Hack Tools/Exploits

Packetstorm Last 10 Files

  1. F5 Big-IP 11.3.0.39.0 XML External Entity Injection #2 - F5 Big-IP version 11.3.0.39.0 suffers from an XML external entity injection vulnerability.
  2. F5 Big-IP 11.3.0.39.0 XML External Entity Injection #1 - F5 Big-IP version 11.3.0.39.0 suffers from an XML external entity injection vulnerability.
  3. HP Security Bulletin HPSBUX03159 SSRT101785 2 - HP Security Bulletin HPSBUX03159 SSRT101785 2 - A potential security vulnerability has been identified in the HP-UX kernel. This vulnerability could allow local users to create a Denial of Service. Revision 2 of this advisory.
  4. Red Hat Security Advisory 2014-1767-01 - Red Hat Security Advisory 2014-1767-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A buffer overflow flaw was found in the Exif extension. A specially crafted JPEG or TIFF file could cause a PHP application using the exif_thumbnail() function to crash or, possibly, execute arbitrary code with the privileges of the user running that PHP application. An integer overflow flaw was found in the way custom objects were unserialized. Specially crafted input processed by the unserialize() function could cause a PHP application to crash.
  5. Red Hat Security Advisory 2014-1768-01 - Red Hat Security Advisory 2014-1768-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A buffer overflow flaw was found in the Exif extension. A specially crafted JPEG or TIFF file could cause a PHP application using the exif_thumbnail() function to crash or, possibly, execute arbitrary code with the privileges of the user running that PHP application. An integer overflow flaw was found in the way custom objects were unserialized. Specially crafted input processed by the unserialize() function could cause a PHP application to crash.
  6. Red Hat Security Advisory 2014-1766-01 - Red Hat Security Advisory 2014-1766-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A buffer overflow flaw was found in the Exif extension. A specially crafted JPEG or TIFF file could cause a PHP application using the exif_thumbnail() function to crash or, possibly, execute arbitrary code. Multiple buffer overflow flaws were found in the way PHP parsed DNS responses. A malicious DNS server or a man-in-the-middle attacker could use these flaws to crash or, possibly, execute arbitrary code with the privileges of a PHP application that uses the dns_get_record() function.
  7. Red Hat Security Advisory 2014-1765-01 - Red Hat Security Advisory 2014-1765-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A buffer overflow flaw was found in the Exif extension. A specially crafted JPEG or TIFF file could cause a PHP application using the exif_thumbnail() function to crash or, possibly, execute arbitrary code. Multiple buffer overflow flaws were found in the way PHP parsed DNS responses. A malicious DNS server or a man-in-the-middle attacker could use these flaws to crash or, possibly, execute arbitrary code with the privileges of a PHP application that uses the dns_get_record() function.
  8. Red Hat Security Advisory 2014-1764-01 - Red Hat Security Advisory 2014-1764-01 - The wget package provides the GNU Wget file retrieval utility for HTTP, HTTPS, and FTP protocols. A flaw was found in the way Wget handled symbolic links. A malicious FTP server could allow Wget running in the mirror mode to write an arbitrary file to a location writable to by the user running Wget, possibly leading to code execution. Note: This update changes the default value of the --retr-symlinks option. The file symbolic links are now traversed by default and pointed-to files are retrieved rather than creating a symbolic link locally.
  9. Red Hat Security Advisory 2014-1762-01 - Red Hat Security Advisory 2014-1762-01 - Red Hat Satellite is a systems management tool for Linux-based infrastructures. It allows for provisioning, monitoring, and remote management of multiple Linux deployments with a single, centralized tool. The spacewalk-java packages contain the code for the Java version of the Spacewalk Web site. Stored and reflected cross-site scripting flaws were found in the way spacewalk-java displayed certain information. By sending a specially crafted request to Satellite, a remote, authenticated attacker could embed HTML content into the stored data, allowing them to inject malicious content into the web page that is used to view that data.
  10. Red Hat Security Advisory 2014-1763-01 - Red Hat Security Advisory 2014-1763-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way the Linux kernel's futex subsystem handled reference counting when requeuing futexes during futex_wait(). A local, unprivileged user could use this flaw to zero out the reference counter of an inode or an mm struct that backs up the memory area of the futex, which could lead to a use-after-free flaw, resulting in a system crash or, potentially, privilege escalation. A NULL pointer dereference flaw was found in the way the Linux kernel's Stream Control Transmission Protocol implementation handled simultaneous connections between the same hosts. A remote attacker could use this flaw to crash the system.

