all things security
Showing 26 - 50 of 1,048 RSS Feed

Python Files

Stegano 0.7.1
Posted May 5, 2017
Authored by Cedric Bonhomme | Site github.com

Stegano is a basic Python Steganography module. Stegano implements two methods of hiding: using the red portion of a pixel to hide ASCII messages, and using the Least Significant Bit (LSB) technique. It is possible to use a more advanced LSB method based on integers sets. The sets (Sieve of Eratosthenes, Fermat, Carmichael numbers, etc.) are used to select the pixels used to hide the information.

Changes: Improved generators for the lsb-set module. Improved tests for generators. Improved type hints.
tags | tool, encryption, steganography, python
systems | unix
MD5 | b5a834b30983c3cf7d0ccb6f2bcc4c48
fimap Inclusion Scanner
Posted May 1, 2017
Authored by Iman Karim | Site tha-imax.de

fimap is a little python tool which can find, prepare, audit, exploit and even google automatically for local and remote file inclusion bugs in web applications.

tags | tool, remote, web, local, scanner, python, file inclusion
systems | unix
MD5 | c521918aff624c30203b6f8679f04c80
Mercurial Custom hg-ssh Wrapper Remote Code Execution
Posted Apr 26, 2017
Authored by claudijd | Site metasploit.com

This Metasploit module takes advantage of custom hg-ssh wrapper implementations that don't adequately validate parameters passed to the hg binary, allowing users to trigger a Python Debugger session, which allows arbitrary Python code execution.

tags | exploit, arbitrary, code execution, python
MD5 | 84d44fdb3c43165b047bb08d12580e29
Red Hat Security Advisory 2017-1162-01
Posted Apr 26, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1162-01 - Python is an interpreted, interactive, object-oriented programming language that supports modules, classes, exceptions, high-level dynamic data types, and dynamic typing. The python27 packages provide a stable release of Python 2.7 with a number of additional utilities and database connectors for MySQL and PostgreSQL. The python27 Software Collection has been upgraded to version 2.7.13, which provides a number of bug fixes and enhancements over the previous version.

tags | advisory, python
systems | linux, redhat
advisories | CVE-2014-9365
MD5 | f80bdf1620ac051ab16e8406ef77c927
Blue Team Training Toolkit (BT3) 2.2
Posted Apr 17, 2017
Authored by Juan J. Guelfo | Site encripto.no

Blue Team Training Toolkit (BT3) is an attempt to introduce improvements in current computer network defense analysis training. Based on adversary replication techniques, and with reusability in mind, BT3 allows individuals and organizations to create realistic computer attack scenarios, while reducing infrastructure costs, implementation time and risk. The Blue Team Training Toolkit is written in Python, and it includes the latest versions of Encripto's Maligno and Pcapteller.

Changes: This release focuses on usability. New commands have been implemented, and error messages related to API operations are now more descriptive.
tags | tool, python
systems | unix
MD5 | 25b5c99f377d029bc54e7c2f708d20b1
Red Hat Security Advisory 2017-0936-01
Posted Apr 12, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0936-01 - The defusedxml package contains several Python-only updates for security vulnerabilities in Python's XML libraries. Defusedxml functions and classes can be used instead of the originals to protect against entity-expansion and DTD-retrieval issues. PySAML2 is the python implementation of SAML Version 2, containing all the functionality for building a SAML2 service provider or an identity provider, to be used in a WSGI environment. Multiple security issues have been addressed.

tags | advisory, vulnerability, python
systems | linux, redhat
advisories | CVE-2016-10149
MD5 | df829eb486ac6e2858f350e0a5ca0554
Red Hat Security Advisory 2017-0938-01
Posted Apr 12, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0938-01 - The defusedxml package contains several Python-only updates for security vulnerabilities in Python's XML libraries. Defusedxml functions and classes can be used instead of the originals to protect against entity-expansion and DTD-retrieval issues. PySAML2 is the python implementation of SAML Version 2, containing all the functionality for building a SAML2 service provider or an identity provider, to be used in a WSGI environment. Multiple security issues have been addressed.

