APT – Telegram

🍪 GlobalUnProtect

PoC tool for decrypting and collecting GlobalProtect configuration, cookies, and HIP files from windows client installations.

🔗 Research:
https://rotarydrone.medium.com/decrypting-and-replaying-vpn-cookies-4a1d8fc7773e

🔗 Source:
https://github.com/rotarydrone/GlobalUnProtect

#paloalto #globalprotect #cookie #vpn

🔥13👍3

5.8K views11:21

🛡️

Palo Alto PAN-OS Pre-Auth RCE Chain (CVE-2024-0012 & CVE-2024-9474)

A critical vulnerability chain in Palo Alto PAN-OS, combining an authentication bypass (CVE-2024-0012) and a command injection flaw (CVE-2024-9474) in the management web interface, allows unauthenticated attackers to execute arbitrary code with root privileges.

🛠 Affected Versions:
— PAN-OS 11.2 (up to and including 11.2.4-h1)
— PAN-OS 11.1 (up to and including 11.1.5-h1)
— PAN-OS 11.0 (up to and including 11.0.6-h1)
— PAN-OS 10.2 (up to and including 10.2.12-h2)

🔗 Research:
https://labs.watchtowr.com/pots-and-pans-aka-an-sslvpn-palo-alto-pan-os-cve-2024-0012-and-cve-2024-9474/

🔗 PoC:
https://github.com/watchtowrlabs/palo-alto-panos-cve-2024-0012

🔗 Exploit:
https://github.com/Chocapikk/CVE-2024-9474

#paloalto #panos #sslvpn #unauth #rce

Please open Telegram to view this post

🔥8👍7

17.7K viewsedited 21:25

🔑 PanGPA Extractor

Tool to extract username and password of current user from PanGPA in plaintext under Windows. Palo Alto Networks GlobalProtect client queries the GlobalProtect Service for your username and password everytime you log on or refresh the connection.

🔗 Research:
https://shells.systems/extracting-plaintext-credentials-from-palo-alto-global-protect/

🔗 Source:
https://github.com/t3hbb/PanGP_Extractor

#paloalto #globalprotect #credentials #dump

🔥6👍4❤‍🔥3🤔1

8.43K views11:01