Hack Tools/Exploits

Astalavista Tools and Utilities

  1. Outpost Firewall Pro 7.0.3 (3392.517 - Agnitum Outpost Firewall - personal fire wall, which protects users by filtering of the entering and outgoing net traffic, control of the current connections, development of the suspicious of [deystviy].[Chtoby] to completely secure you from these new threats, the effective means of safety must use a multilevel approach, ensuring proactive, based at the analysis of behavior, blocking together with the more traditional, signature methods of detection. It also must be simple in the use - because otherwise it will not be popular.

    You obtain:

    Foremost fire wall for the safe connections with the network
    Anti-spy for the circular protection from the espionage [po]
    Local safety for blocking the unknown threats
    Web- control for the protection of your computer from the harmful and knavish sites, the importunate Internet- advertisement and other Internet- threats

    You obtain:
    Foremost fire wall for the safe connections with the network
    Anti-spy for the circular protection from the espionage [po]
    Local safety for blocking the unknown threats
    Web- control for the protection of your computer from the harmful and knavish sites, the importunate Internet- advertisement and other Internet- threats

    Key possibilities:

    Product controls the connections of your computer with others, blocking hackers and preventing the unsanctioned external and internal access to the network. Controlling the entering and outgoing traffic of applications, it stops the attempts of the harmful ON to transmit data from your computer or to it.
    Local safety tracks behavior of programs and their interaction for guaranteeing the proactive protection from the unsanctioned activity, blocking Trojans, espionage programs and all inventive hacker procedures of the breaking of computers and theft of personal data.
    Outpost Of firewall Of pro uses the specialized procedures for its own protection, which cannot be opened even with the aid of the specially created harmful programs.
    Simple, but, nevertheless, the effective scanner of harmful programs automatically reveals and insulates or are moved away espionage programs and another harmful [po]. A constant protection continuously controls passive and active programs, having in this case a least effect on the productivity of system.
    Universal component Web- control protects you from the dark side of network the Internet. It removes you from the sites, which load unnecessary information, prevents the random disclosure of personal data, limits the effect potentially dangerous contents of the service lives of network on your system it preserves your personal data by confidential.
    For the novices Of outpost Of firewall Of pro it proposes all-round aid in the use of extensive possibilities of program in the best way, the while moved users will estimate wealth of the possibilities of the control and tuned parameters, which they can establish in accordance with their requirements.

    Advantages:

    - Safety in the Internet
    Double-sided fire wall forbids the unsanctioned or harmful attempts at the access to your computer, undertaken both by the internal, and external sources (from the local network and the Internet). It prevents the attempts of the harmful ON to be extended, to gather and to transmit data to the server of criminals, providing protection from the hackers, thefts of personal data, infection by unknown threats and blocking the unsolved activity of programs.

    - The forestalling protection from the threats
    The module Of outpost” local safety” tracks interaction of programs, protecting your system from the most contemporary threats of safety, and are passed all known tests to the leakage of data, preventing the unsolved transmission of information from your PK.

    - The complete victory above the espionage [po]!
    You will decrease the risk of infection by espionage ON with the aid of the special mechanism of the protection Of outpost. The regular renovations of module anti-spy and a constant monitoring guarantee, that harmful ON will not be able to be activated and to cause harm to your data or to take your applications.

    - Safe displacement in the Internet
    Many-sided module” Web- control” guards you from” dark forces” of the Internet. It blocks access to the Web sites, capable of infecting your computer through the concealed load of harmful ON, and it also prevents the random disclosure of personal information, limits risk to encounter with the potentially unsafe elements of Web sites and reliably are stored your personal data.

    - The impenetrable self-defense
    Outpost cannot be deactivated by the directed attacks and ensures continuous protection.

    - The powerful and simple protection
    Independently of that, novice you or expert in the computer safety, you can easily dispose Outpost Of firewall 2008 for their needs. Because of the automated system of contextual information (completely in the Russian language) the program will help you to find correct answer to the demands of fire wall so that you could be concentrated on your activity, after leaving the concern about your safety Of outpost!

    Outpost Of firewall Of pro Of history of of changes Of pro 7.0.3 (3392.517.1242)

    - The of following of improvements of are of introduced:
    - Multiple of driver of operation of stability of improvements
    - The of following of issues of are of fixed:
    - Inability to of exit of from Of entertainment Of mode
    - Freeze of during of torrent of downloading
    - Outpost of crash of after of changing Of quick Of scan of configuration of during of anti-spyware of quick of scan
    - Outpost of crash of after of clicking on a of link in Of outpost of window
    - Outpost of crash of while of navigating in Of netstat Of view of using of keyboard
    - Outpost of crash of while of interacting of with Windows Of action Of center
    - Possible of system of crash of while of working of with of several of mobile of devices
    - False of detection of Of win32/LNK (Format.CPAPPL) on of some of configurations
    - Text of break in of settings of window
    - Status of of components in of the of main of window of shown in Of english of when of another of language is of selected.
  2. Netreconn 1.78 - Netreconn is a collection of network scan/recon tools that are relatively small compared to their larger cousins. These include nstrobe, ipdump, and ndecode.

