d48-bda3-405c-b28e-423a9b55d08d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-30084", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/11302", "content": "#exploit\nStreaming vulnerabilities from Windows Kernel - Proxying to Kernel\nPart 1 (CVE-2024-30084, CVE-2024-35250):\nhttps://devco.re/blog/2024/08/23/streaming-vulnerabilities-from-windows-kernel-proxying-to-kernel-part1-en\nPart 2 (CVE-2024-30090):\nhttps://devco.re/blog/2024/10/05/streaming-vulnerabilities-from-windows-kernel-proxying-to-kernel-part2-en\n]-> https://github.com/Dor00tkit/CVE-2024-30090", "creation_timestamp": "2024-10-18T15:25:07.000000Z"}, {"uuid": "219b7547-1752-4c92-bbcd-a6726f5998de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-30085", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/11600", "content": "#exploit\n1. A Practical Guide to PrintNightmare in 2024 (updated\u00a0Oct 5)\nhttps://itm4n.github.io/printnightmare-exploitation\n]-> PnP bypass\n\n2. CVE-2024-12209:\nWP Umbrella Unauthenticated LFI\nhttps://github.com/Nxploited/CVE-2024-12209\n\n3. CVE-2024-30085:\nWindows 11 23H2 EoP\nhttps://ssd-disclosure.com/ssd-advisory-cldflt-heap-based-overflow-pe", "creation_timestamp": "2024-12-24T17:57:48.000000Z"}, {"uuid": "a04a42a2-f3c1-4a50-9f5a-59c9b4c1cbd0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-30088", "type": "exploited", "source": "https://t.me/InfoSecInsider/82", "content": "Tools  - Hackers Factory \n\nTookie-osint has a simple-to-use UI and is really straightforward. The main idea of Tookie-osint is to discover usernames that are requested from an input.\n\nhttps://github.com/Alfredredbird/tookie-osint\n\n#CyberDilara\n\nGPU poisoning; hide the payload inside the gpu memory.\n\nhttps://github.com/H1d3r/GPU_ShellCode\n\nThis is a simple obfuscator for WireGuard. It is designed to make it harder to detect WireGuard traffic by making it look like something else.\n\nhttps://github.com/ClusterM/wg-obfuscator\n\nSploitScan is a powerful and user-friendly tool designed to streamline the process of identifying exploits for known vulnerabilities and their respective exploitation probability.\n\nhttps://github.com/xaitax/SploitScan\n\nA shellcode runner write in Rust use\n\nhttps://github.com/b1tg/rs-shellcode\n\nKernel exploit for Xbox SystemOS using CVE-2024-30088\n\nhttps://github.com/exploits-forsale/collateral-damage\n\nZip Slip Vulnerability in .a Static Library Files.  Since the implemented measure can be bypassed, the vulnerability allows an attacker to extract files to any desired location within the server running #MobSF.\n\nhttps://github.com/MobSF/Mobile-Security-Framework-MobSF/security/advisories/GHSA-4hh3-vj32-gr6j\n\nPython script to monitor your target continuously for new subdomains.\n\nhttps://github.com/faiyazahmad07/monitor_subdomains\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-08-27T05:30:34.000000Z"}, {"uuid": "5e7d09a3-2860-4770-b992-1750df44092e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-30084", "type": "seen", "source": "https://t.me/Rootsec_2/4754", "content": "#exploit\nStreaming vulnerabilities from Windows Kernel - Proxying to Kernel\nPart 1 (CVE-2024-30084, CVE-2024-35250):\nhttps://devco.re/blog/2024/08/23/streaming-vulnerabilities-from-windows-kernel-proxying-to-kernel-part1-en\nPart 2 (CVE-2024-30090):\nhttps://devco.re/blog/2024/10/05/streaming-vulnerabilities-from-windows-kernel-proxying-to-kernel-part2-en\n]-> https://github.com/Dor00tkit/CVE-2024-30090", "creation_timestamp": "2024-10-18T05:50:48.000000Z"}, {"uuid": "3ebc404d-5669-432c-9525-1ab8622de549", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-30085", "type": "seen", "source": "https://t.me/suboxone_chatroom/1577", "content": "#exploit\n1. A Practical Guide to PrintNightmare in 2024 (updated\u00a0Oct 5)\nhttps://itm4n.github.io/printnightmare-exploitation\n]-> PnP bypass\n\n2. CVE-2024-12209:\nWP Umbrella Unauthenticated LFI\nhttps://github.com/Nxploited/CVE-2024-12209\n\n3. CVE-2024-30085:\nWindows 11 23H2 EoP\nhttps://ssd-disclosure.com/ssd-advisory-cldflt-heap-based-overflow-pe", "creation_timestamp": "2025-01-27T07:07:44.000000Z"}, {"uuid": "6ee32029-cb9d-40e1-9c48-b40703a7cb41", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-30085", "type": "published-proof-of-concept", "source": "https://t.me/suboxone_chatroom/2806", "content": "All I Want for Christmas is a CVE-2024-30085 Exploit\n\n\ud83d\udd17 Link\n\n#binary \n#exploitation \n#windows\n#driver\n\u2014\u2014\u2014", "creation_timestamp": "2025-02-15T20:01:41.000000Z"}, {"uuid": "90c6071a-b597-40bb-9eb8-140cb62be8e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-30088", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2024-10-15T21:10:02.000000Z"}, {"uuid": "2ce96b4a-af62-4d5e-bcec-b675d9ac3571", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-30085", "type": "seen", "source": "https://bsky.app/profile/buherator.bsky.social/post/3ldvrcv5rgk26", "content": "", "creation_timestamp": "2024-12-22T15:49:04.008995Z"}, {"uuid": "f8e20b43-3ef7-48a0-a24d-ddb3e03fb69f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-30085", "type": "seen", "source": "https://bsky.app/profile/dinosn.bsky.social/post/3ldzog7g5zk2l", "content": "", "creation_timestamp": "2024-12-24T05:07:55.330610Z"}, {"uuid": "d2f70e84-cbb5-4616-9a4a-27b8c7b3854d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-30085", "type": "seen", "source": "https://bsky.app/profile/bolhasec.com/post/3le27m2xpky27", "content": "", "creation_timestamp": "2024-12-24T10:15:24.272923Z"}, {"uuid": "5318c935-2f86-4c94-8622-3602ffa9f7f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "cve-2024-30085", "type": "seen", "source": "https://bsky.app/profile/kyosuke-tanaka.bsky.social/post/3le46pq2fhk25", "content": "", "creation_timestamp": "2024-12-25T05:04:51.968754Z"}, {"uuid": "1b5f776d-7717-4d7b-8297-0d5901a29597", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-30088", "type": "seen", "source": "https://bsky.app/profile/bolhasec.com/post/3le4rrii2le2j", "content": "", "creation_timestamp": "2024-12-25T10:45:52.958488Z"}, {"uuid": "1f1c9106-6408-474d-9c7a-ba7aef1b3437", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-30085", "type": "seen", "source": "https://infosec.exchange/users/dragonjar/statuses/113713117828225078", "content": "", "creation_timestamp": "2024-12-25T11:01:20.612167Z"}, {"uuid": "17001581-c11b-4b85-914f-8a1c5b764e05", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-30085", "type": "seen", "source": "https://mastodon.social/users/hrbrmstr/statuses/113735998581379936", "content": "", "creation_timestamp": "2024-12-29T12:00:18.730225Z"}, {"uuid": "0f80ec58-66f4-414e-9932-372e5109a421", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-30085", "type": "seen", "source": "https://bsky.app/profile/hrbrmstr.mastodon.social.ap.brid.gy/post/3legxskycjvo2", "content": "", "creation_timestamp": "2024-12-29T12:00:40.086594Z"}, {"uuid": "5ce6a34e-bb74-4cf2-a12f-77aa39566189", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-30088", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:46.000000Z"}, {"uuid": "3beced90-0595-4f7d-a4e6-d8c07664cdec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-30088", "type": "seen", "source": "https://bsky.app/profile/xyla.shitpost.trade.ap.brid.gy/post/3lq3z6zkishi2", "content": "", "creation_timestamp": "2025-05-26T20:28:32.627115Z"}, {"uuid": "23a3cd33-de7c-4e56-a665-b0af2c6c6f8a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-30088", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/local/cve_2024_30088_authz_basep.rb", "content": "", "creation_timestamp": "2024-09-17T12:32:43.000000Z"}, {"uuid": "70fc23a5-304b-47ed-af82-924872308e12", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2024-30085", "type": "seen", "source": "https://bsky.app/profile/undercode.bsky.social/post/3mgb7jnmwv22q", "content": "", "creation_timestamp": "2026-03-04T21:19:15.994791Z"}, {"uuid": "0348709e-16f5-4f27-8ab7-e48b27eb9cd1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2024-30085", "type": "seen", "source": "https://bsky.app/profile/undercode.bsky.social/post/3miexsm2kry2d", "content": "", "creation_timestamp": "2026-03-31T20:02:08.849011Z"}, {"uuid": "fb7d525d-c09b-4608-9a1b-c64788481e98", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2024-30085", "type": "seen", "source": "https://bsky.app/profile/alexandreborges.bsky.social/post/3mieyjmfuas2h", "content": "", "creation_timestamp": "2026-03-31T20:15:06.650759Z"}, {"uuid": "084ba3af-f7cd-47a1-8e29-8d71559c2f30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2024-30088", "type": "seen", "source": "https://bsky.app/profile/0xdf.bsky.social/post/3miostoyyos2o", "content": "", "creation_timestamp": "2026-04-04T17:59:53.794145Z"}, {"uuid": "c1ec221d-129e-4afb-9aa3-759682a725bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-30088", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7986", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aKernel exploit for Xbox SystemOS using CVE-2024-30088\nURL\uff1ahttps://github.com/exploits-forsale/collateral-damage\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-07-15T08:53:31.000000Z"}, {"uuid": "5940e699-0a63-4c21-b166-16d3bb7483c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-30085", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/9597", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-30085 (Alex Birnberg)\nURL\uff1ahttps://github.com/Adamkadaban/CVE-2024-30085\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-12-25T06:06:34.000000Z"}, {"uuid": "e3a2ef17-dfcb-4268-941b-84080b9746d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-30085", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/9623", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1a Exploit en Python dise\u00f1ado para aprovechar la vulnerabilidad de elevaci\u00f3n de privilegios CVE-2024-30085\nURL\uff1ahttps://github.com/murdok1982/Exploit-PoC-para-CVE-2024-30085\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-12-28T10:06:57.000000Z"}, {"uuid": "1ca24839-46e1-4b1d-a3f1-45d1565163b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2024-30085", "type": "seen", "source": "https://bsky.app/profile/infosecbot.bsky.social/post/3mklpcd4vr22s", "content": "", "creation_timestamp": "2026-04-28T23:08:54.412843Z"}, {"uuid": "3d44fc95-3714-4ae4-8b16-051f4ae12042", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-30088", "type": "seen", "source": "https://t.me/CyberBulletin/1830", "content": "\u26a1\ufe0fCVE-2024-30088 Under Attack: OilRig Targets Windows Kernel Vulnerability.\n\n#CyberBulletin", "creation_timestamp": "2024-12-26T04:50:40.000000Z"}, {"uuid": "d4a447ec-e477-496e-8b5a-df7db444ca58", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-30085", "type": "published-proof-of-concept", "source": "https://t.me/CyberBulletin/1820", "content": "\u26a1\ufe0fPoC Exploit Released for CVE-2024-30085: Windows Elevation of Privilege Vulnerability.\n\n#CyberBulletin", "creation_timestamp": "2024-12-24T09:08:09.000000Z"}, {"uuid": "a9cee8fd-fba3-4c6b-99d1-59864554bc2d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-30085", "type": "published-proof-of-concept", "source": "https://t.me/ptescalator/80", "content": "\u041c\u044b, ESC-VR, \u0443\u0441\u043f\u0435\u0448\u043d\u043e \u0432\u043e\u0441\u043f\u0440\u043e\u0438\u0437\u0432\u0435\u043b\u0438 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0434\u043b\u044f CVE-2024-30085  \ud83d\ude0e\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0438\u0433\u0443\u0440\u0438\u0440\u043e\u0432\u0430\u043b\u0430 \u043d\u0430 \u043f\u0440\u043e\u0448\u0435\u0434\u0448\u0435\u043c \u0432 Pwn2Own 2024 \u0432 \u0412\u0430\u043d\u043a\u0443\u0432\u0435\u0440\u0435, \u0433\u0434\u0435 Team Theori \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0434\u043b\u044f \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0446\u0435\u043f\u043e\u0447\u043a\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432, \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043b\u044f\u044e\u0449\u0438\u0445 Guest-To-Host-Escape \u0438\u0437-\u043f\u043e\u0434 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f VMware Workstation, \u0437\u0430 \u0447\u0442\u043e \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0438 \u0441\u0432\u043e\u0438 \u0437\u0430\u0441\u043b\u0443\u0436\u0435\u043d\u043d\u044b\u0435 13 \u043e\u0447\u043a\u043e\u0432 \u0432 \u043d\u043e\u043c\u0438\u043d\u0430\u0446\u0438\u0438 Master Of Pwn.\n\n\u0421\u043e\u0440\u0435\u0432\u043d\u043e\u0432\u0430\u043d\u0438\u044f \u043f\u043e \u0442\u0438\u043f\u0443 pwn2own \u0438 matrixcup \u043f\u043e\u043c\u043e\u0433\u0430\u044e\u0442 \u043f\u043e\u0434\u0441\u0432\u0435\u0442\u0438\u0442\u044c \u0440\u0435\u0430\u043b\u044c\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b \u0434\u043b\u044f \u043a\u043e\u0442\u043e\u0440\u044b\u0445, \u043a\u0430\u043a \u043f\u0440\u0430\u0432\u0438\u043b\u043e, \u043d\u0435 \u0440\u0430\u0437\u0433\u043b\u0430\u0448\u0430\u044e\u0442\u0441\u044f (\u0432 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0435 \u0447\u0435\u0433\u043e \u043e\u0431\u0440\u0430\u0437\u0443\u0435\u0442\u0441\u044f \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 Known-Unkown, \u043a\u043e\u0433\u0434\u0430 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e, \u0447\u0442\u043e \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0435\u0441\u0442\u044c, \u043d\u043e \u043a\u0430\u043a \u043e\u043d \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 \u043d\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e), \u0438 \u043e\u0431\u0440\u0430\u0442\u0438\u0442\u044c \u043d\u0430 \u043d\u0438\u0445 \u043e\u0441\u043e\u0431\u043e\u0435 \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u0435, \u0432\u0435\u0434\u044c \u0437\u0430 \u043f\u043e\u0434\u043e\u0431\u043d\u044b\u043c\u0438 \u0441\u043e\u0440\u0435\u0432\u043d\u043e\u0432\u0430\u043d\u0438\u044f\u043c\u0438 \u0441\u043b\u0435\u0434\u0438\u043c \u043d\u0435 \u0442\u043e\u043b\u044c\u043a\u043e \u043c\u044b, \u043d\u043e \u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043c\u043e\u0436\u0435\u0442 \u0438\u0445 \u0432\u043e\u0441\u043f\u0440\u043e\u0438\u0437\u0432\u0435\u0441\u0442\u0438 \u0438 \u043f\u0440\u043e\u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043f\u0440\u043e\u0442\u0438\u0432 \u043d\u0435\u0437\u0430\u043f\u0430\u0442\u0447\u0435\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b.\n\n\ud83e\uddd0 Cldflt.sys \u2014 \u044d\u0442\u043e \u0434\u0440\u0430\u0439\u0432\u0435\u0440 \u043c\u0438\u043d\u0438-\u0444\u0438\u043b\u044c\u0442\u0440, \u043e\u0442\u0432\u0435\u0447\u0430\u044e\u0449\u0438\u0439 \u0437\u0430 \u0441\u0438\u043d\u0445\u0440\u043e\u043d\u0438\u0437\u0430\u0446\u0438\u044e \u043c\u0435\u0436\u0434\u0443 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u043e\u0439 \u0444\u0430\u0439\u043b\u043e\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u043e\u0439 \u0438 \u043e\u0431\u043b\u0430\u043a\u043e\u043c OneDrive. \u0412 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0435 \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043e\u0432\u0430\u043b\u0430 \u043e\u0448\u0438\u0431\u043a\u0430 CWE-122, \u0432\u043e\u0437\u043d\u0438\u043a\u0430\u044e\u0449\u0430\u044f \u0432 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0435 \u043d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0440\u0430\u0437\u043c\u0435\u0440\u0430 bitmap, \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u043c\u043e\u0435 \u043a\u043e\u0442\u043e\u0440\u043e\u0433\u043e \u043f\u043e\u043b\u0443\u0447\u0430\u0435\u0442\u0441\u044f \u0438\u0437 Reparse Point. \u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u043f\u0430\u043c\u044f\u0442\u044c, \u0430\u043b\u043b\u043e\u0446\u0438\u0440\u0443\u0435\u043c\u0430\u044f \u043f\u043e\u0434 bitmap, \u0438\u043c\u0435\u0435\u0442 \u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0440\u0430\u0437\u043c\u0435\u0440 4096 \u0431\u0430\u0439\u0442, \u043d\u043e \u043f\u0440\u0438 \u044d\u0442\u043e\u043c \u043d\u0435 \u043f\u0440\u043e\u0432\u0435\u0440\u044f\u0435\u0442\u0441\u044f \u0440\u0430\u0437\u043c\u0435\u0440 \u0430\u043a\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0431\u0443\u0434\u0443\u0442 \u0441\u043a\u043e\u043f\u0438\u0440\u043e\u0432\u0430\u043d\u044b \u0432 \u0430\u043b\u043b\u043e\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u0443\u044e \u043f\u0430\u043c\u044f\u0442\u044c. \n\n\u041d\u0430\u0448 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0443\u0442\u0438\u043b\u0438\u0437\u0438\u0440\u0443\u0435\u0442 WNF- \u0438 ALPC- \u043f\u043e\u0434\u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u043c\u0438\u0442\u0438\u0432\u043e\u0432 \u043d\u0430 \u0437\u0430\u043f\u0438\u0441\u044c \u0438 \u0447\u0442\u0435\u043d\u0438\u0435, \u043a\u043e\u043d\u043a\u0440\u0435\u0442\u043d\u043e \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b _WNF_STATE_DATA \u0438 _ALPC_HANDLE_ENTRY.\n\n\ud83d\udca1 \u041d\u0435\u043c\u043d\u043e\u0433\u043e \u0434\u0435\u0442\u0430\u043b\u0435\u0439 \u043e \u0442\u043e\u043c, \u043a\u0430\u043a \u043d\u0430\u0448 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442:\n\n1\ufe0f\u20e3 \u0421\u043e\u0437\u0434\u0430\u0435\u0442 \u043c\u043d\u043e\u0436\u0435\u0441\u0442\u0432\u0430 \u0447\u0430\u043d\u043a\u043e\u0432, \u0440\u0430\u0437\u043c\u0435\u0440\u043e\u043c 4096 \u0431\u0430\u0439\u0442, \u0447\u0435\u0440\u0435\u0437 NtCreateWnfStateName \u0438 NtAlpcCreateResourceReserve. \u0422\u0430\u043a\u0438\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c \u043f\u043e\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u043d\u043e \u0432 \u043f\u0430\u043c\u044f\u0442\u0438 \u0440\u0430\u0437\u043c\u0435\u0449\u0430\u0435\u0442\u0441\u044f _WNF_STATE_DATA \u0438 _ALPC_HANDLE_ENTRY.\n\n2\ufe0f\u20e3 \u0421\u043e\u0437\u0434\u0430\u0435\u0442 \u043c\u043d\u043e\u0436\u0435\u0441\u0442\u0432\u0430 \u0434\u044b\u0440 \u0432 \u043f\u043e\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u0438 \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u043e\u0439 \u043d\u0430 \u0448\u0430\u0433\u0435 1, \u0447\u0435\u0440\u0435\u0437 NtDeleteWnfStateData.