Hack Tools, Utilities and Exploits

Astalavista Tools and Utilities

Packetstorm Last 10 Files

1. openssl-0.9.8l.tar.gz - OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.
2. php530-bypass.txt - PHP version 5.3.0 suffers from a pdflib extension open_basedir bypass vulnerability.
3. glsa-200911-01.txt - Gentoo Linux Security Advisory 200911-1 - Multiple vulnerabilities in the Horde Application Framework can allow for arbitrary files to be overwritten and cross-site scripting attacks. Versions less than 3.3.5 are affected.
4. dsa-1929-1.txt - Debian Linux Security Advisory 1929-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, sensitive memory leak or privilege escalation.
5. dsa-1928-1.txt - Debian Linux Security Advisory 1928-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, sensitive memory leak or privilege escalation.
6. arnet-bruteforce.txt - The ARNET ISP suffers from a bruteforcing vulnerability in its webmail system.
7. linux-pipe.txt - Proof of concept local privilege escalation exploit for the Linux kernel pipe.c vulnerability.
8. chrome-steal.txt - Google Chrome versions prior to 3.0.195.32 suffer from a vulnerability that allows for file theft.
9. MDVSA-2009-294.txt - Mandriva Linux Security Advisory 2009-294 - Security issues were identified and fixed in Firefox 3.5.x.
10. ssl-mitm.c - This is a proof of concept exploit for the man-in-the-middle vulnerability related to SSL/TLS.

Packetstorm Tools

1. openssl-0.9.8l.tar.gz - OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.
2. fireinthehole.py.txt - This is Malformation's Interactive HTTP GET and POST Shell.
3. samhain-2.6.0.tar.gz - Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.
4. dradis-v2.4.1.tar.gz - dradis is a tool for sharing information during security testing. While plenty of tools exist to help in the different stages of the test, not so many exist to share interesting information captured. When a team of testers is working on the same set of targets, having a common repository of information is essential to avoid duplication of efforts.
5. kmotion_2.11_Beta.tar.gz - kmotion is a Web based video surveillance front end to the motion program.
6. graudit-1.3.tar.gz - Graudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility, grep. It's comparable to other static analysis applications like RATS, SWAAT, and flaw-finder while keeping the technical requirements to a minimum and being very flexible.
7. obeseusvB.tar.gz - Obeseus is a light-weight, high-speed ip DDOS detector that has been designed to run on an Intel probe running an advanced 10 Gb/s FPGA card. Firmware Routines on the card ensure that the attack is identified right down to host/port with zero load on the PCI bus. This is the pre-port to FPGA beta version written in c with PCAP and BPF.
8. map_sweeper.txt - MapSweeper version 1.0 ping sweeping script.
9. lynis-1.2.7.tar.gz - Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.
10. tinc-1.0.11.tar.gz - tinc is a Virtual Private Network (VPN) daemon that uses tunneling and encryption to create a secure private network between multiple hosts on the Internet. This tunneling allows VPN sites to share information with each other over the Internet without exposing any information.

Packetstorm Exploits

1. php530-bypass.txt - PHP version 5.3.0 suffers from a pdflib extension open_basedir bypass vulnerability.
2. linux-pipe.txt - Proof of concept local privilege escalation exploit for the Linux kernel pipe.c vulnerability.
3. ssl-mitm.c - This is a proof of concept exploit for the man-in-the-middle vulnerability related to SSL/TLS.
4. CORE-2009-0912.txt - Core Security Technologies Advisory - Blender embeds a python interpreter to extend its functionality. Blender .blend project files can be modified to execute arbitrary commands without user intervention by design. An attacker can take full control of the machine where Blender is installed by sending a specially crafted .blend file and enticing the user to open it.
5. ebfe.cpp - Remote buffer overflow exploit for the Serv-U web client version 9.0.0.5.
6. prdelka-vs-APPLE-ptracepanic.c - Mac OS X versions 10.5.6 and 10.5.7 ptrace() mutex handling denial of service exploit. This code should be run in a loop and due to problems with mutex handling in ptrace a denial of service can occur when a destroyed mutex is attempted to be interlocked by the OSX kernel giving rise to a race condition. You may need to run this code multiple times.
7. endonesia-lfi.txt - Endonesia CMS version 8.4 suffers from a local file inclusion vulnerability.
8. Portili-V1.14.txt - The Portili Personal and Team Wiki versions 1.14 and below suffer from cross site scripting, shell upload, and information and password disclosure vulnerabilities.
9. ecourier-xss.txt - The e-Courier CMS tracking site suffers from a cross site scripting vulnerability.
10. xfw-sql.txt - Xerox Fiery Webtools suffers from a remote SQL injection vulnerability in /wt3/summary.php.

Securiteam Exploits

1. Palm Pre WebOS Remote File Access Vulnerability - The Palm Pre WebOS <=1.1 suffers from a JavaScript injection attack that allows a malicious attacker to access any file on the mobile device.
2. VMware Mishandled Exception and Directory Traversal Vulnerabilities - An improper setting of the exception code on page faults may allow for local privilege escalation on the guest operating system. This vulnerability does not affect the host system. A directory traversal vulnerability allows for remote retrieval of any file from the host system. In order to send a malicious request, the attacker will need to have access to the network on which the host resides.
3. F-Secure Generic PDF bypass - Improper parsing of the PDF structure leads to evasion of detection of malicious PDF documents at scantime and runtime. This has been tested with several malicious PDF files and represents a generic evasion of all PDF signatures and heuristics.
4. Asterisk ACL check Vulnerability - Unauthorized calls are allowed on prohibited networks.
5. Rising Multiple Products Local Privilege Escalation Vulnerability - Rising installs the own program files with insecure permissions (Users: Full Control). Local attacker (unprivileged user) can replace some files (for example, executable files of Rising services) by malicious file and execute arbitrary code with SYSTEM privileges. This is local privilege escalation vulnerability.