Hack Tools/Exploits


Packetstorm Last 10 Files

  1. Whale Win32 Attack Surface Toolkit - Whale in a win32 attack surface toolkit written in C#. It's capable of monitoring many of different areas of the Windows for new and removed kernel objects, open ports, drivers, services and much more. It also allows a user to test for different bug classes and has found a few interesting issues across the sub-systems.
  2. Microsoft Windows 10 x86/x64 WLAN AutoConfig Named Pipe Proof Of Concept - Microsoft Windows 10 x86/x64 build 10.0.14393 WLAN autoconfig named pipe denial of service proof of concept exploit.
  3. Edge SkateShop Authentication Bypass - Edge SkateShop suffers from an authentication bypass vulnerability.
  4. Sony IPELA ENGINE IP Cameras Backdoor Accounts - Sony IPELA ENGINE IP Cameras contain multiple backdoors that, among other functionality, allow an attacker to enable the Telnet/SSH service for remote administration over the network. Other available functionality may have undesired effects to the camera image quality or other camera functionality. After enabling Telnet/SSH, another backdoor allows an attacker to gain access to a Linux shell with root privileges.
  5. Microsoft Internet Explorer 9 jscript9 JavaScriptStackWalker Memory Corruption - A specially crafted web-page can trigger a memory corruption vulnerability in Microsoft Internet Explorer 9. A pointer set up to point to certain data on the stack can be used after that data has been removed from the stack. This results in a stack-based analog to a heap use-after-free vulnerability. The stack memory where the data was stored can be modified by an attacker before it is used, allowing remote code execution.
  6. AbanteCart 1.2.7 Cross Site Scripting - AbanteCart version 1.2.7 suffers from a stored cross site scripting vulnerability.
  7. Microsoft PowerShell XXE Injection - Microsoft PowerShell suffers from an XML external entity (XXE) injection vulnerability that allows for file exfiltration.
  8. Red Hat Security Advisory 2016-2872-01 - Red Hat Security Advisory 2016-2872-01 - The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root. Security Fix: It was discovered that the sudo noexec restriction could have been bypassed if application run via sudo executed system(), popen(), or wordexp() C library functions with a user supplied argument. A local user permitted to run such application via sudo with noexec restriction could use these flaws to execute arbitrary commands with elevated privileges.
  9. Red Hat Security Advisory 2016-2871-01 - Red Hat Security Advisory 2016-2871-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Security Fix: A denial of service flaw was found in the way BIND handled responses containing a DNAME answer. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response.
  10. Gentoo Linux Security Advisory 201612-15 - Gentoo Linux Security Advisory 201612-15 - Multiple vulnerabilities have been found in ARJ, the worst of which may allow attackers to execute arbitrary code. Versions less than 3.10.22-r5 are affected.

Packetstorm Tools

  1. Whale Win32 Attack Surface Toolkit - Whale in a win32 attack surface toolkit written in C#. It's capable of monitoring many of different areas of the Windows for new and removed kernel objects, open ports, drivers, services and much more. It also allows a user to test for different bug classes and has found a few interesting issues across the sub-systems.
  2. DAVOSET 1.2.9 - DAVOSET is a tool for committing distributed denial of service attacks using execution on other sites.
  3. Hashcat Advanced Password Recovery 3.20 Source Code - hashcat is an advanced GPU hash cracking utility that includes the World's fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker. It also has the first and only GPGPU-based rule engine, focuses on highly iterated modern hashes, single dictionary-based attacks, and more. This is the source code release.
  4. Hashcat Advanced Password Recovery 3.20 Binary Release - hashcat is an advanced GPU hash cracking utility that includes the World's fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker. It also has the first and only GPGPU-based rule engine, focuses on highly iterated modern hashes, single dictionary-based attacks, and more. This is the binary release.
  5. TOR Virtual Network Tunneling Tool 0.2.8.10 - Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).
  6. Suricata IDPE 3.2 - Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.
  7. FireHOL 3.1.0 - FireHOL a simple yet powerful way to configure stateful iptables firewalls. It can be used for almost any purpose, including control of any number of internal/external/virtual interfaces, control of any combination of routed traffic, setting up DMZ routers and servers, and all kinds of NAT. It provides strong protection (flooding, spoofing, etc.), transparent caches, source MAC verification, blacklists, whitelists, and more. Its goal is to be completely abstracted and powerful but also easy to use, audit, and understand.
  8. Evilgrade - The Update Exploitation Framework 2.0.8 - Evilgrade is a modular framework that allows the user to take advantage of poor upgrade implementations by injecting fake updates. This framework comes into play when the attacker is able to make traffic redirection, and such thing can be done in several ways such as: DNS tampering, DNS Cache Poisoning, ARP spoofing Wi-Fi Access Point impersonation, DHCP hijacking with your favorite tools. This way you can easy take control of a fully patched machine during a penetration test in a clean and easy way. The main idea behind the is to show the amount of trivial errors in the update process of mainstream applications.
  9. Blue Team Training Toolkit (BT3) 2.1 - Blue Team Training Toolkit (BT3) is an attempt to introduce improvements in current computer network defense analysis training. Based on adversary replication techniques, and with reusability in mind, BT3 allows individuals and organizations to create realistic computer attack scenarios, while reducing infrastructure costs, implementation time and risk. The Blue Team Training Toolkit is written in Python, and it includes the latest versions of Encripto's Maligno and Pcapteller.
  10. FireHOL 3.0.2 - FireHOL a simple yet powerful way to configure stateful iptables firewalls. It can be used for almost any purpose, including control of any number of internal/external/virtual interfaces, control of any combination of routed traffic, setting up DMZ routers and servers, and all kinds of NAT. It provides strong protection (flooding, spoofing, etc.), transparent caches, source MAC verification, blacklists, whitelists, and more. Its goal is to be completely abstracted and powerful but also easy to use, audit, and understand.