\n\n3\ufe0f\u20e3 \u0422\u0440\u0438\u0433\u0433\u0435\u0440\u0438\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0442\u0430\u043a\u0438\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c bitmap \u0440\u0430\u0437\u043c\u0435\u0449\u0430\u0435\u0442\u0441\u044f \u0432 \u043e\u0434\u043d\u043e\u0439 \u0438\u0437 \u0437\u0430\u0440\u0430\u043d\u0435\u0435 \u043f\u043e\u0434\u0433\u043e\u0442\u043e\u0432\u043b\u0435\u043d\u044b \u0434\u044b\u0440. \u0420\u0430\u0437\u043c\u0435\u0440 bitmap \u0437\u0430\u0434\u0430\u0435\u0442\u0441\u044f \u0440\u0430\u0432\u043d\u044b\u0439 4096 + 16, \u0447\u0442\u043e\u0431\u044b \u043f\u0435\u0440\u0435\u0437\u0430\u043f\u0438\u0441\u0430\u0442\u044c \u0440\u0430\u0437\u043c\u0435\u0440 \u0434\u0430\u043d\u043d\u044b\u0445 (_WNF_STATE_DATA.DataSize), \u043d\u0430 \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442 _WNF_STATE_DATA.Data.\n\n4\ufe0f\u20e3 \u041f\u0435\u0440\u0435\u0437\u0430\u043f\u0438\u0441\u044b\u0432\u0430\u0435\u0442 \u0447\u0435\u0440\u0435\u0437 NtUpdateWnfStateData \u0443\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u0438 \u0432 _ALPC_HANDLE_ENTRY.\n\n5\ufe0f\u20e3 \u041e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043b\u044f\u0435\u0442 \u0447\u0435\u0440\u0435\u0437 NtAlpcSendWaitReceivePort \u0437\u0430\u043f\u0438\u0441\u044c \u0438 \u0447\u0442\u0435\u043d\u0438\u0435 \u043f\u043e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u043c\u0443 \u0430\u0434\u0440\u0435\u0441\u0443.\n\n6\ufe0f\u20e3 \u041a\u0440\u0430\u0434\u0435\u0442 Token \u0443 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0430 System (Token Stealing).\n\n\u041a\u043e\u043d\u0435\u0447\u043d\u043e \u0436\u0435, \u043c\u044b \u043d\u0435 \u043c\u043e\u0433\u043b\u0438 \u043d\u0435 \u043f\u0440\u043e\u0442\u0435\u0441\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043d\u0430\u0448\u0438 \u0441\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0435 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u044b. \u0418 \u043e\u043d\u0438 \u043d\u0430\u0441 \u043d\u0435 \u0440\u0430\u0437\u043e\u0447\u0430\u0440\u043e\u0432\u0430\u043b\u0438: \u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, PT Sandbox \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0432\u0430\u0435\u0442 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044e \u0434\u0430\u043d\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438.\n\n\u0412\u0435\u0440\u0434\u0438\u043a\u0442\u044b:\n\n\nExploit.Win32.Generic.d,\nExploit.Win32.Generic.a,\nRootkit.Win32.Generic.a\n\n\n#escvr #cve #news\n@ptescalator", "creation_timestamp": "2024-09-10T09:26:48.000000Z"}, {"uuid": "c09e55cc-0453-4490-b8c9-83c36244f399", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-30085", "type": "published-proof-of-concept", "source": "https://t.me/ptescalator/287", "content": "\u041a\u043e\u0440\u043d\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2024-30085 \ud83c\udf33\n\n\u0415\u0449\u0435 \u0432 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u0435 \u043f\u0440\u043e\u0448\u043b\u043e\u0433\u043e \u0433\u043e\u0434\u0430 \u043c\u044b \u0432 ESC-VR \u0443\u0441\u043f\u0435\u0448\u043d\u043e \u0432\u043e\u0441\u043f\u0440\u043e\u0438\u0437\u0432\u0435\u043b\u0438 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0434\u043b\u044f CVE-2024-30085 \u2014 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u043f\u043e\u0434\u0441\u0438\u0441\u0442\u0435\u043c\u0435 Windows Cloud Files Mini Filter. \u041a\u043e\u0434 \u043f\u043e\u0434\u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0440\u0430\u0441\u043f\u043e\u043b\u0430\u0433\u0430\u0435\u0442\u0441\u044f \u0432 cldflt.sys \u2014 \u044d\u0442\u043e \u0434\u0440\u0430\u0439\u0432\u0435\u0440 \u043c\u0438\u043d\u0438-\u0444\u0438\u043b\u044c\u0442\u0440\u0430, \u0438 \u043e\u043d \u043e\u0442\u043d\u043e\u0441\u0438\u0442\u0441\u044f \u043a \u043f\u0440\u0435\u0434\u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u043a\u043b\u0438\u0435\u043d\u0442\u0443 \u043e\u0431\u043b\u0430\u0447\u043d\u043e\u0433\u043e \u0441\u0435\u0440\u0432\u0438\u0441\u0430 Microsoft OneDrive.\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0438 \u0441\u0432\u044f\u0437\u043a\u0443 WNF + ALPC, \u043c\u044b \u0441\u043e\u0437\u0434\u0430\u043b\u0438 \u043f\u0440\u0438\u043c\u0438\u0442\u0438\u0432\u044b \u043d\u0430 \u0447\u0442\u0435\u043d\u0438\u0435 \u0438 \u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u044f\u0434\u0435\u0440\u043d\u0443\u044e \u043f\u0430\u043c\u044f\u0442\u044c. \u0411\u043b\u0430\u0433\u043e\u0434\u0430\u0440\u044f \u044d\u0442\u043e\u043c\u0443 \u0443\u043a\u0440\u0430\u043b\u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0439 \u0442\u043e\u043a\u0435\u043d \u0438 \u0437\u0430\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u0442\u0435\u0440\u043c\u0438\u043d\u0430\u043b \u0441 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 NT AUTHORITY\\SYSTEM.\n\n\ud83e\uddd0 \u041d\u0430 \u0434\u043d\u044f\u0445 \u0432 \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0435\u043d\u0438\u0435 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438 \u043c\u044b \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u044b\u0439 \u0440\u0430\u0437\u0431\u043e\u0440 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2024-30085 \u0438 \u0442\u0435\u0445\u043d\u0438\u043a, \u043f\u0440\u0438\u043c\u0435\u043d\u0438\u043c\u044b\u0445 \u0432\u043e \u0432\u0440\u0435\u043c\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043a\u0443\u0447\u0438 \u0432 \u044f\u0434\u0440\u0435 Windows 10 22H2 19045.3803.\n\n\u0427\u0438\u0442\u0430\u0439\u0442\u0435 \u0440\u0430\u0437\u0431\u043e\u0440 \u0432 \u0431\u043b\u043e\u0433\u0435 \u043d\u0430 \u0425\u0430\u0431\u0440\u0435.\n\n#escvr #cve #win\n@ptescalator", "creation_timestamp": "2025-03-11T14:10:47.000000Z"}, {"uuid": "9f327c15-ab4c-4c7d-844f-ac6102496f33", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-30080", "type": "seen", "source": "https://t.me/kasperskyb2b/1300", "content": "\ud83e\ude79\ud83e\ude79\ud83e\ude79 \u0418\u044e\u043d\u044c\u0441\u043a\u0438\u0439 Patch Tuesday: \u0431\u0435\u0437 \u0447\u0443\u0434\u0435\u0441\n\n\u0421\u0432\u0435\u0436\u0438\u0439 \u0432\u044b\u043f\u0443\u0441\u043a \u0437\u0430\u043f\u043b\u0430\u0442\u043e\u043a \u0438\u0437 \u0420\u0435\u0434\u043c\u043e\u043d\u0434\u0430 \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u0435\u0442 58 \u0434\u0435\u0444\u0435\u043a\u0442\u043e\u0432 (\u0432\u043a\u043b\u044e\u0447\u0430\u044f 7 \u0432 Chromium/Edge), \u043d\u0438 \u043e\u0434\u0438\u043d \u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043d\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0441\u044f \u0432\u0436\u0438\u0432\u0443\u044e. \u0422\u043e\u043b\u044c\u043a\u043e \u043e\u0434\u043d\u0430 CVE \u0438\u043c\u0435\u0435\u0442 \u0440\u0435\u0439\u0442\u0438\u043d\u0433 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439, \u0435\u0449\u0451 38 \u0438\u043c\u0435\u044e\u0442 \u0432\u044b\u0441\u043e\u043a\u0438\u0439 \u043f\u0440\u0438\u043e\u0440\u0438\u0442\u0435\u0442 \u0438 12 - \u0441\u0440\u0435\u0434\u043d\u0438\u0439.\n\n\u0412\u043f\u0435\u0440\u0432\u044b\u0435 \u0437\u0430 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u043c\u0435\u0441\u044f\u0446\u0435\u0432 \u0447\u0438\u0441\u043b\u043e \u0434\u0435\u0444\u0435\u043a\u0442\u043e\u0432 \u043a\u0430\u0442\u0435\u0433\u043e\u0440\u0438\u0438 EoP \u043e\u043f\u0435\u0440\u0435\u0434\u0438\u043b\u043e \u0432\u0441\u0435 \u043f\u0440\u043e\u0447\u0438\u0435. \u041e\u0431\u0449\u0438\u0439 \u0441\u0447\u0451\u0442 \u0442\u0430\u043a\u043e\u0432: EoP - 25, RCE - 18, DoS - 5, \u0435\u0449\u0451 3 \u0434\u0435\u0444\u0435\u043a\u0442\u0430 \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0442 \u043a \u0440\u0430\u0437\u0433\u043b\u0430\u0448\u0435\u043d\u0438\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438.\n\n\u0415\u0434\u0438\u043d\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u043c \u0437\u0438\u0440\u043e\u0434\u0435\u0435\u043c \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f CVE-2023-50868, \u0430\u0442\u0430\u043a\u0430 Keytrap, \u043f\u0430\u0440\u0430\u043b\u0438\u0437\u0443\u044e\u0449\u0430\u044f \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u043e \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 DNSSEC. \u041d\u0435\u0432\u0437\u0438\u0440\u0430\u044f \u043d\u0430 \u043c\u0435\u0434\u0438\u0439\u043d\u044b\u0439 \u0440\u0435\u0437\u043e\u043d\u0430\u043d\u0441, \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u044d\u0442\u043e\u0439 \u0434\u044b\u0440\u044b \u043f\u043e\u043a\u0430 \u043d\u0435 \u043e\u0442\u043c\u0435\u0447\u0435\u043d\u043e.\n\n\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c (CVE-2024-30080, CVSS 9.8) \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430 \u0432 \u0441\u0435\u0440\u0432\u0435\u0440\u0435 MSMQ, \u043e\u043d\u0430 \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a RCE. \u0423\u0447\u0438\u0442\u044b\u0432\u0430\u044f, \u0447\u0442\u043e MSMQ \u043d\u0435 \u0432\u043a\u043b\u044e\u0447\u0451\u043d \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e, \u0440\u0438\u0441\u043a \u043c\u0430\u0441\u0441\u043e\u0432\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043d\u0435\u0432\u044b\u0441\u043e\u043a.\n\n\u0421\u0440\u0435\u0434\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0441\u0435\u0440\u044c\u0451\u0437\u043d\u043e\u0441\u0442\u0438 \u0438\u043d\u0442\u0435\u0440\u0435\u0441 \u0432\u044b\u0437\u044b\u0432\u0430\u044e\u0442 CVE-2024-30064 \u0438 -30068, \u043e\u043f\u0438\u0441\u0430\u043d\u043d\u044b\u0435 \u043a\u0430\u043a EoP \u0432 \u044f\u0434\u0440\u0435 \u0438 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0438\u0435 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u043c\u0443 \u043a\u043e\u0434\u0443 \u0441\u043e\u0432\u0435\u0440\u0448\u0430\u0442\u044c \u043f\u043e\u0431\u0435\u0433 \u0438\u0437 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u043e\u0432 \u0438 \u0434\u0440\u0443\u0433\u0438\u0445 \u0438\u0437\u043e\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0441\u0440\u0435\u0434. \u0414\u0440\u0443\u0433\u0430\u044f \u043e\u043f\u0430\u0441\u043d\u043e \u0432\u044b\u0433\u043b\u044f\u0434\u044f\u0449\u0430\u044f RCE - CVE-2024-30103 \u0432 Outlook, \u0441\u0440\u0430\u0431\u0430\u0442\u044b\u0432\u0430\u044e\u0449\u0430\u044f \u0438\u0437 \u043f\u0430\u043d\u0435\u043b\u0438 \u043f\u0440\u0435\u0434\u0432\u0430\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0441\u043c\u043e\u0442\u0440\u0430 \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 DLL \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435.\n\n #\u043d\u043e\u0432\u043e\u0441\u0442\u0438 #Microsoft @\u041f2\u0422", "creation_timestamp": "2024-06-13T10:33:43.000000Z"}, {"uuid": "ca340b13-d958-4359-a8cf-f84effd0ea48", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-30085", "type": "published-proof-of-concept", "source": "https://t.me/HackerArsenal/768", "content": "#exploit\n1. A Practical Guide to PrintNightmare in 2024 (updated\u00a0Oct 5)\nhttps://itm4n.github.io/printnightmare-exploitation\n]-> PnP bypass\n\n2. CVE-2024-12209:\nWP Umbrella Unauthenticated LFI\nhttps://github.com/Nxploited/CVE-2024-12209\n\n3. CVE-2024-30085:\nWindows 11 23H2 EoP\nhttps://ssd-disclosure.com/ssd-advisory-cldflt-heap-based-overflow-pe", "creation_timestamp": "2024-12-24T12:49:11.000000Z"}, {"uuid": "00f20ad1-2e83-4f0b-9ca4-cb0a631e555a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-30088", "type": "seen", "source": "Telegram/lxqobsrtlBJz5tJVA4wabo2DqNgKZlX-32pZLeF2unzyk5A", "content": "", "creation_timestamp": "2024-08-06T23:48:46.000000Z"}, {"uuid": "0794f65a-4f93-4858-8e74-4001749621e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-30088", "type": "published-proof-of-concept", "source": "https://t.me/CyberDilara/686", "content": "Tools - Hackers Factory \n\nTools from the DEFCON 32 talk \"SHIM me what you got - Manipulating Shim and Office for Code Injection\"\n\nhttps://github.com/deepinstinct/ShimMe\n\nGitHub - exploits-forsale/collateral-damage: Kernel exploit for Xbox SystemOS using CVE-2024-30088\n\nhttps://github.com/exploits-forsale/collateral-damage\n\nAPKscan: Scan for secrets, endpoints, API keys, tokens, credentials in Android apps\n\nhttps://github.com/LucasFaudman/apkscan\n\n3 ways to get Remote Code Execution in Kafka UI\n\nhttps://github.blog/2024-07-22-3-ways-to-get-remote-code-execution-in-kafka-ui/\n\nGitHub - mqst/gouge: Gouge is a simple Burp extension to extract or gouge all URLs which are seen in JS files as you visit different websites/webpages in Burp Suite\n\nhttps://github.com/mqst/gouge\n\nGitHub - two06/CerealKiller: .NET deserialization hunter\n\nhttps://github.com/two06/CerealKiller\n\nGitHub - securelayer7/CVE-2024-38856_Scanner: Apache OFBiz RCE Scanner & Exploit (CVE-2024-38856)\n\nhttps://github.com/securelayer7/CVE-2024-38856_Scanner\n\nA technique to unbind and rebind 445/tcp on Windows without loading a driver, loading a module into LSASS, or rebooting the target machine. Implemented to ease the burden of SMB-based NTLM relays while operating over C2. Technical analysis of the technique is dicussed in more detail during the Relay Your Heart Away: An OPSEC Concious Approach to 445 Takeover presentation at x33fcon.\n\nhttps://github.com/zyn3rgy/smbtakeover\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-08-16T02:26:24.000000Z"}, {"uuid": "dd1b9252-5309-48a4-9d2f-66b89fc48266", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-30088", "type": "published-proof-of-concept", "source": "https://t.me/CyberDilara/449", "content": "Tools - Hackers Factory \n\nGitHub - a13xp0p0v/kernel-hardening-checker: A tool for checking the security hardening options of the Linux kernel\n\nhttps://github.com/a13xp0p0v/kernel-hardening-checker\n\nELMERIKH/TelecordC2: Advanced Telegram x Discord C2, great for data Exfitration and Network evasion\n\nhttps://github.com/ELMERIKH/TelecordC2\n\nOSCP Example Cheat Sheet \n\ngithub.com/xsudoxx/OSCP\n\n(Old) List of Awesome Red Teaming Resources\n\nhttps://github.com/yeyintminthuhtut/Awesome-Red-Teaming\n\n(exploits-forsale)Collateral Damage :\u00a0 Kernel exploit for Xbox SystemOS using CVE-2024-30088\n\nhttps://github.com/exploits-forsale/collateral-damage\n\nAwesome-Red-Team-Operation\n\nhttps://github.com/CyberSecurityUP/Awesome-Red-Team-Operations\n\nWith NoConsolation you can now custom load all the dependencies from the PE you are going to execute, ensuring no image load events!\n\nhttps://github.com/fortra/No-Consolation\n\nAll-in-one OSINT tool for analysing any website\n\nhttps://github.com/Lissy93/web-check\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-07-22T04:20:16.000000Z"}, {"uuid": "40868315-8315-4ce4-9b4d-d36684812da1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-30088", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/8676", "content": "Tools  - Hackers Factory \n\nTookie-osint has a simple-to-use UI and is really straightforward. The main idea of Tookie-osint is to discover usernames that are requested from an input.\n\nhttps://github.com/Alfredredbird/tookie-osint\n\n#CyberDilara\n\nGPU poisoning; hide the payload inside the gpu memory.\n\nhttps://github.com/H1d3r/GPU_ShellCode\n\nThis is a simple obfuscator for WireGuard. It is designed to make it harder to detect WireGuard traffic by making it look like something else.\n\nhttps://github.com/ClusterM/wg-obfuscator\n\nSploitScan is a powerful and user-friendly tool designed to streamline the process of identifying exploits for known vulnerabilities and their respective exploitation probability.\n\nhttps://github.com/xaitax/SploitScan\n\nA shellcode runner write in Rust use\n\nhttps://github.com/b1tg/rs-shellcode\n\nKernel exploit for Xbox SystemOS using CVE-2024-30088\n\nhttps://github.com/exploits-forsale/collateral-damage\n\nZip Slip Vulnerability in .a Static Library Files.  Since the implemented measure can be bypassed, the vulnerability allows an attacker to extract files to any desired location within the server running #MobSF.\n\nhttps://github.com/MobSF/Mobile-Security-Framework-MobSF/security/advisories/GHSA-4hh3-vj32-gr6j\n\nPython script to monitor your target continuously for new subdomains.\n\nhttps://github.com/faiyazahmad07/monitor_subdomains\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-08-27T09:08:21.000000Z"}, {"uuid": "f5fee7a2-30af-4fe1-83a6-1b8b60ddafec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-30088", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/8613", "content": "Tools - Hackers Factory \n\nTools from the DEFCON 32 talk \"SHIM me what you got - Manipulating Shim and Office for Code Injection\"\n\nhttps://github.com/deepinstinct/ShimMe\n\nGitHub - exploits-forsale/collateral-damage: Kernel exploit for Xbox SystemOS using CVE-2024-30088\n\nhttps://github.com/exploits-forsale/collateral-damage\n\nAPKscan: Scan for secrets, endpoints, API keys, tokens, credentials in Android apps\n\nhttps://github.com/LucasFaudman/apkscan\n\n3 ways to get Remote Code Execution in Kafka UI\n\nhttps://github.blog/2024-07-22-3-ways-to-get-remote-code-execution-in-kafka-ui/\n\nGitHub - mqst/gouge: Gouge is a simple Burp extension to extract or gouge all URLs which are seen in JS files as you visit different websites/webpages in Burp Suite\n\nhttps://github.com/mqst/gouge\n\nGitHub - two06/CerealKiller: .NET deserialization hunter\n\nhttps://github.com/two06/CerealKiller\n\nGitHub - securelayer7/CVE-2024-38856_Scanner: Apache OFBiz RCE Scanner & Exploit (CVE-2024-38856)\n\nhttps://github.com/securelayer7/CVE-2024-38856_Scanner\n\nA technique to unbind and rebind 445/tcp on Windows without loading a driver, loading a module into LSASS, or rebooting the target machine. Implemented to ease the burden of SMB-based NTLM relays while operating over C2. Technical analysis of the technique is dicussed in more detail during the Relay Your Heart Away: An OPSEC Concious Approach to 445 Takeover presentation at x33fcon.