let’s play with a ZERO-DAY vulnerability “follina”

preview_player
Показать описание


In this video NetworkChuck teamed up with @_JohnHammond to talk about the NEW and SCARY Microsoft Vulnerability. NetworkChuck and John Hammond are going to teach you about a new dangerous Windows Zero-day vulnerability called “follina” and they are even going to show you how to test it out in your own Zero-day lab using VirtualBox!! Dubbed CVE-2022-30190, this vulnerability takes advantage of the Microsoft Support Diagnostic Tool (msdt) in Microsoft Office. So far, we have seen it the exploit successfully occur with Microsoft Word utilized .doc and .rtf variants. This is a high severity exploit given the remote code execution.

SPECIAL THANKS to John Hammond (go check him out!!)
---------------------------------------------------

**Sponsored by ITProTV

SUPPORT NETWORKCHUCK
---------------------------------------------------

READY TO LEARN??
---------------------------------------------------

FOLLOW ME EVERYWHERE
---------------------------------------------------

0:00 ⏩ Intro
1:58 ⏩ How does CVE-2022-30190 work??
6:33 ⏩ What happens when you open the file?
9:23 ⏩ Let’s set up our zero-day vulnerability lab!
17:29 ⏩Time to test the Malware!
20:00 ⏩ Outro

AFFILIATES & REFERRALS
---------------------------------------------------
(GEAR I USE...STUFF I RECOMMEND)

#follina #cve202230190 #microsoft
  1. NetworkChuck
  2. malwars
  3. transomware
  4. python
  5. microsoft
  6. follina
Рекомендации по теме
let’s play with 0:21:21

let’s play with a ZERO-DAY vulnerability “follina”

Trymacs hat keine 0:00:20

Trymacs hat keine Cola Zero mehr für Sascha😡😂

35C3 - The 0:57:04

35C3 - The Layman's Guide to Zero-Day Engineering

FROM ZERO TO 1:05:08

FROM ZERO TO MEGABASE - Factorio: Part 1 - Beating The Game

When You Can’t 0:00:15

When You Can’t Dance But Play Sparking Zero🔥🕺🏾 #sparkingzero #dbz #dragonballsuper #anime

Der GROßE SKANDAL 0:01:00

Der GROßE SKANDAL um Cells Schrei im Dragon Ball Esport! Sparking Zero

Harry Potter Makes 0:01:00

Harry Potter Makes Zero Sense

Lets Play Dragonball 0:24:56

Lets Play Dragonball Sparking Zero German/Deutsch 100% Part 1: Der Hype ist real

10 KM EVERY 0:10:50

10 KM EVERY DAY CHALLENGE - Part 1 💥🏃‍♂️🏃‍♀️

Super Mario Bros 0:01:01

Super Mario Bros Zero, 8-1 Level! #boonieveteran #kaizomario #kaizo #supermariobros #mario

The First Hour 1:23:11

The First Hour of Survival, Zero Sievert | Tactical Pixel Tarkov Open-World RPG Roguelite

let's play the 0:43:59

let's play the new sims expansion life & death as a black widow challenge

THESE DRAGON BALL 0:00:19

THESE DRAGON BALL SPARKING! ZERO INTERACTIONS ARE INSANE! #sparkingzero #dragonballsparkingzero

Gottlose BROLY STRATEGIE 0:01:00

Gottlose BROLY STRATEGIE bricht Sparking Zero! Stärkster Charakter ( Dragon Ball )

The Fortnite Quad 0:00:28

The Fortnite Quad Edit World Record!

Injustice 2 Sub-zero 0:00:28

Injustice 2 Sub-zero meets teen titans 😨🤣😰 #injustice2 #shortsfeed #dccomics #shorts #vieal

OG Fortnite is 0:00:46

OG Fortnite is back!

Horizon Zero Dawn 0:09:17

Horizon Zero Dawn Remastered Changes More Than You Think...

