Latest Exploits / Tools

Latest Exploits

  • Tue, 21 Oct 2014 02:43:59 +0000: Numara / BMC Track-It! FileStorageService Arbitrary File Upload - Exploit Files ≈ Packet Storm
    This Metasploit module exploits an arbitrary file upload vulnerability in Numara / BMC Track-It! v8 to v11.X. The application exposes the FileStorageService .NET remoting service on port 9010 (9004 for version 8) which accepts unauthenticated uploads. This can be abused by a malicious user to upload a ASP or ASPX file to the web root leading to arbitrary code execution as NETWORK SERVICE or SYSTEM. This Metasploit module has been tested successfully on versions 11.3.0.355, 10.0.51.135, 10.0.50.107, 10.0.0.143, 9.0.30.248 and 8.0.2.51.
  • Tue, 21 Oct 2014 02:43:46 +0000: Joomla Akeeba Kickstart Unserialize Remote Code Execution - Exploit Files ≈ Packet Storm
    This Metasploit module exploits a vulnerability found in Joomla! through 2.5.25, 3.2.5 and earlier 3.x versions and 3.3.0 through 3.3.4 versions. The vulnerability affects the Akeeba component, which is responsible for Joomla! updates. Nevertheless it is worth to note that this vulnerability is only exploitable during the update of the Joomla! CMS.
  • Tue, 21 Oct 2014 02:42:32 +0000: HP Data Protector EXEC_INTEGUTIL Remote Code Execution - Exploit Files ≈ Packet Storm
    This exploit abuses a vulnerability in the HP Data Protector. The vulnerability exists in the Backup client service, which listens by default on TCP/5555. The EXEC_INTEGUTIL request allows to execute arbitrary commands from a restricted directory. Since it includes a perl executable, it's possible to use an EXEC_INTEGUTIL packet to execute arbitrary code. On linux targets, the perl binary isn't on the restricted directory, but an EXEC_BAR packet can be used to access the perl binary, even in the last version of HP Data Protector for linux. This Metasploit module has been tested successfully on HP Data Protector 9 over Windows 2008 R2 64 bits and CentOS 6 64 bits.
  • Tue, 21 Oct 2014 02:39:57 +0000: Windows OLE Package Manager SandWorm Exploit - Exploit Files ≈ Packet Storm
    Proof of concept exploit builder for the OLE flaw in packager.dll.
  • Tue, 21 Oct 2014 01:04:38 +0000: LiteCart 1.1.2.1 Cross Site Scripting - Exploit Files ≈ Packet Storm
    LiteCart version 1.1.2.1 suffers from cross site scripting vulnerabilities.
  • Tue, 21 Oct 2014 00:00:22 +0000: Huawei Mobile Partner DLL Hijacking - Exploit Files ≈ Packet Storm
    Huawei Mobile Partner suffers from a DLL hijacking vulnerability.
  • Mon, 20 Oct 2014 16:27:54 +0000: Newtelligence dasBlog 2.3 Open Redirect - Exploit Files ≈ Packet Storm
    Newtelligence dasBlog versions 2.1 through 2.3 suffer from an open redirection vulnerability.
  • Mon, 20 Oct 2014 16:25:25 +0000: OpenMRS 2.1 Access Bypass / XSS / CSRF - Exploit Files ≈ Packet Storm
    OpenMRS version 2.1 suffers from access bypass, cross site request forgery, and cross site scripting vulnerabilities.
  • Mon, 20 Oct 2014 12:12:12 +0000: Mozilla.org Cross Site Scripting - Exploit Files ≈ Packet Storm
    Multiple mozilla.org subdomains suffer from cross site scripting vulnerabilities.
  • Sun, 19 Oct 2014 10:11:11 +0000: Clockingit.com Cross Site Scripting - Exploit Files ≈ Packet Storm
    Clockingit.com suffers from a persistent cross site scripting vulnerability.
