what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 32 RSS Feed

Files from Wireghoul

First Active2009-09-16
Last Active2024-08-31
HP Data Protector 6.1 EXEC_CMD Command Execution
Posted Aug 31, 2024
Authored by Wireghoul, sinn3r, ch0ks, c4an | Site metasploit.com

This Metasploit module exploits HP Data Protectors omniinet process, specifically against a Windows setup. When an EXEC_CMD packet is sent, omniinet.exe will attempt to look for that user-supplied filename with kernel32!FindFirstFileW(). If the file is found, the process will then go ahead execute it with CreateProcess() under a new thread. If the filename isnt found, FindFirstFileW() will throw an error (0x03), and then bails early without triggering CreateProcess(). Because of these behaviors, if you try to supply an argument, FindFirstFileW() will look at that as part of the filename, and then bail. Please note that when you specify the CMD option, the base path begins under C:\.

tags | exploit
systems | windows
advisories | CVE-2011-0923
SHA-256 | d60f9ecfdd7e75b911a02d2e3e9f7e6e28eb00b4db11022e93bc1c7e16bb9722
GRAudit Grep Auditing Tool 3.6
Posted Apr 9, 2024
Authored by Wireghoul | Site justanotherhacker.com

Graudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility, grep. It's comparable to other static analysis applications like RATS, SWAAT, and flaw-finder while keeping the technical requirements to a minimum and being very flexible.

Changes: Updated ruby, JavaScript, PHP, suppression, android, dotnet, nim, golang, python, c, xss, sqli, exec, default, and fruit rules. Added Kotlin rules.
tags | tool
systems | unix
SHA-256 | 96491008a9e1ad7e69bc2be9e30cea2014e7ec82fcaa4c2a1a86a984844d920e
GRAudit Grep Auditing Tool 3.5
Posted Dec 23, 2022
Authored by Wireghoul | Site justanotherhacker.com

Graudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility, grep. It's comparable to other static analysis applications like RATS, SWAAT, and flaw-finder while keeping the technical requirements to a minimum and being very flexible.

Changes: Added Eiffel rules. Updated secret rules. Reduced false positives in php rules. Reduced false positives in nim rules. Added typescript rules. Fixed path issue in misc/gitscan. Bugfix for actionscript, asp and ios rules. Rule correctness adjustments to asp rules. Minor documentation updates.
tags | tool
systems | unix
SHA-256 | 3e5640bdf3520143887748dd71372f092de7b62b576127bda963e7187d1ac1e1
GRAudit Grep Auditing Tool 3.4
Posted Mar 2, 2022
Authored by Wireghoul | Site justanotherhacker.com

Graudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility, grep. It's comparable to other static analysis applications like RATS, SWAAT, and flaw-finder while keeping the technical requirements to a minimum and being very flexible.

Changes: Fixed a path issue in misc/taintfind.sh. Changed installation instructions for better usage. Added link to tutorial video in documentation. Updated PHP rules. Updated dotnet rules. Updated xss rules. Updated secrets rules. Added support for setting default arguments via env vars. Added test cases for environment variables. Fixed a bug in database listing function. Updated misc/phptaint.sh.
tags | tool
systems | unix
SHA-256 | 783c5861525c5c580c13a6ffaca19e9f37ac760eb966aad82fa29217fa7a71e4
GRAudit Grep Auditing Tool 3.3
Posted Jan 20, 2022
Authored by Wireghoul | Site justanotherhacker.com

Graudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility, grep. It's comparable to other static analysis applications like RATS, SWAAT, and flaw-finder while keeping the technical requirements to a minimum and being very flexible.

Changes: Fixed false positive rate in compressed js files. More secret rules. Restructured and updated classic asp rules. Updated fruit rules. Updated SQL, spsqli, ruby, android, java, and dotnet rules. Fixed greedyness in perl super global rules. Improved test case. Bug fixes for dotnet and sql rulesets. Added test case for bad quantifiers in rules. Changed test cases for consistency and portability. Rule set for auditing SCA exclusions. Updated ampscript rules. Added .github/ files for sponsorship/issues/pull requests.
tags | tool
systems | unix
SHA-256 | cce3339a277e3dbab7f9c849a9cb657c9d4d0950fd8a9a1420fad6b45a2a1fa8
GRAudit Grep Auditing Tool 3.2
Posted Oct 29, 2021
Authored by Wireghoul | Site justanotherhacker.com

Graudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility, grep. It's comparable to other static analysis applications like RATS, SWAAT, and flaw-finder while keeping the technical requirements to a minimum and being very flexible.

Changes: Fixed a compatibility bug in misc/serializephp.sh. Updated PHP rules. Updated Java rules. Updated fruit rules. Updated secret rules. Updated default. Updated android rules. Updated dotnet rules. Changed misc/gitlog.sh to an interactive format. Added *.map to files that are ignored unless -A is used. Fixed line endings in some rule files. Altered some error handling slightly.
tags | tool
systems | unix
SHA-256 | 4bb85b35f11fb5501d5516eb52ee5d5fa72738aae93f70b43b6f9fe6e15ffb24
GRAudit Grep Auditing Tool 3.1
Posted Jun 22, 2021
Authored by Wireghoul | Site justanotherhacker.com

Graudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility, grep. It's comparable to other static analysis applications like RATS, SWAAT, and flaw-finder while keeping the technical requirements to a minimum and being very flexible.

