exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 320 RSS Feed

Bash Files

TestSSL 3.0.9
Posted Jun 14, 2024
Authored by Dr. Dirk Wetter | Site drwetter.org

testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws, and much more. It is written in (pure) bash, makes only use of standard Unix utilities, openssl and last but not least bash sockets.

Changes: Fixed bash 5 issue when encountering a short server key extension. Fixed HTML issue when using bash 5. CAA DNS records are now not being queried when nodns is set. MongoDB identification fix. Sanity check when user has broken umask to avoid runtime errors. Fixed for newer grep versions. 8 additional updates.
tags | tool, scanner, protocol, bash
systems | unix
SHA-256 | 75ecbe4470e74f9ad17f4c4ac733be123b0f67d676ed24cc2b30adb41561e05f
Ubuntu Security Notice USN-6697-1
Posted Mar 19, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6697-1 - It was discovered that Bash incorrectly handled certain memory operations when processing commands. If a user or automated system were tricked into running a specially crafted bash file, a remote attacker could use this issue to cause Bash to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary, bash
systems | linux, ubuntu
advisories | CVE-2022-3715
SHA-256 | fe10af17a0fc7c6d4e0f87ab57a52f2b0459257025cad94a6db47deaf071ce11
BDS Linux LKM Ftrace-Based Rootkit
Posted Sep 22, 2023
Authored by bluedragonsec | Site bluedragonsec.com

Ftrace-based Linux loadable kernel module rootkit for Linux kernel versions 5.x and 6.x on x86_64. It hides files, hides process, hides a bind shell and reverse shell port, provides privilege escalation, and cleans up logs and bash history during installation.

tags | tool, shell, kernel, rootkit, bash
systems | linux, unix
SHA-256 | ccd1e1687bfaa5e306d03caa2b040597c4571ce16bc6f5a3ad737ced8e457c56
BDS Linux Userland Rootkit
Posted Sep 21, 2023
Authored by bluedragonsec | Site bluedragonsec.com

The BDS Userland rootkit is a Linux userland rootkit. It hides files, directories, processes, the bind shell port, the daemon port, and the reverse shell port. It also cleans up bash history and logs during installation.

tags | tool, shell, rootkit, bash
systems | linux, unix
SHA-256 | c7170315137f5e7109aba32c9e58a703b353e1326e4a9584ba97e9f9c1926310
BDS Linux LKM Rootkit
Posted Sep 21, 2023
Authored by bluedragonsec | Site bluedragonsec.com

The BDS LKM rootkit is a simple and stable Linux loadable kernel module rootkit for Linux kernel versions 5.x and 6.x on x86_64 that hide files, hide processes, hides a bind shell and reverse shell port, provides privilege escalation, provides rootkit persistence, and cleans up logs and bash history during installation.

tags | tool, shell, kernel, rootkit, bash
systems | linux, unix
SHA-256 | f80995082ade857bc8c222749aa3ff2fe683f4b3f02e618e111a589f857646e2
Lexmark Device Embedded Web Server Remote Code Execution
Posted Sep 19, 2023
Authored by jheysel-r7, James Horseman, Zach Hanley | Site metasploit.com

An unauthenticated remote code execution vulnerability exists in the embedded webserver in certain Lexmark devices through 2023-02-19. The vulnerability is only exposed if, when setting up the printer or device, the user selects "Set up Later" when asked if they would like to add an Admin user. If no Admin user is created, the endpoint /cgi-bin/fax_change_faxtrace_settings is accessible without authentication. The endpoint allows the user to configure a number of different fax settings. A number of the configurable parameters on the page fail to be sanitized properly before being used in a bash eval statement, allowing for an unauthenticated user to run arbitrary commands.

tags | exploit, remote, arbitrary, cgi, code execution, bash
advisories | CVE-2023-26067, CVE-2023-26068
SHA-256 | 55b25ea44278a5136992f906756ff24cc7e2991ab7847a6388c6522fffc7a70a
Linux/x86_64 Bash Shellcode
Posted Apr 6, 2023
Authored by Jeenika Anadani

