A malicious Jar file can bypass all OS X Gatekeeper warnings and protections, allowing a remote attacker to execute arbitrary unsigned code downloaded by the user. Java must be installed on the victim's machine.
12bedb80e935c14c525f7aca1139b70f471d66838a84cc908b3de4717f0877b1Windows Credentials Editor (WCE) allows you to list logon sessions and add, change, list and delete associated credentials (ex.: LM/NT hashes). This can be used, for example, to perform pass-the-hash on Windows and also obtain NT/LM hashes from memory (credentials not stored locally including domain credentials from interactive logons, services, remote desktop connections, etc.) which can be used in further attacks. This is the universal binary.
285b752a5654ebc12d1cdde6a34f79438f321b1ba9e23e9ca345f7cd9739587bWindows Credentials Editor (WCE) allows to list logon sessions and add, change, list and delete associated credentials (ex.: LM/NT hashes and Kerberos tickets). This can be used, for example, to perform pass-the-hash on Windows, obtain NT/LM hashes from memory (from interactive logons, services, remote desktop connections, etc.) which can be used to perform further attacks, obtain Kerberos tickets and reuse them in other Windows or Unix systems.
099e55d14489dafd73cfdfa5499d3104b38a4256c3df9a93abae54beaa077d30Windows Credentials Editor (WCE) allows you to list logon sessions and add, change, list and delete associated credentials (ex.: LM/NT hashes). This can be used, for example, to perform pass-the-hash on Windows and also obtain NT/LM hashes from memory (credentials not stored locally including domain credentials from interactive logons, services, remote desktop connections, etc.) which can be used in further attacks.
d5947a1b05bc5936dec425b3b826c1e9cea6c3295335bf93a05f071088349b99Flaws in Microsoft's implementation of the NTLM challenge-response authentication protocol causing the server to generate duplicate challenges/nonces and an information leak allow an unauthenticated remote attacker without any kind of credentials to access the SMB service of the target system under the credentials of an authorized user. Depending on the privileges of the user, the attacker will be able to obtain and modify files on the target system and execute arbitrary code. Proof of concept exploit included.
6b3ebf2a7a39c7c5203cde6f4027d748b138e372cc4996244b973486d32706b4The Pass-The-Hash Toolkit contains utilities to manipulate the Windows Logon Sessions maintained by the LSA (Local Security Authority) component. These tools allow you to list the current logon sessions with its corresponding NTLM credentials (e.g.: users remotely logged in thru Remote Desktop/Terminal Services), and also change in runtime the current username, domain name, and NTLM hashes (YES, PASS-THE-HASH on Windows!).
e7bde2f898cac6acd7178cbc1b56f32a0e4c5273632a401bcd79b11e77d91c0cThe Wifizoo wireless hacking tool enables you to sniff wireless networks for MSN, FTP, SMTP, POP3 data as well as cookie data. This is a customized version of 1.3 that has a redesigned front end using XHTML and CSS.
6258235bdac87cf025e6ccf2a1649e0504283c49b952a3cc27e3d3b887424101The Pass-The-Hash Toolkit contains utilities to manipulate the Windows Logon Sessions maintained by the LSA (Local Security Authority) component. These tools allow you to list the current logon sessions with its corresponding NTLM credentials (e.g.: users remotely logged in thru Remote Desktop/Terminal Services), and also change in runtime the current username, domain name, and NTLM hashes (YES, PASS-THE-HASH on Windows!).
13ef7b8410107d58975fc08d8936ecc0c604229ac2938a11198712cf2d2625abThe Pass-The-Hash Toolkit contains utilities to manipulate the Windows Logon Sessions maintained by the LSA (Local Security Authority) component. These tools allow you to list the current logon sessions with its corresponding NTLM credentials (e.g.: users remotely logged in thru Remote Desktop/Terminal Services), and also change in runtime the current username, domain name, and NTLM hashes (YES, PASS-THE-HASH on Windows!). Both source tarball and binary tarballs are included.
ca44f24d0aee8b477db09c45fa6771b0c852c2cebf644dd4a756951e9808fddcWifiZoo is a tool to passively gather wifi information. It works much along the lines of Ferret and Dsniff but is written in Python.
23dd98b4c4d4fbd943fdb64c1cd923739212b95558384e65a6bbbf73c9fd96a7WifiZoo is a tool to passively gather wifi information. It works much along the lines of Ferret and Dsniff but is written in Python.
e99dbc67af7d8d03efa5905858b1461e5a7b116f2d99aa2b3674382bf305f37dWifiZoo is a tool to passively gather wifi information. It works much along the lines of Ferret and Dsniff but is written in Python.
6d20942b58b0159c26031081ad1518b2af217fd3b4340e6fa98f5f1c91f5fbfbThe Pass-The-Hash Toolkit contains utilities to manipulate the Windows Logon Sessions maintained by the LSA (Local Security Authority) component. These tools allow you to list the current logon sessions with its corresponding NTLM credentials (e.g.: users remotely logged in thru Remote Desktop/Terminal Services), and also change in runtime the current username, domain name, and NTLM hashes (YES, PASS-THE-HASH on Windows!). Both source tarball and binary tarballs are included.
6be2b9d8c80c3ce8623695fe34d59e1da13a69e745c495039e6e3840b294cafdThe Pass-The-Hash Toolkit contains utilities to manipulate the Windows Logon Sessions maintained by the LSA (Local Security Authority) component. These tools allow you to list the current logon sessions with its corresponding NTLM credentials (e.g.: users remotely logged in thru Remote Desktop/Terminal Services), and also change in runtime the current username, domain name, and NTLM hashes (YES, PASS-THE-HASH on Windows!). Both source tarball and binary tarballs are included.
12647279df0a167a813e91d94627b92abe1cca879d0528921db39c1d55eb68d2Core Security Technologies Advisory ID: CORE-2003-0305-04 - Windows NetMeeting is vulnerable to a directory traversal attack that allows remote arbitrary code execution. Vulnerable version: NetMeeting 3.01 (4.4.3385), possibly others. Fixed in Service Pack 4.
37573598836434eb829a0bd11e8ad4eae7fa6d4cbf8c3647e8d0168be675a1ea
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed