{"vulnerability": "cve-2022-38577", "sightings": [{"uuid": "486e0d4a-c3ab-4421-a3dd-b7fb1d346fa5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-38577", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/6850", "content": "#exploit\n1. From Leaking TheHole to Chrome Renderer RCE\nhttps://medium.com/numen-cyber-labs/from-leaking-thehole-to-chrome-renderer-rce-183dcb6f3078\n\n2. CVE-2022-38577:\nProcessMaker - User Profile Privilege Escalation\nhttps://github.com/sornram9254/CVE-2022-38577-Processmaker", "creation_timestamp": "2022-09-22T11:05:12.000000Z"}, {"uuid": "3910de90-89a4-4518-906f-5974afe393d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-38577", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/2812", "content": "#Tools -\u00a0 \ud835\udddb\ud835\uddee\ud835\uddf0\ud835\uddf8\ud835\uddf2\ud835\uddff\ud835\ude00 \ud835\uddd9\ud835\uddee\ud835\uddf0\ud835\ude01\ud835\uddfc\ud835\uddff\ud835\ude06\n\nMCPTool\n\nFeatures:\n\u25ab\ufe0f See information of a server\n\u25ab\ufe0f View player information\n\u25ab\ufe0f Port scanning\n\u25ab\ufe0f QuboScanner\n\u25ab\ufe0f Scanning of nodes of a hosting\n\u25ab\ufe0f Create a local bungee\n\u25ab\ufe0f Listening command\n\u25ab\ufe0f Checker\n\u25ab\ufe0f Show mods on this server.\n\n\nhttps://github.com/wrrulos/MCPTool\n\nvbackdoor\n\nHide process,port,self under Linux using the LD_PRELOAD rootkit.\n\nhttps://github.com/veo/vbackdoor\n\nWebKiller V2\n\nTool Information Gathering Write With Python.\n\nhttps://github.com/ultrasecurity/webkiller\n\nFilelessRemotePE\n\nLoading Fileless Remote PE from URI to memory with argument passing and ETW patching and NTDLL unhooking and No New Thread technique.\n\nhttps://github.com/D1rkMtr/FilelessRemotePE\n\nJuicyPotatoNG\n\nJust another Windows Local Privilege Escalation from Service Account to System. \n\nhttps://github.com/antonioCoco/JuicyPotatoNG\n\nDetails:\nhttps://decoder.cloud/2022/09/21/giving-juicypotato-a-second-chance-juicypotatong/\n\nBluffy \n\nA utility which was used in experiments to bypass Anti-Virus products (statically) by formatting shellcode into realistic looking data formats.\n\nSo far, we implemented:\n\n\u25ab\ufe0f UUID\n\u25ab\ufe0f CLSID\n\u25ab\ufe0f SVG\n\u25ab\ufe0f CSS\n\u25ab\ufe0f CSV\n\nhttps://github.com/preemptdev/bluffy\n\nCVE-2022-38577\n\nProcessMaker - User Profile Privilege Escalation\n\nhttps://github.com/sornram9254/CVE-2022-38577-Processmaker\n\n#cve\n\nAV-Bypass-Learning\n\nhttps://github.com/colind0pe/AV-Bypass-Learning\n\nLockBit-Black-Builder\n\nhttps://github.com/3xp0rt/LockBit-Black-Builder\n\nLockBit ransomware builder leaked online by \u201cangry developer\u201d\nhttps://www.bleepingcomputer.com/news/security/lockbit-ransomware-builder-leaked-online-by-angry-developer-/\n\nPaybag\n\nCreate metasploit payload easily using Paybag\n\nhttps://github.com/Deadpool2000/Paybag\n\nDNS_Enumerator\n\nhttps://github.com/crypticq/DNS_Enumerator\n\nShotDroid v2\n\nPentesting tool for android. There are 3 tools that have their respective functions:\n\nAndroid Files: Get files from Android directory, internal and external storage (Images, Videos, Whatsapp, ..)\nAndroid Keylogger: Android Keylogging Keyboard + Reverse Shell.\nTake Face Webcam: Take face shot from the target phone's front camera and PC webcam.\n\nFeatures:\n\u25ab\ufe0f Hide apps in android files.\n\u25ab\ufe0f Custom android directory.\n\u25ab\ufe0f For Android Keylogger -> you can see it here: Simple-keyboard or LokiBoard.\n\u25ab\ufe0f Automatic html template in take face webcam.\n\u25ab\ufe0f Custom html or custom your html folder in take face webcam tool.\n\u25ab\ufe0f etc.\n\nhttps://github.com/kp300/shotdroid\n\nFakeBurpCert\n\nBurp suite Certificate modification tool.\n\nThis tool is used to modify or add information that is not included in the dynamically generated certificates in PortSwiggers Burp Suite.\n\nCurrently working:\n\n\u25ab\ufe0f Modification of CN\n\u25ab\ufe0f Set the serial number\n\u25ab\ufe0f Set the date of the certificate\n\u25ab\ufe0f Modification or add a SAN (Subject Alternative Name).\n\u25ab\ufe0f Add an OCSP URI.\n\nhttps://github.com/raise-isayan/FakeCert\n\nBufferOverflowKiller v1.0\n\nA tool for buffer overflow attacks\n\nhttps://github.com/baimao-box/BufferOverflowKiller\n\nLeonidas\n\nThis is the repository containing Leonidas, a framework for executing attacker actions in the cloud. It provides a YAML-based format for defining cloud attacker tactics, techniques and procedures (TTPs) and their associated detection properties.\n\nhttps://github.com/WithSecureLabs/leonidas\n\nRustChain\n\nThis tool is a simple PoC of how to hide memory artifacts using a ROP chain in combination with hardware breakpoints. The ROP chain will change the main module memory page's protections to N/A while sleeping (i.e. when the function Sleep is called). \n\nFor more detailed information about this memory scanning evasion technique check out the original project Gargoyle. x64 only.\n\nhttps://github.com/Kudaes/RustChain\n\nCVE-2022-39197\n\ncritical Cobalt Strike bug could lead to RCE attacks.\n\nhttps://github.com/burpheart/cve-2022-39197\n\nDetails:\nhttps://securityonline.info/cve-2022-39197-critical-cobalt-strike-bug-could-lead-to-rce-attacks/\n\nJoin:\nhttps://t.me/dilagrafie\nhttps://t.me/HackerFactory\n\nWebsite:\nwww.ghostclan.org", "creation_timestamp": "2023-05-25T16:56:29.000000Z"}]}