\n\nhttps://github.com/zyn3rgy/smbtakeover\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-08-16T02:26:29.000000Z"}, {"uuid": "aef58e54-5bfc-4759-b6c6-c65e34039b03", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-30088", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/8299", "content": "Tools - Hackers Factory \n\nGitHub - a13xp0p0v/kernel-hardening-checker: A tool for checking the security hardening options of the Linux kernel\n\nhttps://github.com/a13xp0p0v/kernel-hardening-checker\n\nELMERIKH/TelecordC2: Advanced Telegram x Discord C2, great for data Exfitration and Network evasion\n\nhttps://github.com/ELMERIKH/TelecordC2\n\nOSCP Example Cheat Sheet \n\ngithub.com/xsudoxx/OSCP\n\n(Old) List of Awesome Red Teaming Resources\n\nhttps://github.com/yeyintminthuhtut/Awesome-Red-Teaming\n\n(exploits-forsale)Collateral Damage :\u00a0 Kernel exploit for Xbox SystemOS using CVE-2024-30088\n\nhttps://github.com/exploits-forsale/collateral-damage\n\nAwesome-Red-Team-Operation\n\nhttps://github.com/CyberSecurityUP/Awesome-Red-Team-Operations\n\nWith NoConsolation you can now custom load all the dependencies from the PE you are going to execute, ensuring no image load events!\n\nhttps://github.com/fortra/No-Consolation\n\nAll-in-one OSINT tool for analysing any website\n\nhttps://github.com/Lissy93/web-check\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-07-22T11:27:29.000000Z"}, {"uuid": "b3fae2a6-a428-42a8-8317-7c33c2b70357", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-30088", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3693", "content": "Tools  - Hackers Factory \n\nTookie-osint has a simple-to-use UI and is really straightforward. The main idea of Tookie-osint is to discover usernames that are requested from an input.\n\nhttps://github.com/Alfredredbird/tookie-osint\n\n#CyberDilara\n\nGPU poisoning; hide the payload inside the gpu memory.\n\nhttps://github.com/H1d3r/GPU_ShellCode\n\nThis is a simple obfuscator for WireGuard. It is designed to make it harder to detect WireGuard traffic by making it look like something else.\n\nhttps://github.com/ClusterM/wg-obfuscator\n\nSploitScan is a powerful and user-friendly tool designed to streamline the process of identifying exploits for known vulnerabilities and their respective exploitation probability.\n\nhttps://github.com/xaitax/SploitScan\n\nA shellcode runner write in Rust use\n\nhttps://github.com/b1tg/rs-shellcode\n\nKernel exploit for Xbox SystemOS using CVE-2024-30088\n\nhttps://github.com/exploits-forsale/collateral-damage\n\nZip Slip Vulnerability in .a Static Library Files.  Since the implemented measure can be bypassed, the vulnerability allows an attacker to extract files to any desired location within the server running #MobSF.\n\nhttps://github.com/MobSF/Mobile-Security-Framework-MobSF/security/advisories/GHSA-4hh3-vj32-gr6j\n\nPython script to monitor your target continuously for new subdomains.\n\nhttps://github.com/faiyazahmad07/monitor_subdomains\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-08-27T06:59:30.000000Z"}, {"uuid": "2db66481-8b5d-4cfc-a8b8-79555045f944", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-30088", "type": "published-proof-of-concept", "source": "Telegram/LsyZOcFmR3tiS2HA0dd4YVSmWj9mqKAdtbxDKk6MGzq8VQQ", "content": "", "creation_timestamp": "2024-08-02T00:41:17.000000Z"}, {"uuid": "3e43de77-2c6d-4f7e-aa85-a5f5ff26e5bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-30088", "type": "published-proof-of-concept", "source": "https://t.me/reverse_dungeon/3689", "content": "CVE-2024-30088: Windows LPE\n\nPATCHED: June 11, 2024\n\nhttps://github.com/tykawaii98/CVE-2024-30088\n\nP.S. \u041f\u0440\u043e\u0442\u0435\u0441\u0442\u0438\u043b \u043d\u0430 Win11, \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442\n\n#git #exploit #lpe #pentest #redteam", "creation_timestamp": "2024-06-28T01:04:37.000000Z"}, {"uuid": "31726164-8170-4619-959f-f6233e6c0159", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-30088", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:11:02.000000Z"}, {"uuid": "0ef3297d-7ef8-42a9-9c10-3ee7e1d7737b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-30085", "type": "seen", "source": "https://bsky.app/profile/reddogsecurity.bsky.social/post/3llrkcg4vtu27", "content": "", "creation_timestamp": "2025-04-01T18:54:25.833227Z"}, {"uuid": "8e711df7-dca3-4f27-87bc-618f24bf1d8b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-30088", "type": "seen", "source": "https://bsky.app/profile/gamesandconsoles.bsky.social/post/3lsehwehmiq2x", "content": "", "creation_timestamp": "2025-06-24T16:03:38.790847Z"}, {"uuid": "2daea770-1eed-4582-8888-ba4b35d16cdc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-30085", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/local/cve_2024_30085_cloud_files.rb", "content": "", "creation_timestamp": "2025-03-20T20:52:56.000000Z"}, {"uuid": "1165a7cb-9e43-4e1e-bbdb-914146132b22", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-30085", "type": "seen", "source": "MISP/71f05cce-2beb-4b80-8496-bbbabc032544", "content": "", "creation_timestamp": "2025-08-25T18:31:43.000000Z"}, {"uuid": "aaac0098-debd-4eae-b242-78f40607cb77", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2024-30085", "type": "seen", "source": "https://infosec.exchange/users/dragonjar/statuses/116408385891917391", "content": "", "creation_timestamp": "2026-04-15T11:03:25.874820Z"}, {"uuid": "bbf87256-ad71-41f7-8b27-a108ee82e63d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-30080", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1308", "content": "", "creation_timestamp": "2024-06-12T04:00:00.000000Z"}, {"uuid": "b2ffe98f-4f29-4354-8a47-4c79af3a7e0a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-30088", "type": "published-proof-of-concept", "source": "Telegram/LZnB2uRGjvSMX1a86_gYteJhuOo14W3NiFk2b0mfWdXAigg", "content": "", "creation_timestamp": "2026-04-17T09:00:04.000000Z"}, {"uuid": "5f0451b0-bea3-4ee7-b6e4-ae929e0e33d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-30088", "type": "seen", "source": "https://t.me/ics_cert/933", "content": "\u0645\u062d\u0642\u0642\u0627\u0646 Trend Micro \u06af\u0632\u0627\u0631\u0634 \u062c\u062f\u06cc\u062f\u06cc \u0645\u0646\u062a\u0634\u0631 \u06a9\u0631\u062f\u0647\u200c\u0627\u0646\u062f \u06a9\u0647 \u0628\u0647 \u0627\u0641\u0632\u0627\u06cc\u0634 \u0641\u0639\u0627\u0644\u06cc\u062a APT34 (\u0645\u0639\u0631\u0648\u0641 \u0628\u0647 OilRig) \u0645\u0631\u062a\u0628\u0637 \u0628\u0627 \u0631\u0627\u0647\u200c\u0627\u0646\u062f\u0627\u0632\u06cc \u06a9\u0645\u067e\u06cc\u0646\u200c\u0647\u0627\u06cc \u062c\u062f\u06cc\u062f \u0628\u0627 \u0647\u062f\u0641 \u0633\u0627\u0632\u0645\u0627\u0646\u200c\u0647\u0627\u06cc \u062f\u0648\u0644\u062a\u06cc \u0648 \u062a\u0623\u0633\u06cc\u0633\u0627\u062a CII \u062f\u0631 \u0627\u0645\u0627\u0631\u0627\u062a \u0645\u062a\u062d\u062f\u0647 \u0639\u0631\u0628\u06cc \u0648 \u0645\u0646\u0637\u0642\u0647 \u062e\u0644\u06cc\u062c \u0641\u0627\u0631\u0633 \u0627\u0634\u0627\u0631\u0647 \u06a9\u0631\u062f\u0647\u200c\u0627\u0646\u062f.\n\n\u062f\u0631 \u062d\u0645\u0644\u0627\u062a \u0645\u0634\u0627\u0647\u062f\u0647 \u0634\u062f\u0647\u060c OilRig \u0627\u0632 \u06cc\u06a9 \u062f\u0631\u0628 \u067e\u0634\u062a\u06cc \u062c\u062f\u06cc\u062f \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u06a9\u0631\u062f \u06a9\u0647 \u0633\u0631\u0648\u0631\u0647\u0627\u06cc Microsoft Exchange \u0631\u0627 \u0628\u0631\u0627\u06cc \u0633\u0631\u0642\u062a \u0627\u0639\u062a\u0628\u0627\u0631\u0646\u0627\u0645\u0647 \u0647\u0627 \u0647\u062f\u0641 \u0642\u0631\u0627\u0631 \u0645\u06cc \u062f\u0627\u062f \u0648 \u0647\u0645\u0686\u0646\u06cc\u0646 \u0627\u0632 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc CVE-2024-30088 \u0628\u0631\u0627\u06cc \u0627\u0641\u0632\u0627\u06cc\u0634 \u0627\u0645\u062a\u06cc\u0627\u0632\u0627\u062a \u062e\u0648\u062f \u062f\u0631 \u062f\u0633\u062a\u06af\u0627\u0647 \u0647\u0627\u06cc \u062f\u0631 \u0645\u0639\u0631\u0636 \u062e\u0637\u0631 \u0633\u0648\u0621 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u06a9\u0631\u062f.\n\nTrend Micro \u0639\u0644\u0627\u0648\u0647 \u0628\u0631 \u062a\u062c\u0632\u06cc\u0647 \u0648 \u062a\u062d\u0644\u06cc\u0644 \u0627\u06cc\u0646 \u0641\u0639\u0627\u0644\u06cc\u062a\u060c \u0627\u062a\u0635\u0627\u0644\u0627\u062a \u06cc\u0627 \u06af\u0632\u0627\u0631\u0634 \u062c\u062f\u06cc\u062f\u06cc \u0631\u0627 \u06a9\u0647 \u06cc\u06a9\u06cc \u062f\u06cc\u06af\u0631 \u0627\u0632 \u06af\u0631\u0648\u0647\u200c\u0647\u0627\u06cc APT \u0627\u06cc\u0631\u0627\u0646\u06cc \u062f\u0631\u06af\u06cc\u0631 \u062f\u0631 \u062d\u0645\u0644\u0627\u062a \u0628\u0627\u062c\u200c\u0627\u0641\u0632\u0627\u0631 \u0631\u0627 \u067e\u0631\u0686\u0645\u200c\u06af\u0630\u0627\u0631\u06cc \u0645\u06cc\u200c\u06a9\u0631\u062f\u060c \u0631\u062f\u06cc\u0627\u0628\u06cc \u06a9\u0631\u062f.\n\n\u062d\u0645\u0644\u0627\u062a\u06cc \u06a9\u0647 Trend Micro \u0645\u0634\u0627\u0647\u062f\u0647 \u06a9\u0631\u062f\u0647 \u0627\u0633\u062a \u0628\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u06cc\u06a9 \u0648\u0628 \u0633\u0631\u0648\u0631 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631 \u0628\u0631\u0627\u06cc \u0628\u0627\u0631\u06af\u0630\u0627\u0631\u06cc \u06cc\u06a9 \u067e\u0648\u0633\u062a\u0647 \u0648\u0628 \u0634\u0631\u0648\u0639 \u0645\u06cc \u0634\u0648\u062f \u0648 \u0628\u0647 \u0645\u0647\u0627\u062c\u0645\u0627\u0646 \u0627\u062c\u0627\u0632\u0647 \u0645\u06cc \u062f\u0647\u062f \u06a9\u062f\u0647\u0627\u06cc \u0631\u0627\u0647 \u062f\u0648\u0631 \u0648 \u062f\u0633\u062a\u0648\u0631\u0627\u062a PowerShell \u0631\u0627 \u0627\u062c\u0631\u0627 \u06a9\u0646\u0646\u062f.\n\n\u067e\u0633 \u0627\u0632 \u0641\u0639\u0627\u0644 \u0634\u062f\u0646\u060c OilRig \u0627\u0632 \u067e\u0648\u0633\u062a\u0647 \u0647\u0627\u06cc \u0648\u0628 \u0628\u0631\u0627\u06cc \u0627\u0633\u062a\u0642\u0631\u0627\u0631 \u0627\u0628\u0632\u0627\u0631\u0647\u0627\u06cc \u0627\u0636\u0627\u0641\u06cc\u060c \u0627\u0632 \u062c\u0645\u0644\u0647 \u0645\u0624\u0644\u0641\u0647 \u0627\u06cc \u06a9\u0647 \u0628\u0631\u0627\u06cc \u0633\u0648\u0621 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0648\u06cc\u0646\u062f\u0648\u0632 CVE-2024-30088 \u0637\u0631\u0627\u062d\u06cc \u0634\u062f\u0647 \u0627\u0633\u062a\u060c \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0645\u06cc \u06a9\u0646\u062f.\n\nCVE-2024-30088 \u06cc\u06a9 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc EoP \u0628\u0627 \u0634\u062f\u062a \u0628\u0627\u0644\u0627 \u0627\u0633\u062a \u06a9\u0647 \u062a\u0648\u0633\u0637 \u0645\u0627\u06cc\u06a9\u0631\u0648\u0633\u0627\u0641\u062a \u062f\u0631 \u0698\u0648\u0626\u0646 2024 \u0648\u0635\u0644\u0647 \u0634\u062f.\n\n\u0627\u06cc\u0646 \u0628\u0647 \u0645\u0647\u0627\u062c\u0645\u0627\u0646 \u0627\u062c\u0627\u0632\u0647 \u0645\u06cc \u062f\u0647\u062f \u062a\u0627 \u0627\u0645\u062a\u06cc\u0627\u0632\u0627\u062a SYSTEM \u0631\u0627 \u0627\u0641\u0632\u0627\u06cc\u0634 \u062f\u0647\u0646\u062f \u0648 \u0628\u0647 \u0622\u0646\u0647\u0627 \u06a9\u0646\u062a\u0631\u0644 \u0642\u0627\u0628\u0644 \u062a\u0648\u062c\u0647\u06cc \u0628\u0631 \u0631\u0648\u06cc \u062f\u0633\u062a\u06af\u0627\u0647 \u0647\u0627\u06cc \u062f\u0631 \u0645\u0639\u0631\u0636 \u062e\u0637\u0631 \u0628\u062f\u0647\u062f.\n\n\u0645\u0627\u06cc\u06a9\u0631\u0648\u0633\u0627\u0641\u062a \u0648\u062c\u0648\u062f \u06cc\u06a9 PoC \u0628\u0631\u0627\u06cc CVE-2024-30088 \u0631\u0627 \u062a\u0623\u06cc\u06cc\u062f \u06a9\u0631\u062f\u0647 \u0627\u0633\u062a\u060c \u0627\u0645\u0627 \u0647\u0646\u0648\u0632 \u0622\u0646 \u0631\u0627 \u0628\u0647\u200c\u0639\u0646\u0648\u0627\u0646 \u0645\u0648\u0631\u062f \u0628\u0647\u0631\u0647\u200c\u0628\u0631\u062f\u0627\u0631\u06cc \u0641\u0639\u0627\u0644 \u0639\u0644\u0627\u0645\u062a\u200c\u06af\u0630\u0627\u0631\u06cc \u0646\u06a9\u0631\u062f\u0647 \u0627\u0633\u062a. CISA \u0647\u0645\u0686\u0646\u06cc\u0646 \u062f\u0631 \u06a9\u0627\u062a\u0627\u0644\u0648\u06af \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0647\u0627\u06cc \u0642\u0627\u0628\u0644 \u0628\u0647\u0631\u0647 \u0628\u0631\u062f\u0627\u0631\u06cc \u0634\u0646\u0627\u062e\u062a\u0647 \u0634\u062f\u0647 \u062e\u0648\u062f \u0628\u0647 \u0622\u0646 \u0627\u0634\u0627\u0631\u0647 \u0627\u06cc \u0646\u0645\u06cc \u06a9\u0646\u062f.\n\n\u062f\u0631 \u0645\u0631\u062d\u0644\u0647 \u0628\u0639\u062f\u060c OilRig \u06cc\u06a9 DLL \u0641\u06cc\u0644\u062a\u0631 \u0631\u0645\u0632 \u0639\u0628\u0648\u0631 \u0631\u0627 \u062b\u0628\u062a \u0645\u06cc \u06a9\u0646\u062f \u062a\u0627 \u0627\u0639\u062a\u0628\u0627\u0631 \u0645\u062a\u0646 \u0648\u0627\u0636\u062d \u0631\u0627 \u062f\u0631 \u0637\u0648\u0644 \u062a\u063a\u06cc\u06cc\u0631 \u0631\u0645\u0632 \u0639\u0628\u0648\u0631 \u0631\u0647\u06af\u06cc\u0631\u06cc \u06a9\u0646\u062f\u060c \u0648 \u0633\u067e\u0633 \u0627\u0628\u0632\u0627\u0631 \u0645\u062f\u06cc\u0631\u06cc\u062a \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 ngrok \u0631\u0627 \u0628\u0631\u0627\u06cc \u0627\u0631\u062a\u0628\u0627\u0637 \u0645\u062e\u0641\u06cc \u0627\u0632 \u0637\u0631\u06cc\u0642 \u062a\u0648\u0646\u0644 \u0647\u0627\u06cc \u0627\u0645\u0646 \u062f\u0627\u0646\u0644\u0648\u062f \u0648 \u0646\u0635\u0628 \u0645\u06cc \u06a9\u0646\u062f.\n\n\u06cc\u06a9\u06cc \u062f\u06cc\u06af\u0631 \u0627\u0632 \u062a\u0627\u06a9\u062a\u06cc\u06a9\u200c\u0647\u0627\u06cc \u0645\u0647\u0627\u062c\u0645 \u062c\u062f\u06cc\u062f \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0633\u0631\u0648\u0631\u0647\u0627\u06cc \u0645\u0627\u06cc\u06a9\u0631\u0648\u0633\u0627\u0641\u062a \u0627\u06a9\u0633\u0686\u0646\u062c \u0628\u0631\u0627\u06cc \u0633\u0631\u0642\u062a \u0627\u0639\u062a\u0628\u0627\u0631 \u0648 \u0627\u0633\u062a\u062e\u0631\u0627\u062c \u062f\u0627\u062f\u0647\u200c\u0647\u0627\u06cc \u062d\u0633\u0627\u0633 \u0627\u0632 \u0637\u0631\u06cc\u0642 \u062a\u0631\u0627\u0641\u06cc\u06a9 \u0627\u06cc\u0645\u06cc\u0644 \u0642\u0627\u0646\u0648\u0646\u06cc \u0627\u0633\u062a \u06a9\u0647 \u062a\u0634\u062e\u06cc\u0635 \u0622\u0646 \u062f\u0634\u0648\u0627\u0631 \u0627\u0633\u062a.\n\n\u0627\u0633\u062a\u062e\u0631\u0627\u062c \u0628\u0627 \u062f\u0631\u0628 \u067e\u0634\u062a\u06cc \u062c\u062f\u06cc\u062f\u06cc \u0628\u0647 \u0646\u0627\u0645 StealHook \u0622\u0633\u0627\u0646 \u062a\u0631 \u0645\u06cc \u0634\u0648\u062f. \n\n\u0628\u0627 \u0627\u06cc\u0646 \u062d\u0627\u0644\u060c Trend Micro \u0645\u0639\u062a\u0642\u062f \u0627\u0633\u062a \u06a9\u0647 \u0632\u06cc\u0631\u0633\u0627\u062e\u062a \u0647\u0627\u06cc \u062f\u0648\u0644\u062a\u06cc \u0627\u063a\u0644\u0628 \u0628\u0647 \u0639\u0646\u0648\u0627\u0646 \u06cc\u06a9 \u0646\u0642\u0637\u0647 \u0645\u0631\u062c\u0639 \u0628\u0631\u0627\u06cc \u0642\u0627\u0646\u0648\u0646\u06cc \u062c\u0644\u0648\u0647 \u062f\u0627\u062f\u0646 \u0631\u0648\u0646\u062f \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0645\u06cc \u0634\u0648\u062f.\n\n\u0647\u062f\u0641 \u0627\u0635\u0644\u06cc \u0627\u06cc\u0646 \u0645\u0631\u062d\u0644\u0647 \u0631\u0647\u06af\u06cc\u0631\u06cc \u0631\u0645\u0632\u0647\u0627\u06cc \u0639\u0628\u0648\u0631 \u0633\u0631\u0642\u062a \u0634\u062f\u0647 \u0648 \u0627\u0646\u062a\u0642\u0627\u0644 \u0622\u0646\u0647\u0627 \u0628\u0647 \u0645\u0647\u0627\u062c\u0645\u0627\u0646 \u062f\u0631 \u0642\u0627\u0644\u0628 \u067e\u06cc\u0648\u0633\u062a \u0627\u06cc\u0645\u06cc\u0644 \u0627\u0633\u062a.\n\n\u0639\u0644\u0627\u0648\u0647 \u0628\u0631 \u0627\u06cc\u0646\u060c \u0645\u0647\u0627\u062c\u0645\u0627\u0646 \u0627\u0632 \u0627\u0639\u062a\u0628\u0627\u0631\u0646\u0627\u0645\u0647 \u0647\u0627 \u0628\u0631\u0627\u06cc \u0627\u0631\u0633\u0627\u0644 \u0627\u06cc\u0646 \u0627\u06cc\u0645\u06cc\u0644 \u0647\u0627 \u0627\u0632 \u0637\u0631\u06cc\u0642 \u0633\u0631\u0648\u0631\u0647\u0627\u06cc \u062f\u0648\u0644\u062a\u06cc Exchange \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0645\u06cc \u06a9\u0646\u0646\u062f.\n\n\u0628\u0627 \u0628\u0627\u0632\u06af\u0634\u062a \u0628\u0647 \u062a\u0635\u0627\u062f\u0641\u0627\u062a\u060c TrendMicro \u0647\u0645\u0686\u0646\u06cc\u0646 \u0645\u0639\u062a\u0642\u062f \u0627\u0633\u062a \u06a9\u0647 \u0634\u0628\u0627\u0647\u062a\u200c\u0647\u0627\u06cc\u06cc \u0628\u06cc\u0646 \u06a9\u062f StealHook \u0648 \u062f\u0631\u0647\u0627\u06cc \u067e\u0634\u062a\u06cc OilRig \u06a9\u0647 \u062f\u0631 \u06a9\u0645\u067e\u06cc\u0646\u200c\u0647\u0627\u06cc \u06af\u0630\u0634\u062a\u0647 \u0627\u0632 \u062c\u0645\u0644\u0647 Karkoff \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0645\u06cc\u200c\u0634\u062f\u0646\u062f\u060c \u0648\u062c\u0648\u062f \u062f\u0627\u0631\u062f\u060c \u0628\u0646\u0627\u0628\u0631\u0627\u06cc\u0646 \u0628\u0647 \u0646\u0638\u0631 \u0645\u06cc\u200c\u0631\u0633\u062f \u0622\u062e\u0631\u06cc\u0646 \u0628\u062f\u0627\u0641\u0632\u0627\u0631\u06cc \u06a9\u0647 \u062f\u06cc\u062f\u0647 \u0634\u062f\u0647\u060c \u0628\u0647\u200c\u0631\u0648\u0632\u0631\u0633\u0627\u0646\u06cc \u0628\u062f\u0627\u0641\u0632\u0627\u0631\u0647\u0627\u06cc \u0642\u0628\u0644\u06cc \u0628\u0627\u0634\u062f \u062a\u0627 \u06cc\u06a9 \u062a\u0648\u0633\u0639\u0647 \u062c\u062f\u06cc\u062f.\n\n\u0639\u0644\u0627\u0648\u0647 \u0628\u0631 \u0627\u06cc\u0646\u060c \u0627\u06cc\u0646 \u0627\u0648\u0644\u06cc\u0646 \u0628\u0627\u0631 \u0646\u06cc\u0633\u062a \u06a9\u0647 OilRig \u0627\u0632 \u0633\u0631\u0648\u0631\u0647\u0627\u06cc Microsoft Exchange \u0628\u0647 \u0639\u0646\u0648\u0627\u0646 \u06cc\u06a9 \u062c\u0632\u0621 \u0641\u0639\u0627\u0644 \u062f\u0631 \u062d\u0645\u0644\u0627\u062a \u062e\u0648\u062f \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0645\u06cc \u06a9\u0646\u062f.\n\n\u062a\u0642\u0631\u06cc\u0628\u0627\u064b \u06cc\u06a9 \u0633\u0627\u0644 \u067e\u06cc\u0634\u060c\u00a0Symantec \u0642\u0628\u0644\u0627\u064b \u0645\u0634\u0627\u0647\u062f\u0647 \u06a9\u0631\u062f\u0647 \u0628\u0648\u062f \u06a9\u0647 APT34 \u06cc\u06a9 \u062f\u0631\u067e\u0634\u062a\u06cc PowerExchange \u0631\u0627 \u0631\u0648\u06cc \u0633\u0631\u0648\u0631\u0647\u0627\u06cc Exchange \u062f\u0631\u0648\u0646 \u0645\u062d\u0644 \u0646\u0635\u0628 \u0645\u06cc\u200c\u06a9\u0646\u062f \u06a9\u0647 \u0642\u0627\u062f\u0631 \u0628\u0647 \u062f\u0631\u06cc\u0627\u0641\u062a \u0648 \u0627\u062c\u0631\u0627\u06cc \u062f\u0633\u062a\u0648\u0631\u0627\u062a \u0627\u0632 \u0637\u0631\u06cc\u0642 \u0627\u06cc\u0645\u06cc\u0644 \u0647\u0633\u062a\u0646\u062f.