Latest Exploits / Tools

Latest Exploits

  • Thu, 19 Oct 2017 03:33:33 +0000: Xen Unbounded Recursion In Pagetable De-Typing - Exploit Files ≈ Packet Storm
    Xen allows pagetables of the same level to map each other as readonly in PV domains. This is useful if a guest wants to use the self-referential pagetable trick for easy access to pagetables by mapped virtual address.
  • Wed, 18 Oct 2017 23:23:23 +0000: Microsoft Windows GDFMaker 6.3.9600.16384 XXE Injection - Exploit Files ≈ Packet Storm
    Microsoft Windows Game Definition File Editor (GDFMaker) version 6.3.9600.16384 suffers from an XML external entity injection vulnerability.
  • Tue, 17 Oct 2017 23:23:23 +0000: Afian AB FileRun 2017.03.18 CSRF / Shell Upload / XSS / Redirection - Exploit Files ≈ Packet Storm
    Afian AB FileRun version 2017.03.18 suffers from cross site request forgery, cross site scripting, open redirection, remote shell upload, and various other vulnerabilities.
  • Tue, 17 Oct 2017 23:01:11 +0000: Linksys E Series CSRF / XSS / Denial Of Service / Header Injection - Exploit Files ≈ Packet Storm
    Linksys E series devices suffer from cross site request forgery, cross site scripting, header injection, denial of service, and various other vulnerabilities.
  • Tue, 17 Oct 2017 13:54:07 +0000: Webtrekk Pixel Tracking Cross Site Scripting - Exploit Files ≈ Packet Storm
    Webtrekk Pixel Track versions 3.24 to 3.40, 4.00 to 4.40, and 5.00 to 5.04 suffer from a cross site scripting vulnerability.
  • Mon, 16 Oct 2017 17:32:22 +0000: 3CX Phone System 15.5.3554.1 Directory Traversal - Exploit Files ≈ Packet Storm
    3CX Phone System version 15.5.3554.1 suffers from an authentication directory traversal vulnerability.
  • Mon, 16 Oct 2017 14:02:22 +0000: Windows Kernel Pool nt!NtQueryObject Memory Disclosure - Exploit Files ≈ Packet Storm
    It was discovered that the nt!NtQueryObject syscall handler discloses portions of uninitialized pool memory to user-mode clients when certain conditions are met.
  • Mon, 16 Oct 2017 13:50:27 +0000: Micro Focus VisiBroker C++ 8.5 SP2 Memory Corruption - Exploit Files ≈ Packet Storm
    Micro Focus VisiBroker C++ version 8.5 SP2 suffers from multiple memory corruption vulnerabilities.
  • Mon, 16 Oct 2017 13:48:54 +0000: Webmin 1.850 SSRF / CSRF / Cross Site Scripting / Command Execution - Exploit Files ≈ Packet Storm
    Webmin version 1.850 suffers from server side request forgery, cross site request forgery, and cross site scripting vulnerabilities, the last of which can lead to remote command execution.
  • Mon, 16 Oct 2017 09:22:22 +0000: WordPress Influencer Marketing And Press Release System 2.2 XSS - Exploit Files ≈ Packet Storm
    WordPress Influencer Marketing and Press Release System plugin version 2.2 suffers from a cross site scripting vulnerability.
  • Sat, 14 Oct 2017 21:39:48 +0000: Microsoft Edge Chakra StackScriptFunction::BoxState::Box Uninitialized Pointers - Exploit Files ≈ Packet Storm
    Microsoft Edge Chakra accesses uninitialized pointers in StackScriptFunction::BoxState::Box.
  • Sat, 14 Oct 2017 21:38:13 +0000: Microsoft Edge Chakra JIT Failed RegexHelper::StringReplace Call - Exploit Files ≈ Packet Storm
    The "String.prototype.replace" method can be inlined in the JIT process. So in the method, all the calls which may break the JIT assumptions must be invoked with updating "ImplicitCallFlags". But "RegexHelper::StringReplace" calls the replace function without updating the flag. Therefore it fails to detect if a user function was called.
  • Sat, 14 Oct 2017 21:32:47 +0000: Microsoft Edge Chakra JIT Incorrect GenerateBailOut Calling Patterns - Exploit Files ≈ Packet Storm
    Microsoft Edge Chakra JIT compiler creates incorrect GenerateBailOut calling patterns.
  • Sat, 14 Oct 2017 21:31:18 +0000: Microsoft Windows WLDP/MSHTML CLSID UMCI Bypass - Exploit Files ≈ Packet Storm
    The enlightened lockdown policy check for COM Class instantiation can be bypassed in MSHTML hosts leading to arbitrary code execution on a system with UMCI enabled (e.g. Device Guard).
  • Sat, 14 Oct 2017 21:27:53 +0000: Shadowsocks-libev 3.1.0 Command Execution - Exploit Files ≈ Packet Storm
    Shadowsocks-libev version 3.1.0 suffers from a remote command execution vulnerability.
  • Sat, 14 Oct 2017 21:23:28 +0000: Shadowsocks Log Manipulation / Command Execution - Exploit Files ≈ Packet Storm
    Several issues have been identified, which allow attackers to manipulate log files, execute commands and to brute force Shadowsocks with enabled autoban.py brute force detection. Brute force detection from autoban.py does not work with suggested tail command. The key of captured Shadowsocks traffic can be brute forced. The latest commit 2ab8c6b on Sep 6, 2017 is affected.
  • Sat, 14 Oct 2017 21:19:23 +0000: AlienVault USM 5.4.2 Cross Site Request Forgery - Exploit Files ≈ Packet Storm
    AlienVault USM version 5.4.2 suffers from a cross site request forgery vulnerability.
  • Sat, 14 Oct 2017 21:16:18 +0000: Opentext Documentum Content Server File Hijack / Privilege Escalation - Exploit Files ≈ Packet Storm
    Opentext Documentum Content Server (formerly known as EMC Documentum Content Server) does not properly validate input of the PUT_FILE RPC command which allows any authenticated user to hijack arbitrary file from the Content Server filesystem. Because some files on the Content Server filesystem are security-sensitive this security flaw leads to privilege escalation.
  • Sat, 14 Oct 2017 21:13:37 +0000: Opentext Documentum Content Server Privilege Escalation - Exploit Files ≈ Packet Storm
    Opentext Documentum Content Server (formerly known as EMC Documentum Content Server) contains a design gap that allows any authenticated user the ability to replace content of security-sensitive dmr_content objects (for example, dmr_content related to dm_method objects) and gain superuser privileges.
  • Sat, 14 Oct 2017 21:12:04 +0000: Opentext Documentum Content Server File Download - Exploit Files ≈ Packet Storm
    Opentext Documentum Content Server (formerly known as EMC Documentum Content Server) contains a design gap that allows authenticated user to download arbitrary content files regardless of the attacker's repository permissions.

