ARVIN

⭕️ آسیب پذیری جدید به نام regreSSHion روی OpenSSH کشف شده که به هکرها اجازه اجرای کد از راه دور را میدهد. شماره CVE ثبت شده CVE-2024-6387 که تحلیل این آسیب پذیری رو میتونید اینجا بخونید. در ایران بالای 85 هزار سرور آسیب پذیر به این آسیب پذیری RCE وجود داره لطفا اطلاع رسانی کنید.

🚨 CVE-2024-5352 A vulnerability was found in anji-plus AJ-Report up to 1.4.1. It has been rated as critical. Affected by this issue is the function validationRules of the component com.anjiplus.template.gaea.business.modules.datasetparam.controller.DataSetParamController#verification. The manipulation leads to deserialization. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-266264.

- Fixed Bugs - Added Google token grabber - Now Stealer steal browsers without killing their process (tested on Chromium and FireFox) - Stealer now sends password tags and cookies tags along with the file

📌 CVE-2024-34257 TOTOLINK EX1800T V9.1.0cu.2112_B20220316 has a vulnerability in the apcliEncrypType parameter that allows unauthorized execution of arbitrary commands, allowing an attacker to obtain device administrator privileges.

Neat trick for SVG file upload exploits. Add a foreignObject tag and include almost any working XSS payload in the SVG image file. Helpful for bypassing CSP or bypassing servers that strip strings. Many file uploads allow SVGs and are prone to tampering. <svg width="600" height="400" xmlns="w3.org/2000/svg" xmlns:xhtml="w3.org/1999/xhtml"> <foreignObject width="100%" height="100%"> <body xmlns="w3.org/1999/xhtml"> <iframe src='javascript:confirm(10)'></iframe> </body> </foreignObject> </svg>

📌 WMIObject important command : 🔖 چون این دستورات فقط روی پاورشل ورژن 5 اجرا میشن و روی پاورشل ورژن 7 اجرا نمیشن پس برای جلوگیری از fileless اتک و بدست آوردن ریزالت این کامند ها، پاورشل ورژن 5 و همینطور cmd تون رو در سیستم عاملتون دیسیبل کنین و بجاش پاورشل ورژن 7 بیارین بالا # Get information about the BIOS Get-WmiObject -Class Win32_BIOS # Get information about the CPU Get-WmiObject -Class Win32_Processor # Get information about the memory (RAM) Get-WmiObject -Class Win32_PhysicalMemory # Get information about disk drives Get-WmiObject -Class Win32_DiskDrive # Get specific properties of the disk drives Get-WmiObject -Class Win32_DiskDrive | Select-Object Model, Size

20GB ArrowNet PoC 👇🏻