Hack Tools/Exploits


Packetstorm Last 10 Files

  1. MagniComp SysInfo mcsiwrapper Privilege Escalation - This Metasploit module attempts to gain root privileges on systems running MagniComp SysInfo versions prior to 10-H64. The .mcsiwrapper suid executable allows loading a config file using the '--configfile' argument. The 'ExecPath' config directive is used to set the executable load path. This Metasploit module abuses this functionality to set the load path resulting in execution of arbitrary code as root. This Metasploit module has been tested successfully with SysInfo version 10-H63 on Fedora 20 x86_64, 10-H32 on Fedora 27 x86_64, 10-H10 on Debian 8 x86_64, and 10-GA on Solaris 10u11 x86.
  2. Radiant CMS 1.1.4 Cross Site Scripting - Radiant CMS version 1.1.4 suffers from a persistent cross site scripting vulnerability.
  3. Gentoo Linux Security Advisory 201802-06 - Gentoo Linux Security Advisory 201802-6 - A vulnerability in LibreOffice might allow remote attackers to read arbitrary files. Versions less than 5.4.5.1 are affected.
  4. Gentoo Linux Security Advisory 201802-05 - Gentoo Linux Security Advisory 201802-5 - A vulnerability has been found in Ruby which may allow for arbitrary command execution. Versions less than 2.2.9:2.2 are affected.
  5. Gentoo Linux Security Advisory 201802-04 - Gentoo Linux Security Advisory 201802-4 - Multiple vulnerabilities were found in MySQL, the worst of which may allow remote execution of arbitrary code. Versions less than 5.6.39 are affected.
  6. Gentoo Linux Security Advisory 201802-03 - Gentoo Linux Security Advisory 201802-3 - Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which may allow execution of arbitrary code. Versions less than 52.6.0 are affected.
  7. Apple Security Advisory 2018-02-19-3 - Apple Security Advisory 2018-02-19-3 - tvOS 11.2.6 is now available and addresses a memory corruption vulnerability.
  8. Rootkit Hunter 1.4.6 - Rootkit Hunter scans files and systems for known and unknown rootkits, backdoors, and sniffers. The package contains one shell script, a few text-based databases, and optional Perl modules. It should run on almost every Unix variety except Solaris and NetBSD.
  9. Debian Security Advisory 4119-1 - Debian Linux Security Advisory 4119-1 - Several security issues have been corrected in multiple demuxers and decoders of the libav multimedia library.
  10. Gentoo Linux Security Advisory 201802-02 - Gentoo Linux Security Advisory 201802-2 - Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result in the execution of arbitrary code. Versions less than 64.0.3282.167 are affected.

Packetstorm Tools

  1. Rootkit Hunter 1.4.6 - Rootkit Hunter scans files and systems for known and unknown rootkits, backdoors, and sniffers. The package contains one shell script, a few text-based databases, and optional Perl modules. It should run on almost every Unix variety except Solaris and NetBSD.
  2. Bro Network Security Monitor 2.5.3 - Bro is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Bro provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Bro has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Bro's user community includes major universities, research labs, supercomputing centers, and open-science communities.
  3. Suricata IDPE 4.0.4 - Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.
  4. Lynis Auditing Tool 2.6.2 - Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.
  5. Mandos Encrypted File System Unattended Reboot Utility 1.7.18 - The Mandos system allows computers to have encrypted root file systems and at the same time be capable of remote or unattended reboots. The computers run a small client program in the initial RAM disk environment which will communicate with a server over a network. All network communication is encrypted using TLS. The clients are identified by the server using an OpenPGP key that is unique to each client. The server sends the clients an encrypted password. The encrypted password is decrypted by the clients using the same OpenPGP key, and the password is then used to unlock the root file system.
  6. Mandos Encrypted File System Unattended Reboot Utility 1.7.17 - The Mandos system allows computers to have encrypted root file systems and at the same time be capable of remote or unattended reboots. The computers run a small client program in the initial RAM disk environment which will communicate with a server over a network. All network communication is encrypted using TLS. The clients are identified by the server using an OpenPGP key that is unique to each client. The server sends the clients an encrypted password. The encrypted password is decrypted by the clients using the same OpenPGP key, and the password is then used to unlock the root file system.
  7. SSLsplit 0.5.2 - SSLsplit is a tool for man-in-the-middle attacks against SSL/TLS encrypted network connections. Connections are transparently intercepted through a network address translation engine and redirected to SSLsplit. SSLsplit terminates SSL/TLS and initiates a new SSL/TLS connection to the original destination address, while logging all data transmitted. SSLsplit is intended to be useful for network forensics and penetration testing.
  8. DNS Spider Multithreaded Bruteforcer 0.9 - DNS Spider is a multi-threaded bruteforcer of subdomains that leverages a wordlist and/or character permutation.
  9. ifchk 1.0.9 - Ifchk is a network interface promiscuous mode detection tool that reports on the operational state of all configured interfaces present on the system. In addition, it will disable those interfaces found to be promiscuous if told to do so. Per-interface statistics can also be displayed, allowing administrators to perform traffic trend analysis, which could be an aid in the identification of possible inconsistencies or spikes in network traffic volume that may warrant further investigation.
  10. I2P 0.9.33 - I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version.

