exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 41 RSS Feed

Files Date: 2017-03-03 to 2017-03-04

TOR Virtual Network Tunneling Tool 0.2.9.10
Posted Mar 3, 2017
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).

Changes: Tor 0.2.9.10 backports a security fix for users who build Tor with the --enable-expensive-hardening option. It also includes fixes for some major issues affecting directory authorities, LibreSSL compatibility, and IPv6 correctness.
tags | tool, remote, local, peer2peer
systems | unix
SHA-256 | d611283e1fb284b5f884f8c07e7d3151016851848304f56cfdf3be2a88bd1341
Hashcat Advanced Password Recovery 3.40 Source Code
Posted Mar 3, 2017
Authored by Kartan | Site hashcat.net

Hashcat is an advanced GPU hash cracking utility that includes the World's fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker. It also has the first and only GPGPU-based rule engine, focuses on highly iterated modern hashes, single dictionary-based attacks, and more. This is the source code release.

Changes: Added support for loading hccapx files. Added support for filtering hccapx message pairs using --hccapx-message-pair. - Added support for parsing 7-Zip hashes with LZMA/LZMA2 compression indicator set to a non-zero value. Many other additions.
tags | tool, cracker
systems | unix
SHA-256 | 92627197daa850dc7d723793150801c0791fe31f6c767de68417cee097ad6f4c
Hashcat Advanced Password Recovery 3.40 Binary Release
Posted Mar 3, 2017
Authored by Kartan | Site hashcat.net

Hashcat is an advanced GPU hash cracking utility that includes the World's fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker. It also has the first and only GPGPU-based rule engine, focuses on highly iterated modern hashes, single dictionary-based attacks, and more. This is the binary release.

Changes: Added support for loading hccapx files. Added support for filtering hccapx message pairs using --hccapx-message-pair. - Added support for parsing 7-Zip hashes with LZMA/LZMA2 compression indicator set to a non-zero value. Many other additions.
tags | tool, cracker
SHA-256 | 2ffba8950a8e3b72f7ece355bce5021974dc34d4982816cd9813f742d26ae49f
Capstone 3.0.5
Posted Mar 3, 2017
Authored by Nguyen Anh Quynh | Site capstone-engine.org

Capstone is a multi-architecture, multi-platform disassembly framework. It has a simple and lightweight architecture-neutral API, thread-safe by design, provides details on disassembled instruction, and more.

Changes: Release 3.0.5-RC2 is a release candidate version, with important fixes in the core and several bindings.
tags | tool
systems | unix
SHA-256 | 587c092454ad59137686529f3c008c265cc6d427a85d5d2e8f6a902b72d215b3
I2P 0.9.29
Posted Mar 3, 2017
Authored by welterde | Site i2p2.de

I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version.

Changes: Various updates and bug fixes.
tags | tool
systems | unix
SHA-256 | 67da4ce224fef2b190ffeed5dba102a3b7724f061b1c168255625c028a97c3a7
Lynis Auditing Tool 2.4.4
Posted Mar 3, 2017
Authored by Michael Boelen | Site cisofy.com

Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.

Changes: Fix for upload function to be used from profile. Reduce screen output for mail section, unless --verbose is used. Code cleanups and removed update release command.
tags | tool, scanner
systems | unix
SHA-256 | 771a25238c2b2aa92857096670463801149ce9e13b8d82c53dfe1cad2608316a
Ubuntu Security Notice USN-3215-2
Posted Mar 3, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3215-2 - USN-3215-1 fixed a vulnerability in Munin. The upstream patch caused a regression leading to errors being appended to the log file. This update fixes the problem. It was discovered that Munin incorrectly handled CGI graphs. A remote attacker could use this issue to overwrite arbitrary files as the www-data user.

tags | advisory, remote, arbitrary, cgi
systems | linux, ubuntu
SHA-256 | aa1f24b6f532f9a94b446eecce1f85748ef6ebca90324dbc5b1f133dce50088f
pfSense 2.3.2 Cross Site Request Forgery / Cross Site Scripting
Posted Mar 3, 2017
Authored by Yann CAM

pfSense version 2.3.2 suffers from cross site request forgery and cross site scripting vulnerabilities that can assist in gaining a reverse-shell remotely as root.

tags | exploit, shell, root, vulnerability, xss, csrf
SHA-256 | cd39c0002c9cbad6f84b7ff1bc8b8dfac8bd266558a55a8c5b35198aec6c2e57
Joomla Recipe Manager 2.2 SQL Injection
Posted Mar 3, 2017
Authored by Ihsan Sencan

Joomla Recipe Manager component version 2.2 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 9475b7764ad3c035a9c1d0aedef33e517241ab183d242e273d8a837a759e0c2c
Joomla Guesser 1.0.4 SQL Injection
Posted Mar 3, 2017
Authored by Ihsan Sencan

Joomla Guesser component version 1.0.4 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 7e5437ce0e5c08a6977f0422189d1f5c96727657c24c737d099b9b287a4ce948
Joomla StreetGuessr Game 1.0 SQL Injection
Posted Mar 3, 2017
Authored by Ihsan Sencan

