Hack Tools/Exploits

Packetstorm Last 10 Files

  1. Gentoo Linux Security Advisory 201408-18 - Gentoo Linux Security Advisory 201408-18 - Multiple vulnerabilities have been found in NRPE, the worst of which can allow execution of arbitrary code. Versions less than 2.15 are affected.
  2. Gentoo Linux Security Advisory 201409-02 - Gentoo Linux Security Advisory 201409-2 - Multiple vulnerabilities have been found in Net-SNMP which could allow remote attackers to cause Denial of Service. Versions less than 5.7.3_pre3 are affected.
  3. Gentoo Linux Security Advisory 201408-17 - Gentoo Linux Security Advisory 201408-17 - Multiple vulnerabilities have been found in QEMU, worst of which allows local attackers to execute arbitrary code. Versions less than 2.0.0-r1 are affected.
  4. Gentoo Linux Security Advisory 201409-01 - Gentoo Linux Security Advisory 201409-1 - Multiple vulnerabilities have been found in Wireshark which could allow remote attackers to cause Denial of Service. Versions less than 1.10.9 are affected.
  5. Debian Security Advisory 2987-2 - Debian Linux Security Advisory 2987-2 - The previous security update for OpenJDK 7, DSA-2987-1, introduced a regression due to an overly strict bytecode verifier. As a result, legitimate bytecode which is produced by some non-Java languages would no longer run.
  6. Gentoo Linux Security Advisory 201408-16 - Gentoo Linux Security Advisory 201408-16 - Multiple vulnerabilities have been found in Chromium, the worst of which can allow remote attackers to execute arbitrary code. Versions less than 37.0.2062.94 are affected.
  7. Gentoo Linux Security Advisory 201408-19 - Gentoo Linux Security Advisory 201408-19 - Multiple vulnerabilities have been found in OpenOffice and LibreOffice, the worst of which may result in execution of arbitrary code.
  8. Gentoo Linux Security Advisory 201408-15 - Gentoo Linux Security Advisory 201408-15 - Multiple vulnerabilities have been found in PostgreSQL, the worst of which may allow remote Denial of Service. Versions prior to 9.3.3 are affected.
  9. Spiped 1.4.0 - Spiped (pronounced "ess-pipe-dee") is a utility for creating symmetrically encrypted and authenticated pipes between socket addresses, so that one may connect to one address (e.g., a UNIX socket on localhost) and transparently have a connection established to another address (e.g., a UNIX socket on a different system). This is similar to 'ssh -L' functionality, but does not use SSH and requires a pre-shared symmetric key. Spiped uses strong and well-understood cryptographic components: The initial key negotiation is performed using HMAC-SHA256 and an authenticated Diffie-Hellman key exchange over the standard 2048-bit "group 14"; following the completion of key negotiation, packets are transmitted encrypted with AES-256 in CTR mode and authenticated using HMAC-SHA256.
  10. Sierra Library Services Platform 1.2_3 XSS / Enumeration - Sierra Library Services Platform version 1.2_3 suffers from cross site scripting, user enumeration, and HTTP parameter pollution vulnerabilities.

Packetstorm Tools

  1. Spiped 1.4.0 - Spiped (pronounced "ess-pipe-dee") is a utility for creating symmetrically encrypted and authenticated pipes between socket addresses, so that one may connect to one address (e.g., a UNIX socket on localhost) and transparently have a connection established to another address (e.g., a UNIX socket on a different system). This is similar to 'ssh -L' functionality, but does not use SSH and requires a pre-shared symmetric key. Spiped uses strong and well-understood cryptographic components: The initial key negotiation is performed using HMAC-SHA256 and an authenticated Diffie-Hellman key exchange over the standard 2048-bit "group 14"; following the completion of key negotiation, packets are transmitted encrypted with AES-256 in CTR mode and authenticated using HMAC-SHA256.
  2. Lynis Auditing Tool 1.6.0 - Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.
  3. RedHat Checklist Script - This script is designed to perform a security evaluation against industry best practices, over RedHat and RedHat based systems, to detect configuration deviations. It was developed due to the need to ensure that the servers within the author's workplace would comply with specific policies. As this tool was designed specifically for this purpose, "lynis" was not used for the task.
  4. Nmap Port Scanner 6.47 - Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings.
  5. SSDP Amplification Scanner - SSDP amplification scanner written in Python. Makes use of Scapy.
  6. oclHashcat For AMD 1.30 - oclHashcat is an advanced GPU hash cracking utility that includes the World's fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker. It also has the first and only GPGPU-based rule engine, focuses on highly iterated modern hashes, single dictionary-based attacks, and more. AMD version.
  7. oclHashcat For NVidia 1.30 - oclHashcat is an advanced GPU hash cracking utility that includes the World's fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker. It also has the first and only GPGPU-based rule engine, focuses on highly iterated modern hashes, single dictionary-based attacks, and more. NVidia version.
  8. Maligno 1.2 - Maligno is an open source penetration testing tool written in python, that serves Metasploit payloads. It generates shellcode with msfvenom and transmits it over HTTP or HTTPS. The shellcode is encrypted with AES and encoded with Base64 prior to transmission.
  9. Melkor ELF Fuzzer 1.0 - Melkor is an ELF fuzzer that mutates the existing data in an ELF sample given to create orcs (malformed ELFs), however, it does not change values randomly (dumb fuzzing), instead, it fuzzes certain metadata with semi-valid values through the use of fuzzing rules (knowledge base). Written in C, Melkor is a very intuitive and easy-to-use fuzzer to find functional (and security) bugs in ELF parsers.
  10. Viproy VoIP Penetration / Exploitation Kit 2.0 - Viproy Voip Penetration and Exploitation Kit is developed to improve quality of SIP penetration testing. It provides authentication and trust analysis features that assists in creating simple tests.

