Hack Tools/Exploits


Packetstorm Last 10 Files

  1. ZKTime Web Software 2.0 Insecure Direct Object Reference - ZKTime Web Software version 2.0 suffers from an insecure direct object reference vulnerability.
  2. ZKTime Web Software 2.0 Cross Site Request Forgery - ZKTime Web Software version 2.0 suffers from a cross site request forgery vulnerability.
  3. Red Hat Security Advisory 2017-2998-01 - Red Hat Security Advisory 2017-2998-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix: Multiple flaws were discovered in the RMI and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. It was discovered that the Kerberos client implementation in the Libraries component of OpenJDK used the sname field from the plain text part rather than encrypted part of the KDC reply message. A man-in-the-middle attacker could possibly use this flaw to impersonate Kerberos services to Java applications acting as Kerberos clients.
  4. Red Hat Security Advisory 2017-2997-01 - Red Hat Security Advisory 2017-2997-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 62.0.3202.62. Security Fix: Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information when visited by the victim.
  5. Debian Security Advisory 4003-1 - Debian Linux Security Advisory 4003-1 - Daniel P. Berrange reported that Libvirt, a virtualisation abstraction library, does not properly handle the default_tls_x509_verify (and related) parameters in qemu.conf when setting up TLS clients and servers in QEMU, resulting in TLS clients for character devices and disk devices having verification turned off and ignoring any errors while validating the server certificate.
  6. Debian Security Advisory 4002-1 - Debian Linux Security Advisory 4002-1 - Several issues have been discovered in the MySQL database server. The vulnerabilities are addressed by upgrading MySQL to the new upstream version 5.5.58, which includes additional changes, such as performance improvements, bug fixes, new features, and possibly incompatible changes. Please see the MySQL 5.5 Release Notes and Oracle's Critical Patch Update advisory for further details.
  7. Mozilla Firefox Username Denial Of Service - Mozilla Firefox versions prior to 55 suffer from a long username denial of service vulnerability.
  8. Red Hat Security Advisory 2017-2972-01 - Red Hat Security Advisory 2017-2972-01 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix: A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash.
  9. Red Hat Security Advisory 2017-2966-01 - Red Hat Security Advisory 2017-2966-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. The ansible packages have been upgraded to upstream version 2.4.0, which provides a number of bug fixes and enhancements over the previous version. For more information, please see the Ansible 2.4 Porting Guide linked in the References section.
  10. Red Hat Security Advisory 2017-2931-01 - Red Hat Security Advisory 2017-2931-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix: Out-of-bounds kernel heap access vulnerability was found in xfrm, kernel's IP framework for transforming packets. An error dealing with netlink messages from an unprivileged user leads to arbitrary read/write and privilege escalation. A race condition issue leading to a use-after-free flaw was found in the way the raw packet sockets are implemented in the Linux kernel networking subsystem handling synchronization. A local user able to open a raw packet socket could use this flaw to elevate their privileges on the system.

Packetstorm Tools

  1. Suricata IDPE 4.0.1 - Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.
  2. Faraday 2.6.3 - Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.
  3. Bro Network Security Monitor 2.5.2 - Bro is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Bro provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Bro has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Bro's user community includes major universities, research labs, supercomputing centers, and open-science communities.
  4. Macro Pack 1.1 - macro_pack is a tool used to automate obfuscation and generation of MS Office documents for penetration testing, demo, and social engineering assessments. The goal of macro_pack is to simplify bypassing anti-malware solutions and automate the process from vba generation to final Office document generation.
  5. Falco 0.8.1 - Sysdig falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.
  6. Wireshark Analyzer 2.4.2 - Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.
  7. OpenSSH 7.6p1 - This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.
  8. Packet Fence 7.3.0 - PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
  9. TestSSL 2.9.5 - testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws, and much more. It is written in (pure) bash, makes only use of standard Unix utilities, openssl and last but not least bash sockets.
  10. TOR Virtual Network Tunneling Tool 0.3.1.7 - Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).

Packetstorm Exploits

  1. ZKTime Web Software 2.0 Insecure Direct Object Reference - ZKTime Web Software version 2.0 suffers from an insecure direct object reference vulnerability.
  2. ZKTime Web Software 2.0 Cross Site Request Forgery - ZKTime Web Software version 2.0 suffers from a cross site request forgery vulnerability.
  3. Mozilla Firefox Username Denial Of Service - Mozilla Firefox versions prior to 55 suffer from a long username denial of service vulnerability.
  4. Xen Unbounded Recursion In Pagetable De-Typing - Xen allows pagetables of the same level to map each other as readonly in PV domains. This is useful if a guest wants to use the self-referential pagetable trick for easy access to pagetables by mapped virtual address.
  5. Microsoft Windows GDFMaker 6.3.9600.16384 XXE Injection - Microsoft Windows Game Definition File Editor (GDFMaker) version 6.3.9600.16384 suffers from an XML external entity injection vulnerability.
  6. Apache Solr 7.0.1 XXE Injection / Code Execution - Apache Solar version 7.0.1 suffers from XML external entity injection and remote code execution vulnerabilities.
  7. Career Portal 1.0 SQL Injection - Career Portal version 1.0 suffers from a remote SQL injection vulnerability.
  8. WordPress Car Park Booking SQL Injection - WordPress Car Park Booking plugin suffers from a remote SQL injection vulnerability.
  9. Afian AB FileRun 2017.03.18 CSRF / Shell Upload / XSS / Redirection - Afian AB FileRun version 2017.03.18 suffers from cross site request forgery, cross site scripting, open redirection, remote shell upload, and various other vulnerabilities.
  10. Linksys E Series CSRF / XSS / Denial Of Service / Header Injection - Linksys E series devices suffer from cross site request forgery, cross site scripting, header injection, denial of service, and various other vulnerabilities.

Securiteam Exploits

  1. Zziplib 0.13.62 discovered Denial Of Service Vulnerability - The zzip_mem_entry_extra_block function in memdisk.c in zziplib 0.13.62 allows remote attackers to cause a denial of service (invalid memory read and crash) via a crafted ZIP file.
  2. Oracle Advanced Outbound Telephony component unauthorized Remote Code Execution Vulnerability - Oracle Advanced Outbound Telephony is prone to a remote code-execution vulnerability.This allows a remote attacker to exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts may result in a denial-of-service condition.
  3. Oracle Flexcube Universal Banking 11.3.0 update Remote Code Execution Vulnerability - A local user can exploit a flaw in the Oracle FLEXCUBE Universal Banking Core component to partially access and partially modify data
  4. Oracle Knowledge Management 12.1.3 critical Remote Code Execution Vulnerability - Oracle Knowledge Management is prone to a remote code-execution vulnerability.This allows a remote attacker to exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts may result in a denial-of-service condition.
  5. Oracle Marketing 12.1.1 critical Remote Code Execution Vulnerability - Oracle Marketing is prone to a remote code-execution vulnerability.This allows a remote attacker to exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts may result in a denial-of-service condition.