Netlas.io


Гео и язык канала: не указан, не указан
Категория: не указана


Enriched and {structured} information about almost every domain and host on the Internet

Связанные каналы  |  Похожие каналы

Гео и язык канала
не указан, не указан
Категория
не указана
Статистика
Фильтр публикаций


A small cheat sheet with Netlas queries useful for OSINT investigations.

Try it here: https://nt.ls/shP9f

#cheatsheet #cybersecurity #osint


Meet Netlas Cookbook!
A thousand and one ways to use Netlas in your code

Today we launch Netlas Cookbook, a guide that will help our users to build automations. No matter how deep your programming skills are or what programming language do you preffer. We'll try our best to give you a clear and simple recipe for the automation you need.

Netlas Cookbook includes:
- Search query syntax and examples
- Search tips and tricks
- Use-cases and usage scenarios
- Code examples
- Tools for working with Netlas API

You will find out how to write automations using Python, Bash, NodeJS, Ruby, Go, AI tools. We will talk about using Netlas for bug bounty jobs, penetration testing, OSINT and other tasks.

⭐️ Give us a star if you want to show your appreciation for our work.
👁️ Subscribe to the repo to get notified on updates.

👉🏼 https://github.com/netlas-io/netlas-cookbook

Do you have any automation related questions? Perhaps you've already developed an awsome script and want to share it? Write us in the comments.

Many thanks to Cyber Detective for help: https://t.me/cybdetective




CVE-2023-36434: Elevation of Privilege in Windows IIS Server, 9.8 rating 🔥

In a network-based attack, an attacker could brute force user account passwords to log in as that user. So, faster get fresh Windows update!

Search at Netlas.io:
👉🏻 Link: https://nt.ls/5rvmi
👉🏻 Dork: http.headers.server:"Microsoft-IIS"

Vendor's advisory: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36434


CVE-2023-40289 and other: Multiple vuln in Supermicro BMC, high and critical rating 🔥

Seven vulnerabilities with severity from 8.3 to 9.6: one Command Injection and six auxiliary XSS.

Search at Netlas.io:
👉🏻 Link (tag, more results): https://nt.ls/svQi3
👉🏻 Link (no tag, less results): https://nt.ls/JetkR

👉🏻 Dork: certificate.subject.organization:"Super Micro Computer" AND certificate.subject.common_name:IPMI

Read more: https://binarly.io/posts/Binarly_REsearch_Uncovers_Major_Vulnerabilities_in_Supermicro_BMCs/index.html


CVE-2023-22515: Privilege Escalation in Atlassian Confluence Data&Server, 9.0 rating 🔥

0-day vuln, which already exploited in the wild. Successful exploitation could allow for the creation of administrator accounts.

Search at Netlas.io:
👉🏻 Link (tag, more results): https://nt.ls/MwYfk
👉🏻 Link (no tag, less results): https://nt.ls/nysj9

👉🏻 Dork №1: tag.name:"atlassian_confluence"
👉🏻 Dork №2: http.meta:"confluence-base-url"

Vendor's advisory: https://confluence.atlassian.com/security/cve-2023-22515-privilege-escalation-vulnerability-in-confluence-data-center-and-server-1295682276.html


CVE-2023-42115, -42116, -42117: Multiple vuln in Exim, critical rating 🔥

0-day CVEs in Exim, which allow an attacker to execute remote code on the server with the rights of a process accepting a connection on port 25.

Search at Netlas.io:
👉🏻 Link: https://nt.ls/6KhLO
👉🏻 Dork: smtp.banner:"exim" AND port:25

Read more: https://www.zerodayinitiative.com/advisories/ZDI-23-1469/


CVE-2023-29357, -24955: Elevation of Privilege and RCE in Microsoft SharePoint Server, 9.8 rating 🔥

Old CVEs that have become interesting again due to the publication of a PoC from STAR Labs.

Search at Netlas.io:
👉🏻 Link: https://nt.ls/AAVOE
👉🏻 Dork: http.headers.microsoftsharepointteamservices:*

Read about PoC here: https://starlabs.sg/blog/2023/09-sharepoint-pre-auth-rce-chain/


CVE-2023-42793: auth bypass RCE in JetBrains TeamCity, 9.8 rating 🔥

An authentication bypass vulnerability has been detected in TeamCity versions < 2023.05.04, which can lead to remote code execution.

Search at Netlas.io:
👉🏻 Link: https://nt.ls/UM6CB
👉🏻 Dork: http.headers.set_cookie:TCSESSIONID NOT http.body:"2023.05.4"

Vendor's advisory: https://www.jetbrains.com/privacy-security/issues-fixed/


We noticed that you were very interested in the article about live cameras. That's why its sequel is coming out 🔥

Today we will touch on searching for cameras using Google Dorks, and will also talk about several special sites on which anyone can post their broadcast.

👉🏻 Article: https://netlas.medium.com/how-to-find-online-cameras-with-google-29582e8372e0

Enjoy reading!