Packetstorm Exploits

  1. Microsoft Windows 10 x86/x64 WLAN AutoConfig Named Pipe Proof Of Concept - Microsoft Windows 10 x86/x64 build 10.0.14393 WLAN autoconfig named pipe denial of service proof of concept exploit.
  2. Edge SkateShop Authentication Bypass - Edge SkateShop suffers from an authentication bypass vulnerability.
  3. Sony IPELA ENGINE IP Cameras Backdoor Accounts - Sony IPELA ENGINE IP Cameras contain multiple backdoors that, among other functionality, allow an attacker to enable the Telnet/SSH service for remote administration over the network. Other available functionality may have undesired effects to the camera image quality or other camera functionality. After enabling Telnet/SSH, another backdoor allows an attacker to gain access to a Linux shell with root privileges.
  4. Microsoft Internet Explorer 9 jscript9 JavaScriptStackWalker Memory Corruption - A specially crafted web-page can trigger a memory corruption vulnerability in Microsoft Internet Explorer 9. A pointer set up to point to certain data on the stack can be used after that data has been removed from the stack. This results in a stack-based analog to a heap use-after-free vulnerability. The stack memory where the data was stored can be modified by an attacker before it is used, allowing remote code execution.
  5. AbanteCart 1.2.7 Cross Site Scripting - AbanteCart version 1.2.7 suffers from a stored cross site scripting vulnerability.
  6. Microsoft PowerShell XXE Injection - Microsoft PowerShell suffers from an XML external entity (XXE) injection vulnerability that allows for file exfiltration.
  7. WordPress Single Personal Message 1.0.3 SQL Injection - WordPress Single Personal Message plugin version 1.0.3 suffers from a remote SQL injection vulnerability.
  8. Dup Scout Enterprise 9.1.14 Buffer Overflow - Dup Scout Enterprise version 9.1.14 buffer overflow SEH exploit.
  9. DiskBoss Enterprise 7.4.28 Buffer Overflow - DiskBoss Enterprise version 7.4.28 GET buffer overflow exploit.
  10. BlackStratus LOGStorm 4.5.1.35 / 4.5.1.96 Remote Root - BlackStratus LOGStorm has multiple vulnerabilities that allow a remote unauthenticated user, among other things, to assume complete control over the virtual appliance with root privileges. This is possible due to multiple network servers listening for network connections by default, allowing authorization with undocumented credentials supported by appliance's OS, web interface and sql server. Versions 4.5.1.35 and 4.5.1.96 are affected.

Securiteam Exploits

  1. Google Android 7.0 Qualcomm Gain privileges Vulnerability - Google Android is prone to a gain privilege vulnerability. This allow local or remote attackers to gain privileges via a crafted application.
  2. Google Android Denial Of Service Vulnerability - Google Android is prone to a denial of service (DoS) vulnerability. This allow a remote attacker to cause a denial of service (DoS) condition due to high consumption of system resources via certain vulnerable vectors.
  3. Google Chrome 52.0.2743.116 OpenJPEG Denial Of Service Overflow Vulnerability - Google Chrome is prone to a denial of service (DoS) vulnerability. This allow a remote attacker to cause a denial of service (DoS) condition due to high consumption of system resources via certain vulnerable vectors.
  4. IBM Connections 4.0.0.0 Web Cross Site Scripting Vulnerability - Cross-site scripting (XSS) vulnerability in the Web UI in IBM Connections 4.0 through CR4, 4.5 through CR5, 5.0 before CR4, and 5.5 before CR1 allows remote authenticated users to inject arbitrary web script or HTML via vectors
  5. Linux Kernel 4.5.7 Denial Of Service Vulnerability - fs/overlayfs/dir.c in the OverlayFS filesystem implementation in the Linux kernel before 4.6 does not properly verify the upper dentry before proceeding with unlink and rename system-call processing, which allows local users to cause a denial of service (system crash) via a rename system call that specifies a self-hardlink.