Changes: Updated secret rules. Updated dotnet rules. Updated C rules. Updated Java and Mongose rules. Added ~/graudit/signatures to database locations. Updated documentation.
tags | tool
systems | unix
SHA-256 | 7bab75bbc6330e05bd374226f5e57a1fab230a1b04db8a88cfe4b4e95c909c90
GRAudit Grep Auditing Tool 3.0
Posted Apr 29, 2021
Authored by Wireghoul | Site justanotherhacker.com

Graudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility, grep. It's comparable to other static analysis applications like RATS, SWAAT, and flaw-finder while keeping the technical requirements to a minimum and being very flexible.

Changes: Fixed broken Java rule causing massive false positives. Additional PHP fruit rules added.
tags | tool
systems | unix
SHA-256 | a1153c5de5bd786a24a28e3e31ce5ead66ccd16a90c162f15c858d17d6001e7f
GRAudit Grep Auditing Tool 2.9
Posted Apr 9, 2021
Authored by Wireghoul | Site justanotherhacker.com

Graudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility, grep. It's comparable to other static analysis applications like RATS, SWAAT, and flaw-finder while keeping the technical requirements to a minimum and being very flexible.

Changes: Fix for GRDIR applied. Improved C fruit rules. Improved js fruit rules. Started python fruit rules. Updated documentation. Various other updates as well.
tags | tool
systems | unix
SHA-256 | 41eb7846be334a34a54cdda4de506dfc8dc6be67eb610b7d6bb9b8cae80e277d
GRAudit Grep Auditing Tool 2.8
Posted Nov 19, 2020
Authored by Wireghoul | Site justanotherhacker.com

Graudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility, grep. It's comparable to other static analysis applications like RATS, SWAAT, and flaw-finder while keeping the technical requirements to a minimum and being very flexible.

Changes: Updated Electron rules. Updated PHP rules. More scala rules and a scala signature set. Updated C rules. Updated Java rules. Many other updates as well.
tags | tool
systems | unix
SHA-256 | 25ed4c4c97f26a3df2dd64a41c356940753751abc3e5c7c9e0d7b682495221d9
VegaDNS 0.13.2 Remote Command Injection
Posted Sep 20, 2016
Authored by Wireghoul

VegaDNS version 0.13.2 suffers from a remote command injection vulnerability.

tags | exploit, remote
SHA-256 | 691f14f46448b114528c54e8b25a49d68c7140203e7d8634eb7318d2424b2d4a
Cacti Superlinks 1.4-2 Code Execution / LFI / SQL Injection
Posted Dec 20, 2014
Authored by Wireghoul

Cacti Superlinks version 1.4-2 suffers from code execution via local file inclusion, and remote SQL injection vulnerabilities.

tags | exploit, remote, local, vulnerability, code execution, sql injection, file inclusion
advisories | CVE-2014-4644
SHA-256 | 5a23314873f3c7b79647dafc858449285d365137abb907d03a2007a2c4bb40fd
Flatpress 1.0 Traversal / Command Execution
Posted Nov 6, 2013
Authored by Wireghoul

Flatpress version 1.0 remote code execution exploit that leverages a comment loaded through a directory traversal vulnerability.

tags | exploit, remote, code execution
SHA-256 | 8cbb0d3675b2bd21358cd41f0015f77833c3b74c965121dd98e9e879bf4160dc
freeFTPd PASS Command Buffer Overflow
Posted Sep 30, 2013
Authored by Wireghoul | Site metasploit.com

freeFTPd 1.0.10 and below contains an overflow condition that is triggered as user-supplied input is not properly validated when handling a specially crafted PASS command. This may allow a remote attacker to cause a buffer overflow, resulting in a denial of service or allow the execution of arbitrary code. FreeFTPd must have an account set to authorization anonymous user account.

tags | exploit, remote, denial of service, overflow, arbitrary
advisories | OSVDB-96517
SHA-256 | 5e92a9db9ba76a96be5d0f1d040af96bc6431037970882d5778b46dcbc012aad
mod_accounting 0.5 Blind SQL Injection
Posted Sep 26, 2013
Authored by Wireghoul

mod_accounting version 0.5 suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2013-5697
SHA-256 | 5f80d81efab9b887ab6063336f50467c4282d2a92a64c29cbf5563b42ba9f24a
freeFTPd 1.0.10 PASS Command SEH Overflow
Posted Sep 19, 2013
Authored by Wireghoul, Muhamad Fadzil Ramli | Site metasploit.com

This Metasploit module exploits a SEH stack-based buffer overflow in freeFTPd Server PASS command version 1.0.10. credit goes to Wireghoul.