    Update:
    Tools have been collapsed into one front end. Runs faster than previous versions. Experimental passive and ipv6 active scanning has been added.
  3. iExploder 1.7 - iExploder is like a fire hydrant full of bad HTML and CSS code to test the stability and security of web browsers. Available as a standalone webserver or CGI script, it continuously feeds browsers bad data in the hope that they will eventually crash. It is designed to run for hours, or even days until the browser crashes. namebench was initially written as a QA tool for the Mozilla Project to test the Firefox 1.0 release, and is now included and used by Apple's Webkit project.

    Update:
    A new browser-harness mode was added to stop and start browsers, replicate crash scenarios, and save minimized testcases. CSS selector fuzzing and support for Ruby 1.9.x were added. The tag dictionary was updated from Webkit and Mozilla source trees.
  4. ITSecTeam PHP shell - This is a backdoor PHP shell from ITSecTeam.
  5. EncFS 1.7.2 - EncFS is an encrypted pass-through filesystem which runs in userspace on Linux (using the FUSE kernel module). Similar in design to CFS and other pass-through filesystems, all data is encrypted and stored in the underlying filesystem. Unlike loopback filesystems, there is no predetermined or pre-allocated filesystem size.

    Update:
    This version fixes option handling issues introduced in 1.7.0 that prevented mounting of certain filesystem types.
  6. JIT spraying and mitigations - With the discovery of new exploit techniques, novel protection mechanisms are needed as well. Miti-gations like DEP (Data Execution Prevention) orASLR (Address Space Layout Randomization) cre-ated a significantly more difficult environment for exploitation. Attackers, however, have recently re-searched new exploitation methods which are ca-pable of bypassing the operating system’s memorymitigations. One of the newest and most popu-lar exploitation techniques to bypass both of theaforementioned security protections is JIT memoryspraying, introduced by Dion Blazakis [3]
  7. Lan-Secure Switch Center Workgroup - Switch Protector monitoring scanner is a built-in engine of Switch Center management software that implements network access control (NAC) using IEEE-802.1X features on managed network switch ports and helps to protect networks from potential intruders, unauthorized connections and malicious activities from within the organization.

    The network access control (NAC) monitoring software is a powerful security engine that combines a variety of access protection rules for intrusion detection and prevention. The real-time protection monitor enables discovery of new network connections or any network changes including suspicious network activities. The software built-in protection rules enable to enforce any network security policy with proactive access control of network nodes that violated the selected security protection rules. The protection engine can be controlled using built-in administration interface or by organization intranet web for managing access permissions of authorized network nodes.
  8. Lan-Secure Switch Center Enterprise - Switch Protector monitoring scanner is a built-in engine of Switch Center management software that implements network access control (NAC) using IEEE-802.1X features on managed network switch ports and helps to protect networks from potential intruders, unauthorized connections and malicious activities from within the organization.

    The network access control (NAC) monitoring software is a powerful security engine that combines a variety of access protection rules for intrusion detection and prevention. The real-time protection monitor enables discovery of new network connections or any network changes including suspicious network activities. The software built-in protection rules enable to enforce any network security policy with proactive access control of network nodes that violated the selected security protection rules. The protection engine can be controlled using built-in administration interface or by organization intranet web for managing access permissions of authorized network nodes.
  9. Lan-Secure Switch Center Protector - Switch Protector monitoring scanner is a built-in engine of Switch Center management software that implements network access control (NAC) using IEEE-802.1X features on managed network switch ports and helps to protect networks from potential intruders, unauthorized connections and malicious activities from within the organization.

    The network access control (NAC) monitoring software is a powerful security engine that combines a variety of access protection rules for intrusion detection and prevention. The real-time protection monitor enables discovery of new network connections or any network changes including suspicious network activities. The software built-in protection rules enable to enforce any network security policy with proactive access control of network nodes that violated the selected security protection rules. The protection engine can be controlled using built-in administration interface or by organization intranet web for managing access permissions of authorized network nodes.
  10. Lan-Secure Security Center Pro - While security today, takes a role position in network protection from outside the organization by controlling network access of firewalls, anti-virus gateways and other security devices. Most malicious security threats that actually cause damage occur by intruders that using network access from within the organization.

