Latest Exploits / Tools

Latest Exploits

  • Wed, 18 May 2022 16:19:56 +0000: Emby Media Server 4.7.0.60 Cross Site Scripting - Exploit Files ≈ Packet Storm
    Emby Media Server version 4.7.0.60 suffers from a cross site scripting vulnerability.
  • Tue, 17 May 2022 17:15:25 +0000: Trojan-Ransom.Thanos MVID-2022-0607 Code Execution - Exploit Files ≈ Packet Storm
    Thanos ransomware looks for and executes DLLs in its current directory. Therefore, we can potentially hijack a DLL to execute our own code and control and terminate the malware pre-encryption. The exploit DLL will check if the current directory is "C:\Windows\System32" and if not we grab our process ID and terminate. We do not need to rely on hash signatures or third-party products as the malware's own flaw will do the work for us. Endpoint protection systems and or antivirus can potentially be killed prior to executing malware, but this method cannot as there is nothing to kill the DLL that just lives on disk waiting. From a defensive perspective you can add the DLLs to a specific network share containing important data as a layered approach. All basic tests were conducted successfully in a virtual machine environment.
  • Tue, 17 May 2022 17:13:58 +0000: SDT-CW3B1 1.1.0 Command Injection - Exploit Files ≈ Packet Storm
    SDT-CW3B1 version 1.1.0 suffers from a command injection vulnerability.
  • Tue, 17 May 2022 17:12:50 +0000: Online Discussion Forum Site 1.0 SQL Injection - Exploit Files ≈ Packet Storm
    Online Discussion Forum Site version 1.0 suffers from a remote blind SQL injection vulnerability.
  • Tue, 17 May 2022 17:11:26 +0000: Showdoc 2.10.3 Cross Site Scripting - Exploit Files ≈ Packet Storm
    Showdoc versions 2.10.3 and below suffer from a persistent cross site scripting vulnerability.
  • Tue, 17 May 2022 17:08:35 +0000: OpenCart So Listing Tabs 2.2.0 Unsafe Deserialization - Exploit Files ≈ Packet Storm
    OpenCart So Listing Tabs component versions 2.2.0 and below suffer from a deserialization vulnerability that can allow for arbitrary file writes.
  • Tue, 17 May 2022 17:05:52 +0000: T-Soft E-Commerce 4 SQL Injection - Exploit Files ≈ Packet Storm
    T-Soft E-Commerce version 4 suffers from a remote SQL injection vulnerability.
  • Tue, 17 May 2022 17:04:13 +0000: T-Soft E-Commerce 4 Cross Site Scripting - Exploit Files ≈ Packet Storm
    T-Soft E-Commerce version 4 suffers from a persistent cross site scripting vulnerability.
  • Tue, 17 May 2022 16:58:48 +0000: Survey Sparrow Enterprise Survey Software 2022 Cross Site Scripting - Exploit Files ≈ Packet Storm
    Survey Sparrow Enterprise Survey Software 2022 suffers from a persistent cross site scripting vulnerability.
  • Tue, 17 May 2022 16:56:37 +0000: SolarView Compact 6.0 Command Injection - Exploit Files ≈ Packet Storm
    SolarView Compact version 6.0 suffers from a command injection vulnerability.
  • Mon, 16 May 2022 14:19:54 +0000: Zyxel Firewall ZTP Unauthenticated Command Injection - Exploit Files ≈ Packet Storm
    This Metasploit module exploits CVE-2022-30525, an unauthenticated remote command injection vulnerability affecting Zyxel firewalls with zero touch provisioning (ZTP) support. By sending a malicious setWanPortSt command containing an mtu field with a crafted OS command to the /ztp/cgi-bin/handler page, an attacker can gain remote command execution as the nobody user. Affected Zyxel models are USG FLEX 50, 50W, 100W, 200, 500, 700 using firmware 5.21 and below, USG20-VPN and USG20W-VPN using firmware 5.21 and below, and ATP 100, 200, 500, 700, 800 using firmware 5.21 and below.
  • Mon, 16 May 2022 14:14:49 +0000: Chrome 100 extensions::ExtensionApiFrameIdMap::GetFrameId Heap Use-After-Free - Exploit Files ≈ Packet Storm
    A use-after-free issue exists in Chrome 100 and earlier versions. A malicious extension can achieve arbitrary code execution in the browser process.
  • Mon, 16 May 2022 14:08:05 +0000: IpMatcher 1.0.4.1 Server-Side Request Forgery - Exploit Files ≈ Packet Storm
    IpMatcher versions 1.0.4.1 and below for .NET Core 2.0 and .NET Framework 4.5.2 incorrectly validates octal and hexadecimal input data which can lead to indeterminate server-side request forgery, local file inclusion, remote file inclusion, and denial of service vectors.
  • Mon, 16 May 2022 14:05:47 +0000: Ransom.Conti MVID-2022-0606 Code Execution - Exploit Files ≈ Packet Storm
