Hack Tools/Exploits


Packetstorm Last 10 Files

  1. Microsoft Office Word Malicious Hta Execution - This Metasploit module creates a malicious RTF file that when opened in vulnerable versions of Microsoft Word will lead to code execution. The flaw exists in how an olelink object can make a http(s) request, and execute hta code in response. This bug was originally seen being exploited in the wild starting in Oct 2016. This Metasploit module was created by reversing a public malware sample.
  2. Solarwinds LEM 6.3.1 Hardcoded Credentials - The Postgres database on Solarwinds Log and Event Manager Virtual Appliance version 6.3.1 has default hardcoded credentials. While some security measures were taken to ensure that network connectivity to the Postgres database wouldn't be possible using IPv4, the same measures were not taken for IPv6.
  3. Solarwinds LEM 6.3.1 Management Shell Arbitrary File Read - The management shell on Solarwinds Log and Event Manager Virtual Appliance version 6.3.1 allows the end user to edit the MOTD banner displayed during SSH logon. The editor provided for this is nano. This editor has a keyboard mapped function which lets the user import a file from the local file system into the editor. An attacker can abuse this to read arbitrary files within the allowed permissions.
  4. Solarwinds LEM 6.3.1 Shell Escape Command Injection - Insufficient input validation in the management interface can be leveraged in order to execute arbitrary commands. This can lead to (root) shell access to the underlying operating system on Solarwinds Log and Event Manager Virtual Appliance version 6.3.1.
  5. Solarwinds LEM 6.3.1 Sudo Script Abuse Privilege Escalation - An attacker can abuse functionality provided by a script which may be run with root privilege in order to elevate privilege on Solarwinds Log and Event Manager Virtual Appliance version 6.3.1.
  6. Solarwinds LEM 6.3.1 Sudo Privilege Escalation - Due to lax filesystem permissions, an attacker can take control of a hardcoded sudo path in order to execute commands as a privileged user on Solarwinds Log and Event Manager Virtual Appliance version 6.3.1.
  7. Microsoft Windows Dolby Audio X2 Service Privilege Escalation - The DAX2API service installed as part of the Realtek Audio Driver on Windows 10 is vulnerable to a privilege escalation vulnerability which allows a normal user to get arbitrary system privileges.
  8. Disk Sorter Enterprise 9.5.12 GET Buffer Overflow - This Metasploit module exploits a stack-based buffer overflow vulnerability in the web interface of Disk Sorter Enterprise version 9.5.12, caused by improper bounds checking of the request path in HTTP GET requests sent to the built-in web server. This Metasploit module has been tested successfully on Windows 7 SP1 x86.
  9. WePresent WiPG-1000 Command Injection - This Metasploit module exploits a command injection vulnerability in an undocumented CGI file in several versions of the WePresent WiPG-1000 devices. Version 2.0.0.7 was confirmed vulnerable, 2.2.3.0 patched this vulnerability.
  10. Red Hat Security Advisory 2017-1119-01 - Red Hat Security Advisory 2017-1119-01 - Oracle Java SE version 6 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update upgrades Oracle Java SE 6 to version 6 Update 151. Security Fix: This update fixes multiple vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.

Packetstorm Tools

  1. Thycotic Secret Server Data Decrypter - This is a powershell script that decrypts the data stored within a Thycotic Secret Server.
  2. DAVOSET 1.3.2 - DAVOSET is a tool for committing distributed denial of service attacks using execution on other sites.
  3. Packet Fence 7.0.0 - PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
  4. Blue Team Training Toolkit (BT3) 2.2 - Blue Team Training Toolkit (BT3) is an attempt to introduce improvements in current computer network defense analysis training. Based on adversary replication techniques, and with reusability in mind, BT3 allows individuals and organizations to create realistic computer attack scenarios, while reducing infrastructure costs, implementation time and risk. The Blue Team Training Toolkit is written in Python, and it includes the latest versions of Encripto's Maligno and Pcapteller.
  5. 360-FAAR Firewall Analysis Audit And Repair 0.6.2 - 360-FAAR Firewall Analysis Audit and Repair is an offline command line perl policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in checkpoint dbedit or screenos commands.
  6. Wireshark Analyzer 2.2.6 - Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.
  7. Ansvif 1.7 - Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.
  8. rldns Man-In-The-Middle Tool - rldns-mitm is a modified version of rldns version 1.1 to support man-in-the-middle attacks. Whatever dns request is received will always return a single ip address, which has been assigned via a command line argument.
  9. Samhain File Integrity Checker 4.2.1 - Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.
  10. DAVOSET 1.3.1 - DAVOSET is a tool for committing distributed denial of service attacks using execution on other sites.

