exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 4 of 4 RSS Feed

Files Date: 2020-09-04 to 2020-09-05

Scapy Packet Manipulation Tool 2.4.4
Posted Sep 4, 2020
Authored by Philippe Biondi | Site secdev.org

Scapy is a powerful interactive packet manipulation tool, packet generator, network scanner, network discovery tool, and packet sniffer. It provides classes to interactively create packets or sets of packets, manipulate them, send them over the wire, sniff other packets from the wire, match answers and replies, and more. Interaction is provided by the Python interpreter, so Python programming structures can be used (such as variables, loops, and functions). Report modules are possible and easy to make. It is intended to do the same things as ttlscan, nmap, hping, queso, p0f, xprobe, arping, arp-sk, arpspoof, firewalk, irpas, tethereal, tcpdump, etc.

Changes: 784 commits to master since version 2.4.3.
tags | tool, scanner, python
systems | unix
SHA-256 | abe1b7fa606350df90209a60d23df727705097453b3dcb626bf36b3539d44021
ManageEngine Applications Manager Authenticated Remote Code Execution
Posted Sep 4, 2020
Authored by Hodorsec

ManageEngine Applications Manager authenticated remote code execution exploit that leverages the newInstance() and loadClass() methods being used by the "WeblogicReference", when attempting a Credential Test for a new Monitor. Versions below 14720 are affected.

tags | exploit, remote, code execution
advisories | CVE-2020-14008
SHA-256 | 0c0cd9e0020b9b9ebc100236161c5168965c12c7c555ee30775d0cba210c80f1
Pulse Secure Windows Client Privilege Escalation
Posted Sep 4, 2020
Authored by redtimmysec | Site redtimmy.com

The Windows client for Pulse Secure versions prior to 9.1.6 have a TOCTOU bug that allows an attacker to escalate the privilege to NT_AUTHORITY\SYSTEM.

tags | exploit
systems | windows
advisories | CVE-2020-13162
SHA-256 | dca63b6d0e232c655c5aa1e46657175b0a75544592e4c07a004fd3566b85e29b
Noise-Java AESGCMOnCtrCipherState.encryptWithAd() Insufficient Boundary Checks
Posted Sep 4, 2020
Authored by Pietro Oliva

Noise-Java suffers from an issue located in the AESGCMOnCtrCipherState.encryptWithAd() method defined in AESGCMOnCtrCipherState.java, where multiple boundary checks are performed to prevent invalid length or offsets from being specified for the encrypt or copy operation. However, some checks were found to be either incomplete or missing.

tags | exploit, java
advisories | CVE-2020-25023
SHA-256 | a99df3ee9f5acff0704d48e5d7c762aa97aa9cf1ebaf6936dab504c89c499e99
Page 1 of 1
Back1Next

File Archive:

October 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    39 Files
  • 2
    Oct 2nd
    23 Files
  • 3
    Oct 3rd
    18 Files
  • 4
    Oct 4th
    20 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    0 Files
  • 8
    Oct 8th
    0 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close