Latest Exploits / Tools

Latest Exploits

  • Sat, 22 Sep 2018 00:25:02 +0000: Microsoft Windows ALPC Task Scheduler Local Privilege Elevation - Exploit Files ≈ Packet Storm
    On vulnerable versions of Windows the alpc endpoint method SchRpcSetSecurity implemented by the task scheduler service can be used to write arbitrary DACLs to .job files located in c:\windows\tasks because the scheduler does not use impersonation when checking this location. Since users can create files in the c:\windows\tasks folder, a hardlink can be created to a file the user has read access to. After creating a hardlink, the vulnerability can be triggered to set the DACL on the linked file. WARNING: The PrintConfig.dll (%windir%\system32\driverstor\filerepository\prnms003*) on the target host will be overwritten when the exploit runs. This Metasploit module has been tested against Windows 10 Pro x64.
  • Sat, 22 Sep 2018 00:21:49 +0000: MyBB Visual Editor 1.8.18 Cross Site Scripting - Exploit Files ≈ Packet Storm
    MyBB Visual Editor versions 1.8.18 and below suffer from a cross site scripting vulnerability.
  • Fri, 21 Sep 2018 19:18:41 +0000: Antidote 9.5.1 Code Execution - Exploit Files ≈ Packet Storm
    Antidote versions 9.5.1 and below suffer from an update related code execution vulnerability.
  • Fri, 21 Sep 2018 19:17:14 +0000: Staubli Jacquard Industrial System JC6 Shellshock - Exploit Files ≈ Packet Storm
    Staubli Jacquard Industrial System JC6 suffers from a bash environment variable handling code injection vulnerability.
  • Fri, 21 Sep 2018 19:14:43 +0000: WordPress FV Flowplayer 7.2.0.727 Cross Site Scripting - Exploit Files ≈ Packet Storm
    WordPress FV Flowplayer plugin version 7.2.0.727 suffers from a cross site scripting vulnerability.
  • Thu, 20 Sep 2018 22:22:22 +0000: WebRTC VP9 Processing Use-After-Free - Exploit Files ≈ Packet Storm
    There is a use-after-free vulnerability in VP9 processing in WebRTC.
  • Thu, 20 Sep 2018 22:22:22 +0000: WebRTC FEC Out-Of-Bounds Read - Exploit Files ≈ Packet Storm
    There is an out-of-bounds read in FEC processing in WebRTC. If a very short RTP packet is received, FEC will assume the packet is longer and process data outside of the allocated buffer.
  • Thu, 20 Sep 2018 20:22:22 +0000: NICO-FTP 3.0.1.19 Buffer Overflow - Exploit Files ≈ Packet Storm
    NICO-FTP version 3.0.1.19 SEH buffer overflow exploit.
  • Wed, 19 Sep 2018 19:25:17 +0000: Microsoft Windows NtEnumerateKey Privilege Escalation - Exploit Files ≈ Packet Storm
    Microsoft Windows suffers from a double dereference in NtEnumerateKey that leads to elevation of privilege.
  • Wed, 19 Sep 2018 19:23:06 +0000: Microsoft Windows CiSetFileCache TOCTOU Security Feature Bypass - Exploit Files ≈ Packet Storm
    Microsoft Windows suffers from a CiSetFileCache TOCTOU CVE-2017-11830 variant WDAC security feature bypass vulnerability.
  • Wed, 19 Sep 2018 19:22:19 +0000: RICOH MP 2001 Printer Cross Site Scripting - Exploit Files ≈ Packet Storm
    The RICOH MP 2001 printer suffers from cross site scripting and html injection vulnerabilities.
  • Wed, 19 Sep 2018 19:21:03 +0000: RICOH SP 4510SF Printer Cross Site Scripting - Exploit Files ≈ Packet Storm
    The RICOH SP 4510SF printer suffers from cross site scripting and html injection vulnerabilities.
  • Wed, 19 Sep 2018 19:19:21 +0000: ManageEngine SupportCenter Plus 8.1.0 Cross Site Scripting - Exploit Files ≈ Packet Storm
    ManageEngine SupportCenter Plus version 8.1.0 suffers from cross site scripting and html injection vulnerabilities.
  • Wed, 19 Sep 2018 19:18:29 +0000: LG SuperSign EZ CMS 2.5 Local File Inclusion - Exploit Files ≈ Packet Storm
    LG SuperSign EZ CMS version 2.5 suffers from a local file inclusion vulnerability.
  • Wed, 19 Sep 2018 19:17:23 +0000: ManageEngine Desktop Central 10.0.271 Cross Site Scripting - Exploit Files ≈ Packet Storm
    ManageEngine Desktop Central version 10.0.271 suffers from a cross site scripting vulnerability.
  • Wed, 19 Sep 2018 19:16:26 +0000: LimeSurvey 3.14.7 Cross Site Scripting - Exploit Files ≈ Packet Storm
    LimeSurvey version 3.14.7 suffers from cross site scripting and html injection vulnerabilities.
  • Wed, 19 Sep 2018 19:14:56 +0000: WordPress Localize My Post 1.0 Local File Inclusion - Exploit Files ≈ Packet Storm
    WordPress Localize My Post plugin version 1.0 suffers from a local file inclusion vulnerability.
  • Wed, 19 Sep 2018 19:13:35 +0000: WordPress Wechat Broadcast 1.2.0 Local File Inclusion - Exploit Files ≈ Packet Storm
    WordPress Wechat Broadcast plugin version 1.2.0 suffers from a local file inclusion vulnerability.
  • Wed, 19 Sep 2018 19:12:31 +0000: Roundcube rcfilters 2.1.6 Cross Site Scripting - Exploit Files ≈ Packet Storm
    Roundcube rcfilters plugin version 2.1.6 suffers from a cross site scripting vulnerability.
  • Wed, 19 Sep 2018 01:49:46 +0000: Western Digital My Cloud Authentication Bypass - Exploit Files ≈ Packet Storm
    It was discovered that the Western Digital My Cloud is affected by an authentication bypass vulnerability. An unauthenticated attacker can exploit this vulnerability to authenticate as an admin user without needing to provide a password, thereby gaining full control of the My Cloud device. This vulnerability was successfully verified on a Western Digital My Cloud model WDBCTL0020HWT running firmware version 2.30.172. This issue is not limited to the model that was used to find this vulnerability since most of the products in the My Cloud series share the same (vulnerable) code.

