accept no compromises
Showing 1 - 25 of 100 RSS Feed

Files

THC-IPv6 Attack Tool 2.1
Posted Dec 27, 2012
Authored by van Hauser, thc | Site thc.org

THC-IPv6 is a toolkit that attacks the inherent protocol weaknesses of IPv6 and ICMP6 and it includes an easy to use packet factory library.

Changes: 4 new tools, features, and bug fixes.
tags | tool, protocol
systems | unix
MD5 | 62ad4fc959025d7f2dd852d8e60103f2

Related Files

Hydra Network Logon Cracker 7.3
Posted Jul 5, 2012
Authored by van Hauser, thc | Site thc.org

THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.

Changes: Multiple enhancements and fixed to Hydra main, the SNMP module, the HTTP module, and more. Added IDN and PCRE support for Cygwin.
tags | tool, web, imap
systems | cisco, unix
MD5 | 34f9c21eae24fdc542ba21abc61b05d1
THC-IPV6 Attack Tool 1.9
Posted Jul 5, 2012
Authored by van Hauser, thc | Site thc.org

THC-IPV6 is a toolkit that attacks the inherent protocol weaknesses of IPv6 and ICMP6 and it includes an easy to use packet factory library.

Changes: Multiple new tools added included detect_sniffer6, fake_router26, and more. dnsdic6, thcping6, fuzz_ip6, and more have been updated with fixes and features. Various other updates.
tags | tool, protocol
systems | unix
MD5 | fbfeefc9d3a88f2471c98e5dd1d3eb81
SugarCRM 6.3.1 unserialize() PHP Code Execution
Posted Jun 27, 2012
Authored by EgiX, sinn3r, juan vazquez | Site metasploit.com

This Metasploit module exploits a php unserialize() vulnerability in SugarCRM versions 6.3.1 and below which could be abused to allow authenticated SugarCRM users to execute arbitrary code with the permissions of the webserver. The dangerous unserialize() exists in the 'include/MVC/View/views/view.list.php' script, which is called with user controlled data from the 'current_query_by_page' parameter. The exploit abuses the __destruct() method from the SugarTheme class to write arbitrary PHP code to a 'pathCache.php' on the web root.

tags | exploit, web, arbitrary, root, php
advisories | CVE-2012-0694
MD5 | 7d01dafa74c844c1735769142b67e3ac
THC-Hydra 2.1 Tutorial
Posted May 28, 2012
Authored by MDH3LL

This is a tutorial on using THC-Hydra version 2.1. Written in Portuguese.

tags | paper
MD5 | a993c4f44d6a72524615998e219275ad
Uncovering ZeroDays And Advanced Fuzzing
Posted May 24, 2012
Authored by Kingcope

This is a presentation called Uncovering ZeroDays and Advanced Fuzzing. It has one PDF of the presentation and one of the full script used during the presentation. This was presented at AthCon 2012.

tags | paper
systems | linux
MD5 | 8812c3bbcb41fdcdf442c0a5cee60b06
Deathcore XP SQL Injection
Posted Mar 19, 2012
Authored by 3spi0n

Deathcore XP suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | bbd3561de4f6841842c4a5833a4ad0db
Hydra Network Logon Cracker 7.2
Posted Feb 16, 2012
Authored by van Hauser, thc | Site thc.org

THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.

Changes: Multiple bug fixes.
tags | tool, web, cracker, imap
systems | cisco, unix
MD5 | 7a72f2d4dd8a771a4935072f80e336dd
AthCon 2012 Call For Papers
Posted Jan 13, 2012
Authored by Christian Papathanasiou | Site athcon.org

The AthCon 2012 Call For Papers has been announced. It will take place in Athens, Greece on May 3rd through the 4th, 2012.

tags | paper, conference
MD5 | f67b68982774a5f382e2c5ccb6ec220b
THC SSL Denial Of Service Tool 1.4 Windows Version
Posted Oct 24, 2011
Authored by thc | Site thc.org

