Proxy Bar
前往频道在 Telegram
Exploits, Hacking and Leaks Чат группы - https://t.me/ Связь с администрацией и реклама: @NULL_vm Поддержать проект: BTC bc1qmrt229eghjyj9wqa7nmr9j8zuq6khz6km2pker
显示更多📈 Telegram 频道 Proxy Bar 的分析概览
频道 Proxy Bar (@proxy_bar) 俄语 语言赛道中的 是活跃参与者。目前社区聚集了 20 801 名订阅者,在 技术与应用 类别中位列第 6 462,并在 俄罗斯 地区排名第 32 284 位。
📊 受众指标与增长动态
自 невідомо 创建以来,项目保持高速增长,吸引了 20 801 名订阅者。
根据 30 六月, 2026 的最新数据,频道保持稳定运转。过去 30 天订阅人数变化为 206,过去 24 小时变化为 28,整体触达仍然可观。
- 认证状态: 未认证
- 互动率 (ER): 平均受众互动率为 20.64%。内容发布后 24 小时内通常能获得 13.17% 的反应,占订阅者总量。
- 帖子覆盖: 每篇帖子平均可获得 4 292 次浏览,首日通常累积 2 738 次浏览。
- 互动与反馈: 受众积极参与,单帖平均反应数为 10。
- 主题关注点: 内容集中在 cve-2025, exploit, linux, birth, define 等核心主题上。
📝 描述与内容策略
作者将该频道定位为表达主观观点的平台:
“Exploits, Hacking and Leaks
Чат группы - https://t.me/
Связь с администрацией и реклама:
@NULL_vm
Поддержать проект:
BTC bc1qmrt229eghjyj9wqa7nmr9j8zuq6khz6km2pker”
凭借高频更新(最新数据采集于 01 七月, 2026),频道始终保持新鲜度与高覆盖。分析显示受众积极互动,使其成为 技术与应用 类别中的关键影响点。
20 801
订阅者
+2824 小时
+747 天
+20630 天
帖子存档
20 801
CVE-2026-43503: Python PoC for DirtyClone, a Linux kernel LPE via page-cache corruption exploit https://github.com/entra1337/DirtyClone
20 801
Breaking Out of Chrome’s Sandbox: A Native Messaging Backdoor Observed in Italy
Original text: “Breaking Out of Chrome’s Sandbox: A Native Messaging Backdoor Observed in Italy” — Andrea Draghetti, D3Lab (June 22, 2026). Code blocks, tables, and figures below are reproduced verbatim with attribution captions.
Executive Summary
In June 2026, Italian security firm D3Lab documented a targeted malware campaign distributing a compound browser threat via invoice-themed phishing…
https://core-jmp.org/2026/07/breaking-out-of-chromes-sandbox-native-messaging-backdoor-italy/
20 801
Unprivileged Root via Use-After-Free in Linux DRM GEM change_handle (CVE-2026-46215)
Original text: “Unprivileged root via a use-after-free in DRM GEM change_handle (CVE-2026-46215)” — cyberstan, cyberstan.co.uk (12 April 2026). Code blocks and figures below are reproduced verbatim with attribution captions.
Executive Summary
CVE-2026-46215 is a use-after-free (UAF) race condition in the Linux kernel’s Direct Rendering Manager (DRM) GEM subsystem, triggered through the drm_gem_change_handle_ioctl() interface. The ioctl…
https://core-jmp.org/2026/07/unprivileged-root-via-use-after-free-in-linux-drm-gem-change_handle-cve-2026-46215/
20 801
Disposable Tooling: Generating Mythic C2 Agents End-to-End With LLMs
Original text: “Disposable Tooling: Building LLM-Generated Mythic Agents from Prompt to Deployment” — Adam Chester, SpecterOps (Jun 24, 2026). Figures are reproduced with attribution captions and the agent summary table is reproduced verbatim; the prose below is an independent summary.
