This Metasploit module uses information disclosure to determine if MS17-010 has been patched or not. Specifically, it connects to the IPC$ tree and attempts a transaction on FID 0. If the status returned is "STATUS_INSUFF_SERVER_RESOURCES", the machine does not have the MS17-010 patch. This Metasploit module does not require valid SMB credentials in default server configurations. It can log on as the user "\" and connect to IPC$.
406793a6d738119ccb6d6413edb253d56dcc7567c30b9802bc8d69cb7209cb0bBlue Team Training Toolkit (BT3) is an attempt to introduce improvements in current computer network defense analysis training. Based on adversary replication techniques, and with reusability in mind, BT3 allows individuals and organizations to create realistic computer attack scenarios, while reducing infrastructure costs, implementation time and risk. The Blue Team Training Toolkit is written in Python, and it includes the latest versions of Encripto's Maligno and Pcapteller.
6452693362cf081a653c9da4094f4cd28eed8a27db00338da17456c5600822b3Watchguard's Firebox and XTM appliances suffer from XML external entity injection and XML-RPC user enumeration vulnerabilities.
947dba226b2f6a9ad24e1b5e7af199cf29a3450764e88c890268dcb7b1cd44c2This Metasploit module exploits a command injection vulnerability in the Huawei HG532n routers provided by TE-Data Egypt, leading to a root shell. The router's web interface has two kinds of logins, a "limited" user:user login given to all customers and an admin mode. The limited mode is used here to expose the router's telnet port to the outside world through NAT port-forwarding. With telnet now remotely accessible, the router's limited "ATP command line tool" (served over telnet) can be upgraded to a root shell through an injection into the ATP's hidden "ping" command.
13f129a4c5fe898ac3c2bbe4698d84747643595b279f6dd5ed13bb1e7817b43b360-FAAR Firewall Analysis Audit and Repair is an offline command line perl policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in checkpoint dbedit or screenos commands.
9530e7f9edc52dc222597d903ee4f6797a20b6cccb765503b6c3082408e9d386This article documents practical exploitation of CVE-2017-0199 and includes a proof of concept.
7e95162e6d74646b2e07b57b6589a73c89a2105aa6fc97d5f1fd7552b825222eMicrosoft Word RTF remote code execution proof of concept exploit.
e3af621ee635b743874aebf34413bfde2f9b300518dd7ab7af4dfce56b891d5cThis Metasploit module will cause a denial of service condition against the WinSCP version 5.9.4 client using the LIST command.
70b4a4f4603ab9597bca18a248bf1413f07aecd0e5667bd5fd8aae0701e0f356VirusChaser version 8.0 SEH buffer overflow exploit.
55d4edfc5e560528047e28f4aa656ddf9ae557f65bf055d9001a301986a25b69This is a whitepaper that discussing penetration testing against web services. Written in Turkish.
4883e0979bed91e02253acc95f59113aa6d85ba94b5cdfa5e26ea275754dd7e0
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed