Hack Tools/Exploits


Packetstorm Last 10 Files

  1. Slackware Security Advisory - libarchive Updates - Slackware Security Advisory - New libarchive packages are available for Slackware 14.1 and -current to fix a security issue.
  2. Red Hat Security Advisory 2016-1106-01 - Red Hat Security Advisory 2016-1106-01 - jq is a lightweight and flexible command-line JSON processor. jq is like sed for JSON data. You can use it to slice, filter, map, or transform structured data with the same ease that sed, awk, grep, or similar applications allow you to manipulate text. Security Fix: A heap-based buffer overflow flaw was found in jq's tokenadd() function. By tricking a victim into processing a specially crafted JSON file, an attacker could use this flaw to crash jq or, potentially, execute arbitrary code on the victim's system.
  3. Oracle ATS Arbitrary File Upload - This Metasploit module exploits an authentication bypass and arbitrary file upload in Oracle Application Testing Suite (OATS), version 12.4.0.2.0 and unknown earlier versions, to upload and execute a JSP shell.
  4. Ubuntu Security Notice USN-2984-1 - Ubuntu Security Notice 2984-1 - It was discovered that the PHP Fileinfo component incorrectly handled certain magic files. An attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS. Hans Jerry Illikainen discovered that the PHP Zip extension incorrectly handled certain malformed Zip archives. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS. Various other issues were also addressed.
  5. HP Security Bulletin HPSBGN03605 1 - HP Security Bulletin HPSBGN03605 1 - A potential vulnerability has been identified in HPE Service Manager. The vulnerability could be exploited remotely to allow disclosure of information. Revision 1 of this advisory.
  6. Ubiquiti airOS Arbitrary File Upload - This Metasploit module exploits a pre-auth file upload to install a new root user to /etc/passwd and an SSH key to /etc/dropbear/authorized_keys. FYI, /etc/{passwd,dropbear/authorized_keys} will be overwritten. /etc/persistent/rc.poststart will be overwritten if PERSIST_ETC is true. This method is used by the "mf" malware infecting these devices.
  7. PowerFolder 10.4.321 Remote Code Execution - PowerFolder version 10.4.321 suffers from a remote code execution vulnerability. Proof of concept exploit included.
  8. AfterLogic WebMail Pro ASP.NET Account Takeover / XXE Injection - AfterLogic WebMail Pro ASP.NET versions prior to 6.2.7 suffer from an administrator account takeover via an XXE injection vulnerability.
  9. Red Hat Security Advisory 2016-1100-01 - Red Hat Security Advisory 2016-1100-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: Two flaws were found in the way the Linux kernel's networking implementation handled UDP packets with incorrect checksum values. A remote attacker could potentially use these flaws to trigger an infinite loop in the kernel, resulting in a denial of service on the system, or cause a denial of service in applications using the edge triggered epoll functionality.
  10. XenAPI For XenForo 1.4.1 SQL Injection - XenAPI for XenForo version 1.4.1 suffers from a remote SQL injection vulnerability.

Packetstorm Tools

  1. Shellsploit Framework Beta 0.3 - Shellsploit lets you generate customized shellcodes, backdoors, and injectors for various operating systems. It also has obfuscation abilities.
  2. Stegano 0.5.4 - Stegano is a basic Python Steganography module. Stegano implements two methods of hiding: using the red portion of a pixel to hide ASCII messages, and using the Least Significant Bit (LSB) technique. It is possible to use a more advanced LSB method based on integers sets. The sets (Sieve of Eratosthenes, Fermat, Carmichael numbers, etc.) are used to select the pixels used to hide the information.
  3. Sunxi Linux Module Backdoor - This is a Linux kernel module that adds a backdoor to a system. Based on sunxi_debug.
  4. pyJoiner Tool Using Tkinter - This is a deviation of the pyJoiner tool using Tkinter.
  5. Stegano 0.5.3 - Stegano is a basic Python Steganography module. Stegano implements two methods of hiding: using the red portion of a pixel to hide ASCII messages, and using the Least Significant Bit (LSB) technique. It is possible to use a more advanced LSB method based on integers sets. The sets (Sieve of Eratosthenes, Fermat, Carmichael numbers, etc.) are used to select the pixels used to hide the information.
  6. Ansvif 1.5 - Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.
  7. Falco 0.1.0 - Sysdig falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.
  8. ifchk 1.0.3 - Ifchk is a network interface promiscuous mode detection tool that reports on the operational state of all configured interfaces present on the system. In addition, it will disable those interfaces found to be promiscuous if told to do so. Per-interface statistics can also be displayed, allowing administrators to perform traffic trend analysis, which could be an aid in the identification of possible inconsistencies or spikes in network traffic volume that may warrant further investigation.
  9. ASP Webshell For IIS 8 - ASP webshell backdoor designed specifically for IIS 8.
  10. PHP Backdoor Collection - This is a collection of PHP backdoors to be used for testing purposes.