\n\n\u0628\u0627 \u0627\u06cc\u0646 \u062d\u0627\u0644\u060c \u0627\u06cc\u0646 \u06af\u0631\u0648\u0647 \u0647\u0646\u0648\u0632 \u062f\u0631 \u0645\u0646\u0637\u0642\u0647 \u062e\u0627\u0648\u0631\u0645\u06cc\u0627\u0646\u0647 \u0641\u0639\u0627\u0644 \u0627\u0633\u062a \u0648 \u0627\u0631\u062a\u0628\u0627\u0637 \u0622\u0646 \u0628\u0627 FOX Kitten\u060c \u0627\u06af\u0631\u0686\u0647 \u062f\u0631 \u062d\u0627\u0644 \u062d\u0627\u0636\u0631 \u06a9\u0627\u0645\u0644\u0627\u064b \u0645\u0634\u062e\u0635 \u0646\u06cc\u0633\u062a\u060c \u0645\u06cc \u062a\u0648\u0627\u0646\u062f \u062f\u0631 \u0622\u06cc\u0646\u062f\u0647 \u0628\u0647 \u0627\u0636\u0627\u0641\u0647 \u0634\u062f\u0646 \u0628\u0627\u062c \u0627\u0641\u0632\u0627\u0631 \u0628\u0647 \u0632\u0631\u0627\u062f\u062e\u0627\u0646\u0647 \u0622\u0646 \u06a9\u0645\u06a9 \u06a9\u0646\u062f.\n\ud83c\udfaf \u062f\u0631 \u062c\u0631\u06cc\u0627\u0646 \u0646\u0628\u0636 \u0627\u0645\u0646\u06cc\u062a \u0633\u0627\u06cc\u0628\u0631\u06cc \u0635\u0646\u0639\u062a\u06cc \u0628\u0627\u0634\u06cc\u062f:\n\n\ud83c\udfed\u0648\u0628\u0633\u0627\u06cc\u062a \u0648 \u06a9\u0627\u0646\u0627\u0644 \u062a\u062e\u0635\u0635\u06cc \u0627\u0645\u0646\u06cc\u062a \u0632\u06cc\u0631\u0633\u0627\u062e\u062a\u0647\u0627\u06cc \u0627\u062a\u0648\u0645\u0627\u0633\u06cc\u0648\u0646 \u0648 \u06a9\u0646\u062a\u0631\u0644 \u0635\u0646\u0639\u062a\u06cc\n\ud83d\udc6e\ud83c\udffd\u200d\u2640\ufe0f\u0647\u0631\u06af\u0648\u0646\u0647 \u0627\u0646\u062a\u0634\u0627\u0631 \u0648 \u0630\u06a9\u0631 \u0645\u0637\u0627\u0644\u0628 \u0628\u062f\u0648\u0646 \u0630\u06a9\u0631 \u062f\u0642\u06cc\u0642 \u0645\u0646\u0628\u0639 \u0648 \u0622\u062f\u0631\u0633 \u0644\u06cc\u0646\u06a9 \u0622\u0646 \u0645\u0645\u0646\u0648\u0639 \u0627\u0633\u062a. \n\u0627\u062f\u0645\u06cc\u0646:\n\u200fhttps://t.me/pedram_kiani\n\u06a9\u0627\u0646\u0627\u0644 \u062a\u0644\u06af\u0631\u0627\u0645:\nhttps://t.me/ics_cert\n\u06af\u0631\u0648\u0647 \u0648\u0627\u062a\u0633 \u0622\u067e :\nhttps://chat.whatsapp.com/FpB620AWEeSKvd8U6cFh33", "creation_timestamp": "2024-10-24T14:54:54.000000Z"}, {"uuid": "cb769308-a9f6-4676-9b89-a6fc371da266", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-30085", "type": "published-proof-of-concept", "source": "https://t.me/poxek/4735", "content": "All I Want for Christmas is a CVE-2024-30085 Exploit\n#windows #privesc #microsoft\n\n\u0421\u0442\u0430\u0442\u044c\u044f \u043e\u0442 StarsLab - \u044d\u0442\u043e \u0442\u0435 \u0441\u0430\u043c\u044b\u0435 \u0440\u0435\u0431\u044f\u0442\u0430, \u0447\u0442\u043e \u043e\u0442\u0440\u0435\u043f\u043e\u0440\u0442\u0438\u043b\u0438 \u043f\u0430\u0447\u043a\u0443 CVE \u0432 1C Bitrix, \u0442\u0430\u043a \u0447\u0442\u043e \u0441\u0442\u0430\u0442\u044c\u044f \u043a\u0430\u043a \u043c\u0438\u043d\u0438\u043c\u0443\u043c \u0434\u043e\u0441\u0442\u043e\u0439\u043d\u0430 \u0432\u0430\u0448\u0435\u0433\u043e \u0432\u043d\u043c\u0430\u043d\u0438\u044f)\n\nCVE-2024-30085 is a heap-based buffer overflow vulnerability affecting the Windows Cloud Files Mini Filter Driver cldflt.sys. By crafting a custom reparse point, it is possible to trigger the buffer overflow to corrupt an adjacent _WNF_STATE_DATA object. The corrupted _WNF_STATE_DATA object can be used to leak a kernel pointer from an ALPC handle table object. A second buffer overflow is then used to corrupt another _WNF_STATE_DATA object, which is then used to corrupt an adjacent PipeAttribute object. By forging a PipeAttribute object in userspace, we are able to leak the token address and override privileges to escalate privileges to NT AUTHORITY\\SYSTEM.\n\n\u27a1\ufe0f\u0427\u0438\u0442\u0430\u0442\u044c \u0434\u0430\u043b\u0435\u0435\n\u27a1\ufe0fVideo PoC (\u0442\u043e\u0442 \u0436\u0435, \u0447\u0442\u043e \u043f\u0440\u0438\u043a\u0440\u0435\u043f\u043b\u0435\u043d \u043a \u043f\u043e\u0441\u0442\u0443)\n\ud83d\udcf1 Github PoC\n\n\u2615\ufe0f \u0412\u0441\u0435\u0445 \u0441 \u043d\u0430\u0441\u0442\u0443\u043f\u0430\u044e\u0449\u0438\u043c!\n\n\ud83c\udf1a @poxek | \ud83d\udcfa YT | \ud83d\udcfa RT | \ud83d\udcfa VK | \ud83c\udf1a \u041c\u0430\u0433\u0430\u0437\u0438\u043d \u043c\u0435\u0440\u0447\u0430 \u041f\u0440\u043e\u0434\u0430\u0436\u0438 \u0437\u0430\u043a\u0440\u044b\u0442\u044b \u0434\u043e \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0435\u0433\u043e \u0433\u043e\u0434\u0430", "creation_timestamp": "2024-12-25T15:00:11.000000Z"}, {"uuid": "b5eb1bfe-60b3-4ba8-81ee-f4121165e96b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-30085", "type": "published-proof-of-concept", "source": "https://t.me/poxek/4734", "content": "CVE-2024-30085 PoC", "creation_timestamp": "2024-12-25T13:41:22.000000Z"}, {"uuid": "c64f25e1-e446-4c30-be32-c4caa1076b9f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-30089", "type": "published-proof-of-concept", "source": "https://t.me/HackerArsenal/96", "content": "Racing Round and Round: The little bug that could: CVE-2024-30089\n\nhttps://securityintelligence.com/x-force/little-bug-that-could/", "creation_timestamp": "2024-08-01T20:36:06.000000Z"}, {"uuid": "64ec3a45-74d5-4d8f-8858-7e5da79dfa07", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-30088", "type": "published-proof-of-concept", "source": "https://t.me/BlackHat0Hackers/3051", "content": "Windows LPE Exploit\nhttps://github.com/tykawaii98/CVE-2024-30088", "creation_timestamp": "2024-08-24T16:23:44.000000Z"}, {"uuid": "ab726bed-fda1-495a-bafb-8d1c55115a27", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-30088", "type": "exploited", "source": "https://t.me/ViralCyber/9512", "content": "\ud83d\udd34 \u0633\u0648\u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0647\u06a9\u0631\u200c\u0647\u0627\u06cc \u0627\u06cc\u0631\u0627\u0646\u06cc OilRig \u0627\u0632 \u0631\u0648\u0632 \u0635\u0641\u0631 \u06a9\u0631\u0646\u0644 \u0648\u06cc\u0646\u062f\u0648\u0632 \u0628\u0631\u0627\u06cc \u062d\u0645\u0644\u0647 \u0628\u0647 \u0633\u0627\u0632\u0645\u0627\u0646\u200c\u0647\u0627\n\n\u06af\u0631\u0648\u0647 \u0647\u06a9\u0631 \u0645\u0644\u06cc-\u062f\u0648\u0644\u062a\u06cc \u0627\u06cc\u0631\u0627\u0646\u06cc OilRig \u06a9\u0647 \u0628\u0627 \u0646\u0627\u0645 APT34 \u0646\u06cc\u0632 \u0634\u0646\u0627\u062e\u062a\u0647 \u0645\u06cc\u200c\u0634\u0648\u062f\u060c \u0641\u0639\u0627\u0644\u06cc\u062a\u200c\u0647\u0627\u06cc \u062c\u0627\u0633\u0648\u0633\u06cc \u0633\u0627\u06cc\u0628\u0631\u06cc \u062e\u0648\u062f \u0631\u0627 \u062a\u0634\u062f\u06cc\u062f \u06a9\u0631\u062f\u0647 \u0648 \u0632\u06cc\u0631\u0633\u0627\u062e\u062a\u200c\u0647\u0627\u06cc \u062d\u06cc\u0627\u062a\u06cc \u0648 \u0646\u0647\u0627\u062f\u0647\u0627\u06cc \u062f\u0648\u0644\u062a\u06cc \u0627\u0645\u0627\u0631\u0627\u062a \u0645\u062a\u062d\u062f\u0647 \u0639\u0631\u0628\u06cc \u0648 \u0645\u0646\u0637\u0642\u0647 \u0648\u0633\u06cc\u0639\u06cc \u0627\u0632 \u062e\u0644\u06cc\u062c\u200c\u0641\u0627\u0631\u0633 \u0647\u062f\u0641 \u0642\u0631\u0627\u0631 \u062f\u0627\u062f\u0647 \u0627\u0633\u062a.\n\n\u0645\u062d\u0642\u0642\u0627\u0646 Picus Labs \u06cc\u06a9 \u06a9\u0645\u067e\u06cc\u0646 \u067e\u06cc\u0686\u06cc\u062f\u0647 \u062c\u062f\u06cc\u062f \u0631\u0627 \u06a9\u0634\u0641 \u06a9\u0631\u062f\u0647 \u0648 \u0627\u062f\u0639\u0627 \u0646\u0645\u0648\u062f\u0646\u062f \u06a9\u0647 \u0627\u0632 \u06cc\u06a9 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0646\u0627\u0634\u0646\u0627\u062e\u062a\u0647 \u0648\u06cc\u0646\u062f\u0648\u0632 \u06a9\u0631\u0646\u0644 \u0628\u0631\u0627\u06cc \u0627\u0641\u0632\u0627\u06cc\u0634 \u0627\u062e\u062a\u06cc\u0627\u0631\u0627\u062a \u0648 \u0627\u0633\u062a\u0642\u0631\u0627\u0631 \u0628\u062f\u0627\u0641\u0632\u0627\u0631\u200c\u0647\u0627\u06cc \u067e\u06cc\u0634\u0631\u0641\u062a\u0647 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0645\u06cc\u200c\u06a9\u0646\u062f.\n\n\u0627\u0633\u0627\u0633 \u0622\u062e\u0631\u06cc\u0646 \u062d\u0645\u0644\u0647 OilRig\u060c \u0628\u0647\u0631\u0647\u200c\u0628\u0631\u062f\u0627\u0631\u06cc \u0627\u0632 CVE-2024-30088\u060c \u06a9\u0647 \u06cc\u06a9 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0627\u0641\u0632\u0627\u06cc\u0634 \u0627\u062e\u062a\u06cc\u0627\u0631 \u0628\u0627 \u0634\u062f\u062a \u0628\u0627\u0644\u0627 \u0645\u06cc\u200c\u0628\u0627\u0634\u062f \u0627\u0633\u062a \u06a9\u0647 \u0628\u0631 \u0647\u0633\u062a\u0647 \u0648\u06cc\u0646\u062f\u0648\u0632 \u062a\u0627\u062b\u06cc\u0631 \u0645\u06cc\u200c\u06af\u0630\u0627\u0631\u062f. \u0627\u06cc\u0646 \u0646\u0642\u0635 \u0628\u0647 \u0645\u0647\u0627\u062c\u0645\u0627\u0646 \u0627\u062c\u0627\u0632\u0647 \u0645\u06cc\u200c\u062f\u0647\u062f \u062a\u0627 \u0627\u062e\u062a\u06cc\u0627\u0631\u0627\u062a \u062e\u0648\u062f \u0631\u0627 \u0628\u0647 \u0633\u0637\u062d SYSTEM \u0628\u0631\u0633\u0627\u0646\u0646\u062f \u0648 \u0628\u0647 \u0622\u0646\u0647\u0627 \u06a9\u0646\u062a\u0631\u0644 \u06af\u0633\u062a\u0631\u062f\u0647\u200c\u0627\u06cc \u0628\u0631 \u0631\u0648\u06cc \u062f\u0633\u062a\u06af\u0627\u0647\u200c\u0647\u0627\u06cc \u062f\u0631 \u0645\u0639\u0631\u0636 \u062e\u0637\u0631 \u0645\u06cc\u200c\u062f\u0647\u0646\u062f.\n\u200c \n\u0638\u0627\u0647\u0631\u0627 OilRig \u0628\u0647 \u0637\u0648\u0631 \u0641\u0639\u0627\u0644 \u0627\u0632 \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u062f\u0631 \u0639\u0631\u0635\u0647 \u0633\u0627\u06cc\u0628\u0631\u06cc \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0645\u06cc\u200c\u06a9\u0646\u062f.\n\n#Cybersecurity #Cyber_Attack #OilRig #Iran #Zero_Day #Kernel #Windows #Backdoor #STEALHOOK #Ngrok #APT34 #\u0627\u0645\u0646\u06cc\u062a_\u0633\u0627\u06cc\u0628\u0631\u06cc #\u062d\u0645\u0644\u0647_\u0633\u0627\u06cc\u0628\u0631\u06cc #\u0627\u06cc\u0631\u0627\u0646 #\u0631\u0648\u0632_\u0635\u0641\u0631 #\u06a9\u0631\u0646\u0644 #\u0648\u06cc\u0646\u062f\u0648\u0632\n\n\u0645\u0637\u0627\u0644\u0639\u0647 \u06a9\u0627\u0645\u0644 \u062e\u0628\u0631 \ud83d\udc49\n\n\ud83c\udd94 @Takianco\n\ud83c\uddee\ud83c\uddf7", "creation_timestamp": "2024-12-27T10:57:03.000000Z"}, {"uuid": "2955b659-9385-49ac-977a-e4a025326201", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-30088", "type": "exploited", "source": "https://t.me/ViralCyber/6971", "content": "\ud83d\udd34 \u0633\u0648\u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0646\u0642\u0635 \u0647\u0633\u062a\u0647 \u0648\u06cc\u0646\u062f\u0648\u0632 \u062f\u0631 \u06a9\u0645\u067e\u06cc\u0646 \u062c\u062f\u06cc\u062f \u062c\u0627\u0633\u0648\u0633\u06cc \u06af\u0631\u0648\u0647 \u0627\u06cc\u0631\u0627\u0646\u06cc OilRig\n\n\u06af\u0631\u0648\u0647 \u0647\u06a9\u0631\u06cc \u062a\u062d\u062a \u062d\u0645\u0627\u06cc\u062a \u062f\u0648\u0644\u062a \u062c\u0645\u0647\u0648\u0631\u06cc \u0627\u0633\u0644\u0627\u0645\u06cc \u0627\u06cc\u0631\u0627\u0646\u060c APT34\u060c \u0628\u0627 \u0646\u0627\u0645 \u0645\u0633\u062a\u0639\u0627\u0631 OilRig\u060c \u0627\u062e\u06cc\u0631\u0627 \u0641\u0639\u0627\u0644\u06cc\u062a\u200c\u0647\u0627\u06cc \u062e\u0648\u062f \u0631\u0627 \u0628\u0627 \u062d\u0645\u0644\u0647 \u0628\u0647 \u062f\u0648\u0644\u062a \u0648 \u0646\u0647\u0627\u062f\u0647\u0627\u06cc \u0632\u06cc\u0631\u0633\u0627\u062e\u062a\u06cc \u062d\u06cc\u0627\u062a\u06cc \u062f\u0631 \u0627\u0645\u0627\u0631\u0627\u062a \u0645\u062a\u062d\u062f\u0647 \u0639\u0631\u0628\u06cc \u0648 \u0645\u0646\u0637\u0642\u0647 \u062e\u0644\u06cc\u062c\u200c\u0641\u0627\u0631\u0633\u060c \u0627\u0641\u0632\u0627\u06cc\u0634 \u062f\u0627\u062f\u0647 \u0627\u0633\u062a.\n\n\u0637\u0628\u0642 \u0627\u062f\u0639\u0627\u06cc \u0645\u062d\u0642\u0642\u0627\u0646 Trend Micro\u060c \u06af\u0631\u0648\u0647 OilRig \u06cc\u06a9 backdoor \u062c\u062f\u06cc\u062f \u0631\u0627 \u0628\u0647\u200c\u06a9\u0627\u0631 \u06af\u0631\u0641\u062a\u0647 \u0648 \u0633\u0631\u0648\u0631\u0647\u0627\u06cc Microsoft Exchange \u0631\u0627 \u0628\u0631\u0627\u06cc \u0633\u0631\u0642\u062a \u0627\u0637\u0644\u0627\u0639\u0627\u062a \u062d\u0633\u0627\u0633 \u06a9\u0627\u0631\u0628\u0631\u06cc \u0647\u062f\u0641 \u0642\u0631\u0627\u0631 \u062f\u0627\u062f\u0647 \u0627\u0633\u062a \u0648 \u0647\u0645\u0686\u0646\u06cc\u0646 \u0627\u0632 \u0646\u0642\u0635 \u0648\u06cc\u0646\u062f\u0648\u0632 CVE-2024-30088 \u0628\u0631\u0627\u06cc \u0627\u0641\u0632\u0627\u06cc\u0634 \u0627\u062e\u062a\u06cc\u0627\u0631\u0627\u062a \u062f\u0631 \u062f\u0633\u062a\u06af\u0627\u0647\u200c\u0647\u0627\u06cc \u062f\u0631 \u0645\u0639\u0631\u0636 \u062e\u0637\u0631 \u0633\u0648\u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0646\u0645\u0648\u062f\u0646\u062f.\n\n\u0627\u06cc\u0646 \u0634\u0631\u06a9\u062a \u0647\u0645\u0686\u0646\u06cc\u0646 \u0628\u06cc\u0646 OilRig \u0648 FOX Kitten (\u062f\u06cc\u06af\u0631 \u06af\u0631\u0648\u0647 APT \u0627\u06cc\u0631\u0627\u0646\u06cc) \u0627\u0633\u062a \u06a9\u0647 \u062f\u0631 \u062d\u0645\u0644\u0627\u062a \u0628\u0627\u062c\u200c\u0627\u0641\u0632\u0627\u0631 \u0645\u0634\u0627\u0631\u06a9\u062a \u062f\u0627\u0631\u062f\u060c \u0637\u0628\u0642 \u0627\u062f\u0639\u0627\u0647\u0627\u06cc \u062e\u0648\u062f\u060c \u0627\u0631\u062a\u0628\u0627\u0637\u0627\u062a\u06cc \u0631\u0627 \u06a9\u0634\u0641 \u06a9\u0631\u062f\u0647 \u0627\u0633\u062a.\n\n\u0627\u06cc\u0646 \u062d\u0645\u0644\u0627\u062a \u0628\u0627 \u0628\u0647\u0631\u0647\u200c\u0628\u0631\u062f\u0627\u0631\u06cc \u0627\u0632 \u06cc\u06a9 \u0648\u0628 \u0633\u0631\u0648\u0631 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631 \u0628\u0631\u0627\u06cc \u0622\u067e\u0644\u0648\u062f \u06cc\u06a9 web shell \u0622\u063a\u0627\u0632 \u0645\u06cc\u200c\u0634\u0648\u062f \u0648 \u0628\u0647 \u0645\u0647\u0627\u062c\u0645\u0627\u0646 \u062a\u0648\u0627\u0646\u0627\u06cc\u06cc \u0627\u062c\u0631\u0627\u06cc \u06a9\u062f\u0647\u0627\u06cc \u0631\u0627\u0647 \u062f\u0648\u0631 \u0648 \u062f\u0633\u062a\u0648\u0631\u0627\u062a PowerShell \u0631\u0627 \u0645\u06cc\u200c\u062f\u0647\u062f.\n\n#Cybersecurity #Cyber_Attack #OilRig #Iran #Fox_Kitten #backdoor #ngrok #StealHook #APT34 #Malware #\u0627\u0645\u0646\u06cc\u062a_\u0633\u0627\u06cc\u0628\u0631\u06cc #\u062d\u0645\u0644\u0647_\u0633\u0627\u06cc\u0628\u0631\u06cc #\u0627\u06cc\u0631\u0627\u0646 #\u0628\u062f\u0627\u0641\u0632\u0627\u0631 #\u0627\u0648\u06cc\u0644_\u0631\u06cc\u06af\n\n\u0645\u0637\u0627\u0644\u0639\u0647 \u06a9\u0627\u0645\u0644 \u062e\u0628\u0631 \ud83d\udc49\n\n\ud83c\udd94 @Takianco\n\ud83c\uddee\ud83c\uddf7", "creation_timestamp": "2024-10-14T22:54:28.000000Z"}, {"uuid": "1b41540f-ed04-429d-9c3e-a77ca9bc4715", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-30088", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3674", "content": "Tools - Hackers Factory \n\nTools from the DEFCON 32 talk \"SHIM me what you got - Manipulating Shim and Office for Code Injection\"\n\nhttps://github.com/deepinstinct/ShimMe\n\nGitHub - exploits-forsale/collateral-damage: Kernel exploit for Xbox SystemOS using CVE-2024-30088\n\nhttps://github.com/exploits-forsale/collateral-damage\n\nAPKscan: Scan for secrets, endpoints, API keys, tokens, credentials in Android apps\n\nhttps://github.com/LucasFaudman/apkscan\n\n3 ways to get Remote Code Execution in Kafka UI\n\nhttps://github.blog/2024-07-22-3-ways-to-get-remote-code-execution-in-kafka-ui/\n\nGitHub - mqst/gouge: Gouge is a simple Burp extension to extract or gouge all URLs which are seen in JS files as you visit different websites/webpages in Burp Suite\n\nhttps://github.com/mqst/gouge\n\nGitHub - two06/CerealKiller: .NET deserialization hunter\n\nhttps://github.com/two06/CerealKiller\n\nGitHub - securelayer7/CVE-2024-38856_Scanner: Apache OFBiz RCE Scanner & Exploit (CVE-2024-38856)\n\nhttps://github.com/securelayer7/CVE-2024-38856_Scanner\n\nA technique to unbind and rebind 445/tcp on Windows without loading a driver, loading a module into LSASS, or rebooting the target machine. Implemented to ease the burden of SMB-based NTLM relays while operating over C2. Technical analysis of the technique is dicussed in more detail during the Relay Your Heart Away: An OPSEC Concious Approach to 445 Takeover presentation at x33fcon.\n\nhttps://github.com/zyn3rgy/smbtakeover\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-08-16T02:26:37.000000Z"}, {"uuid": "9b651dde-047b-4fd0-a8ed-64a2fec74ab2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-30080", "type": "seen", "source": "https://t.me/infoinspect/758", "content": "#\u0442\u0435\u0445\u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0430\n\n\ud83e\ude9f \u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 Windows: \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u043a\u0438\u0431\u0435\u0440\u0433\u0438\u0433\u0438\u0435\u043d\u044b\n\n\ud83d\udcc4 Microsoft \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435, \u0437\u0430\u043a\u0440\u044b\u0432\u0430\u044e\u0449\u0435\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Wi-Fi, \u043f\u043e\u043b\u0443\u0447\u0438\u0432\u0448\u0443\u044e \u043e\u0446\u0435\u043d\u043a\u0443 8.8 \u043f\u043e 10-\u0431\u0430\u043b\u043b\u044c\u043d\u043e\u0439 \u0448\u043a\u0430\u043b\u0435. \u041e\u0448\u0438\u0431\u043a\u0430 CVE-2024-30078 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u0434 \u043d\u0430 \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u0435 \u0447\u0435\u0440\u0435\u0437 \u0434\u0440\u0430\u0439\u0432\u0435\u0440 Wi-Fi. \u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u043c \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c Windows \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0441\u043a\u043e\u0440\u0435\u0435.\n\n\u2139\ufe0f \u0422\u0430\u043a\u0436\u0435 \u0437\u0430\u043a\u0440\u044b\u0442\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u043a\u043e\u0434\u0430 \u0447\u0435\u0440\u0435\u0437 Microsoft Message Queuing. \u042d\u0442\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043e\u0446\u0435\u043d\u0435\u043d\u043d\u0430\u044f \u043d\u0430 9.8, \u043c\u043e\u0433\u043b\u0430 \u0443\u0436\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0440\u0435\u0448\u0435\u043d\u0430 \u043f\u0430\u0442\u0447\u0435\u043c CVE-2024-30080.