Hack Tools/Exploits


Packetstorm Last 10 Files

  1. TOR Virtual Network Tunneling Tool 0.3.0.6 - Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).
  2. Microsoft Internet Explorer CStyleSheetArray::BuildListOfMatchedRules Memory Corruption - There is a memory corruption vulnerability in Microsoft Internet Explorer. The vulnerability was confirmed on version 11.576.14393.0 (update version 11.0.38) running on Windows 10 64-bit with page heap enabled for iexplore.exe process.
  3. Ubuntu Security Notice USN-3269-1 - Ubuntu Security Notice 3269-1 - Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 5.5.55 in Ubuntu 14.04 LTS. Ubuntu 16.04 LTS, Ubuntu 16.10 and Ubuntu 17.04 have been updated to MySQL 5.7.18. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Various other issues were also addressed.
  4. FreeBSD Security Advisory - FreeBSD-SA-17:04.ipfilter - FreeBSD Security Advisory - ipfilter(4), capable of stateful packet inspection, using the "keep state" or "keep frags" rule options, will not only maintain the state of connections, such as TCP streams or UDP communication, it also maintains the state of fragmented packets. When a packet fragments are received they are cached in a hash table (and linked list). When a fragment is received it is compared with fragments already cached in the hash table for a match. If it does not match the new entry is used to create a new entry in the hash table. If on the other hand it does match, unfortunately the wrong entry is freed, the entry in the hash table. This results in use after free panic (and for a brief moment prior to the panic a memory leak due to the wrong entry being freed). Carefully feeding fragments that are allowed to pass by an ipfilter(4) firewall can be used to cause a panic followed by reboot loop denial of service attack.
  5. Gentoo Linux Security Advisory 201704-04 - Gentoo Linux Security Advisory 201704-4 - Multiple vulnerabilities have been found in Adobe Flash Player, the worst of which allows remote attackers to execute arbitrary code. Versions less than 25.0.0.148 are affected.
  6. Mercurial Custom hg-ssh Wrapper Remote Code Execution - This Metasploit module takes advantage of custom hg-ssh wrapper implementations that don't adequately validate parameters passed to the hg binary, allowing users to trigger a Python Debugger session, which allows arbitrary Python code execution.
  7. Confluence 6.0.x Information Disclosure - The Confluence drafts diff rest resource made the current content of all blogs and pages in Confluence available without authentication. Attackers who can access the Confluence web interface of a vulnerable version can use this vulnerability to obtain the content of all blogs and pages inside Confluence. All versions of Confluence starting with version 6.0.0 but less than 6.0.7 (the fixed version for 6.0.x) are affected by this vulnerability.
  8. Apache Hadoop DataNode Missed Validation - HDFS clients interact with a servlet on the DataNode to browse the HDFS namespace. The NameNode is provided as a query parameter that is not validated. Apache Hadoop versions 2.6.x and earlier are affected.
  9. Red Hat Security Advisory 2017-1162-01 - Red Hat Security Advisory 2017-1162-01 - Python is an interpreted, interactive, object-oriented programming language that supports modules, classes, exceptions, high-level dynamic data types, and dynamic typing. The python27 packages provide a stable release of Python 2.7 with a number of additional utilities and database connectors for MySQL and PostgreSQL. The python27 Software Collection has been upgraded to version 2.7.13, which provides a number of bug fixes and enhancements over the previous version.
  10. Red Hat Security Advisory 2017-1161-01 - Red Hat Security Advisory 2017-1161-01 - The Apache HTTP Server is a powerful, efficient, and extensible web server. The httpd24 packages provide a recent stable release of version 2.4 of the Apache HTTP Server, along with the mod_auth_kerb module. The httpd24 Software Collection has been upgraded to version 2.4.25, which provides a number of bug fixes and enhancements over the previous version.

Packetstorm Tools

  1. TOR Virtual Network Tunneling Tool 0.3.0.6 - Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).
  2. Uberscan Brute Forcing Tool - Uberscan is an IP scanner and brute forcing tool all in one. Written in perl.
  3. Thycotic Secret Server Data Decrypter - This is a powershell script that decrypts the data stored within a Thycotic Secret Server.
  4. DAVOSET 1.3.2 - DAVOSET is a tool for committing distributed denial of service attacks using execution on other sites.
  5. Packet Fence 7.0.0 - PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
  6. Blue Team Training Toolkit (BT3) 2.2 - Blue Team Training Toolkit (BT3) is an attempt to introduce improvements in current computer network defense analysis training. Based on adversary replication techniques, and with reusability in mind, BT3 allows individuals and organizations to create realistic computer attack scenarios, while reducing infrastructure costs, implementation time and risk. The Blue Team Training Toolkit is written in Python, and it includes the latest versions of Encripto's Maligno and Pcapteller.
  7. 360-FAAR Firewall Analysis Audit And Repair 0.6.2 - 360-FAAR Firewall Analysis Audit and Repair is an offline command line perl policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in checkpoint dbedit or screenos commands.
  8. Wireshark Analyzer 2.2.6 - Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.
  9. Ansvif 1.7 - Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.
  10. rldns Man-In-The-Middle Tool - rldns-mitm is a modified version of rldns version 1.1 to support man-in-the-middle attacks. Whatever dns request is received will always return a single ip address, which has been assigned via a command line argument.

Packetstorm Exploits

  1. Microsoft Internet Explorer CStyleSheetArray::BuildListOfMatchedRules Memory Corruption - There is a memory corruption vulnerability in Microsoft Internet Explorer. The vulnerability was confirmed on version 11.576.14393.0 (update version 11.0.38) running on Windows 10 64-bit with page heap enabled for iexplore.exe process.
  2. Mercurial Custom hg-ssh Wrapper Remote Code Execution - This Metasploit module takes advantage of custom hg-ssh wrapper implementations that don't adequately validate parameters passed to the hg binary, allowing users to trigger a Python Debugger session, which allows arbitrary Python code execution.
  3. LightDM (Ubuntu 16.04/16.10) Privilege Escalation - This advisory describes a local privilege escalation via guest-account in LightDM found in Ubuntu versions 16.10 / 16.04 LTS.
  4. Revive Ad Server 4.0.1 Cross Site Request Forgery / Cross Site Scripting - Revive Ad Server version 4.0.1 suffers from cross site request forgery and cross site scripting vulnerabilities.
  5. WordPress KittyCatfish 2.2 SQL Injection - WordPress KittyCatfish plugin version 2.2 suffers from a remote SQL injection vulnerability.
  6. WordPress Car Rental System 2.5 SQL Injection - WordPress Car Rental System plugin version 2.5 suffers from a remote SQL injection vulnerability.
  7. WordPress Wow Viral Signups 2.1 SQL Injection - WordPress Wow Viral Signups plugin version 2.1 suffers from a remote SQL injection vulnerability.
  8. Joomla jDBexport 3.2.10 Cross Site Scripting / Path Disclosure - Joomla jDBexport component version 3.2.10 suffers from cross site scripting and path disclosure vulnerabilities.
  9. WordPress Wow Forms 2.1 SQL Injection - WordPress Wow Forms plugin version 2.1 suffers from a remote SQL injection vulnerability.
  10. Microsoft Windows 2003 SP2 ERRATICGOPHER SMB Remote Code Execution - Microsoft Windows 2003 SP2 ERRATICGOPHER SMB remote code execution exploit.

Securiteam Exploits

  1. Google Android 7 GPU Obtain Information Vulnerability - Google Android is prone to a gain information vulnerability.This allows local or remote attackers to gain privileges via a malicious program in the affected application
  2. IBM Bigfix Remote Control 9.1.2 Cross Site Scripting Vulnerability - Cross-site scripting (XSS) vulnerability in IBM BigFix Remote Control before 9.1.3 allows remote attackers to inject arbitrary web script or HTML via vectors.
  3. Linux Kernel 4.5.1 Execute Code Vulnerability - Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel before 4.5.2 allows remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing.
  4. Microsoft Internet Explorer 10 Explorer Denial Of Service Execute Code Overflow Memory corruption Vulnerability - Microsoft Internet Explorer is prone to a denial of service (DoS) vulnerability.This allow a remote attacker to cause a denial of service (DoS) condition due to high consumption of system resources via certain vulnerable vectors.
  5. Oracle Agile Product Lifecycle Management Framework confidentiality Remote Code Execution Vulnerability - Oracle Agile Product Lifecycle Management Framework is prone to a remote code-execution vulnerability.This allows a remote attacker to exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts may result in a denial-of-service condition.