Latest Exploits / Tools

Latest Exploits

  • Tue, 30 Jun 2015 00:12:59 +0000: Watchguard XCS 10.0 SQL Injection / Command Execution - Exploit Files ≈ Packet Storm
    The Watchguard XCS virtual appliance contains a number of vulnerabilities, including unauthenticated SQL injection, command execution and privilege escalation. By combining these vulnerabilities, an attacker may remotely obtain root privileges on the underlying host. Versions 10.0 and below are affected.
  • Tue, 30 Jun 2015 00:10:01 +0000: WedgeOS 4.0.4 Arbitrary File Read / Command Execution - Exploit Files ≈ Packet Storm
    Wedge Networks WedgeOS Virtual Appliance contains a number of security vulnerabilities, including unauthenticated arbitrary file read as root, command injection in the web interface, privilege escalation to root, and command execution via the system update functionality. Versions 4.0.4 and below are affected.
  • Tue, 30 Jun 2015 00:03:33 +0000: CollabNet Subversion Edge Management Tail LFI - Exploit Files ≈ Packet Storm
    The CollabNet Subversion Edge Management Frontend allows authenticated admins to read arbitrary local files via logfile "filename" parameter of the tail action. Fixed in version 5.0. Version 4.0.11 is affected.
  • Tue, 30 Jun 2015 00:02:12 +0000: NetIQ Access Manager 4.0 SP1 XXE Injection - Exploit Files ≈ Packet Storm
    NetIQ Access Manager is vulnerable to XXE injection attacks.
  • Tue, 30 Jun 2015 00:01:11 +0000: CollabNet Subversion Edge Management listViewItem LFI - Exploit Files ≈ Packet Storm
    The CollabNet Subversion Edge Management Frontend allows authenticated admins to read arbitrary local files via logfile "listViewItem" parameter of the "index" action. Fixed in version 5.0. Version 4.0.11 is affected.
  • Tue, 30 Jun 2015 00:01:11 +0000: CollabNet Subversion Edge Management Show LFI - Exploit Files ≈ Packet Storm
    The CollabNet Subversion Edge Management Frontend allows authenticated admins to read arbitrary local files via logfile "filename" parameter of the show action. Fixed in version 5.0. Version 4.0.11 is affected.
  • Mon, 29 Jun 2015 16:15:45 +0000: GetSimple CMS 5.7.3.1 Cross Site Scripting - Exploit Files ≈ Packet Storm
    GetSimple CMS version 5.7.3.1 suffers from a persistent cross site scripting vulnerability.
  • Mon, 29 Jun 2015 16:14:27 +0000: MODX Revolution 2.3.3-pl Cross Site Scripting - Exploit Files ≈ Packet Storm
    MODX Revolution version 2.3.3-pl suffers from multiple cross site scripting vulnerabilities.
  • Mon, 29 Jun 2015 16:10:51 +0000: Fiyo CMS 2.0_1.9.1 SQL Injection - Exploit Files ≈ Packet Storm
    Fiyo CMS version 2.0_1.9.1 suffers from multiple remote SQL injection vulnerabilities.
  • Mon, 29 Jun 2015 16:05:22 +0000: Novius OS 5.0.1-elche XSS / LFI / Open Redirect - Exploit Files ≈ Packet Storm
    Novius OS version 5.0.1-elche suffers from cross site scripting, local file inclusion, and open redirection vulnerabilities.
  • Mon, 29 Jun 2015 15:52:22 +0000: CollabNet Subversion Edge Management downloadHook LFI - Exploit Files ≈ Packet Storm
    The CollabNet Subversion Edge Management Frontend allows authenticated admins to read arbitrary local files via logfile "filename" parameter of the "downloadHook" action. Fixed in version 5.0.
  • Mon, 29 Jun 2015 15:44:44 +0000: CollabNet Subversion Edge Management Credential Leak - Exploit Files ≈ Packet Storm
