exploit the possibilities
Showing 1 - 25 of 100 RSS Feed

Files

Cisco IP Phone 11.7 Denial Of Service
Posted Apr 17, 2020
Authored by Jacob Baines

Cisco IP Phone version 11.7 denial of service proof of concept exploit.

tags | exploit, denial of service, proof of concept
systems | cisco
advisories | CVE-2020-3161
MD5 | 9ae93c7c36b4741bda68dc135166ed33

Related Files

Cura 1.5
Posted Jul 16, 2012
Site github.com

Cura is a mobile phone application bundle of remote systems administration tools. It provides a personalized terminal emulator, a syslog module that allows for reading logs directly from a server, a SysMonitor module that visually graphs CPU and RAM usage percentages, access to Nmap, and Server Stats will offer general server information like its Vitals, Hardware information, Memory information, processes, and so on. A security feature will be implemented that allows users to have Cura's database completely wiped upon them sending the compromised phone a secret pattern of their choosing (e.g. send an SMS message containing "phone has been stolen!" to your Android phone to wipe Cura's database, and receive the location of the compromised phone as an SMS to your emergency phone number or as an email to your emergency email address).

Changes: The modules screen is now Tabular, providing a much better user experience in which all of Cura's modules are provided as tabs on the top of the screen.
tags | exploit, remote
MD5 | 199eea14b1da9508876ff2a0c72ff8c5
Cura 1.4
Posted Jul 13, 2012
Site github.com

Cura is a mobile phone application bundle of remote systems administration tools. It provides a personalized terminal emulator, a syslog module that allows for reading logs directly from a server, a SysMonitor module that visually graphs CPU and RAM usage percentages, access to Nmap, and Server Stats will offer general server information like its Vitals, Hardware information, Memory information, processes, and so on. A security feature will be implemented that allows users to have Cura's database completely wiped upon them sending the compromised phone a secret pattern of their choosing (e.g. send an SMS message containing "phone has been stolen!" to your Android phone to wipe Cura's database, and receive the location of the compromised phone as an SMS to your emergency phone number or as an email to your emergency email address).

Changes: This release features a completely new UI for the Home (Login) screen where you are dropped upon launch. This is where you access/create/update/delete your server accounts, and it's had a complete do-over.
tags | tool, remote, wireless
MD5 | 7793c2a4d7768273e8677d80b00b06b6
Forensic Analysis Of iPhone Backups
Posted Jul 12, 2012
Authored by Satish Bommisetty

This article explains the technical procedure and challenges involved in extracting data and artifacts from iPhone backups.

tags | paper
systems | apple, iphone
MD5 | cabb3250f3d9b1bae831ae0e660a96ef
Cura 1.0
Posted May 20, 2012
Site github.com

Cura is a mobile phone application bundle of remote systems administration tools. It provides a personalized terminal emulator, a syslog module that allows for reading logs directly from a server, a SysMonitor module that visually graphs CPU and RAM usage percentages, access to Nmap, and Server Stats will offer general server information like its Vitals, Hardware information, Memory information, processes, and so on. A security feature will be implemented that allows users to have Cura's database completely wiped upon them sending the compromised phone a secret pattern of their choosing (e.g. send an SMS message containing "phone has been stolen!" to your Android phone to wipe Cura's database, and receive the location of the compromised phone as an SMS to your emergency phone number or as an email to your emergency email address).

Changes: This release satisfies all the the tasks promised: terminal, syslog reader, SysMonitor (for CPU and RAM), Nmap, and server stats. In addition, there's the security feature (an SMS can wipe Cura's database (the phone's location is sent back)). It works for Android 2.3.3 (Gingerbread) and above.
tags | tool, remote, wireless
MD5 | cfdfd1bd2a625000e3184f76e8d9cdb0
Cura 0.4.0
Posted May 12, 2012
Site github.com

Cura is a mobile phone application bundle of remote systems administration tools. It provides a personalized terminal emulator, a syslog module that allows for reading logs directly from a server, a SysMonitor module that visually graphs CPU and RAM usage percentages, access to Nmap, and Server Stats will offer general server information like its Vitals, Hardware information, Memory information, processes, and so on. A security feature will be implemented that allows users to have Cura's database completely wiped upon them sending the compromised phone a secret pattern of their choosing (e.g. send an SMS message containing "phone has been stolen!" to your Android phone to wipe Cura's database, and receive the location of the compromised phone as an SMS to your emergency phone number or as an email to your emergency email address).

Changes: Nmap is now fully functional.
tags | tool, remote, wireless
systems | unix
MD5 | af62f7e523cb90aa1162c7561bf4a44e
Secunia Security Advisory 48979
Posted May 9, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in XPhone Unified Communications 2011, which can be exploited by malicious users to conduct script insertion attacks.

tags | advisory
MD5 | 080fd561a24f1f3f4ecdc8fe0ae10f1d
iOS Application (In)Security
Posted May 6, 2012
Authored by Dominic Chell | Site mdsec.co.uk

This whitepaper details some of the vulnerabilities observed over the past year while performing regular security assessments of iPhone and iPad applications. MDSec documents some of the vulnerabilities identified as well as the methods to exploit them, and recommendations that developers can adopt to protect their iOS applications. It covers not only the security features of the platform, but provides in depth information on how to perform both black box and white box iOS penetration tests, along with suggested methodologies and compliance.

tags | paper, vulnerability
systems | cisco, apple, iphone
MD5 | 8527c3e88bfed9bdffcf0bcf1dbd7036
C4B XPhone UC Web 4.1.890S R1 Cross Site Scripting
Posted Apr 26, 2012
Authored by Julien Ahrens | Site vulnerability-lab.com

C4B XPhone UC Web version 4.1.890S R1 suffers from a cross site scripting vulnerability.

tags | exploit, web, xss
MD5 | a75d358bd83c18e5aeb6ef9e72c996a6
IPhone TreasonSMS HTML Injection / File Inclusion
Posted Apr 23, 2012
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

IPhone TreasonSMS suffers from html injection and file inclusion vulnerabilities.

tags | exploit, vulnerability, file inclusion
systems | apple, iphone
MD5 | baf9f8ad1ec36e375b28bc78fba8b6f1
Yealink VOIP Phone Cross Site Scripting
Posted Mar 13, 2012
Authored by Narendra Shinde

Yealink VOIP Phone suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2012-1417
MD5 | acc7a67f43c5132f29138e4e63ff95c6
Secunia Security Advisory 48194
Posted Mar 11, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Yealink VOIP Phones, which can be exploited by malicious users to conduct script insertion attacks.

tags | advisory
MD5 | 8a4d950344986fc8cdc13dbfe7afb777
Yealink VOIP Phone Cross Site Scripting
Posted Feb 29, 2012
Authored by Narendra Shinde

Yealink VOIP Phone suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2012-1417
MD5 | 1356c22c62ef3603d02f11bd45485604
Secunia Security Advisory 48048
Posted Feb 29, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Sense of Security has reported a security issue in Snom VoIP Phone Firmware, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
MD5 | 0a3a02cbeca3ba8cedb004c742696f9f
Secunia Security Advisory 48158
Posted Feb 29, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Sense of Security has reported a security issue and a vulnerability in Snom VoIP Phone Firmware, which can be exploited by malicious people to bypass certain security restrictions and conduct cross-site request forgery attacks.

tags | advisory, csrf
MD5 | 74354150b0304ac0ebf177f74c84510b
Secunia Security Advisory 48061
Posted Feb 29, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Sense of Security has reported a security issue in Snom VoIP Phone Firmware, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
MD5 | bfcd6dadda5fb6bc5a6d31986b90c7ea
Snom IP Phone Privilege Escalation
Posted Feb 23, 2012
Authored by Nathaniel Carew | Site senseofsecurity.com.au

All versions of Snom IP Phone prior to 8.4.35 suffer from a privilege escalation vulnerability.

tags | exploit
MD5 | e42919d9432a000bf5f16e7ccf3c9bd0
Mobile Based MITM Attack
Posted Feb 5, 2012
Authored by Bilal Bokhari

This is a brief whitepaper discussing how to set up QT Mobile Hotspot and YAMAS applications to man in the middle connections using your phone.

tags | paper
MD5 | 6756a8aa5d75c60ab30be7b7312b4fc3
Vopium Clear Text Disclosure
Posted Jan 21, 2012
Authored by Henry Paduwa