Joomla StreetGuessr Game component version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | b4f8fd0800d2434e2bc7baab9337cec94238c1c6c3cad4e1ce93ceb394905daf
Joomla Abstract 2.1 SQL Injection
Posted Mar 3, 2017
Authored by Ihsan Sencan

Joomla Abstract component version 2.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 162ff907f8affdaa02e6afc9950fea17d4b349b6f540fdff29333709842c24e1
NetGain Enterprise Manager 7.2.562 Command Execution
Posted Mar 3, 2017
Authored by MrChaZ

NetGain Enterprise Manager versions 7.2.562 build 853 and below suffer from a ping command injection vulnerability.

tags | exploit
SHA-256 | 65782cf6f7eafb12c288f2dc5c904209ff696bf281464766fc61b65617f713e5
NetSTR 0.20
Posted Mar 3, 2017
Authored by Jay Fink | Site systhread.net

NetSTR is an open source small, fast and easy to use port scanner and packet sniffer. IPv4 scanner can perform ranged, single or use an internal top ports list plus it has a flexible timers/port capability. IPv6 single port single host is supported. The tcp and arp sniffers print an easy to read dump format and have a full packet decode capability. Additionally netstr sports a fuzzy passive network scanner.

Changes: Added show capability to udpscan. Moved prog.h to netstr.h to avoid any future conflicts. Initial UDP support added.
tags | tool, scanner, tcp
systems | unix
SHA-256 | 878f8e1c354a7af52fb070235beb2aa55d53602e2728069efeab2d0e51dbfff7
Linux x86_64 Polymorphic Shellcode
Posted Mar 3, 2017
Authored by Robert L. Taylor

31 bytes small Linux x86_64 polymorphic setuid(0) and execve(/bin/sh) shellcode.

tags | shellcode
systems | linux
SHA-256 | c402b58268e42bce5a0d795156af2b1df6f55f3fcdc828ad17fff029af7b770d
WordPress Contact Form 4.0.0 Cross Site Scripting
Posted Mar 3, 2017
Authored by Securify B.V., Julien Rentrop

WordPress Contact Form plugin version 4.0.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 584dc6e15f6a3d8fd4dd2df04a59176bf53f2fe05a39c7749e9ccb90cecf014d
WordPress Contact Form Manager CSRF / XSS
Posted Mar 3, 2017
Authored by Securify B.V., Edwin Molenaar

WordPress Contact Form Manager plugin suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
SHA-256 | de609d4292dcc9ecec778d67effe9ec246ff8261422bac22eb7abbd0ad762702
WordPress User Login Log 2.2.1 Cross Site Scripting
Posted Mar 3, 2017
Authored by Axel Koolhaas

WordPress User Login Log plugin version 2.2.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 1e716bb3eab880b82d9519988f8f516e288c83773a805ad4c2919514b5e4797b
WordPress Popup By Supsystic 1.7.6 Cross Site Request Forgery
Posted Mar 3, 2017
Authored by Securify B.V., Radjnies Bhansingh

WordPress Popup by Supsystic plugin 1.7.6 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | c44f0d7c29e05b7d57e8ef6eaec37a3a1b7d438d1d471473d6154da47e3616ea
WordPress VaultPress 1.8.4 Remote Code Execution / Man-In-The-Middle
Posted Mar 3, 2017
Authored by David Vaartjes

WordPress VaultPress plugin version 1.8.4 suffers from a remote code execution via man-in-the-middle attack vulnerability.

tags | exploit, remote, code execution
SHA-256 | 4c056c1d1a19a56f28c822e0b04fb7a61c23f8d3512b2811ce4e0043e1f21294
WordPress Alpine PhotoTile For Instagram 1.2.7.7 XSS
Posted Mar 3, 2017
Authored by Antonis Manaras

WordPress Alpine PhotoTile for Instagram plugin version 1.2.7.7 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | aadf56e6de519dd917e723fa5bdfd3e087171bdde3318b0d219911308c0d2101
WordPress Google Analytics Dashboard 2.1.1 Cross Site Scripting
Posted Mar 3, 2017
Authored by Yorick Koster, Securify B.V.

WordPress Google Analytics Dashboard plugin version 2.1.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | bc9ec119f0a226470311e249f41eb959a98b3b4353374203f0b337db3a302b54
WordPress Magic Fields 1 1.7.1 Cross Site Scripting
Posted Mar 3, 2017
Authored by Securify B.V., Burak Kelebek

WordPress Magic Fields 1 plugin version 1.7.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | aedb2e37c089832d32e0904ab02df9464d1d572fcc56386d16a6ba7140d5a684
WordPress Username Enumeration
Posted Mar 3, 2017
Authored by Dctor

Simple PHP proof of concept exploit that demonstrates username enumeration in WordPress versions prior to 4.7.1.

tags | exploit, php, proof of concept
advisories | CVE-2017-5487
SHA-256 | 6330d946fbcd5422cc1b6d65d1436107000d78c749ccd76f058efcd3d7c00f83
WordPress Atahualpa Theme Cross Site Scripting
Posted Mar 3, 2017
Authored by Spyros Gasteratos

WordPress Atahualpa theme suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 07d5ff8c80d33d34260cc5c93dd81e287636e22821daf977393abeae82bee6e9
Page 1 of 2
Back12Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close