Hack Tools/Exploits

Packetstorm Last 10 Files

  1. EMC Avamar Missing Certificate Validation - EMC Avamar contains a security vulnerability that may potentially be leveraged by a malicious user to obtain sensitive information when performing a backup or restore operation relating to the vCenter Server. EMC Avamar VMware image and File Level Restore (FLR) proxies do not verify SSL certificates properly when presented by vCenter and may be vulnerable to man-in-the-middle attacks. This vulnerability may potentially be exploited to obtain sensitive information when performing backup and restore operations relating to the vCenter Server. EMC Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) 6.x and 7.0.x are affected.
  2. Unisphere Central Redirect / Access Bypass / DoS / Updates - Unisphere Central versions prior to 4.0 suffer from a large amount of security vulnerabilities and an update has been released that includes a fix for an unvalidated redirect issue along with various embedded component vulnerabilities.
  3. Asus RT-N10 Plus Cross Site Scripting - Asus RT-N10 Plus with firmware version 2.1.1.1.70 suffers from a cross site scripting vulnerability.
  4. VMware Security Advisory 2015-0002 - VMware Security Advisory 2015-0002 - VMware vSphere Data Protection product update addresses a certificate validation vulnerability.
  5. Debian Security Advisory 3145-1 - Debian Linux Security Advisory 3145-1 - Multiple vulnerabilities were discovered in Privoxy, a privacy enhancing HTTP proxy, which might result in denial of service.
  6. Debian Security Advisory 3144-1 - Debian Linux Security Advisory 3144-1 - Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in the execution of arbitrary code, information disclosure or denial of service.
  7. HP Security Bulletin HPSBOV03226 2 - HP Security Bulletin HPSBOV03226 2 - Potential security vulnerabilities have been identified with the TCP/IP Services for OpenVMS BIND 9 Resolver. These vulnerabilities could be remotely exploited to cause a Denial of Service (DoS) and other vulnerabilities. NOTE: These vulnerabilities impact OpenVMS TCP/IP BIND servers only. No update is required for BIND clients. Revision 2 of this advisory.
  8. Debian Security Advisory 3146-1 - Debian Linux Security Advisory 3146-1 - Jakub Wilk discovered that in requests, an HTTP library for the Python language, authentication information was improperly handled when a redirect occurred. This would allow remote servers to obtain two Proxy-Authorization header (CVE-2014-1830), or netrc passwords from the Authorization header (CVE-2014-1829).
  9. Debian Security Advisory 3147-1 - Debian Linux Security Advisory 3147-1 - Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in the execution of arbitrary code, information disclosure or denial of service.
  10. Symantec Encryption Management Server Remote Command Injection - Symantec Encryption Management Server versions prior to 3.2.0 MP6 suffers from a remote command injection vulnerability.

Packetstorm Tools

  1. Hadoop User Experience Password Cracker - Hadoop User Experience password cracking script. Written in Python.
  2. Clam AntiVirus Toolkit 0.98.6 - Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.
  3. Bro Network Security Monitor 2.3.2 - Bro is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Bro provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Bro has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Bro's user community includes major universities, research labs, supercomputing centers, and open-science communities.
  4. OpenSSL Toolkit 1.0.2 - OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.
  5. Tor-ramdisk i686 UClibc-based Linux Distribution x86 20150114 - Tor-ramdisk is an i686 uClibc-based micro Linux distribution whose only purpose is to host a Tor server in an environment that maximizes security and privacy. Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. Security is enhanced by employing a monolithically compiled GRSEC/PAX patched kernel and hardened system tools. Privacy is enhanced by turning off logging at all levels so that even the Tor operator only has access to minimal information. Finally, since everything runs in ephemeral memory, no information survives a reboot, except for the Tor configuration file and the private RSA key which may be exported/imported by FTP. x86_64 version.
  6. oclHashcat For NVidia 1.32 - oclHashcat is an advanced GPU hash cracking utility that includes the World's fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker. It also has the first and only GPGPU-based rule engine, focuses on highly iterated modern hashes, single dictionary-based attacks, and more. NVidia version.
  7. oclHashcat+ Advanced GPU Hash Cracking Utility 1.32 - oclHashcat is an advanced GPU hash cracking utility that includes the World's fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker. It also has the first and only GPGPU-based rule engine, focuses on highly iterated modern hashes, single dictionary-based attacks, and more. NVidia version.
  8. OpenSSL Toolkit 1.0.1l - OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.
  9. Suricata IDPE 2.0.6 - Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.
  10. KeySweeper Stealth Logger - KeySweeper is a stealthy Arduino-based device, camouflaged as a functioning USB wall charger, that wirelessly and passively sniffs, decrypts, logs and reports back (over GSM) all keystrokes from any Microsoft wireless keyboard in the vicinity.