THC-SSL-DOS is tool to stress test the SSL handshake by triggering processor intensive RSA_encrypt() calls on the server side. Establishing a secure SSL connection requires 15x more processing power on the server than on the client. THC-SSL-DOS exploits this asymmetric property by overloading the server and knocking it off the Internet. This problem affects all SSL implementations today. The vendors are aware of this problem since 2003 and the topic has been widely discussed. This attack further exploits the SSL secure Renegotiation feature to trigger thousands of renegotiations via a single TCP connection. Windows binary version.

tags | exploit, tool, denial of service, tcp
systems | windows
advisories | CVE-2009-3555
MD5 | 7a40638354c8133ba93f966c31237518
THC SSL Denial Of Service Tool 1.4
Posted Oct 24, 2011
Authored by thc | Site thc.org

THC-SSL-DOS is tool to stress test the SSL handshake by triggering processor intensive RSA_encrypt() calls on the server side. Establishing a secure SSL connection requires 15x more processing power on the server than on the client. THC-SSL-DOS exploits this asymmetric property by overloading the server and knocking it off the Internet. This problem affects all SSL implementations today. The vendors are aware of this problem since 2003 and the topic has been widely discussed. This attack further exploits the SSL secure Renegotiation feature to trigger thousands of renegotiations via a single TCP connection.

tags | exploit, tool, denial of service, tcp
systems | unix
advisories | CVE-2009-3555
MD5 | a559f69caba2886e2be8e9cd6a47cd3c
Hydra Network Logon Cracker 7.1
Posted Oct 3, 2011
Authored by van Hauser, thc | Site thc.org

THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.

Changes: Added HTTP Proxy URL enumeration module, SOCKS4/SOCKS5 proxy support with authentication, IPv6 support for SOCKS5 module, and more. Various bug fixes and enhancements.
tags | tool, web, cracker, imap
systems | cisco, unix
MD5 | 0c3a6a351cb2e233cb989f0bcdd75edf
Hydra Network Logon Cracker 7.0
Posted Sep 25, 2011
Authored by van Hauser, thc | Site thc.org

THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.

Changes: New main engine for hydra. Lots of bugfixes and additions.
tags | tool, web, cracker, imap
systems | cisco, unix
MD5 | 4678557f796fe86dabdb977548b0b749
THC-IPV6 Attack Tool 1.8
Posted Aug 19, 2011
Authored by van Hauser, thc | Site thc.org

THC-IPV6 is a toolkit that attacks the inherent protocol weaknesses of IPv6 and ICMP6 and it includes an easy to use packet factory library.

Changes: There are now a total of 40 tools. Various bug fixes and improvements have also been made.
tags | protocol
systems | unix
MD5 | ae5d4180dae0763d315493ac7c825033
Hydra Network Logon Cracker 6.5
Posted Jul 17, 2011
Authored by van Hauser, thc | Site thc.org

THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.

Changes: Added dpl4hydra script by Roland Kessler, Greatly improved HTTP form module, Added interface support for IPv6, Added -W waittime between connects option, and more.
tags | web, imap
systems | cisco, unix
MD5 | 69a5afbbcbe3b1fdd31f9bf616480336
Vodafone Phone Hacking Scandal
Posted Jul 13, 2011
Authored by thc | Site thcorg.blogspot.com

THC (The Hacker's Choice) has been able to turn a Femto Cell into a full blown 3G/UMTC/WCDMA interception device.

tags | exploit
MD5 | 6dbb5008f9ae46e51fe744077aec959b
AthCon 2011 Capture The Flag Reversing Solution
Posted Jun 21, 2011
Authored by Glafkos Charalambous, George Nicolaou

This is the Athcon 2011 Capture The Flag solution paper.

tags | paper, conference
MD5 | 365ac5d3ac49cd466c22d763cf4b1877
THC-IPV6 Attack Tool 1.6
Posted May 12, 2011
Authored by van Hauser, thc | Site thc.org

THC-IPV6 is a toolkit that attacks the inherent protocol weaknesses of IPv6 and ICMP6 and it includes an easy to use packet factory library.

Changes: Various feature additions and bug fixes. Some tools added.
tags | protocol
systems | unix
MD5 | f2826439c6e0750d50a65721460676e8
Hydra Network Logon Cracker 6.3
Posted Apr 30, 2011
Authored by van Hauser, thc | Site thc.org

THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.

Changes: Multiple patches added. New Oracle and SMTP user enum modules. Multiple bug fixes.
tags | web, imap
systems | cisco, unix
MD5 | d160b92e0c498b9dd6d474e58c79a83a
Hydra Network Logon Cracker 6.2
Posted Apr 7, 2011
Authored by van Hauser, thc | Site thc.org

THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.

Changes: Password bruteforcing mode, new XMPP and IRC modules, and more.
tags | web, imap
systems | cisco, unix
MD5 | 3249cc9e30c2037c5d4dee557cb77ea5
Hydra Network Logon Cracker 6.1
Posted Feb 3, 2011
Authored by van Hauser, thc | Site thc.org

THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.

Changes: More license updates, a fix for the configure script, checks added for libssh 0.4 and sshv1 support, merged all the latest crypto code in sasl files, and fixed SVN compilation issue on openSUSE.
tags | tool, web, imap
systems | cisco, unix
MD5 | 729360bed47fc98cb30234c5ede79c1c
Hydra Network Logon Cracker 6.0
Posted Jan 26, 2011
Authored by van Hauser, thc | Site thc.org

THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.

Changes: Added GPL exception clause to license to allow linking to OpenSSL, IPv6 support finally added, Bugfix for SIP module, Added LOGIN, PLAIN, CRAM-(MD5,SHA1,SHA256) and DIGEST-MD5 auth mechanisms to the imap and pop3 modules. Various other fixes, additions and improvements.
tags | web, imap
systems | cisco, unix
MD5 | 6ea0006543ca358093319df591e46bab
Hydra Network Logon Cracker 5.9
Posted Dec 28, 2010
Authored by van Hauser, thc | Site thc.org

THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.

Changes: Update for the subversion module for newer SNV versions. Mysql module now has two implementations and uses a library when found. Better FTP 530 error code detection and more.
tags | web, imap
systems | cisco, unix
MD5 | 7513f47b81517b80f055b996d96f2eac
THC-IPV6 Attack Tool 1.4
Posted Dec 28, 2010
Authored by van Hauser, thc | Site thc.org

THC-IPV6 is a toolkit that attacks the inherent protocol weaknesses of IPv6 and ICMP6 and it includes an easy to use packet factory library.

Changes: Added thcping6, fake_mld26, fake_mldrouter6, exploit6, and denial6. Various other changes and improvements.
tags | protocol
systems | unix
MD5 | dffb6015087733136e7b4fa1859d241d
SonciWALL Aventail epi.dll AuthCredential Format String Exploit
Posted Aug 21, 2010
Authored by Nikolas Sotiriu, jduck | Site metasploit.com

This Metasploit module exploits a format string vulnerability within version 10.0.4.x and 10.5.1 of the SonicWALL Aventail SSL-VPN Endpoint Interrogator/Installer ActiveX control (epi.dll). By calling the 'AuthCredential' method with a specially crafted Unicode format string, an attacker can cause memory corruption and execute arbitrary code. Unfortunately, it does not appear to be possible to indirectly re-use existing stack data for more reliable exploitation. This is due to several particulars about this vulnerability. First, the format string must be a Unicode string, which uses two bytes per character. Second, the buffer is allocated on the stack using the 'alloca' function. As such, each additional format specifier (%x) will add four more bytes to the size allocated. This results in the inability to move the read pointer outside of the buffer. Further testing showed that using specifiers that pop more than four bytes does not help. Any number of format specifiers will result in accessing the same value within the buffer. NOTE: It may be possible to leverage the vulnerability to leak memory contents. However, that has not been fully investigated at this time.

tags | exploit, arbitrary, activex
MD5 | ed696145b958ba72cb078d78d73be31f
Puck GNU/Linux Distribution
Posted Jul 6, 2010
Authored by Nima Ghotbi | Site h.ackerz.com

Puck is a GNU/Linux distribution based on TinyCoreLinux. It contains top penetration testing tools like Wireshark, Nmap, NetCat, John the ripper, Yersinia, THC-Hydra, etc while still remaining tiny in size.

tags | tool
systems | linux, unix
MD5 | 304ecbf1fe530492514b1b2957e0e38c
Page 1 of 4
Back1234Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    11 Files
  • 21
    Jul 21st
    4 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close