Latest Exploits / Tools

Latest Exploits

  • Fri, 05 Nov 2021 16:40:37 +0000: Pentaho Business Analytics / Pentaho Business Server 9.1 SQL Injection - Exploit Files ≈ Packet Storm
    Pentaho allows users to create and manage Data Sources. Users can select a Data Source when creating a Dashboard through the Pentaho User Console. When a Data Source is added, Pentaho makes a HTTP request to the dashboards editor (/pentaho/api/repos/dashboards/editor) in order to test the connection by executing a test SQL query. However, further examination revealed that by utilizing CVE-2021-31602, an authentication bypass of Spring APIs, it is possible for an unauthenticated user to execute arbitrary SQL queries on any Pentaho datasource and thus retrieve data from the related databases.
  • Fri, 05 Nov 2021 16:34:49 +0000: HealthForYou 1.11.1 / HealthCoach 2.9.2 Missing Password Policy - Exploit Files ≈ Packet Storm
    HealthForYou version 1.11.1 and HealthCoach version 2.9.2 are missing a server-side password policy. When creating an account or changing your password the mobile and web application both check the password against the password policy. But the API assumes that the given password is already checked therefore an attacker can intercept the HTTP request and change it to a weak password.
  • Fri, 05 Nov 2021 16:31:28 +0000: Pentaho Business Analytics / Pentaho Business Server 9.1 User Enumeration - Exploit Files ≈ Packet Storm
    Pentaho implements a series of web services using the SOAP protocol to allow scripting interaction with the backend server. HAWSEC identified that the services userRoleListService and ServiceAction exposed through the /pentaho/webservices/userRoleListService and /pentaho/ServiceAction?action=SecurityDetails endpoints are not enforcing sufficient access controls. Specifically, an authenticated user can list all application usernames present in the Jackrabbit Repository.
  • Fri, 05 Nov 2021 16:31:07 +0000: Backdoor.Win32.Jokerdoor Buffer Overflow - Exploit Files ≈ Packet Storm
    Backdoor.Win32.Jokerdoor malware suffers from a buffer overflow vulnerability.
  • Fri, 05 Nov 2021 16:28:54 +0000: Pentaho Business Analytics / Pentaho Business Server 9.1 Authentication Bypass - Exploit Files ≈ Packet Storm
    Pentaho Business Analytics and Pentaho Business Server versions 9.1 and below suffer from an authentication bypass vulnerability related to Spring APIs.
  • Fri, 05 Nov 2021 16:27:03 +0000: PHP Event Calendar Lite Edition Cross Site Scripting - Exploit Files ≈ Packet Storm
    PHP Event Calendar Lite Edition suffers from a persistent cross site scripting vulnerability.
  • Fri, 05 Nov 2021 16:24:28 +0000: IBM Sterling B2B Integrator Cross Site Scripting - Exploit Files ≈ Packet Storm
    IBM Sterling B2B Integrator suffers from a cross site scripting vulnerability. Versions affected include 5.2.0.0 through 5.2.6.5_3, 6.0.0.0 through 6.0.3.4, and 6.1.0.0 through 6.1.0.2.
  • Fri, 05 Nov 2021 16:23:56 +0000: Backdoor.Win32.Ncx.b Code Execution - Exploit Files ≈ Packet Storm
    Backdoor.Win32.Ncx.b malware suffers from a code execution vulnerability.
  • Fri, 05 Nov 2021 16:22:48 +0000: ImportExportTools NG 10.0.4 HTML Injection - Exploit Files ≈ Packet Storm
    ImportExportTools NG version 10.0.4 suffers from an html injection vulnerability.
  • Fri, 05 Nov 2021 16:20:44 +0000: Pentaho Business Analytics / Pentaho Business Server 9.1 Insufficient Access Control - Exploit Files ≈ Packet Storm
