CVE-2023-28252

My HTB Writeups

HTB_Writeups My HTB Writeups, some in ENG and others in PT-BR Some writeups don't have a writeup, they only have a reference writeup Windows Machines Machine Resume Tools or Techniques Difficulty Absolute nmap, netexec, exiftool, john rules, kerbrute, impacket-GetNPUsers, john, impacket-getTGT, impacket-smbclient, bloodhound-python, bloodhound, impacket-owneredit,

A modification to fortra's CVE-2023-28252 exploit, compiled to exe

CVE-2023-28252-Compiled-exe A modification of Fortra's excellent CVE-2023-2852 Privesc Exploit Works on Windows 11 21H2 clfssys version 100220001574 - also works on Windows 10 21H2, Windows 10 22H2, Windows 11 22H2 and Windows server 2022 This version retains the original functionality, but gives the option to provide a binary to execute as an argument, useful if you

Since February 2022 was reported a new ransomware that appears to be using a Windows 0-day vulnerability, according to the research conducted by Trend Micro More information about this ransomware can be found at this link According to analysis by Kaspersky, the Nokoyawa ransomware group has used other exploits targeting the Common Log File System (CLFS) driver since June 2022

Since February 2022 was reported a new ransomware that appears to be using a Windows 0-day vulnerability, according to the research conducted by Trend Micro More information about this ransomware can be found at this link According to analysis by Kaspersky, the Nokoyawa ransomware group has used other exploits targeting the Common Log File System (CLFS) driver since June 2022

Обнаружение эксплойта CVE-2023-28252

CVE-2023-28252- Обнаружение эксплойта CVE-2023-28252 Контроль создания файлов в директории, в котором эксплойт оставляет файлы, используемые для эксплуатации, по жестко заданному пути в папке "C:\Users\Public", "C:\Users\Public

CVE-2023-28252 CVE-2023-28252 CLFS 提权漏洞POC

The repo contains a precompiled binary which can be run on a Windows machine vulnerable to CVE-2023-28252

Compiled PoC Binary For CVE-2023-28252 The repo contains a precompiled binary which can be run on a Windows machine vulnerable to CVE-2023-28252 The precompiled binary is a slightly modified version of the PoC exploit seen in fortra's repo The file can be run with the following arguments: clfs_eopexe <PAYLOAD> <OFFSET,optional> <FLAG,op

My bin folder, tools I created as FOSS

Our "bin folder" tools Tools we created as FOSS You'll find a lot more infos in our Blog: blognetwork-secde/ For OSINT and Recon, IP enumeration etc, have a look at this article: blognetwork-secde/post/open_source_intelligence_2024_eu_version/ A Word On Quality We'd like to note, not all the tools listed below are our most interesting p