Packetstorm Exploits

  1. Asus RT-N10 Plus Cross Site Scripting - Asus RT-N10 Plus with firmware version 2.1.1.1.70 suffers from a cross site scripting vulnerability.
  2. Symantec Encryption Management Server Remote Command Injection - Symantec Encryption Management Server versions prior to 3.2.0 MP6 suffers from a remote command injection vulnerability.
  3. NPDS CMS Revolution-13 SQL Injection - NPDS CMS Revolution-13 suffers from a remote SQL injection vulnerability.
  4. McAfee Data Loss Prevention Endpoint Privilege Escalation - McAfee Data Loss Prevention Endpoint version 9.3.200.23 suffers from an arbitrary write privilege escalation vulnerability.
  5. Kaseya Browser 7.0 Android Path Traversal - This advisory details a vulnerability found within Kaseya Browser Android application. A path traversal vulnerability was discovered within an exported content provider, resulting in the disclosure of arbitrary files, including internal application files.
  6. MantisBT 1.2.17 XSS / Improper Access Control / SQL Injection - MantisBT version 1.2.17 suffers from improper access control, cross site scripting, and remote SQL injection vulnerabilities.
  7. Kaseya BYOD Gateway 7.0.2 SSL Certificate Validation / Redirection - This advisory details multiple vulnerabilities found within the Kaseya BYOD Gateway software. By chaining a combination of lacking SSL verification, poor authentication mechanisms and arbitrary redirection vulnerabilities, a malicious entity may potentially compromise any Kaseya BYOD installation. The Kaseya BYOD Gateway software uses a redirection feature, wherein users are redirected to their local Kaseya installation via Kaseya's hosted servers. The update request from the BYOD Gateway software to the Kaseya hosted servers was not found to verify SSL certificates and fails to implement any form of authentication, instead relying on the length of the gateway identifier to provide security. Thus, the security of the solution depends on an attacker's ability to enumerate the gateway identifier. Once a malicious user enumerates the Gateway identifier, then they may update the redirect rule for that customer in Kaseya's hosted servers, redirecting customers to a malicious Kaseya BYOD Gateway. Version 7.0.2 is affected.
  8. ManageEngine Firewall Analyzer 8.0 Directory Traversal / XSS - ManageEngine Firewall Analyzer versions 8.0 and below suffer from cross site scripting and directory traversal vulnerabilities.
  9. AirWatch Direct Object Reference - Multiple direct object reference vulnerabilities were found within the AirWatch cloud console. VMWare advised that these issues also affect on-premise AirWatch deployments. A malicious AirWatch user may leverage several direct object references to gain access to information regarding other AirWatch customers using the AirWatch cloud. This includes viewing groups and downloading private APKs belonging to other organizations.
  10. UniPDF 1.1 Buffer Overflow / Denial Of Service - UniPDF version 1.1 suffers from a buffer overflow vulnerability. This is a SEH overwrite denial of service proof of concept exploit.

Securiteam Exploits

  1. 389 Directory Server Information Disclosure Vulnerabilities - Red Hat Directory Server 8 and 389 Directory Server, when debugging is enabled, allows remote attackers to obtain sensitive replicated metadata by searching the directory.
  2. AlienVault OSSIM And Unified Security Management 'newpolicyform.php' SQL Injection Vulnerabilities - SQL injection vulnerability in AlienVault OSSIM before 4.7.0 allows remote authenticated users to execute arbitrary SQL commands
  3. Apple Mac OS X 10.9.5 Arbitrary Code Execution Vulnerabilities - integrated graphics driver routine in the Intel Graphics Driver subsystem in Apple OS X before 10.9.5 does not properly validate calls, which allows attackers to execute arbitrary code in a privileged context via a crafted application
  4. Apple TV 7 And IOS NULL Pointer Dereference Denial Of Service Vulnerabilities - The IntelAccelerator driver in the IOAcceleratorFamily subsystem in Apple iOS before 8 and Apple TV before 7 allows attackers to cause a denial of service (NULL pointer dereference and device restart) via a crafted application.
  5. Cisco IOS XR Software TACACS Packet Parsing Denial Of Service Vulnerabilities - tacacsd in Cisco IOS XR 5.1 and earlier allows remote attackers to cause a denial of service (process reload) via a malformed TACACS+ packet, aka Bug ID CSCum00468.