    The CollabNet Subversion Edge Management Frontend leaks the unsalted MD5 hash of password of the currently logged in user via a "POST /csvn/user/index" request. An attacker that exploits an XSS or has gained a valid session via other means is able to retrieve the unsalted MD5 hash of the corresponding user and easily crack the hash in order to know the users password. Fixed in version 5.0.
  • Mon, 29 Jun 2015 12:22:22 +0000: Huawei Home Gateway HG530 / HG520b Password Disclosure / Change - Exploit Files ≈ Packet Storm
    Two exploits for Huawei Home Gateway versions HG530 and HG520b that allow for password disclosure and password change.
  • Mon, 29 Jun 2015 04:44:44 +0000: CollabNet Subversion Edge Management Frontend Privilege Escalation - Exploit Files ≈ Packet Storm
    The CollabNet Subversion Edge Management Frontend allows authenticated administrators to escalate their privileges by creating and executing hook scripts. As a result they are able to execute arbitrary commands as the user the Management Frontend is running under without authenticating with valid credentials. Fixed in version 5.0.
  • Sun, 28 Jun 2015 15:55:55 +0000: C2Box 4.0.0 r19171 Cross Site Request Forgery - Exploit Files ≈ Packet Storm
    C2Box version 4.0.0 r19171 suffers from a cross site request forgery vulnerability.
  • Sun, 28 Jun 2015 14:44:44 +0000: PivotX 2.3.10 Session Fixation / XSS / Code Execution - Exploit Files ≈ Packet Storm
    PivotX version 2.3.10 suffers from session fixation, code execution, and cross site scripting vulnerabilities.
  • Sat, 27 Jun 2015 00:27:20 +0000: Adobe Flash Player Drawing Fill Shader Memory Corruption - Exploit Files ≈ Packet Storm
    This Metasploit module exploits a memory corruption happening when applying a Shader as a drawing fill as exploited in the wild on June 2015. This Metasploit module has been tested successfully on: Windows 7 SP1 (32-bit), IE11 and Adobe Flash 17.0.0.188, Windows 7 SP1 (32-bit), Firefox 38.0.5 and Adobe Flash 17.0.0.188, Windows 8.1, Firefox 38.0.5 and Adobe Flash 17.0.0.188, and Linux Mint "Rebecca" (32 bits), Firefox 33.0 and Adobe Flash 11.2.202.460.
  • Fri, 26 Jun 2015 23:55:55 +0000: Polycom RealPresence Resource Manager (RPRM) Disclosure / Traversal - Exploit Files ≈ Packet Storm
    By combining all vulnerabilities documented in this advisory an unprivileged authenticated remote attacker can gain full system access (root) on the RPRM appliance. This has an impact on all conferences taking place via this RP Resource Manager. Attackers can steal all conference passcodes and join or record any conference. Versions prior to 8.4 are affected.
  • Fri, 26 Jun 2015 23:02:22 +0000: Koha ILS 3.20.x CSRF / XSS / Traversal / SQL Injection - Exploit Files ≈ Packet Storm
    Koha ILS suffers from cross site request forgery, cross site scripting, remote SQL injection, and path traversal vulnerabilities. Versions 3.20.x less than or equal to 3.20.1, 3.18.x less than or equal to 3.18.8, and 3.16.x less than or equal to 3.16.12 are affected.
  • Fri, 26 Jun 2015 19:34:44 +0000: NETGEAR ProSafe Cross Site Scripting / SQL Injection / Header Injection - Exploit Files ≈ Packet Storm
    NETGEAR ProSafe suffers from cross site scripting, header injection, and remote SQL injection vulnerabilities.

