Last Week in Security (LWiS) - 2024-09-16
2024-9-17 11:59:0 Author: blog.badsectorlabs.com(查看原文) 阅读量:9 收藏

MSSQL domain privesc (@_nullbind), .mobi whois takeover (@watchtowrcyber), LLM CTF (@bishopfox), mac filesystem 🪄 (@gergely_kalman), AlcaWASM writeup (@suidpit), and more!

Last Week in Security is a summary of the interesting cybersecurity news, techniques, tools and exploits from the past week. This post covers 2024-09-09 to 2024-09-16.

News

Techniques and Write-ups

Tools and Exploits

  • CVE-2024-29847 - Ivanti EPM AgentPortal RCE Vulnerability.
  • VulnCheck go-exploit External C2s - New go-exploit feature in 1.25.0 allows anyone to easily develop and integrate their own C2.
  • recaptcha-phish - Phishing with a fake reCAPTCHA.
  • JarPlant - Java archive implant toolkit.
  • GlobalUnProtect - Decrypt GlobalProtect configuration and cookie files.
  • msiscan - Scanning tool for identifying local privilege escalation issues in vulnerable MSI installers.
  • cloudkicker - self-hosted Azure OSINT tool.
  • binsider - Analyze ELF binaries like a boss 😼🕵️‍♂️.
  • CVE-2024-40711 - Exploit for Veeam backup and Replication Pre-Auth Deserialization CVE-2024-40711.
  • No-Consolation - A BOF that runs unmanaged PEs inline. Updated to run PE's in the main thread with the --inthread option!
  • Introducing Bettercap 2.4.0: Can-Bus Hacking, Wifi Bruteforcing and Builtin Web UI - Bettercap is my favorite modern wireless tool. Now it's even better!
  • DGPOEdit - Disconnected GPO Editor - A Group Policy Manager launcher to allow editing of domain GPOs from non-domain joined machines.
  • BEAR - Bear C2 is a compilation of C2 scripts, payloads, and stagers used in simulated attacks by Russian APT groups, Bear features a variety of encryption methods, including AES, XOR, DES, TLS, RC4, RSA and ChaCha to secure communication between the payload and the operator machine.
  • EXE-or-DLL-or-ShellCode - Just a simple silly PoC demonstrating executable "exe" file that can be used like exe, dll or shellcode...
  • alpt4ats - A Lazy Programmer's Tips for Avoiding the SOC ~ BSides Belfast 2024.

New to Me and Miscellaneous

This section is for news, techniques, write-ups, tools, and off-topic items that weren't released last week but are new to me. Perhaps you missed them too!

Techniques, tools, and exploits linked in this post are not reviewed for quality or safety. Do your own research and testing.


文章来源: https://blog.badsectorlabs.com/last-week-in-security-lwis-2024-09-16.html
如有侵权请联系:admin#unsafe.sh