Vopium for Android and iPhone leaks various data such as your password by passing it in the clear.

tags | advisory, info disclosure
systems | apple, iphone
MD5 | 624744baa5cdb47240b0bfc201bee2b9
iPhone Forensics On iOS 5
Posted Jan 20, 2012
Authored by Satish Bommisetty

This is a brief whitepaper discussing how to perform forensics on iOS 5 on the iPhone.

tags | paper
systems | apple, iphone
MD5 | 782903866dd7d55143c6835188eda2fe
Cisco Security Advisory 20120118-te
Posted Jan 18, 2012
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco TelePresence Software version TE 4.1.0 contains a default account vulnerability that could allow an unauthenticated, remote attacker to take complete control of the affected device. The vulnerability is due to an architectural change that was made in the way the system maintains administrative accounts. During the process of upgrading a Cisco IP Video Phone E20 device to TE 4.1.0, an unsecured default account may be introduced. An attacker who is able to take advantage of this vulnerability could log in to the device as the root user and perform arbitrary actions with elevated privileges. Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available.

tags | advisory, remote, arbitrary, root
systems | cisco
advisories | CVE-2011-4659
MD5 | 3982a2948e20272cae7945424175dea5
Secunia Security Advisory 47256
Posted Dec 23, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Microsoft Windows Phone, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | windows
MD5 | 10a88cbaed7cc960b95cfa4fec01d626
Pentesting Android Mobile Applications
Posted Dec 7, 2011
Authored by Khushboo Sharma

This is a brief whitepaper that discusses how to root your Android phone and then set up proxying to test applications.

tags | paper, root
MD5 | 3ddbf911f11055b86818a3c661862b26
Avid Media Composer 5.5 - Avid Phonetic Indexer Stack Overflow
Posted Dec 3, 2011
Authored by Nick Freeman | Site metasploit.com

This Metasploit module exploits a stack buffer overflow in process AvidPhoneticIndexer.exe (port 4659), which comes as part of the Avid Media Composer 5.5 Editing Suite. This daemon sometimes starts on a different port; if you start it standalone it will run on port 4660.

tags | exploit, overflow
advisories | OSVDB-77376
MD5 | c4fdcbd39db3ab6e312ae7a02000ae94
Systematic Detection Of Capability Leaks In Stock Android Smartphones
Posted Nov 30, 2011
Authored by Zhi Wang, Yajin Zhou, Xuxian Jiang, Michael Grace

Whitepaper called Systematic Detection of Capability Leaks in Stock Android Smartphones. It discusses a weakness in the Android operating system that allows attackers to secretly record phone conversations.

tags | paper
MD5 | 766e069fa9660b28ab6fb5de22a67e1e
Avid Media Composer 5.5 Stack Buffer Overflow
Posted Nov 30, 2011
Authored by Nick Freeman | Site security-assessment.com

The AvidPhoneticIndexer.exe network daemon that ships with Avid Media Composer version 5.5 suffers from a remote stack buffer overflow. This was demonstrated at Ruxcon 2011 in the Hacking Hollywood talk. Included in this archive are the advisory and a Metasploit module.

tags | exploit, remote, overflow
systems | linux
MD5 | 05ba0f866778968b71f98de51b05bb15
Page 1 of 4
Back1234Next

File Archive:

January 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    4 Files
  • 2
    Jan 2nd
    3 Files
  • 3
    Jan 3rd
    3 Files
  • 4
    Jan 4th
    33 Files
  • 5
    Jan 5th
    31 Files
  • 6
    Jan 6th
    21 Files
  • 7
    Jan 7th
    15 Files
  • 8
    Jan 8th
    19 Files
  • 9
    Jan 9th
    1 Files
  • 10
    Jan 10th
    1 Files
  • 11
    Jan 11th
    33 Files
  • 12
    Jan 12th
    19 Files
  • 13
    Jan 13th
    27 Files
  • 14
    Jan 14th
    8 Files
  • 15
    Jan 15th
    16 Files
  • 16
    Jan 16th
    0 Files
  • 17
    Jan 17th
    0 Files
  • 18
    Jan 18th
    0 Files
  • 19
    Jan 19th
    0 Files
  • 20
    Jan 20th
    0 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    0 Files
  • 25
    Jan 25th
    0 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close