Latest Tools

  • Wed, 18 Oct 2017 23:55:55 +0000: Suricata IDPE 4.0.1 - Security Tool Files ≈ Packet Storm
    Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.
  • Wed, 18 Oct 2017 17:22:22 +0000: Faraday 2.6.3 - Security Tool Files ≈ Packet Storm
    Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.
  • Mon, 16 Oct 2017 20:44:44 +0000: Bro Network Security Monitor 2.5.2 - Security Tool Files ≈ Packet Storm
    Bro is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Bro provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Bro has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Bro's user community includes major universities, research labs, supercomputing centers, and open-science communities.
  • Fri, 13 Oct 2017 13:44:47 +0000: Macro Pack 1.1 - Security Tool Files ≈ Packet Storm
    macro_pack is a tool used to automate obfuscation and generation of MS Office documents for penetration testing, demo, and social engineering assessments. The goal of macro_pack is to simplify bypassing anti-malware solutions and automate the process from vba generation to final Office document generation.
  • Thu, 12 Oct 2017 16:04:54 +0000: Falco 0.8.1 - Security Tool Files ≈ Packet Storm
    Sysdig falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.
  • Tue, 10 Oct 2017 20:23:50 +0000: Wireshark Analyzer 2.4.2 - Security Tool Files ≈ Packet Storm
    Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.
  • Wed, 04 Oct 2017 17:32:22 +0000: OpenSSH 7.6p1 - Security Tool Files ≈ Packet Storm
    This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.
  • Mon, 25 Sep 2017 16:29:11 +0000: Packet Fence 7.3.0 - Security Tool Files ≈ Packet Storm
    PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
  • Thu, 21 Sep 2017 03:33:33 +0000: TestSSL 2.9.5 - Security Tool Files ≈ Packet Storm
    testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws, and much more. It is written in (pure) bash, makes only use of standard Unix utilities, openssl and last but not least bash sockets.
  • Tue, 19 Sep 2017 02:44:39 +0000: TOR Virtual Network Tunneling Tool 0.3.1.7 - Security Tool Files ≈ Packet Storm
    Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).
  • Tue, 19 Sep 2017 02:44:26 +0000: ifchk 1.0.8 - Security Tool Files ≈ Packet Storm
    Ifchk is a network interface promiscuous mode detection tool that reports on the operational state of all configured interfaces present on the system. In addition, it will disable those interfaces found to be promiscuous if told to do so. Per-interface statistics can also be displayed, allowing administrators to perform traffic trend analysis, which could be an aid in the identification of possible inconsistencies or spikes in network traffic volume that may warrant further investigation.
  • Tue, 19 Sep 2017 02:44:24 +0000: FireHOL 3.1.5 - Security Tool Files ≈ Packet Storm
    FireHOL a simple yet powerful way to configure stateful iptables firewalls. It can be used for almost any purpose, including control of any number of internal/external/virtual interfaces, control of any combination of routed traffic, setting up DMZ routers and servers, and all kinds of NAT. It provides strong protection (flooding, spoofing, etc.), transparent caches, source MAC verification, blacklists, whitelists, and more. Its goal is to be completely abstracted and powerful but also easy to use, audit, and understand.
  • Tue, 12 Sep 2017 05:07:12 +0000: Ansvif 1.8 - Security Tool Files ≈ Packet Storm
    Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.
  • Tue, 12 Sep 2017 05:07:10 +0000: Mobius Forensic Toolkit 0.5.31 - Security Tool Files ≈ Packet Storm
    Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.
  • Tue, 12 Sep 2017 05:06:59 +0000: Blue Team Training Toolkit (BT3) 2.5 - Security Tool Files ≈ Packet Storm
    Blue Team Training Toolkit (BT3) is an attempt to introduce improvements in current computer network defense analysis training. Based on adversary replication techniques, and with reusability in mind, BT3 allows individuals and organizations to create realistic computer attack scenarios, while reducing infrastructure costs, implementation time and risk. The Blue Team Training Toolkit is written in Python, and it includes the latest versions of Encripto's Maligno and Pcapteller.
  • Sat, 09 Sep 2017 17:11:10 +0000: MIMEDefang Email Scanner 2.82 - Security Tool Files ≈ Packet Storm
    MIMEDefang is a flexible MIME email scanner designed to protect Windows clients from viruses. Includes the ability to do many other kinds of mail processing, such as replacing parts of messages with URLs. It can alter or delete various parts of a MIME message according to a very flexible configuration file. It can also bounce messages with unacceptable attachments. MIMEDefang works with the Sendmail 8.11 and newer "Milter" API, which makes it more flexible and efficient than procmail-based approaches.
  • Sat, 09 Sep 2017 16:55:48 +0000: tcpdump 4.9.2 - Security Tool Files ≈ Packet Storm
    tcpdump allows you to dump the traffic on a network. It can be used to print out the headers and/or contents of packets on a network interface that matches a given expression. You can use this tool to track down network problems, to detect many attacks, or to monitor the network activities.
  • Fri, 08 Sep 2017 03:33:33 +0000: Lynis Auditing Tool 2.5.5 - Security Tool Files ≈ Packet Storm
    Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.
  • Thu, 07 Sep 2017 01:01:01 +0000: Brutus FTP Attack Tool 0.3 - Security Tool Files ≈ Packet Storm
    Brutus is a small threaded python FTP brute-force and dictionary attack tool. It supports several brute-force parameters such as a custom character sets, password length, minimum password length, prefix, and postfix strings to passwords generated.
  • Mon, 04 Sep 2017 16:26:59 +0000: Blue Team Training Toolkit (BT3) 2.4 - Security Tool Files ≈ Packet Storm
    Blue Team Training Toolkit (BT3) is an attempt to introduce improvements in current computer network defense analysis training. Based on adversary replication techniques, and with reusability in mind, BT3 allows individuals and organizations to create realistic computer attack scenarios, while reducing infrastructure costs, implementation time and risk. The Blue Team Training Toolkit is written in Python, and it includes the latest versions of Encripto's Maligno and Pcapteller.

@Risk Exploits

ExploitDB