Hack Tools/Exploits


Packetstorm Last 10 Files

  1. Microsoft Windows SET_REPARSE_POINT_EX Mount Point Security Feature Bypass - The NTFS driver supports a new FS control code to set a mount point which the existing sandbox mitigation doesn't support allowing a sandboxed application to set an arbitrary mount point symbolic link.
  2. Endian Firewall 3.3.0 Cross Site Scripting - Endian Firewall version 3.3.0 suffers from a cross site scripting vulnerability.
  3. OpenPGP.js 4.2.0 Signature Bypass / Invalid Curve Attack - OpenPGP.js versions 4.2.0 suffer from invalid curve attack, message signature bypass, and information trust vulnerabilities.
  4. Debian Security Advisory 4505-1 - Debian Linux Security Advisory 4505-1 - Three vulnerabilities were discovered in the HTTP/2 code of Nginx, a high-performance web and reverse proxy server, which could result in denial of service.
  5. FreeBSD Security Advisory - FreeBSD-SA-19:23.midi - FreeBSD Security Advisory - The kernel driver for /dev/midistat implements a handler for read(2). This handler is not thread-safe, and a multi-threaded program can exploit races in the handler to cause it to copy out kernel memory outside the boundaries of midistat's data buffer. The races allow a program to read kernel memory within a 4GB window centered at midistat's data buffer. The buffer is allocated each time the device is opened, so an attacker is not limited to a static 4GB region of memory. On 32-bit platforms, an attempt to trigger the race may cause a page fault in kernel mode, leading to a panic.
  6. Red Hat Security Advisory 2019-2553-01 - Red Hat Security Advisory 2019-2553-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Issues addressed include CPU related, buffer overflow, and information leakage vulnerabilities.
  7. Red Hat Security Advisory 2019-2552-01 - Red Hat Security Advisory 2019-2552-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include a code execution vulnerability.
  8. Wikindx 5.8.2 SQL Injection - Wikindx version 5.8.2 suffers from a remote SQL injection vulnerability.
  9. Snapforce CRM 8.3.0 Cross Site Scripting - Snapforce CRM version 8.3.0 suffers from multiple cross site scripting vulnerabilities.
  10. Clam AntiVirus Toolkit 0.101.4 - Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a command-line scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.

Packetstorm Tools

  1. Clam AntiVirus Toolkit 0.101.4 - Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a command-line scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.
  2. TOR Virtual Network Tunneling Tool 0.4.1.5 - Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).
  3. Haveged 1.9.5 Alpha - haveged is a daemon that feeds the /dev/random pool on Linux using an adaptation of the HArdware Volatile Entropy Gathering and Expansion algorithm invented at IRISA. The algorithm is self-tuning on machines with cpuid support, and has been tested in both 32-bit and 64-bit environments. The tarball uses the GNU build mechanism, and includes self test targets and a spec file for those who want to build an RPM.
  4. Mandos Encrypted File System Unattended Reboot Utility 1.8.8 - The Mandos system allows computers to have encrypted root file systems and at the same time be capable of remote or unattended reboots. The computers run a small client program in the initial RAM disk environment which will communicate with a server over a network. All network communication is encrypted using TLS. The clients are identified by the server using an OpenPGP key that is unique to each client. The server sends the clients an encrypted password. The encrypted password is decrypted by the clients using the same OpenPGP key, and the password is then used to unlock the root file system.
  5. Nmap Port Scanner 7.80 - Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings.
  6. Bro Network Security Monitor 2.6.3 - Bro is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Bro provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Bro has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Bro's user community includes major universities, research labs, supercomputing centers, and open-science communities.
  7. iOS Messaging Tools - This repository contains several tools Project Zero uses to test iPhone messaging. It includes SmsSimulator: an SMS simulator for iPhone, iMessage: tools for sending and dumping iMessage messages, and imapiness: a fuzzer for IMAP clients. See the directory for each tool for further instructions and contact information. This is not an officially supported Google product. These tools were released and presented at BlackHat USA 2019.
  8. Scapy Packet Manipulation Tool 2.4.3 - Scapy is a powerful interactive packet manipulation tool, packet generator, network scanner, network discovery tool, and packet sniffer. It provides classes to interactively create packets or sets of packets, manipulate them, send them over the wire, sniff other packets from the wire, match answers and replies, and more. Interaction is provided by the Python interpreter, so Python programming structures can be used (such as variables, loops, and functions). Report modules are possible and easy to make. It is intended to do the same things as ttlscan, nmap, hping, queso, p0f, xprobe, arping, arp-sk, arpspoof, firewalk, irpas, tethereal, tcpdump, etc.
  9. Mandos Encrypted File System Unattended Reboot Utility 1.8.7 - The Mandos system allows computers to have encrypted root file systems and at the same time be capable of remote or unattended reboots. The computers run a small client program in the initial RAM disk environment which will communicate with a server over a network. All network communication is encrypted using TLS. The clients are identified by the server using an OpenPGP key that is unique to each client. The server sends the clients an encrypted password. The encrypted password is decrypted by the clients using the same OpenPGP key, and the password is then used to unlock the root file system.
  10. SQLMAP - Automatic SQL Injection Tool 1.3.8 - sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.

Packetstorm Exploits

  1. Microsoft Windows SET_REPARSE_POINT_EX Mount Point Security Feature Bypass - The NTFS driver supports a new FS control code to set a mount point which the existing sandbox mitigation doesn't support allowing a sandboxed application to set an arbitrary mount point symbolic link.
  2. Endian Firewall 3.3.0 Cross Site Scripting - Endian Firewall version 3.3.0 suffers from a cross site scripting vulnerability.
  3. Wikindx 5.8.2 SQL Injection - Wikindx version 5.8.2 suffers from a remote SQL injection vulnerability.
  4. Snapforce CRM 8.3.0 Cross Site Scripting - Snapforce CRM version 8.3.0 suffers from multiple cross site scripting vulnerabilities.
  5. KBPublisher 6.0.2.1 SQL Injection - KBPublisher version 6.0.2.1 suffers from multiple remote SQL injection vulnerabilities.
  6. Zoho Corporation ManageEngine ServiceDesk Plus Information Disclosure - Zoho Corporation ManageEngine ServiceDesk Plus 10 versions prior to 10509 suffer from an information leakage vulnerability.
  7. Pulse Secure SSL VPN 8.1R15.1 / 8.2 / 8.3 / 9.0 Arbitrary File Disclosure - This Metasploit module exploits Pulse Secure SSL VPN versions 8.1R15.1, 8.2, 8.3, and 9.0 which suffer from an arbitrary file disclosure vulnerability.
  8. LibreOffice Macro Python Code Execution - This Metasploit module generates an ODT file with a dom loaded event that, when triggered, will execute arbitrary python code and the metasploit payload.
  9. Webmin 1.920 Remote Root - Webmin version 1.920 remote root exploit.
  10. CentOS Control Web Panel (CWP) 0.9.8.851 phpMyAdmin Password Change - CentOS Control Web Panel (CWP) version 0.9.8.851 allows an attacker to change arbitrary passwords.

Securiteam Exploits