Latest Exploits / Tools

Latest Exploits

  • Wed, 25 Nov 2020 16:40:55 +0000: OpenMediaVault rpc.php Authenticated PHP Code Injection - Exploit Files ≈ Packet Storm
    This Metasploit module exploits an authenticated PHP code injection vulnerability found in openmediavault versions before 4.1.36 and 5.x versions before 5.5.12 inclusive in the "sortfield" POST parameter of the rpc.php page, because "json_encode_safe()" is not used in config/databasebackend.inc. Successful exploitation grants attackers the ability to execute arbitrary commands on the underlying operating system as root.
  • Wed, 25 Nov 2020 16:39:36 +0000: Kong Gateway Admin API Remote Code Execution - Exploit Files ≈ Packet Storm
    This Metasploit module uses the Kong admin API to create a route and a serverless function plugin that is associated with the route. The plugin runs Lua code and is used to run a system command using os.execute(). After execution the route is deleted, which also deletes the plugin.
  • Wed, 25 Nov 2020 16:37:52 +0000: WordPress Simple File List Unauthenticated Remote Code Execution - Exploit Files ≈ Packet Storm
    This Metasploit module exploits WordPress Simple File List plugin versions prior to 4.2.3, which allows remote unauthenticated attackers to upload files within a controlled list of extensions. However, the rename function does not conform to the file extension restrictions, thus allowing arbitrary PHP code to be uploaded first as a png then renamed to php and executed.
  • Wed, 25 Nov 2020 16:33:26 +0000: SyncBreeze 10.0.28 Remote Buffer Overflow - Exploit Files ≈ Packet Storm
    SyncBreeze version 10.0.28 suffers from a remote buffer overflow vulnerability.
  • Wed, 25 Nov 2020 16:32:37 +0000: osCommerce 2.3.4.1 Cross Site Scripting - Exploit Files ≈ Packet Storm
    osCommerce version 2.3.4.1 suffers from a persistent cross site scripting vulnerability.
  • Wed, 25 Nov 2020 16:29:38 +0000: Wondershare Driver Install Service Help 10.7.1.321 Unquoted Service Path - Exploit Files ≈ Packet Storm
    Wondershare Driver Install Service Help version 10.7.1.321 suffers from an unquoted service path vulnerability.
  • Tue, 24 Nov 2020 15:36:48 +0000: ZTE MF253V 1.0.0B04 XSS / CSRF / Hardcoded Password - Exploit Files ≈ Packet Storm
    ZTE WLAN router MF253V version 1.0.0B04 suffers from cross site request forgery, hardcoded password, outdated component, and cross site scripting vulnerabilities.
  • Tue, 24 Nov 2020 15:34:04 +0000: ZeroShell 3.9.0 Remote Command Execution - Exploit Files ≈ Packet Storm
    This Metasploit module exploits an unauthenticated command injection vulnerability found in ZeroShell version 3.9.0 in the "/cgi-bin/kerbynet" url. As sudo is configured to execute /bin/tar without a password (NOPASSWD) it is possible to run root commands using the "checkpoint" tar options.
  • Tue, 24 Nov 2020 15:31:41 +0000: Seowon 130-SLC 1.0.11 Remote Code Execution - Exploit Files ≈ Packet Storm
    Seowon 130-SLC router version 1.0.11 suffers from a remote code execution vulnerability.
  • Tue, 24 Nov 2020 15:03:49 +0000: OpenCart 3.0.3.6 Cross Site Scripting - Exploit Files ≈ Packet Storm
    OpenCart version 3.0.3.6 suffers from multiple persistent cross site scripting vulnerabilities.