    Pentaho implements a series of web services using the SOAP protocol to allow scripting interaction with the backend server. While most of the interfaces correctly implement ACL, the Data Source Management Service located at /pentaho/webservices/datasourceMgmtService allows low-privilege authenticated users to list the connection details of all data sources used by Pentaho.
  • Fri, 05 Nov 2021 16:19:08 +0000: PHP Event Calendar Lite Edition SQL Injection - Exploit Files ≈ Packet Storm
    PHP Event Calendar Lite Edition suffers from a remote SQL injection vulnerability that allows for authentication bypass.
  • Fri, 05 Nov 2021 16:15:33 +0000: Backdoor.Win32.Ncx.b Buffer Overflow - Exploit Files ≈ Packet Storm
    Backdoor.Win32.Ncx.b malware suffers from a buffer overflow vulnerability.
  • Fri, 05 Nov 2021 16:13:50 +0000: Pentaho Business Analytics / Pentaho Business Server 9.1 Filename Bypass - Exploit Files ≈ Packet Storm
    Pentaho allows users to upload various files of different file types. The upload service is implemented under the /pentaho/UploadService endpoint. The file types allowed by the application are csv, dat, txt, tar, zip, tgz, gz, gzip. When uploading a file with an extension other than the allowed file types, the application responds with the error message of UploadFileServlet.ERROR_0011 - File type not allowed. Allowable types are csv,dat,txt,tar,zip,tgz,gz,gzip. However, the file extension check can be bypassed by including a single dot "." at the end of the filename.
  • Fri, 05 Nov 2021 16:10:49 +0000: Payment Terminal 2.x / 3.x Cross Site Scripting - Exploit Files ≈ Packet Storm
    Payment Terminal versions 2.x and 3.x suffer from multiple cross site scripting vulnerabilities.
  • Fri, 05 Nov 2021 16:08:19 +0000: Pentaho Business Analytics / Pentaho Business Server 9.1 Remote Code Execution - Exploit Files ≈ Packet Storm
    Pentaho allows users to create and run Pentaho Report Bundles (.prpt). Users can create PRPT reports by utilizing the Pentaho Designer application and can include BeanShell Script functions to ease the production of complex reports. However, the BeanShell Script functions can allow for the execution of arbitrary Java code when Pentaho PRPT Reports are run by Pentaho Business Analytics. This functionality allows any user with sufficient privileges to upload or edit an existing Pentaho Report Bundle (through Pentaho Designer) and execute arbitrary code in the context of the Pentaho application user running on the web server.
  • Fri, 05 Nov 2021 16:06:59 +0000: 10-Strike Network Inventory Explorer Pro 9.31 Unquoted Service Path - Exploit Files ≈ Packet Storm
    10-Strike Network Inventory Explorer Pro version 9.31 suffers from an unquoted service path vulnerability.
  • Fri, 05 Nov 2021 16:05:38 +0000: Backdoor.Win32.Optix.03.b Code Execution - Exploit Files ≈ Packet Storm
    Backdoor.Win32.Optix.03.b malware suffers from a code execution vulnerability.
  • Fri, 05 Nov 2021 10:22:22 +0000: Khamenei.ir SQL Injection - Exploit Files ≈ Packet Storm
    Khamenei.ir suffers from a remote SQL injection vulnerability.
  • Thu, 04 Nov 2021 16:01:06 +0000: GitLab Unauthenticated Remote ExifTool Command Injection - Exploit Files ≈ Packet Storm
    This Metasploit module exploits an unauthenticated file upload and command injection vulnerability in GitLab Community Edition (CE) and Enterprise Edition (EE). The patched versions are 13.10.3, 13.9.6, and 13.8.8. Exploitation will result in command execution as the git user.
  • Thu, 04 Nov 2021 15:59:18 +0000: Opencart 3 Extension TMD Vendor System SQL Injection - Exploit Files ≈ Packet Storm
    Opencart 3 Extension TMD Vendor System suffers from a remote blind SQL injection vulnerability.

