what you don't know can hurt you
Showing 1 - 25 of 2,344 RSS Feed

TCP Files

Windows/x86 Bind TCP Shellcode
Posted Oct 7, 2021
Authored by h4pp1n3ss

Windows/x86 bind TCP shellcode / dynamic PEB and EDT method null-free shellcode. This a bind tcp shellcode that open a listen socket on 0.0.0.0 and port 1337. In order to accomplish this task the shellcode uses the PEB method to locate the baseAddress of the required module and the Export Directory Table to locate symbols. Also the shellcode uses a hash function to gather dynamically the required symbols without worry about the length.

tags | x86, tcp, shellcode
systems | windows
MD5 | 736f21ab958a376512c0d0673c8c0979
Windows/x86 Reverse TCP Shellcode
Posted Sep 13, 2021
Authored by Xenofon Vassilakopoulos

330 bytes small Windows/x86 reverse TCP shellcode that connects to 192.168.201.11:4444.

tags | x86, tcp, shellcode
systems | windows
MD5 | 62fe34329d5e8ee5089f6fbc86bcb0a3
Samhain File Integrity Checker 4.4.6
Posted Sep 5, 2021
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.

Changes: Fixed Debian 10 compile problem in dnmalloc (mallinfo2). Fixed compile problem on Ubuntu 20 with make deb. Fixed make deb issue when compiling as client. Fixed issue with inotify.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
MD5 | 51bcc1f204db174f738f487be05a0507
CyberArk Credential Provider Race Condition / Authorization Bypass
Posted Sep 2, 2021
Authored by Klayton Monroe | Site korelogic.com

CyberArk's Credential Provider loopback communications on TCP port 18923 are encrypted with key material that has extremely low entropy. In all currently-known use cases, the effective key space is less than 2^16. For an attacker who understands the key derivation scheme and encryption mechanics, knowledge of the source port and access to the payloads of a given client-server exchange are sufficient to reduce effective key space to one. In cases where the source port is not known, the encrypted payloads will be unable to withstand a brute force attack. Additionally, the user identification mechanism used by CyberArk's Credential Provider is vulnerable to a race condition where an unauthorized/unprivileged user can submit one or more encrypted query requests. If the race is won, the attacker will be able to retrieve sensitive information including passwords and password metadata. Versions prior to 12.1 are affected.

tags | exploit, tcp
advisories | CVE-2021-31797
MD5 | a5595be791e4ba068a17e6e8dfc3f175
Nmap Port Scanner 7.92
Posted Aug 9, 2021
Authored by Fyodor | Site insecure.org

Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings.

Changes: Upgraded Npcap for Windows usage which now allows nmap to work on the Windows ARM architecture. New Nmap option --unique will prevent Nmap from scanning the same IP address twice. Various updates to NSE and many bugs were addressed in this release.
tags | tool, remote, udp, tcp, protocol, nmap
systems | unix
MD5 | 0e9d4d6513ae6c79af9d9e7ea02fa05b
Microsoft Windows WFP Default Rules AppContainer Capability Bypass Privilege Escalation
Posted Jul 20, 2021
Authored by James Forshaw, Google Security Research

The default rules for the WFP connect layers permit certain executables to connect TCP sockets in AppContainers without capabilities leading to elevation of privilege.

tags | exploit, tcp
MD5 | 37069deaf47980f1a4c39f62bc13ce25
Linux/x86 Egghunter Reverse TCP Shell Shellcode
Posted Jul 19, 2021
Authored by D7X

Linux/x86 egghunter reverse TCP shell shellcode generator with dynamic IP and port.

tags | shell, x86, tcp, shellcode
systems | linux
MD5 | 12a643a44f3245dd82780330839889e3
Windows TCP/IP Denial Of Service
Posted Jul 14, 2021
Authored by 0vercl0k | Site github.com

This is a proof of concept for a Windows TCP/IP denial of service vulnerability due to a NULL dereference in tcpip.sys. This was patched by Microsoft in February 2021. It is triggerable remotely by sending malicious UDP packet over IPv6.

tags | exploit, denial of service, udp, tcp, proof of concept
systems | windows
advisories | CVE-2021-24086
MD5 | 603e905801bb4f31bf554bafa86b2826
Global Socket 1.4.33
Posted Jul 13, 2021
Authored by thc | Site thc.org

Global Socket is a tool for moving data from here to there, securely, fast, and through NAT and firewalls. It uses the Global Socket Relay Network to connect TCP pipes, has end-to-end encryption (using OpenSSL's SRP / RFC-5054), AES-256 and key exchange using 4096-bit Prime, requires no PKI, has Perfect Forward Secrecy, and TOR support.

Changes: OpenWRT related update and merged pull request #50 from hackerschoice/fixie.
tags | tool, tcp
systems | unix
MD5 | 4375e4daa510a89157d89aea0d28708e
Linux/x86 Reverse TCP Shell Shellcode
Posted Jul 12, 2021
Authored by D7X

86 bytes small Linux/x86 reverse TCP shell with dynamic IP and port binding shellcode.

tags | shell, x86, tcp, shellcode
systems | linux
MD5 | 15a0f14a218e63eb34bcd799a25afa3f
Samhain File Integrity Checker 4.4.5
Posted Jul 1, 2021
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.

Changes: Fixed a memory leak introduced in 4.4.4.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
MD5 | 67ae752dc862c44a941be84fa5513fca
Global Socket 1.4.32
Posted Jun 30, 2021
Authored by thc | Site thc.org

Global Socket is a tool for moving data from here to there, securely, fast, and through NAT and firewalls. It uses the Global Socket Relay Network to connect TCP pipes, has end-to-end encryption (using OpenSSL's SRP / RFC-5054), AES-256 and key exchange using 4096-bit Prime, requires no PKI, has Perfect Forward Secrecy, and TOR support.

Changes: Protocol upgrade to 1.3 that breaks backwards compatibility. New Key Derivation Method and fixed gs secret length. Added verbosity switches. Auto-reconnect for server added when DNS fails and keeps re-trying until success. Downgraded automake requirements to 2.69. deploy.sh support for Raspberry PI 4b+ (armv7l) added. Debian HURD support added. Various other updates.
tags | tool, tcp
systems | unix
MD5 | 1ac0911273bf892c3d9e6daed8ac183b
SAP Netweaver JAVA 7.50 Missing Authorization
Posted Jun 15, 2021
Authored by Ignacio D. Favro | Site onapsis.com

A malicious unauthenticated user could abuse the lack of authentication check on SAP Java P2P cluster communication in order to connect to the respective TCP ports and perform different privileged actions. SAP Netweaver JAVA versions 7.10 through 7.50 are affected.

tags | exploit, java, tcp
advisories | CVE-2020-26829
MD5 | 97b11d237ebc411e047673bc4c3aa91e
CHIYU TCP/IP Converter CRLF Injection
Posted Jun 1, 2021
Authored by sirpedrotavares

CHIYU TCP/IP Converter devices suffers from a crlf injection vulnerability. Versions affected include BF-430, BF-431, and BF-450M.

tags | exploit, tcp
MD5 | 13a797a4534c55f2a1bacdeee0f9a77e
Global Socket 1.4.30
Posted May 14, 2021
Authored by thc | Site thc.org

Global Socket is a tool for moving data from here to there, securely, fast, and through NAT and firewalls. It uses the Global Socket Relay Network to connect TCP pipes, has end-to-end encryption (using OpenSSL's SRP / RFC-5054), AES-256 and key exchange using 4096-bit Prime, requires no PKI, has Perfect Forward Secrecy, and TOR support.

Changes: Fixed a rare occasion where gs-netcat might consume 100% cpu load. Fixed OSX System Protection (workaround).
tags | tool, tcp
systems | unix
MD5 | 07b699c9997e1957ba592df5a504d85c
Global Socket 1.4.29
Posted Apr 7, 2021
Authored by thc | Site thc.org

Global Socket is a tool for moving data from here to there, securely, fast, and through NAT and firewalls. It uses the Global Socket Relay Network to connect TCP pipes, has end-to-end encryption (using OpenSSL's SRP / RFC-5054), AES-256 and key exchange using 4096-bit Prime, requires no PKI, has Perfect Forward Secrecy, and TOR support.

Changes: Debian shenanigans and lint-party clean ups.
tags | tool, tcp
systems | unix
MD5 | d7bc24a986e64dd7f3543b8627533cb3
Global Socket 1.4.28
Posted Apr 1, 2021
Authored by thc | Site thc.org

Global Socket is a tool for moving data from here to there, securely, fast, and through NAT and firewalls. It uses the Global Socket Relay Network to connect TCP pipes, has end-to-end encryption (using OpenSSL's SRP / RFC-5054), AES-256 and key exchange using 4096-bit Prime, requires no PKI, has Perfect Forward Secrecy, and TOR support.

