APT
@APT_Notes
12.5K subscribers
550 photos
27 videos
24 files
889 links
This channel discusses:

— Offensive Security
— RedTeam
— Malware Research
— OSINT
— etc

Disclaimer:
t.iss.one/APT_Notes/6

Chat Link:
t.iss.one/APT_Notes_PublicChat
Download Telegram
About
Blog
Apps
Platform
Join
APT
12.5K subscribers
APT
SharpSystemTriggers

Collection of remote authentication triggers in C#

https://github.com/cube0x0/SharpSystemTriggers

#coerce #authentication #petitpotam #spoolsample #dcom
GitHub
GitHub - cube0x0/SharpSystemTriggers: Collection of remote authentication triggers in C#
Collection of remote authentication triggers in C# - GitHub - cube0x0/SharpSystemTriggers: Collection of remote authentication triggers in C#
288 viewsedited  
APT
🧲 PoC for MS-DFSNM coerce authentication using NetrDfsRemoveStdRoot method

Spooler service disabled, RPC filters installed to prevent PetitPotam and File Server VSS Agent Service not installed but you still want to relay DC authentication to ADCS? Don't worry MS-DFSNM have your back:

🔗 https://github.com/Wh04m1001/DFSCoerce

Inspired by:

🔗 https://github.com/topotam/PetitPotam
🔗 https://github.com/ShutdownRepo/ShadowCoerce
🔗 https://github.com/leechristensen/SpoolSample

#authentication #coercion #petitpotam #dfsnm
🔥7👍2
2.35K viewsedited  
APT
🖥 Veeam Enterprise Manager Authentication Bypass

May 21st, Veeam published an advisory stating that all the versions BEFORE Veeam Backup Enterprise Manager 12.1.2.172 is affected by an authentication bypass allowing an unauthenticated attacker to bypass the authentication and log in to the Veeam Backup Enterprise Manager web interface as any user the CVSS for this vulnerability is 9.8.

🔗 Source:
https://summoning.team/blog/veeam-enterprise-manager-cve-2024-29849-auth-bypass/

🔗 PoC:
https://github.com/sinsinology/CVE-2024-29849

#veeam #authentication #bypass #cve
Please open Telegram to view this post
VIEW IN TELEGRAM
🔥7👍2
22.4K viewsedited