Cobalt strike 4.7 Original

JinnX93 · 16.01.2023

Hi,

I just found cobalt strike 4.7 Original cracked version on this chinese website!

https://www.ddosi.org/cobalt-strike-4-7/

But I didn't give it a try yet! clean or infected I'm not sure.

Have a look at it

donsalas · 16.01.2023

cobalt strike 4.7.2 or the unpatched one ?

Aquari2 · 16.01.2023

I think the unpatched version if its Original. thx

xebec · 16.01.2023

it's to bad to use it , becarful with CVE-2022-39197 vul on it

JinnX93 · 16.01.2023

xebec сказал(а):

it's to bad to use it , becarful with CVE-2022-39197 vul on it

Tried it in vm with win 11! looks good and clean!

xebec · 16.01.2023

JinnX93 сказал(а):

Tried it in vm with win 11! looks good and clean!

it's not about clean , it's about when you be in someone else pc they can use this vul against you

xebec · 16.01.2023

JinnX93 сказал(а):

Tried it in vm with win 11! looks good and clean!

search on youtube using "CVE-2022-39197 cobalt strike" to understand

kiloton · 16.01.2023

JinnX93 сказал(а):

Tried it in vm with win 11! looks good and clean!

Did you even understand the meaning of CVE-2022-39197?
This doesn't matter if the .jar is original or not, it's a bug in the
engine that allows RCE on your team server.
So you will be pwned by researchers and all targets stolen or reported.

GitHub - its-arun/CVE-2022-39197: CobaltStrike <= 4.7.1 RCE

CobaltStrike <= 4.7.1 RCE. Contribute to its-arun/CVE-2022-39197 development by creating an account on GitHub.

github.com

GitHub - xzajyjs/CVE-2022-39197-POC: CVE-2022-39197(CobaltStrike XSS <=4.7) POC

CVE-2022-39197(CobaltStrike XSS <=4.7) POC. Contribute to xzajyjs/CVE-2022-39197-POC development by creating an account on GitHub.

github.com

r1z · 16.01.2023

donsalas сказал(а):

cobalt strike 4.7.2 or the unpatched one ?

Totally yes, un-secured version (china home of backdoors --> ddosi.org) and vulnerable to remote code execution vulnerablity

JinnX93 сказал(а):

Tried it in vm with win 11! looks good and clean!

99% you like to run everything available in public) learn before advice people.

xebec · 16.01.2023

r1z сказал(а):

Totally yes, un-secured version (china home of backdoors --> ddos.org) and vulnerable to remote code execution vulnerablity

Посмотреть вложение 49996

99% you like to run everything available in public) learn before advice people.

this what i am talking about , thanks r1z

bibz · 16.01.2023

Ребята, я не советую вам трогать китайскую версию. Большинство CS, которые я нашел, были заражены.

Borte · 12.02.2023

Thanks, I do appreciate this extra information!

Guest · 14.02.2023

Absolute infected shit

c0nm4n · 16.02.2023

just because it's Chinese and cracked, I'm sure there's a surprise in the file, but thanks anyway

Cobalt strike 4.7 Original

JinnX93

ripper

donsalas

floppy-диск

Aquari2

floppy-диск

xebec

floppy-диск

JinnX93

ripper

xebec

floppy-диск

xebec

floppy-диск

kiloton

RAM

GitHub - its-arun/CVE-2022-39197: CobaltStrike <= 4.7.1 RCE

GitHub - xzajyjs/CVE-2022-39197-POC: CVE-2022-39197(CobaltStrike XSS <=4.7) POC

r1z

Still(In)Secure

xebec

floppy-диск

bibz

CD-диск

Borte

HDD-drive

Guest

Премиум

c0nm4n

floppy-диск