Hack Tools/Exploits

Packetstorm Last 10 Files

  1. Fwknop Port Knocking Utility 2.6.5 - fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap.
  2. APT - Incident Response Methodologies And Effectiveness - This Whitepaper discusses various incident response methodologies in the context of Advance Persistent Threats.
  3. Red Hat Security Advisory 2014-2009-01 - Red Hat Security Advisory 2014-2009-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way the Linux kernel handled GS segment register base switching when recovering from a #SS fault on an erroneous return to user space. A local, unprivileged user could use this flaw to escalate their privileges on the system.
  4. Red Hat Security Advisory 2014-2008-01 - Red Hat Security Advisory 2014-2008-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way the Linux kernel handled GS segment register base switching when recovering from a #SS fault on an erroneous return to user space. A local, unprivileged user could use this flaw to escalate their privileges on the system.
  5. FreeBSD Security Advisory - unbound Denial Of Service - FreeBSD Security Advisory - By causing queries to be made against a maliciously-constructed zone or against a malicious DNS server, an attacker who is able to cause specific queries to be sent to a nameserver can trick unbound(8) resolver into following an endless series of delegations, which consumes a lot of resources.
  6. W3 Total Cache 0.9.4 Cross Site Scripting - W3 Total Cache version 0.9.4 suffers from a cross site scripting vulnerability.
  7. Jease CMS 2.11 Script Insertion - Jease CMS version 2.11 suffers from a malicious script insertion vulnerability.
  8. Morfy CMS 1.05 Remote Command Execution - Morfy CMS version 1.05 suffers from a remote command execution vulnerability.
  9. WordPress Bird Feeder 1.2.3 CSRF / XSS - WordPress Bird Feeder plugin version 1.2.3 suffers from cross site request forgery and cross site scripting vulnerabilities.
  10. Revive Adserver 3.0.5 Cross Site Scripting - Revive Adserver version 3.0.5 suffers from a cross site scripting vulnerability.

Packetstorm Tools

  1. Fwknop Port Knocking Utility 2.6.5 - fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap.
  2. UFONet 0.4b - UFONet is a tool designed to launch DDoS attacks against a target, using open redirection vectors on third party web applications.
  3. Suricata IDPE 2.0.5 - Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.
  4. PuttyRider DLL Injection - PuttyRider is a tool for performing dll injection of Putty and allows an attacker to inject Linux commands.
  5. NIELD (Network Interface Events Logging Daemon) 0.6.0 - Network Interface Events Logging Daemon is a tool that receives notifications from the kernel through the netlink socket and generates logs related to link state, neighbor cache (ARP,NDP), IP address (IPv4,IPv6), route, FIB rules, and traffic control.
  6. Hydra Network Logon Cracker 8.1 - THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.
  7. THC Smartbrute 1.0 - THC-smartbrute is a smart card instruction bruteforcing tool.
  8. I2P 0.9.17 - I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version.
  9. SSLsplit 0.4.10 - SSLsplit is a tool for man-in-the-middle attacks against SSL/TLS encrypted network connections. Connections are transparently intercepted through a network address translation engine and redirected to SSLsplit. SSLsplit terminates SSL/TLS and initiates a new SSL/TLS connection to the original destination address, while logging all data transmitted. SSLsplit is intended to be useful for network forensics and penetration testing.
  10. Responder 2.1.3 - Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication.

Packetstorm Exploits

  1. W3 Total Cache 0.9.4 Cross Site Scripting - W3 Total Cache version 0.9.4 suffers from a cross site scripting vulnerability.
  2. Jease CMS 2.11 Script Insertion - Jease CMS version 2.11 suffers from a malicious script insertion vulnerability.
  3. Morfy CMS 1.05 Remote Command Execution - Morfy CMS version 1.05 suffers from a remote command execution vulnerability.
  4. WordPress Bird Feeder 1.2.3 CSRF / XSS - WordPress Bird Feeder plugin version 1.2.3 suffers from cross site request forgery and cross site scripting vulnerabilities.
  5. Revive Adserver 3.0.5 Cross Site Scripting - Revive Adserver version 3.0.5 suffers from a cross site scripting vulnerability.
  6. Revive Adserver 3.0.5 Cross Site Scripting / Denial Of Service - Revive Adserver versions 3.0.5 and below suffer from cross site scripting and denial of service vulnerabilities.
  7. E-Journal 1.0 Shell Upload / SQL Injection - E-Journal version 1.0 suffers from remote shell upload, privilege escalation, and remote SQL injection vulnerabilities.
  8. vBulletin Moderator Control Panel 4.2.2 CSRF - The moderator control panel in vBulletin version 4.2.2 suffers from a cross site request forgery vulnerability.
  9. Mediacoder 0.8.33 Build 5680 Buffer Overflow / DoS - Mediacoder version 0.8.33 build 5680 buffer overflow proof of concept exploits that cause a denial of service.
  10. Jaangle 0.98i.977 Denial Of Service - Jaangle version 0.98i.977 proof of concept denial of service exploit.

Securiteam Exploits

  1. Apple OS X Memory Corruption And Application Crash Vulnerabilities - iBooks Commerce in Apple OS X before 10.9.4 places Apple ID credentials in the iBooks log, which allows local users to obtain sensitive information by reading this file.
  2. Cisco Small Business SPA300 And SPA500 Series IP Phones Local Code Execution Vulnerabilities - The debug console interface on Cisco Small Business SPA300 and SPA500 phones does not properly perform authentication, which allows local users to execute arbitrary debug-shell commands, or read or modify data in memory or a filesystem, via direct access to this interface
  3. Cisco Unified Communications Manager Command Injection Vulnerabilities - The CTIManager module in Cisco Unified Communications Manager (CM) 10.0(1), when single sign-on is enabled, does not properly validate Kerberos SSO tokens, which allows remote authenticated users to gain privileges and execute arbitrary commands via crafted token data
  4. Cisco Unity Connection Remote Security Code Execution Vulnerabilities - The server in Cisco Unity Connection 9.1(1) and 9.1(2) allows remote authenticated users to obtain privileged access by conducting an "HTTP Intercept" attack and leveraging the ability to read files within the context of the web-server user account
  5. FoeCMS Multiple Input Validation Via The I Parameter Vulnerabilities - SQL injection vulnerability in index.php in FoeCMS allows remote attackers to execute arbitrary SQL commands via the i parameter.