Exploit the possiblities
Showing 1 - 10 of 10 RSS Feed

Files Date: 2017-04-17

Microsoft Windows MS17-010 SMB Remote Code Execution
Posted Apr 17, 2017
Authored by Sean Dillon | Site metasploit.com

This Metasploit module uses information disclosure to determine if MS17-010 has been patched or not. Specifically, it connects to the IPC$ tree and attempts a transaction on FID 0. If the status returned is "STATUS_INSUFF_SERVER_RESOURCES", the machine does not have the MS17-010 patch. This Metasploit module does not require valid SMB credentials in default server configurations. It can log on as the user "\" and connect to IPC$.

tags | exploit, info disclosure
advisories | CVE-2017-0143, CVE-2017-0144, CVE-2017-0145, CVE-2017-0146, CVE-2017-0147, CVE-2017-0148
MD5 | 89159784c9ed66494a7cec42e5285517
Blue Team Training Toolkit (BT3) 2.2
Posted Apr 17, 2017
Authored by Juan J. Guelfo | Site encripto.no

Blue Team Training Toolkit (BT3) is an attempt to introduce improvements in current computer network defense analysis training. Based on adversary replication techniques, and with reusability in mind, BT3 allows individuals and organizations to create realistic computer attack scenarios, while reducing infrastructure costs, implementation time and risk. The Blue Team Training Toolkit is written in Python, and it includes the latest versions of Encripto's Maligno and Pcapteller.

Changes: This release focuses on usability. New commands have been implemented, and error messages related to API operations are now more descriptive.
tags | tool, python
systems | unix
MD5 | 25b5c99f377d029bc54e7c2f708d20b1
Watchguard Firebox / XTM XXE Injection
Posted Apr 17, 2017
Authored by David Fernandez

Watchguard's Firebox and XTM appliances suffer from XML external entity injection and XML-RPC user enumeration vulnerabilities.

tags | exploit, vulnerability
MD5 | fc81bd26428ae0fa35796c34f171c13a
Huawei HG532n Command Injection
Posted Apr 17, 2017
Authored by Ahmed S. Darwish | Site metasploit.com

This Metasploit module exploits a command injection vulnerability in the Huawei HG532n routers provided by TE-Data Egypt, leading to a root shell. The router's web interface has two kinds of logins, a "limited" user:user login given to all customers and an admin mode. The limited mode is used here to expose the router's telnet port to the outside world through NAT port-forwarding. With telnet now remotely accessible, the router's limited "ATP command line tool" (served over telnet) can be upgraded to a root shell through an injection into the ATP's hidden "ping" command.

tags | exploit, web, shell, root
MD5 | 5846ef508d85837a4608f1c94c201d64
360-FAAR Firewall Analysis Audit And Repair 0.6.2
Posted Apr 17, 2017
Authored by Dan Martin | Site sourceforge.net

360-FAAR Firewall Analysis Audit and Repair is an offline command line perl policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in checkpoint dbedit or screenos commands.

Changes: This release fixes the bug in the cisco asa drop log parser that missed %ASA-6-106100. Various other updates.
tags | tool, perl
systems | unix
MD5 | b89c2831979ada2d1e3b0440139a40b5
CVE-2017-0199 Practical Exploitation
Posted Apr 17, 2017
Authored by David Routin

This article documents practical exploitation of CVE-2017-0199 and includes a proof of concept.

tags | exploit, proof of concept
advisories | CVE-2017-0199
MD5 | b03e34017c4b989f9ac59f7b459a5cfe
Microsoft Word RTF Remote Code Execution
Posted Apr 17, 2017
Authored by Bhadresh Patel

Microsoft Word RTF remote code execution proof of concept exploit.

tags | exploit, remote, code execution, proof of concept
advisories | CVE-2017-0199
MD5 | f937dc70e4f902d07449912a173ea332
WinSCP 5.9.4 LIST Denial Of Service
Posted Apr 17, 2017
Authored by M. Ibrahim | Site metasploit.com

This Metasploit module will cause a denial of service condition against the WinSCP version 5.9.4 client using the LIST command.

tags | exploit, denial of service
MD5 | 0790610643d9c770d4cffd690299dfe0
VirusChaser 8.0 Buffer Overflow
Posted Apr 17, 2017
Authored by 0x41Li

VirusChaser version 8.0 SEH buffer overflow exploit.

tags | exploit, overflow
MD5 | a49d7be8ab96a87009c882fc28adc47d
Web Services Penetration Testing
Posted Apr 17, 2017
Authored by Firat Celal Erdik, Mert Tasci

This is a whitepaper that discussing penetration testing against web services. Written in Turkish.

tags | paper, web
MD5 | 0d44214ba96b783c46bbca2a6e34d070
Page 1 of 1

Want To Donate?

Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

January 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    2 Files
  • 2
    Jan 2nd
    13 Files
  • 3
    Jan 3rd
    16 Files
  • 4
    Jan 4th
    39 Files
  • 5
    Jan 5th
    26 Files
  • 6
    Jan 6th
    40 Files
  • 7
    Jan 7th
    2 Files
  • 8
    Jan 8th
    16 Files
  • 9
    Jan 9th
    25 Files
  • 10
    Jan 10th
    28 Files
  • 11
    Jan 11th
    44 Files
  • 12
    Jan 12th
    32 Files
  • 13
    Jan 13th
    2 Files
  • 14
    Jan 14th
    4 Files
  • 15
    Jan 15th
    31 Files
  • 16
    Jan 16th
    15 Files
  • 17
    Jan 17th
    16 Files
  • 18
    Jan 18th
    24 Files
  • 19
    Jan 19th
    7 Files
  • 20
    Jan 20th
    0 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    0 Files
  • 25
    Jan 25th
    0 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2018 Packet Storm. All rights reserved.

Security Services
Hosting By