  • Sun, 19 Oct 2014 09:22:22 +0000: Kimai.org Cross Site Request Forgery - Exploit Files ≈ Packet Storm
    Kimai.org suffers from a cross site request forgery vulnerability.
  • Sat, 18 Oct 2014 00:42:31 +0000: MS14-060 Microsoft Windows OLE Package Manager Code Execution - Exploit Files ≈ Packet Storm
    This Metasploit module exploits a vulnerability found in Windows Object Linking and Embedding (OLE) allowing arbitrary code execution, publicly known as "Sandworm". Platforms such as Windows Vista SP2 all the way to Windows 8, Windows Server 2008 and 2012 are known to be vulnerable.
  • Sat, 18 Oct 2014 00:38:38 +0000: Linux PolicyKit Race Condition Privilege Escalation - Exploit Files ≈ Packet Storm
    A race condition flaw was found in the PolicyKit pkexec utility and polkitd daemon. A local user could use this flaw to appear as a privileged user to pkexec, allowing them to execute arbitrary commands as root by running those commands with pkexec. Those vulnerable include RHEL6 prior to polkit-0.96-2.el6_0.1 and Ubuntu libpolkit-backend-1 prior to 0.96-2ubuntu1.1 (10.10) 0.96-2ubuntu0.1 (10.04 LTS) and 0.94-1ubuntu1.1 (9.10).
  • Sat, 18 Oct 2014 00:38:12 +0000: Drupal HTTP Parameter Key/Value SQL Injection - Exploit Files ≈ Packet Storm
    This Metasploit module exploits the Drupal HTTP Parameter Key/Value SQL Injection (aka Drupageddon) in order to achieve a remote shell on the vulnerable instance. This Metasploit module was tested against Drupal 7.0 and 7.31 (was fixed in 7.32).
  • Sat, 18 Oct 2014 00:34:31 +0000: Centreon SQL Injection / Command Injection - Exploit Files ≈ Packet Storm
    Centreon versions 2.5.2 and below and Centreon Enterprise Server versions 2.2 and below and 3.0 and below suffer from remote SQL injection and remote command injection vulnerabilities.
  • Fri, 17 Oct 2014 19:22:22 +0000: Drupal 7.x SQL Injection - Exploit Files ≈ Packet Storm
    Drupal Core versions 7.32 and below remote SQL injection exploit. Written in PHP.
  • Fri, 17 Oct 2014 15:25:12 +0000: Fonality Trixbox CE 2.8.0.4 Command Execution - Exploit Files ≈ Packet Storm
    Fonality Trixbox CE version 2.8.0.4 remote root command execution exploit.
  • Fri, 17 Oct 2014 15:23:35 +0000: Elastix 2.4.0 Stable XSS / CSRF / Command Execution - Exploit Files ≈ Packet Storm
    Elastix version 2.4.0 stable suffers from cross site request forgery, remote command execution, and cross site scripting vulnerabilities.
  • Fri, 17 Oct 2014 09:22:22 +0000: Drupal Core 7.32 SQL Injection - Exploit Files ≈ Packet Storm
    Drupal Core versions 7.32 and below remote SQL injection exploit. Written in Python.
  • Thu, 16 Oct 2014 20:32:22 +0000: SAP Netweaver Enqueue Server Trace Pattern Denial Of Service - Exploit Files ≈ Packet Storm
    Core Security Technologies Advisory - A vulnerability has been found in SAP Netweaver that could allow an unauthenticated, remote attacker to create denial of service conditions. The vulnerability is triggered by sending a specially crafted SAP Enqueue Server packet to remote TCP port 32NN (NN being the SAP system number) of a host running the "Standalone Enqueue Server" service, part of SAP Netweaver Application Server ABAP/Java. The "Standalone Enqueue Server" is a critical component of a SAP Netweaver installation in terms of availability, rendering the whole SAP system unresponsive.