    Conti ransomware looks for and executes DLLs in its current directory. Therefore, we can potentially hijack a DLL to execute our own code and control and terminate the malware pre-encryption. The exploit dll will check if the current directory is "C:\Windows\System32" and if not we grab our process ID and terminate. We do not need to rely on hash signatures or third-party products as the malware's own flaw will do the work for us. Endpoint protection systems and or antivirus can potentially be killed prior to executing malware, but this method cannot as there's nothing to kill the DLL that just lives on disk waiting. From a defensive perspective you can add the DLLs to a specific network share containing important data as a layered approach. All basic tests were conducted successfully in a virtual machine environment.
  • Mon, 16 May 2022 14:03:56 +0000: Zyxel Remote Command Execution - Exploit Files ≈ Packet Storm
    Victorian Machinery is a proof of concept exploit for CVE-2022-30525. The vulnerability is an unauthenticated and remote command injection vulnerability affecting Zyxel firewall's that support zero touch provisioning. Zyxel pushed a fix for this issue on April 28, 2022. Multiple models are affected.
  • Mon, 16 May 2022 13:58:29 +0000: Ransom.Conti MVID-2022-0605 Code Execution - Exploit Files ≈ Packet Storm
    Conti ransomware looks for and executes DLLs in its current directory. Therefore, we can potentially hijack a DLL to execute our own code and control and terminate the malware pre-encryption. The exploit dll will check if the current directory is "C:\Windows\System32" and if not we grab our process ID and terminate. We do not need to rely on hash signatures or third-party products as the malware's own flaw will do the work for us. Endpoint protection systems and or antivirus can potentially be killed prior to executing malware, but this method cannot as there's nothing to kill the DLL that just lives on disk waiting. From a defensive perspective you can add the DLLs to a specific network share containing important data as a layered approach. All basic tests were conducted successfully in a virtual machine environment.
  • Mon, 16 May 2022 13:57:24 +0000: WordPress WP Event Manager 3.1.27 Cross Site Scripting - Exploit Files ≈ Packet Storm
    WordPress WP Event Manager plugin version 3.1.27 suffers from a persistent cross site scripting vulnerability.
  • Mon, 16 May 2022 13:54:29 +0000: Ransom.Conti MVID-2022-0604 Code Execution - Exploit Files ≈ Packet Storm
    Conti ransomware looks for and executes DLLs in its current directory. Therefore, we can potentially hijack a DLL to execute our own code and control and terminate the malware pre-encryption. The exploit dll will check if the current directory is "C:\Windows\System32" and if not we grab our process ID and terminate. We do not need to rely on hash signatures or third-party products as the malware's own flaw will do the work for us. Endpoint protection systems and or antivirus can potentially be killed prior to executing malware, but this method cannot as there's nothing to kill the DLL that just lives on disk waiting. From a defensive perspective you can add the DLLs to a specific network share containing important data as a layered approach. All basic tests were conducted successfully in a virtual machine environment.
  • Mon, 16 May 2022 13:53:39 +0000: HighCMS/HighPortal 12.x SQL Injection - Exploit Files ≈ Packet Storm
    HighCMS/HighPortal version 12.x appears to suffer from a remote SQL injection vulnerability.
  • Mon, 16 May 2022 13:48:48 +0000: Ransom.Conti MVID-2022-0603 Code Execution - Exploit Files ≈ Packet Storm
    Conti ransomware looks for and executes DLLs in its current directory. Therefore, we can potentially hijack a DLL to execute our own code and control and terminate the malware pre-encryption. The exploit dll will check if the current directory is "C:\Windows\System32" and if not we grab our process ID and terminate. We do not need to rely on hash signatures or third-party products as the malware's own flaw will do the work for us. Endpoint protection systems and or antivirus can potentially be killed prior to executing malware, but this method cannot as there's nothing to kill the DLL that just lives on disk waiting. From a defensive perspective you can add the DLLs to a specific network share containing important data as a layered approach. All basic tests were conducted successfully in a virtual machine environment.

