- Fri, 29 Aug 2014 22:22:06 +0000: Wing FTP Server Authenticated Command Execution - Exploit Files ≈ Packet Storm
This Metasploit module exploits the embedded Lua interpreter in the admin web interface for versions 4.3.8 and below. When supplying a specially crafted HTTP POST request an attacker can use os.execute() to execute arbitrary system commands on the target with SYSTEM privileges.
- Fri, 29 Aug 2014 22:05:22 +0000: Microsoft Internet Explorer MS14-029 Memory Corruption - Exploit Files ≈ Packet Storm
Microsoft Internet Explorer memory corruption proof of concept exploit that leverages the vulnerability noted in MS14-029.
- Fri, 29 Aug 2014 20:22:22 +0000: HTML Help Workshop 1.4 Buffer Overflow - Exploit Files ≈ Packet Storm
HTML Help Workshop version 1.4 SEH buffer overflow exploit.
- Fri, 29 Aug 2014 01:56:02 +0000: F5 Unauthenticated rsync Access To Remote Root Code Execution - Exploit Files ≈ Packet Storm
When configured in a high availability mode, the F5 solution suffers from an unauthenticated rsync access vulnerability that can be leveraged to upload a malicious SSH key and gain remote root access to the appliance. Affected includes F5 BIG-IP 11.x versions before 11.6.0, 11.5.1 HF3, 11.5.0 HF4, 11.4.1 HF, 11.4.0 HF7, 11.3.0 HF9, and 11.2.1 HF11, Enterprise Manager 3.x versions before 3.1.1 HF2.
- Thu, 28 Aug 2014 22:37:34 +0000: NRPE 2.15 Remote Command Execution - Exploit Files ≈ Packet Storm
NRPE version 2.15 remote command execution exploit written in Python.
- Thu, 28 Aug 2014 22:35:41 +0000: DomainTrader Domain Parking / Auction Script 2.5.3 CSRF / XSS - Exploit Files ≈ Packet Storm
DomainTrader Domain Parking and Auction Script version 2.5.3 suffers from cross site request forgery and cross site scripting vulnerabilities.
- Thu, 28 Aug 2014 22:31:09 +0000: Jappix Cross Site Scripting - Exploit Files ≈ Packet Storm
Jappix suffers from a persistent cross site scripting vulnerability.
- Thu, 28 Aug 2014 18:38:46 +0000: F5 BIG-IP 11.5.1 Cross Site Scripting - Exploit Files ≈ Packet Storm
F5 BIG-IP versions 11.5.1 and below suffer from a reflective cross site scripting vulnerability.
- Thu, 28 Aug 2014 18:34:00 +0000: ActualAnalyzer Remote Command Execution - Exploit Files ≈ Packet Storm
ActualAnalyzer remote command execution exploit that leverages an eval.
- Thu, 28 Aug 2014 18:32:08 +0000: PhpWiki Ploticus Command Injection - Exploit Files ≈ Packet Storm
Proof of concept exploit for PhpWiki that demonstrates a remote command injection vulnerability via the Ploticus module.
- Thu, 28 Aug 2014 18:30:03 +0000: XRMS Blind SQL Injection / Command Execution - Exploit Files ≈ Packet Storm
XRMS blind SQL injection exploit that leverages $_SESSION poisoning and achieves remote command execution.
- Thu, 28 Aug 2014 10:11:11 +0000: Plogger Authenticated Arbitrary File Upload - Exploit Files ≈ Packet Storm
Plogger versions prior to 1.0-RC1 suffer from a remote authenticated arbitrary file upload vulnerability.
- Wed, 27 Aug 2014 21:37:39 +0000: ManageEngine DeviceExpert 5.9 Credential Disclosure - Exploit Files ≈ Packet Storm
ManageEngine DeviceExpert version 5.9 suffers from a user credential disclosure vulnerability.
- Wed, 27 Aug 2014 16:04:44 +0000: WooCommerce Store Exporter 1.7.5 Cross Site Scripting - Exploit Files ≈ Packet Storm
WooCommerce Store Exporter version 1.7.5 suffers from multiple persistent cross site scripting vulnerabilities.
- Wed, 27 Aug 2014 09:22:22 +0000: Furniture Site Manager SQL Injection - Exploit Files ≈ Packet Storm
Furniture Site Manager suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
- Tue, 26 Aug 2014 23:33:33 +0000: glibc __gconv_translit_find() Privilege Escalation - Exploit Files ≈ Packet Storm
glibc __gconv_translit_find() single-fixed-byte heap metadata overflow local root exploit for Fedora 20 32-bit. This issue is not specific to Fedora, but the proof of concept is specifically for Fedora 20 32-bit.
- Tue, 26 Aug 2014 22:22:22 +0000: Grand MA 300 Fingerprint Reader Weak PIN Verification - Exploit Files ≈ Packet Storm
Grand MA 300/ID with firmware 6.60 has a weakness that allows the retrieval of the access pin from sniffed data, as well as a weakness that allows a fast brute-force attack on the pin.