    Security Center network access protection software designed to provide real-time network security monitor for intrusion detection IDS and prevention IPS that helps to protect networks from being vulnerable to unauthorized network connections, malicious network activities and potential network intruders. The software security scanner enables real-time protection on new network connections or any network changes including suspicious network activities and proactively prevents their access to the network.

    Security Center can be connected in any network either it is switched or hubs network without the need of remote agents or special network configuration. The real-time access protection monitoring engine provides automatic network and security scanning including threats and vulnerabilities discovery. The built-in manual and automatic access protection rules enable to enforce any network security policy with proactive blocking of network nodes that violated the selected security protection rules. The software can be used in distributed environment using any number of remote viewers for network access control of protection and security permissions.

Packetstorm Last 10 Files

  1. OIG_10-111_Aug10.pdf - Office of Inspector General report OIG-10-1111 - DHS Needs to Improve the Security Posture of Its Cybersecurity Program Systems.
  2. USN-978-1.txt - Ubuntu Security Notice 978-1 - Several dangling pointer vulnerabilities were discovered in Thunderbird. It was discovered that the XPCSafeJSObjectWrapper (SJOW) security wrapper did not always honor the same-origin policy. Matt Haggard discovered that Thunderbird did not honor same-origin policy when processing the statusText property of an XMLHttpRequest object. Chris Rohlf discovered an integer overflow when Thunderbird processed the HTML frameset element. Several issues were discovered in the browser engine. David Huang and Collin Jackson discovered that the tag could override the charset of a framed HTML document in another origin. Paul Stone discovered that with designMode enabled an HTML selection containing JavaScript could be copied and pasted into a document and have the JavaScript execute within the context of the site where the code was dropped. A buffer overflow was discovered in Thunderbird when processing text runs. Peter Van der Beken, Jason Oster, Jesse Ruderman, Igor Bukanov, Jeff Walden, Gary Kwong and Olli Pettay discovered several flaws in the browser engine.
  3. USN-975-1.txt - Ubuntu Security Notice 975-1 - Several dangling pointer vulnerabilities were discovered in Firefox. Blake Kaplan and Michal Zalewski discovered several weaknesses in the XPCSafeJSObjectWrapper (SJOW) security wrapper. Matt Haggard discovered that Firefox did not honor same-origin policy when processing the statusText property of an XMLHttpRequest object. Chris Rohlf discovered an integer overflow when Firefox processed the HTML frameset element. Several issues were discovered in the browser engine. David Huang and Collin Jackson discovered that the tag could override the charset of a framed HTML document in another origin. Paul Stone discovered that with designMode enabled an HTML selection containing JavaScript could be copied and pasted into a document and have the JavaScript execute within the context of the site where the code was dropped. A buffer overflow was discovered in Firefox when processing text runs. Peter Van der Beken, Jason Oster, Jesse Ruderman, Igor Bukanov, Jeff Walden, Gary Kwong and Olli Pettay discovered several flaws in the browser engine.
  4. USN-985-1.txt - Ubuntu Security Notice 985-1 - Alasdair MacGregor discovered that mountall created a udev rule file with world-writable permissions. A local attacker could exploit this under certain conditions to cause udev to execute arbitrary commands as the root user.
  5. ESA-2010-016.txt - RSA Access Manager Agent version 4.7.1 with RSA Adaptive Authentication Integration contains a potential vulnerability that could be exploited by malicious people to bypass authentication restrictions.
  6. ESA-2010-015.txt - A vulnerability exists in EMC Celerra which can be exploited to gain unauthorized access to root NFS export on EMC Celerra NAS. NAS Code versions 5.6.50 and below are affected.
  7. ESA-2010-014.txt - RSA Access Manager Server contains a potential vulnerability that could be exploited to bypass certain security restrictions, potentially enabling unauthorized access to protected resources.
  8. dsa-2106-1.txt - Debian Linux Security Advisory 2106-1 - Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications.
  9. fbsdpseudofs-nullpointer.txt - FreeBSD versions 7.0 through 7.2 suffer from a pseudofs NULL pointer dereference vulnerability. Due to a spurious call to pfs_unlock() in pfs_getattr() (as defined in sys/fs/pseudofs/pseudofs_vnops.c), a null pointer is dereferenced after calling extattr_get_attribute() on pseudofs vnode. By allocating a page at address 0x0, an attacker can overwrite an arbitrarily chosen portion of kernel memory, leading to a crash or local root escalation.
  10. cisco-sa-20100908-wlc.txt - Cisco Security Advisory - The Cisco Wireless LAN Controller (WLC) product family is affected by two denial of service, three privilege escalation and two access control list vulnerabilities.

