Hack Tools/Exploits

Packetstorm Last 10 Files

  1. Privacyware Privatefirewall 7.0 Privilege Escalation - Privacyware Privatefirewall version 7.0 suffers from an unquoted search path issue impacting the Core Service 'PFNet' service for Windows deployed as part of Privatefirewall bundle. This could potentially allow an authorized but non-privileged local user to execute arbitrary code with elevated privileges on the system. A successful attempt would require the local user to be able to insert their code in the system root path undetected by the OS or other security applications where it could potentially be executed during application startup or reboot. If successful, the local user's code would execute with the elevated privileges of the application.
  2. Netgear Wireless Router WNR500 Local File Inclusion - The Netgear Wireless Router WNR500 suffers from an authenticated file inclusion vulnerability (LFI) when input passed thru the 'getpage' parameter to 'webproc' script is not properly verified before being used to include files. This can be exploited to include files from local resources with directory traversal attacks.
  3. Mandriva Linux Security Advisory 2014-222 - Mandriva Linux Security Advisory 2014-222 - Eric Blake discovered that libvirt incorrectly handled permissions when processing the qemuDomainFormatXML command. An attacker with read-only privileges could possibly use this to gain access to certain information from the domain xml file.
  4. Mandriva Linux Security Advisory 2014-221 - Mandriva Linux Security Advisory 2014-221 - Although Mandriva forgot to include a problem description in this advisory, it appears that their latest packages for php-smarty may have address cross site scripting and code execution vulnerabilities.
  5. Mandriva Linux Security Advisory 2014-220 - Mandriva Linux Security Advisory 2014-220 - Michael S. Tsirkin discovered that QEMU incorrectly handled vmxnet3 devices. A local guest could possibly use this issue to cause a denial of service, or possibly execute arbitrary code on the host. Multiple integer overflow, input validation, logic error, and buffer overflow flaws were discovered in various QEMU block drivers. An attacker able to modify a disk image file loaded by a guest could use these flaws to crash the guest, or corrupt QEMU process memory on the host, potentially resulting in arbitrary code execution on the host with the privileges of the QEMU process. Various other security issues were also addressed.
  6. Mandriva Linux Security Advisory 2014-219 - Mandriva Linux Security Advisory 2014-219 - Fernando Russ from Groundworks Technologies reported a buffer overflow flaw in srtp, Cisco's reference implementation of the Secure Real-time Transport Protocol(SRTP), in how the crypto_policy_set_from_profile_for_rtp() function applies cryptographic profiles to an srtp_policy. A remote attacker could exploit this vulnerability to crash an application linked against libsrtp, resulting in a denial of service.
  7. Advertisement: SolarWinds Log & Event Manager - Need root-cause analysis, log management, and compliance monitoring? SolarWinds(r) LEM is smart security for any IT pro. Download a free trial
  8. HP Security Bulletin HPSBHF03052 2 - HP Security Bulletin HPSBHF03052 2 - Potential security vulnerabilities have been identified with HP Network Products running OpenSSL. The vulnerabilities could be exploited remotely to create a Denial of Service (DoS), execute code, allow unauthorized access, modify or disclose information. Revision 2 of this advisory.
  9. Mandriva Linux Security Advisory 2014-218 - Mandriva Linux Security Advisory 2014-218 - Multiple vulnerabilities have been discovered and corrected in asterisk. The updated packages has been upgraded to the 11.14.1 version which is not vulnerable to these issues.
  10. Gentoo Linux Security Advisory 201411-06 - Gentoo Linux Security Advisory 201411-6 - Multiple vulnerabilities have been found in Adobe Flash Player, the worst of which allows remote attackers to execute arbitrary code. Versions less than 11.2.202.418 are affected.

