Мир сегодня с "Юрий Подоляка"

Труха⚡️Україна

View

Николаевский Ванёк

View

Мир сегодня с "Юрий Подоляка"

View

Труха⚡️Україна

View

Николаевский Ванёк

View

1N73LL1G3NC3

Reborn…

TGlist rating

TypePublic

Verification

Not verified

Trust

Not trusted

Location

LanguageOther

Channel creation dateDec 16, 2024

Added to TGlist

Feb 06, 2025

I own this channel

History of changes

Statistic of Telegram Channel 1N73LL1G3NC3

More details

Subscribers

3 708

24 hours

120.3%Week

832.3%Month

43913.4%

Citation index

0

Mentions0Shares on channels0Mentions on channels0

Average views per post

707

12 hours1 224

49.1%24 hours7070%48 hours1 2630%

Engagement rate (ER)

8.63%

Reposts43Comments0Reactions18

Engagement rate by reach (ERR)

19.09%

24 hours

0.04%Week

3.71%Month

9.56%

Average views per ad post

603

1 hour25442.12%1 – 4 hours345.64%4 - 24 hours31552.24%

More details

Connect our bot to the channel to find out the gender distribution of this channel's audience.

Total posts in 24 hours

1

Dynamic

Latest posts in group "1N73LL1G3NC3"

All posts

16.05.202510:13

🤯 Boooost!

Reposted from:

APT

15.05.202510:22

🔐 Bitrix CMS Ultimate Pentest Guide

A detailed guide on penetration testing for 1C-Bitrix CMS, one of the most popular content management systems in CIS countries. The guide covers authentication bypasses, XSS, SSRF, LFI, RCE exploits, WAF bypass methods, and vulnerabilities in third-party modules (especially Aspro).

🔗 Source:
https://pentestnotes.ru/notes/bitrix_pentest_full/

#1c #bitrix #web

15.05.202509:20

CVE-2025-23395 Screen LPE exploit

#!/bin/sh

Blog: https://security.opensuse.org/2025/05/12/screen-security-issues.html#3a-local-root-exploit-via-logfile_reopen-cve-2025-23395

Reposted from:

Ralf Hacker Channel

15.05.202506:50

Несколько часов назад была сильно обновлена утилита certipy. Обратим внимание, что в документации также появилось описание техники ESC16...

#redteam #pentest #ad #adcs

13.05.202514:59

Chrome-App-Bound-Encryption-Decryption

Fully decrypt App-Bound Encrypted (ABE) cookies, passwords & payment methods from Chromium-based browsers (Chrome, Brave, Edge) — all in user mode, no admin rights required.

13.05.202510:52

CVE-2025-31644 F5 BIG-IP Authenticated command injection

The “file” parameter of the “save” command is vulnerable to a command injection attack, allowing an authenticated attacker with administrator privileges to the “/mgmt” web API or the SSH “tmsh” shell, to obtain remote code execution as the “root” user on the target system.

Query:

ZoomEye Dork: app="F5 BIG-IP load balancer"
HUNTER : product.name="F5 BIG-IP"
FOFA : product="f5-BIGIP"

12.05.202515:59

HookingLsassForCredentials

Attempting to Hook LSASS APIs to Retrieve Plaintext Credentials.

The goal of this PoC is to leverage the registry key discovered here to load a DLL into Lsass.exe that will allow us to fetch the user's credentials (in any form possible) while effectively bypassing Credential Guard. It is worth mentioning that when Credential Guard is enabled, Lsass.exe hands over credential protection and caching to LsaIso.exe, however, Lsass.exe remains the one responsible for verifying the login user credentials.

10.05.202514:25

(CVE-2025-3102) WP SureTriggers ≤1.0.78 admin-creation & RCE

The flaw resides in the REST API endpoint, involving inadequate authorization checks on the ST-Authorization HTTP header, enabling unauthenticated attackers to bypass security controls and create new administrator accounts if the plugin’s API key isn’t set up yet.

Query:

Netlas: http.body:"plugins/suretriggers"
ZoomEye: app="WordPress SureTriggers Plugin"

09.05.202517:15

CVE-2025-2563: Unauthenticated privilege escalation in the WordPress User Registration & Membership plugin.

Affected versions:

Free < 4.1.2, Pro < 5.1.2

08.05.202510:55

SysAid PreAuth RCE Chain (CVE-2025-2775, CVE-2025-2776, CVE-2025-2777, CVE-2025-2778)

XML External Entity (XXE) injections, which occur when an attacker is able to successfully interfere with an application's parsing of XML input.
This, in turn, could permit attackers to inject unsafe XML entities into the web application, allowing them to carry out a Server-Side Request Forgery (SSRF) attack and in worst cases, remote code execution.

Blog: https://labs.watchtowr.com/sysowned-your-friendly-rce-support-ticket/

Query:

FOFA: icon_hash="1540720428"
Shodan: title:"SysAis"
Shodan: http.html:"SysAis"
ZoomEye: app:"SysAid On-Prem Software"

08.05.202508:09

Defendnot

The improved version of no-defender, a tool that interacts with WSC api to disable window defender.

How it works:

There's a WSC (Windows Security Center) service in Windows which is used by antiviruses to let Windows know that there's some other antivirus in the hood and it should disable Windows Defender.
This WSC API is undocumented and furthermore requires people to sign an NDA with Microsoft to get its documentation.

