Hack Tools/Exploits

Packetstorm Last 10 Files

  1. TOR Virtual Network Tunneling Tool 0.2.5.10 - Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).
  2. EMC Avamar Sensitive Information Disclosure - EMC Avamar server contains a vulnerability that may allow remote Avamar client user to retrieve sensitive account credentials from affected Avamar server using Java API calls. No authentication to Avamar server is required for this potential attack. Exposed information includes MCUser and GSAN account passwords of all grid systems that are being monitored in EMC Avamar Enterprise Manager. EMC Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) 6.x and 7.0.x up to and including 7.0.2-43 are affected.
  3. EMC Avamar Weak Password Storage - EMC ADS/AVE Password hardening package uses the DES-based traditional Unix crypt scheme that may be susceptible to brute force and dictionary attacks if the hashes are obtained by an adversary. The hardening package is an optional package and installed separately. Affected includes EMC Avamar Data Store (ADS) GEN4(S) and Avamar Virtual Edition (AVE) running Avamar 6.0.x, 6.1.x, and 7.0.x running with optional Password hardening package earlier than version 2.0.0.4.
  4. EMC NetWorker Module For MEDITECH (NMMEDI) Information Disclosure - A vulnerability exists in the EMC NetWorker Module for MEDITECH when used with EMC RecoverPoint that could potentially allow exposure of sensitive information. EMC NetWorker Module for MEDITECH (NMMEDI) version 3.0 builds 87-90 are affected.
  5. Apple Security Advisory 2014-10-22-1 - Apple Security Advisory 2014-10-22-1 - QuickTime 7.7.6 is now available and addresses memory corruption and buffer overflow vulnerabilities.
  6. Mandriva Linux Security Advisory 2014-203 - Mandriva Linux Security Advisory 2014-203 - OpenSSL has added support for TLS_FALLBACK_SCSV to allow applications to block the ability for a MITM attacker to force a protocol downgrade. Some client applications will reconnect using a downgraded protocol to work around interoperability bugs in older servers. This could be exploited by an active man-in-the-middle to downgrade connections to SSL 3.0 even if both sides of the connection support higher protocols. SSL 3.0 contains a number of weaknesses including POODLE. When an OpenSSL SSL/TLS/DTLS server receives a session ticket the integrity of that ticket is first verified. In the event of a session ticket integrity check failing, OpenSSL will fail to free memory causing a memory leak. By sending a large number of invalid session tickets an attacker could exploit this issue in a Denial Of Service attack. The updated packages have been upgraded to the 1.0.0o version where these security flaws has been fixed.
  7. Mandriva Linux Security Advisory 2014-204 - Mandriva Linux Security Advisory 2014-204 - A denial of service flaw was found in libxml2, a library providing support to read, modify and write XML and HTML files. A remote attacker could provide a specially crafted XML file that, when processed by an application using libxml2, would lead to excessive CPU consumption based on excessive entity substitutions, even if entity substitution was disabled, which is the parser default behavior. The updated packages have been patched to correct this issue.
  8. Mandriva Linux Security Advisory 2014-202 - Mandriva Linux Security Advisory 2014-202 - A heap corruption issue was reported in PHP's exif_thumbnail() function. A specially-crafted JPEG image could cause the PHP interpreter to crash or, potentially, execute arbitrary code. The updated php packages have been upgraded to the 5.5.18 version resolve this security flaw. Additionally, php-apc has been rebuilt against the updated php packages.
  9. Mandriva Linux Security Advisory 2014-209 - Mandriva Linux Security Advisory 2014-209 - Multiple vulnerabilities has been discovered and corrected in java-1.7.0-openjdk. The updated packages provides a solution for these security issues.
  10. Mandriva Linux Security Advisory 2014-208 - Mandriva Linux Security Advisory 2014-208 - In phpMyAdmin before 4.2.10.1, with a crafted database or table name it is possible to trigger an XSS in SQL debug output when enabled and in server monitor page when viewing and analysing executed queries.

