Last Week in Security (LWiS) - 2024-09-03

argv[0] tampering (@Wietze), Moodle eval() misuse (@RedTeamPT), ntoskrnl.exe PoC (@b1thvn_), 4x wappd exploits (@hyprdude), and more!

Last Week in Security is a summary of the interesting cybersecurity news, techniques, tools and exploits from the past week. This post covers 2024-08-26 to 2024-09-03.

News

Techniques and Write-ups

Tools and Exploits

  • Red-Infra-Craft automates the deployment of powerful red team infrastructures! It streamlines the setup of C2s, makes it easy to create advanced phishing & payload infrastructure.
  • CVE-2024-43044-jenkins - Exploit for the vulnerability CVE-2024-43044 in Jenkins.
  • enumhandles_BOF - This BOF can be used to identify processes that hold handles to a given file. This can be useful to identify which process is locking a file on disk.
  • CVE-2024-5274 - PoC for the type confusion in V8 in Google Chrome prior to 125.0.6422.112 that allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
  • limoncello - Yet another LLVM-based obfuscator.
  • hackshell - Make BASH stealthy and hacker friendly with lots of bash functions.

New to Me and Miscellaneous

This section is for news, techniques, write-ups, tools, and off-topic items that weren't released last week but are new to me. Perhaps you missed them too!

Techniques, tools, and exploits linked in this post are not reviewed for quality or safety. Do your own research and testing.