Latest Tools

  • Fri, 05 Nov 2021 16:35:00 +0000: Faraday 3.18.1 - Security Tool Files ≈ Packet Storm
    Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.
  • Wed, 03 Nov 2021 17:53:57 +0000: Clam AntiVirus Toolkit 0.104.1 - Security Tool Files ≈ Packet Storm
    Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a command-line scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.
  • Fri, 29 Oct 2021 16:02:38 +0000: GRAudit Grep Auditing Tool 3.2 - Security Tool Files ≈ Packet Storm
    Graudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility, grep. It's comparable to other static analysis applications like RATS, SWAAT, and flaw-finder while keeping the technical requirements to a minimum and being very flexible.
  • Thu, 28 Oct 2021 15:09:13 +0000: TOR Virtual Network Tunneling Tool 0.4.6.8 - Security Tool Files ≈ Packet Storm
    Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs). This is the source code release.
  • Wed, 27 Oct 2021 15:14:27 +0000: Zeek 4.1.1 - Security Tool Files ≈ Packet Storm
    Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities. This is the source code release.
  • Sat, 23 Oct 2021 11:11:11 +0000: GNU Privacy Guard 2.3.3 - Security Tool Files ≈ Packet Storm
    GnuPG (the GNU Privacy Guard or GPG) is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. As such, it is meant to be compatible with PGP from NAI, Inc. Because it does not use any patented algorithms, it can be used without any restrictions. This is the LTS release.
  • Sat, 23 Oct 2021 10:11:11 +0000: GNU Privacy Guard 2.2.32 - Security Tool Files ≈ Packet Storm
    GnuPG (the GNU Privacy Guard or GPG) is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. As such, it is meant to be compatible with PGP from NAI, Inc. Because it does not use any patented algorithms, it can be used without any restrictions. This is the LTS release.
  • Fri, 22 Oct 2021 15:48:05 +0000: Faraday 3.18.0 - Security Tool Files ≈ Packet Storm
    Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.
  • Thu, 21 Oct 2021 15:25:05 +0000: AntiRansom 5 - Security Tool Files ≈ Packet Storm
    AntiRansom is a tool capable of detecting and mitigating attacks of Ransomware using honeypots.
  • Fri, 08 Oct 2021 15:49:38 +0000: nfstream 6.3.5 - Security Tool Files ≈ Packet Storm
    nfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world network data analysis in Python. Additionally, it has the broader goal of becoming a common network data processing framework for researchers providing data reproducibility across experiments.
  • Fri, 08 Oct 2021 15:42:35 +0000: Zed Attack Proxy 2.11.0 Cross Platform Package - Security Tool Files ≈ Packet Storm
    The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. This is the cross platform package.
  • Thu, 07 Oct 2021 14:06:02 +0000: Wireshark Analyzer 3.4.9 - Security Tool Files ≈ Packet Storm
    Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers. This is the source code release.
  • Mon, 04 Oct 2021 16:27:48 +0000: Bing.com Hostname / IP Enumerator 1.0.5 - Security Tool Files ≈ Packet Storm
    This tool enumerates hostnames from Bing.com for an IP address. Bing.com is Microsoft's search engine which has an IP: search parameter. Written in Bash for Linux. Requires wget.
  • Mon, 04 Oct 2021 16:27:10 +0000: TestSSL 3.0.6 - Security Tool Files ≈ Packet Storm
    testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws, and much more. It is written in (pure) bash, makes only use of standard Unix utilities, openssl and last but not least bash sockets.
  • Mon, 04 Oct 2021 16:21:00 +0000: PyRDP RDP Man-In-The-Middle Tool - Security Tool Files ≈ Packet Storm
    PyRDP is a Python Remote Desktop Protocol (RDP) Monster-in-the-Middle (MITM) tool and library.
  • Mon, 04 Oct 2021 16:19:21 +0000: Seth RDP Man-In-The-Middle Tool - Security Tool Files ≈ Packet Storm
    Seth is a tool written in Python and Bash to MitM RDP connections by attempting to downgrade the connection in order to extract clear text credentials. It was developed to raise awareness and educate about the importance of properly configured RDP connections in the context of pentests, workshops or talks.
  • Mon, 04 Oct 2021 16:16:07 +0000: MedSec Network Utility Tool - Security Tool Files ≈ Packet Storm
    MedSec is a network utility tool developed to perform some network, security administrator, and pentesting tasks. Basic functionality includes port scans, host discovery, banner grabbing, dns checks, subdomain enumeration, and more.
  • Fri, 01 Oct 2021 15:40:27 +0000: Falco 0.30.0 - Security Tool Files ≈ Packet Storm
    Sysdig Falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.
  • Fri, 01 Oct 2021 15:40:06 +0000: SQLMAP - Automatic SQL Injection Tool 1.5.10 - Security Tool Files ≈ Packet Storm
    sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.
  • Thu, 30 Sep 2021 16:41:59 +0000: Haveged 1.9.15 - Security Tool Files ≈ Packet Storm
    haveged is a daemon that feeds the /dev/random pool on Linux using an adaptation of the HArdware Volatile Entropy Gathering and Expansion algorithm invented at IRISA. The algorithm is self-tuning on machines with cpuid support, and has been tested in both 32-bit and 64-bit environments. The tarball uses the GNU build mechanism, and includes self test targets and a spec file for those who want to build an RPM.

@Risk Exploits

ExploitDB

 

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Contact Us