\n\n\ud83c\udd98 \u041f\u043e\u0441\u043b\u0435\u0434\u043d\u044f\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0434 \u043d\u043e\u043c\u0435\u0440\u043e\u043c CVE-2023-50868 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438 \u0447\u0435\u0440\u0435\u0437 \u043f\u0435\u0440\u0435\u0433\u0440\u0443\u0437\u043a\u0443 \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0434\u043e\u043c\u0435\u043d\u043d\u044b\u0445 \u0438\u043c\u0435\u043d. \u042d\u0442\u0430 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0432 \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u043c \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0441\u0435\u0440\u0432\u0435\u0440\u043d\u044b\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0438 \u043c\u0435\u043d\u044c\u0448\u0435 \u043a\u0430\u0441\u0430\u0435\u0442\u0441\u044f \u0434\u043e\u043c\u0430\u0448\u043d\u0438\u0445 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439.\n\n\ud83d\udcbb \u041f\u0430\u0442\u0447\u0438 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u044b \u0434\u043b\u044f Windows 10 \u0438 11 \u043f\u043e\u0434 \u043d\u043e\u043c\u0435\u0440\u043e\u043c KB5039214 \u0434\u043b\u044f \u0441\u0431\u043e\u0440\u043e\u043a 14393.7070, 22621.3737 \u0438 22631.3737.\n\n\u2754 \u041a\u0430\u043a \u043f\u0440\u043e\u0432\u0435\u0440\u0438\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0432\u0430\u0448\u0435\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b?\n \u2196\ufe0f \u041f\u0435\u0440\u0435\u0439\u0434\u0438\u0442\u0435 \u0432 \"\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 Windows\" \u0432 \"\u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0430\u0445\" \u0438\u043b\u0438 \"\u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u0430\u0445\".\n\u2196\ufe0f \u0423\u0431\u0435\u0434\u0438\u0442\u0435\u0441\u044c, \u0447\u0442\u043e \u043e\u0442\u043e\u0431\u0440\u0430\u0436\u0430\u0435\u0442\u0441\u044f \u043d\u0430\u0434\u043f\u0438\u0441\u044c \"\u0423 \u0432\u0430\u0441 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u044b \u0432\u0441\u0435 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f\".\n\u2196\ufe0f \u041d\u0430\u0436\u043c\u0438\u0442\u0435 \u043a\u043d\u043e\u043f\u043a\u0443 \"\u041f\u0440\u043e\u0432\u0435\u0440\u0438\u0442\u044c \u043d\u0430\u043b\u0438\u0447\u0438\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439\", \u0447\u0442\u043e\u0431\u044b \u0443\u0431\u0435\u0434\u0438\u0442\u044c\u0441\u044f, \u0447\u0442\u043e \u0432\u0441\u0435 \u043f\u0430\u0442\u0447\u0438 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u044b.\n\n\u2139\ufe0f \u0414\u0430\u0436\u0435 \u0435\u0441\u043b\u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u0430 \u0433\u043e\u0432\u043e\u0440\u0438\u0442, \u0447\u0442\u043e \u0432\u0441\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u044b, \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0435, \u043d\u043e \u0435\u0449\u0435 \u043d\u0435 \u0437\u0430\u0433\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0435 \u043f\u0430\u0442\u0447\u0438.\n\n\u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044e\n\n\u26a0\ufe0f \u041d\u0415 \u0420\u0415\u041a\u041e\u041c\u0415\u041d\u0414\u0423\u0415\u0422\u0421\u042f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u044e \"\u041f\u043e\u043b\u0443\u0447\u0430\u0439\u0442\u0435 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f, \u043a\u0430\u043a \u0442\u043e\u043b\u044c\u043a\u043e \u043e\u043d\u0438 \u0431\u0443\u0434\u0443\u0442 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\". \u041b\u0443\u0447\u0448\u0435 \u0432\u0440\u0443\u0447\u043d\u0443\u044e \u043e\u0431\u043d\u043e\u0432\u043b\u044f\u0442\u044c \u041f\u041e \u043d\u0430 \u0432\u0441\u0435\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 \u0440\u0430\u0437 \u0432 \u043c\u0435\u0441\u044f\u0446, \u043f\u0440\u0438\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u044f\u0441\u044c \u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u044b\u0445 \u043f\u0440\u0438\u0432\u044b\u0447\u0435\u043a \u043a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438.\n\n\u041f\u043e\u0434\u043f\u0438\u0441\u0430\u0442\u044c\u0441\u044f \u043d\u0430 \u043a\u0430\u043d\u0430\u043b \u2705", "creation_timestamp": "2024-06-30T12:52:04.000000Z"}, {"uuid": "6221e0d5-916f-458f-b627-ad4040d4965d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-30088", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/7349", "content": "Tools  - Hackers Factory \n\nTookie-osint has a simple-to-use UI and is really straightforward. The main idea of Tookie-osint is to discover usernames that are requested from an input.\n\nhttps://github.com/Alfredredbird/tookie-osint\n\n#CyberDilara\n\nGPU poisoning; hide the payload inside the gpu memory.\n\nhttps://github.com/H1d3r/GPU_ShellCode\n\nThis is a simple obfuscator for WireGuard. It is designed to make it harder to detect WireGuard traffic by making it look like something else.\n\nhttps://github.com/ClusterM/wg-obfuscator\n\nSploitScan is a powerful and user-friendly tool designed to streamline the process of identifying exploits for known vulnerabilities and their respective exploitation probability.\n\nhttps://github.com/xaitax/SploitScan\n\nA shellcode runner write in Rust use\n\nhttps://github.com/b1tg/rs-shellcode\n\nKernel exploit for Xbox SystemOS using CVE-2024-30088\n\nhttps://github.com/exploits-forsale/collateral-damage\n\nZip Slip Vulnerability in .a Static Library Files.  Since the implemented measure can be bypassed, the vulnerability allows an attacker to extract files to any desired location within the server running #MobSF.\n\nhttps://github.com/MobSF/Mobile-Security-Framework-MobSF/security/advisories/GHSA-4hh3-vj32-gr6j\n\nPython script to monitor your target continuously for new subdomains.\n\nhttps://github.com/faiyazahmad07/monitor_subdomains\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-08-27T09:08:21.000000Z"}, {"uuid": "8871a0a0-d2b4-432b-9842-36722ba90a3c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-30088", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/7291", "content": "Tools - Hackers Factory \n\nTools from the DEFCON 32 talk \"SHIM me what you got - Manipulating Shim and Office for Code Injection\"\n\nhttps://github.com/deepinstinct/ShimMe\n\nGitHub - exploits-forsale/collateral-damage: Kernel exploit for Xbox SystemOS using CVE-2024-30088\n\nhttps://github.com/exploits-forsale/collateral-damage\n\nAPKscan: Scan for secrets, endpoints, API keys, tokens, credentials in Android apps\n\nhttps://github.com/LucasFaudman/apkscan\n\n3 ways to get Remote Code Execution in Kafka UI\n\nhttps://github.blog/2024-07-22-3-ways-to-get-remote-code-execution-in-kafka-ui/\n\nGitHub - mqst/gouge: Gouge is a simple Burp extension to extract or gouge all URLs which are seen in JS files as you visit different websites/webpages in Burp Suite\n\nhttps://github.com/mqst/gouge\n\nGitHub - two06/CerealKiller: .NET deserialization hunter\n\nhttps://github.com/two06/CerealKiller\n\nGitHub - securelayer7/CVE-2024-38856_Scanner: Apache OFBiz RCE Scanner & Exploit (CVE-2024-38856)\n\nhttps://github.com/securelayer7/CVE-2024-38856_Scanner\n\nA technique to unbind and rebind 445/tcp on Windows without loading a driver, loading a module into LSASS, or rebooting the target machine. Implemented to ease the burden of SMB-based NTLM relays while operating over C2. Technical analysis of the technique is dicussed in more detail during the Relay Your Heart Away: An OPSEC Concious Approach to 445 Takeover presentation at x33fcon.\n\nhttps://github.com/zyn3rgy/smbtakeover\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-08-16T02:26:29.000000Z"}, {"uuid": "d350f221-f7f6-4506-84fe-d25a5e578c32", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-30088", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/6999", "content": "Tools - Hackers Factory \n\nGitHub - a13xp0p0v/kernel-hardening-checker: A tool for checking the security hardening options of the Linux kernel\n\nhttps://github.com/a13xp0p0v/kernel-hardening-checker\n\nELMERIKH/TelecordC2: Advanced Telegram x Discord C2, great for data Exfitration and Network evasion\n\nhttps://github.com/ELMERIKH/TelecordC2\n\nOSCP Example Cheat Sheet \n\ngithub.com/xsudoxx/OSCP\n\n(Old) List of Awesome Red Teaming Resources\n\nhttps://github.com/yeyintminthuhtut/Awesome-Red-Teaming\n\n(exploits-forsale)Collateral Damage :\u00a0 Kernel exploit for Xbox SystemOS using CVE-2024-30088\n\nhttps://github.com/exploits-forsale/collateral-damage\n\nAwesome-Red-Team-Operation\n\nhttps://github.com/CyberSecurityUP/Awesome-Red-Team-Operations\n\nWith NoConsolation you can now custom load all the dependencies from the PE you are going to execute, ensuring no image load events!\n\nhttps://github.com/fortra/No-Consolation\n\nAll-in-one OSINT tool for analysing any website\n\nhttps://github.com/Lissy93/web-check\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-07-22T11:27:29.000000Z"}, {"uuid": "fc098096-b09f-4fb3-aa7e-799aa24bc2fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-30088", "type": "published-proof-of-concept", "source": "https://t.me/cybersecs/2884", "content": "https://github.com/tykawaii98/CVE-2024-30088 Windows LPE CVE-2024-30088. \u0410\u0432\u0438\u0440\u044c \u043f\u0430\u043b\u0438\u0442, \u043d\u043e \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442.", "creation_timestamp": "2024-06-26T17:09:16.000000Z"}, {"uuid": "bde6c2bd-bba3-4daa-b980-6a621385df22", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-30088", "type": "seen", "source": "https://t.me/true_secator/6317", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Trend Micro \u0432\u044b\u043a\u0430\u0442\u0438\u043b\u0438 \u043d\u043e\u0432\u044b\u0439 \u043e\u0442\u0447\u0435\u0442, \u043e\u0442\u043c\u0435\u0447\u0430\u044f \u0430\u043a\u0442\u0438\u0432\u0438\u0437\u0430\u0446\u0438\u044e \u0434\u0435\u044f\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u0438 \u0438\u0440\u0430\u043d\u0441\u043a\u043e\u0439 APT34 (aka OilRig), \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u043e\u0439 \u0441 \u0437\u0430\u043f\u0443\u0441\u043a\u043e\u043c \u043d\u043e\u0432\u044b\u0445 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u043d\u0430 \u0433\u043e\u0441\u0443\u0447\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u044f \u0438 \u043e\u0431\u044a\u0435\u043a\u0442\u044b \u041a\u0418\u0418 \u0432 \u041e\u0410\u042d \u0438 \u0440\u0435\u0433\u0438\u043e\u043d\u0435 \u041f\u0435\u0440\u0441\u0438\u0434\u0441\u043a\u043e\u0433\u043e \u0437\u0430\u043b\u0438\u0432\u0430.\n\n\u0412 \u0445\u043e\u0434\u0435 \u0437\u0430\u043c\u0435\u0447\u0435\u043d\u043d\u044b\u0445 \u0430\u0442\u0430\u043a OilRig \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430 \u043d\u043e\u0432\u044b\u0439 \u0431\u044d\u043a\u0434\u043e\u0440, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u044b\u0439 \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u044b Microsoft Exchange \u0434\u043b\u044f \u043a\u0440\u0430\u0436\u0438 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u043b\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2024-30088 \u0434\u043b\u044f \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u0441\u0432\u043e\u0438\u0445 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u043d\u0430 \u0432\u0437\u043b\u043e\u043c\u0430\u043d\u043d\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445.\n\n\u041f\u043e\u043c\u0438\u043c\u043e \u0430\u043d\u0430\u043b\u0438\u0437\u0430 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u0438, Trend Micro \u0442\u0430\u043a\u0436\u0435 \u043f\u0440\u043e\u0441\u043b\u0435\u0434\u0438\u043b\u0430 \u0437\u0430 \u0432\u0437\u0430\u0438\u043c\u043e\u0441\u0432\u044f\u0437\u044f\u043c\u0438\u0430\u0442\u0438\u043b\u0438 \u043d\u043e\u0432\u044b\u0439 \u043e\u0442\u0447\u0435\u0442, \u043e\u0442\u043c\u0435\u0447\u0430\u044f\u0434\u0440\u0443\u0433\u043e\u0439 \u0438\u0440\u0430\u043d\u0441\u043a\u043e\u0439 APT-\u0433\u0440\u0443\u043f\u043f\u043e\u0439, \u0443\u0447\u0430\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u0439 \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c-\u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0435\u0439.\n\n\u041d\u0430\u0431\u043b\u044e\u0434\u0430\u0435\u043c\u044b\u0435 Trend Micro \u0430\u0442\u0430\u043a\u0438 \u043d\u0430\u0447\u0438\u043d\u0430\u044e\u0442\u0441\u044f \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0433\u043e \u0432\u0435\u0431-\u0441\u0435\u0440\u0432\u0435\u0440\u0430 \u0434\u043b\u044f \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0432\u0435\u0431-\u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0438, \u0447\u0442\u043e \u0434\u0430\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u0439 \u043a\u043e\u0434 \u0438 \u043a\u043e\u043c\u0430\u043d\u0434\u044b PowerShell.\n\n\u041f\u043e\u0441\u043b\u0435 \u0430\u043a\u0442\u0438\u0432\u0430\u0446\u0438\u0438 OilRig \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u0432\u0435\u0431-\u043e\u0431\u043e\u043b\u043e\u0447\u043ab \u0434\u043b\u044f \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044f \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u043e\u0432, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442, \u043f\u0440\u0435\u0434\u043d\u0430\u0437\u043d\u0430\u0447\u0435\u043d\u043d\u044b\u0439 \u0434\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 Windows CVE-2024-30088.\n\nCVE-2024-30088 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 EoP-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u044b\u0441\u043e\u043a\u043e\u0433\u043e \u0443\u0440\u043e\u0432\u043d\u044f \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u0443\u044e Microsoft \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0432 \u0438\u044e\u043d\u0435 2024 \u0433\u043e\u0434\u0430.\n\n\u041e\u043d\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u043e\u0432\u044b\u0448\u0430\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0434\u043e SYSTEM, \u0447\u0442\u043e \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u0435\u0442 \u0438\u043c \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u043d\u0430\u0434 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c\u0438 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u043c\u0438.\n\nMicrosoft\u00a0\u043f\u0440\u0438\u0437\u043d\u0430\u043b\u0430\u00a0\u043d\u0430\u043b\u0438\u0447\u0438\u0435 PoC \u0434\u043b\u044f CVE-2024-30088, \u043d\u043e \u0434\u043e \u0441\u0438\u0445 \u043f\u043e\u0440 \u043d\u0435 \u043f\u043e\u043c\u0435\u0442\u0438\u043b\u0430 \u0435\u0435 \u043a\u0430\u043a \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u0443\u044e. CISA \u0442\u0430\u043a\u0436\u0435 \u043d\u0435 \u0443\u043f\u043e\u043c\u0438\u043d\u0430\u0435\u0442 \u0435\u0435 \u0432 \u0441\u0432\u043e\u0435\u043c \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0435 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0445 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439.\n\n\u0414\u0430\u043b\u0435\u0435 OilRig \u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0438\u0440\u0443\u0435\u0442 DLL-\u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0443 \u0444\u0438\u043b\u044c\u0442\u0440\u0430 \u043f\u0430\u0440\u043e\u043b\u0435\u0439 \u0434\u043b\u044f \u043f\u0435\u0440\u0435\u0445\u0432\u0430\u0442\u0430 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u0445 \u0442\u0435\u043a\u0441\u0442\u043e\u0432\u044b\u0445 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u0432\u043e \u0432\u0440\u0435\u043c\u044f \u0441\u043c\u0435\u043d\u044b \u043f\u0430\u0440\u043e\u043b\u044f, \u0430 \u0437\u0430\u0442\u0435\u043c \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0435\u0442 \u0438 \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0435\u0442 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f ngrok \u0434\u043b\u044f \u0441\u043a\u0440\u044b\u0442\u043e\u0439 \u0441\u0432\u044f\u0437\u0438 \u0447\u0435\u0440\u0435\u0437 \u0437\u0430\u0449\u0438\u0449\u0435\u043d\u043d\u044b\u0435 \u0442\u0443\u043d\u043d\u0435\u043b\u0438.\n\n\u0414\u0440\u0443\u0433\u043e\u0439 \u043d\u043e\u0432\u043e\u0439 \u0442\u0430\u043a\u0442\u0438\u043a\u043e\u0439 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u0445 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 Microsoft Exchange \u0434\u043b\u044f \u043a\u0440\u0430\u0436\u0438 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u0438 \u0438\u0437\u0432\u043b\u0435\u0447\u0435\u043d\u0438\u044f \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u0447\u0435\u0440\u0435\u0437 \u043b\u0435\u0433\u0438\u0442\u0438\u043c\u043d\u044b\u0439 \u0442\u0440\u0430\u0444\u0438\u043a \u044d\u043b\u0435\u043a\u0442\u0440\u043e\u043d\u043d\u043e\u0439 \u043f\u043e\u0447\u0442\u044b, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0442\u0440\u0443\u0434\u043d\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0442\u044c.\n\n\u042d\u043a\u0441\u0444\u0438\u043b\u044c\u0442\u0440\u0430\u0446\u0438\u044f \u0443\u043f\u0440\u043e\u0449\u0430\u0435\u0442\u0441\u044f \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043d\u043e\u0432\u043e\u0433\u043e \u0431\u044d\u043a\u0434\u043e\u0440\u0430 \u043f\u043e\u0434 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435\u043c StealHook. \n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c Trend Micro \u043f\u043e\u043b\u0430\u0433\u0430\u0435\u0442, \u0447\u0442\u043e \u043f\u0440\u0430\u0432\u0438\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0435\u043d\u043d\u0430\u044f \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430 \u0447\u0430\u0441\u0442\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u043e\u043f\u043e\u0440\u043d\u043e\u0439 \u0442\u043e\u0447\u043a\u0438, \u0447\u0442\u043e\u0431\u044b \u043f\u0440\u043e\u0446\u0435\u0441\u0441 \u0432\u044b\u0433\u043b\u044f\u0434\u0435\u043b \u0437\u0430\u043a\u043e\u043d\u043d\u044b\u043c.\n\n\u0413\u043b\u0430\u0432\u043d\u0430\u044f \u0446\u0435\u043b\u044c \u044d\u0442\u043e\u0433\u043e \u044d\u0442\u0430\u043f\u0430 - \u043f\u0435\u0440\u0435\u0445\u0432\u0430\u0442\u0438\u0442\u044c \u0443\u043a\u0440\u0430\u0434\u0435\u043d\u043d\u044b\u0435 \u043f\u0430\u0440\u043e\u043b\u0438 \u0438 \u043f\u0435\u0440\u0435\u0434\u0430\u0442\u044c \u0438\u0445 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432 \u0432\u0438\u0434\u0435 \u0432\u043b\u043e\u0436\u0435\u043d\u0438\u0439 \u044d\u043b\u0435\u043a\u0442\u0440\u043e\u043d\u043d\u043e\u0439 \u043f\u043e\u0447\u0442\u044b.