exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 76 - 100 of 319 RSS Feed

Bash Files

Swap Digger 1.0
Posted Aug 8, 2017
Authored by Emeric Nasi

swap_digger is a bash script used to automate Linux swap analysis for post-exploitation or forensics purpose. It automates swap extraction and searches for Linux user credentials, Web form credentials, Web form emails, HTTP basic authentication, WiFi SSID and keys, etc.

tags | tool, web, bash
systems | linux, unix
SHA-256 | 53147e0cf82da4bdc5ee73a8bc75667f3afd51f62351d8d4a1ef19fbcbf6f22f
Red Hat Security Advisory 2017-1931-01
Posted Aug 2, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1931-01 - The bash packages provide Bash, which is the default shell for Red Hat Enterprise Linux. Security Fix: An arbitrary command injection flaw was found in the way bash processed the hostname value. A malicious DHCP server could use this flaw to execute arbitrary commands on the DHCP client machines running bash under specific circumstances. An arbitrary command injection flaw was found in the way bash processed the SHELLOPTS and PS4 environment variables. A local, authenticated attacker could use this flaw to exploit poorly written setuid programs to elevate their privileges under certain circumstances.

tags | advisory, arbitrary, shell, local, bash
systems | linux, redhat
advisories | CVE-2016-0634, CVE-2016-7543, CVE-2016-9401
SHA-256 | eaaebd55e6b9153d92abdd2f6dec8be4965a8a2c4d186f269c3463725e387cc2
Ubuntu Security Notice USN-3294-2
Posted Aug 1, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3294-2 - USN-3294-1 fixed a vulnerability in Bash. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that Bash incorrectly handled the SHELLOPTS and PS4 environment variables. A local attacker could use this issue to execute arbitrary code with root privileges. Various other issues were also addressed.

tags | advisory, arbitrary, local, root, bash
systems | linux, ubuntu
advisories | CVE-2016-7543
SHA-256 | 1c5f65968b7a178ac908c453b9766134aaed4348c26fa73062a3fee0ee96039e
GoAutoDial 3.3 Authentication Bypass / Command Injection
Posted Jul 5, 2017
Authored by Chris McCurley | Site metasploit.com

This Metasploit module exploits a SQL injection flaw in the login functionality for GoAutoDial version 3.3-1406088000 and below, and attempts to perform command injection. This also attempts to retrieve the admin user details, including the cleartext password stored in the underlying database. Command injection will be performed with root privileges. The default pre-packaged ISO builds are available from goautodial.org. Currently, the hardcoded command injection payload is an encoded reverse-tcp bash one-liner and the handler should be setup to receive it appropriately.

tags | exploit, root, tcp, sql injection, bash
advisories | CVE-2015-2843, CVE-2015-2845
SHA-256 | 94721ce87cbcec20c3b6fb430d3119351af84675d49a97004d25f1efe7edfa5d
TestSSL 2.8
Posted May 20, 2017
Authored by Dr. Dirk Wetter | Site drwetter.org

testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws, and much more. It is written in (pure) bash, makes only use of standard Unix utilities, openssl and last but not least bash sockets.

Changes: Trust chain check. Various other improvements and updates.
tags | tool, scanner, protocol, bash
systems | unix
SHA-256 | b160969dd8950f63afd57243cbbe2af0f7de9501a877e78b9b8ed9bae5405b59
Ubuntu Security Notice USN-3294-1
Posted May 18, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3294-1 - Bernd Dietzel discovered that Bash incorrectly expanded the hostname when displaying the prompt. If a remote attacker were able to modify a hostname, this flaw could be exploited to execute arbitrary code. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 16.10. It was discovered that Bash incorrectly handled the SHELLOPTS and PS4 environment variables. A local attacker could use this issue to execute arbitrary code with root privileges. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 16.10. Various other issues were also addressed.

tags | advisory, remote, arbitrary, local, root, bash
systems | linux, ubuntu
advisories | CVE-2016-0634, CVE-2016-7543, CVE-2016-9401, CVE-2017-5932
SHA-256 | f45d68112bea29f65c3632f3d6b8227dff94e29452d9f3d29a6943cc82cb3905
Linux/x86 Reverse Shell Shellcode
Posted Mar 25, 2017
Authored by Jasmin Landry

110 bytes small Linux/x86 reverse /bin/bash shellcode.

tags | x86, shellcode, bash
systems | linux
SHA-256 | c877dbeb641d857b55e73f461a09ca14679ca4f290a989b9b455e4512cce7981
Red Hat Security Advisory 2017-0725-01
Posted Mar 21, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0725-01 - The bash packages provide Bash, which is the default shell for Red Hat Enterprise Linux. Security Fix: An arbitrary command injection flaw was found in the way bash processed the hostname value. A malicious DHCP server could use this flaw to execute arbitrary commands on the DHCP client machines running bash under specific circumstances. An arbitrary command injection flaw was found in the way bash processed the SHELLOPTS and PS4 environment variables. A local, authenticated attacker could use this flaw to exploit poorly written setuid programs to elevate their privileges under certain circumstances.

