{"vulnerability": "cve-2013-6026", "sightings": [{"uuid": "f455af9c-e781-4f9c-a61c-a57afbd74a3f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2013-6026", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/2284", "content": "#Tools\u00a0 \ud83d\udee0\ufe0f \ud835\udddb\ud835\uddee\ud835\uddf0\ud835\uddf8\ud835\uddf2\ud835\uddff\ud835\ude00 \ud835\uddd9\ud835\uddee\ud835\uddf0\ud835\ude01\ud835\uddfc\ud835\uddff\ud835\ude06\n\n\u200b\u200bPhoneSploit Pro\n\nPhoneSploit with Metasploit Integration.\n\nAn All-In-One hacking tool to remotely exploit Android devices using ADB and Metasploit-Framework to get a Meterpreter session.\n\nhttps://github.com/azeemidrisi/phonesploit-pro\n\n\u200b\u200bRPC Investigator\n\nRPC Investigator (RPCI) is a .NET/C# Windows Forms UI application that provides an advanced discovery and analysis interface to Windows RPC endpoints. The tool provides a visual interface around the existing core RPC capabilities of the NtApiDotNet platform, including:\n\n\u25ab\ufe0f Enumerating all active ALPC RPC servers\n\u25ab\ufe0f Parsing RPC servers from any PE file\n\u25ab\ufe0f Parsing RPC servers from processes and their loaded modules, including services\n\u25ab\ufe0f Pulling symbol information from a Symbol Server\n\u25ab\ufe0f Exporting RPC server definitions as serialized .NET objects for your own scripting\n\nPlease read our blog post announcement.\n\nhttps://github.com/trailofbits/RpcInvestigator\n\n\u200b\u200bEchidna\n\nA Fast Smart Contract Fuzzer\n\nEchidna is a weird creature that eats bugs and is highly electrosensitive (with apologies to Jacob Stanley)\n\nMore seriously, Echidna is a Haskell program designed for fuzzing/property-based testing of Ethereum smart contracts. It uses sophisticated grammar-based fuzzing campaigns based on a contract ABI to falsify user-defined predicates or Solidity assertions. We designed Echidna with modularity in mind, so it can be easily extended to include new mutations or test specific contracts in specific cases.\n\nhttps://github.com/crytic/echidna\n\n\u200b\u200bInline-Execute-PE\n\nInline-Execute-PE is a suite of Beacon Object Files (BOF's) and an accompanying Aggressor script for #CobaltStrike that enables Operators to load unmanaged Windows executables into Beacon memory and execute them, retrieving the output and rendering it in the Beacon console.\n\nhttps://github.com/Octoberfest7/Inline-Execute-PE\n\n#redteam\n\n\u200b\u200bSQLi-Hunter-v2\n\nSQLi Hunter v2 is a python program that checks for SQL (and Blind) injection vulnerability in URL's. The program is designed to be easy to use, practical and beneficial. The intention of this tool is to include it in your ethical Bug Bounty Hunting methodology. Please do not use this tool on any website without having its permission.\n\nhttps://github.com/3a7/SQLi-Hunter-v2\n\n\u200b\u200bAzBelt\n\nStandalone DLL and sliver extension for enumerating Azure related credentials, primarily on AAD joined machines.\n\nhttps://github.com/daddycocoaman/AzBelt\n\n\u200b\u200bStealthyIMU\n\nStealing Permission-protected Private Information From Smartphone Voice Assistant Using Zero-Permission Sensors, NDSS 2023.\n\nhttps://github.com/Samsonsjarkal/StealthyIMU\n\n\u200b\u200bbamf\n\nA tool which utilizes Shodan to detect vulnerable IoT devices.\n\nBAMF is an open-source tool designed to leverage Shodan (a search engine for the Internet of Things) to discover routers vulnerable to CVE-2013-6026, commonly known as Joel's Backdoor, a severe vulnerability allowing unauthenticated access to the administration panel of many routers made by D-Link, one of the world's largest manufacturers of routers for home and business.\n\nhttps://github.com/malwaredllc/bamf\n\n\u200b\u200bLinux Security and Monitoring Scripts\n\nThese are a collection of security and monitoring scripts you can use to monitor your Linux installation for security-related events or for an investigation. Each script works on its own and is independent of other scripts. The scripts can be set up to either print out their results, send them to you via mail, or using AlertR as notification channel.\n\nhttps://github.com/sqall01/LSMS\n\n\u200b\u200bwstg\n\nThe Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.\n\nhttps://github.com/OWASP/wstg\n\n\nBTC:\nbc1q62lwma4r3w3klq4mcn5hys9nps5h40qmafrc8e\n\n#Tools\u00a0 \ud83d\udee0\ufe0f \ud835\udddb\ud835\uddee\ud835\uddf0\ud835\uddf8\ud835\uddf2\ud835\uddff\ud835\ude00 \ud835\uddd9\ud835\uddee\ud835\uddf0\ud835\ude01\ud835\uddfc\ud835\uddff\ud835\ude06\nwww.ghostclan.org", "creation_timestamp": "2023-02-18T13:52:25.000000Z"}]}