Exploit the possiblities
Showing 1 - 24 of 24 RSS Feed

Files Date: 2015-12-11

Nmap Port Scanner 7.01
Posted Dec 11, 2015
Authored by Fyodor | Site insecure.org

Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings.

Changes: Switched to using gtk-mac-bundler and jhbuild for building the OS X installer. The Windows installer is now built with NSIS 2.47 which features LoadLibrary security hardening to prevent DLL hijacking and other unsafe use of temporary directories. Various other updates and fixes.
tags | tool, remote, udp, tcp, protocol, nmap
systems | linux, unix
MD5 | 70f5cd6f014f79104a8d2be2f961e1b3
360-FAAR Firewall Analysis Audit And Repair 0.5.1
Posted Dec 11, 2015
Authored by Dan Martin | Site sourceforge.net

360-FAAR Firewall Analysis Audit and Repair is an offline command line perl policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in checkpoint dbedit or screenos commands.

Changes: Various updates.
tags | tool, perl
systems | unix
MD5 | 2c40ee5d2ddfe62753e868a5f54bf9a0
Microsoft Security Bulletin Revision Increment For December, 2015
Posted Dec 11, 2015
Site microsoft.com

This bulletin summary lists MS15-131 which has undergone a major revision increment.

tags | advisory
MD5 | 7eb3ac3f74ad3e519ec7677653051de1
Microsoft IE 11 MSHTML!CObjectElement Use-After-Free
Posted Dec 11, 2015
Authored by Moritz Jodeit | Site bluefrostsecurity.de

Microsoft Internet Explorer 11 suffers from a MSHTML!CObjectElement use-after-free vulnerability.

tags | exploit
advisories | CVE-2015-6152
MD5 | 9d0af67321cd6ea17a7210f69639687c
Windows Null-Free WinExec Shellcode
Posted Dec 11, 2015
Authored by B3mB4m

This is a tool written in python to generate shellcode to use on Microsoft Windows.

tags | shellcode, python
systems | windows
MD5 | 73b1e30b9d83d6b74340662c27c7375d
WordPress 4.4 User Enumeration
Posted Dec 11, 2015
Authored by John Martinelli

WordPress versions 4.4 and below leak whether or not a username exists in their login flow.

tags | advisory, info disclosure
MD5 | fd42cc564b27f39115553b503d68a109
Skybox Platform 7.0.611 XSS / SQL Injection / Code Execution
Posted Dec 11, 2015
Authored by Kestutis Gudinavicius, M. Heinzl, C. Schwarz | Site sec-consult.com

Skybox Platform versions 7.0.611 and below suffer from code execution, remote SQL injection, cross site scripting, and directory traversal vulnerabilities.

tags | exploit, remote, vulnerability, code execution, xss, sql injection
MD5 | 1c1ea7303287302b9b6a75246859ebdc
Joomla Nice Ajax Poll 1.4.0 SQL Injection
Posted Dec 11, 2015
Authored by indoushka

Joomla Nice Ajax Poll component version 1.4.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | b68b9f21682abe6a3997a3aede54ed19
Gokhan Balbal 2.0 Cross Site Request Forgery
Posted Dec 11, 2015
Authored by KnocKout

Gokhan Balbal version 2.0 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | f5fcd59ceb95a9b607d75956638cd8c3
WordPress S3 Video Remote Shell Upload
Posted Dec 11, 2015
Authored by Manish Tanwar

WordPress S3 Video plugin suffers from a remote shell upload vulnerability. Versions prior to 0.91 are affected.

tags | exploit, remote, shell
MD5 | ed3870c05a6c68f7c3594e9d5833022a
Legend Perl IRC Bot Remote Code Execution
Posted Dec 11, 2015
Authored by Jay Turla | Site metasploit.com

This Metasploit module exploits a remote command execution on the Legend Perl IRC Bot . This bot has been used as a payload in the Shellshock spam last October 2014. This particular bot has functionalities like NMAP scanning, TCP, HTTP, SQL, and UDP flooding, the ability to remove system logs, and ability to gain root, and VNC scanning. Kevin Stevens, a Senior Threat Researcher at Damballa has uploaded this script to VirusTotal with a md5 of 11a9f1589472efa719827079c3d13f76.

tags | exploit, remote, web, root, udp, perl, tcp
MD5 | 1d45434e3435a7b498a03833cf1d9027
Xdh / LinuxNet Perlbot / fBot IRC Bot Remote Code Execution
Posted Dec 11, 2015
Authored by Jay Turla, Matt Thayer, Conor Patrick | Site metasploit.com

This Metasploit module allows remote command execution on an IRC Bot developed by xdh. This perl bot was caught by Conor Patrick with his shellshock honeypot server and is categorized by Markus Zanke as an fBot (Fire & Forget - DDoS Bot). Matt Thayer also found this script which has a description of LinuxNet perlbot. The bot answers only based on the servername and nickname in the IRC message which is configured on the perl script thus you need to be an operator on the IRC network to spoof it and in order to exploit this bot or have at least the same ip to the config.

tags | exploit, remote, perl, spoof
MD5 | 76760e94b9460abe182c2c2992e2e8fb
Pacom 1000 CCU Crypto Shortcomings
Posted Dec 11, 2015
Authored by Peter Norin, Fredrik Soderblom, Joachim Strombergson