tags | advisory, arbitrary, shell, local, bash
systems | linux, redhat
advisories | CVE-2016-0634, CVE-2016-7543, CVE-2016-9401
SHA-256 | ec88f4635773f8c357e90336dc5b241990df59544ff8b895b01996472d9147fb
HPE Security Bulletin HPESBNS03702 1
Posted Feb 13, 2017
Authored by Hewlett Packard Enterprise | Site hpe.com

HPE Security Bulletin HPESBNS03702 1 - Several potential security vulnerabilities have been discovered in the Bash Shell in NonStop OSS Core Utilities. The vulnerabilities allow local users to execute arbitrary commands with root privileges. Revision 1 of this advisory.

tags | advisory, arbitrary, shell, local, root, vulnerability, bash
advisories | CVE-2016-7543
SHA-256 | b394c6436beea9a6bf8342eba0148f8bddd15f76db1bb124829cbda5a60ef3e9
Gentoo Linux Security Advisory 201701-02
Posted Jan 2, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201701-2 - Multiple vulnerabilities were found in Bash, the worst of which may allow execution of arbitrary code. Versions less than 4.3_p48-r1 are affected.

tags | advisory, arbitrary, vulnerability, bash
systems | linux, gentoo
advisories | CVE-2016-7543, CVE-2016-9401
SHA-256 | eb521b305299c64bbde2141030ca2fa3167c5ae1199bd14058e8e35f1707047f
Linux/x86 /bin/bash -c Shellcode
Posted Dec 16, 2016
Authored by Filippo Bersani

72 bytes small Linux/x86 /bin/bash -c arbitrary command execution shellcode.

tags | arbitrary, x86, shellcode, bash
systems | linux
SHA-256 | 87b4f2e3d7784905c0908109eae7e0e225a61919c41832c25c2c6c9182d0ac77
Gentoo Linux Security Advisory 201612-39
Posted Dec 13, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201612-39 - A vulnerability in Bash could potentially lead to arbitrary code execution. Versions less than 4.3_p46-r1 are affected.

tags | advisory, arbitrary, code execution, bash
systems | linux, gentoo
advisories | CVE-2016-0634
SHA-256 | 96cbb6d4079f6c238759962c53f44499ebb56813bbe2020d3920087bd2eaf316
NUUO NVRmini 2 NE-4160 ShellShock Remote Code Execution
Posted Aug 6, 2016
Authored by LiquidWorm | Site zeroscience.mk

NUUO NVRmini, NVRmini2, Crystal, NVRSolo suffer from an authenticated ShellShock vulnerability. This could allow an attacker to gain control over a targeted computer if exploited successfully. The vulnerability affects Bash, a common component known as a shell that appears in many versions of Linux and Unix.

tags | exploit, shell, bash
systems | linux, unix
SHA-256 | ef1d911dbe025d8bee702808b48783938a47134cff1efcaa17e592ab23dbf552
PH.I NFS Scanner
Posted Aug 3, 2016

PHI.I is an effective NFS scanner. It is intended to be left running in a screen session somewhere, scans randomly and requires very little user interaction. It finds large numbers of exported NFS directories, and lists the contents of directories that are exported to everyone. There are very large numbers of completely open NFS shares, despite it being an issue for at least 30 years. Written in bash.

tags | tool, scanner, bash
systems | unix
SHA-256 | 4d49999e7cbd3abdea5d95a215b932ff2d670f5fee5e8283608f5ed63da4d697
conntrack-tools Bash Completion 1.0
Posted Apr 18, 2016
Authored by AllKind | Site sourceforge.net

This is bash programmable completion for the conntrack-tools from netfilter.org. The package contains completions for conntrack, conntrackd, and nfct.

tags | tool, firewall, bash
systems | linux, unix
SHA-256 | 10cd00bae635aff9f1e26ca613dfbd4bc422cf0bbf97df3b86b2a3956a86dffe
nfacct Bash Completion 1.1
Posted Apr 18, 2016
Authored by AllKind | Site sourceforge.net

This is bash programmable completion for the netfilter.org accounting tool nfacct.

tags | tool, firewall, bash
systems | linux, unix
SHA-256 | 94dc1ff29888d37ceb6141d112be3eaf78c5b9f8ab96323f16440796cca2a2d3
IPSet List 3.6
Posted Apr 17, 2016
Authored by AllKind | Site sourceforge.net

ipset_list is a wrapper script written in bash for listing sets of the netfilter ipset program. It allows you to match and display sets, headers, and elements in various ways. The output can optionally be colorized. An interactive mode allows to select the query options in a wizard based manner.

