Hack Tools/Exploits


Packetstorm Last 10 Files

  1. EMC Isilon OneFS Privilege Escalation - EMC Isilon OneFS is affected by a privilege escalation vulnerability that could potentially be exploited by attackers to compromise the affected system. Versions affected include 7.1.x, 7.2.0 through 7.2.1.4, 8.0.0 through 8.0.0.3, and 8.0.1.0.
  2. EMC Avamar File Upload / Authentication Bypass - EMC Avamar suffers from authentication bypass and remote file upload vulnerabilities.
  3. WordPress Download Manager 2.9.46 / 2.9.51 Cross Site Scripting - WordPress Download Manager plugin versions 2.9.46 and 2.9.51 suffer from a cross site scripting vulnerability.
  4. WordPress Photo Gallery 1.3.34 / 1.3.42 Path Traversal - WordPress Photo Gallery plugin versions 1.3.34 and 1.3.42 suffer from a path traversal vulnerability.
  5. Unrar VMSF_DELTA Arbitrary Memory Write - It appears that the VMSF_DELTA memory corruption that was reported to Sophos AV in 2012 (and fixed there) was actually inherited from upstream unrar. For unknown reasons, whoever fixed the bug did not report this to upstream unrar, and the bug seems to have persisted there to this day.
  6. Bitdefender Malicious RAR Denial Of Service - Bitdefender AV crashes when fed malicious RAR files from 2013.
  7. Microsoft Windows Kernel nt!NtQueryInformationWorkerFactory Stack Memory Disclosure - The Microsoft Windows kernel suffers from a stack memory disclosure vulnerability in nt!NtQueryInformationWorkerFactory (WorkerFactoryBasicInformation).
  8. Microsoft Windows Kernel ATMFD.DLL Malformed Index Out-Of-Bounds Read - The Microsoft Windows kernel suffers from an ATMFD.DLL out-of-bounds read vulnerability via a malformed Name INDEX in the CFF table.
  9. Microsoft Windows Kernel nt!NtQueryInformationResourceManager Stack Memory Disclosure - The Microsoft Windows kernel suffers from a stack memory disclosure vulnerability in nt!NtQueryInformationResourceManager (information class 0).
  10. Microsoft Windows Uniscribe USP10!otlReverseChainingLookup::apply Out-Of-Bounds Memory Read - Microsoft Windows suffers from a Uniscribe font processing out-of-bounds memory read vulnerability in USP10!otlReverseChainingLookup::apply.

Packetstorm Tools

  1. MySQL G0ld Brute Forcing Utility - MySQL G0ld is a program that issues brute force attacks against a MySQL Server using a supplied wordlist.
  2. Mobius Forensic Toolkit 0.5.28 - Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.
  3. Nmap Port Scanner 7.50 - Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings.
  4. Hashcat Advanced Password Recovery 3.6.0 Source Code - Hashcat is an advanced GPU hash cracking utility that includes the World's fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker. It also has the first and only GPGPU-based rule engine, focuses on highly iterated modern hashes, single dictionary-based attacks, and more. This is the source code release.
  5. Hashcat Advanced Password Recovery 3.6.0 Binary Release - Hashcat is an advanced GPU hash cracking utility that includes the World's fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker. It also has the first and only GPGPU-based rule engine, focuses on highly iterated modern hashes, single dictionary-based attacks, and more. This is the binary release.
  6. WPForce 1.0.0 - WPForce is a suite of WordPress Attack tools. Currently this contains 2 scripts - WPForce, which brute forces logins via the API, and Yertle, which uploads shells once admin credentials have been found. Yertle also contains a number of post exploitation modules.
  7. TOR Virtual Network Tunneling Tool 0.3.0.8 - Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).
  8. Suricata IDPE 3.2.2 - Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.
  9. Proxmark 3.0.0 - The proxmark3 is a powerful general purpose RFID tool, the size of a deck of cards, designed to snoop, listen and emulate everything from Low Frequency (125kHz) to High Frequency (13.56MHz) tags. This repository contains enough software, logic (for the FPGA), and design documentation for the hardware that you could, at least in theory, do something useful with a proxmark3.
  10. Wireshark Analyzer 2.2.7 - Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.