Packetstorm Exploits

  1. Wing FTP Server Authenticated Command Execution - This Metasploit module exploits the embedded Lua interpreter in the admin web interface for versions 4.3.8 and below. When supplying a specially crafted HTTP POST request an attacker can use os.execute() to execute arbitrary system commands on the target with SYSTEM privileges.
  2. Microsoft Internet Explorer MS14-029 Memory Corruption - Microsoft Internet Explorer memory corruption proof of concept exploit that leverages the vulnerability noted in MS14-029.
  3. HTML Help Workshop 1.4 Buffer Overflow - HTML Help Workshop version 1.4 SEH buffer overflow exploit.
  4. F5 Unauthenticated rsync Access To Remote Root Code Execution - When configured in a high availability mode, the F5 solution suffers from an unauthenticated rsync access vulnerability that can be leveraged to upload a malicious SSH key and gain remote root access to the appliance. Affected includes F5 BIG-IP 11.x versions before 11.6.0, 11.5.1 HF3, 11.5.0 HF4, 11.4.1 HF, 11.4.0 HF7, 11.3.0 HF9, and 11.2.1 HF11, Enterprise Manager 3.x versions before 3.1.1 HF2.
  5. NRPE 2.15 Remote Command Execution - NRPE version 2.15 remote command execution exploit written in Python.
  6. DomainTrader Domain Parking / Auction Script 2.5.3 CSRF / XSS - DomainTrader Domain Parking and Auction Script version 2.5.3 suffers from cross site request forgery and cross site scripting vulnerabilities.
  7. Jappix Cross Site Scripting - Jappix suffers from a persistent cross site scripting vulnerability.
  8. F5 BIG-IP 11.5.1 Cross Site Scripting - F5 BIG-IP versions 11.5.1 and below suffer from a reflective cross site scripting vulnerability.
  9. ActualAnalyzer Remote Command Execution - ActualAnalyzer remote command execution exploit that leverages an eval.
  10. PhpWiki Ploticus Command Injection - Proof of concept exploit for PhpWiki that demonstrates a remote command injection vulnerability via the Ploticus module.

Securiteam Exploits

  1. Drupal Invitation Access Bypass Vulnerability - The Invitation module 7.x-2.x for Drupal does not properly check permissions, which allows remote attackers to obtain sensitive information via unspecified default views.
  2. GNOME Display Manager Locally Denial Of Service Vulnerability - GNOME Display Manager (gdm) 3.4.1 and earlier, when disable-user-list is set to true, allows local users to cause a denial of service (unable to login) by pressing the cancel button after entering a user name.
  3. Linux Kernel Denial Of Service Or Unauthorized Privilege Gain Vulnerability - Off-by-one error in the bpf_jit_compile function in arch/x86/net/bpf_jit_comp.c in the Linux kernel before 3.1.8, when BPF JIT is enabled, allows local users to cause a denial of service (system crash) or possibly gain privileges via a long jump after a conditional jump.
  4. PHP-Fusion Unauthorized Backup Access Vulnerabilities - PHP-Fusion version 7.02.05 suffers from parameter traversal local file inclusion(LFI), attacker can include and execute desired file on the server.
  5. RSA BSAFE SSL-J SSLSocket Malformed Handshake Remote DoS Vulnerability - RSA BSAFE SSL-J SSLsocket malformed handshake remote suffers from denial of service vulnerability