Hack Tools/Exploits

Packetstorm Last 10 Files

  1. Botan C++ Crypto Algorithms Library 1.10.12 - Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference.
  2. Comodo Chromodo Browser Disable Same Origin Policy - When you install Comodo Internet Security, by default a new browser called Chromodo is installed and set as the default browser. Additionally, all shortcuts are replaced with Chromodo links and all settings, cookies, etc are imported from Chrome. They also hijack DNS settings, among other shady practices.
  3. Google Chrome Privilege Escalation - There is an overflow in the ui::PlatformCursor WebCursor::GetPlatformCursor method in Google Chrome.
  4. Adobe Flash Processing AVC Causes Stack Corruption - This mp4 file causes stack corruption in Flash. To run the test, load LoadMP42.swf?file=null.mp4 from a remote server.
  5. Samsung Galaxy S6 LibQjpeg Je_free Crash - This jpg file causes an invalid pointer to be freed when media scanning occurs on Samsung Galaxy S6.
  6. Samsung Galaxy S6 Android.media.process Face Recognition Memory Corruption - This proof of concept file causes memory corruption when it is scanned by the face recognition library in android.media.process.
  7. Samsung SecEmailUI Script Injection - The default Samsung email client's email viewer and composer (implemented in SecEmailUI.apk) doesn't sanitize HTML email content for scripts before rendering the data inside a WebView. This allows an attacker to execute arbitrary JavaScript when a user views a HTML email which contains HTML script tags or other events.
  8. Mobile Drive Free 1.8 Local File Inclusion / File Upload - Mobile Drive Free 1.8 suffers from local file inclusion and remote file upload vulnerabilities.
  9. ThumbDrive 1.1 Local File Inclusion / File Upload - ThumbDrive version 1.1 suffers from local file inclusion and remote file upload vulnerabilities.
  10. Norcon 2016 Call For Papers - Norcon 2016 has announced its call for papers. It will be held in Chico, CA, USA from March 26th through the 27th, 2016.

Packetstorm Tools

  1. IPSet Bash Completion 2.7 - ipset-bash-completion is programmable completion code for the bash shell, to support the ipset program (netfilter.org). It allows you to interactively retrieve and complete options, commands, set names, types, and members.
  2. ArpON Arp Handler Inspection 3.0 - ArpON (Arp handler inspectiON) is a portable ARP handler. It detects and blocks all ARP poisoning/spoofing attacks with the Static Arp Inspection (SARPI) and Dynamic Arp Inspection (DARPI) approaches on switched/hubbed LAN with/without DHCP protocol.
  3. IPTables Bash Completion 1.4 - iptables-bash_completion provides programmable completion for the iptables and ip6tables programs from netfilter.org. Following the logic of iptables, options are shown only if they are valid at the current context. Additionally to the completion on options, matches and targets, it supports dynamic retrieval of data from the system i.e: chain-, set-names, interfaces, hostnames, etc. Environment variables allow to fine grade completion options. IP and MAC addresses can be fed by file.
  4. 360-FAAR Firewall Analysis Audit And Repair 0.5.5 - 360-FAAR Firewall Analysis Audit and Repair is an offline command line perl policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in checkpoint dbedit or screenos commands.
  5. I2P 0.9.24 - I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version.
  6. 360-FAAR Firewall Analysis Audit And Repair 0.5.4 - 360-FAAR Firewall Analysis Audit and Repair is an offline command line perl policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in checkpoint dbedit or screenos commands.
  7. VBScan Vulnerability Scanner 0.1.4 - VBScan is a black box vBulletin vulnerability scanner written in perl.
  8. Suricata IDPE 3.0 - Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.
  9. IP-Array IPTables Firewall Script 1.0.3 - A Linux IPv4 firewall and traffic shaper for single hosts to small and mid-sized networks. It allows flexible rule creation, while also shipping with presets for common needs. Rules are written in simple XML, allowing various ways to group and nest the iptables arguments. An interactive mode is available in order to build configuration files in a wizard based manner. Extensive documentation is also included.
  10. Packet Fence 5.6.1 - PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.

Packetstorm Exploits

  1. Comodo Chromodo Browser Disable Same Origin Policy - When you install Comodo Internet Security, by default a new browser called Chromodo is installed and set as the default browser. Additionally, all shortcuts are replaced with Chromodo links and all settings, cookies, etc are imported from Chrome. They also hijack DNS settings, among other shady practices.
  2. Google Chrome Privilege Escalation - There is an overflow in the ui::PlatformCursor WebCursor::GetPlatformCursor method in Google Chrome.
  3. Adobe Flash Processing AVC Causes Stack Corruption - This mp4 file causes stack corruption in Flash. To run the test, load LoadMP42.swf?file=null.mp4 from a remote server.
  4. Samsung Galaxy S6 LibQjpeg Je_free Crash - This jpg file causes an invalid pointer to be freed when media scanning occurs on Samsung Galaxy S6.
  5. Samsung Galaxy S6 Android.media.process Face Recognition Memory Corruption - This proof of concept file causes memory corruption when it is scanned by the face recognition library in android.media.process.
  6. Samsung SecEmailUI Script Injection - The default Samsung email client's email viewer and composer (implemented in SecEmailUI.apk) doesn't sanitize HTML email content for scripts before rendering the data inside a WebView. This allows an attacker to execute arbitrary JavaScript when a user views a HTML email which contains HTML script tags or other events.
  7. Mobile Drive Free 1.8 Local File Inclusion / File Upload - Mobile Drive Free 1.8 suffers from local file inclusion and remote file upload vulnerabilities.
  8. ThumbDrive 1.1 Local File Inclusion / File Upload - ThumbDrive version 1.1 suffers from local file inclusion and remote file upload vulnerabilities.
  9. Netgear Pro NMS 300 Code Execution / File Download - Netgear Pro NMS 300 suffers from code execution and arbitrary file download vulnerabilities.
  10. Avast File Read - This one is complicated, but allows an attacker to read any file on the filesystem by clicking a link. You don't even have to know the name or path of the file, because you can also retrieve directory listings using this attack. Additionally, you can send arbitrary authenticated HTTP requests, and read the responses. This allows an attacker to read cookies, email, interact with online banking and so on.

Securiteam Exploits

  1. PCRE Unintended Recursion And Buffer Overflow Vulnerabilities - PCRE before 8.38 mishandles certain instances of the (?| substring, which allows remote attackers to cause a denial of service (unintended recursion and buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror
  2. Qolsys IQ Panel Bypass Intended Access Restrictions Vulnerabilities - Qolsys IQ Panel (aka QOL) before 1.5.1 does not verify the digital signatures of software updates, which allows man-in-the-middle attackers to bypass intended access restrictions via a modified update.
  3. Symantec Endpoint Protection Manager Execute Arbitrary OS Commands Vulnerabilities - Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP3 allows remote attackers to execute arbitrary OS commands via crafted data.
  4. Adobe Flash Player And AIR Remote Code-Execution Vulnerabilities - Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary code via a crafted loadSound call
  5. Android Bluetooth Connection Vulnerabilities - Bluetooth in Android 4.4 and 5.x before 5.1.1 LMY48Z allows user-assisted remote attackers to execute arbitrary code by leveraging access to the local physical environment