Packetstorm Exploits

  1. Microsoft Office Word Malicious Hta Execution - This Metasploit module creates a malicious RTF file that when opened in vulnerable versions of Microsoft Word will lead to code execution. The flaw exists in how an olelink object can make a http(s) request, and execute hta code in response. This bug was originally seen being exploited in the wild starting in Oct 2016. This Metasploit module was created by reversing a public malware sample.
  2. Solarwinds LEM 6.3.1 Hardcoded Credentials - The Postgres database on Solarwinds Log and Event Manager Virtual Appliance version 6.3.1 has default hardcoded credentials. While some security measures were taken to ensure that network connectivity to the Postgres database wouldn't be possible using IPv4, the same measures were not taken for IPv6.
  3. Solarwinds LEM 6.3.1 Management Shell Arbitrary File Read - The management shell on Solarwinds Log and Event Manager Virtual Appliance version 6.3.1 allows the end user to edit the MOTD banner displayed during SSH logon. The editor provided for this is nano. This editor has a keyboard mapped function which lets the user import a file from the local file system into the editor. An attacker can abuse this to read arbitrary files within the allowed permissions.
  4. Solarwinds LEM 6.3.1 Shell Escape Command Injection - Insufficient input validation in the management interface can be leveraged in order to execute arbitrary commands. This can lead to (root) shell access to the underlying operating system on Solarwinds Log and Event Manager Virtual Appliance version 6.3.1.
  5. Solarwinds LEM 6.3.1 Sudo Script Abuse Privilege Escalation - An attacker can abuse functionality provided by a script which may be run with root privilege in order to elevate privilege on Solarwinds Log and Event Manager Virtual Appliance version 6.3.1.
  6. Solarwinds LEM 6.3.1 Sudo Privilege Escalation - Due to lax filesystem permissions, an attacker can take control of a hardcoded sudo path in order to execute commands as a privileged user on Solarwinds Log and Event Manager Virtual Appliance version 6.3.1.
  7. Disk Sorter Enterprise 9.5.12 GET Buffer Overflow - This Metasploit module exploits a stack-based buffer overflow vulnerability in the web interface of Disk Sorter Enterprise version 9.5.12, caused by improper bounds checking of the request path in HTTP GET requests sent to the built-in web server. This Metasploit module has been tested successfully on Windows 7 SP1 x86.
  8. WePresent WiPG-1000 Command Injection - This Metasploit module exploits a command injection vulnerability in an undocumented CGI file in several versions of the WePresent WiPG-1000 devices. Version 2.0.0.7 was confirmed vulnerable, 2.2.3.0 patched this vulnerability.
  9. Gnome Keyring Daemon Credential Disclosure - The gnome-keyring-daemon is vulnerable to local credential disclosure as it leaves credentials accessible in memory.
  10. SquirrelMail 1.4.22 Remote Code Execution - SquirrelMail versions 1.4.22 and below suffer from a remote code execution vulnerability.

Securiteam Exploits

  1. Google Android 7 GPU Obtain Information Vulnerability - Google Android is prone to a gain information vulnerability.This allows local or remote attackers to gain privileges via a malicious program in the affected application
  2. IBM Bigfix Remote Control 9.1.2 Cross Site Scripting Vulnerability - Cross-site scripting (XSS) vulnerability in IBM BigFix Remote Control before 9.1.3 allows remote attackers to inject arbitrary web script or HTML via vectors.
  3. Linux Kernel 4.5.1 Execute Code Vulnerability - Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel before 4.5.2 allows remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing.
  4. Microsoft Internet Explorer 10 Explorer Denial Of Service Execute Code Overflow Memory corruption Vulnerability - Microsoft Internet Explorer is prone to a denial of service (DoS) vulnerability.This allow a remote attacker to cause a denial of service (DoS) condition due to high consumption of system resources via certain vulnerable vectors.
  5. Oracle Agile Product Lifecycle Management Framework confidentiality Remote Code Execution Vulnerability - Oracle Agile Product Lifecycle Management Framework is prone to a remote code-execution vulnerability.This allows a remote attacker to exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts may result in a denial-of-service condition.