71 bytes small Linux/x86_64 bash shellcode with XOR encoding.

tags | shellcode, bash
systems | linux
SHA-256 | 801d1c974de1f03b559e03ce6feeaff70b28545726389af5b9766890611a1dc5
Red Hat Security Advisory 2023-0340-01
Posted Jan 24, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-0340-01 - The bash packages provide Bash, which is the default shell for Red Hat Enterprise Linux. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow, shell, bash
systems | linux, redhat
advisories | CVE-2022-3715
SHA-256 | c4175fcaf8e760446048b0702a788a15a9b75b05bd2cee9ae422f72e0f822cee
TestSSL 3.0.8
Posted Sep 29, 2022
Authored by Dr. Dirk Wetter | Site drwetter.org

testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws, and much more. It is written in (pure) bash, makes only use of standard Unix utilities, openssl and last but not least bash sockets.

Changes: Major update of client simulation. Update of certificate stores. About a dozen bug fixes and various other updates.
tags | tool, scanner, protocol, bash
systems | unix
SHA-256 | 22c5dc6dfc7500db94b6f8a48775f72b5149d0a372b8552ed7666016ee79edf0
Cisco ASA-X With FirePOWER Services Authenticated Command Injection
Posted Sep 5, 2022
Authored by jbaines-r7 | Site metasploit.com

This Metasploit module exploits an authenticated command injection vulnerability affecting Cisco ASA-X with FirePOWER Services. This exploit is executed through the ASA's ASDM web server and lands in the FirePower Services SFR module's Linux virtual machine as the root user. Access to the virtual machine allows the attacker to pivot to the inside network, and access the outside network. Also, the SFR virtual machine is running snort on the traffic flowing through the ASA, so the attacker should have access to this diverted traffic as well. This module requires ASDM credentials in order to traverse the ASDM interface. A similar attack can be performed via Cisco CLI (over SSH), although that isn't implemented here. Finally, it's worth noting that this attack bypasses the affects of the lockdown-sensor command (e.g. the virtual machine's bash shell shouldn't be available but this attack makes it available). Cisco assigned this issue CVE-2022-20828. The issue affects all Cisco ASA that support the ASA FirePOWER module (at least Cisco ASA-X with FirePOWER Service, and Cisco ISA 3000). The vulnerability has been patched in ASA FirePOWER module versions 6.2.3.19, 6.4.0.15, 6.6.7, and 7.0.21. The following versions will receive no patch: 6.2.2 and earlier, 6.3.*, 6.5.*, and 6.7.*.

tags | exploit, web, shell, root, bash
systems | cisco, linux
advisories | CVE-2022-20828
SHA-256 | 68e16d3ce86c6321808a38fd985d56e82e3e74f93b1ebe13be653fa09e00432e
Teleport 9.3.6 Command Injection
Posted Aug 23, 2022
Authored by Brian Landrum, Brandon Roach

Teleport 9.3.6 is vulnerable to command injection leading to remote code execution. An attacker can craft a malicious ssh agent installation link by URL encoding a bash escape with carriage return line feed. This url encoded payload can be used in place of a token and sent to a user in a social engineering attack. This is fully unauthenticated attack utilizing the trusted teleport server to deliver the payload.

tags | exploit, remote, code execution, bash
advisories | CVE-2022-36633
SHA-256 | 5228298638858e0e106cda75b65bd4c283027b5bc6dff934d99ebc3b59a112f7
Bash / Netcat Reverse Shells
Posted Jul 4, 2022
Authored by Raed Ahsan

This script is a great tool for pentesters needing to create reverse shells using either bash or netcat.

tags | tool, shell, rootkit, bash
systems | unix
SHA-256 | 6fa1de2937ad42cc30d32f1a0d8144e64791a2c154a8baa4dad7d30634eb9f38
Carel pCOWeb HVAC BACnet Gateway 2.1.0 Unauthenticated Directory Traversal
Posted Jul 1, 2022
Authored by LiquidWorm | Site zeroscience.mk

Carel pCOWeb HVAC BACnet Gateway version 2.1.0 suffers from an unauthenticated arbitrary file disclosure vulnerability. Input passed through the file GET parameter through the logdownload.cgi bash script is not properly verified before being used to download log files. This can be exploited to disclose the contents of arbitrary and sensitive files via directory traversal attacks.

tags | exploit, arbitrary, cgi, bash
SHA-256 | 6080b06695bafffc697537b01af1fe9b2c39e6c9237b59563f645f36adbc81cb
Deliverance 0.018-daf9452 File Descriptor Fuzzer
Posted May 24, 2022
Authored by Marshall Whittaker | Site github.com

Deliverance is a file descriptor fuzzer written in bash. It injects random data into file descriptors of pids associated with a process until the program crashes, then outputs the results of what caused the crash. It leaves behind files that were used as input for the last 2 minutes before the fault, useful for reproduction.

tags | tool, bash, fuzzer
SHA-256 | b2d5c61d25c3596775232700731b3c52f39be5ff2131841bfe8f930ed516e6e3
F5 BIG-IP iControl Remote Code Execution
Posted May 12, 2022
Authored by Alt3kx, Ron Bowes, Heyder Andrade, James Horseman | Site metasploit.com

This Metasploit module exploits an authentication bypass vulnerability in the F5 BIG-IP iControl REST service to gain access to the admin account, which is capable of executing commands through the /mgmt/tm/util/bash endpoint. Successful exploitation results in remote code execution as the root user.

tags | exploit, remote, root, code execution, bash, bypass
advisories | CVE-2022-1388
SHA-256 | bb3a5bef34f53053f0da7eec9cad038bc4f47a0997b2e9cd601a17a1f034a0ad
Ubuntu Security Notice USN-5380-1
Posted Apr 20, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5380-1 - It was discovered that Bash did not properly drop privileges when the binary had the setuid bit enabled. An attacker could possibly use this issue to escalate privileges.

tags | advisory, bash
systems | linux, ubuntu
advisories | CVE-2019-18276
SHA-256 | 173a734aa620d03a2270533a7ff0022b9fb8a72908396d8604869220c0c5934d
TestSSL 3.0.7
Posted Feb 21, 2022
Authored by Dr. Dirk Wetter | Site drwetter.org

testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws, and much more. It is written in (pure) bash, makes only use of standard Unix utilities, openssl and last but not least bash sockets.

Changes: Added SSLv2 and OpenSSL fixes. 15 additional bug fixes and improvements.
tags | tool, scanner, protocol, bash
systems | unix
SHA-256 | c2beb3ae1fc1301ad845c7aa01c0a292c41b95747ef67f34601f21fb2da16145
Linux Kernel Slab Out-Of-Bounds Write
Posted Jan 26, 2022
Authored by Crusaders of Rust | Site github.com

This archive contains demo exploits for CVE-2022-0185. There are two versions here. The non-kctf version (fuse version) specifically targets Ubuntu with kernel version 5.11.0-44. It does not directly return a root shell, but makes /bin/bash suid, which will lead to trivial privilege escalation. Adjusting the single_start and modprobe_path offsets should allow it to work on most other Ubuntu versions that have kernel version 5.7 or higher; for versions between 5.1 and 5.7, the spray will need to be improved as in the kctf version. The exploitation strategy relies on FUSE and SYSVIPC elastic objects to achieve arbitrary write. The kctf version achieves code execution as the root user in the root namespace, but has at most 50% reliability - it is targeted towards Kubernetes 1.22 (1.22.3-gke.700). This exploitation strategy relies on pipes and SYSVIPC elastic objects to trigger a stack pivot and execute a ROP chain in kernelspace.

tags | exploit, arbitrary, shell, kernel, root, code execution, bash
systems | linux, ubuntu
advisories | CVE-2022-0185
SHA-256 | 8f9e0a3bd934c75bb63bb75c98368d05ec18006a64e52a0bc3f9ae155f0b72c1
Log4j Linux IoC Detector
Posted Dec 15, 2021
Authored by santosomar | Site github.com

This is a basic bash script to detect log4j indicators of compromise (IoCs) in Linux log files.

tags | java, system logging, bash
systems | linux, unix
advisories | CVE-2021-44228
SHA-256 | cac18b2d6343c61bc55d312a115a6b13a4e02c2b28f3e4b83320cd33353f71a1
Apache Storm Nimbus 2.2.0 Command Execution
Posted Nov 19, 2021
Authored by Spencer McIntyre, Alvaro Munoz | Site metasploit.com

This Metasploit module exploits an unauthenticated command injection vulnerability within the Nimbus service component of Apache Storm. The getTopologyHistory RPC method method takes a single argument which is the name of a user which is concatenated into a string that is executed by bash. In order for the vulnerability to be exploitable, there must have been at least one topology submitted to the server. The topology may be active or inactive, but at least one must be present. Successful exploitation results in remote code execution as the user running Apache Storm. This vulnerability was patched in versions 2.1.1, 2.2.1 and 1.2.4. This exploit was tested on version 2.2.0 which is affected.

tags | exploit, remote, code execution, bash
advisories | CVE-2021-38294
SHA-256 | bdeabaf8ee1de5cc701765d5b3a2960189a0cd18ac93bcb180979bd32c8d528a
Bing.com Hostname / IP Enumerator 1.0.5
Posted Oct 4, 2021
Authored by Andrew Horton | Site morningstarsecurity.com

This tool enumerates hostnames from Bing.com for an IP address. Bing.com is Microsoft's search engine which has an IP: search parameter. Written in Bash for Linux. Requires wget.

Changes: Minor release. Changed User-Agent to wget/1.20. Fixed an error where it finds no results.
tags | tool, scanner, bash
systems | linux, unix
SHA-256 | 0a198af8d7876d7adb9c0517025bd6443d13399a188615a078cf3e45e120f19e
TestSSL 3.0.6
Posted Oct 4, 2021
Authored by Dr. Dirk Wetter | Site drwetter.org

testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws, and much more. It is written in (pure) bash, makes only use of standard Unix utilities, openssl and last but not least bash sockets.

Changes: Codespell introduction and implementation for GHA CI. Documentation update to reflect renaming standard ciphers to cipher categories. Now ignores usage of ~/.digrc where possible. Various other updates and fixes.
tags | tool, scanner, protocol, bash
systems | unix
SHA-256 | 05768444d6cf3dc5812f8fb88695d17a82668089deddd6aaf969041ba4c10b10
Seth RDP Man-In-The-Middle Tool
Posted Oct 4, 2021
Authored by Dr. Adrian Vollmer | Site github.com

Seth is a tool written in Python and Bash to MitM RDP connections by attempting to downgrade the connection in order to extract clear text credentials. It was developed to raise awareness and educate about the importance of properly configured RDP connections in the context of pentests, workshops or talks.

tags | tool, python, bash
systems | unix
SHA-256 | c7390c0ef2061eb2f26a7cc5a7ad91394e34550d095a3ea3099eb5b7fd50be60
Gentoo Linux Security Advisory 202105-34
Posted May 26, 2021
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202105-34 - A vulnerability in Bash may allow users to escalate privileges. Versions less than 5.0_p11-r1 are affected.

tags | advisory, bash
systems | linux, gentoo
advisories | CVE-2019-18276
SHA-256 | d14b7a6c79dcafc423e08f9754342a9daaccb7c5435a66a2f26302075f56dfe8
Red Hat Security Advisory 2021-1679-01
Posted May 19, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1679-01 - The bash packages provide Bash, which is the default shell for Red Hat Enterprise Linux.

tags | advisory, shell, bash
systems | linux, redhat
advisories | CVE-2019-18276
SHA-256 | bedd180f89519978a938efa7386b96d2a29ca03aa105a237c7520eed9b71134e
Page 1 of 13
Back12345Next

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    28 Files
  • 16
    Jul 16th
    6 Files
  • 17
    Jul 17th
    34 Files
  • 18
    Jul 18th
    6 Files
  • 19
    Jul 19th
    34 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    19 Files
  • 23
    Jul 23rd
    17 Files
  • 24
    Jul 24th
    47 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close