Pacom 1000 CCU suffers from a multiple cryptography implementation vulnerabilities.

tags | advisory, vulnerability
advisories | CVE-2014-3260
MD5 | 1f0d090130e326f48dbb708663042c15
NorthSec 2016 Call For Papers
Posted Dec 11, 2015
Site nsec.io

NorthSec 2016 has announced its Call For Papers. It will be held in Montreal, Canada, from May 19th through the 22nd.

tags | paper, conference
MD5 | 9ca35e6b66f60ff6137fde67b303dce2
Intellect Core Cross Site Scripting
Posted Dec 11, 2015
Authored by Mayank Sahu

Intellect Core banking software suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2015-6540
MD5 | 57b38b8e50b64d4c196bc9cd62d6930a
bitrix.mpbuilder Bitrix 1.0.10 Local File Inclusion
Posted Dec 11, 2015
Authored by High-Tech Bridge SA | Site htbridge.com

bitrix.mpbuilder Bitrix module version 1.0.10 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
advisories | CVE-2015-8358
MD5 | dd8b8530e2ec88e60b4c5973869617fe
bitrix.scan Bitrix 1.0.3 Path Traversal
Posted Dec 11, 2015
Authored by High-Tech Bridge SA | Site htbridge.com

bitrix.scan Bitrix module version 1.0.3 suffers from a path traversal vulnerability.

tags | exploit, file inclusion
advisories | CVE-2015-8357
MD5 | 26d7005e5b56c7298c398e6954fcf64a
Red Hat Security Advisory 2015-2615-01
Posted Dec 11, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2615-01 - OpenShift Enterprise by Red Hat is the company's cloud computing Platform-as-a-Service solution designed for on-premise or private cloud deployments. It was found that OpenShift's API back end did not verify requests for pod log locations, allowing a pod on a Node to request logs for any other pod on that Node. A remote attacker could use this flaw to view sensitive information via pod logs that they would normally not have access to. This issue was discovered by Jordan Liggitt of Red Hat Atomic OpenShift.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2015-7528
MD5 | 648eefb582a2f79f3b091f56afe2278f
Ubuntu Security Notice USN-2825-1
Posted Dec 11, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2825-1 - Multiple use-after-free bugs were discovered in the application cache implementation in Chromium. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking the program. CVE-2015-6766, Several security issues were discovered in the DOM implementation in Chromium. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to bypass same origin restrictions. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2015-6765, CVE-2015-6766, CVE-2015-6767, CVE-2015-6768, CVE-2015-6769, CVE-2015-6770, CVE-2015-6771, CVE-2015-6772, CVE-2015-6773, CVE-2015-6777, CVE-2015-6782, CVE-2015-6784, CVE-2015-6785, CVE-2015-6786, CVE-2015-6787, CVE-2015-8478
MD5 | a9b2cc8494bc539dc6456b0edc23314f
Google Chrome DLL Hijack
Posted Dec 11, 2015
Authored by Stefan Kanthak

Google Chrome's executable installers suffer from a DLL hijacking vulnerability.

tags | exploit
systems | windows
MD5 | 6360cddf7b0c73a04c2b6cdacbe42637
Open Audit SQL Injection
Posted Dec 11, 2015
Authored by WICS

Open Audit suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 31ce6d218ea5a9aeafc854b5d47e2569
Secure Data Space 3.1.1-2 Cross Site Scripting
Posted Dec 11, 2015
Authored by Thomas Vogt

Secure Data Space version 3.1.1-2 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2015-7706
MD5 | cadde937b831f5f4d3d0b38dc91d3ee8
Pe 2.4.3 Buffer Overflow
Posted Dec 11, 2015
Authored by Juan Sacco

Pe versions 2.4.3 and below suffer from a stack-based local buffer overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied input.

tags | exploit, overflow, local
MD5 | 10fc7db3c0a663431a1f9c485eda74e8
Rightel Cross Site Scripting
Posted Dec 11, 2015
Authored by Ehsan Hosseini

The Rightel mobile provider suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 8ebfbd2831dc4fb4c2b524dfd76f4daa
Page 1 of 1
Back1Next

File Archive:

November 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    22 Files
  • 2
    Nov 2nd
    28 Files
  • 3
    Nov 3rd
    10 Files
  • 4
    Nov 4th
    1 Files
  • 5
    Nov 5th
    5 Files
  • 6
    Nov 6th
    15 Files
  • 7
    Nov 7th
    15 Files
  • 8
    Nov 8th
    13 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    9 Files
  • 11
    Nov 11th
    3 Files
  • 12
    Nov 12th
    2 Files
  • 13
    Nov 13th
    15 Files
  • 14
    Nov 14th
    17 Files
  • 15
    Nov 15th
    19 Files
  • 16
    Nov 16th
    15 Files
  • 17
    Nov 17th
    19 Files
  • 18
    Nov 18th
    4 Files
  • 19
    Nov 19th
    2 Files
  • 20
    Nov 20th
    9 Files
  • 21
    Nov 21st
    15 Files
  • 22
    Nov 22nd
    23 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close