Hack Tools/Exploits

Packetstorm Last 10 Files

  1. E2 2844 SQL Injection - E2 version 2844 suffers from a remote SQL injection vulnerability.
  2. LPAR2RRD 3.5 / 4.53 Command Injection - Insufficient input sanitization on the parameters passed to the application web gui leads to arbitrary command injection on the LPAR2RRD application server. Versions 4.53 and below and 3.5 and below are affected.
  3. HP Security Bulletin HPSBMU03073 - HP Security Bulletin HPSBMU03073 - A potential security vulnerability has been identified with HP Network Vitalization. The vulnerability could be exploited remotely to allow execution of code and disclosure of information. Revision 1 of this advisory.
  4. Debian Security Advisory 2984-1 - Debian Linux Security Advisory 2984-1 - CESG discovered a root escalation flaw in the acpi-support package. An unprivileged user can inject the DBUS_SESSION_BUS_ADDRESS environment variable to run arbitrary commands as root user via the policy-funcs script.
  5. Red Hat Security Advisory 2014-0921-01 - Red Hat Security Advisory 2014-0921-01 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. A race condition flaw, leading to heap-based buffer overflows, was found in the mod_status httpd module. A remote attacker able to access a status page served by mod_status on a server using a threaded Multi-Processing Module could send a specially crafted request that would cause the httpd child process to crash or, possibly, allow the attacker to execute arbitrary code with the privileges of the "apache" user. A NULL pointer dereference flaw was found in the mod_cache httpd module. A malicious HTTP server could cause the httpd child process to crash when the Apache HTTP Server was used as a forward proxy with caching.
  6. Red Hat Security Advisory 2014-0920-01 - Red Hat Security Advisory 2014-0920-01 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. A race condition flaw, leading to heap-based buffer overflows, was found in the mod_status httpd module. A remote attacker able to access a status page served by mod_status on a server using a threaded Multi-Processing Module could send a specially crafted request that would cause the httpd child process to crash or, possibly, allow the attacker to execute arbitrary code with the privileges of the "apache" user. A denial of service flaw was found in the way httpd's mod_deflate module handled request body decompression. A remote attacker able to send a request whose body would be decompressed could use this flaw to consume an excessive amount of system memory and CPU on the target system.
  7. Red Hat Security Advisory 2014-0922-01 - Red Hat Security Advisory 2014-0922-01 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. A race condition flaw, leading to heap-based buffer overflows, was found in the mod_status httpd module. A remote attacker able to access a status page served by mod_status on a server using a threaded Multi-Processing Module could send a specially crafted request that would cause the httpd child process to crash or, possibly, allow the attacker to execute arbitrary code with the privileges of the "apache" user. A NULL pointer dereference flaw was found in the mod_cache httpd module. A malicious HTTP server could cause the httpd child process to crash when the Apache HTTP Server was used as a forward proxy with caching.
  8. Ubuntu Security Notice USN-2299-1 - Ubuntu Security Notice 2299-1 - Marek Kroemeke discovered that the mod_proxy module incorrectly handled certain requests. A remote attacker could use this issue to cause the server to stop responding, leading to a denial of service. This issue only affected Ubuntu 14.04 LTS. Giancarlo Pellegrino and Davide Balzarotti discovered that the mod_deflate module incorrectly handled body decompression. A remote attacker could use this issue to cause resource consumption, leading to a denial of service. Various other issues were also addressed.
  9. Ubuntu Security Notice USN-2298-1 - Ubuntu Security Notice 2298-1 - A type confusion bug was discovered in V8. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash, or execute arbitrary code with the privileges of the sandboxed render process. A type confusion bug was discovered in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash, or execute arbitrary code with the privileges of the sandboxed render process. Various other issues were also addressed.
  10. Red Hat Security Advisory 2014-0926-01 - Red Hat Security Advisory 2014-0926-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A NULL pointer dereference flaw was found in the rds_iw_laddr_check() function in the Linux kernel's implementation of Reliable Datagram Sockets. A local, unprivileged user could use this flaw to crash the system. It was found that the Xen hypervisor implementation did not properly clean memory pages previously allocated by the hypervisor. A privileged guest user could potentially use this flaw to read data relating to other guests or the hypervisor itself.