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u043a\u0440\u0435\u0434\u044b \u0434\u043b\u044f \u043f\u0435\u0440\u0435\u0441\u044b\u043b\u043a\u0438 \u044d\u0442\u0438\u0445 \u043f\u0438\u0441\u0435\u043c \u0447\u0435\u0440\u0435\u0437 \u043f\u0440\u0430\u0432\u0438\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u044b Exchange.\n\n\u0412\u043e\u0437\u0432\u0440\u0430\u0449\u0430\u044f\u0441\u044c \u043a \u0441\u043e\u0432\u043f\u0430\u0434\u0435\u043d\u0438\u044f\u043c, TrendMicro \u043f\u043e\u043b\u0430\u0433\u0430\u0435\u0442 \u0442\u0430\u043a\u0436\u0435 \u043e \u043d\u0430\u043b\u0438\u0447\u0438\u0438 \u0441\u0445\u043e\u0434\u0441\u0442\u0432\u0430 \u043c\u0435\u0436\u0434\u0443 \u043a\u043e\u0434\u043e\u043c StealHook \u0438 \u0431\u044d\u043a\u0434\u043e\u0440\u0430\u043c\u0438 OilRig, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u0432 \u043f\u0440\u043e\u0448\u043b\u044b\u0445 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u044f\u0445, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 Karkoff, \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u044f\u044f \u0437\u0430\u043c\u0435\u0447\u0435\u043d\u043d\u0430\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u0430\u044f \u041f\u041e, \u043f\u043e-\u0432\u0438\u0434\u0438\u043c\u043e\u043c\u0443, \u0434\u043e\u0440\u0430\u0431\u043e\u0442\u043a\u0430 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0438\u0445, \u043d\u0435\u0436\u0435\u043b\u0438 \u043d\u043e\u0432\u0430\u044f \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u0430.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, OilRig \u043d\u0435 \u043f\u0435\u0440\u0432\u044b\u0439 \u0440\u0430\u0437 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u0441\u0435\u0440\u0432\u0435\u0440\u044b Microsoft Exchange \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0433\u043e \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430 \u0441\u0432\u043e\u0438\u0445 \u0430\u0442\u0430\u043a.\n\n\u041f\u043e\u0447\u0442\u0438 \u0433\u043e\u0434 \u043d\u0430\u0437\u0430\u0434\u00a0Symantec \u0443\u0436\u0435 \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u043b\u0430, \u043a\u0430\u043a APT34 \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u043b\u0430 \u0431\u044d\u043a\u0434\u043e\u0440 PowerExchange \u043d\u0430 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u0445 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u0445 Exchange, \u0441\u043f\u043e\u0441\u043e\u0431\u043d\u044b\u0445 \u043f\u043e\u043b\u0443\u0447\u0430\u0442\u044c \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u043f\u043e \u044d\u043b\u0435\u043a\u0442\u0440\u043e\u043d\u043d\u043e\u0439 \u043f\u043e\u0447\u0442\u0435.\n\n\u0422\u0435\u043c \u043d\u0435 \u043c\u0435\u043d\u0435\u0435, \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0430 \u043f\u043e-\u043f\u0440\u0435\u0436\u043d\u0435\u043c\u0443 \u0430\u043a\u0442\u0438\u0432\u043d\u0430 \u0432 \u0440\u0435\u0433\u0438\u043e\u043d\u0435 \u0411\u043b\u0438\u0436\u043d\u0435\u0433\u043e \u0412\u043e\u0441\u0442\u043e\u043a\u0430, \u0430 \u0435\u0435 \u0441\u0432\u044f\u0437\u044c \u0441 FOX Kitten, \u0445\u043e\u0442\u044f \u043d\u0430 \u0434\u0430\u043d\u043d\u044b\u0439 \u043c\u043e\u043c\u0435\u043d\u0442 \u0434\u043e \u043a\u043e\u043d\u0446\u0430 \u0438 \u043d\u0435\u043f\u043e\u043d\u044f\u0442\u043d\u0430, \u043d\u043e \u0432 \u043f\u0435\u0440\u0441\u043f\u0435\u043a\u0442\u0438\u0432\u0435 \u043c\u043e\u0436\u0435\u0442 \u0441\u043f\u043e\u0441\u043e\u0431\u0441\u0442\u0432\u043e\u0432\u0430\u0442\u044c \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u0438\u044e ransomware \u0432 \u0435\u0435 \u0430\u0440\u0441\u0435\u043d\u0430\u043b.", "creation_timestamp": "2024-10-14T16:20:05.000000Z"}, {"uuid": "f3e1f784-6ee7-4806-b299-375d2c7bc98b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-30088", "type": "exploited", "source": "https://t.me/true_secator/5960", "content": "\u0421\u043b\u0435\u0434\u0443\u044f \u0432\u044b\u0448\u0435\u0438\u0437\u043b\u043e\u0436\u0435\u043d\u043d\u044b\u043c \u0443\u043c\u043e\u0437\u0430\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u044f\u043c \u0413\u0440\u0438\u0431\u043e\u0432, \u041f\u043e\u0437\u0438\u0442\u0438\u0432\u044b \u043f\u0440\u043e\u0448\u0435\u0440\u0441\u0442\u0438\u043b\u0438 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u0445 \u0438\u0437 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u0435\u0439 \u0432\u0435\u043d\u0434\u043e\u0440\u043e\u0432, \u0441\u043e\u0446\u0441\u0435\u0442\u0435\u0439, \u0431\u043b\u043e\u0433\u043e\u0432, \u0422\u0413-\u043a\u0430\u043d\u0430\u043b\u043e\u0432, \u0431\u0430\u0437 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432, \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u0445 \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0435\u0432 \u043a\u043e\u0434\u0430, \u0432\u044b\u0434\u0435\u043b\u0438\u0432 \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0442\u0440\u0435\u043d\u0434\u043e\u0432\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0438\u044e\u043d\u044f.\n\n\u041f\u043e \u0441\u0443\u0442\u0438 \u044d\u0442\u043e \u0441\u0430\u043c\u044b\u0435 \u043e\u043f\u0430\u0441\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043b\u0438\u0431\u043e \u0443\u0436\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0442\u0441\u044f \u0432\u0436\u0438\u0432\u0443\u044e, \u043b\u0438\u0431\u043e \u043c\u043e\u0433\u0443\u0442 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0432 \u0431\u043b\u0438\u0436\u0430\u0439\u0448\u0435\u0435 \u0432\u0440\u0435\u043c\u044f.\n\n\u0412 \u044d\u0442\u043e\u043c \u043c\u0435\u0441\u044f\u0446\u0435 \u0442\u0430\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043e\u043a\u0430\u0437\u0430\u043b\u043e\u0441\u044c \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u043c\u043d\u043e\u0433\u043e \u2014 \u0434\u0435\u0432\u044f\u0442\u044c:\n\n- \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Microsoft Windows, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0435 \u0441 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435\u043c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439: \u0432 \u0441\u043b\u0443\u0436\u0431\u0435 CSC (CVE-2024-26229), \u0441\u043b\u0443\u0436\u0431\u0435 Error Reporting (CVE-2024-26169) \u0438 \u044f\u0434\u0440\u0435 \u041e\u0421 (CVE-2024-30088);\n\n- \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0430\u044f \u043a \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430, \u0432 \u0441\u043a\u0440\u0438\u043f\u0442\u043e\u0432\u043e\u043c \u044f\u0437\u044b\u043a\u0435 PHP \u043d\u0430 \u0443\u0437\u043b\u0430\u0445 \u043f\u043e\u0434 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c Windows (CVE-2024-4577);\n\n- \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0430\u044f \u043a \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044e \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439, \u0432 \u044f\u0434\u0440\u0435 Linux (CVE-2024-1086);\n\n- \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u0435\u043c \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438, \u0432 Check Point Quantum Security Gateways (CVE-2024-24919);\n\n- \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 VMware vCenter, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0438\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 (CVE-2024-37079, CVE-2024-37080);\n\n- \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Veeam Backup & Replication, \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0430\u044f \u043a \u043e\u0431\u0445\u043e\u0434\u0443 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 (CVE-2024-29849).\n\n\u041f\u043e\u0434\u0440\u043e\u0431\u043d\u043e \u043f\u043e \u043a\u0430\u0436\u0434\u043e\u0439 \u0441 \u0443\u043a\u0430\u0437\u0430\u043d\u0438\u0435\u043c \u043f\u0440\u0438\u0437\u043d\u0430\u043a\u043e\u0432 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438, \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u0443 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u0436\u0435\u0440\u0442\u0432, \u043d\u0430\u043b\u0438\u0447\u0438\u044f \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0445 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0441\u043f\u043e\u0441\u043e\u0431\u043e\u0432 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0438 \u043a\u043e\u043c\u043f\u0435\u043d\u0441\u0438\u0440\u0443\u044e\u0449\u0438\u0445 \u043c\u0435\u0440 - \u0432 \u0431\u043b\u043e\u0433\u0435\u00a0Positive Technologies.", "creation_timestamp": "2024-07-11T18:50:01.000000Z"}, {"uuid": "43767a97-14e8-401f-9dc5-763560e9826c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-30088", "type": "exploited", "source": "https://t.me/CyberBulletin/26919", "content": "\u26a1\ufe0fCVE-2024-30088 Under Attack: OilRig Targets Windows Kernel Vulnerability.\n\n#CyberBulletin", "creation_timestamp": "2024-12-26T04:50:40.000000Z"}, {"uuid": "f8de633b-dee8-4aca-bf76-4023dde43a04", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-30088", "type": "exploited", "source": "https://t.me/GhostClanInt/25334", "content": "Tools - Hackers Factory \n\nGitHub - a13xp0p0v/kernel-hardening-checker: A tool for checking the security hardening options of the Linux kernel\n\nhttps://github.com/a13xp0p0v/kernel-hardening-checker\n\nELMERIKH/TelecordC2: Advanced Telegram x Discord C2, great for data Exfitration and Network evasion\n\nhttps://github.com/ELMERIKH/TelecordC2\n\nOSCP Example Cheat Sheet \n\ngithub.com/xsudoxx/OSCP\n\n(Old) List of Awesome Red Teaming Resources\n\nhttps://github.com/yeyintminthuhtut/Awesome-Red-Teaming\n\n(exploits-forsale)Collateral Damage :  Kernel exploit for Xbox SystemOS using CVE-2024-30088\n\nhttps://github.com/exploits-forsale/collateral-damage\n\nAwesome-Red-Team-Operation\n\nhttps://github.com/CyberSecurityUP/Awesome-Red-Team-Operations\n\nWith NoConsolation you can now custom load all the dependencies from the PE you are going to execute, ensuring no image load events!\n\nhttps://github.com/fortra/No-Consolation\n\nAll-in-one OSINT tool for analysing any website\n\nhttps://github.com/Lissy93/web-check\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-07-22T08:46:57.000000Z"}, {"uuid": "ab2f1192-f64d-44f4-8eb9-89e5375159c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-30088", "type": "exploited", "source": "https://t.me/thehackernews/5723", "content": "Iranian threat actor OilRig is exploiting a Windows Kernel #vulnerability (CVE-2024-30088) to gain SYSTEM privileges, enabling backdoor deployment and data theft. \n \nLearn how to protect your systems now https://thehackernews.com/2024/10/oilrig-exploits-windows-kernel-flaw-in.html", "creation_timestamp": "2024-10-13T11:42:43.000000Z"}, {"uuid": "1be920c7-094d-4582-bf7d-3145f964eb56", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-30088", "type": "exploited", "source": "https://t.me/thebugbountyhunter/8931", "content": "GitHub - exploits-forsale/collateral-damage: Kernel exploit for Xbox SystemOS using CVE-2024-30088\n\nhttps://github.com/exploits-forsale/collateral-damage", "creation_timestamp": "2024-07-16T11:00:26.000000Z"}, {"uuid": "1d2f32ac-bdd3-4cb8-aa38-7d79d1b7ebaa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-30085", "type": "published-proof-of-concept", "source": "https://t.me/CyberBulletin/26905", "content": "\u26a1\ufe0fPoC Exploit Released for CVE-2024-30085: Windows Elevation of Privilege Vulnerability.\n\n#CyberBulletin", "creation_timestamp": "2024-12-24T09:08:09.000000Z"}, {"uuid": "b73368e1-f87e-4653-a773-e060c0a87856", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-30089", "type": "seen", "source": "https://t.me/CNArsenal/2938", "content": "https://securityintelligence.com/x-force/little-bug-that-could/\n\nRacing Round and Round: The Little Bug That Could cve-2024-30089\n#\u5206\u6790", "creation_timestamp": "2024-08-02T10:40:07.000000Z"}, {"uuid": "c10b4de0-255d-4224-ac1b-a942bb2b014e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-30088", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:11:00.000000Z"}, {"uuid": "1b92c32e-0e06-440a-b5a5-7ad44cba839d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-30085", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:02.000000Z"}, {"uuid": "887d0dfd-a37e-43c1-994c-41a0c5a3bc8f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-30088", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:02.000000Z"}, {"uuid": "7c191eeb-361c-406c-ba76-2eba2c76177f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2024-30085", "type": "seen", "source": "https://infosec.exchange/users/alexandreborges/statuses/116172161342991986", "content": "", "creation_timestamp": "2026-03-04T17:48:25.717152Z"}, {"uuid": "69431f46-5214-4109-b9b4-edaa57d939be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2024-30085", "type": "seen", "source": "https://bsky.app/profile/alexandreborges.bsky.social/post/3mgatqiwxk22q", "content": "", "creation_timestamp": "2026-03-04T17:48:22.939939Z"}, {"uuid": "61be9ff9-4012-4a8a-878b-9d546076a20f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-30088", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/425f8459-7ade-48f4-9d2e-8b5d809e3e44", "content": "", "creation_timestamp": "2026-02-02T12:26:26.234191Z"}, {"uuid": "90281fc2-cadf-4b21-9468-25c52358977d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-30088", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/425f8459-7ade-48f4-9d2e-8b5d809e3e44", "content": "", "creation_timestamp": "2026-02-02T12:26:26.234191Z"}, {"uuid": "12a37437-713b-4719-9d4d-bd8f9e033e34", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2024-30085", "type": "seen", "source": "https://infosec.exchange/users/dragonjar/statuses/116329107783430964", "content": "", "creation_timestamp": "2026-04-01T11:01:58.427036Z"}, {"uuid": "91070ecb-8627-4492-91ef-e3a6763a2040", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-30088", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8091", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aQuesta repository contiene una replica (tentativo di replica) scritto in Python per CVE-2024-30088.\nURL\uff1ahttps://github.com/Admin9961/CVE-2024-30088\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-07-27T10:43:35.000000Z"}, {"uuid": "3d68d1c5-872a-4010-8774-3da96ecbdb91", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-30088", "type": "seen", "source": "https://t.me/itsec_news/4525", "content": "\u200b\u26a1\ufe0fCheck Point \u0438 Veeam \u043d\u0435 \u0443\u0441\u0442\u043e\u044f\u043b\u0438: \u043e\u0431\u0437\u043e\u0440 \u0442\u0440\u0435\u043d\u0434\u043e\u0432\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0437\u0430 \u0438\u044e\u043d\u044c\n\n\ud83d\udcac\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Positive Technologies \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0430 \u0441\u043f\u0438\u0441\u043e\u043a \u0434\u0435\u0432\u044f\u0442\u0438 \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u043e\u043f\u0430\u0441\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0445 \u0432 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445 Microsoft, VMware, Linux, VPN-\u0448\u043b\u044e\u0437\u0435 \u043e\u0442 Check Point Software Technologies \u0438 \u0432 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u043c \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u0438 Veeam Backup Enterprise Manager. \u042d\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043f\u043e \u043c\u043d\u0435\u043d\u0438\u044e \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u043e\u0432, \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0442 \u043d\u0430\u0438\u0431\u043e\u043b\u044c\u0448\u0443\u044e \u0443\u0433\u0440\u043e\u0437\u0443 \u0434\u043b\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0439 \u0438 \u0442\u0440\u0435\u0431\u0443\u044e\u0442 \u043d\u0435\u043c\u0435\u0434\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0438\u043b\u0438 \u043f\u0440\u0438\u043d\u044f\u0442\u0438\u044f \u043a\u043e\u043c\u043f\u0435\u043d\u0441\u0438\u0440\u0443\u044e\u0449\u0438\u0445 \u043c\u0435\u0440.\n\n\u0422\u0440\u0435\u043d\u0434\u043e\u0432\u044b\u043c\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c\u0438 \u0441\u0447\u0438\u0442\u0430\u044e\u0442\u0441\u044f \u0442\u0435 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438 \u0438\u043b\u0438 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0432 \u0431\u043b\u0438\u0436\u0430\u0439\u0448\u0435\u0435 \u0432\u0440\u0435\u043c\u044f. \u0414\u043b\u044f \u0438\u0445 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f \u044d\u043a\u0441\u043f\u0435\u0440\u0442\u044b Positive Technologies \u0430\u043d\u0430\u043b\u0438\u0437\u0438\u0440\u0443\u044e\u0442 \u0434\u0430\u043d\u043d\u044b\u0435 \u0438\u0437 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u043e\u0432: \u0431\u0430\u0437\u044b \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0438 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432, \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0432\u0435\u043d\u0434\u043e\u0440\u043e\u0432, \u0441\u043e\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0435 \u0441\u0435\u0442\u0438, \u0431\u043b\u043e\u0433\u0438 \u0438 \u0442\u0435\u043b\u0435\u0433\u0440\u0430\u043c-\u043a\u0430\u043d\u0430\u043b\u044b, \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u0435 \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0438 \u043a\u043e\u0434\u0430 \u0438 \u0434\u0440\u0443\u0433\u0438\u0435.\n\n\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 Windows\n\u041d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u043c\u0438 \u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u0442\u0440\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0435 \u0432 Windows. \u041e\u043d\u0438 \u043c\u043e\u0433\u0443\u0442 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044c \u043e\u043a\u043e\u043b\u043e \u043c\u0438\u043b\u043b\u0438\u0430\u0440\u0434\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043c\u0430\u043a\u0441\u0438\u043c\u0430\u043b\u044c\u043d\u044b\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435, \u0447\u0442\u043e \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u0435\u0442 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0434\u043b\u044f \u0434\u0430\u043b\u044c\u043d\u0435\u0439\u0448\u0435\u0433\u043e \u0440\u0430\u0437\u0432\u0438\u0442\u0438\u044f \u0430\u0442\u0430\u043a\u0438.