{"vulnerability": "CVE-2024-38395", "sightings": [{"uuid": "9aaf436c-8578-4847-ac36-8b4c652e6073", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-38395", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/6836", "content": "Tools - Hackers Factory \n\nOfficial Kali Linux tool to check all urls of a domain for SQL injections.\n\nhttps://github.com/malvads/sqlmc\n\nAn ADCS honeypot to catch attackers in your internal network.\n\nhttps://github.com/srlabs/Certiception\n\nActive Directory Cheat Sheet\n\nhttps://github.com/Integration-IT/Active-Directory-Exploitation-Cheat-Sheet\n\nA decompiler-agnostic plugin for interacting with AI in your decompiler. GPT-4, Claude, and local models supported.\n\nhttps://github.com/mahaloz/DAILA\n\nA SOCKS proxy written in Python that randomizes your source IP address. Round-robin your evil packets through SSH tunnels or give them billions of unique source addresses.\n\nhttps://github.com/blacklanternsecurity/TREVORproxy\n\nCloud-Based Identity to Exfiltration Attack\n\nhttps://github.com/LearningKijo/SecurityResearcher-Note/blob/main/SecurityResearcher-Note-Folder%2FDay16-CloudId-Exfiltration-AttackReport-Part1.md\n\nPoC for iTerm2 CVEs CVE-2024-38396 and CVE-2024-38395 which allow code execution\n\nhttps://github.com/vin01/poc-cve-2024-38396\n\nReflective DLL to privesc from NT Service to SYSTEM using SeImpersonateToken privilege.\n https://github.com/sokaRepo/CoercedPotatoRDLL\n\nEyes is an OSINT tool to get existing accounts from an email\n\nhttps://github.com/C3n7ral051nt4g3ncy/Eyes\n\nTunnel all your traffic over Websocket or HTTP2 - Bypass firewalls/DPI - Static binary available \n\ngithub.com/erebe/wstunnel\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-06-30T13:56:15.000000Z"}, {"uuid": "90867fd8-784f-4262-9192-5aa451281fb4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-38395", "type": "seen", "source": "MISP/5b5d7be3-1582-40fe-9006-139de65f9b7d", "content": "", "creation_timestamp": "2024-06-26T16:06:39.000000Z"}, {"uuid": "718671b4-4713-49e9-998a-842a0b74a34a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-38395", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7677", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aPoC for iTerm2 CVEs CVE-2024-38396 and CVE-2024-38395 which allow code execution\nURL\uff1ahttps://github.com/vin01/poc-cve-2024-38396\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-06-16T18:51:02.000000Z"}, {"uuid": "b916671c-861f-44db-9bf1-1e6094a04f47", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-38395", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/8087", "content": "Tools - Hackers Factory \n\nOfficial Kali Linux tool to check all urls of a domain for SQL injections.\n\nhttps://github.com/malvads/sqlmc\n\nAn ADCS honeypot to catch attackers in your internal network.\n\nhttps://github.com/srlabs/Certiception\n\nActive Directory Cheat Sheet\n\nhttps://github.com/Integration-IT/Active-Directory-Exploitation-Cheat-Sheet\n\nA decompiler-agnostic plugin for interacting with AI in your decompiler. GPT-4, Claude, and local models supported.\n\nhttps://github.com/mahaloz/DAILA\n\nA SOCKS proxy written in Python that randomizes your source IP address. Round-robin your evil packets through SSH tunnels or give them billions of unique source addresses.\n\nhttps://github.com/blacklanternsecurity/TREVORproxy\n\nCloud-Based Identity to Exfiltration Attack\n\nhttps://github.com/LearningKijo/SecurityResearcher-Note/blob/main/SecurityResearcher-Note-Folder%2FDay16-CloudId-Exfiltration-AttackReport-Part1.md\n\nPoC for iTerm2 CVEs CVE-2024-38396 and CVE-2024-38395 which allow code execution\n\nhttps://github.com/vin01/poc-cve-2024-38396\n\nReflective DLL to privesc from NT Service to SYSTEM using SeImpersonateToken privilege.