Latest Tools

  • Sun, 28 Jun 2015 06:22:22 +0000: TRENDnet TEW-818RDU PIN Disclosure - Security Tool Files ≈ Packet Storm
    TRENDnet TEW-818RDU versions 1 ("ac1900") and 2 ("ac3200") PIN disclosure exploit.
  • Fri, 26 Jun 2015 13:33:33 +0000: Htcap Analysis Tool Alpha 0.1 - Security Tool Files ≈ Packet Storm
    Htcap is a web application analysis tool for detecting communications between javascript and the server. It crawls the target application and maps ajax calls, dynamically inserted scripts, websockets calls, dynamically loaded resources and some interesting elements. The generated report is meant to be a good starting point for a manual web application security audit. Htcap is written in python and uses phantomjs to load pages injecting a probe that analyzes javascript behaviour. Once injected, the probe, overrides native javascript methods in order to intercept communications and DOM changes. It also simulates user interaction by firing all attached events and by filling html inputs.
  • Thu, 25 Jun 2015 14:11:31 +0000: AESshell 0.7 - Security Tool Files ≈ Packet Storm
    AESshell is a backconnect shell for Windows and Unix written in python and uses AES in CBC mode in conjunction with HMAC-SHA256 for secure transport. Written in python but also includes a Windows binary.
  • Thu, 25 Jun 2015 03:33:33 +0000: Find DNS Scanner - Security Tool Files ≈ Packet Storm
    find_dns is a tool that scans networks looking for DNS servers.
  • Tue, 23 Jun 2015 10:22:22 +0000: Smalisca 0.2 - Security Tool Files ≈ Packet Storm
    Smalisca is a static code analysis tool for Smali files.
  • Mon, 22 Jun 2015 22:22:22 +0000: Tor-ramdisk i686 UClibc-based Linux Distribution x86 20150616 - Security Tool Files ≈ Packet Storm
    Tor-ramdisk is an i686 uClibc-based micro Linux distribution whose only purpose is to host a Tor server in an environment that maximizes security and privacy. Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. Security is enhanced by employing a monolithically compiled GRSEC/PAX patched kernel and hardened system tools. Privacy is enhanced by turning off logging at all levels so that even the Tor operator only has access to minimal information. Finally, since everything runs in ephemeral memory, no information survives a reboot, except for the Tor configuration file and the private RSA key which may be exported/imported by FTP. x86_64 version.
  • Thu, 18 Jun 2015 23:33:33 +0000: Packet Fence 5.2.0 - Security Tool Files ≈ Packet Storm
    PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
  • Wed, 17 Jun 2015 23:23:23 +0000: Wireshark Analyzer 1.12.6 - Security Tool Files ≈ Packet Storm
    Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.
  • Mon, 15 Jun 2015 16:16:22 +0000: OpenSSL Toolkit 1.0.2c - Security Tool Files ≈ Packet Storm
    OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.
  • Mon, 15 Jun 2015 00:22:22 +0000: VBScan Vulnerability Scanner - Security Tool Files ≈ Packet Storm
    VBScan is a black box vBulletin vulnerability scanner written in perl.
  • Fri, 12 Jun 2015 00:44:12 +0000: OpenSSL Toolkit 1.0.2b - Security Tool Files ≈ Packet Storm
    OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.
  • Fri, 12 Jun 2015 00:43:14 +0000: TOR Virtual Network Tunneling Tool 0.2.6.9 - Security Tool Files ≈ Packet Storm
    Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).
  • Wed, 10 Jun 2015 02:06:20 +0000: Bro Network Security Monitor 2.4 - Security Tool Files ≈ Packet Storm
    Bro is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Bro provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Bro has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Bro's user community includes major universities, research labs, supercomputing centers, and open-science communities.
  • Tue, 09 Jun 2015 19:32:22 +0000: Samhain File Integrity Checker 3.1.6 - Security Tool Files ≈ Packet Storm
    Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.
  • Sun, 07 Jun 2015 17:45:58 +0000: pyClamd 0.3.15 - Security Tool Files ≈ Packet Storm
    pyClamd is a python interface to Clamd (Clamav daemon). By using pyClamd, you can add virus detection capabilities to your python software in an efficient and easy way. Instead of pyClamav which uses libclamav, pyClamd may be used by a closed source product.
  • Sun, 07 Jun 2015 05:55:55 +0000: BruteX 1.1 - Security Tool Files ≈ Packet Storm
    BruteX is a bash script that wraps nmap, hydra, and wfuzz to perform scanning with automatic brute forcing.
  • Tue, 02 Jun 2015 13:03:33 +0000: I2P 0.9.20 - Security Tool Files ≈ Packet Storm
    I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version.
  • Mon, 01 Jun 2015 23:59:12 +0000: Tor-ramdisk i686 UClibc-based Linux Distribution x86 20150531 - Security Tool Files ≈ Packet Storm
    Tor-ramdisk is an i686 uClibc-based micro Linux distribution whose only purpose is to host a Tor server in an environment that maximizes security and privacy. Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. Security is enhanced by employing a monolithically compiled GRSEC/PAX patched kernel and hardened system tools. Privacy is enhanced by turning off logging at all levels so that even the Tor operator only has access to minimal information. Finally, since everything runs in ephemeral memory, no information survives a reboot, except for the Tor configuration file and the private RSA key which may be exported/imported by FTP. x86_64 version.
  • Mon, 01 Jun 2015 23:48:54 +0000: Maligno 2.2 - Security Tool Files ≈ Packet Storm
    Maligno is an open source penetration testing tool written in python, that serves Metasploit payloads. It generates shellcode with msfvenom and transmits it over HTTP or HTTPS. The shellcode is encrypted with AES and encoded with Base64 prior to transmission.
  • Fri, 29 May 2015 15:55:55 +0000: Smart PCAP Replay 1.0 - Security Tool Files ≈ Packet Storm
    This is a tool to replay packet captures and simulate client/server models when doing analysis. Written in Python.

@Risk Exploits

  • : SANSFIRE 2011 - @RISK: The Consensus Security Alert
    SANSFIRE 2011

ExploitDB