tags | exploit, overflow
advisories | OSVDB-96517
SHA-256 | 9b1b3722c40ca89375f977802175807d831acd844ac69afb11a55ae6296de174
freeFTPd 1.0.10 PASS Command SEH Overflow
Posted Sep 9, 2013
Authored by Wireghoul, Muhamad Fadzil Ramli | Site metasploit.com

This Metasploit module exploits a SEH stack-based buffer overflow in freeFTPd Server PASS command version 1.0.10.

tags | exploit, overflow
advisories | OSVDB-96517
SHA-256 | 02521b6229ecb5c00ebc4a5b2081e20949f1c436bc6899cb1c51b9e3982be68b
freeFTPd 1.0.10 Buffer Overflow
Posted Aug 21, 2013
Authored by Wireghoul | Site justanotherhacker.com

freeFTPd version 1.0.10 PASS command SEH buffer overflow exploit.

tags | exploit, overflow
SHA-256 | 9074bf6f86b7de3c41e626bf72906b7cbd156074f91c6eb66bcbbe469169d303
Open And Compact FTP Server 1.2 Bypass / Directory Traversal
Posted Aug 8, 2013
Authored by Wireghoul

Open and Compact FTP server version 1.2 authentication bypass and directory traversal SAM retrieval exploit.

tags | exploit, bypass, file inclusion
advisories | CVE-2010-2620, OSVDB-65687
SHA-256 | 0aa630f3b70ad7a6a9b5a6a29346d0cca04ee11570d82597dcfe2a39b5d05d09
Symphony CMS 2.3 XSS / SQL Injection / Disclosure
Posted Oct 17, 2012
Authored by Wireghoul | Site justanotherhacker.com

Symphony CMS version 2.3 suffers from cross site scripting, path disclosure, remote shell upload, token brute force, and remote SQL injection vulnerabilities.

tags | exploit, remote, shell, vulnerability, xss, sql injection
SHA-256 | 2b1824a17383c70bba1e1643ea148290b08e042f50a7123cb88114364f39cfc2
HP Data Protector 6.1 EXEC_CMD Remote Code Execution
Posted Feb 24, 2012
Authored by Wireghoul, ch0ks, c4an | Site metasploit.com

This exploit abuses a vulnerability in the HP Data Protector service. This flaw allows an unauthenticated attacker to take advantage of the EXEC_CMD command and traverse back to /bin/sh, this allows arbitrary remote code execution under the context of root.

tags | exploit, remote, arbitrary, root, code execution
advisories | CVE-2011-0923
SHA-256 | 95add5b2ce4d94dcd719eaead5d7369aff78a1ef7a8325a02fc4a43b2369c0b5
Open Source CERT Security Advisory 2011.001
Posted Jul 16, 2011
Authored by Andrea Barisani, Open Source CERT, Wireghoul | Site justanotherhacker.com

Chyrp versions 2.1 and below suffer from cross site scripting, local file inclusion, shell upload, and directory traversal vulnerabilities. Both the oCERT and original advisories are included here.

tags | exploit, shell, local, vulnerability, xss, file inclusion
SHA-256 | 18cdf52059b49b643716260b829dda6fe150876cbf21decc4085e78858e6de67
Symphony CMS 2.1.2 Blind SQL Injection
Posted Apr 28, 2011
Authored by Wireghoul | Site justanotherhacker.com

Symphony CMS version 2.1.2 suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 72304f447893e36ab1d979c1aaa426d7350a9b03736b52d72ddb9e0b566af0cb
GRAudit Grep Auditing Tool 1.9
Posted Jan 11, 2011
Authored by Wireghoul | Site justanotherhacker.com

Graudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility, grep. It's comparable to other static analysis applications like RATS, SWAAT, and flaw-finder while keeping the technical requirements to a minimum and being very flexible.

Changes: This release fixes the PHP (php/xss.db) database, which had a blank line at the end, causing everything to match. It adds a test case for blank lines in signature scripts. It adds a database validating aux script. It updates the Makefile file manifest. It fixes a bug in the test script template (t/blank-test.sh).
systems | unix
SHA-256 | d46060d223d96fc42554acdc64b1cf95c5fbf905d7daa19f4be00ce3b80a0fbd
GRAudit Grep Auditing Tool 1.8
Posted Jan 8, 2011
Authored by Wireghoul | Site justanotherhacker.com

Graudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility, grep. It's comparable to other static analysis applications like RATS, SWAAT, and flaw-finder while keeping the technical requirements to a minimum and being very flexible.

Changes: The -L operator now does vim-friendly line numbers. Man pages and documentation were updated. Signatures for PHP, JSP, Dotnet, Perl, and Python were updated. Bugs in the aux/ scripts were fixed and additional scripts were provided. CVS directories are now ignored by default.
systems | unix
SHA-256 | 253268f4cfd6a3216f6fd69cf40629e0fb8195095d9321238364444ed5acab0f
Page 1 of 2
Back12Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    25 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close