  • Tue, 24 Nov 2020 15:00:55 +0000: nopCommerce Store 4.30 Cross Site Scripting - Exploit Files ≈ Packet Storm
    nopCommerce Store version 4.30 suffers from a persistent cross site scripting vulnerability.
  • Tue, 24 Nov 2020 14:57:57 +0000: Apache OpenMeetings 5.0.0 Denial Of Service - Exploit Files ≈ Packet Storm
    Apache OpenMeetings version 5.0.0 suffers from a denial of service vulnerability.
  • Mon, 23 Nov 2020 14:16:18 +0000: LifeRay 7.2.1 GA2 Cross Site Scripting - Exploit Files ≈ Packet Storm
    LifeRay version 7.2.1 GA2 suffers from a persistent cross site scripting vulnerability.
  • Mon, 23 Nov 2020 14:14:15 +0000: TP-Link TL-WA855RE V5_200415 Device Reset Authentication Bypass - Exploit Files ≈ Packet Storm
    The TP-Link TL-WA855RE V5_200415 suffers from a flow where an unauthenticated attacker can reset the device and then set a new administrator password.
  • Mon, 23 Nov 2020 14:12:09 +0000: Boxoft Audio Converter 2.3.0 Buffer Overflow - Exploit Files ≈ Packet Storm
    Boxoft Audio Converter version 2.3.0 suffers from a buffer overflow vulnerability.
  • Fri, 20 Nov 2020 21:31:14 +0000: Barco wePresent Insecure Firmware Image - Exploit Files ≈ Packet Storm
    Barco wePresent WiPG-1600W versions 2.5.1.8, 2.5.0.25, 2.5.0.24, and 2.4.1.19 have firmware that does not perform verification of digitally signed firmware updates and is susceptible to processing and installing modified/malicious images.
  • Fri, 20 Nov 2020 21:29:36 +0000: Barco wePresent Global Hardcoded Root SSH Password - Exploit Files ≈ Packet Storm
    Barco wePresent WiPG-1600W versions 2.5.1.8, 2.5.0.25, 2.5.0.24, and 2.4.1.19 have a hardcoded root password hash included in the firmware image.
  • Fri, 20 Nov 2020 21:27:39 +0000: Barco wePresent Undocumented SSH Interface - Exploit Files ≈ Packet Storm
    Barco wePresent WiPG-1600W version 2.5.1.8 has an SSH daemon included in the firmware image. By default, the SSH daemon is disabled and does not start at system boot. The system initialization scripts read a device configuration file variable to see if the SSH daemon should be started. The web interface does not provide a visible capability to alter this configuration file variable. However, a malicious actor can include this variable in a POST such that the SSH daemon will be started when the device boots.
  • Fri, 20 Nov 2020 21:25:41 +0000: Barco wePresent Authentication Bypass - Exploit Files ≈ Packet Storm
    The Barco wePresent WiPG-1600W version 2.5.1.8 web interface does not use session cookies for tracking authenticated sessions. Instead, the web interface uses a "SEID" token that is appended to the end of URLs in GET requests. Thus the "SEID" would be exposed in web proxy logs and browser history. An attacker that is able to capture the "SEID" and originate requests from the same IP address (via a NAT device or web proxy) would be able to access the user interface of the device without having to know the credentials.
  • Fri, 20 Nov 2020 21:23:14 +0000: Barco wePresent Admin Credential Exposure - Exploit Files ≈ Packet Storm
    An attacker armed with hardcoded API credentials from KL-001-2020-004 (CVE-2020-28329) can issue an authenticated query to display the admin password for the main web user interface listening on port 443/tcp for Barco wePresent WiPG-1600W version 2.5.1.8.