Packetstorm Exploits

  1. Oracle ATS Arbitrary File Upload - This Metasploit module exploits an authentication bypass and arbitrary file upload in Oracle Application Testing Suite (OATS), version 12.4.0.2.0 and unknown earlier versions, to upload and execute a JSP shell.
  2. Ubiquiti airOS Arbitrary File Upload - This Metasploit module exploits a pre-auth file upload to install a new root user to /etc/passwd and an SSH key to /etc/dropbear/authorized_keys. FYI, /etc/{passwd,dropbear/authorized_keys} will be overwritten. /etc/persistent/rc.poststart will be overwritten if PERSIST_ETC is true. This method is used by the "mf" malware infecting these devices.
  3. PowerFolder 10.4.321 Remote Code Execution - PowerFolder version 10.4.321 suffers from a remote code execution vulnerability. Proof of concept exploit included.
  4. AfterLogic WebMail Pro ASP.NET Account Takeover / XXE Injection - AfterLogic WebMail Pro ASP.NET versions prior to 6.2.7 suffer from an administrator account takeover via an XXE injection vulnerability.
  5. XenAPI For XenForo 1.4.1 SQL Injection - XenAPI for XenForo version 1.4.1 suffers from a remote SQL injection vulnerability.
  6. MediaLink MWN-WAPR300N Insecure Session - MediaLink router MWN-WAPR300N suffers from multiple session related issues such as not being able to logout and sessions do not time out. Insecure transport is another issue.
  7. Infobae Cross Site Scripting - The Infobae website suffers from multiple cross site scripting vulnerabilities. The author has received no response from them.
  8. Counterfeiting With Cisco IP Communicator - Whitepaper that discusses how Cisco IP Communicator only uses MAC addresses for authentication allowing you to spoof other callers.
  9. JobScript Remote Code Execution - JobScript suffers from an authenticated arbitrary PHP code execution. The vulnerability is caused due to the improper verification of uploaded files in '/admin-ajax.php' script thru the 'name' and 'file' POST parameters. This can be exploited to execute arbitrary PHP code by uploading a malicious PHP script file with '.php' extension (to bypass the '.htaccess' block rule) that will be stored in '/jobmonster/wp-content/uploads/jobmonster/' directory.
  10. Operation Technology ETAP 14.1.0 Stack Buffer Overflow - Multiple ETAP binaries are prone to a stack-based buffer overflow vulnerability because the application fails to handle malformed arguments. Version 14.1.0.0 is affected. An attacker can exploit these issues to execute arbitrary code within the context of the application or to trigger a denial-of-service conditions.

Securiteam Exploits

  1. IBM Storwize V7000 GUI Cross-Frame Scripting Vulnerabilty - IBM Storwize V7000 GUI suffers from cross-frame scripting vulnerability .
  2. MyBB Anonymous Statistics User Information Disclosure Vulnerability - MyBB Anonymous Statistics User suffers from information disclosure vulnerabilty.
  3. Apple IOS App Store Purchase Password Prompt Authorization Bypass Vulnerability - Apple iOS app store purchase password prompt authorization suffers from bypass vulnerability.
  4. Asterisk Crafted 16 Bit SMS Message Handling Remote Overflow DoS Vulnerability - Asterisk crafted 16 bit SMS message handling remote overflow suffers from denial of service vulnerability.
  5. Cisco Adaptive Security Appliance (ASA) DNS Application Layer Protocol Inspection (ALPI) Engine Packet Handling Remote DoS Vulnerability - Cisco Adaptive Security Appliance (ASA) DNS Application Layer Protocol Inspection (ALPI) Engine Packet Handling suffers from remote denial of service vulnerabilty.