Executive Summary
Building a working agent for a command-and-control framework like Mythic has traditionally been…
https://core-jmp.org/2026/07/llm-generated-mythic-agents-disposable-tooling/
20 801
Ура, первые артефакты
коробок создан, data файл отдельно, detached header отдельно, metadata отдельно иLUKS2/argon2id на месте.
#check
20 801
IDT Table Hijacking under VBS/HVCI/kCET in Windows 11
Original text: “IDT Table Hijacking under VBS/HVCI/kCET in Windows 11” — author not clearly listed (Exploit Pack), Exploit Pack blog (June 26, 2026). Figures and the descriptor-format table below are reproduced with attribution captions.
Executive Summary
Modern Windows 11 stacks several kernel-protection layers on top of each other: Virtualization-Based Security (VBS), Hypervisor-protected Code Integrity (HVCI),…
https://core-jmp.org/2026/06/idt-table-hijacking-vbs-hvci-kcet-windows-11/
20 801
Pack2TheRoot (CVE-2026-41651): Local Root on Linux via a PackageKit Race Condition
Original text: “Privilege Escalation: Getting Started with the Pack2TheRoot (CVE-2026-41651) Vulnerability to Escalate Privileges” — aircorridor, Hackers Arise (May 1, 2026). Commands and figures below are reproduced verbatim with attribution captions.
Executive Summary
A high-severity vulnerability nicknamed Pack2TheRoot (CVE-2026-41651) was publicly disclosed and affects the default installation of many Linux distributions. The flaw lives in…
https://core-jmp.org/2026/06/pack2theroot-cve-2026-41651-linux-privilege-escalation/
20 801
Dissecting and Exploiting Linux LPE Variant: DirtyClone (CVE-2026-43503)
Original text: “Dissecting and Exploiting Linux LPE Variant: DirtyClone (CVE-2026-43503)” — Eddy Tsalolikhin and Or Peles, JFrog Security Research (25 Jun 2026). Code, figures and the PoC video below are reproduced verbatim with attribution captions.
Executive Summary
CVE-2026-43503, nicknamed DirtyClone, is a high-severity (CVSS 8.8) local privilege escalation in the Linux kernel. It is the…
https://core-jmp.org/2026/06/dirtyclone-cve-2026-43503-linux-lpe/
20 801
iBoot SMMU Bypass and Kernelcache Struct Forgery on Apple Silicon
Original text: “iBoot SMMU Bypass and Kernelcache Struct Forgery” — author not clearly listed, Ghost Wolf Lab (Jun 25, 2026). Code, tables and figures below are reproduced verbatim with attribution captions; Chinese text in the diagrams, code comments and table has been translated into English.
Executive Summary
Apple Silicon’s security model rests on a chain…
https://core-jmp.org/2026/06/iboot-smmu-bypass-kernelcache-struct-forgery/
20 801
From context_handle to type confusion: A Windows RPC Vulnerability Pattern
Original text: “From context_handle to type confusion” — k0shl, Whereisk0Shl (2026-06-26). The prose below is a paraphrase; all code listings, IDL descriptor bytes and crash dumps are reproduced verbatim with attribution captions.
Executive Summary
Context handles are one of the most common building blocks in Microsoft RPC. Inside rpcrt4 a context handle behaves like an…
https://core-jmp.org/2026/06/from-context-handle-to-type-confusion-windows-rpc-2/
20 801
ФРИИ и Metascan запускают совместный фонд для инвестиций в проекты в сфере кибербезопасности 🔐
Сделали сильный продукт, но сложно расти дальше? Не получается выстроить системные продажи, выйти в крупные компании или масштабировать бизнес?
Мы ищем B2B-проекты с готовым продуктом и помогаем не только привлечь инвестиции, но и пройти следующий этап роста.