Latest Tools

  • Tue, 17 May 2022 17:21:47 +0000: Lynis Auditing Tool 3.0.8 - Security Tool Files ≈ Packet Storm
    Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.
  • Fri, 13 May 2022 15:48:01 +0000: COOPER Analysis Tool - Security Tool Files ≈ Packet Storm
    Cooper utilizes cooperative mutation to test the binding code of scripting languages to find memory-safe issues. Cooperative mutation simultaneously modifies the script code and the related document objects to explore various code paths of the binding code. To support cooperative mutation, the authors infer the relationship between script code and document objects to guide the two-dimensional mutation. They applied their tool Cooper on three popular commercial PDF tools, Adobe Acrobat, Foxit Reader, and Microsoft Word. Cooper detected 134 previously unknown bugs, which resulted in 33 CVE entries and 22K bug bounties.
  • Wed, 11 May 2022 17:13:29 +0000: Aircrack-ng Wireless Network Tools 1.7 - Security Tool Files ≈ Packet Storm
    aircrack-ng is a set of tools for auditing wireless networks. It's an enhanced/reborn version of aircrack. It consists of airodump (an 802.11 packet capture program), aireplay (an 802.11 packet injection program), aircrack (static WEP and WPA-PSK cracking), airdecap (decrypts WEP/WPA capture files), and some tools to handle capture files (merge, convert, etc.).
  • Tue, 10 May 2022 20:06:03 +0000: Samhain File Integrity Checker 4.4.9 - Security Tool Files ≈ Packet Storm
    Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.
  • Fri, 06 May 2022 16:39:46 +0000: Adversary3 2.0 - Security Tool Files ≈ Packet Storm
    Adversary3 is a tool to navigate the vast www.malvuln.com malware vulnerability dataset.
  • Thu, 05 May 2022 17:38:53 +0000: Wireshark Analyzer 3.6.5 - Security Tool Files ≈ Packet Storm
    Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers. This is the source code release.
  • Wed, 04 May 2022 13:10:41 +0000: Clam AntiVirus Toolkit 0.105.0 - Security Tool Files ≈ Packet Storm
    Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a command-line scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.
  • Tue, 03 May 2022 14:35:08 +0000: OpenSSL Toolkit 3.0.3 - Security Tool Files ≈ Packet Storm
    OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide. The 3.x series is the current major version of OpenSSL.
  • Tue, 03 May 2022 14:35:01 +0000: OpenSSL Toolkit 1.1.1o - Security Tool Files ≈ Packet Storm
    OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.
  • Sat, 30 Apr 2022 22:05:53 +0000: Samhain File Integrity Checker 4.4.8 - Security Tool Files ≈ Packet Storm
    Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.
  • Fri, 29 Apr 2022 12:40:27 +0000: TOR Virtual Network Tunneling Tool 0.4.7.7 - Security Tool Files ≈ Packet Storm
    Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs). This is the source code release.
  • Wed, 27 Apr 2022 18:32:01 +0000: nfstream 6.5.1 - Security Tool Files ≈ Packet Storm
    nfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world network data analysis in Python. Additionally, it has the broader goal of becoming a common network data processing framework for researchers providing data reproducibility across experiments.
  • Tue, 26 Apr 2022 14:09:14 +0000: GNU Privacy Guard 2.2.35 - Security Tool Files ≈ Packet Storm
    GnuPG (the GNU Privacy Guard or GPG) is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. As such, it is meant to be compatible with PGP from NAI, Inc. Because it does not use any patented algorithms, it can be used without any restrictions. This is the LTS release.
  • Tue, 26 Apr 2022 14:09:03 +0000: Mandos Encrypted File System Unattended Reboot Utility 1.8.15 - Security Tool Files ≈ Packet Storm
    The Mandos system allows computers to have encrypted root file systems and at the same time be capable of remote or unattended reboots. The computers run a small client program in the initial RAM disk environment which will communicate with a server over a network. All network communication is encrypted using TLS. The clients are identified by the server using an OpenPGP key that is unique to each client. The server sends the clients an encrypted password. The encrypted password is decrypted by the clients using the same OpenPGP key, and the password is then used to unlock the root file system.
  • Tue, 26 Apr 2022 13:50:22 +0000: GNU Privacy Guard 2.3.6 - Security Tool Files ≈ Packet Storm
    GnuPG (the GNU Privacy Guard or GPG) is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. As such, it is meant to be compatible with PGP from NAI, Inc. Because it does not use any patented algorithms, it can be used without any restrictions.
  • Fri, 22 Apr 2022 14:16:34 +0000: Zeek 4.2.1 - Security Tool Files ≈ Packet Storm
    Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities. This is the source code release.
  • Thu, 21 Apr 2022 15:18:37 +0000: Suricata IDPE 6.0.5 - Security Tool Files ≈ Packet Storm
    Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.
  • Tue, 19 Apr 2022 14:51:46 +0000: XDNR Shellcode Cryptor / Encoder - Security Tool Files ≈ Packet Storm
    X0R Cryptor with DEC/N0T/R0R encoder plus random byte insertion.
  • Mon, 18 Apr 2022 15:14:01 +0000: AIEngine 2.1.0 - Security Tool Files ≈ Packet Storm
    AIEngine is a packet inspection engine with capabilities of learning without any human intervention. It helps network/security professionals to identify traffic and develop signatures for use them on NIDS, Firewalls, Traffic classifiers and so on.
  • Mon, 11 Apr 2022 17:35:28 +0000: Haveged 1.9.18 - Security Tool Files ≈ Packet Storm
    haveged is a daemon that feeds the /dev/random pool on Linux using an adaptation of the HArdware Volatile Entropy Gathering and Expansion algorithm invented at IRISA. The algorithm is self-tuning on machines with cpuid support, and has been tested in both 32-bit and 64-bit environments. The tarball uses the GNU build mechanism, and includes self test targets and a spec file for those who want to build an RPM.

@Risk Exploits

ExploitDB

 

Leave a Reply Cancel reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Contact Us