Packetstorm Tools

  1. DAVOSET 1.2.1 - DAVOSET is a tool for committing distributed denial of service attacks using execution on other sites.
  2. FireHOL 2.0.0 - FireHOL a simple yet powerful way to configure stateful iptables firewalls. It can be used for almost any purpose, including control of any number of internal/external/virtual interfaces, control of any combination of routed traffic, setting up DMZ routers and servers, and all kinds of NAT. It provides strong protection (flooding, spoofing, etc.), transparent caches, source MAC verification, blacklists, whitelists, and more. Its goal is to be completely abstracted and powerful but also easy to use, audit, and understand.
  3. TOR Virtual Network Tunneling Tool 0.2.5.10 - Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).
  4. Tor-ramdisk i686 UClibc-based Linux Distribution x86_64 20141022 - Tor-ramdisk is an i686 uClibc-based micro Linux distribution whose only purpose is to host a Tor server in an environment that maximizes security and privacy. Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. Security is enhanced by employing a monolithically compiled GRSEC/PAX patched kernel and hardened system tools. Privacy is enhanced by turning off logging at all levels so that even the Tor operator only has access to minimal information. Finally, since everything runs in ephemeral memory, no information survives a reboot, except for the Tor configuration file and the private RSA key which may be exported/imported by FTP. x86_64 version.
  5. Tor-ramdisk i686 UClibc-based Linux Distribution x86 20141022 - Tor-ramdisk is an i686 uClibc-based micro Linux distribution whose only purpose is to host a Tor server in an environment that maximizes security and privacy. Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. Security is enhanced by employing a monolithically compiled GRSEC/PAX patched kernel and hardened system tools. Privacy is enhanced by turning off logging at all levels so that even the Tor operator only has access to minimal information. Finally, since everything runs in ephemeral memory, no information survives a reboot, except for the Tor configuration file and the private RSA key which may be exported/imported by FTP. x86 version.
  6. OpenSSL 6.7p1 bl0wsshd00r67p1 Backdoor - bl0wsshd00r backdoors OpenSSH 6.7p1 with a magic password for any user, sniffs and records traffic, and mitigates logging to lastlog/wtmp/utmp.
  7. Packet Fence 4.5.0 - PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
  8. TOR Virtual Network Tunneling Tool 0.2.4.25 - Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).
  9. AIEngine 0.10 - AIEngine is a packet inspection engine with capabilities of learning without any human intervention. It helps network/security professionals to identify traffic and develop signatures for use them on NIDS, Firewalls, Traffic classifiers and so on.
  10. WordPress Brute Forcer - This is a python script that performs brute forcing against WordPress installs using a wordlist.

Packetstorm Exploits

  1. F5 Big-IP 11.3.0.39.0 XML External Entity Injection #2 - F5 Big-IP version 11.3.0.39.0 suffers from an XML external entity injection vulnerability.
  2. F5 Big-IP 11.3.0.39.0 XML External Entity Injection #1 - F5 Big-IP version 11.3.0.39.0 suffers from an XML external entity injection vulnerability.
  3. MAARCH 1.4 Arbitrary File Upload - MAARCH version 1.4 suffers from a remote shell upload vulnerability.
  4. MAARCH 1.4 SQL Injection - MAARCH version 1.4 suffers from a remote SQL injection vulnerability.
  5. IBM Tivoli Monitoring 6.2.2 kbbacf1 Privilege Escalation - IBM Tivoli Monitoring version 6.2.2 kbbacf1 privilege escalation exploit.
  6. Konke Smart Plug Authentication Bypass - Konke Smart Plug suffers from an authentication bypass vulnerability.
  7. EspoCRM 2.5.2 XSS / LFI / Access Control - EspoCRM version 2.5.2 suffers from cross site scripting, local file inclusion, and improper access control vulnerabilities.
  8. Confluence RefinedWiki Original Theme Cross Site Scripting - Confluence RefinedWiki Original Theme versions 3.x through 4.0.x suffer from a persistent cross site scripting vulnerability.
  9. Joomla RD Download SQL Injection - Joomla RD Download component suffers from a remote SQL injection vulnerability.
  10. Nuevolabs Nuevoplayer For Clipshare SQL Injection - Nuevolabs Nuevoplayer for Clipshare suffer from privilege escalation and remote SQL injection vulnerabilities.

Securiteam Exploits

  1. Microsoft Internet Explorer 7 Denial Of Service Vulnerabilities - Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability
  2. Microsoft Internet Explorer Denial Of Service Vulnerabilities - Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability
  3. Multiple Cobham Products Information Disclosure Vulnerabilities - Cobham SAILOR 900 VSAT; SAILOR FleetBroadBand 150, 250, and 500; EXPLORER BGAN; and AVIATOR 200, 300, 350, and 700D devices do not properly restrict password recovery, which allows attackers to obtain administrative privileges by leveraging physical access or terminal access to spoof a reset code.
  4. OpenStack Neutron L3-Agent Remote Denial Of Service Vulnerabilities - The L3-agent in OpenStack Neutron before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2 allows remote authenticated users to cause a denial of service (IPv4 address attachment outage) by attaching an IPv6 private subnet to a L3 router.
  5. Oracle Java SE 6u75 Remote Security Code Execution Vulnerabilities - vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality and integrity via vectors related to JMX.