Что получают команды:
— Инвестиции от 5 до 100 млн рублей
— Экспертиза Metascan и доступ к корпоративным клиентам
около 100 компаний, среди которых энтерпрайз, банки, ритейл
— Системная помощь в продажах и масштабировании
работа с трекерами ФРИИ, настройка процессов продаж, архитектурные ревью
ФРИИ – один из крупнейших венчурных фондов и акселераторов России.
Среди портфельных компаний Flowwow, ПравоТех, DocsinBox, Aimoto, PimSolution и др
Metascan – команда практиков в кибербезопасности и offensive security.
Если вы развиваете CyberSec-проект и готовы к следующему этапу роста:
👉 оставляйте заявку
20 801
Sleeping Beauty II: CFG, CET, and Stack Spoofing
Original textby Maor Sabag
Sleeping Beauty II: CFG, CET, and Stack Spoofing
A tale of CFG bitmaps, shadow stacks, and teaching an implant to sleep in places it was never meant to survive.
In Part I, we built StealthPalace: a Crystal Palace RDLL wrapper for Adaptix with IAT hooking and Ekko-style sleep obfuscation. It worked…
https://core-jmp.org/2026/06/sleeping-beauty-ii-cfg-cet-and-stack-spoofing/
20 801
Sleeping Beauty: Putting Adaptix to Bed with Crystal Palace
Original post by Maor Sabag
Sleeping Beauty: Putting Adaptix to Bed with Crystal Palace
Introduction
Adaptix C2 ships a default agent DLL. Out of the box, it’s a standard PE – it gets loaded into memory with RWX permissions everywhere, no IAT hooking, no sleep obfuscation, nothing fancy. If you’re doing red team work, that’s…
https://core-jmp.org/2026/06/sleeping-beauty-putting-adaptix-to-bed-with-crystal-palace/
20 801
Portable Executables
Original text by Sp1d3rM
NTRODUCTION
One of the most famous file formats in computer history probably is the Portable Executable, popularly known as .exe. There is more to it than just being the binary file format of choice for Windows systems. In this chapter, we will deep-dive into what are portable executables? Where they live?…
https://core-jmp.org/2026/06/portable-executables/
20 801
From context_handle to type confusion: A Type Confusion Pattern in Windows RPC Servers
Original text: “From context_handle to type confusion” — k0shl, Whereisk0Shl (Jun 26, 2026). Code blocks and crash dumps below are reproduced verbatim with attribution captions.
Executive Summary
Windows RPC servers routinely expose several different context-handle types within the same interface — for example a generic open/close handle alongside a typed object handle. A context handle…
https://core-jmp.org/2026/06/from-context-handle-to-type-confusion-windows-rpc/
20 801
A 27-Year-Old Authentication Bypass in OpenBSD’s PPP Stack (CVE-2026-55706)
Original text: “A 27-Year-Old Authentication Bypass in OpenBSD’s PPP Stack” — Argus, Argus Blog (2026-06-16). Kernel source snippets and console output below are reproduced verbatim with attribution; the surrounding analysis, the attack-chain diagram and the proof-of-concept are original to core-jmp.org.
Executive Summary
OpenBSD’s synchronous-PPP layer contained a textbook length-confusion bug in its PAP (Password Authentication…
https://core-jmp.org/2026/06/openbsd-ppp-pap-authentication-bypass-cve-2026-55706/
20 801
Squidbleed (CVE-2026-47729): A 29-Year-Old Heap Over-Read Leaks Cleartext HTTP in Squid
Original text: “Squidbleed: A 29-Year-Old Heap Over-Read Leaks Cleartext HTTP in Squid (CVE-2026-47729)” — Dark Web Informer (June 24, 2026). This is an independent technical write-up of the same vulnerability. The code samples below are original, illustrative reconstructions written for this article — they demonstrate the bug class and are not copied from the Squid…
https://core-jmp.org/2026/06/squidbleed-cve-2026-47729-squid-ftp-heap-over-read/
现已上线!2025 年 Telegram 研究 — 年度关键洞察 
