{"uuid": "6f02bf06-cf18-4152-8a00-f00a51b3131f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40684", "type": "exploited", "source": "https://t.me/dilagrafie/2561", "content": "#Tools\u00a0 \ud83d\udee0\ufe0f \ud835\udddb\ud835\uddee\ud835\uddf0\ud835\uddf8\ud835\uddf2\ud835\uddff\ud835\ude00 \ud835\uddd9\ud835\uddee\ud835\uddf0\ud835\ude01\ud835\uddfc\ud835\uddff\ud835\ude06\n\nZoneAlarmEoP\n\nExploit for Arbitrary File Move vulnerability in ZoneAlarm AV\n\nhttps://github.com/Wh04m1001/ZoneAlarmEoP\n\n\u200b\u200bAWSGoat\n\nA Damn Vulnerable AWS Infrastructure\n\nAWSGoat is a vulnerable by design infrastructure on AWS featuring the latest released OWASP Top 10 web application security risks (2021) and other misconfiguration based on services such as IAM, S3, API Gateway, Lambda, EC2, and ECS. AWSGoat mimics real-world infrastructure but with added vulnerabilities. It features multiple escalation paths and is focused on a black-box approach.\n\nThe project will be divided into modules and each module will be a separate web application, powered by varied tech stacks and development practices. It will leverage IaC through terraform and GitHub actions to ease the deployment process.\n\nhttps://github.com/ine-labs/AWSGoat\n\n\u200b\u200bPowerHub\n\nPowerHub is a convenient post exploitation tool for PowerShell which aids a pentester in transferring data, in particular code which may get flagged by endpoint protection. Check out the Wiki! \n\nFeatures:\n\u25ab\ufe0f Fileless\n\u25ab\ufe0f Stateless\n\u25ab\ufe0f Cert pinning\n\u25ab\ufe0f String \"obfuscation\" by RC4 encryption\n\u25ab\ufe0f Choose your AMSI Bypass\n\u25ab\ufe0f Transparent aliases for in-memory execution of C# programs\n\nhttps://github.com/AdrianVollmer/PowerHub\n\n\u200b\u200bHome-Grown-Red-Team\n\nThis repo is a resource for various red teaming techniques and tools based on open source software and non-commerical tools.\n\nAll of the tools and tradecraft on this repo will be geared toward using Raspberry Pis and Raspberry Pi Zero Ws instead of commerical implants like the Rubbery Ducky, BashBunny or Wifi Pineapple.\n\nhttps://github.com/assume-breach/Home-Grown-Red-Team\n\n\u200b\u200bGhostPack-Compiled Binaries\n\nhttps://github.com/r3motecontrol/Ghostpack-CompiledBinaries\n\n\u200b\u200bCVE-2022-40684 Metasploit Scanner\n\nAn authentication bypass using an alternate path or channel in Fortinet product\n\nhttps://github.com/TaroballzChen/CVE-2022-40684-metasploit-scanner\n\n\u200b\u200bRollter\n\nIPsec VPN server with i2p onion and yggdrasil routing\n\nWEB serfing with no limits. Open any sites: onion, i2p and yggdrasil too!\n\nhttps://github.com/thedmdim/rollter\n\n\u200b\u200bSpartacus DLL Hijacking\n\nDid you really make yet another DLL Hijacking discovery tool?\n\n...but with a twist as Spartacus is utilising the SysInternals Process Monitor and is parsing raw PML log files. You can leave ProcMon running for hours and discover 2nd and 3rd level (ie an app that loads another DLL that loads yet another DLL when you use a specific feature of the parent app) DLL Hijacking vulnerabilities. It will also automatically generate proxy DLLs with all relevant exports for vulnerable DLLs.\n\nParsing ProcMon PML files natively. The config (PMC) and log (PML) parsers have been implemented by porting partial functionality to C# from https://github.com/eronnen/procmon-parser/. You can find the format specification here.\n\nSpartacus will create proxy DLLs for all missing DLLs that were identified. For instance, if an application is vulnerable to DLL Hijacking via version.dll, Spartacus will create a version.dll.cpp file for you with all the exports included in it. Then you can insert your payload/execution technique and compile.\n\nAble to process large PML files and store all DLLs of interest in an output CSV file. Local benchmark processed a 3GB file with 8 million events in 45 seconds.\n\n[Defence] Monitoring mode trying to identify running applications proxying calls, as in \"DLL Hijacking in progress\". This is just to get any low hanging fruit and should not be relied upon.\n\nhttps://github.com/Accenture/Spartacus\n\n\u200b\u200bBTC:\nbc1q62lwma4r3w3klq4mcn5hys9nps5h40qmafrc8e\n\n#Tools\u00a0 \ud83d\udee0\ufe0f \ud835\udddb\ud835\uddee\ud835\uddf0\ud835\uddf8\ud835\uddf2\ud835\uddff\ud835\ude00 \ud835\uddd9\ud835\uddee\ud835\uddf0\ud835\ude01\ud835\uddfc\ud835\uddff\ud835\ude06\nwww.ghostclan.org\n\u200b", "creation_timestamp": "2023-03-17T07:32:38.000000Z"}