exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 645 RSS Feed

Files Date: 2012-12-01 to 2012-12-31

Zykeys Wireless Tool
Posted Dec 30, 2012
Authored by Kevin Devine

Zykeys demonstrates how default wireless settings are derived on some models of ZyXEL routers.

tags | tool, wireless
systems | unix
SHA-256 | 4011a881981df78c6a989e2a4dfd7be65354f245eefc04c178f9c93221f6bf3d
BlazeDVD 6.1 PLF Exploit DEP/ASLR Bypass
Posted Dec 30, 2012
Authored by LiquidWorm, Craig Freyman | Site metasploit.com

This Metasploit module updates an existing MSF module originally written for BlazeDVD 5.1. The new module will bypass DEP and ASLR on version 6. The original vulnerability is due to the handling of specially crafted PLF files. Exploiting this allows us to execute arbitrary code running under the context of the user.

tags | exploit, arbitrary, bypass
advisories | CVE-2006-6199, OSVDB-30770
SHA-256 | ff5bd458d53d97905de67393897725bc2fc0ec2f6c59ecc21e7e6504016b8953
WordPress RocketTheme Content Spoofing / Cross Site Scripting
Posted Dec 30, 2012
Authored by MustLive

33 new themes for WordPress that are made by RocketTheme suffer from cross site scripting, path disclosure, and content spoofing vulnerabilities.

tags | exploit, spoof, vulnerability, xss
SHA-256 | b113d5f193f4f8045548d75e1c1eb2e88da81e01e5f5af92b4d2a24021042799
WordPress SB Uploader 3.9 Shell Upload
Posted Dec 30, 2012
Authored by Evil aXe

WordPress SB Uploader version 3.9 suffers from an arbitrary file upload vulnerability.

tags | exploit, arbitrary, file upload
SHA-256 | d2989ab52362a8caed7d70e1750dd7f87e067566d774597523e6315bb3bd4327
WordPress Photo Plus / Photo Search XSS / CSRF
Posted Dec 30, 2012
Authored by Keith Makan

WordPress Photo Plus / Photo Search version 4.8.11 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
SHA-256 | c080064f2acdd8acdd3c6a4b7b8bac6aac032236c9a290e1c00e9984fa0994db
Enterprise Resource Planning SQL Injection
Posted Dec 30, 2012
Authored by Shahram Darvishvand

The ERP (Enterprise Resource Planning) system from Sida University System suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 6b509c2af3ab4aec42eafe4b2b75733cb59bac0f5a2011aae36c26758ae9fc10
Secunia Security Advisory 51695
Posted Dec 30, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Microsoft Internet Explorer, which can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | cc4807b9ab7303ec7a326cad3e55b19a13e0045602a8e1beb9435a20a62a22ef
Bluelog Bluetooth Scanner/Logger 1.1.0
Posted Dec 29, 2012
Authored by Tom Nardi | Site digifail.com

Bluelog is a Bluetooth scanner/logger written with speed in mind. It is intended to be used as a site survey tool, concerned more about accurately detecting the number of discoverable Bluetooth devices than individual device specifics. Bluelog also includes the unique "Bluelog Live" mode, which puts discovered devices into a constantly updating live webpage which you can serve up with your HTTP daemon of choice.

Changes: This is a stable release intended for general use. It adds many internal improvements, cleanups, and bugfixes, and is a suggested upgrade for all users.
tags | tool, web, wireless
systems | unix
SHA-256 | 53085aceeec913c3a9b7729ac19394b6db4d639a4adfbf180356183ec5a27905
Bing.com Hostname / IP Enumerator 0.3
Posted Dec 29, 2012
Authored by Andrew Horton | Site morningstarsecurity.com

This tool enumerates hostnames from Bing.com for an IP address. Bing.com is Microsoft's search engine which has an IP: search parameter. Written in Bash for Linux. Requires wget.

Changes: Fixed bug where version 0.2 stopped working, now uses bing.com instead of the mobile site, more detailed progress animation.
tags | tool, scanner, bash
systems | linux, unix
SHA-256 | 652f806668e2da16c60d530a21a840a2cbd6cb4da1794bfc93cc12dac7a062fe
Stegano 0.4
Posted Dec 29, 2012
Authored by Cedric Bonhomme | Site bitbucket.org

Stegano is a basic Python Steganography module. Stegano implements two methods of hiding: using the red portion of a pixel to hide ASCII messages, and using the Least Significant Bit (LSB) technique. It is possible to use a more advanced LSB method based on integers sets. The sets (Sieve of Eratosthenes, Fermat, Carmichael numbers, etc.) are used to select the pixels used to hide the information.

tags | tool, encryption, steganography, python
SHA-256 | a36f3721d12e6cacf44f111915f23f5a404801a7a9236c6fecdd4808d20bbbb9
Debian Security Advisory 2592-1
Posted Dec 29, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2592-1 - Marko Myllynen discovered that elinks, a powerful text-mode browser, incorrectly delegates user credentials during GSS-Negotiate.