Packetstorm Exploits

  1. WordPress Download Manager 2.9.46 / 2.9.51 Cross Site Scripting - WordPress Download Manager plugin versions 2.9.46 and 2.9.51 suffer from a cross site scripting vulnerability.
  2. WordPress Photo Gallery 1.3.34 / 1.3.42 Path Traversal - WordPress Photo Gallery plugin versions 1.3.34 and 1.3.42 suffer from a path traversal vulnerability.
  3. Unrar VMSF_DELTA Arbitrary Memory Write - It appears that the VMSF_DELTA memory corruption that was reported to Sophos AV in 2012 (and fixed there) was actually inherited from upstream unrar. For unknown reasons, whoever fixed the bug did not report this to upstream unrar, and the bug seems to have persisted there to this day.
  4. Bitdefender Malicious RAR Denial Of Service - Bitdefender AV crashes when fed malicious RAR files from 2013.
  5. Microsoft Windows Kernel nt!NtQueryInformationWorkerFactory Stack Memory Disclosure - The Microsoft Windows kernel suffers from a stack memory disclosure vulnerability in nt!NtQueryInformationWorkerFactory (WorkerFactoryBasicInformation).
  6. Microsoft Windows Kernel ATMFD.DLL Malformed Index Out-Of-Bounds Read - The Microsoft Windows kernel suffers from an ATMFD.DLL out-of-bounds read vulnerability via a malformed Name INDEX in the CFF table.
  7. Microsoft Windows Kernel nt!NtQueryInformationResourceManager Stack Memory Disclosure - The Microsoft Windows kernel suffers from a stack memory disclosure vulnerability in nt!NtQueryInformationResourceManager (information class 0).
  8. Microsoft Windows Uniscribe USP10!otlReverseChainingLookup::apply Out-Of-Bounds Memory Read - Microsoft Windows suffers from a Uniscribe font processing out-of-bounds memory read vulnerability in USP10!otlReverseChainingLookup::apply.
  9. Microsoft Windows Uniscribe USP10!otlValueRecord::adjustPos Out-Of-Bounds Memory Read - Microsoft Windows suffers from a Uniscribe font processing out-of-bounds memory read vulnerability in USP10!otlValueRecord::adjustPos.
  10. Microsoft Windows Uniscribe USP10!otlSinglePosLookup::getCoverageTable Out-Of-Bounds Memory Read - Microsoft Windows suffers from a Uniscribe font processing out-of-bounds memory read vulnerability in USP10!otlSinglePosLookup::getCoverageTable.

Securiteam Exploits

  1. IBM Bigfix Remote Control 9.1.2 Cross Site Scripting Vulnerability - Cross-site scripting (XSS) vulnerability in IBM BigFix Remote Control before 9.1.3 allows remote attackers to inject arbitrary web script or HTML via vectors.
  2. Linux Kernel 4.5.1 Execute Code Vulnerability - Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel before 4.5.2 allows remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing.
  3. Microsoft Internet Explorer 10 Explorer Denial Of Service Execute Code Overflow Memory corruption Vulnerability - Microsoft Internet Explorer is prone to a denial of service (DoS) vulnerability.This allow a remote attacker to cause a denial of service (DoS) condition due to high consumption of system resources via certain vulnerable vectors.
  4. Oracle Agile Product Lifecycle Management Framework confidentiality Remote Code Execution Vulnerability - Oracle Agile Product Lifecycle Management Framework is prone to a remote code-execution vulnerability.This allows a remote attacker to exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts may result in a denial-of-service condition.
  5. Oracle Mysql 5.7.13 Remote Code Execution Vulnerability - vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB.