what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 11 of 11 RSS Feed

Files

Heartbleed Mass Testing Script
Posted Apr 8, 2014
Authored by Mustafa Al-Bassam, Jared Stafford

This is a modified version of ssltest.py that will do a mass scan for the Heartbleed TLS heartbeat vulnerability.

tags | exploit
advisories | CVE-2014-0160
SHA-256 | 82c6e88d81229fdc66b6164151c0633d131f032bbe9893c23498032d22ddb017

Related Files

Heartbleed Attack
Posted Dec 21, 2020
Authored by Jaspreet Singh, Siddhi Verma

This document is intended to provide a detailed study on the Heartbleed attack. It covers the required topics for understanding the exploit. The proof of concept will help visualize and perform the attack in a virtual scenario to understand the attack vector of the process of exploitation.

tags | paper, proof of concept
advisories | CVE-2014-0160
SHA-256 | cf6fbc4d936699857b6524b54211eae3ce2b2ca1a865a3ff3877d5fc4fc945b6
Online Book Store 1.0 Code Execution
Posted Jul 23, 2020
Authored by Tib3rius, cesgami

This is a modified remote code execution exploit for Online Book Store version 1.0.

tags | exploit, remote, code execution
SHA-256 | 258734217c1ebfc32752dcfa5912fa225ab5c1df733098ee5f95f5082863e524
WSO Shell Variant Using A 404
Posted Jun 13, 2016
Authored by z404

This is a modified WSO PHP shell backdoor that maraudes as a 404 in order to try and hide. On top of that the backdoor is probably backdoored.

tags | tool, shell, php, rootkit
systems | unix
SHA-256 | fd3db2020e82517d8fbfcc8dd3399efbdf82057353b94509995bba128030d193
Heartbleed Vulnerability Scanning Tool
Posted Sep 24, 2015
Authored by hybridus

This python script checks for the OpenSSL memory leak named Heartbleed and as noted in CVE-2014-0160. It can be used for different SSL TLS versions and multiple (HTTPS/SMTP/IMAP/POP3) protocols. It is optimized for mass scans.

tags | tool, web, scanner, imap, protocol, memory leak, python
systems | unix
advisories | CVE-2014-0160
SHA-256 | 89791cf81b92b962ceaf4da83a28781f5cf9ed884168321574cab9f157657409
Heartbleed OpenSSL Information Leak Proof Of Concept
Posted Apr 24, 2014
Authored by Ayman Sagy

This exploit uses OpenSSL to create an encrypted connection and trigger the heartbleed leak. The leaked information is returned within encrypted SSL packets and is then decrypted and wrote to a file to annoy IDS/forensics. The exploit can set heartbeat payload length arbitrarily or use two preset values for NULL and MAX length.

tags | exploit
advisories | CVE-2014-0160
SHA-256 | c130ea864e8a5752cbeeeb43cf5a566cbd9daeaef96e1462511173ae8e398614
Heartbleed TLS/DTLS Information Leak
Posted Apr 9, 2014
Authored by prdelka

This exploit uses OpenSSL to create an encrypted connection and trigger the heartbleed leak. The leaked information is returned encrypted and is then decrypted, decompressed and wrote to a file to annoy IDS/forensics. The exploit can set the heatbeart payload length arbitrarily or use two preset values for 0x00 and MAX length. The vulnerability occurs due to bounds checking not being performed on a heap value which is user supplied and returned to the user as part of DTLS/TLS heartbeat SSL extension. All versions of OpenSSL 1.0.1 to 1.0.1f are known affected. You must run this against a target which is linked to a vulnerable OpenSSL library using DTLS/TLS.

Changes: Multiple bug fixes have been added since the first release. Please ensure you have the latest copy.
tags | exploit
advisories | CVE-2014-0160
SHA-256 | 68bcedd2a727967e92d3a342ff6f366dc236929be5c2a5f69dba9ed2c35f299a
Heartbleed User Session Extraction
Posted Apr 9, 2014
Authored by Michael Davis, Jared Stafford

This python script is a modification of the heartbleed proof of concept exploit that looks for cookies, specifically user sessions.

tags | exploit, proof of concept, python
advisories | CVE-2014-0160
SHA-256 | 6be146c172695396122c8d40d4638e904f2ee1a827bd6f5062014ed22f051f9f
MySQL Login Scanner
Posted Oct 6, 2012
Authored by Kingcope, mu-b, John Anderson

This is a modified version of synscan that checks credentials against MySQL instances and logs the output to mysqljack.pot.

tags | tool, scanner, sql injection
systems | unix
SHA-256 | 24847c2c7a4902a7f34c01a46299bad29d65594d3c31354d49f56ff691b37f51
bsqlbf-v2.1.zip
Posted Jun 23, 2008
Authored by Sumit Siddharth | Site notsosecure.com

Bsqlbf was originally written by A. Ramos from www.514.es and was intended to exploit blind sql injection against mysql backend database. This is a modified version of the same tool. It supports blind sql injection against the following databases: MS-SQL, MY-SQL, PostgresSQL, and Oracle.

tags | tool, scanner, sql injection
systems | unix
SHA-256 | c091db89e6b694d98f6c7efbfa64437271a49377901cfc83e7daae6a73b121f3
findjmp2.c
Posted Feb 18, 2005
Authored by class101 | Site Hat-Squad.com

Findjmp2.c is a tool which scans for call/jmp/pushret offsets, and logs to a file. This is a modified version of the Eeye tool Findjmp.

systems | unix
SHA-256 | ded944f6f1617a78aca173788e57b43956af8818eef58eb78f07ee8c81cc8bae
cinik.tgz
Posted Sep 28, 2002

This is a modified version of the Slapper worm and was recovered from a compromised machine. Modifications to the worm let it mail system information, such as the ip address and processor type, to a Yahoo! email address. No other changes where made.

tags | worm
systems | unix
SHA-256 | d871493127f042e44746b0d6678a391feb86eed4b2f5224af756399b4ec22188
Page 1 of 1
Back1Next

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    0 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close