Changes: The query result can now also be saved in ipset save, or xml format. When saving the query result, the output can now be sent to stdout. An exit handler was added. Some usability improvements were done. A command line parser and a documentation bug were fixed.
tags | tool, firewall, bash
systems | linux, unix
SHA-256 | 8ddb1a945ada9b3f2ebf3b8e336bdc88bf5149693c808df3c19f3707231f2f4d
IPSet List 3.5.1
Posted Mar 28, 2016
Authored by AllKind | Site sourceforge.net

ipset_list is a wrapper script written in bash for listing sets of the netfilter ipset program. It allows you to match and display sets, headers, and elements in various ways. The output can optionally be colorized. An interactive mode allows to select the query options in a wizard based manner.

Changes: Added option -Gp. Added an install and an uninstall script. Various other fixes.
tags | tool, firewall, bash
systems | linux, unix
SHA-256 | a91e75b6cb8cb107cb890a35522795d33084b9d4aeb07cc15981c44268ec81ef
Linux x86 / x64 execve(/bin/bash) Shellcode
Posted Mar 28, 2016
Authored by Ajith KP

33 bytes small Linux x86 / x64 execve(/bin/bash) shellcode.

tags | x86, shellcode, bash
systems | linux
SHA-256 | aee8c9a799a98ddea14c91ece59e18500b71170c825b60cb95d6220e8f654553
IPSet List 3.4
Posted Mar 13, 2016
Authored by AllKind | Site sourceforge.net

ipset_list is a wrapper script written in bash for listing sets of the netfilter ipset program. It allows you to match and display sets, headers, and elements in various ways. The output can optionally be colorized. An interactive mode allows to select the query options in a wizard based manner.

Changes: A new option (-T) was introduced, allowing to test for existence of elements. This option can be used multiple times over multiple ipset sets in one query. An interactive wizard based mode has been added. It allows to select the options for the query interactively. Additionally the command line for the search can be composed (-G). In order to run the wizards, the dialog and whiptail programs are supported. One bug was fixed: usage output did not display some valid combinations. Also some minor tweaks have been done. A man page has been included. Script options can now be set from a configuration file.
tags | tool, firewall, bash
systems | linux, unix
SHA-256 | 831fe3a7c0e35af7cc62968e2a73dcad829835caaddc1d8a3592e280d606280b
IPSet Bash Completion 2.9.2
Posted Mar 3, 2016
Authored by AllKind | Site sourceforge.net

ipset-bash-completion is programmable completion code for the bash shell, to support the ipset program (netfilter.org). It allows you to interactively retrieve and complete options, commands, set names, types, and members.

Changes: Various bug fixes and additions.
tags | tool, shell, firewall, bash
systems | linux, unix
SHA-256 | 80c61eec561eeb58e79da30726b8821cf84e16abdcdb0d44d505ee52ab188c35
Cisco Security Advisory 20160302-n3k
Posted Mar 3, 2016
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - A vulnerability in Cisco NX-OS Software running on Cisco Nexus 3000 Series Switches and Cisco Nexus 3500 Platform Switches could allow an unauthenticated, remote attacker to log in to the device with the privileges of the root user with bash shell access. The vulnerability is due to a user account that has a default and static password. This account is created at installation and cannot be changed or deleted without impacting the functionality of the system. An attacker could exploit this vulnerability by connecting to the affected system using this default account. The account can be used to authenticate remotely to the device via Telnet (or SSH on a specific release) and locally on the serial console. Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are available.

tags | advisory, remote, shell, root, bash
systems | cisco
SHA-256 | 55054f95b4b6b3eb0b901ebe09515ce4946676316659deee42c3df9546b9408e
IPSet Bash Completion 2.9.1
Posted Feb 24, 2016
Authored by AllKind | Site sourceforge.net

ipset-bash-completion is programmable completion code for the bash shell, to support the ipset program (netfilter.org). It allows you to interactively retrieve and complete options, commands, set names, types, and members.

Changes: Various bug fixes and additions.
tags | tool, shell, firewall, bash
systems | linux, unix
SHA-256 | 25e06c5ddc6704c3182ef15077db6f3a133006ec2c1276f41403032fd715407f
IPSet Bash Completion 2.8
Posted Feb 17, 2016
Authored by AllKind | Site sourceforge.net

ipset-bash-completion is programmable completion code for the bash shell, to support the ipset program (netfilter.org). It allows you to interactively retrieve and complete options, commands, set names, types, and members.

Changes: Various bug fixes and additions.
tags | tool, shell, firewall, bash
systems | linux, unix
SHA-256 | b5bc4a79fc52f0333822e3b932c76b81c22257fb3dae82b4f98935d220c186ce
IPSet Bash Completion 2.7
Posted Feb 6, 2016
Authored by AllKind | Site sourceforge.net

ipset-bash-completion is programmable completion code for the bash shell, to support the ipset program (netfilter.org). It allows you to interactively retrieve and complete options, commands, set names, types, and members.

Changes: Some code formatting changes. Various bug fixes and additions.
tags | tool, shell, firewall, bash
systems | linux, unix
SHA-256 | 2ca23b7e97c2fd21522510a597e6f8263fa3958d2ab155014a37a1855290c23f
Page 4 of 13
Back23456Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close