Packetstorm Exploits

  1. MagniComp SysInfo mcsiwrapper Privilege Escalation - This Metasploit module attempts to gain root privileges on systems running MagniComp SysInfo versions prior to 10-H64. The .mcsiwrapper suid executable allows loading a config file using the '--configfile' argument. The 'ExecPath' config directive is used to set the executable load path. This Metasploit module abuses this functionality to set the load path resulting in execution of arbitrary code as root. This Metasploit module has been tested successfully with SysInfo version 10-H63 on Fedora 20 x86_64, 10-H32 on Fedora 27 x86_64, 10-H10 on Debian 8 x86_64, and 10-GA on Solaris 10u11 x86.
  2. Radiant CMS 1.1.4 Cross Site Scripting - Radiant CMS version 1.1.4 suffers from a persistent cross site scripting vulnerability.
  3. Kentico CMS 11 Cross Site Scripting - Kentico CMS versions 9 through 11 suffer from a cross site scripting vulnerability.
  4. Kentico CMS 11 Arbitrary Code Execution - Kentico CMS versions 9 through 11 suffer from a remote code execution vulnerability.
  5. October CMS Cross Site Scripting - October CMS versions prior to 1.0.431 suffer from a cross site scripting vulnerability.
  6. Aastra 6755i SIP SP4 Denial Of Service - Aastra 6755i SIP SP4 suffers from a denial of service vulnerability.
  7. Joomla! Saxum Picker 3.2.10 SQL Injection - Joomla! Saxum Picker component version 3.2.10 suffers from a remote SQL injection vulnerability.
  8. Joomla! SquadManagement 1.0.3 SQL Injection - Joomla! SquadManagement component version 1.0.3 suffers from a remote SQL injection vulnerability.
  9. Joomla! Saxum Numerology 3.0.4 SQL Injection - Joomla! Saxum Numerology component version 3.0.4 suffers from a remote SQL injection vulnerability.
  10. Joomla! Saxum Astro 4.0.14 SQL Injection - Joomla! Saxum Astro component version 4.0.14 suffers from a remote SQL injection vulnerability.

Securiteam Exploits

  1. Zziplib 0.13.62 discovered Denial Of Service Vulnerability - The zzip_mem_entry_extra_block function in memdisk.c in zziplib 0.13.62 allows remote attackers to cause a denial of service (invalid memory read and crash) via a crafted ZIP file.
  2. Oracle Advanced Outbound Telephony component unauthorized Remote Code Execution Vulnerability - Oracle Advanced Outbound Telephony is prone to a remote code-execution vulnerability.This allows a remote attacker to exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts may result in a denial-of-service condition.
  3. Oracle Flexcube Universal Banking 11.3.0 update Remote Code Execution Vulnerability - A local user can exploit a flaw in the Oracle FLEXCUBE Universal Banking Core component to partially access and partially modify data
  4. Oracle Knowledge Management 12.1.3 critical Remote Code Execution Vulnerability - Oracle Knowledge Management is prone to a remote code-execution vulnerability.This allows a remote attacker to exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts may result in a denial-of-service condition.
  5. Oracle Marketing 12.1.1 critical Remote Code Execution Vulnerability - Oracle Marketing is prone to a remote code-execution vulnerability.This allows a remote attacker to exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts may result in a denial-of-service condition.