what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 31 RSS Feed

Files

iOS 7 Arbitrary Code Execution
Posted Mar 14, 2014
Authored by Andy Davis | Site nccgroup.com

iOS 7 suffered from an arbitrary code execution vulnerability in kernel mode.

tags | exploit, arbitrary, kernel, code execution
advisories | CVE-2014-1287
SHA-256 | a80dfd22eb4297c3c38e28620d240742691ea94f1473c9e9c446334c23938dff

Related Files

Cisco IOS HTTP GET /%% Request Denial of Service
Posted Aug 31, 2024
Authored by aushack | Site metasploit.com

This Metasploit module triggers a Denial of Service condition in the Cisco IOS HTTP server. By sending a GET request for "/%%", the device becomes unresponsive. IOS 11.1 through 12.1 are reportedly vulnerable. This module tested successfully against a Cisco 1600 Router IOS v11.2(18)P.

tags | exploit, web, denial of service
systems | cisco, ios
advisories | CVE-2000-0380
SHA-256 | dc39510366736d85c7a14577002a973c7089c8dcc345300bb523a6451e277efe
Cisco IOS Telnet Denial of Service
Posted Aug 31, 2024
Authored by Artem Kondratenko | Site metasploit.com

This Metasploit module triggers a Denial of Service condition in the Cisco IOS telnet service affecting multiple Cisco switches. Tested against Cisco Catalyst 2960 and 3750.

tags | exploit, denial of service
systems | cisco, ios
advisories | CVE-2017-3881
SHA-256 | b34b9041baa0587ea20e9b2b8e484f9f7d889ca02139c5e0e0f58f6deab94156
iOS 15.0 Nehelper Wifi Info Entitlement Check Bypass
Posted Sep 27, 2021
Authored by IllusionOfChaos | Site github.com

Zero day exploit for Nehelper Wifi Info on iOS 15.0. XPC endpoint com.apple.nehelper accepts user-supplied parameter sdk-version, and if its value is less than or equal to 524288, the com.apple.developer.networking.wifi-info entitlement check is skipped. This makes it possible for any qualifying application (e.g. possessing location access authorization) to gain access to Wifi information without the required entitlement. This happens in -[NEHelperWiFiInfoManager checkIfEntitled:] in /usr/libexec/nehelper.

tags | exploit
systems | apple, ios
SHA-256 | 0af5f880ff757d8f4ecf82631a976eb88cd98d6646578d823eeb66b9199ddf29
iOS 15.0 nehelper Enumeration
Posted Sep 27, 2021
Authored by IllusionOfChaos | Site github.com

Zero day exploit for nehelper on iOS 15.0 that allows any user-installed application to determine whether any application is installed on the device given its bundle ID.

tags | exploit, vulnerability
systems | apple, ios
SHA-256 | 375980bf93ee070923c3bb357ef6f80b43ca064d6099d8de7d730edb2ea93c70
iOS 15.0 Gamed Information Disclosure
Posted Sep 27, 2021
Authored by IllusionOfChaos | Site github.com

Zero day exploit for Gamed on iOS 15.0 that demonstrates information disclosure vulnerabilities.

tags | exploit, vulnerability, info disclosure
systems | apple, ios
SHA-256 | 064f75f646068bb009495ba2efc5724b31cd4cd7265da1713630bea9d23cab50
iOS Swift Anti-Jailbreak Bypass With Frida
Posted Sep 23, 2020
Authored by Raffaele Sabato

Whitepaper called iOS Swift Anti-Jailbreak Bypass with Frida.

tags | paper
systems | ios
SHA-256 | 0bbd66f367356086c12e07df9456f96e99b2ff41cbae2bc41796dac87704aff2
iOS IOUSBDeviceFamily 12.4.1 Heap Corruption Proof Of Concept
Posted Nov 11, 2019
Authored by Sem Voigtlander, Raz Mashat, Joshua Hill

iOS IOUSBDeviceFamily version 12.4.1 IOInterruptEventSource heap corruption proof of concept exploit.

tags | exploit, proof of concept
systems | ios
SHA-256 | e4196c53ac344849d403a2ef7101a57bf8050d2953b3ed572749d231a2e2985b
iOS Messaging Tools
Posted Aug 7, 2019
Authored by saelo, Google Security Research, natashenka

This repository contains several tools Project Zero uses to test iPhone messaging. It includes SmsSimulator: an SMS simulator for iPhone, iMessage: tools for sending and dumping iMessage messages, and imapiness: a fuzzer for IMAP clients. See the directory for each tool for further instructions and contact information. This is not an officially supported Google product. These tools were released and presented at BlackHat USA 2019.

