Hack Tools/Exploits

Packetstorm Last 10 Files

  1. SAP Router Password Timing Attack - Core Security Technologies Advisory - SAP Router is an application-level gateway used to connect systems in a SAP infrastructure. A vulnerability have been found in SAP Router that could allow an unauthenticated remote attacker to obtain passwords used to protect route entries by a timing side-channel attack.
  2. EMC Cloud Tiering Appliance XXE / Information Disclosure - EMC CTA is vulnerable to XML External Entity (XXE) and information disclosure vulnerabilities that may allow a remote malicious user to compromise the affected system. Affected includes EMC Cloud Tiering Appliance (CTA) versions 9.x, 10, and 10 SP1 and EMC File Management Appliance (FMA) version 7.x.
  3. Nmap Port Scanner 6.45 - Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings.
  4. MobFox mAdserver 2.0 SQL Injection - MobFox mAdserver version 2.0 suffers from a remote SQL injection vulnerability.
  5. WinSCP 5.5.2.4130 Missing X.509 Validation - WinSCP version 5.5.2.4130 does not checking the "Common Name" of an X.509 certificate when FTP with TLS is used.
  6. Ektron CMS 8.7 Cross Site Scripting - Ektron CMS version 8.7 suffers from a cross site scripting vulnerability.
  7. HP Security Bulletin HPSBMU02999 - HP Security Bulletin HPSBMU02999 - A potential vulnerability exists in HP Autonomy WorkSite Server (on-premises software) running OpenSSL. The vulnerability can be exploited to allow remote disclosure of information. The Heartbleed vulnerability was detected in specific OpenSSL versions. OpenSSL is a 3rd party product that is embedded with some of HP Software products. This bulletin objective is to notify HP Software customers about products affected by the Heartbleed vulnerability. Note: The Heartbleed vulnerability (CVE-2014-0160) is a vulnerability found in the OpenSSL product cryptographic software library product. This weakness potentially allows disclosure of information protected, under normal conditions, by the SSL/TLS protocol. The impacted products appear in the list below are vulnerable due to embedding OpenSSL standard release software. Revision 1 of this advisory.
  8. HP Security Bulletin HPSBUX03001 SSRT101382 - HP Security Bulletin HPSBUX03001 SSRT101382 - A potential security vulnerability has been identified with the HP-UX Whitelisting (WLI) product. The vulnerability could be exploited locally resulting system integrity compromises. Revision 1 of this advisory.
  9. Debian Security Advisory 2905-1 - Debian Linux Security Advisory 2905-1 - Several vulnerabilities were discovered in the chromium web browser.
  10. Red Hat Security Advisory 2014-0408-01 - Red Hat Security Advisory 2014-0408-01 - The java-1.6.0-openjdk packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Java Software Development Kit. An input validation flaw was discovered in the medialib library in the 2D component. A specially crafted image could trigger Java Virtual Machine memory corruption when processed. A remote attacker, or an untrusted Java application or applet, could possibly use this flaw to execute arbitrary code with the privileges of the user running the Java Virtual Machine. Multiple flaws were discovered in the Hotspot and 2D components in OpenJDK. An untrusted Java application or applet could use these flaws to trigger Java Virtual Machine memory corruption and possibly bypass Java sandbox restrictions.