Packetstorm Tools

  1. SILC (Secure Internet Live Conferencing) Client 1.1.11 - SILC (Secure Internet Live Conferencing) is a protocol which provides secure conferencing services in the Internet. It can be used to send any kind of messages, in addition to normal text messages. This includes multimedia messages like images, video, and audio stream. All messages in the SILC network are encrypted and authenticated, and messages can also be digitally signed. SILC protocol supports AES, SHA-1, PKCS#1, PKCS#3, X.509, OpenPGP, and is being developed in the IETF. This tarball holds all client related files.
  2. Otori 0.3 - This is a Metasploit-style module system specifically for XXE exploit code. This allows a common interface, including the ability to automate downloads of numerous files, or automatically walk the directory structure if the vulnerable system is based on Java.
  3. pyClamd 0.3.10 - pyClamd is a python interface to Clamd (Clamav daemon). By using pyClamd, you can add virus detection capabilities to your python software in an efficient and easy way. Instead of pyClamav which uses libclamav, pyClamd may be used by a closed source product.
  4. Packet Fence 4.3.0 - PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
  5. Lynis Auditing Tool 1.5.7 - Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.
  6. GNU Privacy Guard 1.4.18 - GnuPG (the GNU Privacy Guard or GPG) is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. As such, it is meant to be compatible with PGP from NAI, Inc. Because it does not use any patented algorithms, it can be used without any restrictions.
  7. AIEngine 0.8 - AIEngine is a packet inspection engine with capabilities of learning without any human intervention. It helps network/security professionals to identify traffic and develop signatures for use them on NIDS, Firewalls, Traffic classifiers and so on.
  8. XSSYA Cross Site Scripting Scanner - XSSYA is a python tool that attempts malicious payloads for bypassing web application firewalls.
  9. SMTPTX 1.0 Beta - SMTPTX is a very simple and basic tool used for sending simple email and to do some basic email testing from a pentester perspective. It is able to send messages without depending on knowing a specific MTA/SMTP server beforehand. It handles the MX record resolution itself and connects to the relevant server and sends the email. Its able to add attachments, use TLS and do SMTP authentication, specify custom DNS servers and SMTP servers etc. More features are under way. The tool is intended to be used when assessing the functionality and basic configuration and security settings of SMTP servers and other pentesting oriented tasks. It may also be useful as a system tool in scripts and such for sending logs and such off of a system or anything that makes the life of the legit user/administrator easier. Written in Python.
  10. IDGuard 0.60 - IDGuard is a platform for preventing network-layer fingerprinting on the network.

Packetstorm Exploits

  1. E2 2844 SQL Injection - E2 version 2844 suffers from a remote SQL injection vulnerability.
  2. CMS VIA-X SQL Injection - CMS VIA-X suffers from a remote blind SQL injection vulnerability. Note that this finding houses site-specific data.
  3. Ukora CMS Shell Upload - Ukora CMS suffers from a remote shell upload vulnerability.
  4. SonicWALL GMS 7.2 Build 7221.1701 Cross Site Scripting - DELL SonicWALL GMS version 7.2 build 7221.1701 suffers from multiple reflective cross site scripting vulnerabilities.
  5. EventLog Analyzer 9.0 Build #9000 Cross Site Scripting - EventLog Analyzer version 9.0 build #9000 suffers from a cross site scripting vulnerability.
  6. Linux Kernel ptrace/sysret Local Privilege Escalation - Linux Kernel ptrace/sysret local privilege escalation proof of concept exploit.
  7. Symantec Endpoint Protection Manager 12.1.4023.4080 Login Bruteforce - Symantec Endpoint Protection Manager version 12.1.4023.4080 suffers from a login bruteforcing vulnerability.
  8. Barracuda Networks Spam And Virus Firewall 6.0.2 XSS - Barracuda Networks Spam and Virus Firewall version 6.0.2 suffers from a client-side cross site scripting vulnerability.
  9. Apache 2.4.x mod_proxy Denial Of Service - Apache versions 2.4.x prior to 2.4.10 suffer from a denial of service condition when mod_proxy is in use.
  10. Sum Technologies SQL Injection - Sites powered by Sum Technologies suffer from a remote SQL injection vulnerability.

Securiteam Exploits

  1. Blue Coat Content Analysis System Command Injection Vulnerability - Blue Coat Content Analysis System (CAS) 1.1 before 1.1.4.2 allows remote administrators to execute arbitrary commands .
  2. dpkg Vulnerability File Write Vulnerability - dpkg before 1.15.9, 1.16.x to 1.16.12, and 1.17.x to 1.17.7 allows arbitrary remote file write access.
  3. FortiWeb HTTP Header Injection Vulnerabilities - FortiWeb 5.0.2 and lower are vulnerable to HTTP header injection issues .
  4. FortiWeb Privilege Escalation Vulnerabilities - FortiWeb 5.0.2 and lower are vulnerable to privilege escalation issues .
  5. SAP BASIS Security Bypass Vulnerability - SAP BASIS suffers from security bypass vulnerability