Latest Tools

  • Mon, 20 Oct 2014 18:32:22 +0000: AIEngine 0.10 - Security Tool Files ≈ Packet Storm
    AIEngine is a packet inspection engine with capabilities of learning without any human intervention. It helps network/security professionals to identify traffic and develop signatures for use them on NIDS, Firewalls, Traffic classifiers and so on.
  • Thu, 16 Oct 2014 08:22:22 +0000: WordPress Brute Forcer - Security Tool Files ≈ Packet Storm
    This is a python script that performs brute forcing against WordPress installs using a wordlist.
  • Wed, 15 Oct 2014 23:27:58 +0000: OpenSSL Toolkit 1.0.1j - Security Tool Files ≈ Packet Storm
    OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.
  • Wed, 15 Oct 2014 08:37:21 +0000: Lynis Auditing Tool 1.6.3 - Security Tool Files ≈ Packet Storm
    Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.
  • Tue, 07 Oct 2014 23:53:12 +0000: Mobius Forensic Toolkit 0.5.21 - Security Tool Files ≈ Packet Storm
    Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.
  • Tue, 07 Oct 2014 23:48:19 +0000: OpenSSH 6.7p1 - Security Tool Files ≈ Packet Storm
    This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.
  • Mon, 06 Oct 2014 23:05:12 +0000: Mandos Encrypted File System Unattended Reboot Utility 1.6.9 - Security Tool Files ≈ Packet Storm
    The Mandos system allows computers to have encrypted root file systems and at the same time be capable of remote or unattended reboots. The computers run a small client program in the initial RAM disk environment which will communicate with a server over a network. All network communication is encrypted using TLS. The clients are identified by the server using an OpenPGP key that is unique to each client. The server sends the clients an encrypted password. The encrypted password is decrypted by the clients using the same OpenPGP key, and the password is then used to unlock the root file system.
  • Fri, 03 Oct 2014 01:26:31 +0000: oclHashcat For NVidia 1.31 - Security Tool Files ≈ Packet Storm
    oclHashcat is an advanced GPU hash cracking utility that includes the World's fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker. It also has the first and only GPGPU-based rule engine, focuses on highly iterated modern hashes, single dictionary-based attacks, and more. NVidia version.
  • Fri, 03 Oct 2014 01:17:40 +0000: oclHashcat For AMD 1.31 - Security Tool Files ≈ Packet Storm
    oclHashcat is an advanced GPU hash cracking utility that includes the World's fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker. It also has the first and only GPGPU-based rule engine, focuses on highly iterated modern hashes, single dictionary-based attacks, and more. AMD version.
  • Thu, 02 Oct 2014 00:36:34 +0000: Chatroom Client / Server With AES Encryption Support - Security Tool Files ≈ Packet Storm
    This is a chat system composed of a TCP/IP server daemon in C and its corresponding java client. You can chat with other peers in clear text or AES password based encryption on your own computer network. The AES password encryption and decryption functions is based on 128 bit key which is padded using SHA-256 applied to the provided password. Further details with instructions in README file.
  • Sat, 27 Sep 2014 16:59:52 +0000: Tor-ramdisk i686 UClibc-based Linux Distribution x86 20140925 - Security Tool Files ≈ Packet Storm
    Tor-ramdisk is an i686 uClibc-based micro Linux distribution whose only purpose is to host a Tor server in an environment that maximizes security and privacy. Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. Security is enhanced by employing a monolithically compiled GRSEC/PAX patched kernel and hardened system tools. Privacy is enhanced by turning off logging at all levels so that even the Tor operator only has access to minimal information. Finally, since everything runs in ephemeral memory, no information survives a reboot, except for the Tor configuration file and the private RSA key which may be exported/imported by FTP. x86_64 version.
  • Fri, 26 Sep 2014 12:23:22 +0000: Hakabana 0.2.1 - Security Tool Files ≈ Packet Storm
    Hakabana is an open source monitoring tool that helps you visualize network traffic using Haka and Kibana.
  • Thu, 25 Sep 2014 15:41:30 +0000: TOR Virtual Network Tunneling Tool 0.2.4.24 - Security Tool Files ≈ Packet Storm
    Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).
  • Wed, 24 Sep 2014 16:09:39 +0000: IPTables Bash Completion 1.3 - Security Tool Files ≈ Packet Storm
    iptables-bash_completion provides programmable completion for the iptables and ip6tables programs from netfilter.org. Following the logic of iptables, options are shown only if they are valid at the current context. Additionally to the completion on options, matches and targets, it supports dynamic retrieval of data from the system i.e: chain-, set-names, interfaces, hostnames, etc. Environment variables allow to fine grade completion options. IP and MAC addresses can be fed by file.
  • Wed, 24 Sep 2014 16:07:02 +0000: IPSet List 3.2.1 - Security Tool Files ≈ Packet Storm
    ipset_list is a wrapper script for listing sets of the netfilter ipset program. It allows you to match and display sets, headers, and elements in various ways. Optionally, the output can be colorized.
  • Tue, 23 Sep 2014 17:19:09 +0000: I2P 0.9.15 - Security Tool Files ≈ Packet Storm
    I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version.
  • Tue, 23 Sep 2014 17:14:32 +0000: Suricata IDPE 2.0.4 - Security Tool Files ≈ Packet Storm
    Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.
  • Tue, 23 Sep 2014 17:13:06 +0000: Lynis Auditing Tool 1.6.2 - Security Tool Files ≈ Packet Storm
    Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.
  • Tue, 23 Sep 2014 17:05:30 +0000: Secure rm 1.2.14 - Security Tool Files ≈ Packet Storm
    Secure rm (srm) is a command-line compatible rm(1) which completely destroys file contents before unlinking. The goal is to provide drop in security for users who wish to prevent command line recovery of deleted information, even if the machine is compromised.
  • Tue, 23 Sep 2014 17:01:08 +0000: IPSet Bash Completion 2.6 - Security Tool Files ≈ Packet Storm
    ipset-bash-completion is programmable completion code for the bash shell, to support the ipset program (netfilter.org). It allows you to interactively retrieve and complete options, commands, set names, types, and members.

@Risk Exploits

  • : SANSFIRE 2011 - @RISK: The Consensus Security Alert
    SANSFIRE 2011

ExploitDB