exploit the possibilities
Showing 1 - 16 of 16 RSS Feed

Files Date: 2013-01-21

PLC Device Scanner
Posted Jan 21, 2013
Authored by Dmitry Efanov | Site ptsecurity.com

This is a tool written in Python that will scan for PLC devices over s7comm or modbus protocols.

tags | tool, protocol, python
systems | linux, unix
MD5 | 9e28c57716071ad4c35797dfd177b1e7
EMC Avamar Client Privilege Elevation
Posted Jan 21, 2013
Site emc.com

The Avamar affected client process runs as root and after each backup it leaves the cache files as world readable and writable. While the cache files themselves do not contain sensitive information, when the parent directory is world-writable, the cache files could be used by an attacker to elevate the privileges when a system-level backup is performed. The non-root user can create symbolic links to obtain unauthorized access to files on the affected system. Versions affected include EMC Avamar HP-UX Client 4.x, 5.x and 6.x, EMC Avamar Mac OS Client 4.x, 5.x and 6.x, and EMC Avamar Plugin for Oracle 4.x, 5.x and 6.x.

tags | advisory, root
systems | hpux
advisories | CVE-2012-2291
MD5 | fceda672ef639b55e5aaaf6f6007627a
EMC AlphaStor 4.0 Code Execution
Posted Jan 21, 2013
Authored by Aniway | Site emc.com

EMC AlphaStor version 4.0 prior to build 800 suffers from code execution and format string vulnerabilities.

tags | advisory, vulnerability, code execution
advisories | CVE-2013-0928, CVE-2013-0929
MD5 | d6fb868fe9261d753c01ee81304564f7
DNSChef 0.2.1
Posted Jan 21, 2013
Authored by Peter Kacherginsky | Site thesprawl.org

DNSChef is a highly configurable DNS proxy for Penetration Testers and Malware Analysts. A DNS proxy (aka "Fake DNS") is a tool used for application network traffic analysis among other uses. For example, a DNS proxy can be used to fake requests for "badguy.com" to point to a local machine for termination or interception instead of a real host somewhere on the Internet.

Changes: Fixed a compatibility bug with older Python 2.6 interpreters.
tags | local
systems | unix
MD5 | cb567d575cc837c49e51d95349986875
Siemens Simatic WinCC 7.x Hardening Guide
Posted Jan 21, 2013
Site ptsecurity.com

This is a SCADA security hardening guide for Siemens Simatic WinCC version 7.x.

tags | paper
MD5 | 5477fcfad70193074f4d7b9fc189daaa
Siemens Simatic WinCC Flexible 2008 Security Hardening Guide
Posted Jan 21, 2013
Site ptsecurity.com

Siemens Simatic WinCC Flexible 2008 security hardening guide.

tags | paper
MD5 | 3f757696de41af8e3780ee226a33c9db
WinCC Under X-Rays
Posted Jan 21, 2013
Authored by Sergey Gordeychik, Gleb Gritsai, Denis Baranov | Site ptsecurity.com

These are slides from a presentation call WinCC Under X-Rays.

tags | paper
MD5 | 5711b231a59994ee2a1d6fcd7c4d9e88
Simatic WinCC Information Harvester
Posted Jan 21, 2013
Authored by Gleb Gritsai, Vyacheslav Egoshin, Dmitry Nagibin | Site metasploit.com

This Metasploit module receives sensitive information from the WinCC database.

tags | exploit
MD5 | df135e3191aaa7a87f7b87c00416827e
ICS / SCADA / PLC Google / Shodanhq Cheat Sheet
Posted Jan 21, 2013
Authored by Yuri Goltsev, Gleb Gritsai, Alexander Timorin, Roman Ilin | Site ptsecurity.com

This document illustrates multiple ways to identify multiple SCADA systems.

tags | paper
MD5 | 2da13b842c046b950c68fc86f91afa28
S7 Password Offline Bruteforce Tool
Posted Jan 21, 2013
Authored by Alexander Timorin, Dmitry Sklyarov | Site ptsecurity.com

S7 Password offline bruteforcing tool written in Python.

tags | cracker, python
MD5 | 0538432f923cc38a8ca1f76a5201448c
NConf 1.3 SQL Injection
Posted Jan 21, 2013
Authored by haidao

NConf version 1.3 suffers from remote blind SQL injection vulnerabilities in multiple parameters.

tags | exploit, remote, vulnerability, sql injection
MD5 | af44ffb257f86f5fd35663052ad2e06d
WordPress Developer Formatter Cross Site Request Forgery
Posted Jan 21, 2013
Authored by Junaid Hussain

WordPress Developer Formatter plugin suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | 6609b2b66afdb2f13c87ac46c5a01829
Secunia Security Advisory 50674
Posted Jan 21, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Charlie Eriksen has discovered multiple vulnerabilities in the WP Symposium plugin for WordPress, which can be exploited by malicious users and malicious people to conduct SQL injection attacks.

tags | advisory, vulnerability, sql injection
MD5 | 22f0943c4c97360c86a0bc35923e7ca2
Secunia Security Advisory 51842
Posted Jan 21, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple weaknesses, two security issues, and multiple vulnerabilities have been reported in Moodle, where one has an unknown impact and the others can be exploited by malicious users to bypass certain security restrictions and by malicious people to conduct spoofing and cross-site request forgery attacks and disclose potentially sensitive information.

tags | advisory, spoof, vulnerability, csrf
MD5 | 75edcabb951b4d05ded2d3c41149f344
Joomla GarysCookBook 3.0.x Shell Upload
Posted Jan 21, 2013
Authored by KedAns-Dz

Joomla GarysCookBook version 3.0.x suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | 09ee801d02aa34dac897685fbb353bb8
PHP Data Stream File Inclusion To Command Execution Tool
Posted Jan 21, 2013
Authored by infodox

This is a small proof of concept tool that leverages the data:// stream to gain remote code execution from a file inclusion vulnerability.

tags | remote, code execution, proof of concept, file inclusion
MD5 | 69dd6d5717304dbb657405d2903b0b06
Page 1 of 1

File Archive:

February 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    22 Files
  • 2
    Feb 2nd
    9 Files
  • 3
    Feb 3rd
    2 Files
  • 4
    Feb 4th
    15 Files
  • 5
    Feb 5th
    50 Files
  • 6
    Feb 6th
    24 Files
  • 7
    Feb 7th
    15 Files
  • 8
    Feb 8th
    6 Files
  • 9
    Feb 9th
    1 Files
  • 10
    Feb 10th
    1 Files
  • 11
    Feb 11th
    22 Files
  • 12
    Feb 12th
    25 Files
  • 13
    Feb 13th
    16 Files
  • 14
    Feb 14th
    32 Files
  • 15
    Feb 15th
    15 Files
  • 16
    Feb 16th
    10 Files
  • 17
    Feb 17th
    2 Files
  • 18
    Feb 18th
    27 Files
  • 19
    Feb 19th
    32 Files
  • 20
    Feb 20th
    15 Files
  • 21
    Feb 21st
    17 Files
  • 22
    Feb 22nd
    12 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2019 Packet Storm. All rights reserved.

Security Services
Hosting By