what you don't know can hurt you
Showing 1 - 16 of 16 RSS Feed

Files Date: 2013-01-21

PLC Device Scanner
Posted Jan 21, 2013
Authored by Dmitry Efanov | Site ptsecurity.com

This is a tool written in Python that will scan for PLC devices over s7comm or modbus protocols.

tags | tool, protocol, python
systems | linux, unix
MD5 | 9e28c57716071ad4c35797dfd177b1e7
EMC Avamar Client Privilege Elevation
Posted Jan 21, 2013
Site emc.com

The Avamar affected client process runs as root and after each backup it leaves the cache files as world readable and writable. While the cache files themselves do not contain sensitive information, when the parent directory is world-writable, the cache files could be used by an attacker to elevate the privileges when a system-level backup is performed. The non-root user can create symbolic links to obtain unauthorized access to files on the affected system. Versions affected include EMC Avamar HP-UX Client 4.x, 5.x and 6.x, EMC Avamar Mac OS Client 4.x, 5.x and 6.x, and EMC Avamar Plugin for Oracle 4.x, 5.x and 6.x.

tags | advisory, root
systems | hpux
advisories | CVE-2012-2291
MD5 | fceda672ef639b55e5aaaf6f6007627a
EMC AlphaStor 4.0 Code Execution
Posted Jan 21, 2013
Authored by Aniway | Site emc.com

EMC AlphaStor version 4.0 prior to build 800 suffers from code execution and format string vulnerabilities.

tags | advisory, vulnerability, code execution
advisories | CVE-2013-0928, CVE-2013-0929
MD5 | d6fb868fe9261d753c01ee81304564f7
DNSChef 0.2.1
Posted Jan 21, 2013
Authored by Peter Kacherginsky | Site thesprawl.org

DNSChef is a highly configurable DNS proxy for Penetration Testers and Malware Analysts. A DNS proxy (aka "Fake DNS") is a tool used for application network traffic analysis among other uses. For example, a DNS proxy can be used to fake requests for "badguy.com" to point to a local machine for termination or interception instead of a real host somewhere on the Internet.

Changes: Fixed a compatibility bug with older Python 2.6 interpreters.
tags | local
systems | unix
MD5 | cb567d575cc837c49e51d95349986875
Siemens Simatic WinCC 7.x Hardening Guide
Posted Jan 21, 2013
Site ptsecurity.com

This is a SCADA security hardening guide for Siemens Simatic WinCC version 7.x.

tags | paper
MD5 | 5477fcfad70193074f4d7b9fc189daaa
Siemens Simatic WinCC Flexible 2008 Security Hardening Guide
Posted Jan 21, 2013
Site ptsecurity.com

Siemens Simatic WinCC Flexible 2008 security hardening guide.

tags | paper
MD5 | 3f757696de41af8e3780ee226a33c9db
WinCC Under X-Rays
Posted Jan 21, 2013
Authored by Sergey Gordeychik, Gleb Gritsai, Denis Baranov | Site ptsecurity.com

These are slides from a presentation call WinCC Under X-Rays.

tags | paper
MD5 | 5711b231a59994ee2a1d6fcd7c4d9e88
Simatic WinCC Information Harvester
Posted Jan 21, 2013
Authored by Gleb Gritsai, Vyacheslav Egoshin, Dmitry Nagibin | Site metasploit.com

This Metasploit module receives sensitive information from the WinCC database.

tags | exploit
MD5 | df135e3191aaa7a87f7b87c00416827e
ICS / SCADA / PLC Google / Shodanhq Cheat Sheet
Posted Jan 21, 2013
Authored by Yuri Goltsev, Gleb Gritsai, Alexander Timorin, Roman Ilin | Site ptsecurity.com

This document illustrates multiple ways to identify multiple SCADA systems.

tags | paper
MD5 | 2da13b842c046b950c68fc86f91afa28
S7 Password Offline Bruteforce Tool
Posted Jan 21, 2013
Authored by Alexander Timorin, Dmitry Sklyarov | Site ptsecurity.com

S7 Password offline bruteforcing tool written in Python.

tags | cracker, python
MD5 | 0538432f923cc38a8ca1f76a5201448c
NConf 1.3 SQL Injection
Posted Jan 21, 2013
Authored by haidao

NConf version 1.3 suffers from remote blind SQL injection vulnerabilities in multiple parameters.

tags | exploit, remote, vulnerability, sql injection
MD5 | af44ffb257f86f5fd35663052ad2e06d
WordPress Developer Formatter Cross Site Request Forgery
Posted Jan 21, 2013
Authored by Junaid Hussain

WordPress Developer Formatter plugin suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | 6609b2b66afdb2f13c87ac46c5a01829
Secunia Security Advisory 50674
Posted Jan 21, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Charlie Eriksen has discovered multiple vulnerabilities in the WP Symposium plugin for WordPress, which can be exploited by malicious users and malicious people to conduct SQL injection attacks.

tags | advisory, vulnerability, sql injection
MD5 | 22f0943c4c97360c86a0bc35923e7ca2
Secunia Security Advisory 51842
Posted Jan 21, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple weaknesses, two security issues, and multiple vulnerabilities have been reported in Moodle, where one has an unknown impact and the others can be exploited by malicious users to bypass certain security restrictions and by malicious people to conduct spoofing and cross-site request forgery attacks and disclose potentially sensitive information.

tags | advisory, spoof, vulnerability, csrf
MD5 | 75edcabb951b4d05ded2d3c41149f344
Joomla GarysCookBook 3.0.x Shell Upload
Posted Jan 21, 2013
Authored by KedAns-Dz

Joomla GarysCookBook version 3.0.x suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | 09ee801d02aa34dac897685fbb353bb8
PHP Data Stream File Inclusion To Command Execution Tool
Posted Jan 21, 2013
Authored by infodox

This is a small proof of concept tool that leverages the data:// stream to gain remote code execution from a file inclusion vulnerability.

tags | remote, code execution, proof of concept, file inclusion
MD5 | 69dd6d5717304dbb657405d2903b0b06
Page 1 of 1
Back1Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    7 Files
  • 23
    Jul 23rd
    2 Files
  • 24
    Jul 24th
    19 Files
  • 25
    Jul 25th
    28 Files
  • 26
    Jul 26th
    2 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close