Packetstorm Tools

  1. Capstone 3.0 - Capstone is a multi-architecture, multi-platform disassembly framework. It has a simple and lightweight architecture-neutral API, thread-safe by design, provides details on disassembled instruction, and more.
  2. Clam AntiVirus Toolkit 0.98.5 - Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.
  3. DAVOSET 1.2.3 - DAVOSET is a tool for committing distributed denial of service attacks using execution on other sites.
  4. Fwknop Port Knocking Utility 2.6.4 - fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap.
  5. Packet Fence 4.5.1 - PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
  6. Hesperbot Detection Scanner 1.0 - Hesperbot Scanner is a windows binary that is able to detect the Hesperbot banking trojan by fingerprinting memory and looking for things that traditional antivirus software fails to catch early during the malware campaigns.
  7. Advertisement: SolarWinds Log & Event Manager - Need root-cause analysis, log management, and compliance monitoring? SolarWinds(r) LEM is smart security for any IT pro. Download a free trial
  8. DAVOSET 1.2.2 - DAVOSET is a tool for committing distributed denial of service attacks using execution on other sites.
  9. ROP Gadget Tool 5.3 - This tool lets you search your gadgets on your binaries (ELF format) to facilitate your ROP exploitation. The gadgets are found on executable segments.
  10. Web-Based Firewall Logging Tool 1.01 - Webfwlog is a Web-based firewall log reporting and analysis tool. It allows users to design reports to use on logged firewall data in whatever configuration they desire. Included are sample reports as a starting point. Reports can be sorted with a single click, or "drilled-down" all the way to the packet level, and saved for later use. Supported log formats are netfilter, ipfilter, ipfw, ipchains, and Windows XP. Netfilter support includes ulogd MySQL or PostgreSQL database logs using the iptables ULOG target.

Packetstorm Exploits

  1. Privacyware Privatefirewall 7.0 Privilege Escalation - Privacyware Privatefirewall version 7.0 suffers from an unquoted search path issue impacting the Core Service 'PFNet' service for Windows deployed as part of Privatefirewall bundle. This could potentially allow an authorized but non-privileged local user to execute arbitrary code with elevated privileges on the system. A successful attempt would require the local user to be able to insert their code in the system root path undetected by the OS or other security applications where it could potentially be executed during application startup or reboot. If successful, the local user's code would execute with the elevated privileges of the application.
  2. Netgear Wireless Router WNR500 Local File Inclusion - The Netgear Wireless Router WNR500 suffers from an authenticated file inclusion vulnerability (LFI) when input passed thru the 'getpage' parameter to 'webproc' script is not properly verified before being used to include files. This can be exploited to include files from local resources with directory traversal attacks.
  3. Supr Shopsystem 5.1.0 Cross Site Scripting - Supr Shopsystem version 5.1.0 suffers from a persistent cross site scripting vulnerability.
  4. WordPress SP Client Document Manager 2.4.1 SQL Injection - WordPress SP Client Document Manager plugin version 2.4.1 suffers from multiple remote SQL injection vulnerabilities.
  5. Booking.com Open Redirect - Booking.com suffers from an open redirection vulnerability.
  6. Zenario CMS 7.0.2d Cross Site Scripting / Open Redirect - Zenario CMS version 7.0.2d suffers from cross site scripting and open redirection vulnerabilities.
  7. Advertisement: SolarWinds Log & Event Manager - Need root-cause analysis, log management, and compliance monitoring? SolarWinds(r) LEM is smart security for any IT pro. Download a free trial
  8. Microsoft Internet Explorer OLE Pre-IE11 Code Execution - Microsoft Internet Explorer OLE Pre-IE11 automation array remote code execution / powershell VirtualAlloc MS14-064 exploit.
  9. Hikvision DVR RTSP Request Remote Code Execution - This Metasploit module exploits a buffer overflow in the RTSP request parsing code of Hikvision DVR appliances. The Hikvision DVR devices record video feeds of surveillance cameras and offer remote administration and playback of recorded footage. The vulnerability is present in several models / firmware versions but due to the available test device this module only supports the DS-7204 model.
  10. Advantech EKI-6340 2.05 Command Injection - Advantech EKI-6340 series is vulnerable to an OS command injection, which can be exploited by remote attackers to execute arbitrary code and commands, by using a non privileged user against a vulnerable CGI file.

Securiteam Exploits

  1. Microsoft Internet Explorer 7 Denial Of Service Vulnerabilities - Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability
  2. Microsoft Internet Explorer Denial Of Service Vulnerabilities - Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability
  3. Multiple Cobham Products Information Disclosure Vulnerabilities - Cobham SAILOR 900 VSAT; SAILOR FleetBroadBand 150, 250, and 500; EXPLORER BGAN; and AVIATOR 200, 300, 350, and 700D devices do not properly restrict password recovery, which allows attackers to obtain administrative privileges by leveraging physical access or terminal access to spoof a reset code.
  4. OpenStack Neutron L3-Agent Remote Denial Of Service Vulnerabilities - The L3-agent in OpenStack Neutron before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2 allows remote authenticated users to cause a denial of service (IPv4 address attachment outage) by attaching an IPv6 private subnet to a L3 router.
  5. Oracle Java SE 6u75 Remote Security Code Execution Vulnerabilities - vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality and integrity via vectors related to JMX.