Packetstorm Tools

  1. Nmap Port Scanner 6.45 - Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings.
  2. Fwknop Port Knocking Utility 2.6.1 - fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap.
  3. OpenDNSSEC 1.4.5 - OpenDNSSEC is software that manages the security of domain names on the Internet. The project intends to drive adoption of Domain Name System Security Extensions (DNSSEC) to further enhance Internet security.
  4. Tor-ramdisk i686 UClibc-based Linux Distribution x86 20140409 - Tor-ramdisk is an i686 uClibc-based micro Linux distribution whose only purpose is to host a Tor server in an environment that maximizes security and privacy. Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. Security is enhanced by employing a monolithically compiled GRSEC/PAX patched kernel and hardened system tools. Privacy is enhanced by turning off logging at all levels so that even the Tor operator only has access to minimal information. Finally, since everything runs in ephemeral memory, no information survives a reboot, except for the Tor configuration file and the private RSA key which may be exported/imported by FTP. x86_64 version.
  5. Lynis Auditing Tool 1.5.0 - Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.
  6. Zed Attack Proxy 2.3.0 Windows Installer - The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. Windows installer.
  7. Zed Attack Proxy 2.3.0 Linux Release - The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. Linux release.
  8. Zed Attack Proxy 2.3.0 Mac OS X Release - The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. Mac OS X release.
  9. sn00p 0.8 - sn00p is a modular tool written in bourne shell and designed to chain and automate security tools and tests. It parses target definitions from the command line and runs corresponding modules afterwards. sn00p can also parse a given nmap logfile for open tcp and udp ports. All results will be logged in specified directories and a report can subsequently be generated.
  10. DNS Spider Multithreaded Bruteforcer 0.5 - DNS Spider is a multithreaded bruteforcer of subdomains that leverages a wordlist and/or character permutation.

Packetstorm Exploits

  1. SAP Router Password Timing Attack - Core Security Technologies Advisory - SAP Router is an application-level gateway used to connect systems in a SAP infrastructure. A vulnerability have been found in SAP Router that could allow an unauthenticated remote attacker to obtain passwords used to protect route entries by a timing side-channel attack.
  2. MobFox mAdserver 2.0 SQL Injection - MobFox mAdserver version 2.0 suffers from a remote SQL injection vulnerability.
  3. Ektron CMS 8.7 Cross Site Scripting - Ektron CMS version 8.7 suffers from a cross site scripting vulnerability.
  4. CMS Studio Cross Site Scripting - CMS Studio suffers from a cross site scripting vulnerability.
  5. MS14-012 Microsoft Internet Explorer CMarkup Use-After-Free - This Metasploit module exploits an use after free condition on Internet Explorer as used in the wild on the "Operation SnowMan" in February 2014. The module uses Flash Player 12 in order to bypass ASLR and finally DEP.
  6. WebTitan 4.01 Command Execution / Directory Traversal - WebTitan version 4.01 suffers from remote command execution and directory traversal vulnerabilities.
  7. Unitrends Unauthenticated Root Command Execution - This Metasploit module exploits a remote command execution vulnerability in Unitrends Enterprise Backup version 7.3.0.
  8. Xerox DocuShare SQL Injection - Xerox DocuShare suffers from a remote SQL injection vulnerability.
  9. lxml Filter Bypass - clean_html in the lxml Python library can be bypassed with non-printable characters.
  10. Joomla SMF Cross Site Scripting - The Joomla SMF component suffers from a cross site scripting vulnerability.

Securiteam Exploits

  1. CPanel WHM Forced CPAddons Upgrade Remote Password Disclosure Vulnerability - cPanel WHM forced cPAddons upgrade remote suffers from password disclosure vulnerability.
  2. Cybozu Garoon Keitai Feature Crafted Request User ID Manipulation Authentication Bypass Vulnerability - Cybozu garoon keitai feature crafted request user ID manipulation suffers from authentication bypass vulnerability.
  3. FFmpeg / Libav Libavcodec/mjpegdec.c Ff_mjpeg_decode_sof Function Uninitialized Memory Issue Vulnerability - FFmpeg / libav libavcodec/mjpegdec.c Ff_mjpeg_decode_sof function suffers from uninitialized memory Issue vulnerability.
  4. HP Application Information Optimizer Archive Query Server Remote Code Execution Vulnerability - HP application information optimizer archive query server remote code suffers from execution vulnerability.
  5. IBM Multiple Products Multiple Reflected XSS Vulnerability - IBM Multiple products multiple reflected suffers from cross site scripting vulnerability