tags | advisory
systems | linux, debian
advisories | CVE-2012-4545
SHA-256 | 149c360062a76e5cec29b9d5823b3e815bd95780d8d20666f866ebe907200af3
Ubiquiti AirOS 5.5.2 Command Execution
Posted Dec 29, 2012
Authored by xistence

Ubiquiti AirOS versions 5.5.2 and below suffer from a remote post-authentication root-level command execution vulnerability.

tags | exploit, remote, root
SHA-256 | 31177e50c29169efd962af59bdd1dcd6fd98c00f6e95f81c9e27921a3d144b6a
Secunia Security Advisory 51693
Posted Dec 29, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for tomcat. This fixes multiple weaknesses, one security issue and three vulnerabilities, which can be exploited by malicious users to manipulate certain data and by malicious people to bypass certain security restrictions, manipulate certain data, gain access to potentially sensitive information, and cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
systems | linux, suse
SHA-256 | 94b833d5afca567dd8b6f81dfc4de063020f11be6eece639f82752267f247ab6
Secunia Security Advisory 51673
Posted Dec 29, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in i-GEN opLYNX, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
SHA-256 | 7df638d8ded60fc9cf7d10f7806a26f013d9496308191c5e55e8a9255bb979b2
Secunia Security Advisory 51649
Posted Dec 29, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for opera. This fixes a security issue and two vulnerabilities, which can be exploited by malicious, local users to perform certain actions with escalated privileges and by malicious people to conduct spoofing attacks and potentially compromise a user's system.

tags | advisory, local, spoof, vulnerability
systems | linux, suse
SHA-256 | 9f54ac0e01adc9de3accec195e07f5da62202a62726a6e195e0800fda37b3988
Secunia Security Advisory 51638
Posted Dec 29, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for mahara. This fixes multiple vulnerabilities, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct click-jacking, cross-site scripting and request forgery attacks, and disclose potentially sensitive information.

tags | advisory, vulnerability, xss
systems | linux, debian
SHA-256 | 974b033350dc12b02a820eb5ef9cf13746f7ad11ed70d1325b58cde018653c76
Secunia Security Advisory 51654
Posted Dec 29, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - MustLive has discovered a weakness in MODx, which can be exploited by malicious people to determine valid usernames.

tags | advisory
SHA-256 | c97b887f44cfbeccf1887a3b46bda7830c8562c22efe6ea261fa150b0e1d9942
Secunia Security Advisory 51692
Posted Dec 29, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in VLC Media Player, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
SHA-256 | 0226e658eee44741ea5e476f646cd0183e9cdf360eaa475ca1783c1d26261e3d
Secunia Security Advisory 51678
Posted Dec 29, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in IBM InfoSphere Guardium, where one has an unknown impact and the others can be exploited by malicious users to potentially compromise a vulnerable system and by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
SHA-256 | 95358346677c36ee4518a6f67c6d78067bacf67efbe0d1c82b19d3d878b66305
Secunia Security Advisory 51569
Posted Dec 29, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for elinks. This fixes a weakness, which can be exploited by malicious people to conduct spoofing attacks.

tags | advisory, spoof
systems | linux, debian
SHA-256 | 8c522f343e38303eb3ac3e3871bfebfede5061ee0225e4a45e39b21836f9f0fa
Google Talk Decoder
Posted Dec 29, 2012
Authored by Kevin Devine

Google Talk decoder tool that demonstrates recovering passwords from accounts.

tags | tool
SHA-256 | f22e21c764b1d148dce047075c8e5e1ad98da47c9ae526044a697f021a0bbb66
Chrome Web Browser Decoder
Posted Dec 29, 2012
Authored by Kevin Devine

Chrome web browser decoder tool that demonstrates recovering passwords.

tags | tool, web
SHA-256 | 66d28558bf59fb4ed56c20e07d16601110120d4096f33f8d5a6591e5cef2732c
Skype Hash Dumper 1.0
Posted Dec 29, 2012
Authored by Kevin Devine

This is a tool that demonstrates dumping MD5 password hashes from the configuration file in Skype.

tags | tool
SHA-256 | 1c5bf93ebc41bc95553af5a1fa8a89d8ada7ff8cb06b4f21db26e8a540ca2921
CubeCart 5.0.7 Insecure Backup Handling
Posted Dec 28, 2012
Authored by Aung Khant | Site yehg.net

CubeCart versions 5.0.7 and below suffer from an insecure backup file handling vulnerability.

tags | exploit
SHA-256 | 4ad0bade6b43f93bb55527eb3f44f901936684bc818abacd7c7a8ba1a7d090bb
tcgetkey 0.1
Posted Dec 28, 2012
Authored by gat3way

tcgetkey is a set of tools that deal with acquiring physical memory dumps via FireWire and then scan the memory dump to locate TrueCrypt keys and finally decrypt the encrypted TrueCrypt container using the keys. It is a proof of concept and only works against TrueCrypt running on Linux hosts.

tags | tool, proof of concept
systems | linux, unix
SHA-256 | fd1ca946bf249034b70df9e906adf2257e7c7ba2d5c950bee07fc421f5efa391
Page 1 of 26
Back12345Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close