How to find 0:23:03

How to find Zero Day exploits

Who stole Levinho’s 0:00:19

Who stole Levinho’s ammos? 🤔😂 #pubgmobile #shorts #zetti #VASA #TeamVASA #bgmi

DragonBall Sparking Zero 0:00:46

DragonBall Sparking Zero How to use the Vanishing Technique!

Best Black Ops 0:01:01

Best Black Ops 6 Controller Settings 🤯👀

Laundromat Simulator | 0:53:25

Laundromat Simulator | Episode 1 | Lets Play

Burnice & Caesar 0:00:20

Burnice & Caesar Exercising...🔥【Zenless Zone Zero】 Lucy Secretly Recording Caesar & Burnice...

Комментарии
Автор



SPECIAL THANKS to John Hammond (go check him out!!)




**Sponsored by ITProTV

0:00 ⏩ Intro
1:58 ⏩ How does CVE-2022-30190 work??
6:33 ⏩ What happens when you open the file?
9:23 ⏩ Let’s set up our zero-day vulnerability lab!
17:29 ⏩Time to test the Malware!
20:00 ⏩ Outro

NetworkChuck
Автор

Thanks for keeping the “mistakes” in the video. It reinforces the information sooo much better !

andyh
Автор

HUGE thanks for letting me come crash the party, NetworkChuck!! Looking forward to all the crazy cool stuff we can do in the future 😎

_JohnHammond
Автор

It was amazing seeing Chuck test a real vunerability, this could be a very interesting series on your channel!

marcfer
Автор

Zero-day vulnerability is scary and should be consider to learn with caution. Thank you for the information and keep it up!

gamereditorner
Автор

Thank you Network Chuck for making this video so quickly and of course thanks to John Hammond. I followed along and indeed was fun to play around with.

kronedog
Автор

As an ethical hacker in making, I really appreciated this video, very informative as always, thanks, Chuck!

mrnobodyatallnoneed
Автор

As a middle aged bearded geek going through A+ cert after years of computer nerdery, your videos always ring true to what I seem to be learning at any moment be it bash, be it ip sucking at subnetting or zero day exploits…Chuck you are tuned in to what so many delicious topics! Thanks for being our coffee! ☕️

gregatit
Автор

Definitely would like to see more of these type of videos. As a user of the 365 support and recovery tool for troubleshooting tenant issues I’m wondering how vulnerable the program is to being exploited, especially not knowing how superficial endpoint scanning is…

Kevinmulhalljr
Автор

Very interesting video. I've been playing with python for the last 5 or 6 months, but never knew you could make a webserver like that. Great content!!!

keithcooper
Автор

Chuck definitely do more stuff like that!!

gerardest
Автор

Thank you for this video, relateable content as im in the cyber security field. Would definatly be intersted in more content like this.

jasonholtham
Автор

You should really do a playlist explaining these vulnerabilities.
Yes, there are channels explaining this stuff, but with you and your way of teaching things, explaining a CVE and how it works is a must for security professionals, especially if they want to be blue or red team pros, or even us, who are just passionate of these things.

Do a

ChristianPixtun
Автор

Man, after months of "20mn video to explain if/else" it's really really nice to see again full power highly caffeinated Chuck

mikalichou
Автор

Super Video Chuck Your videos are awesome And informative

Asherstitusworld
Автор

Windows Defender seems to have caught up with Follina. Word still reaches out to the server, but that's it. You get a warning and nothing else is happening - at least with my setup, don't feel too safe. I really like the idea of Chuck and John making content as a team, by the way!

stepsxa
Автор

Amazing collab! Been following both of you for a while, awesome to see!

djscuffedjays
Автор

2 of my favorite youtubers looking at one of my favorite zero days

meercat
Автор

its really awesome that this video references what you learn in the Hack the box course.

plousho
Автор

@NetWorkChuck

Yes, you should keep doing vids like this. The good thing to this would be your growing along the way AND bringing others with you as they learn these things too!

cleightthejw