Latest Tools

  • Tue, 24 Nov 2020 15:43:37 +0000: GNU Privacy Guard 2.2.25 - Security Tool Files ≈ Packet Storm
    GnuPG (the GNU Privacy Guard or GPG) is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. As such, it is meant to be compatible with PGP from NAI, Inc. Because it does not use any patented algorithms, it can be used without any restrictions.
  • Tue, 24 Nov 2020 15:42:22 +0000: nfstream 6.2.4 - Security Tool Files ≈ Packet Storm
    nfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world network data analysis in Python. Additionally, it has the broader goal of becoming a common network data processing framework for researchers providing data reproducibility across experiments.
  • Tue, 24 Nov 2020 14:55:55 +0000: Sifter 11-R2 - Security Tool Files ≈ Packet Storm
    Sifter is a osint, recon, and vulnerability scanner. It combines a plethora of tools within different module sets in order to quickly perform recon tasks, check network firewalling, enumerate remote and local hosts, and scan for the blue vulnerabilities within Microsoft systems and if unpatched, exploits them.
  • Mon, 23 Nov 2020 15:46:22 +0000: TestSSL 3.0.4 - Security Tool Files ≈ Packet Storm
    testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws, and much more. It is written in (pure) bash, makes only use of standard Unix utilities, openssl and last but not least bash sockets.
  • Mon, 23 Nov 2020 15:42:04 +0000: AIEngine 2.0.1 - Security Tool Files ≈ Packet Storm
    AIEngine is a packet inspection engine with capabilities of learning without any human intervention. It helps network/security professionals to identify traffic and develop signatures for use them on NIDS, Firewalls, Traffic classifiers and so on.
  • Thu, 19 Nov 2020 18:11:33 +0000: GRAudit Grep Auditing Tool 2.8 - Security Tool Files ≈ Packet Storm
    Graudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility, grep. It's comparable to other static analysis applications like RATS, SWAAT, and flaw-finder while keeping the technical requirements to a minimum and being very flexible.
  • Thu, 19 Nov 2020 17:43:59 +0000: American Fuzzy Lop plus plus 2.68c - Security Tool Files ≈ Packet Storm
    Google's American Fuzzy Lop is a brute-force fuzzer coupled with an exceedingly simple but rock-solid instrumentation-guided genetic algorithm. afl++ is a superior fork to Google's afl. It has more speed, more and better mutations, more and better instrumentation, custom module support, etc.
  • Thu, 19 Nov 2020 17:43:54 +0000: Global Socket 1.4.22 - Security Tool Files ≈ Packet Storm
    Global Socket is a tool for moving data from here to there, securely, fast, and through NAT and firewalls. It uses the Global Socket Relay Network to connect TCP pipes, has end-to-end encryption (using OpenSSL's SRP / RFC-5054), AES-256 and key exchange using 4096-bit Prime, requires no PKI, has Perfect Forward Secrecy, and TOR support.
  • Thu, 19 Nov 2020 17:43:49 +0000: erfs 1.4 - Security Tool Files ≈ Packet Storm
    erfs is an easy-to-use, easy-to-setup, hassle-free secure file system with the encrypted data being stored on a remote cloud server without having to trust the server. The client is a bash-script. The cloud server is provided by THC for free (as in free beer!). There is no limit per user, no limit of the number of file systems and no limit of how many locations can access the same file system simultaneously. It supports collaboration and the same filesystem can be accessed from different computers at the same time. The data is securely and seamlessly synchronized. The server has no knowledge of the content. A rogue server operator can not access the data. All key material is created on the user's computer and never stored or transferred to the server.
  • Thu, 19 Nov 2020 15:55:36 +0000: TestSSL 3.0.3 - Security Tool Files ≈ Packet Storm
    testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws, and much more. It is written in (pure) bash, makes only use of standard Unix utilities, openssl and last but not least bash sockets.
  • Thu, 19 Nov 2020 15:48:45 +0000: TCMalloc Inspector Tool - Security Tool Files ≈ Packet Storm
    TCMalloc is an inspection tool that lets you parse and inspect tcmalloc internals, and detect lost memory, meaning memory which is not reachable via any (internal) pointers.
  • Tue, 17 Nov 2020 16:05:02 +0000: GNU Privacy Guard 2.2.24 - Security Tool Files ≈ Packet Storm
    GnuPG (the GNU Privacy Guard or GPG) is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. As such, it is meant to be compatible with PGP from NAI, Inc. Because it does not use any patented algorithms, it can be used without any restrictions.
  • Mon, 16 Nov 2020 17:18:54 +0000: nfstream 6.2.3 - Security Tool Files ≈ Packet Storm
    nfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world network data analysis in Python. Additionally, it has the broader goal of becoming a common network data processing framework for researchers providing data reproducibility across experiments.
  • Mon, 16 Nov 2020 16:54:33 +0000: Machosec 1.0 - Security Tool Files ≈ Packet Storm
    Machosec is a script that checks the security of Mach-O 64-bit executables and application bundles for dyld injection vulnerabilities, LC_RPATH vulnerabilities leading to dyld injection, symlinks pointing to attacker controlled locations, writable by others vulnerabilities, missing stack canaries, disabled PIE (ASLR), and disabled FORTIFY_SOURCE (keeping insecure functions such as strcpy, memcpy etc.).
  • Fri, 13 Nov 2020 16:23:48 +0000: TOR Virtual Network Tunneling Tool 0.4.4.6 - Security Tool Files ≈ Packet Storm
    Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).
  • Thu, 12 Nov 2020 16:01:48 +0000: OATH Toolkit 2.6.4 - Security Tool Files ≈ Packet Storm
    OATH Toolkit attempts to collect several tools that are useful when deploying technologies related to OATH, such as HOTP one-time passwords. It is a fork of the earlier HOTP Toolkit.
  • Thu, 12 Nov 2020 10:32:22 +0000: Sifter 11 - Security Tool Files ≈ Packet Storm
    Sifter is a osint, recon, and vulnerability scanner. It combines a plethora of tools within different module sets in order to quickly perform recon tasks, check network firewalling, enumerate remote and local hosts, and scan for the blue vulnerabilities within Microsoft systems and if unpatched, exploits them.
  • Wed, 11 Nov 2020 15:28:39 +0000: nfstream 6.2.2 - Security Tool Files ≈ Packet Storm
    nfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world network data analysis in Python. Additionally, it has the broader goal of becoming a common network data processing framework for researchers providing data reproducibility across experiments.
  • Tue, 10 Nov 2020 15:02:35 +0000: Falco 0.26.2 - Security Tool Files ≈ Packet Storm
    Sysdig Falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.
  • Mon, 09 Nov 2020 19:27:02 +0000: OATH Toolkit 2.6.3 - Security Tool Files ≈ Packet Storm
    OATH Toolkit attempts to collect several tools that are useful when deploying technologies related to OATH, such as HOTP one-time passwords. It is a fork of the earlier HOTP Toolkit.

@Risk Exploits

ExploitDB

 

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.