Packetstorm Tools

  1. TOR Virtual Network Tunneling Tool 0.2.5.10 - Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).
  2. Tor-ramdisk i686 UClibc-based Linux Distribution x86_64 20141022 - Tor-ramdisk is an i686 uClibc-based micro Linux distribution whose only purpose is to host a Tor server in an environment that maximizes security and privacy. Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. Security is enhanced by employing a monolithically compiled GRSEC/PAX patched kernel and hardened system tools. Privacy is enhanced by turning off logging at all levels so that even the Tor operator only has access to minimal information. Finally, since everything runs in ephemeral memory, no information survives a reboot, except for the Tor configuration file and the private RSA key which may be exported/imported by FTP. x86_64 version.
  3. Tor-ramdisk i686 UClibc-based Linux Distribution x86 20141022 - Tor-ramdisk is an i686 uClibc-based micro Linux distribution whose only purpose is to host a Tor server in an environment that maximizes security and privacy. Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. Security is enhanced by employing a monolithically compiled GRSEC/PAX patched kernel and hardened system tools. Privacy is enhanced by turning off logging at all levels so that even the Tor operator only has access to minimal information. Finally, since everything runs in ephemeral memory, no information survives a reboot, except for the Tor configuration file and the private RSA key which may be exported/imported by FTP. x86 version.
  4. OpenSSL 6.7p1 bl0wsshd00r67p1 Backdoor - bl0wsshd00r backdoors OpenSSH 6.7p1 with a magic password for any user, sniffs and records traffic, and mitigates logging to lastlog/wtmp/utmp.
  5. Packet Fence 4.5.0 - PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
  6. TOR Virtual Network Tunneling Tool 0.2.4.25 - Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).
  7. AIEngine 0.10 - AIEngine is a packet inspection engine with capabilities of learning without any human intervention. It helps network/security professionals to identify traffic and develop signatures for use them on NIDS, Firewalls, Traffic classifiers and so on.
  8. WordPress Brute Forcer - This is a python script that performs brute forcing against WordPress installs using a wordlist.
  9. OpenSSL Toolkit 1.0.1j - OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.
  10. Lynis Auditing Tool 1.6.3 - Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.

Packetstorm Exploits

  1. MyBB MyBBlog 1.0 Cross Site Scripting - MyBB MyBBlog plugin version 1.0 suffers from a cross site scripting vulnerability. Note that this finding houses site-specific data.
  2. Centreon SQL / Command Injection - This Metasploit module exploits several vulnerabilities on Centreon 2.5.1 and prior and Centreon Enterprise Server 2.2 and prior. Due to a combination of SQL injection and command injection in the displayServiceStatus.php component, it is possible to execute arbitrary commands as long as there is a valid session registered in the centreon.session table. In order to have a valid session, all it takes is a successful login from anybody. The exploit itself does not require any authentication. This Metasploit module has been tested successfully on Centreon Enterprise Server 2.2.
  3. OpenBSD 5.5 Local Kernel Panic - OpenBSD versions 5.5 and below local kernel panic proof of concept exploit for i386.
  4. Dell SonicWall GMS 7.2.x Script Insertion - Dell SonicWall GMS version 7.2.x suffers from a script insertion vulnerability.
  5. WordPress CP Multi View Event Calendar 1.01 SQL Injection - WordPress CP Multi View Event Calendar plugin version 1.01 suffers from a remote SQL injection vulnerability.
  6. WordPress / Joomla Creative Contact Form 0.9.7 Shell Upload - WordPress / Joomla Creative Contact Form plugin versions 0.9.7 and below suffer from a remote shell upload vulnerability.
  7. Free WMA MP3 Converter 1.8 SEH Buffer Overflow - Free WMA MP3 Converter version 1.8 SEH buffer overflow exploit.
  8. Free WMA MP3 Converter 1.8 Buffer Overflow - Free WMA MP3 Converter version 1.8 buffer overflow exploit.
  9. Wonderful World-Wide CMS SQL Injection / Default Credentials - Wonderful World-Wide CMS suffers from having default administrative credentials and a remote SQL injection vulnerability.
  10. iFunBox Free 1.1 Local File Inclusion - iFunBox Free version 1.1 suffers from a local file inclusion vulnerability.

Securiteam Exploits

  1. IBM WebSphere Service Registry And Repository Cross-Site Scripting Vulnerability - Cross-site scripting (XSS) vulnerability in the Web UI in IBM WebSphere Service Registry and Repository (WSRR) 6.2, 6.3 before 6.3.0.6, 7.0 before 7.0.0.6, 7.5 before 7.5.0.5, and 8.0 before 8.0.0.3 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
  2. Microsoft Debug Interface Access SDK 'msdia.dll' Memory Corruption Vulnerability - Microsoft Debug Interface Access SDK is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the current process. Failed attacks will cause denial-of-service conditions.
  3. Oracle Supply Chain Products Suite 9.3.3.0 Information Disclosure Vulnerability - Unspecified vulnerability in the Oracle Agile PLM Framework component in Oracle Supply Chain Products Suite 9.3.3.0 allows remote authenticated users to affect confidentiality via unknown vectors related to Security.
  4. Python Commandline Symlink Attack Vulnerability - Python Image Library (PIL) 1.1.7 and earlier and Pillow before 2.3.1 uses the names of temporary files on the command line, which makes it easier for local users to conduct symlink attacks by listing the processes.
  5. Apache CloudStack Authentication Bypass Vulnerability - Apache CloudStack is prone to a security-bypass vulnerability. Successful exploits will allow attackers to bypass certain security restrictions, which may aid in further attacks.