exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 16 of 16 RSS Feed

Files Date: 2015-08-05

Maligno 2.3
Posted Aug 5, 2015
Authored by Juan J. Guelfo | Site encripto.no

Maligno is an open source penetration testing tool written in python, that serves Metasploit payloads. It generates shellcode with msfvenom and transmits it over HTTP or HTTPS. The shellcode is encrypted with AES and encoded with Base64 prior to transmission.

Changes: New adversary replication profile, bug fixes and minor adjustments.
tags | tool, web, scanner, shellcode, python
systems | unix
SHA-256 | d8dfdb3144906acd4e280cd20b793c5221f74fc92d87b50b3387d41967240e6f
Pcapteller 0.2
Posted Aug 5, 2015
Authored by Juan J. Guelfo | Site encripto.no

Pcapteller is a tool designed for simple traffic manipulation and replay. The tool allows you to recreate a recorded network traffic scenario that occurred in a foreign network, as it really happened in yours. Basically, the tool reads network packets from a PCAP file, and it replaces a given IP address with one that fits your needs. Afterwards, the manipulated packets are injected into the network. The tool is useful if you want to recreate scenarios where computer attacks or malware infections occurred. Using such scenarios as a base, Pcapteller will make it look like everything is really happening in your network. Pcapteller can help you improving your blue team's network security monitoring skills, or creating network decoys during red team operations.

Changes: Interface argument validation added, update detection mechanism added, various output adjustments and documentation improvements.
tags | tool
systems | unix
SHA-256 | d3844504a66ad0de7486f7ea22a2d785cf691233626f791a6de690c90281c438
WordPress WPTF Image Gallery 1.03 File Download
Posted Aug 5, 2015
Authored by Larry W. Cashdollar

WordPress WPTF Image Gallery plugin version 1.03 suffers from an arbitrary remote file download vulnerability.

tags | exploit, remote, arbitrary
SHA-256 | e39e04a316b2c3e7b42e97e4a5d7d671a447fa25eff91df61d2e342e399d082a
WordPress Recent Backups 0.7 File Download
Posted Aug 5, 2015
Authored by Larry W. Cashdollar

WordPress Recent Backups plugin version 0.7 suffers from an arbitrary remote file download vulnerability.

tags | exploit, remote, arbitrary
SHA-256 | 51398282955782a1451dcd0d10f0b3709c0c18f40ce6b4bc09f7c7658093e88a
WordPress Simple Image Manipulator 1.0 File Download
Posted Aug 5, 2015
Authored by Larry W. Cashdollar

WordPress Simple Image Manipulator plugin version 1.0 suffers from an arbitrary remote file download vulnerability.

tags | exploit, remote, arbitrary
SHA-256 | aeb69ae2c20996034de7e2551b8a6b60c4aa2efe8b7d44ff46b712b79ea9b492
WordPress Candidate Application Form 1.0 File Download
Posted Aug 5, 2015
Authored by Larry W. Cashdollar

WordPress Candidate Application Form plugin version 1.0 suffers from an arbitrary remote file download vulnerability.

tags | exploit, remote, arbitrary
SHA-256 | 816049deea64461a8d810ffdccfe02412b9685d700f20853132431706a358ad0
WordPress Filedownload 1.4 Open Proxy
Posted Aug 5, 2015
Authored by Larry W. Cashdollar

WordPress Filedownload plugin version 1.4 suffers from an open proxy vulnerability.

tags | exploit
SHA-256 | 8a34f8136cd407380fcfe973539ad5729a136bdd902f99381c0f47b2c521e7fc
WordPress Fast Image Adder 1.1 Shell Upload
Posted Aug 5, 2015
Authored by Larry W. Cashdollar

WordPress Fast Image Adder plugin version 1.1 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | 92e3fb426b6093f0fc7868113431bacafb286dd94b45a14ce4bd19933779b0a8
Websense Triton Content Manager 8.0.0 Build 1165 Buffer Overflow
Posted Aug 5, 2015
Authored by Christoph Schwarz | Site sec-consult.com

Websense Triton Content Manager version 8.0.0 build 1165 suffers from a stack buffer overflow vulnerability in handle_debug_network.

tags | exploit, overflow
advisories | CVE-2015-5718
SHA-256 | 2be19a5f5bb552bef16fa644e26f18d5a3f9e6501a4d37846f6d8ebe6a800de8
Zed Attack Proxy 2.4.1 Mac OS X Release
Posted Aug 5, 2015
Authored by Psiinon | Site owasp.org

The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. Mac OS X release.

Changes: Various updates.
tags | tool, web, vulnerability
systems | apple, osx
SHA-256 | 98c9cab401dd95c021ee32cf4030aa63a64f08a82c6fe0d2493663e3c6e1c5a3
Webfolio CMS 2.5.1 Insecure File Upload
Posted Aug 5, 2015
Authored by Sharankumar Somana

Webfolio CMS version 2.5.1 suffers from an insecure file upload vulnerability.

tags | exploit, file upload
SHA-256 | 89b7b64d987ea801fc593ca99caa022a573667c732c049a833b14739d428551f
Red Hat Security Advisory 2015-1551-01
Posted Aug 5, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1551-01 - Red Hat JBoss Fuse Service Works is the next-generation ESB and business process automation infrastructure. This roll up patch serves as a cumulative upgrade for Red Hat JBoss Fuse Service Works 6.0.0. It includes various bug fixes, which are listed in the README file included with the patch files. The following security issues are also fixed with this release: It was found that async-http-client would disable SSL/TLS certificate verification under certain conditions, for example if HTTPS communication also used client certificates. A man-in-the-middle attacker could use this flaw to spoof a valid certificate.

tags | advisory, web, spoof
systems | linux, redhat
advisories | CVE-2013-7397, CVE-2013-7398
SHA-256 | f81b1c7aa71caea5275592e1b3edd2a6dbb8b26ba81bf656af5c0616e8195285
Red Hat Security Advisory 2015-1546-01
Posted Aug 5, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1546-01 - OpenShift Enterprise by Red Hat is the company's cloud computing Platform-as-a-Service solution designed for on-premise or private cloud deployments. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. A flaw was found in the way SSL 3.0 handled padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining mode. This flaw allows a man-in-the-middle attacker to decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections.

tags | advisory, javascript
systems | linux, redhat
advisories | CVE-2014-3566
SHA-256 | 684e33562ba74fcc19ec789c71837e144c6ecc819347abd4a30200473e5edca8
Webfolio CMS 2.5.1 Open Redirect
Posted Aug 5, 2015
Authored by Sharankumar Somana

Webfolio CMS version 2.5.1 suffers from an open redirection vulnerability.

tags | exploit
SHA-256 | 76cc657b49852f9ee7616d77671a408e4023ffba1404db81b96b64453cd72de2
BIGINT Overflow Error Based SQL Injection
Posted Aug 5, 2015
Authored by Osanda Malith

This whitepaper deep dives into using BIGINT overflow errors in MySQL in order to extract data upon injection.

tags | paper, overflow, sql injection
SHA-256 | e8fbee2a079d4d4558ea961db0b57f97cb03c62856ccc42dab34844750c3ec48
PortDog Network Anomaly Detector
Posted Aug 5, 2015
Authored by puniaze | Site github.com

PortDog is a network anomaly detector aimed at identifying portscanning attacks. It is entirely written in python and has an easy-to-use interface.

tags | tool, sniffer, python
SHA-256 | f63e923ee94a697d566a787e7193d4c0179ba1a3041f835265f57968926fd423
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close