pptp-bruter is a brute force program that works against pptp vpn endpoints (tcp port 1723). It is fully standalone and supports the latest MSChapV2 authentication. It exploits a weakness in Microsoft's anti-brute force implementation which makes it possible to try 300 passwords the second. Tested against Microsoft Windows and Cisco gateways.
df789676b97406214d3f18c744dabd3769182428365ecdcc8a0a6ddcde3b6f2d
THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.
14805ba70f3f22beb00344db161a1a84d61059655f2be37dd02a5c5cceae306d
THC-IPV6 is a toolkit that attacks the inherent protocol weaknesses of IPv6 and ICMP6 and it includes an easy to use packet factory library.
6035a77afcb20c53013a682a4bfd04a4ae51b12b0a5fbd393aca2dd95faa2d34
This Metasploit module exploits a php unserialize() vulnerability in SugarCRM versions 6.3.1 and below which could be abused to allow authenticated SugarCRM users to execute arbitrary code with the permissions of the webserver. The dangerous unserialize() exists in the 'include/MVC/View/views/view.list.php' script, which is called with user controlled data from the 'current_query_by_page' parameter. The exploit abuses the __destruct() method from the SugarTheme class to write arbitrary PHP code to a 'pathCache.php' on the web root.
1e73a4a4f9bf312d43feeea95213bce49f5dcf97660320b96cca53b8c0f4ba3d
This is a tutorial on using THC-Hydra version 2.1. Written in Portuguese.
e71cb404f49d35223cd71a6c6a7b8232e04fe44cd4cb72204cfa8868296caaa7
This is a presentation called Uncovering ZeroDays and Advanced Fuzzing. It has one PDF of the presentation and one of the full script used during the presentation. This was presented at AthCon 2012.
ed4e76db85a1968d96d0b168a230dcf62722f0fc8e23574007b3bcc95e50099c
Deathcore XP suffers from a remote SQL injection vulnerability.
6c9a1fcfd3817388fb23ededdfce0e39336e6bf5c9d451903ab88a156326f9b5
THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.
f15c6b833c6c34891aacefa1c6d1afb67d0d50350d26273a784e29114f69970e
The AthCon 2012 Call For Papers has been announced. It will take place in Athens, Greece on May 3rd through the 4th, 2012.
1a960546cd1d7de746e92fa35ed6430f329adeddc5baf55315890ea2282c4f75
THC-SSL-DOS is tool to stress test the SSL handshake by triggering processor intensive RSA_encrypt() calls on the server side. Establishing a secure SSL connection requires 15x more processing power on the server than on the client. THC-SSL-DOS exploits this asymmetric property by overloading the server and knocking it off the Internet. This problem affects all SSL implementations today. The vendors are aware of this problem since 2003 and the topic has been widely discussed. This attack further exploits the SSL secure Renegotiation feature to trigger thousands of renegotiations via a single TCP connection. Windows binary version.
ec82cd6af4177e4a8b85e8a626ee51b84eae5e08cf6958418b50d517c68148c9
THC-SSL-DOS is tool to stress test the SSL handshake by triggering processor intensive RSA_encrypt() calls on the server side. Establishing a secure SSL connection requires 15x more processing power on the server than on the client. THC-SSL-DOS exploits this asymmetric property by overloading the server and knocking it off the Internet. This problem affects all SSL implementations today. The vendors are aware of this problem since 2003 and the topic has been widely discussed. This attack further exploits the SSL secure Renegotiation feature to trigger thousands of renegotiations via a single TCP connection.
ed7020c0275df347123a0b49a345aa44b2ec9b2ac9b1471870303b8b95c7ef87
THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.
551ef1f72848dab19f6a1ff9fe31f08143c8cef26f638d93e7110b4bce49d0a4
THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.
a2457636b51f8a958bc092aafb7a59af57fa31e31d9b90211566247ac7cda33c
THC-IPV6 is a toolkit that attacks the inherent protocol weaknesses of IPv6 and ICMP6 and it includes an easy to use packet factory library.
93c6730008ac45c918e2ef505c40e7cb93e4b7895b5c950d0465b326ac05e08f
THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.
1225b0f4bde4d80946c0cb2f24e39e7a14954c21d3e82fd7c83c683d32023da4
THC (The Hacker's Choice) has been able to turn a Femto Cell into a full blown 3G/UMTC/WCDMA interception device.
fccf26cfbdfb7a0c7a4a53cb1830a954397fbfe35df7a68c3b787f2e9905f68a
This is the Athcon 2011 Capture The Flag solution paper.
fd730b3a1e648f9ee412307c5e026b859f602446cf26a6eb56a9f8ae24c309f2
THC-IPV6 is a toolkit that attacks the inherent protocol weaknesses of IPv6 and ICMP6 and it includes an easy to use packet factory library.
2d4cb9c591f6ce6a632ad970b13a13972e5bf18edd489ae631363e9e4824980c
THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.
bd5bc70b70640984fb2f18a9742c10b9a0edf1ebaf0f8dd32da589d34defd424
THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.
0b340632db9d429eb3c32a592a51f7333feda0fe682229c2027ae445a1e3f54e
THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.
85fbcf53bc7d8ae99a8bd31dd09810abd9cf9397679a94aea52cd1b1c8e06ac0
THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.
c0d473c29d57fe44c5dd301b3161fdf853b3bbac57c099acf47cffb4d2707e64
THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.
66023f94460abe76e76c1c6b187d44e82bafafb4c517314261bbd34429f913a7
THC-IPV6 is a toolkit that attacks the inherent protocol weaknesses of IPv6 and ICMP6 and it includes an easy to use packet factory library.
4e6e5e55c27373dccafb631f98662d47edc81720ae40e8017a40697a3fbf6a13
This Metasploit module exploits a format string vulnerability within version 10.0.4.x and 10.5.1 of the SonicWALL Aventail SSL-VPN Endpoint Interrogator/Installer ActiveX control (epi.dll). By calling the 'AuthCredential' method with a specially crafted Unicode format string, an attacker can cause memory corruption and execute arbitrary code. Unfortunately, it does not appear to be possible to indirectly re-use existing stack data for more reliable exploitation. This is due to several particulars about this vulnerability. First, the format string must be a Unicode string, which uses two bytes per character. Second, the buffer is allocated on the stack using the 'alloca' function. As such, each additional format specifier (%x) will add four more bytes to the size allocated. This results in the inability to move the read pointer outside of the buffer. Further testing showed that using specifiers that pop more than four bytes does not help. Any number of format specifiers will result in accessing the same value within the buffer. NOTE: It may be possible to leverage the vulnerability to leak memory contents. However, that has not been fully investigated at this time.
44c91575bcf5cfcee3625ae9794e540cb1b6e65be40393ce904c9bd2a2d9d756
Puck is a GNU/Linux distribution based on TinyCoreLinux. It contains top penetration testing tools like Wireshark, Nmap, NetCat, John the ripper, Yersinia, THC-Hydra, etc while still remaining tiny in size.
ab0baa97221c116b909eaa4e164f4779e65e48d3f9f364ecd35face950b5eb83