Hack Tools, Utilities and Exploits

Astalavista Tools and Utilities

Packetstorm Last 10 Files

1. kdelibs-overrun.txt - KDE KDELibs version 4.3.3 suffers from a remote array overrun vulnerability that allows for arbitrary code execution.
2. opera-overrun.txt - Opera version 10.01 suffers from a remote array overrun vulnerability that allows for arbitrary code execution.
3. kmeleon-overrun.txt - K-Meleon version 1.5.3 suffers from a remote array overrun vulnerability that allows for arbitrary code execution.
4. seamonkey-overrun.txt - SeaMonkey version 1.1.8 suffers from a remote array overrun vulnerability that allows for arbitrary code execution.
5. sybsec-adv17.txt - Cisco VPN Client 0day integer overflow denial of service proof of concept code.
6. HPSBPI02472-SSRT090196.txt - HP Security Bulletin - A potential security vulnerability has been identified with certain HP Color LaserJet printers. The vulnerability could be exploited remotely to gain unauthorized access to data or to create a Denial of Service (DoS).
7. iam-xss.txt - Auto Manager version 2.52 suffers from a cross site scripting vulnerability.
8. assetssosimple-xss.txt - AssetsSoSimple version 0.33 suffers from a cross site scripting vulnerability.
9. USN-860-1.txt - Ubuntu Security Notice 860-1 - Marsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3 protocols. If an attacker could perform a man in the middle attack at the start of a TLS connection, the attacker could inject arbitrary content at the beginning of the user's session.
10. xerver-split.txt - Xerver versions 4.31 and 4.32 suffer from an HTTP response splitting vulnerability.

Packetstorm Tools

1. tor-0.2.1.20.tar.gz - Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).
2. iwatch-0.2.2.tgz - iWatch is a real-time filesystem monitoring program. It is a tool for detecting any changes on your filesystem and reporting it to the system administrator immediately. It uses a simple configuration file in XML format and is based on inotify, a file change notification system in the Linux kernel.
3. framework-3.3.tar.bz2 - The Metasploit Framework is an advanced open-source platform for developing, testing, and using exploit code. Metasploit is used by network security professionals to perform penetration tests, system administrators to verify patch installations, product vendors to perform regression testing, and security researchers world-wide. The framework is written in the Ruby programming language and includes components written in C and assembler.
4. xplico-0.5.3.tgz - Xplico is an open source Network Forensic Analysis Tool (NFAT) that allows for data extraction from traffic captures. It supports extraction of mail from POP, IMAP, and SMTP, can extract VoIP streams, etc. This is the version that has a GUI allowing you to view photos, texts and videos contained in MMS messages.
5. pdfresurrect-v0_9.tar.gz - PDFResurrect is a tool aimed at analyzing PDF documents. The PDF format allows for previous document changes to be retained in a more recent version of the document, thereby creating a running history of changes for the document. This tool attempts to extract all previous versions while also producing a summary of changes between versions. It can also scrub or write data over the original instances of PDF objects that have been modified or deleted, in an effort to disguise information from previous versions that might not be intended for anyone else to read.
6. wtmpclean-0.6.7.tar.bz2 - wtmpClean is a tool for Unix which clears a given user from the wtmp database.
7. stunnel-4.28.tar.gz - Stunnel is a program that allows you to encrypt arbitrary TCP connections inside SSL (Secure Sockets Layer) available on both Unix and Windows. Stunnel can allow you to secure non-SSL aware daemons and protocols (like POP, IMAP, NNTP, LDAP, etc) by having Stunnel provide the encryption, requiring no changes to the daemon's code.
8. htrosbif-alpha-3.tar.gz - htrosbif is a tool that actively probes an HTTP server. It prods the Web server in all sorts of old, new, basic, fancy, spec-compliant, and spec-breaking ways. It tries to characterize both the well-spoken educated responses and the seriously deviant babble it receives in return. Signatures contain no user data, only header names and HTTP-level quirks. As a useful side effect, this might detect reverse proxies, HTTP load balancers, intrusion prevention systems, and Web application firewalls.
9. openssl-0.9.8l.tar.gz - OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.
10. fireinthehole.py.txt - This is Malformation's Interactive HTTP GET and POST Shell.

Packetstorm Exploits

1. kdelibs-overrun.txt - KDE KDELibs version 4.3.3 suffers from a remote array overrun vulnerability that allows for arbitrary code execution.
2. opera-overrun.txt - Opera version 10.01 suffers from a remote array overrun vulnerability that allows for arbitrary code execution.
3. kmeleon-overrun.txt - K-Meleon version 1.5.3 suffers from a remote array overrun vulnerability that allows for arbitrary code execution.
4. seamonkey-overrun.txt - SeaMonkey version 1.1.8 suffers from a remote array overrun vulnerability that allows for arbitrary code execution.
5. sybsec-adv17.txt - Cisco VPN Client 0day integer overflow denial of service proof of concept code.
6. xerver-split.txt - Xerver versions 4.31 and 4.32 suffer from an HTTP response splitting vulnerability.
7. babywebserver.py.txt - Baby Web Server version 2.7.2 remote denial of service exploit.
8. CORE-2009-1027.txt - Core Security Technologies Advisory - A remotely exploitable vulnerability was found in the database server core component of IBM SolidDB. Exploitation of this bug does not require authentication and will lead to a remotely triggered denial of service of the database service.
9. torrent-poisoning.txt - Paper on poisoning a torrent's peer swarm with large numbers of fake peers, including proof of concept code. Works on most trackers. Could possibly be adapted to perform a reflected denial of service (DRDoS) on a target.
10. CORE-2009-0814.txt - Core Security Technologies Advisory - HP Openview Network Node Manager is one of the most widely-deployed network monitoring and management platforms used throughout enterprise organizations today. The platform includes many server and client-side core components with a long list of previously disclosed security bugs. In this case, a remotely exploitable vulnerability was found in the database server core component used by NNM. Exploitation of the bug does not require authentication and will lead to a remotely triggered denial of service of the internal database service. HP Openview NNM version 7.53 is affected.

Securiteam Exploits

1. Avast aswRdr.sys Kernel Pool Corruption and Local Privilege Escalation - Avast's aswRdr.sys Driver does not sanitize user supplied input IOCTL) and this lead to Kernel Heap Overflow that propagates on the system with a BSOD and potential risk of Privilege Escalation.
2. WordPress Unrestricted File Upload Arbitrary PHP Code Execution - Wordpress allows authorised users to add an attachment to a blog post. It does not sanitize provided file properly before moving it to an uploads directory.
3. Atheros Driver Reserved Frame DoS Vulnerability - The wireless driver in some Wi-Fi access points (such as the ATHEROS-based Netgear WNDAP330) do not correctly parse malformed reserved management frames.
4. McAfee Security Manager Authentication Bypass and Session Hijacking Vulnerability - McAfee Network Security Manager is vulnerable to authentication bypass via HTTP session cookie hijacking. A remote attacker could exploit this vulnerability to hijack an existing session to the Network Security Manager.
5. Palm Pre WebOS Remote File Access Vulnerability - The Palm Pre WebOS <=1.1 suffers from a JavaScript injection attack that allows a malicious attacker to access any file on the mobile device.