what you don't know can hurt you
Showing 1 - 25 of 2,289 RSS Feed

TCP Files

MQTT Protocol Overview
Posted Feb 19, 2020
Authored by Kunal Bharti

This whitepaper provides an overview of the MQTT protocol. MQTT is a is an open OASIS and ISO standard (ISO/IEC PRF 20922) lightweight, simple machine to machine TCP/IP based protocol which can be used for communication between IoT devices.

tags | paper, tcp, protocol
MD5 | e95a8a5bfa307e3c6ccbf6b1426de529
CHIYU BF430 TCP IP Converter Cross Site Scripting
Posted Feb 11, 2020
Authored by Luca.Chiou

CHIYU BF430 TCP IP Converter suffers from a persistent cross site scripting vulnerability.

tags | exploit, tcp, xss
advisories | CVE-2020-8839
MD5 | a6ee7fc27f67cc244445c885fbce649c
Sagemcom Fast 3890 Remote Code Execution
Posted Jan 14, 2020
Authored by Lyrebirds

This exploit uses the Cable Haunt vulnerability to open a shell for the Sagemcom F@ST 3890 (50_10_19-T1) cable modem. The exploit serves a website that sends a malicious websocket request to the cable modem. The request will overflow a return address in the spectrum analyzer of the cable modem and using a rop chain start listening for a tcp connection on port 1337. The server will then send a payload over this tcp connection and the modem will start executing the payload. The payload will listen for commands to be run in the eCos shell on the cable modem and redirect STDOUT to the tcp connection.

tags | exploit, overflow, shell, tcp
MD5 | 198aa336f424b90404d0e070fba143a2
Linux/x64 Reverse TCP Stager Shellcode
Posted Dec 17, 2019
Authored by Lee Mazzoleni

188 bytes small Lnux/x64 reverse TCP stager shellcode.

tags | tcp, shellcode
MD5 | 140e35142f4d23741799a818d695e97f
Debian Security Advisory 4577-1
Posted Nov 28, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4577-1 - Tim Dusterhus discovered that haproxy, a TCP/HTTP reverse proxy, did not properly sanitize HTTP headers when converting from HTTP/2 to HTTP/1. This would allow a remote user to perform CRLF injections.

tags | advisory, remote, web, tcp
systems | linux, debian
advisories | CVE-2019-19330
MD5 | 136682b36788547ff6b9f48e09a65017
Ubuntu Security Notice USN-4197-1
Posted Nov 21, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4197-1 - It was discovered that Bind incorrectly handled certain TCP-pipelined queries. A remote attacker could possibly use this issue to cause Bind to consume resources, resulting in a denial of service.

tags | advisory, remote, denial of service, tcp
systems | linux, ubuntu
advisories | CVE-2019-6477
MD5 | 11bfa35275bd6ea3bcaa1d7e51576b3c
FreeSWITCH Event Socket Command Execution
Posted Nov 14, 2019
Authored by Brendan Coles | Site metasploit.com

This Metasploit module uses the FreeSWITCH event socket interface to execute system commands using the system API command. The event socket service is enabled by default and listens on TCP port 8021 on the local network interface. This module has been tested successfully on FreeSWITCH versions: 1.6.10-17-726448d~44bit on FreeSWITCH-Deb8-TechPreview virtual machine; 1.8.4~64bit on Ubuntu 19.04 (x64); and 1.10.1~64bit on Windows 7 SP1 (EN) (x64).

tags | exploit, local, tcp
systems | linux, windows, ubuntu, 7
MD5 | fabd4afa284981bdc1c471d62f81d23a
Covert Channel And Data Hiding In TCP/IP
Posted Nov 4, 2019
Authored by Roshan Poudel

Whitepaper called Covert Channel and Data Hiding in TCP/IP.

tags | paper, tcp
MD5 | 6fd8666907b5b1aeeb94914778c6b848
Samhain File Integrity Checker 4.4.0
Posted Oct 31, 2019
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.