- Tue, 26 Aug 2014 19:22:22 +0000: Joomla Spider 2.8.3 SQL Injection - Exploit Files ≈ Packet Storm
Joomla Spider video player version 2.8.3 suffers from a remote SQL injection vulnerability.
- Tue, 26 Aug 2014 18:22:22 +0000: vm-support 0.88 File Overwrite / Information Disclosure - Exploit Files ≈ Packet Storm
vm-support version 0.88 suffers from file overwrite and sensitive information disclosure vulnerabilities.
- Fri, 29 Aug 2014 22:39:01 +0000: Spiped 1.4.0 - Security Tool Files ≈ Packet Storm
Spiped (pronounced "ess-pipe-dee") is a utility for creating symmetrically encrypted and authenticated pipes between socket addresses, so that one may connect to one address (e.g., a UNIX socket on localhost) and transparently have a connection established to another address (e.g., a UNIX socket on a different system). This is similar to 'ssh -L' functionality, but does not use SSH and requires a pre-shared symmetric key. Spiped uses strong and well-understood cryptographic components: The initial key negotiation is performed using HMAC-SHA256 and an authenticated Diffie-Hellman key exchange over the standard 2048-bit "group 14"; following the completion of key negotiation, packets are transmitted encrypted with AES-256 in CTR mode and authenticated using HMAC-SHA256.
- Thu, 28 Aug 2014 18:40:41 +0000: Lynis Auditing Tool 1.6.0 - Security Tool Files ≈ Packet Storm
Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.
- Wed, 27 Aug 2014 11:11:11 +0000: RedHat Checklist Script - Security Tool Files ≈ Packet Storm
This script is designed to perform a security evaluation against industry best practices, over RedHat and RedHat based systems, to detect configuration deviations. It was developed due to the need to ensure that the servers within the author's workplace would comply with specific policies. As this tool was designed specifically for this purpose, "lynis" was not used for the task.
- Tue, 26 Aug 2014 02:50:44 +0000: Nmap Port Scanner 6.47 - Security Tool Files ≈ Packet Storm
Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings.
- Mon, 25 Aug 2014 10:11:11 +0000: SSDP Amplification Scanner - Security Tool Files ≈ Packet Storm
SSDP amplification scanner written in Python. Makes use of Scapy.
- Thu, 21 Aug 2014 20:21:40 +0000: oclHashcat For AMD 1.30 - Security Tool Files ≈ Packet Storm
oclHashcat is an advanced GPU hash cracking utility that includes the World's fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker. It also has the first and only GPGPU-based rule engine, focuses on highly iterated modern hashes, single dictionary-based attacks, and more. AMD version.
- Thu, 21 Aug 2014 20:17:47 +0000: oclHashcat For NVidia 1.30 - Security Tool Files ≈ Packet Storm
oclHashcat is an advanced GPU hash cracking utility that includes the World's fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker. It also has the first and only GPGPU-based rule engine, focuses on highly iterated modern hashes, single dictionary-based attacks, and more. NVidia version.
- Tue, 19 Aug 2014 23:54:11 +0000: Maligno 1.2 - Security Tool Files ≈ Packet Storm
Maligno is an open source penetration testing tool written in python, that serves Metasploit payloads. It generates shellcode with msfvenom and transmits it over HTTP or HTTPS. The shellcode is encrypted with AES and encoded with Base64 prior to transmission.
- Tue, 19 Aug 2014 16:04:44 +0000: Melkor ELF Fuzzer 1.0 - Security Tool Files ≈ Packet Storm
Melkor is an ELF fuzzer that mutates the existing data in an ELF sample given to create orcs (malformed ELFs), however, it does not change values randomly (dumb fuzzing), instead, it fuzzes certain metadata with semi-valid values through the use of fuzzing rules (knowledge base). Written in C, Melkor is a very intuitive and easy-to-use fuzzer to find functional (and security) bugs in ELF parsers.
- Mon, 18 Aug 2014 17:58:25 +0000: Viproy VoIP Penetration / Exploitation Kit 2.0 - Security Tool Files ≈ Packet Storm
Viproy Voip Penetration and Exploitation Kit is developed to improve quality of SIP penetration testing. It provides authentication and trust analysis features that assists in creating simple tests.
- Sat, 16 Aug 2014 00:08:56 +0000: GnuPG 2.0.26 - Security Tool Files ≈ Packet Storm
GnuPG (the GNU Privacy Guard or GPG) is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. As such, it is meant to be compatible with PGP from NAI, Inc. Because it does not use any patented algorithms, it can be used without any restrictions.
- Tue, 12 Aug 2014 02:04:45 +0000: I2P 0.9.14.1 - Security Tool Files ≈ Packet Storm
I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version.
- Tue, 12 Aug 2014 02:01:34 +0000: Suricata IDPE 2.0.3 - Security Tool Files ≈ Packet Storm
Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.
- Thu, 07 Aug 2014 19:49:10 +0000: Samhain File Integrity Checker 3.1.2 - Security Tool Files ≈ Packet Storm
Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.
- Thu, 07 Aug 2014 12:33:33 +0000: Mandos Encrypted File System Unattended Reboot Utility 1.6.8 - Security Tool Files ≈ Packet Storm
The Mandos system allows computers to have encrypted root file systems and at the same time be capable of remote or unattended reboots. The computers run a small client program in the initial RAM disk environment which will communicate with a server over a network. All network communication is encrypted using TLS. The clients are identified by the server using an OpenPGP key that is unique to each client. The server sends the clients an encrypted password. The encrypted password is decrypted by the clients using the same OpenPGP key, and the password is then used to unlock the root file system.
- Wed, 06 Aug 2014 23:55:55 +0000: OpenSSL Toolkit 1.0.1i - Security Tool Files ≈ Packet Storm
OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.
- Mon, 04 Aug 2014 22:01:19 +0000: Adobe ColdFusion MX6 Password Decryptor - Security Tool Files ≈ Packet Storm
This tool enables you to retrieve the plain text password for ColdFusion MX6.
- Mon, 04 Aug 2014 21:59:56 +0000: Tenshi Log Monitoring Program 0.15 - Security Tool Files ≈ Packet Storm
tenshi is a log monitoring program, designed to watch one or more log files for lines matching user defined regular expressions and report on the matches. The regular expressions are assigned to queues which have an alert interval and a list of mail recipients. Queues can be set to send a notification as soon as there is a log line assigned to it, or to send periodic reports.
- Sun, 03 Aug 2014 15:18:35 +0000: IPTables Bash Completion 1.2 - Security Tool Files ≈ Packet Storm
iptables-bash_completion provides programmable completion for the iptables and ip6tables programs from netfilter.org. Following the logic of iptables, options are shown only if they are valid at the current context. Additionally to the completion on options, matches and targets, it supports dynamic retrieval of data from the system i.e: chain-, set-names, interfaces, hostnames, etc. Environment variables allow to fine grade completion options. IP and MAC addresses can be fed by file.
- Sat, 02 Aug 2014 00:31:38 +0000: Tor-ramdisk i686 UClibc-based Linux Distribution x86 20140801 - Security Tool Files ≈ Packet Storm
Tor-ramdisk is an i686 uClibc-based micro Linux distribution whose only purpose is to host a Tor server in an environment that maximizes security and privacy. Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. Security is enhanced by employing a monolithically compiled GRSEC/PAX patched kernel and hardened system tools. Privacy is enhanced by turning off logging at all levels so that even the Tor operator only has access to minimal information. Finally, since everything runs in ephemeral memory, no information survives a reboot, except for the Tor configuration file and the private RSA key which may be exported/imported by FTP. x86_64 version.
- : SANSFIRE 2011 - @RISK: The Consensus Security Alert
- Fri, 29 Aug 2014 00:00:00 +0000: [remote] - F5 Big-IP - Unauthenticated rsync Access - Exploit-DB updates
F5 Big-IP - Unauthenticated rsync Access
- Fri, 29 Aug 2014 00:00:00 +0000: [dos] - HTML Help Workshop 1.4 - (SEH) Buffer Overflow - Exploit-DB updates
HTML Help Workshop 1.4 - (SEH) Buffer Overflow
- Fri, 29 Aug 2014 00:00:00 +0000: [remote] - NRPE 2.15 - Remote Code Execution Vulnerability - Exploit-DB updates
NRPE 2.15 - Remote Code Execution Vulnerability
- Thu, 28 Aug 2014 00:00:00 +0000: [dos] - Internet Explorer MS14-029 Memory Corruption PoC - Exploit-DB updates
Internet Explorer MS14-029 Memory Corruption PoC
- Thu, 28 Aug 2014 00:00:00 +0000: [webapps] - XRMS - Blind SQL Injection and Command Execution - Exploit-DB updates
XRMS - Blind SQL Injection and Command Execution
- Thu, 28 Aug 2014 00:00:00 +0000: [webapps] - PhpWiki - Remote Command Execution - Exploit-DB updates
PhpWiki - Remote Command Execution
- Thu, 28 Aug 2014 00:00:00 +0000: [webapps] - ActualAnalyzer Lite 2.81 - Unauthenticated Command Execution - Exploit-DB updates
ActualAnalyzer Lite 2.81 - Unauthenticated Command Execution
- Thu, 28 Aug 2014 00:00:00 +0000: [webapps] - ManageEngine DeviceExpert 5.9 - User Credential Disclosure - Exploit-DB updates
ManageEngine DeviceExpert 5.9 - User Credential Disclosure
- Thu, 28 Aug 2014 00:00:00 +0000: [webapps] - Plogger 1.0-RC1 - Authenticated Arbitrary File Upload - Exploit-DB updates
Plogger 1.0-RC1 - Authenticated Arbitrary File Upload