CVE-2023-29183: XSS in Fortinet/FortiProxy, 8.0 rating 🔥

Some versions of Fortigate Fortinet and FortiProxy is vulnerable to an improper neutralization of input during web page generation, which allows an attacker to trigger malicious JavaScript code.

Search at Netlas.io:
👉🏻 Link: https://nt.ls/he40Q
👉🏻 Dork: http.favicon.hash_sha256:d18b3c9feb76c3c1cfdcc51c732f113327e3c33fb3f63b479951f7da6ed1216f

Vendor's advisory: https://www.fortiguard.com/psirt/FG-IR-23-106


If you use Google Chrome as your main browser, we have great news for you 🔥

Today we officially publish Netlas.io in browser extension format! Now users can explore the site they are on at any time with a couple of clicks. Find out potential vulnerabilities, host data, and much more.

👉🏻 Read more: https://netlas.medium.com/netlas-io-chrome-extension-65a8e3d03bc0?postPublishedType=initial
👉🏻 Extension: https://chrome.google.com/webstore/detail/netlasio/pncoieihjcmpooceknjajojehmhdedii?utm_source=ext_app_menu


CVE-2023-38204: Arbitrary code execution in Adobe ColdFusion, 9.8 rating 🔥

Another vulnerability in ColdFusion. This time the reason was the vulnerability of some versions to Deserialization of Untrusted Data.

Search at Netlas.io:
👉🏻 Link: https://nt.ls/adbcf
👉🏻 Dork: tag.name:"adobe_coldfusion"

Vendor's advisory: https://helpx.adobe.com/security/products/coldfusion/apsb23-47.html


After a long break, we are finally posting a new article 🔥

This time we'll not talk about third-party tools, but specifically about Netlas.io. More precisely, about searching for live cameras using our tool 📹

👉 Article: https://netlas.medium.com/how-to-find-online-cameras-with-netlas-io-c68cdf5f327f

Enjoy reading!


CVE-2023-36764: Elevation of Privilege in Microsoft SharePoint Server, 8.8 rating 🔥

Attacker could gain administrator privileges by creating an ASP.NET page with specially-crafted declarative markup. Only authorization at the Site Member level is required.

Search at Netlas.io:
👉🏻 Link: https://nt.ls/BBPrT
👉🏻 Dork: http.headers.microsoftsharepointteamservices:*

Vendor's advisory: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36764


CVE-2023-39361, -31132, -39359 and other: Multiple vuln (17 CVE's!) in Cacti, from 3.5 to 9.8 rating 🔥

Stored XSS, SQL injection, RCE, Privilege Escalation... Vulnerabilities for every taste!

Search at Netlas.io:
👉🏻 Link: https://nt.ls/tTozX
👉🏻 Dork: http.title:"Login to Cacti"

Read more: https://github.com/Cacti/cacti/security


CVE-2023-4596: RCE in Forminator plugin for WordPress, 9.8 rating 🔥

The Forminator plugin in WP is vulnerable to arbitraty file upload for unauthenticated users, which may make RCE possible. PoC is available❗️

Search at Netlas.io:
👉🏻 Link: https://nt.ls/3Tgzc
👉🏻 Dork: http.body:"/wp-content/plugins/forminator"

PoC is here: https://github.com/E1A/CVE-2023-4596


CVE-2023-40176, -40177, -40572, -40573: Multiple vuln in XWiki, 9.0-9.9 rating 🔥

Fresh RCE, Privelege Escalation and stored XSS in XWiki Platform.

Search at Netlas.io:
👉 Link: https://nt.ls/SSzCU
👉 Dork: http.title:"XWiki" OR http.favicon.hash_sha256:6f0fdef9a229150fbc7183a1bbb136d7b44b6df7c34369c14bebb6adae8aaf20


CVE-2023-38035: Auth Bypass in Ivanti (MobileIron) Sentry, 9.8 rating 🔥

The vulnerability allows unauthenticated attackers to access sensitive APIs on port 8443.

Search at Netlas.io:
👉 Link: https://nt.ls/CwTWz
👉 Dork: http.body:"images/sentry-mi-logo" AND port:8443

Vendor's advisory: https://forums.ivanti.com/s/article/CVE-2023-38035-API-Authentication-Bypass-on-Sentry-Administrator-Interface?language=en_US


CVE-2023-39143: RCE in PaperCut MF/NG, 8.4 rating 🔥

Vuln enables unauthenticated attackers to potentially work with arbitrary files to the PaperCut MF/NG application server (< 21.2.3 version), resulting in RCE in certain configurations.

Search at Netlas.io:
👉🏻 Link: https://nt.ls/ZGjrR
👉🏻 Dork: (http.title:"PaperCut Login" AND (http.description:"PaperCut NG" OR http.description:"PaperCut MF")) OR (http.favicon.perceptual_hash:3e7e66667e7c6000)

Vendor's advisory: https://www.papercut.com/kb/Main/securitybulletinjuly2023/

Показано 20 последних публикаций.

353

подписчиков
Статистика канала