China Hacking APT Team Collection Of Hacking Tools

Autorius: Richard von Coudenhove-Kalergi Šaltinis: 2021-10-12 16:12:00, skaitė 741, komentavo 4

China Hacking APT Team Collection Of Hacking Tools

China Hacking APT Team APT CHINA GROUP Collection Of Hacking Tools & Explotation CVE For Hacking APT Team"

CVE-2019-11510 Exploit for Arbitrary File Read on Pulse Secure SSL VPN (CVE-2019-11510)

CVE-2020-5902 exploit code for F5-Big-IP (CVE-2020-5902)

CVE-2019-19781 A Citrix Application Delivery Controller (ADC) and Gateway directory traversal vulnerability, which can lead to remote code execution without credentials.

CVE-2020-8193-Citrix-Scanner -

Citrix_adc_netscaler_lfi_scan -

CVE-2019-0708 - A remote code execution vulnerability exists in Remote Desktop Services

CVE-2020-15505 -

CVE-2020-15505 Exploit Active Directory for Lateral Movement and Credential Access: CVE-2020-1472 Checker & Exploit Code for CVE-2020-1472 aka Zerologon

CVE-2019-1040 scanner Checks for CVE-2019-1040 vulnerability over SMB. The script will establish a connection to the target host(s) and send an invalid NTLM authentication.

Exploit public-facing servers: Attackers use these vulnerabilities to bypass authentication in web servers, email servers, or DNS to remotely execute commands on the internal network.

For compromised web servers, attackers can utilize them in watering-hole attacks to target future visitors. CVE-2020-1350 The Windows DNS server SigRed vulnerability allows attackers to spread laterally through a network.

CVE-2018-6789 Exim CVE-2018-6789 PoC materials to exploit CVE-2018-6789.


Exploit internal servers: These vulnerabilities are used to spread laterally throughout a network and gain access to internal servers, where the attackers can steal valuable data.

CVE-2020-0688 - A Microsoft Exchange vulnerability that allows authenticated users to perform remote code execution

CVE-2015-4852 - The WLS Security component in Oracle WebLogic15 Server allows remote attackers to execute arbitrary commands via a crafted serialized Java16 object.

CVE-2020-2555 - A vulnerability exists in the Oracle® Coherence product of Oracle Fusion® Middleware. This easily exploitable

CVE-2019-3396 - A server-side template injection vulnerability is present in the Widget Connector in Atlassian Confluence servers that allows remote attackers to perform remote code execution and path traversal.

CVE-2019-11580 - Attackers who can send requests to an Atlassian® Crowd or Crowd Data Center instance can exploit this vulnerability to install arbitrary plugins, permitting remote code execution. This vulnerability was used in GandCrab ransomware attacks in the past.

Invoke-DNSteal - Simple And Customizable DNS Data Exfiltrator Invoke-DNSteal

CVE-2019-18935 - A vulnerability in Telerik 19 UI for ASP.NET AJAX can lead to remote code execution. It was seen used by a hacker group named 'Blue Mockingbird' to install Monero miners on vulnerable servers but could be used to spread laterally as well.

Exploit secure remote access: To gain access to networks, Chinese threat actors utilize seven different vulnerabilities, many of which also provide credentials that can be used to spread further on the network.

Cyber Apocalypse

How To Make A Computer Virus