The initial implementation of no-defender used thirdparty code provided by other AVs to register itself in the WSC, while defendnot interacts with WSC directly.

05.05.202518:46

EvilentCoerce

A PoC tool that triggers the ElfrOpenBELW procedure in the MS-EVEN RPC interface (used for Windows Event Log service), causing the target machine to connect to an attacker-controlled SMB share. If antivirus software (e.g., Defender) is present, it may scan the file and unintentionally leak NetNTLMv2 credentials, which can be relayed via ntlmrelayx.

Blog: https://habr.com/ru/companies/tomhunter/articles/907068/

03.05.202509:56

SonicWall SMA 100 PreAuth RCE Chain (CVE-2023-44221, CVE-2024-38475)

Blog: https://labs.watchtowr.com/sonicboom-from-stolen-tokens-to-remote-shells-sonicwall-sma100-cve-2023-44221-cve-2024-38475/

Query:

HUNTER :product.name="SonicWall Secure Mobile Access"
FOFA : product="SONICWALL-Secure-Mobile-Access"
SHODAN : server=="SonicWALL SSL-VPN Web Server"

02.05.202519:18

CVE-2024-10442 (CVSS 10): Synology DiskStation RCE to root via out-of-bounds NULL-byte write flaw

Null-byte write flaw allows attackers to exploit improper data validation, triggering out-of-bounds writes for arbitrary code execution as root.

Blog: https://blog.ret2.io/2025/04/23/pwn2own-soho-2024-diskstation/

ZoomEye Dork:

app="Synology DiskStation"

P.S.

897K+ vulnerable devices!

02.05.202512:36

Bolthole

A proof-of-concept ClickOnce payload for Red Teams to establish initial access.

• Reverse SSH tunnel into the target environment
• CMD shell access as the executing user (no password required)
• SOCKS proxy functionality for pivoting

All posts

Advertised0 seconds

08.05.202512:51BadB's Porn Club

2.7K

Advertised0 seconds

05.05.202520:00Волосатый бублик

7.2K

Advertised0 seconds

22.04.202507:25APT

11.7K

Advertised0 seconds

18.03.202516:33Укротитель змей

245

More details

Records

17.05.202523:59

3.7KSubscribers

05.02.202515:16

100Citation index

05.05.202523:17

2.1KAverage views per post

10.05.202501:55

2.1KAverage views per ad post

16.04.202514:09

11.41%ER

05.05.202523:17

59.69%ERR

Growth

More details

Subscribers

Citation index

Avg views per post

Avg views per ad post

ERR

More details

Popular posts 1N73LL1G3NC3

All posts

Reposted from:

APT

15.05.202510:22

13.05.202514:59

15.05.202509:20

CVE-2025-23395 Screen LPE exploit

Blog: https://security.opensuse.org/2025/05/12/screen-security-issues.html#3a-local-root-exploit-via-logfile_reopen-cve-2025-23395

12.05.202515:59

HookingLsassForCredentials

Attempting to Hook LSASS APIs to Retrieve Plaintext Credentials.

The goal of this PoC is to leverage the registry key discovered here to load a DLL into Lsass.exe that will allow us to fetch the user's credentials (in any form possible) while effectively bypassing Credential Guard. It is worth mentioning that when Credential Guard is enabled, Lsass.exe hands over credential protection and caching to LsaIso.exe, however, Lsass.exe remains the one responsible for verifying the login user credentials.

16.05.202510:13

🤯 Boooost!

08.05.202508:09

Defendnot

The improved version of no-defender, a tool that interacts with WSC api to disable window defender.

How it works:

There's a WSC (Windows Security Center) service in Windows which is used by antiviruses to let Windows know that there's some other antivirus in the hood and it should disable Windows Defender.
This WSC API is undocumented and furthermore requires people to sign an NDA with Microsoft to get its documentation.

The initial implementation of no-defender used thirdparty code provided by other AVs to register itself in the WSC, while defendnot interacts with WSC directly.

Reposted from:

Ralf Hacker Channel

15.05.202506:50

30.04.202515:32

LsassHijackingViaReg

Injecting a DLL into lsass.exe by editing a registry key value.

09.05.202517:15

CVE-2025-2563: Unauthenticated privilege escalation in the WordPress User Registration & Membership plugin.

Affected versions:

Free < 4.1.2, Pro < 5.1.2

02.05.202519:18

app="Synology DiskStation"

P.S.

897K+ vulnerable devices!

01.05.202516:44

Goexec

A new take on some of the methods used to gain remote execution on Windows devices. Goexec implements a number of largely unrealized execution methods and provides significant OPSEC improvements overall.

Blog: https://www.falconops.com/blog/introducing-goexec

23.04.202509:02

Awesome-injection

Centralized resource for listing and organizing known injection techniques and POCs

13.05.202510:52

ZoomEye Dork: app="F5 BIG-IP load balancer"
HUNTER : product.name="F5 BIG-IP"
FOFA : product="f5-BIGIP"

08.05.202510:55

FOFA: icon_hash="1540720428"
Shodan: title:"SysAis"
Shodan: http.html:"SysAis"
ZoomEye: app:"SysAid On-Prem Software"

05.05.202518:46