Packetstorm Tools

  1. DnsSpoofer.zip - DnsFucker is a DNS spoofing tool. It can be used effectively in both packet switched and hubbed networks. Written in Python.
  2. netrecon-1.78.tgz - Netreconn is a collection of network scan/recon tools that are relatively small compared to their larger cousins. These include nstrobe, ipdump, and ndecode.
  3. iexploder-1.7.tgz - iExploder is like a fire hydrant full of bad HTML and CSS code to test the stability and security of web browsers. Available as a standalone webserver or CGI script, it continuously feeds browsers bad data in the hope that they will eventually crash. It is designed to run for hours, or even days until the browser crashes. namebench was initially written as a QA tool for the Mozilla Project to test the Firefox 1.0 release, and is now included and used by Apple's Webkit project.
  4. openca-tools-1.3.0.tar.gz - The OpenCA Project is a collaborative effort to develop a robust, full-featured and Open Source out-of-the-box Certification Authority implementing the most used protocols with full-strength cryptography world-wide. OpenCA is based on many Open-Source Projects. Among the supported software is OpenLDAP, OpenSSL, Apache Project, Apache mod_ssl.
  5. malware_check_tool-1.2.zip - Malware Check Tool is a python script that detects malicious files via checking md5 hashes from an offline set or via the virustotal site. It has http proxy support and an update feature.
  6. hyenae-0.35-2.tar.gz - Hyenae is a highly flexible and platform independent network packet generator. It allows you to reproduce low level Ethernet attack scenarios (such as MITM, DoS, and DDoS) to reveal potential security vulnerabilities of your network. Besides smart wildcard-based address randomization, a highly customizable packet generation control, and an interactive attack assistant, Hyenae comes with a clusterable remote daemon for setting up distributed attack networks.
  7. joomlascan.tgz - Joomla web scanning perl script that gets the version, components and shows possible bugs.
  8. openscap-0.6.2.tar.gz - The openscap project is a set of open source libraries that support the SCAP (Security Content Automation Protocol) set of standards from NIST. It supports CPE, CCE, CVE, and CVSS.
  9. suricata-1.0.2.tar.gz - Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.
  10. cvechecker-0.5.tar.gz - cvechecker reports about possible vulnerabilities on your system by scanning the installed software and matching the results with the CVE database. This is not a bullet-proof method and you will most likely have many false positives, but it is still better than nothing, especially if you are running a distribution with little security coverage.

Packetstorm Exploits

  1. moaub-msoffice.txt - Month Of Abysssec Undisclosed Bugs - Microsoft Office Visio suffers from a DXF file stack based overflow vulnerability.
  2. moaub-sirang.txt - Month Of Abysssec Undisclosed Bugs - Sirang web-based D-Control versions 6.0 and below suffer from remote SQL injection and upload restriction bypass vulnerabilities.
  3. adobe_cooltype_sing.rb.txt - This Metasploit module exploits a vulnerability in the Smart INdependent Glyplets (SING) table handling within versions 8.2.4 and 9.3.4 of Adobe Reader. Prior version are assumed to be vulnerable as well.
  4. java_rmi_connection_impl.rb.txt - This Metasploit module exploits a vulnerability in the Java Runtime Environment that allows to deserialize a MarshalledObject containing a custom classloader under a privileged context. The vulnerability affects version 6 prior to update 19 and version 5 prior to update 23.
  5. fbsdpmap-racecondition.txt - FreeBSD versions 7.3 and 8.1 suffer from a vm.pmap kernel local race condition denial of service vulnerability.
  6. ZSL-2010-4963.txt - Textpattern CMS version 4.2.0 suffers from a cross site scripting vulnerability.
  7. zenphoto-sqlxss.txt - Zenphoto version 1.3 suffers from remote SQL injection and cross site scripting vulnerabilities.
  8. openjournalsystem-xss.txt - OpenJournalSystem suffers from stored cross site scripting vulnerabilities.
  9. fcms-sql.txt - FCMS version 2.3 suffers from a remote SQL injection vulnerability.
  10. enanocms-sql.txt - EnanoCMS version 1.1.7pl1 suffers from a remote blind SQL injection vulnerability.

Securiteam Exploits

  1. HP LaserJet Printers, HP Digital Senders Unauthorized File Access Vulnerability - A vulnerability related to unauthorized file access was discovered in certain HP devices.
  2. Mozilla Firefox NodeIterator Code Execution Vulnerability - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox.
  3. MyBB Password Reset Weak Random Numbers Vulnerability - Usage of weak random number generation in password reset functionality allows predicting the password reset token and the randomly generated password, which results in account takeover.
  4. MyBB Password Reset Email BCC Injection Vulnerability - An email injection vulnerability was discovered in MyBB allows injecting e.g. BCC mail headers into password reset emails.
  5. Microsoft Office Publisher File Conversion TextBox Processing Buffer Overflow Vulnerability - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office. Exploitation requires user interaction in that a victim must open a malicious PUB file.