\n\n1. CVE-2024-26229: \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0435 \u0434\u043b\u044f \u0445\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0430\u0432\u0442\u043e\u043d\u043e\u043c\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432 Client-Side Caching (CSC) Windows. \u041e\u0448\u0438\u0431\u043a\u0430 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u0431\u0443\u0444\u0435\u0440\u0430, \u0447\u0442\u043e \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u0437\u043b\u043e\u0432\u0440\u0435\u0434\u043d\u043e\u0439 \u043f\u0435\u0440\u0435\u0437\u0430\u043f\u0438\u0441\u0438 \u043f\u0430\u043c\u044f\u0442\u0438 \u0432 \u043a\u0443\u0447\u0435 (\u043e\u0442\u043d\u0435\u0441\u0435\u043d\u0430 \u0432 \u043a\u0430\u0442\u0435\u0433\u043e\u0440\u0438\u044e CWE-122 ). ). \u042d\u0442\u043e \u043f\u0440\u043e\u0438\u0441\u0445\u043e\u0434\u0438\u0442 \u0438\u0437-\u0437\u0430 \u043d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u043e\u0439 \u0440\u0430\u0431\u043e\u0442\u044b \u0441 \u043f\u0430\u043c\u044f\u0442\u044c\u044e \u0432 \u0441\u043b\u0443\u0436\u0431\u0435 \u043a\u044d\u0448\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f CSC. CVSS-\u043e\u0446\u0435\u043d\u043a\u0430: 7,8.\n\n2. CVE-2024-26169: \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0441\u043b\u0443\u0436\u0431\u0435 \u043e\u0442\u043f\u0440\u0430\u0432\u043a\u0438 \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u0439 \u043e\u0431 \u043e\u0448\u0438\u0431\u043a\u0430\u0445 (Windows Error Reporting). \u041e\u043d\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0432 \u0441\u043b\u0443\u0436\u0431\u0435 \u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0430\u0446\u0438\u0438 \u043e\u0448\u0438\u0431\u043e\u043a Windows \u0438 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u0430 \u0432 \u043a\u0430\u0442\u0435\u0433\u043e\u0440\u0438\u044e CWE-269 . \u042d\u0442\u043e\u0442 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u043a \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0441\u0432\u044f\u0437\u0430\u043d \u0441 \u0442\u0435\u043c, \u0447\u0442\u043e \u0441\u043b\u0443\u0436\u0431\u0430 \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e \u043d\u0430\u0437\u043d\u0430\u0447\u0430\u0435\u0442, \u0438\u0437\u043c\u0435\u043d\u044f\u0435\u0442, \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442 \u0438\u043b\u0438 \u043f\u0440\u043e\u0432\u0435\u0440\u044f\u0435\u0442 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f, \u0438\u0437-\u0437\u0430 \u0447\u0435\u0433\u043e \u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432 \u043f\u043e\u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0435\u0433\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c. CVSS-\u043e\u0446\u0435\u043d\u043a\u0430: 7,8.\n\n3. CVE-2024-30088: \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u044f\u0434\u0440\u0430 Windows, \u0432\u044b\u0437\u0432\u0430\u043d\u043d\u0430\u044f \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u043e\u043c \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0432 \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u043f\u043e\u0434\u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u044b NtQueryInformationToken. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0432\u043e\u0437\u043d\u0438\u043a\u0430\u0435\u0442 \u0438\u0437-\u0437\u0430 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u044f \u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e\u0439 \u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u043a\u0438 \u043f\u0440\u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0438 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0439 \u043d\u0430\u0434 \u043e\u0431\u044a\u0435\u043a\u0442\u043e\u043c. CVSS-\u043e\u0446\u0435\u043d\u043a\u0430: 7,0.\n\n\u0414\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u043f\u0435\u0440\u0435\u0447\u0438\u0441\u043b\u0435\u043d\u043d\u044b\u0445 \u0432\u044b\u0448\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 Microsoft \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438: CVE-2024-26229 , CVE-2024-26169 , CVE-2024-30088 .\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Linux \u0438 VMware\n\u0415\u0449\u0435 \u043e\u0434\u043d\u0430 \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0432 \u044f\u0434\u0440\u0435 Linux, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0430\u044f \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u043b\u0443\u0442\u043e\u0440\u0430 \u043c\u0438\u043b\u043b\u0438\u043e\u043d\u043e\u0432 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432.\n\n4. CVE-2024-1086: \u041e\u0448\u0438\u0431\u043a\u0430 \u0432 \u043f\u043e\u0434\u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u043c\u0435\u0436\u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u044d\u043a\u0440\u0430\u043d\u0430 netfilter \u044f\u0434\u0440\u0430 Linux \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0434\u043e \u0443\u0440\u043e\u0432\u043d\u044f root. \u042d\u0442\u043e \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u043c \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f\u043c \u0434\u043b\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u044b. CVSS-\u043e\u0446\u0435\u043d\u043a\u0430: 7,8. \u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u043e\u0432\u0430\u043d\u043e \u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u044c \u0438\u043d\u0441\u0442\u0440\u0443\u043a\u0446\u0438\u0438 \u043d\u0430 \u043e\u0444\u0438\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0441\u0442\u0440\u0430\u043d\u0438\u0446\u0435 kernel.org .\nVMware \u0442\u0430\u043a\u0436\u0435 \u043e\u043a\u0430\u0437\u0430\u043b\u0441\u044f \u043f\u043e\u0434 \u0443\u0434\u0430\u0440\u043e\u043c.\n\n5 \u0438 6. CVE-2024-37080 \u0438 CVE-2024-37079: \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 VMware vCenter, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0435 \u0441 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u043a\u043e\u0434\u0430. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0435 VMware vCenter \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u043e\u043b\u043d\u044b\u0439 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u043d\u0430\u0434 \u0441\u0438\u0441\u0442\u0435\u043c\u043e\u0439 \u0441 \u0446\u0435\u043b\u044c\u044e \u0434\u0430\u043b\u044c\u043d\u0435\u0439\u0448\u0435\u0433\u043e \u0440\u0430\u0437\u0432\u0438\u0442\u0438\u044f \u0430\u0442\u0430\u043a\u0438. \u042d\u0442\u0438 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0432\u044b\u0437\u0432\u0430\u043d\u044b \u043e\u0448\u0438\u0431\u043a\u043e\u0439 \u0440\u0430\u0431\u043e\u0442\u044b \u0441 \u043f\u0430\u043c\u044f\u0442\u044c\u044e \u0432 \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0430 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u0437\u043e\u0432\u0430 \u043f\u0440\u043e\u0446\u0435\u0434\u0443\u0440 DCE (RPC). CVSS-\u043e\u0446\u0435\u043d\u043a\u0430: 9,8. \u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u0441\u043a\u0430\u0447\u0430\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043d\u0430 \u043e\u0444\u0438\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0441\u0442\u0440\u0430\u043d\u0438\u0446\u0435 VMware.\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 PHP \u0438 VPN-\u0448\u043b\u044e\u0437\u0435 Check Point\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u044b \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u044f\u0437\u044b\u043a\u0435 PHP \u0438 VPN-\u0448\u043b\u044e\u0437\u0430\u0445 Check Point Software Technologies.\n\n7. CVE-2024-4577: \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u044f\u0437\u044b\u043a\u0435 PHP \u043f\u0440\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0438 Apache \u0438 PHP CGI \u0432 Windows. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u0439 \u043a\u043e\u0434 (remote code execution, RCE) \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435. \u0412 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0435 \u043e\u043d \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u043e\u043b\u043d\u044b\u0439 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u043d\u0430\u0434 \u043d\u0435\u0439 \u0441 \u0446\u0435\u043b\u044c\u044e \u0434\u0430\u043b\u044c\u043d\u0435\u0439\u0448\u0435\u0433\u043e \u0440\u0430\u0437\u0432\u0438\u0442\u0438\u044f \u0430\u0442\u0430\u043a\u0438.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2024-07-11T09:12:24.000000Z"}, {"uuid": "dc248145-3b71-4cdc-8e70-974b7f7fa50b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-30084", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/1100", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-30084\n\ud83d\udd39 Description: Windows Kernel-Mode Driver Elevation of Privilege Vulnerability\n\ud83d\udccf Published: 2024-06-11T16:59:53.731Z\n\ud83d\udccf Modified: 2025-01-09T21:45:41.740Z\n\ud83d\udd17 References:\n1. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30084", "creation_timestamp": "2025-01-09T22:15:49.000000Z"}, {"uuid": "8003e33e-894e-4eb0-87d1-4c5652aff87a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-30088", "type": "published-proof-of-concept", "source": "Telegram/cPtN8zT2SnIpst_mCQq3aWBw8_Qfv87fHZTqq98UoI4vu1g", "content": "", "creation_timestamp": "2025-10-06T09:00:04.000000Z"}, {"uuid": "85547fa6-b042-4b3d-a722-55c5ae91e2f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2024-30085", "type": "seen", "source": "https://infosec.exchange/users/alexandreborges/statuses/116483747479373095", "content": "", "creation_timestamp": "2026-04-28T18:28:54.269806Z"}, {"uuid": "e0baea95-589b-401f-b51d-9b415f538c70", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-30085", "type": "seen", "source": "https://t.me/itsec_news/5777", "content": "\u200b\u26a1\ufe0f11 \u0446\u0438\u0444\u0440\u043e\u0432\u044b\u0445 \u0434\u044b\u0440, \u0447\u0435\u0440\u0435\u0437 \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0436\u043d\u043e \u0443\u043d\u0435\u0441\u0442\u0438 \u0432\u0441\u0451: \u043e\u0442 \u0434\u0430\u043d\u043d\u044b\u0445 \u0434\u043e \u043d\u0430\u0441\u0442\u0440\u043e\u0435\u043d\u0438\u044f\n\n\ud83d\udcac \u042d\u043a\u0441\u043f\u0435\u0440\u0442\u044b Positive Technologies \u043e\u0442\u043d\u0435\u0441\u043b\u0438 \u043a \u0447\u0438\u0441\u043b\u0443 \u0442\u0440\u0435\u043d\u0434\u043e\u0432\u044b\u0445 \u0435\u0449\u0451 \u043e\u0434\u0438\u043d\u043d\u0430\u0434\u0446\u0430\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0438\u0445 \u043a\u043b\u044e\u0447\u0435\u0432\u044b\u0435 \u044d\u043b\u0435\u043c\u0435\u043d\u0442\u044b \u0446\u0438\u0444\u0440\u043e\u0432\u043e\u0439 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b. \u0412 \u0441\u043f\u0438\u0441\u043e\u043a \u0432\u043e\u0448\u043b\u0438 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u044b Microsoft, \u0433\u0438\u043f\u0435\u0440\u0432\u0438\u0437\u043e\u0440\u044b VMware, \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440 Kubernetes \u0438 \u0432\u0435\u0431-\u0441\u0435\u0440\u0432\u0435\u0440 Apache Tomcat.\n\nMicrosoft\n\nCVE-2024-30085 \u2014 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0435 Windows Cloud Files Mini Filter (CVSS 7.8) \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0435\u043c\u0443 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c SYSTEM-\u0434\u043e\u0441\u0442\u0443\u043f. \u041e\u0448\u0438\u0431\u043a\u0430 \u0432\u044b\u0437\u0432\u0430\u043d\u0430 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u0431\u0443\u0444\u0435\u0440\u0430 \u043a\u0443\u0447\u0438 \u043f\u0440\u0438 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0435 \u0431\u0438\u0442\u043e\u0432\u044b\u0445 \u043a\u0430\u0440\u0442. \u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 : \u0441\u0435\u0433\u043c\u0435\u043d\u0442\u0430\u0446\u0438\u044f \u0441\u0435\u0442\u0438, PoLP, \u0443\u0441\u0438\u043b\u0435\u043d\u043d\u044b\u0439 \u043c\u043e\u043d\u0438\u0442\u043e\u0440\u0438\u043d\u0433.\n\nCVE-2025-24983 \u2014 \u043e\u0448\u0438\u0431\u043a\u0430 \u0432 \u043f\u043e\u0434\u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u044f\u0434\u0440\u0430 Win32 (CVSS 7.0) \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0447\u0435\u0440\u0435\u0437 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u0443\u044e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0443, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0433\u043e\u043d\u043a\u0443. \u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 : \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u0435 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u0445 \u043f\u0440\u0430\u0432, \u043c\u043e\u043d\u0438\u0442\u043e\u0440\u0438\u043d\u0433 \u043f\u043e\u043f\u044b\u0442\u043e\u043a \u044d\u0441\u043a\u0430\u043b\u0430\u0446\u0438\u0438.\n\nCVE-2025-26633 \u2014 \u043e\u0431\u0445\u043e\u0434 \u0437\u0430\u0449\u0438\u0442\u044b \u0432 Microsoft Management Console (CVSS 7.0). \u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0432\u043d\u0435\u0434\u0440\u0438\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 MSC-\u0444\u0430\u0439\u043b \u0447\u0435\u0440\u0435\u0437 \u0444\u0438\u0448\u0438\u043d\u0433. \u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 : \u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u043a\u0430 MSC \u0438 VHD-\u0444\u0430\u0439\u043b\u043e\u0432 \u043d\u0430 \u043f\u0440\u043e\u043a\u0441\u0438 \u0438 \u043c\u0435\u0436\u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u044d\u043a\u0440\u0430\u043d\u0430\u0445.\n\nCVE-2025-24071 \u2014 \u0441\u043f\u0443\u0444\u0438\u043d\u0433 \u0432 Windows File Explorer (CVSS 7.5). \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c NTLM-\u0445\u0435\u0448\u0438, \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044f LIBRARY-MS-\u0444\u0430\u0439\u043b\u044b. \u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 : \u043f\u043e\u0434\u043f\u0438\u0441\u044b\u0432\u0430\u043d\u0438\u0435 SMB, \u043e\u0442\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435 NTLM.\n\nCVE-2025-24993 \u2014 RCE \u0432 \u0444\u0430\u0439\u043b\u043e\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 NTFS (CVSS 7.8). \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0447\u0435\u0440\u0435\u0437 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 VHD-\u0434\u0438\u0441\u043a.\n\nCVE-2025-24985 \u2014 \u0430\u043d\u0430\u043b\u043e\u0433\u0438\u0447\u043d\u0430\u044f RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Fast FAT (CVSS 7.8), \u0442\u0430\u043a\u0436\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 VHD \u0434\u043b\u044f \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e.\n\nVMware\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Shadowserver, \u0431\u043e\u043b\u0435\u0435 40 \u0442\u044b\u0441. \u0443\u0437\u043b\u043e\u0432 ESXi \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u0438\u0437\u0432\u043d\u0435 \u0438 \u043f\u043e\u0434\u0432\u0435\u0440\u0436\u0435\u043d\u044b \u0440\u0438\u0441\u043a\u0443:\n\nCVE-2025-22224 (CVSS 9.3) \u2014 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u0430\u044f \u0437\u0430\u043f\u0438\u0441\u044c \u0447\u0435\u0440\u0435\u0437 TOCTOU \u0432 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0435 ESXi \u0438 Workstation.\n\nCVE-2025-22225 (CVSS 8.2) \u2014 \u0437\u0430\u043f\u0438\u0441\u044c \u043a\u043e\u0434\u0430 \u0432 \u043e\u0431\u043b\u0430\u0441\u0442\u044c \u044f\u0434\u0440\u0430 VMX-\u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0430.\n\nCVE-2025-22226 (CVSS 7.1) \u2014 \u0443\u0442\u0435\u0447\u043a\u0430 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0447\u0435\u0440\u0435\u0437 \u0447\u0442\u0435\u043d\u0438\u0435 \u0437\u0430 \u043f\u0440\u0435\u0434\u0435\u043b\u0430\u043c\u0438 \u0434\u043e\u043f\u0443\u0441\u0442\u0438\u043c\u043e\u0433\u043e \u0434\u0438\u0430\u043f\u0430\u0437\u043e\u043d\u0430 \u0432 HGFS.\n\n\u0420\u0435\u0448\u0435\u043d\u0438\u044f : \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 VMware Workstation 17.6.3, Fusion 13.6.3 \u0438 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0445 \u043f\u0430\u0442\u0447\u0435\u0439.\n\nKubernetes\n\nCVE-2025-1974 (CVSS 9.8) \u2014 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 ingress-nginx \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043a\u043e\u0434 \u043d\u0430 \u0443\u0440\u043e\u0432\u043d\u0435 \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u0430. \u041f\u043e\u0434 \u0443\u0434\u0430\u0440\u043e\u043c \u0431\u043e\u043b\u0435\u0435 6500 \u0438\u043d\u0441\u0442\u0430\u043d\u0441\u043e\u0432, \u043f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Wiz .\n\n\u041c\u0435\u0440\u044b \u0437\u0430\u0449\u0438\u0442\u044b : \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 ingress-nginx, \u043e\u0442\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435 Validating Admission Controller \u0438 \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0445 \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u043e\u0432.\n\nApache\n\nCVE-2025-24813 (CVSS 9.8) \u2014 RCE \u0432 Tomcat \u0447\u0435\u0440\u0435\u0437 \u0447\u0430\u0441\u0442\u0438\u0447\u043d\u044b\u0435 PUT-\u0437\u0430\u043f\u0440\u043e\u0441\u044b \u0438 \u0434\u0435\u0441\u0435\u0440\u0438\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u044e. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0435 Rapid7 \u0432\u044b\u044f\u0432\u0438\u043b\u043e ~200 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432.\n\n\u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 : \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043e Tomcat 9.0.99, 10.1.35, 11.0.3 \u0438 \u0432\u044b\u0448\u0435.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2025-04-11T17:25:57.000000Z"}, {"uuid": "9bcf670e-e89d-468e-8ee0-e223d1bb477d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-30088", "type": "published-proof-of-concept", "source": "https://t.me/Kelvinseccommunity/529", "content": "#exploit\n1. CVE-2024-22729:\nNetis MW5360 RCE\nhttps://packetstormsecurity.com/files/179200/Netis-MW5360-Remote-Command-Execution.html\n\n2. CVE-2024-30088:\nWindows Kernel\u00a0EoP\nhttps://github.com/tykawaii98/CVE-2024-30088", "creation_timestamp": "2024-06-26T09:50:07.000000Z"}, {"uuid": "4bc6e48e-24ab-4f68-916d-3dcd0cb2fb2a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-30088", "type": "published-proof-of-concept", "source": "https://t.me/HackingInsights/3755", "content": "\u200aPoC Exploit Published for Windows Kernel Elevation of Privilege Vulnerability (CVE-2024-30088)\n\nhttps://securityonline.info/poc-exploit-published-for-windows-kernel-elevation-of-privilege-vulnerability-cve-2024-30088/", "creation_timestamp": "2024-06-27T04:28:28.000000Z"}, {"uuid": "f82e2b0b-c191-4d39-9dc5-530cdd53687d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-30088", "type": "published-proof-of-concept", "source": "https://t.me/CyberDilara/759", "content": "Tools  - Hackers Factory \n\nTookie-osint has a simple-to-use UI and is really straightforward. The main idea of Tookie-osint is to discover usernames that are requested from an input.\n\nhttps://github.com/Alfredredbird/tookie-osint\n\n#CyberDilara\n\nGPU poisoning; hide the payload inside the gpu memory.\n\nhttps://github.com/H1d3r/GPU_ShellCode\n\nThis is a simple obfuscator for WireGuard. It is designed to make it harder to detect WireGuard traffic by making it look like something else.\n\nhttps://github.com/ClusterM/wg-obfuscator\n\nSploitScan is a powerful and user-friendly tool designed to streamline the process of identifying exploits for known vulnerabilities and their respective exploitation probability.\n\nhttps://github.com/xaitax/SploitScan\n\nA shellcode runner write in Rust use\n\nhttps://github.com/b1tg/rs-shellcode\n\nKernel exploit for Xbox SystemOS using CVE-2024-30088\n\nhttps://github.com/exploits-forsale/collateral-damage\n\nZip Slip Vulnerability in .a Static Library Files.  Since the implemented measure can be bypassed, the vulnerability allows an attacker to extract files to any desired location within the server running #MobSF.\n\nhttps://github.com/MobSF/Mobile-Security-Framework-MobSF/security/advisories/GHSA-4hh3-vj32-gr6j\n\nPython script to monitor your target continuously for new subdomains.\n\nhttps://github.com/faiyazahmad07/monitor_subdomains\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-08-27T05:29:59.000000Z"}, {"uuid": "ba2ede98-df2c-43b7-981d-cd66074a46a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-30088", "type": "exploited", "source": "https://t.me/InfoSecInsider/23552", "content": "Tools  - Hackers Factory \n\nTookie-osint has a simple-to-use UI and is really straightforward. The main idea of Tookie-osint is to discover usernames that are requested from an input.\n\nhttps://github.com/Alfredredbird/tookie-osint\n\n#CyberDilara\n\nGPU poisoning; hide the payload inside the gpu memory.\n\nhttps://github.com/H1d3r/GPU_ShellCode\n\nThis is a simple obfuscator for WireGuard. It is designed to make it harder to detect WireGuard traffic by making it look like something else.\n\nhttps://github.com/ClusterM/wg-obfuscator\n\nSploitScan is a powerful and user-friendly tool designed to streamline the process of identifying exploits for known vulnerabilities and their respective exploitation probability.\n\nhttps://github.com/xaitax/SploitScan\n\nA shellcode runner write in Rust use\n\nhttps://github.com/b1tg/rs-shellcode\n\nKernel exploit for Xbox SystemOS using CVE-2024-30088\n\nhttps://github.com/exploits-forsale/collateral-damage\n\nZip Slip Vulnerability in .a Static Library Files.  Since the implemented measure can be bypassed, the vulnerability allows an attacker to extract files to any desired location within the server running #MobSF.\n\nhttps://github.com/MobSF/Mobile-Security-Framework-MobSF/security/advisories/GHSA-4hh3-vj32-gr6j\n\nPython script to monitor your target continuously for new subdomains.\n\nhttps://github.com/faiyazahmad07/monitor_subdomains\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-08-27T05:30:34.000000Z"}, {"uuid": "58534307-7eaa-43a7-82d0-a5c25a57e265", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-30088", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3471", "content": "Tools - Hackers Factory \n\nGitHub - a13xp0p0v/kernel-hardening-checker: A tool for checking the security hardening options of the Linux kernel\n\nhttps://github.com/a13xp0p0v/kernel-hardening-checker\n\nELMERIKH/TelecordC2: Advanced Telegram x Discord C2, great for data Exfitration and Network evasion\n\nhttps://github.com/ELMERIKH/TelecordC2\n\nOSCP Example Cheat Sheet \n\ngithub.com/xsudoxx/OSCP\n\n(Old) List of Awesome Red Teaming Resources\n\nhttps://github.com/yeyintminthuhtut/Awesome-Red-Teaming\n\n(exploits-forsale)Collateral Damage :  Kernel exploit for Xbox SystemOS using CVE-2024-30088\n\nhttps://github.com/exploits-forsale/collateral-damage\n\nAwesome-Red-Team-Operation\n\nhttps://github.com/CyberSecurityUP/Awesome-Red-Team-Operations\n\nWith NoConsolation you can now custom load all the dependencies from the PE you are going to execute, ensuring no image load events!\n\nhttps://github.com/fortra/No-Consolation\n\nAll-in-one OSINT tool for analysing any website\n\nhttps://github.com/Lissy93/web-check\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-07-22T05:10:02.000000Z"}, {"uuid": "9bee859a-ff89-4161-9689-0bbc23bc9784", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-30080", "type": "seen", "source": "https://t.me/true_secator/5848", "content": "\u041f\u043e\u0434\u043a\u0430\u0442\u0438\u043b \u0438\u044e\u043d\u044c\u0441\u043a\u0438\u0439 PatchTuesday \u043e\u0442 Microsoft \u0441 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f\u043c\u0438 51 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0432\u043a\u043b\u044e\u0447\u0430\u044f 18 RCE \u0438 0-day, \u0430 \u0442\u0430\u043a\u0436\u0435 7 - \u0432 Chromium/Edge.\n\n\u041a \u0443\u0434\u0438\u0432\u043b\u0435\u043d\u0438\u044e, \u043b\u0438\u0448\u044c \u043e\u0434\u043d\u0430 CVE \u0432 Microsoft Message Queuing \u0438\u043c\u0435\u0435\u0442 \u0440\u0435\u0439\u0442\u0438\u043d\u0433 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439, \u0435\u0449\u0451 38 \u0438\u043c\u0435\u044e\u0442 \u0432\u044b\u0441\u043e\u043a\u0438\u0439 \u043f\u0440\u0438\u043e\u0440\u0438\u0442\u0435\u0442 \u0438 12 - \u0441\u0440\u0435\u0434\u043d\u0438\u0439, \u0430 \u0432 \u0440\u0430\u0441\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u0438\u0438 \u043f\u043e \u043a\u0430\u0442\u0435\u0433\u043e\u0440\u0438\u044f\u043c \u043f\u0440\u0435\u0432\u0430\u043b\u0438\u0440\u0443\u0435\u0442 EoP - 25 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0437\u0430\u0442\u0435\u043c \u0443\u0436\u0435 18 - RCE, 5 - DoS \u0438 3 - \u0441\u0432\u044f\u0437\u0430\u043d\u044b \u0441 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u0435\u043c \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438.\n\n\u0415\u0434\u0438\u043d\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0439 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u044b \u043d\u0443\u043b\u044c - CVE-2023-50868 \u0432 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0435 DNS, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0440\u0435\u0430\u043b\u0438\u0437\u0443\u0435\u0442 \u0430\u0442\u0430\u043a\u0443 Keytrap, \u043f\u043e \u043f\u043e\u0432\u043e\u0434\u0443 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0431\u044b\u043b\u043e \u043c\u043d\u043e\u0433\u043e \u0448\u0443\u043c\u0438\u0445\u0438, \u043d\u043e \u0434\u043e \u043f\u0440\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u043f\u043b\u043e\u0441\u043a\u043e\u0441\u0442\u0438 \u0442\u0430\u043a \u0438 \u043d\u0435 \u0434\u043e\u0448\u043b\u043e.\n\n\u041e\u0442\u043c\u0435\u0447\u0435\u043d\u043d\u0430\u044f \u043a\u0430\u043a \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c (CVE-2024-30080 \u0441 CVSS 9.8) \u0432 MSMQ \u043d\u0435 \u0433\u0440\u043e\u0437\u0438\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043c\u0430\u0441\u0441\u043e\u0432\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442 \u043d\u0435 \u0432\u043a\u043b\u044e\u0447\u0451\u043d \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e.\n\n\u0414\u0440\u0443\u0433\u043e\u0439 \u0432\u0430\u0436\u043d\u044b\u0439 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u043a, CVE-2024-30103 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS 8,8), \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043e\u0431\u0445\u043e\u0434\u0438\u0442\u044c \u0447\u0435\u0440\u043d\u044b\u0435 \u0441\u043f\u0438\u0441\u043a\u0438 \u0440\u0435\u0435\u0441\u0442\u0440\u0430  Microsoft Outlook \u0438 \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u0444\u0430\u0439\u043b\u044b DLL.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0430\u0442\u0430\u043a\u0438 c \u0432\u0435\u043a\u0442\u043e\u0440\u043e\u043c \u0438\u0437 \u043f\u0430\u043d\u0435\u043b\u0438 \u043f\u0440\u0435\u0434\u0432\u0430\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0441\u043c\u043e\u0442\u0440\u0430 \u043d\u0435\u0432\u0435\u043b\u0438\u043a\u0430 \u0438 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u0430 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u043f\u043e \u0441\u0435\u0442\u0438 \u0431\u0435\u0437 \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u0441 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c, \u0430 \u0441\u043e\u0437\u0434\u0430\u0442\u044c \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u043e\u0447\u0435\u043d\u044c \u043f\u0440\u043e\u0441\u0442\u043e.\n\n\u0412\u0441\u0451 \u044d\u0442\u043e \u0432 \u0441\u043e\u0432\u043e\u043a\u0443\u043f\u043d\u043e\u0441\u0442\u0438, \u043a\u0430\u043a \u043f\u043e\u043b\u0430\u0433\u0430\u044e\u0442 \u0440\u0435\u0441\u0435\u0440\u0447\u0435\u0440\u044b Morphisec, \u043f\u0440\u0435\u0434\u0432\u0435\u0449\u0430\u0435\u0442 \u043d\u0430\u0447\u0430\u043b\u043e \u043c\u0430\u0441\u0441\u043e\u0432\u043e\u0439 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438.\n\n\u0414\u0440\u0443\u0433\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u0432 \u044d\u0442\u043e\u043c \u043c\u0435\u0441\u044f\u0446\u0435, \u0432\u043a\u043b\u044e\u0447\u0430\u044e\u0442 \u043c\u043d\u043e\u0433\u043e\u0447\u0438\u0441\u043b\u0435\u043d\u043d\u044b\u0435 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0438 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 Microsoft Office \u0438 EoP-\u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0432 \u044f\u0434\u0440\u0435 Windows.\n\n\u041f\u043e\u043b\u043d\u044b\u0439 \u0441\u043f\u0438\u0441\u043e\u043a \u0441 \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0435\u043c \u043a\u0430\u0436\u0434\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0438 \u0441\u0438\u0441\u0442\u0435\u043c, \u043d\u0430 \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043e\u043d\u0430 \u0432\u043b\u0438\u044f\u0435\u0442, - \u0437\u0434\u0435\u0441\u044c.", "creation_timestamp": "2024-06-13T13:47:26.000000Z"}, {"uuid": "55ff5573-3069-4e71-abc4-6ff4a2f8e1c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-30088", "type": "published-proof-of-concept", "source": "https://t.me/HackerOne/3704", "content": "Windows LPE Exploit\nhttps://github.com/tykawaii98/CVE-2024-30088", "creation_timestamp": "2024-08-24T14:38:27.000000Z"}, {"uuid": "a856aff8-dead-4b37-9aea-737ea5d5689d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-30088", "type": "exploited", "source": "https://t.me/Unik4tsG4ng/9791", "content": "Tools \n\nGitHub - a13xp0p0v/kernel-hardening-checker: A tool for checking the security hardening options of the Linux kernel\n\nhttps://github.com/a13xp0p0v/kernel-hardening-checker\n\nELMERIKH/TelecordC2: Advanced Telegram x Discord C2, great for data Exfitration and Network evasion\n\nhttps://github.com/ELMERIKH/TelecordC2\n\nOSCP Example Cheat Sheet \n\ngithub.com/xsudoxx/OSCP\n\n(Old) List of Awesome Red Teaming Resources\n\nhttps://github.com/yeyintminthuhtut/Awesome-Red-Teaming\n\n(exploits-forsale)Collateral Damage :  Kernel exploit for Xbox SystemOS using CVE-2024-30088\n\nhttps://github.com/exploits-forsale/collateral-damage\n\nAwesome-Red-Team-Operation\n\nhttps://github.com/CyberSecurityUP/Awesome-Red-Team-Operations\n\nWith NoConsolation you can now custom load all the dependencies from the PE you are going to execute, ensuring no image load events!\n\nhttps://github.com/fortra/No-Consolation\n\nAll-in-one OSINT tool for analysing any website\n\nhttps://github.com/Lissy93/web-check", "creation_timestamp": "2024-10-25T04:22:14.000000Z"}, {"uuid": "7d85319c-46e8-4b79-b5a6-5110f0857efa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-30088", "type": "published-proof-of-concept", "source": "https://t.me/Unik4tsG4ng/7190", "content": "Tools  - Hackers Factory \n\nTookie-osint has a simple-to-use UI and is really straightforward. The main idea of Tookie-osint is to discover usernames that are requested from an input.\n\nhttps://github.com/Alfredredbird/tookie-osint\n\n#CyberDilara\n\nGPU poisoning; hide the payload inside the gpu memory.\n\nhttps://github.com/H1d3r/GPU_ShellCode\n\nThis is a simple obfuscator for WireGuard. It is designed to make it harder to detect WireGuard traffic by making it look like something else.\n\nhttps://github.com/ClusterM/wg-obfuscator\n\nSploitScan is a powerful and user-friendly tool designed to streamline the process of identifying exploits for known vulnerabilities and their respective exploitation probability.\n\nhttps://github.com/xaitax/SploitScan\n\nA shellcode runner write in Rust use\n\nhttps://github.com/b1tg/rs-shellcode\n\nKernel exploit for Xbox SystemOS using CVE-2024-30088\n\nhttps://github.com/exploits-forsale/collateral-damage\n\nZip Slip Vulnerability in .a Static Library Files.  Since the implemented measure can be bypassed, the vulnerability allows an attacker to extract files to any desired location within the server running #MobSF.\n\nhttps://github.com/MobSF/Mobile-Security-Framework-MobSF/security/advisories/GHSA-4hh3-vj32-gr6j\n\nPython script to monitor your target continuously for new subdomains.\n\nhttps://github.com/faiyazahmad07/monitor_subdomains", "creation_timestamp": "2024-08-27T13:45:55.000000Z"}, {"uuid": "8310287b-a6e6-4017-a06e-9fc2f05e0804", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-30085", "type": "published-proof-of-concept", "source": "https://t.me/haccking/11784", "content": "\u041f\u043e\u0432\u044b\u0448\u0430\u0435\u043c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0432 Windows \u0447\u0435\u0440\u0435\u0437 CVE-2024-30085\n\n#cve #\u0441\u0442\u0430\u0442\u044c\u044f #lpe\n\nCVE-2024-30085 \u2014 \u044d\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u043f\u043e\u0434\u0441\u0438\u0441\u0442\u0435\u043c\u0435 Windows Cloud Files Mini Filter. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0438\u0433\u0443\u0440\u0438\u0440\u043e\u0432\u0430\u043b\u0430 \u043d\u0430 \u043f\u0440\u043e\u0448\u0435\u0434\u0448\u0435\u043c \u0432 \u0412\u0430\u043d\u043a\u0443\u0432\u0435\u0440\u0435 Pwn2Own 2024, \u0433\u0434\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u0430 \u0440\u0435\u0441\u0451\u0440\u0447\u0435\u0440\u043e\u0432 Team Theori \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0434\u043b\u044f \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0446\u0435\u043f\u043e\u0447\u043a\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432, \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043b\u044f\u044e\u0449\u0438\u0445 Guest-to-Host-Escape (\u043f\u043e\u0431\u0435\u0433 \u0438\u0437 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u0439 \u043c\u0430\u0448\u0438\u043d\u044b) \u0438\u0437-\u043f\u043e\u0434 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f VMware workstation.\n\n\u0412 \u044d\u0442\u043e\u0439 \u0441\u0442\u0430\u0442\u044c\u0435 \u043c\u044b \u0440\u0430\u0441\u0441\u043c\u043e\u0442\u0440\u0438\u043c \u043a\u043e\u0440\u043d\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2024-30085 \u0438 \u0442\u0435\u0445\u043d\u0438\u043a\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438, \u043f\u0440\u0438\u043c\u0435\u043d\u0438\u043c\u044b\u0435 \u0432\u043e \u0432\u0440\u0435\u043c\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043a\u0443\u0447\u0438 \u0432 \u044f\u0434\u0440\u0435 Windows 10 22H2 19045.3803.\n\n\ud83d\udd17 \u0421\u0441\u044b\u043b\u043a\u0430 \u043d\u0430 \u0441\u0442\u0430\u0442\u044c\u044e\n\nLH | News | OSINT | AI", "creation_timestamp": "2025-03-27T13:22:23.000000Z"}, {"uuid": "da11975e-f7af-4ac9-918f-da78d0e88e57", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-30088", "type": "published-proof-of-concept", "source": "https://t.me/haccking/11160", "content": "CVE-2024-30088: Windows LPE\n\n#exploit #lpe #pentest #redteam\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435\u043c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0432 \u044f\u0434\u0440\u0435 Windows.\n\n\u0421\u0441\u044b\u043b\u043a\u0430 \u043d\u0430 exploit.\n\n\u0421\u0441\u044b\u043b\u043a\u0430 \u043d\u0430 \u0432\u0438\u0434\u0435\u043e.\n\nLH | \u041d\u043e\u0432\u043e\u0441\u0442\u0438 | \u041a\u0443\u0440\u0441\u044b | \u041c\u0435\u043c\u044b\n\n#\u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u044f\n#\u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438\n\nOnion Market \u2014 \u0430\u043d\u043e\u043d\u0438\u043c\u043d\u044b\u0439 \u04202\u0420-\u043e\u0431\u043c\u0435\u043d\u043d\u0438\u043a \u0434\u043b\u044f \u043b\u044e\u0434\u0435\u0439!", "creation_timestamp": "2024-08-24T10:12:25.000000Z"}, {"uuid": "1a95e298-62e9-469d-acd6-3ca2bd2e3731", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-30088", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/2710", "content": "https://github.com/tykawaii98/CVE-2024-30088\n\nCVE-2024-30088\n#github #poc", "creation_timestamp": "2024-07-20T12:30:03.000000Z"}, {"uuid": "c9de5042-7f84-482c-8e61-9a6113cd7576", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-30088", "type": "exploited", "source": "https://t.me/CNArsenal/2803", "content": "https://github.com/exploits-forsale/collateral-damage\n\nKernel exploit for Xbox SystemOS using CVE-2024-30088\n#github  #exploit", "creation_timestamp": "2024-07-18T07:34:33.000000Z"}]}