Hack Tools/Exploits


Packetstorm Last 10 Files

  1. Mobius Forensic Toolkit 0.5.25 - Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.
  2. HP Security Bulletin HPSBGN03630 1 - HP Security Bulletin HPSBGN03630 1 - A vulnerability in Apache Commons Collections (ACC) for handling Java object deserialization was addressed in the AdminUI of HP Operations Manager for Unix, Solaris and Linux. The vulnerability could be exploited remotely to allow remote code execution. Revision 1 of this advisory.
  3. Reprise License Manager "akey" Buffer Overflow - Secunia Research have discovered a vulnerability in Reprise License Manager (RLM), which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error when handling the "akey" POST parameter related to /goform/activate_doit, which can be exploited to cause a stack-based buffer overflow via a specially crafted HTTP request. Successful exploitation of the vulnerability may allow execution of arbitrary code. Affected include Reprise License Manager versions 12.0BL2, 12.1BL2, and 12.1BL3.
  4. Reprise License Manager "actserver" Buffer Overflow - Secunia Research have discovered a vulnerability in Reprise License Manager (RLM), which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error when handling the "actserver" POST parameter related to /goform/activate_doit, which can be exploited to cause a stack-based buffer overflow via a specially crafted HTTP request. Successful exploitation of the vulnerability may allow execution of arbitrary code. Affected includes Reprise License Manager version 12.0BL2.
  5. PHP gettext 1.0.12 Code Execution - PHP gettext.php versions 1.0.12 and below suffer from an unauthenticated code execution vulnerability.
  6. Drupal CODER Module Remote Command Execution - This Metasploit module exploits a Remote Command Execution vulnerability in Drupal CODER Module. Unauthenticated users can execute arbitrary command under the context of the web server user. CODER module doesn't sufficiently validate user inputs in a script file that has the php extension. A malicious unauthenticated user can make requests directly to this file to execute arbitrary command. The module does not need to be enabled for this to be exploited This Metasploit module was tested against CODER 2.5 with Drupal 7.5 installation on Ubuntu server.
  7. FreeBSD Security Advisory - FreeBSD-SA-16:25.bspatch - FreeBSD Security Advisory - The implementation of bspatch does not check for a negative value on numbers of bytes read from the diff and extra streams, allowing an attacker who can control the patch file to write at arbitrary locations in the heap. This issue was first discovered by The Chromium Project and reported independently by Lu Tung-Pin to the FreeBSD project. An attacker who can control the patch file can cause a crash or run arbitrary code under the credentials of the user who runs bspatch, in many cases, root.
  8. Debian Security Advisory 3628-1 - Debian Linux Security Advisory 3628-1 - Multiple vulnerabilities were discovered in the implementation of the Perl programming language.
  9. Red Hat Security Advisory 2016-1481-01 - Red Hat Security Advisory 2016-1481-01 - MariaDB is a multi-user, multi-threaded SQL database server. For all practical purposes, MariaDB is binary-compatible with MySQL. The following packages have been upgraded to a newer upstream version: mariadb55-mariadb. Security Fix: It was found that the MariaDB client library did not properly check host names against server identities noted in the X.509 certificates when establishing secure connections using TLS/SSL. A man-in-the-middle attacker could possibly use this flaw to impersonate a server to a client.
  10. Red Hat Security Advisory 2016-1480-01 - Red Hat Security Advisory 2016-1480-01 - MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon, mysqld, and many client programs. The following packages have been upgraded to a newer upstream version: mysql55-mysql. Security Fix: This update fixes several vulnerabilities in the MySQL database server.