Changes: Added support for OpenBSD signify as alternative to GnuPG.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
MD5 | 0fbbefc33f0c1dfe8e22ae923a92ed1e
Fortinet FortiSIEM 5.0 / 5.2.1 Improper Certification Validation
Posted Oct 1, 2019
Authored by Andrew Klaus

A FortiSIEM collector connects to a Supervisor/Worker over HTTPS TLS (443/TCP) to register itself as well as relaying event data such as syslog, netflow, SNMP, etc. When the Collector (the client) connects to the Supervisor/Worker (the server), the client does not validate the server-provided certificate against its root-CA store. Since the client does no server certificate validation, this means any certificate presented to the client will be considered valid and the connection will succeed. If an attacker spoofs a Worker/Supervisor using an ARP or DNS poisoning attack (or any other MITM attack), the Collector will blindly connect to the attacker's HTTPS TLS server. It will disclose the authentication password used along with any data being relayed. Versions 5.0 and 5.2.1 have been tested and are affected.

tags | exploit, web, root, spoof, tcp
MD5 | ee1a1fa2b58f6637bd250813eb471ce4
Linux/x86 Bind TCP Port 43690 Null-Free Shellcode
Posted Sep 17, 2019
Authored by Daniel Ortiz

53 bytes small Linux/x86 bind TCP port 43690 null-free shellcode.

tags | x86, tcp, shellcode
systems | linux
MD5 | f345374aa9c5b98d69c4892457777ca6
Linux/x86 TCP Reverse Shell 127.0.0.1 Nullbyte Free Shellcode
Posted Sep 5, 2019
Authored by Sandro Zaccarini

Linux/x86 TCP reverse shell 127.0.0.1 nullbyte free shellcode.

tags | shell, x86, tcp, shellcode
systems | linux
MD5 | 99e7f76d43a55a51387066637b961f4a
Linux/x86_64 Reverse Shell TCP/4444 With Password Shellcode
Posted Aug 20, 2019
Authored by Goncalo Ribeiro

120 bytes small Linux/x86_64 reverse (127.0.0.1:4444/TCP) shell (/bin/sh) + password (pass) shellcode.

tags | shell, tcp, shellcode
systems | linux
MD5 | 9d833727135aee23ab7360fd99fb9844
Linux/MIPS64 Reverse Shell Shellcode
Posted Aug 20, 2019
Authored by Antonio De la Piedra

157 bytes small Linux/MIPS64 reverse (localhost:4444/TCP) shell shellcode.

tags | shell, tcp, shellcode
systems | linux
MD5 | 943dc4bcee3d0b33275bf2fdf8a0cb86
Linux/x86_64 TCP/4444 Bindshell With Password Shellcode
Posted Aug 18, 2019
Authored by Goncalo Ribeiro

129 bytes small Linux/x86_64 bind (4444/TCP) shell (/bin/sh) + password (pass) shellcode.

tags | shell, tcp, shellcode
systems | linux
MD5 | 4f69a9a7b34a1231bc105cb3374d328e
Nmap Port Scanner 7.80
Posted Aug 11, 2019
Authored by Fyodor | Site insecure.org

Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings.

Changes: This is the Defcon release for 2019. Added 11 NSE scripts. Many bug fixes and code improvements.
tags | tool, remote, udp, tcp, protocol, nmap
systems | unix
MD5 | 6ebfd22b0a7abdd67ed6acd361c7136d
FreeBSD Security Advisory - FreeBSD-SA-19:21.bhyve
Posted Aug 6, 2019
Authored by Reno Robert | Site security.freebsd.org

FreeBSD Security Advisory - The e1000 network adapters permit a variety of modifications to an Ethernet packet when it is being transmitted. These include the insertion of IP and TCP checksums, insertion of an Ethernet VLAN header, and TCP segmentation offload ("TSO"). The e1000 device model uses an on-stack buffer to generate the modified packet header when simulating these modifications on transmitted packets. When TCP segmentation offload is requested for a transmitted packet, the e1000 device model used a guest-provided value to determine the size of the on-stack buffer without validation. The subsequent header generation could overflow an incorrectly sized buffer or indirect a pointer composed of stack garbage. A misbehaving bhyve guest could overwrite memory in the bhyve process on the host.

tags | advisory, overflow, tcp
systems | freebsd
advisories | CVE-2019-5609
MD5 | 26840b488f085103047559c3820eb233
Red Hat Security Advisory 2019-2110-01
Posted Aug 6, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2110-01 - The rsyslog packages provide an enhanced, multi-threaded syslog daemon. It supports MySQL, syslog/TCP, RFC 3195, permitted sender lists, filtering on any message part, and fine-grained control over output format. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow, tcp
systems | linux, redhat
advisories | CVE-2018-16881
MD5 | 57b8b6292d978091bce5375e11953451
Samhain File Integrity Checker 4.3.3
Posted Jul 11, 2019
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.