tags | tool, telephony, imap, fuzzer
systems | apple, iphone
SHA-256 | fa8f560293640c4759f220069490d2498cf18f75ce1183b3ab8f77dd819585e5
iOS 12.1.3 cfprefsd Memory Corruption
Posted May 6, 2019
Authored by ZecOps

iOS version 12.1.3 cfprefsd memory corruption exploit.

tags | exploit
systems | ios
advisories | CVE-2019-7286
SHA-256 | c1a454b673b9c6b375cf0181560083c3376a36d37bb7bc6fcc390399237cc5d4
Apple iOS Sandbox Escape
Posted Aug 27, 2017
Authored by Zimperium zLabs Team

Apple iOS versions prior to 10.3.1 kernel exploit that demonstrates a sandbox escape.

tags | exploit, kernel
systems | cisco, apple, ios
SHA-256 | 103a1cd8dfe8bcd292b357f7210598a04715f7f0c33d9dfc09c87d9f23994fcf
IO Slaves KDE Insufficient Input Validation
Posted Nov 19, 2014
Authored by D. Burton, T. Brown | Site portcullis-security.com

It was discovered that a number of the protocol handlers (referred to as IO slaves) did not satisfactorily handle malicious input. It is possible for an attacker to inject JavaScript by manipulating IO slave URI such that the JavaScript from the manipulated request is returned in the response.

tags | exploit, javascript, protocol
advisories | CVE-2014-8600
SHA-256 | e347068492c2b02155919e28caab949adb5a3b0bc7cde80b54669e096dfe6353
IOSEC HTTP Anti Flood/DoS Security Gateway Module 1.7
Posted Jul 11, 2012
Authored by Gokhan Muharremoglu | Site sourceforge.net

This module provides security enhancements against (HTTP) Flood and Brute Force Attacks for native PHP or .NET scripts at the web application level. Scanning, crawling, and floor tools can be detected and blocked by this module via htaccess or iptables, etc.

Changes: Improved Implicit Deny Mode. Admin GUI Removed. Various other additions.
tags | web, php
SHA-256 | 12678f9ec1be90549e9ec56df43ef737708150240ad1ffb39db4ea94844cf7d1
iOS 5.1.1 Safari Browser Denial Of Service
Posted May 26, 2012
Authored by Alberto Ortega

iOS versions 5.1.1 and below Safari Browser JS match(), search() crash proof of concept exploit.

tags | exploit, proof of concept
systems | cisco
SHA-256 | 88bf13ee6936fd4a41664c0ccb5fe91fdf90eb621dae78246483afea0a274ca3
iOS Application (In)Security
Posted May 6, 2012
Authored by Dominic Chell | Site mdsec.co.uk

This whitepaper details some of the vulnerabilities observed over the past year while performing regular security assessments of iPhone and iPad applications. MDSec documents some of the vulnerabilities identified as well as the methods to exploit them, and recommendations that developers can adopt to protect their iOS applications. It covers not only the security features of the platform, but provides in depth information on how to perform both black box and white box iOS penetration tests, along with suggested methodologies and compliance.

tags | paper, vulnerability
systems | cisco, apple, iphone
SHA-256 | 334c947d960799417387ce8f1c27188fc7f859bd204b9dc50890663d07a20fba
Apple iOS PDF Jailbreak
Posted Aug 3, 2010
Authored by jailbreakme

Apple iOS PDF jailbreaking exploit that gives root access.

tags | exploit, root
systems | cisco, apple
SHA-256 | 4691dbbc9d8dd98485b6f917c2adaa6692a40f9d9b9acae745d5150a7b9f93d6
Cisco IOS Interior Routing Protocols Cheatsheet
Posted Mar 12, 2010
Authored by Jeremy Stretch | Site packetlife.net

Cisco IOS Interior Routing Protocols cheatsheet.

tags | paper, protocol
systems | cisco
SHA-256 | 7d379fbaf749e0a87deb01cf65906a242532b037fce0f051336f41166e938419
Cisco IOS IPv4 Access Lists Cheatsheet
Posted Mar 12, 2010
Authored by Jeremy Stretch | Site packetlife.net

Cisco IOS IPv4 Access Lists cheatsheet. Version 2.0.