tags | advisory, vulnerability, python
systems | linux, redhat
advisories | CVE-2016-10149
MD5 | 03d2f1d1865d7e83f48d0f082f91a38b
Red Hat Security Advisory 2017-0937-01
Posted Apr 12, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0937-01 - The defusedxml package contains several Python-only updates for security vulnerabilities in Python's XML libraries. Defusedxml functions and classes can be used instead of the originals to protect against entity-expansion and DTD-retrieval issues. PySAML2 is the python implementation of SAML Version 2, containing all the functionality for building a SAML2 service provider or an identity provider, to be used in a WSGI environment. Multiple security issues have been addressed.

tags | advisory, vulnerability, python
systems | linux, redhat
advisories | CVE-2016-10149
MD5 | 0484f0a142f315dacb22299d95a7a435
Red Hat Security Advisory 2017-0698-01
Posted Mar 21, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0698-01 - The subscription-manager packages provide programs and libraries to allow users to manage subscriptions and yum repositories from the Red Hat entitlement platform. The subscription-manager-migration-data package provides certificates for migrating a system from the legacy Red Hat Network Classic to Red Hat Subscription Management. The python-rhsm packages provide a library for communicating with the representational state transfer interface of a Red Hat Unified Entitlement Platform. The Subscription Management tools use this interface to manage system entitlements, certificates, and access to content.

tags | advisory, python
systems | linux, redhat
advisories | CVE-2016-4455
MD5 | 1fca597092169e3f3167f49eb5bde777
FTPShell Client 6.53 Buffer Overflow
Posted Mar 15, 2017
Authored by N_A, Peter Baris

FTPShell Client version 6.53 buffer overflow exploit written in python.

tags | exploit, overflow, python
advisories | CVE-2017-6465
MD5 | e7d79e3cd3d9610a2af3cdb7c741761e
Red Hat Security Advisory 2017-0515-01
Posted Mar 14, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0515-01 - The ceph-ansible package provides Ansible playbooks for installing, maintaining, and upgrading Red Hat Ceph Storage. Ansible is a simple model-driven configuration management, multi-node deployment, and remote task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. The following packages have been upgraded to a later upstream version: ceph-installer, ansible, python-passlib, ceph-ansible.

tags | advisory, remote, python
systems | linux, redhat
advisories | CVE-2016-9587
MD5 | 406ba4d5193b8c629c1eb8b01606e6f8
Ubuntu Security Notice USN-3229-1
Posted Mar 13, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3229-1 - It was discovered that the Python Imaging Library incorrectly handled certain compressed text chunks in PNG images. A remote attacker could possibly use this issue to cause the Python Imaging Library to crash, resulting in a denial of service. Cris Neckar discovered that the Python Imaging Library incorrectly handled certain malformed images. A remote attacker could use this issue to cause the Python Imaging Library to crash, resulting in a denial of service, or possibly obtain sensitive information. Various other issues were also addressed.

tags | advisory, remote, denial of service, python
systems | linux, ubuntu
advisories | CVE-2014-9601, CVE-2016-9189, CVE-2016-9190
MD5 | ff7e8c4d3fa12e9267ec54a73b0d553f
Stegano 0.6.9
Posted Mar 12, 2017
Authored by Cedric Bonhomme | Site github.com

Stegano is a basic Python Steganography module. Stegano implements two methods of hiding: using the red portion of a pixel to hide ASCII messages, and using the Least Significant Bit (LSB) technique. It is possible to use a more advanced LSB method based on integers sets. The sets (Sieve of Eratosthenes, Fermat, Carmichael numbers, etc.) are used to select the pixels used to hide the information.

Changes: Introduces some type hints (PEP 484). More tests for the generators and for the tools module. Updated descriptions of generators. Fixed a bug with a generator that has been previously renamed.
tags | tool, encryption, steganography, python
systems | unix
MD5 | fdcde58c8b8ee2fc03f15bd0ea242da6
Stegano 0.6.8
Posted Mar 9, 2017
Authored by Cedric Bonhomme | Site github.com

Stegano is a basic Python Steganography module. Stegano implements two methods of hiding: using the red portion of a pixel to hide ASCII messages, and using the Least Significant Bit (LSB) technique. It is possible to use a more advanced LSB method based on integers sets. The sets (Sieve of Eratosthenes, Fermat, Carmichael numbers, etc.) are used to select the pixels used to hide the information.

Changes: Fixed an error when revealing a hidden binary file in an image.
tags | tool, encryption, steganography, python
systems | unix
MD5 | 52f57be3040e681abd2d814ce9196afa
Blue Team Training Toolkit (BT3) 2.1.1
Posted Mar 8, 2017
Authored by Juan J. Guelfo | Site encripto.no

Blue Team Training Toolkit (BT3) is an attempt to introduce improvements in current computer network defense analysis training. Based on adversary replication techniques, and with reusability in mind, BT3 allows individuals and organizations to create realistic computer attack scenarios, while reducing infrastructure costs, implementation time and risk. The Blue Team Training Toolkit is written in Python, and it includes the latest versions of Encripto's Maligno and Pcapteller.

Changes: Fixed bug that prevented Pcapteller from starting. Minor adjustments.
tags | tool, python
systems | unix
MD5 | 9e80b57fa469742c6dd00630f671e505
Java / Python FTP URL Handling XXE / SSRF
Posted Feb 24, 2017
Authored by Timothy D. Morgan

Java and Python both have URL handling code that can be leveraged for XML external entity (XXE) injection and SSRF attacks.

tags | advisory, java, python
MD5 | b46f35be652c08f2529c29a9fccd6755
Stegano 0.6.7
Posted Feb 23, 2017
Authored by Cedric Bonhomme | Site github.com

Stegano is a basic Python Steganography module. Stegano implements two methods of hiding: using the red portion of a pixel to hide ASCII messages, and using the Least Significant Bit (LSB) technique. It is possible to use a more advanced LSB method based on integers sets. The sets (Sieve of Eratosthenes, Fermat, Carmichael numbers, etc.) are used to select the pixels used to hide the information.

Changes: Added missing dependency in the setup.py file.
tags | tool, encryption, steganography, python
systems | unix
MD5 | a86c61ff8ca7e4e5b4c2d23d1497ebbe
Stegano 0.6.5
Posted Feb 18, 2017
Authored by Cedric Bonhomme | Site github.com

Stegano is a basic Python Steganography module. Stegano implements two methods of hiding: using the red portion of a pixel to hide ASCII messages, and using the Least Significant Bit (LSB) technique. It is possible to use a more advanced LSB method based on integers sets. The sets (Sieve of Eratosthenes, Fermat, Carmichael numbers, etc.) are used to select the pixels used to hide the information.

Changes: Added a command to list all available generators for the lsb-set module. Added a test when the data image is coming via byte stream, for the lsb module.
tags | tool, encryption, steganography, python
systems | unix
MD5 | 1e5f7149efdbe891021f573c6ddbc446
Ubuntu Security Notice USN-3199-2
Posted Feb 17, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3199-2 - USN-3199-1 fixed a vulnerability in the Python Cryptography Toolkit. Unfortunately, various programs depended on the original behavior of the Python Cryptography Toolkit which was altered when fixing the vulnerability. This update retains the fix for the vulnerability but issues a warning rather than throwing an exception. Code which produces this warning should be updated because future versions of the Python Cryptography Toolkit re-introduce the exception. Various other issues were also addressed.

tags | advisory, python
systems | linux, ubuntu
MD5 | 340428b2c433631648bcdd669fbbaccf
Ubuntu Security Notice USN-3199-1
Posted Feb 17, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3199-1 - It was discovered that the ALGnew function in block_templace.c in the Python Cryptography Toolkit contained a heap-based buffer overflow vulnerability. A remote attacker could use this flaw to execute arbitrary code by using a crafted initialization vector parameter.

tags | advisory, remote, overflow, arbitrary, python
systems | linux, ubuntu
MD5 | 0fa5ef4093d20bcb56084b1ba3f57d3b
Stegano 0.6.4
Posted Feb 8, 2017
Authored by Cedric Bonhomme | Site github.com

Stegano is a basic Python Steganography module. Stegano implements two methods of hiding: using the red portion of a pixel to hide ASCII messages, and using the Least Significant Bit (LSB) technique. It is possible to use a more advanced LSB method based on integers sets. The sets (Sieve of Eratosthenes, Fermat, Carmichael numbers, etc.) are used to select the pixels used to hide the information.

Changes: A command line for the red module has been added. Fixed a bug in the lsb-set command line.
tags | tool, encryption, steganography, python
systems | unix
MD5 | 2bf8e84f0e364bd8eb29908002536cdc
Mobius Forensic Toolkit 0.5.27
Posted Feb 1, 2017
Site savannah.nongnu.org

Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.

Changes: New extension lshw-agent. Various other improvements.
tags | tool, python, forensics
MD5 | c63bfb52c519dbb44c724037201f6ede
Stegano 0.6.3
Posted Feb 1, 2017
Authored by Cedric Bonhomme | Site github.com

Stegano is a basic Python Steganography module. Stegano implements two methods of hiding: using the red portion of a pixel to hide ASCII messages, and using the Least Significant Bit (LSB) technique. It is possible to use a more advanced LSB method based on integers sets. The sets (Sieve of Eratosthenes, Fermat, Carmichael numbers, etc.) are used to select the pixels used to hide the information.

Changes: Support for transparent PNG images has been added (lsb and lsbset modules).
tags | tool, encryption, steganography, python
systems | unix
MD5 | edf049af0de135b84632221dc5a4bd43
Python 2.x Buffer Overflow
Posted Jan 23, 2017
Authored by sultan albalawi, Chaitanya Haritash

Python version 2.x suffers from a buffer overflow in the DecodeAdpcmImaQT function in the ctypes module.

tags | exploit, overflow, python
MD5 | c62627678ae4e681acfc632f6b86abe2
Stegano 0.6.2
Posted Jan 19, 2017
Authored by Cedric Bonhomme | Site github.com

Stegano is a basic Python Steganography module. Stegano implements two methods of hiding: using the red portion of a pixel to hide ASCII messages, and using the Least Significant Bit (LSB) technique. It is possible to use a more advanced LSB method based on integers sets. The sets (Sieve of Eratosthenes, Fermat, Carmichael numbers, etc.) are used to select the pixels used to hide the information.

Changes: Fixed a bug in the exifHeader hiding method.
tags | tool, encryption, steganography, python
systems | unix
MD5 | e25cb6d3a824a594a4a43c85304ca2d8
Page 2 of 42
Back12345Next

File Archive:

October 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    15 Files
  • 2
    Oct 2nd
    16 Files
  • 3
    Oct 3rd
    15 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    11 Files
  • 6
    Oct 6th
    6 Files
  • 7
    Oct 7th
    2 Files
  • 8
    Oct 8th
    1 Files
  • 9
    Oct 9th
    13 Files
  • 10
    Oct 10th
    16 Files
  • 11
    Oct 11th
    15 Files
  • 12
    Oct 12th
    23 Files
  • 13
    Oct 13th
    13 Files
  • 14
    Oct 14th
    12 Files
  • 15
    Oct 15th
    2 Files
  • 16
    Oct 16th
    16 Files
  • 17
    Oct 17th
    16 Files
  • 18
    Oct 18th
    14 Files
  • 19
    Oct 19th
    8 Files
  • 20
    Oct 20th
    7 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close