Exploit the possiblities
Showing 1 - 16 of 16 RSS Feed

Files Date: 2013-12-24

TOR Virtual Network Tunneling Tool
Posted Dec 24, 2013
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).

Changes: This release fixes potentially poor random number generation for users who use OpenSSL 1.0.0 or later, set "HardwareAccel 1" in their torrc file, have "Sandy Bridge" or "Ivy Bridge" Intel processors, and have no state file in their DataDirectory (as would happen on first start). Users who generated relay or hidden service identity keys in such a situation should discard them and generate new ones.
tags | tool, remote, local, peer2peer
systems | unix
MD5 | a8cd8e3b3a3f6a7770f2c22d280f19b8
EMC Replication Manager Unquoted File Path Enumeration
Posted Dec 24, 2013
Site emc.com

EMC Replication Manager allows a user to create scripts with unquoted element such as whitespace or other separators. This may allow local malicious users to access resources in a parent path and execute them. EMC Replication Manager versions prior to 5.5 are affected.

tags | advisory, local
advisories | CVE-2013-6182
MD5 | ec28a1d330fad5f08556140b430a8b9c
EMC Watch4net Information Disclosure
Posted Dec 24, 2013
Site emc.com

EMC Watch4Net stores passwords of devices polled during monitoring in clear text in Watch4Net installation repository. This could allow a malicious user with access to Watch4Net installation repository to view those passwords. EMC Watch4Net versions prior to 6.3 are affected.

tags | advisory
advisories | CVE-2013-6181
MD5 | 4ec9e87081c4f0d014174584db14531c
WinAppDbg Python Module 1.5
Posted Dec 24, 2013
Site sourceforge.net

The WinAppDbg python module allows developers to quickly add Windows application debugging facilities to your Python scripts.

Changes: Full 64-bit support. Added support for Windows Vista and above. Various other new additions and improvements.
tags | python
systems | windows
MD5 | 21ffe746b4efb87f39e6028d1c35956e
Hook Analyser Malware Tool 3.0
Posted Dec 24, 2013
Authored by Beenu Arora | Site hookanalyser.blogspot.com

Hook Analyser is a hook tool which can be potentially helpful in reversing applications and analyzing malware. It can hook to an API in a process and search for a pattern in memory or dump the buffer.

Changes: In terms of improvements, a new module has been added - Cyber Threat Intelligence.
tags | tool
MD5 | 8b1ff20952dbfa90970ccf836ae06bf5
Debian Security Advisory 2827-1
Posted Dec 24, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2827-1 - It was discovered that Apache Commons FileUpload, a package to make it easy to add robust, high-performance, file upload capability to servlets and web applications, incorrectly handled file names with NULL bytes in serialized instances. A remote attacker able to supply a serialized instance of the DiskFileItem class, which will be deserialized on a server, could use this flaw to write arbitrary content to any location on the server that is accessible to the user running the application server process.

tags | advisory, remote, web, arbitrary, file upload
systems | linux, debian
advisories | CVE-2013-2186
MD5 | edac1f08fbe8454dc071fb62f6557be3
Gentoo Linux Security Advisory 201312-15
Posted Dec 24, 2013
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201312-15 - A vulnerability has been found in Tinyproxy, allows remote attackers to cause a Denial of Service condition. Versions less than 1.8.3-r3 are affected.

tags | advisory, remote, denial of service
systems | linux, gentoo
advisories | CVE-2012-3505
MD5 | 288b8038edfaae17e07e2737d31e0ae8
Dewplayer 2.2.2 Cross Site Scripting
Posted Dec 24, 2013
Authored by MustLive

Dewplayer version 2.2.2 suffers from cross site scripting and content spoofing vulnerabilities.

tags | exploit, spoof, vulnerability, xss
MD5 | 75ff6e6f1315ccbb7189e4029752027a
Fat Free CRM CSRF / SQL Injection / Known Secret
Posted Dec 24, 2013
Authored by joernchen

Fat Free CRM suffers from cross site request forgery, known session secret, and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection, info disclosure, csrf
MD5 | 268e0f639d5feabbcd112362badf3b1c
Android/ARM Elf Infector Proof Of Concept
Posted Dec 24, 2013
Authored by Eugenio Delfa

Android/ARM elf infector proof of concept ASM code.

tags | shellcode, proof of concept
MD5 | 3e14c445abf69be1c96552d1aabd3f6e
Analysis Of The Rcrypt Packer
Posted Dec 24, 2013
Authored by rage | Site 0xrage.com

This is a paper detailing the rcrypt packer. This packer makes use of timelock puzzles and anti-analysis methods to frustrate AV detection via sandboxes and reverse engineering.

tags | paper
MD5 | 10c73cc7f922c7baea6d33c35180d19a
xBoard 5.0 / 5.5 / 6.0 Local File Inclusion
Posted Dec 24, 2013

xBoard versions 5.0, 5.5, and 6.0 suffer from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
MD5 | 5c9fb8d9f9e739558043f342eb3dcb1f
Qatar Booking Server Struts Execution
Posted Dec 24, 2013
Authored by Hackerdesk Team

booking.qatarairways.com suffers from a Struts vulnerability that allows for remote code execution. The authors have contacted Qatar but no one has responded nor fixed the issue. It is being published publicly to help convince them to remediate the issue.

tags | exploit, remote, code execution
MD5 | 836c80f19d8bac33fa94b5884d292604
WebPagetest 2.7 Local File Disclosure
Posted Dec 24, 2013

WebPagetest version 2.7 suffers from a local file disclosure vulnerability.

tags | exploit, local, info disclosure
MD5 | a11536cf040315778b31bad6d106a6c0
WordPress Recommend Cross Site Scripting
Posted Dec 24, 2013
Authored by Ashiyane Digital Security Team

WordPress Recommend plugin suffers from a cross site scripting vulnerability. Note that these findings house site-specific data.

tags | exploit, xss
MD5 | 26138b60cc28edfbca0b0e19845ddfd0
Zen-Cart Database Backup Disclosure
Posted Dec 24, 2013
Authored by JoKeR_StEx

Zen-Cart version 1.5.1 suffers from a database backup disclosure vulnerability.

tags | exploit, info disclosure
MD5 | f29bf95125b2377f1528dcf89dc5aff8
Page 1 of 1

Want To Donate?

Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

January 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    2 Files
  • 2
    Jan 2nd
    13 Files
  • 3
    Jan 3rd
    16 Files
  • 4
    Jan 4th
    39 Files
  • 5
    Jan 5th
    26 Files
  • 6
    Jan 6th
    40 Files
  • 7
    Jan 7th
    2 Files
  • 8
    Jan 8th
    16 Files
  • 9
    Jan 9th
    25 Files
  • 10
    Jan 10th
    28 Files
  • 11
    Jan 11th
    44 Files
  • 12
    Jan 12th
    32 Files
  • 13
    Jan 13th
    2 Files
  • 14
    Jan 14th
    4 Files
  • 15
    Jan 15th
    31 Files
  • 16
    Jan 16th
    15 Files
  • 17
    Jan 17th
    16 Files
  • 18
    Jan 18th
    24 Files
  • 19
    Jan 19th
    15 Files
  • 20
    Jan 20th
    5 Files
  • 21
    Jan 21st
    1 Files
  • 22
    Jan 22nd
    15 Files
  • 23
    Jan 23rd
    12 Files
  • 24
    Jan 24th
    0 Files
  • 25
    Jan 25th
    0 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2018 Packet Storm. All rights reserved.

Security Services
Hosting By