tags | paper
systems | cisco
SHA-256 | 828feacd072c97dde81d4756ac327b9170657323c669c3d0bad56820ad848574
Cisco IOS Router Exploitation
Posted Jul 26, 2009
Authored by FX | Site recurity-labs.com

Whitepaper called Cisco IOS Router Exploitation. This paper describes the challenges with the exploitation of memory corruption software vulnerabilities in Cisco IOS. The goal is to map out the problem space in order to allow for the anticipation of developments in the future, as current research suggests that exploitation of such vulnerabilities in the wild is not currently the case. By understanding the challenges that an attacker faces, defensive strategies can be better planned, a required evolution with the current state of Cisco IOS router networks.

tags | paper, vulnerability
systems | cisco
SHA-256 | c8f425e5b59d8610a92403e4d24fbd0a74109b64e2b2600c739f8f66b44a6701
ios-shellcode.txt
Posted Aug 22, 2008
Authored by Andy Davis

Version-independent IOS shellcode that does not require hard-coded IOS addresses.

tags | shellcode
systems | cisco
SHA-256 | a8749a2b8fbe30c8e89d87a164b28543061e8b5d42e9fadf68560774e487a883
IOS_Bindshell_v.1.0.txt
Posted Aug 13, 2008
Authored by Varun Uppal | Site irmplc.com

Cisco IOS Bind shellcode that creates a new tty, allocates a password, and then sets the privilege level 15.

tags | shellcode
systems | cisco
SHA-256 | 78004bea1c811d3b1130e4c102e7c364b8e5b3618caf2a933d1d0de421f3fdb7
IOS_Connectback_v.1.0.txt
Posted Aug 13, 2008
Authored by Gyan Chawdhary | Site irmplc.com

Cisco IOS connectback shellcode that creates a new tty and sets the privilege level 15 and then connects back on port 21.

tags | shellcode
systems | cisco
SHA-256 | 7d7536d0f4ca415c80e65de21d25fef5ae8347250d1d27bf918e7129b54be89b
IOS_tiny_v.1.0.txt
Posted Aug 13, 2008
Authored by Gyan Chawdhary | Site irmplc.com

Cisco IOS tiny shellcode that creates a new tty and sets the privilege level 15.

tags | shellcode
systems | cisco
SHA-256 | 382805b63d61450f3bfac3b7092aa9452ac364ec3384116fdf99e7f630891f6e
ios-mdb.txt
Posted Jan 7, 2007
Site aria-security.com

Intranet Open Source suffers from a remote password database disclosure vulnerability.

tags | exploit, remote
SHA-256 | 969163db779ff2ab8971e6581b1ffab00066fbe385e8382da5538c00723d28ba
ioscommands.shtml
Posted Jun 10, 2004

Simple command reference chart for Cisco IOS.

systems | cisco
SHA-256 | 003e265e3fdd250b8ce1669cf175b73bee530ab50625b8afcdf732bb045773db
iosniff.tgz
Posted Aug 10, 2003
Authored by FX | Site phenoelit.de

Cisco Systems IOS 11.x UDP echo memory leak remote sniffer. The UDP echo service (UDP port 7) has to be enabled on the device. The bug will cause the Cisco router to send about 20 kilobytes of data from the interface buffer pools containing packets in the send/recv/forward queues. This tool will identify IOS memory blocks, find the router specific offset for packets in the block and decode the packet to the screen. Note that this is not a full dump of the traffic through the remote router but rather a subset of received data. Features include a packet checksum cache to prevent repeated output of the same packet, auto identification of packets and buffer offsets, and IPv4 decoding.

tags | remote, udp, memory leak
systems | cisco
SHA-256 | 88c96f5f35ee8e8f230938a70d6e512ac19d921be8f468c01cdb28507adc9a83
Page 1 of 2
Back12Next

File Archive:

September 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    261 Files
  • 2
    Sep 2nd
    17 Files
  • 3
    Sep 3rd
    38 Files
  • 4
    Sep 4th
    52 Files
  • 5
    Sep 5th
    23 Files
  • 6
    Sep 6th
    27 Files
  • 7
    Sep 7th
    0 Files
  • 8
    Sep 8th
    1 Files
  • 9
    Sep 9th
    16 Files
  • 10
    Sep 10th
    38 Files
  • 11
    Sep 11th
    21 Files
  • 12
    Sep 12th
    0 Files
  • 13
    Sep 13th
    0 Files
  • 14
    Sep 14th
    0 Files
  • 15
    Sep 15th
    0 Files
  • 16
    Sep 16th
    0 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close