Changes: Multiple bug fixes and one patch added.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
MD5 | 94e5a467bebedab1fb7359690e1ad425
Linux/ARM64 Reverse (::1:4444/TCP) Shell (/bin/sh) + IPv6 Shellcode
Posted Jul 1, 2019
Authored by Ken Kitahara

140 bytes small Linux/ARM64 reverse (::1:4444/TCP) shell (/bin/sh) + IPv6 shellcode.

tags | shell, tcp, shellcode
systems | linux
MD5 | 963fa2ad715b4be81cf33bb8532a371b
Linux/ARM64 Reverse TCP Shell Null-Free Shellcode
Posted Jul 1, 2019
Authored by Ken Kitahara

128 bytes small Linux/ARM64 reverse (127.0.0.1:4444/TCP) shell (/bin/sh) + null-free shellcode.

tags | shell, tcp, shellcode
systems | linux
MD5 | baf3acf539d89d5984b5d12485f4cc8c
Linux/ARM64 Bind (4444/TCP) Shell (/bin/sh) + Null-Free Shellcode
Posted Jul 1, 2019
Authored by Ken Kitahara

164 bytes small Linux/ARM64 TCP/4444 /bin/sh binding shellcode that is null free.

tags | tcp, shellcode
systems | linux
MD5 | 43883b5e61d8bf528c3102fd0514bac3
Linux/ARM64 Bind (4444/TCP) Shell (/bin/sh) + IPv6 Shellcode
Posted Jun 30, 2019
Authored by Ken Kitahara

176 bytes small Linux/ARM64 bind (4444/TCP) shell (/bin/sh) + IPv6 shellcode.

tags | shell, tcp, shellcode
systems | linux
MD5 | c130e4751a092cf193947ee482647a82
Ubuntu Security Notice USN-4041-1
Posted Jun 28, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4041-1 - USN-4017-1 fixed vulnerabilities in the Linux kernel for Ubuntu. Unfortunately, the update introduced a regression that interfered with networking applications that setup very low SO_SNDBUF values. This update fixes the problem. Jonathan Looney discovered that the Linux kernel could be coerced into segmenting responses into multiple TCP segments. A remote attacker could construct an ongoing sequence of requests to cause a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, kernel, tcp, vulnerability
systems | linux, ubuntu
advisories | CVE-2019-11479
MD5 | 691bce991dba471ebb0a928c2986e255
GNUnet P2P Framework 0.11.5
Posted Jun 26, 2019
Authored by Christian Grothoff | Site ovmj.org

GNUnet is a peer-to-peer framework with focus on providing security. All peer-to-peer messages in the network are confidential and authenticated. The framework provides a transport abstraction layer and can currently encapsulate the network traffic in UDP (IPv4 and IPv6), TCP (IPv4 and IPv6), HTTP, or SMTP messages. GNUnet supports accounting to provide contributing nodes with better service. The primary service build on top of the framework is anonymous file sharing.

Changes: Added CAA record type. Various other updates.
tags | tool, web, udp, tcp, peer2peer
systems | unix
MD5 | 07bd9734306d96bbb2a21938c406ad77
Page 1 of 92
Back12345Next

File Archive:

February 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    1 Files
  • 2
    Feb 2nd
    2 Files
  • 3
    Feb 3rd
    17 Files
  • 4
    Feb 4th
    15 Files
  • 5
    Feb 5th
    24 Files
  • 6
    Feb 6th
    16 Files
  • 7
    Feb 7th
    19 Files
  • 8
    Feb 8th
    1 Files
  • 9
    Feb 9th
    2 Files
  • 10
    Feb 10th
    15 Files
  • 11
    Feb 11th
    20 Files
  • 12
    Feb 12th
    12 Files
  • 13
    Feb 13th
    18 Files
  • 14
    Feb 14th
    17 Files
  • 15
    Feb 15th
    4 Files
  • 16
    Feb 16th
    4 Files
  • 17
    Feb 17th
    34 Files
  • 18
    Feb 18th
    15 Files
  • 19
    Feb 19th
    19 Files
  • 20
    Feb 20th
    20 Files
  • 21
    Feb 21st
    11 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files
  • 29
    Feb 29th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close