Changes: Minor documentation updates.
tags | tool, tcp
systems | unix
MD5 | 5b953152490d47bb307a174acaf2f6a8
Global Socket 1.4.27
Posted Mar 23, 2021
Authored by thc | Site thc.org

Global Socket is a tool for moving data from here to there, securely, fast, and through NAT and firewalls. It uses the Global Socket Relay Network to connect TCP pipes, has end-to-end encryption (using OpenSSL's SRP / RFC-5054), AES-256 and key exchange using 4096-bit Prime, requires no PKI, has Perfect Forward Secrecy, and TOR support.

Changes: Renamed gs to gsocket. Updated README.md.
tags | tool, tcp
systems | unix
MD5 | f11e82dfd479753236cb66ae678f4d85
Global Socket 1.4.25
Posted Feb 24, 2021
Authored by thc | Site thc.org

Global Socket is a tool for moving data from here to there, securely, fast, and through NAT and firewalls. It uses the Global Socket Relay Network to connect TCP pipes, has end-to-end encryption (using OpenSSL's SRP / RFC-5054), AES-256 and key exchange using 4096-bit Prime, requires no PKI, has Perfect Forward Secrecy, and TOR support.

Changes: Terminal/ANSI code fixes.
tags | tool, tcp
systems | unix
MD5 | 678586d46969ea1bbd7e8b77dacafa3e
Global Socket 1.4.24
Posted Feb 22, 2021
Authored by thc | Site thc.org

Global Socket is a tool for moving data from here to there, securely, fast, and through NAT and firewalls. It uses the Global Socket Relay Network to connect TCP pipes, has end-to-end encryption (using OpenSSL's SRP / RFC-5054), AES-256 and key exchange using 4096-bit Prime, requires no PKI, has Perfect Forward Secrecy, and TOR support.

Changes: EEElite-Console, File Transfer and alerts when admin logs in.
tags | tool, tcp
systems | unix
MD5 | 20d802d5a4db9ffc08379aea052bd26f
Backdoor.Win32.Wollf.14 Missing Authentication
Posted Jan 27, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Wollf.14 malware has a backdoor on TCP/7614 that does not require any authentication.

tags | exploit, tcp
systems | windows
MD5 | 67751ad6a5636ad444a23dacf27f3961
Linux/x64 Bindshell With Password Shellcode
Posted Jan 25, 2021
Authored by Guillem Alminyana

142 bytes small Linux/x64 shellcode that binds a password protected shell to TCP 0.0.0.0:4444.

tags | shell, tcp, shellcode
systems | linux
MD5 | f8b947c4c7650a50507dafa334b79742
Backdoor.Win32.Kraimer.11 Missing Authentication
Posted Jan 25, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Kraimer.11 malware has a backdoor on TCP/6668 that does not require any authentication.

tags | exploit, tcp
systems | windows
MD5 | ab7914a32014a552e8902d32415b1aed
Backdoor.Win32.Verify.f Missing Authentication
Posted Jan 21, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Verify.f malware has backdoors running on TCP ports 1906 and 1907 that do not require any authentication.

tags | exploit, tcp
systems | windows
MD5 | ca8e4a026f7a8a413a34154343153445
Backdoor.Win32.Onalf Missing Authentication
Posted Jan 20, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Onalf malware has a backdoor running on TCP/2020 that does not require any authentication.

tags | exploit, tcp
systems | windows
MD5 | 8413023933171cccf3cf8f346fc00dc6
Page 1 of 94
Back12345Next

File Archive:

October 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    16 Files
  • 2
    Oct 2nd
    1 Files
  • 3
    Oct 3rd
    1 Files
  • 4
    Oct 4th
    24 Files
  • 5
    Oct 5th
    24 Files
  • 6
    Oct 6th
    11 Files
  • 7
    Oct 7th
    14 Files
  • 8
    Oct 8th
    19 Files
  • 9
    Oct 9th
    1 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    7 Files
  • 12
    Oct 12th
    15 Files
  • 13
    Oct 13th
    26 Files
  • 14
    Oct 14th
    10 Files
  • 15
    Oct 15th
    6 Files
  • 16
    Oct 16th
    2 Files
  • 17
    Oct 17th
    1 Files
  • 18
    Oct 18th
    14 Files
  • 19
    Oct 19th
    15 Files
  • 20
    Oct 20th
    20 Files
  • 21
    Oct 21st
    12 Files
  • 22
    Oct 22nd
    14 Files
  • 23
    Oct 23rd
    3 Files
  • 24
    Oct 24th
    1 Files
  • 25
    Oct 25th
    33 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close