Latest Tools

  • Thu, 20 Sep 2018 23:53:17 +0000: Faraday 3.1 - Security Tool Files ≈ Packet Storm
    Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.
  • Thu, 13 Sep 2018 05:26:34 +0000: Falco 0.12.1 - Security Tool Files ≈ Packet Storm
    Sysdig falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.
  • Thu, 13 Sep 2018 05:24:32 +0000: VBScan Vulnerability Scanner 0.1.8 - Security Tool Files ≈ Packet Storm
    VBScan is a black box vBulletin vulnerability scanner written in perl.
  • Thu, 13 Sep 2018 04:56:09 +0000: DAVOSET 1.3.6 - Security Tool Files ≈ Packet Storm
    DAVOSET is a tool for committing distributed denial of service attacks using execution on other sites.
  • Tue, 11 Sep 2018 15:47:25 +0000: OpenSSL Toolkit 1.1.1 - Security Tool Files ≈ Packet Storm
    OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.
  • Tue, 11 Sep 2018 04:41:17 +0000: TOR Virtual Network Tunneling Tool 0.3.4.8 - Security Tool Files ≈ Packet Storm
    Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).
  • Mon, 10 Sep 2018 18:02:47 +0000: Samhain File Integrity Checker 4.3.0 - Security Tool Files ≈ Packet Storm
    Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.
  • Fri, 07 Sep 2018 10:32:22 +0000: TestSSL 2.9.5-7 - Security Tool Files ≈ Packet Storm
    testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws, and much more. It is written in (pure) bash, makes only use of standard Unix utilities, openssl and last but not least bash sockets.
  • Wed, 05 Sep 2018 18:07:42 +0000: SQLMAP - Automatic SQL Injection Tool 1.2.9 - Security Tool Files ≈ Packet Storm
    sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.
  • Wed, 05 Sep 2018 18:04:28 +0000: Blue Team Training Toolkit (BT3) 2.8 - Security Tool Files ≈ Packet Storm
    Blue Team Training Toolkit (BT3) is an attempt to introduce improvements in current computer network defense analysis training. Based on adversary replication techniques, and with reusability in mind, BT3 allows individuals and organizations to create realistic computer attack scenarios, while reducing infrastructure costs, implementation time and risk. The Blue Team Training Toolkit is written in Python, and it includes the latest versions of Encripto's Maligno and Pcapteller.
  • Wed, 05 Sep 2018 18:02:54 +0000: TestSSL 2.9.5 - Security Tool Files ≈ Packet Storm
    testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws, and much more. It is written in (pure) bash, makes only use of standard Unix utilities, openssl and last but not least bash sockets.
  • Fri, 31 Aug 2018 00:58:29 +0000: Bro Network Security Monitor 2.5.5 - Security Tool Files ≈ Packet Storm
    Bro is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Bro provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Bro has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Bro's user community includes major universities, research labs, supercomputing centers, and open-science communities.
  • Fri, 31 Aug 2018 00:56:44 +0000: GNU Privacy Guard 2.2.10 - Security Tool Files ≈ Packet Storm
    GnuPG (the GNU Privacy Guard or GPG) is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. As such, it is meant to be compatible with PGP from NAI, Inc. Because it does not use any patented algorithms, it can be used without any restrictions.
  • Fri, 31 Aug 2018 00:54:53 +0000: Wireshark Analyzer 2.6.3 - Security Tool Files ≈ Packet Storm
    Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.
  • Tue, 28 Aug 2018 17:24:03 +0000: Faraday 3.0.1 - Security Tool Files ≈ Packet Storm
    Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.
  • Mon, 27 Aug 2018 18:08:31 +0000: Haveged 1.9.4 - Security Tool Files ≈ Packet Storm
    haveged is a daemon that feeds the /dev/random pool on Linux using an adaptation of the HArdware Volatile Entropy Gathering and Expansion algorithm invented at IRISA. The algorithm is self-tuning on machines with cpuid support, and has been tested in both 32-bit and 64-bit environments. The tarball uses the GNU build mechanism, and includes self test targets and a spec file for those who want to build an RPM.
  • Mon, 27 Aug 2018 17:58:48 +0000: SQLMAP - Automatic SQL Injection Tool 1.2.8 - Security Tool Files ≈ Packet Storm
    sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.
  • Mon, 27 Aug 2018 17:54:37 +0000: Ansvif 1.10 - Security Tool Files ≈ Packet Storm
    Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.
  • Fri, 24 Aug 2018 02:23:17 +0000: I2P 0.9.36 - Security Tool Files ≈ Packet Storm
    I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version.
  • Fri, 24 Aug 2018 02:20:48 +0000: OpenSSH 7.8p1 - Security Tool Files ≈ Packet Storm
    This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.

@Risk Exploits

ExploitDB