Packetstorm Tools

  1. Mobius Forensic Toolkit 0.5.25 - Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.
  2. Blue Team Training Toolkit (BT3) 1.2 - Blue Team Training Toolkit (BT3) is an attempt to introduce improvements in current computer network defense analysis training. Based on adversary replication techniques, and with reusability in mind, BT3 allows individuals and organizations to create realistic computer attack scenarios, while reducing infrastructure costs, implementation time and risk. The Blue Team Training Toolkit is written in Python, and it includes the latest versions of Encripto's Maligno and Pcapteller.
  3. OpenDNSSEC 2.0.1 - OpenDNSSEC is software that manages the security of domain names on the Internet. The project intends to drive adoption of Domain Name System Security Extensions (DNSSEC) to further enhance Internet security.
  4. Nmap Port Scanner 7.25BETA1 - Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings.
  5. Hashcat Advanced Password Recovery 3.00 Binary Release - hashcat is an advanced GPU hash cracking utility that includes the World's fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker. It also has the first and only GPGPU-based rule engine, focuses on highly iterated modern hashes, single dictionary-based attacks, and more. This is the binary release.
  6. OpenDNSSEC 2.0.0-1 - OpenDNSSEC is software that manages the security of domain names on the Internet. The project intends to drive adoption of Domain Name System Security Extensions (DNSSEC) to further enhance Internet security.
  7. Lynis Auditing Tool 2.3.1 - Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.
  8. Suricata IDPE 3.1.1 - Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.
  9. Lynis Auditing Tool 2.3.0 - Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.
  10. Blue Team Training Toolkit (BT3) 1.1 - Blue Team Training Toolkit (BT3) is an attempt to introduce improvements in current computer network defense analysis training. Based on adversary replication techniques, and with reusability in mind, BT3 allows individuals and organizations to create realistic computer attack scenarios, while reducing infrastructure costs, implementation time and risk. The Blue Team Training Toolkit is written in Python, and it includes the latest versions of Encripto's Maligno and Pcapteller.

Packetstorm Exploits

  1. PHP gettext 1.0.12 Code Execution - PHP gettext.php versions 1.0.12 and below suffer from an unauthenticated code execution vulnerability.
  2. Drupal CODER Module Remote Command Execution - This Metasploit module exploits a Remote Command Execution vulnerability in Drupal CODER Module. Unauthenticated users can execute arbitrary command under the context of the web server user. CODER module doesn't sufficiently validate user inputs in a script file that has the php extension. A malicious unauthenticated user can make requests directly to this file to execute arbitrary command. The module does not need to be enabled for this to be exploited This Metasploit module was tested against CODER 2.5 with Drupal 7.5 installation on Ubuntu server.
  3. MediaCoder 0.8.43.5852 SEH Overflow - MediaCoder version 0.8.43.5852 SEH buffer overflow exploit that spawns calc.exe.
  4. CoolPlayer+ Portable 2.19.6 Stack Overflow - CoolPlayer+ Portable version 2.19.6 m3u stack overflow exploit with egghunter shellcode and aslr bypass.
  5. CodoForum 3.2.1 SQL Injection - CodoForum version 3.2.1 suffers from a remote SQL injection vulnerability.
  6. Micro Focus Filr CSRF / XSS / Code Execution - Multiple Micro Focus Filr appliances suffer from cross site request forgery, cross site scripting, command injection, insecure design, missing cookie flag, authentication bypass, poor permission, and path traversal vulnerabilities.
  7. PHP File Vault 0.9 Directory Traversal / File Read - PHP File Vault version 0.9 suffers from directory traversal and file reading vulnerabilities.
  8. WordPress Code Snippets 2.6.1 Cross Site Scripting - WordPress Code Snippets plugin version 2.6.1 suffers from a cross site scripting vulnerability.
  9. WordPress Contact Form To Email 1.1.47 Cross Site Scripting - WordPress Contact Form to Email plugin version 1.1.47 suffers from a cross site scripting vulnerability.
  10. Bellini/Supercook Wi-Fi Yumi SC200 Information Disclosure / Code Execution - Bellini/Supercook Wi-Fi Yumi SC200 suffers from code execution, weak default password, and information disclosure vulnerabilities.

Securiteam Exploits

  1. ABB Pcm600 2.6 PCM600 Obtain Information Vulnerability - ABB Pcm600 is prone to a gain information vulnerability.This allows local or remote attackers to gain privileges via a malicious program in the affected application
  2. Adobe Creative Cloud 3.6.0.248 Gain privileges Vulnerability - Adobe Creative Cloud is prone to a gain privilege vulnerability. This allow local or remote attackers to gain privileges via a crafted application.
  3. Apache Struts 2.3.20 Bypass A Restriction Vulnerability - Apache Struts is prone to a bypass vulnerability. This allow an attacker to bypass detection or blocking system, which could allow malware to pass through the system undetected.
  4. Atheme 7.2.6 Remote Code Execution Vulnerability - Atheme Atheme is prone to a remote code-execution vulnerability.This allows a remote attacker to exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts may result in a denial-of-service condition.
  5. CA Release Automation 5.0.2 Denial Of Service Vulnerability - CA Release Automation is prone to a denial of service (DoS) vulnerability.This allow a remote attacker to cause a denial of service (DoS) condition due to high consumption of system resources via certain vulnerable vectors.