Exploit the possiblities
Showing 1 - 10 of 10 RSS Feed

Files Date: 2017-04-17

Microsoft Windows MS17-010 SMB Remote Code Execution
Posted Apr 17, 2017
Authored by Sean Dillon | Site metasploit.com

This Metasploit module uses information disclosure to determine if MS17-010 has been patched or not. Specifically, it connects to the IPC$ tree and attempts a transaction on FID 0. If the status returned is "STATUS_INSUFF_SERVER_RESOURCES", the machine does not have the MS17-010 patch. This Metasploit module does not require valid SMB credentials in default server configurations. It can log on as the user "\" and connect to IPC$.

tags | exploit, info disclosure
advisories | CVE-2017-0143, CVE-2017-0144, CVE-2017-0145, CVE-2017-0146, CVE-2017-0147, CVE-2017-0148
MD5 | 89159784c9ed66494a7cec42e5285517
Blue Team Training Toolkit (BT3) 2.2
Posted Apr 17, 2017
Authored by Juan J. Guelfo | Site encripto.no

Blue Team Training Toolkit (BT3) is an attempt to introduce improvements in current computer network defense analysis training. Based on adversary replication techniques, and with reusability in mind, BT3 allows individuals and organizations to create realistic computer attack scenarios, while reducing infrastructure costs, implementation time and risk. The Blue Team Training Toolkit is written in Python, and it includes the latest versions of Encripto's Maligno and Pcapteller.

Changes: This release focuses on usability. New commands have been implemented, and error messages related to API operations are now more descriptive.
tags | tool, python
systems | unix
MD5 | 25b5c99f377d029bc54e7c2f708d20b1
Watchguard Firebox / XTM XXE Injection
Posted Apr 17, 2017
Authored by David Fernandez

Watchguard's Firebox and XTM appliances suffer from XML external entity injection and XML-RPC user enumeration vulnerabilities.

tags | exploit, vulnerability
MD5 | fc81bd26428ae0fa35796c34f171c13a
Huawei HG532n Command Injection
Posted Apr 17, 2017
Authored by Ahmed S. Darwish | Site metasploit.com

This Metasploit module exploits a command injection vulnerability in the Huawei HG532n routers provided by TE-Data Egypt, leading to a root shell. The router's web interface has two kinds of logins, a "limited" user:user login given to all customers and an admin mode. The limited mode is used here to expose the router's telnet port to the outside world through NAT port-forwarding. With telnet now remotely accessible, the router's limited "ATP command line tool" (served over telnet) can be upgraded to a root shell through an injection into the ATP's hidden "ping" command.

tags | exploit, web, shell, root
MD5 | 5846ef508d85837a4608f1c94c201d64
360-FAAR Firewall Analysis Audit And Repair 0.6.2
Posted Apr 17, 2017
Authored by Dan Martin | Site sourceforge.net

360-FAAR Firewall Analysis Audit and Repair is an offline command line perl policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in checkpoint dbedit or screenos commands.

Changes: This release fixes the bug in the cisco asa drop log parser that missed %ASA-6-106100. Various other updates.
tags | tool, perl
systems | unix
MD5 | b89c2831979ada2d1e3b0440139a40b5
CVE-2017-0199 Practical Exploitation
Posted Apr 17, 2017
Authored by David Routin

This article documents practical exploitation of CVE-2017-0199 and includes a proof of concept.

tags | exploit, proof of concept
advisories | CVE-2017-0199
MD5 | b03e34017c4b989f9ac59f7b459a5cfe
Microsoft Word RTF Remote Code Execution
Posted Apr 17, 2017
Authored by Bhadresh Patel

Microsoft Word RTF remote code execution proof of concept exploit.

tags | exploit, remote, code execution, proof of concept
advisories | CVE-2017-0199
MD5 | f937dc70e4f902d07449912a173ea332
WinSCP 5.9.4 LIST Denial Of Service
Posted Apr 17, 2017
Authored by M. Ibrahim | Site metasploit.com

This Metasploit module will cause a denial of service condition against the WinSCP version 5.9.4 client using the LIST command.

tags | exploit, denial of service
MD5 | 0790610643d9c770d4cffd690299dfe0
VirusChaser 8.0 Buffer Overflow
Posted Apr 17, 2017
Authored by 0x41Li

VirusChaser version 8.0 SEH buffer overflow exploit.

tags | exploit, overflow
MD5 | a49d7be8ab96a87009c882fc28adc47d
Web Services Penetration Testing
Posted Apr 17, 2017
Authored by Firat Celal Erdik, Mert Tasci

This is a whitepaper that discussing penetration testing against web services. Written in Turkish.

tags | paper, web
MD5 | 0d44214ba96b783c46bbca2a6e34d070
Page 1 of 1
Back1Next

File Archive:

November 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    22 Files
  • 2
    Nov 2nd
    28 Files
  • 3
    Nov 3rd
    10 Files
  • 4
    Nov 4th
    1 Files
  • 5
    Nov 5th
    5 Files
  • 6
    Nov 6th
    15 Files
  • 7
    Nov 7th
    15 Files
  • 8
    Nov 8th
    13 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    9 Files
  • 11
    Nov 11th
    3 Files
  • 12
    Nov 12th
    2 Files
  • 13
    Nov 13th
    15 Files
  • 14
    Nov 14th
    17 Files
  • 15
    Nov 15th
    19 Files
  • 16
    Nov 16th
    15 Files
  • 17
    Nov 17th
    19 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close