Last Week in Security (LWiS) - 2023-07-10

LPEs for Windows and Linux, Mastodon TooRoot, tons of web app hacking, and a bunch of new tools, and more!

Last Week in Security is a summary of the interesting cybersecurity news, techniques, tools and exploits from the past week. This post covers 2023-06-26 to 2023-07-10.

News

Techniques and Write-ups

Tools and Exploits

  • ShellGhost - A memory-based evasion technique which makes shellcode invisible from process start to end.
  • StackRot - CVE-2023-3269: Linux kernel privilege escalation vulnerability.
  • CVE-2023-28252 - Common Log File System (CLFS) LPE for Windows patched in April 2023.
  • evilgophish - evilginx + gophish. Bow with evilginx3 support!
  • shortscan - An IIS short filename enumeration tool.
  • BOFMask is a proof-of-concept for masking Cobalt Strike's Beacon payload while executing a Beacon Object File (BOF).
  • BounceBack - ↕️🤫 Stealth redirector for your red team operation security.
  • TeamsPhisher - Send phishing messages and attachments to Microsoft Teams users.
  • clauneck - A tool for scraping emails, social media accounts, and much more information from websites using Google Search Results.

New to Me and Miscellaneous

This section is for news, techniques, write-ups, tools, and off-topic items that weren't released last week but are new to me. Perhaps you missed them too!

  • Artemis - A modular web reconnaissance tool and vulnerability scanner.
  • golddigger is a simple tool used to help quickly discover sensitive information in files recursively. Originally written to assist in rapidly searching files obtained during a penetration test.
  • mailpit - An email and SMTP testing tool with API for developers.
  • multitail - Tail on steroids.
  • kbtls - Establishes mutually trusted TLS connections based on a pre-shared connection key.
  • skyhook - A round-trip obfuscated HTTP file transfer setup built to bypass IDS detections.
  • webhook is a lightweight incoming webhook server to run shell commands.

Techniques, tools, and exploits linked in this post are not reviewed for quality or safety. Do your own research and testing. This post is cross-posted on SIXGEN's blog.