\n https://github.com/sokaRepo/CoercedPotatoRDLL\n\nEyes is an OSINT tool to get existing accounts from an email\n\nhttps://github.com/C3n7ral051nt4g3ncy/Eyes\n\nTunnel all your traffic over Websocket or HTTP2 - Bypass firewalls/DPI - Static binary available \n\ngithub.com/erebe/wstunnel\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-06-30T13:56:15.000000Z"}, {"uuid": "5d1f98b1-bbff-4fa3-a834-75976a528f3b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-38395", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3363", "content": "Tools - Hackers Factory \n\nOfficial Kali Linux tool to check all urls of a domain for SQL injections.\n\nhttps://github.com/malvads/sqlmc\n\nAn ADCS honeypot to catch attackers in your internal network.\n\nhttps://github.com/srlabs/Certiception\n\nActive Directory Cheat Sheet\n\nhttps://github.com/Integration-IT/Active-Directory-Exploitation-Cheat-Sheet\n\nA decompiler-agnostic plugin for interacting with AI in your decompiler. GPT-4, Claude, and local models supported.\n\nhttps://github.com/mahaloz/DAILA\n\nA SOCKS proxy written in Python that randomizes your source IP address. Round-robin your evil packets through SSH tunnels or give them billions of unique source addresses.\n\nhttps://github.com/blacklanternsecurity/TREVORproxy\n\nCloud-Based Identity to Exfiltration Attack\n\nhttps://github.com/LearningKijo/SecurityResearcher-Note/blob/main/SecurityResearcher-Note-Folder%2FDay16-CloudId-Exfiltration-AttackReport-Part1.md\n\nPoC for iTerm2 CVEs CVE-2024-38396 and CVE-2024-38395 which allow code execution\n\nhttps://github.com/vin01/poc-cve-2024-38396\n\nReflective DLL to privesc from NT Service to SYSTEM using SeImpersonateToken privilege.\n https://github.com/sokaRepo/CoercedPotatoRDLL\n\nEyes is an OSINT tool to get existing accounts from an email\n\nhttps://github.com/C3n7ral051nt4g3ncy/Eyes\n\nTunnel all your traffic over Websocket or HTTP2 - Bypass firewalls/DPI - Static binary available \n\ngithub.com/erebe/wstunnel\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-06-29T18:04:14.000000Z"}, {"uuid": "ee85fc1d-05e5-43d4-879d-ff532627be22", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-38395", "type": "published-proof-of-concept", "source": "https://t.me/GhostClanInt/25179", "content": "Tools - Hackers Factory \n\nOfficial Kali Linux tool to check all urls of a domain for SQL injections.\n\nhttps://github.com/malvads/sqlmc\n\nAn ADCS honeypot to catch attackers in your internal network.\n\nhttps://github.com/srlabs/Certiception\n\nActive Directory Cheat Sheet\n\nhttps://github.com/Integration-IT/Active-Directory-Exploitation-Cheat-Sheet\n\nA decompiler-agnostic plugin for interacting with AI in your decompiler. GPT-4, Claude, and local models supported.\n\nhttps://github.com/mahaloz/DAILA\n\nA SOCKS proxy written in Python that randomizes your source IP address. Round-robin your evil packets through SSH tunnels or give them billions of unique source addresses.\n\nhttps://github.com/blacklanternsecurity/TREVORproxy\n\nCloud-Based Identity to Exfiltration Attack\n\nhttps://github.com/LearningKijo/SecurityResearcher-Note/blob/main/SecurityResearcher-Note-Folder%2FDay16-CloudId-Exfiltration-AttackReport-Part1.md\n\nPoC for iTerm2 CVEs CVE-2024-38396 and CVE-2024-38395 which allow code execution\n\nhttps://github.com/vin01/poc-cve-2024-38396\n\nReflective DLL to privesc from NT Service to SYSTEM using SeImpersonateToken privilege.\n https://github.com/sokaRepo/CoercedPotatoRDLL\n\nEyes is an OSINT tool to get existing accounts from an email\n\nhttps://github.com/C3n7ral051nt4g3ncy/Eyes\n\nTunnel all your traffic over Websocket or HTTP2 - Bypass firewalls/DPI - Static binary available \n\ngithub.com/erebe/wstunnel\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-06-29T14:34:01.000000Z"}]}