what you don't know can hurt you
Showing 1 - 25 of 2,352 RSS Feed

TCP Files

Red Hat Security Advisory 2022-1964-01
Posted May 11, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-1964-01 - Fetchmail is a remote mail retrieval and forwarding utility intended for use over on-demand TCP/IP links, like SLIP or PPP connections. Fetchmail supports every remote-mail protocol currently in use on the Internet for retrieval. Then Fetchmail forwards the mail through SMTP so the user can read it through their favorite mail client. Issues addressed include bypass, denial of service, and information leakage vulnerabilities.

tags | advisory, remote, denial of service, tcp, vulnerability, protocol
systems | linux, redhat
advisories | CVE-2021-36386, CVE-2021-39272
SHA-256 | 56a9423de5b90a5b76974fef202cb8350dc94cd1c401b9fb36ecb0edbd6e7fed
Samhain File Integrity Checker 4.4.9
Posted May 10, 2022
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.

Changes: Added a fix for double newline stripping when reading from database.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
SHA-256 | 9f02f9145915ba4b5ef6657d539d3dbdbd9a4ad9fd35308bb9bb64509f6c4015
Samhain File Integrity Checker 4.4.8
Posted Apr 30, 2022
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.

Changes: New server option Alias=alias@hostname.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
SHA-256 | 8970a6f4fea1df3c66f97d3637efbf1c050e5f59e827b30e5428970311648b47
FruityWifi Remote Code Execution
Posted Mar 26, 2022
Authored by Knights of Nynex

This is an exploit for FruityWifi that binds a shell to tcp port 4444 using a remote code execution vulnerability leveraged via a SOAP request.

tags | exploit, remote, shell, tcp, code execution
SHA-256 | 1fbc099825cc98358311d77554470a0efa5ba3cd62aac47f9426a08630b11b78
Ubuntu Security Notice USN-5332-1
Posted Mar 17, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5332-1 - Xiang Li, Baojun Liu, Chaoyi Lu, and Changgen Zou discovered that Bind incorrectly handled certain bogus NS records when using forwarders. A remote attacker could possibly use this issue to manipulate cache results. It was discovered that Bind incorrectly handled certain crafted TCP streams. A remote attacker could possibly use this issue to cause Bind to consume resources, leading to a denial of service. This issue only affected Ubuntu 21.10.

tags | advisory, remote, denial of service, tcp
systems | linux, ubuntu
advisories | CVE-2021-25220, CVE-2022-0396
SHA-256 | a4994aaa2841edfa08cf6a3ec7db1b8502e811fd0d2b3e850e50b578b1dbc1ca
Samhain File Integrity Checker 4.4.7
Posted Mar 7, 2022
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.

Changes: Fixed compile error on MacOS. Disable dnmalloc for gcc 11. Fixed minor compile issues with gcc 11.2. Fixed problem with login/logout monitoring on MacOS. Fixed problem caused by switch from pubkey.gpg to pubkey.kbx.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
SHA-256 | 1fa1703c34c1e615e7bcfa6d847c612795623e8bc52d36b15a8846c391362248
QEMU Monitor HMP migrate Command Execution
Posted Feb 8, 2022
Authored by Brendan Coles | Site metasploit.com

This Metasploit module uses QEMU's Monitor Human Monitor Interface (HMP) TCP server to execute system commands using the migrate command. This module has been tested successfully on QEMU version 6.2.0 on Ubuntu 20.04.

tags | exploit, tcp
systems | linux, ubuntu
SHA-256 | 31bb8b20fecf053ea400a06b2e8d39f22d910c3d0025edb6108fcff42b5aa6e0
GNUnet P2P Framework 0.15.3
Posted Nov 9, 2021
Authored by Christian Grothoff | Site ovmj.org

GNUnet is a peer-to-peer framework with focus on providing security. All peer-to-peer messages in the network are confidential and authenticated. The framework provides a transport abstraction layer and can currently encapsulate the network traffic in UDP (IPv4 and IPv6), TCP (IPv4 and IPv6), HTTP, or SMTP messages. GNUnet supports accounting to provide contributing nodes with better service. The primary service build on top of the framework is anonymous file sharing.

Changes: Various updates.
tags | tool, web, udp, tcp, peer2peer
SHA-256 | d62669a8f41e078eaa220ce77a32f4f3f801e3099357ae8c705498fe73884ec5
Windows/x86 Bind TCP Shellcode
Posted Oct 7, 2021
Authored by h4pp1n3ss

Windows/x86 bind TCP shellcode / dynamic PEB and EDT method null-free shellcode. This a bind tcp shellcode that open a listen socket on 0.0.0.0 and port 1337. In order to accomplish this task the shellcode uses the PEB method to locate the baseAddress of the required module and the Export Directory Table to locate symbols. Also the shellcode uses a hash function to gather dynamically the required symbols without worry about the length.

tags | x86, tcp, shellcode
systems | windows
SHA-256 | 7dd9706d9d60f259d8e6ef790111d2ef99c07abddaae6debfdc64b5c0856ce2f
Windows/x86 Reverse TCP Shellcode
Posted Sep 13, 2021
Authored by Xenofon Vassilakopoulos

330 bytes small Windows/x86 reverse TCP shellcode that connects to 192.168.201.11:4444.

tags | x86, tcp, shellcode
systems | windows
SHA-256 | 12149f06ca22bb6ea072202a3c3d714fb9e0922026292c67e2fc3c768fa2b30f
Samhain File Integrity Checker 4.4.6
Posted Sep 5, 2021
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.

Changes: Fixed Debian 10 compile problem in dnmalloc (mallinfo2). Fixed compile problem on Ubuntu 20 with make deb. Fixed make deb issue when compiling as client. Fixed issue with inotify.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
SHA-256 | 4a8101d820e391a210f836d8cb8fc953fc835a3ca83173448ab294811eb348ec
CyberArk Credential Provider Race Condition / Authorization Bypass
Posted Sep 2, 2021
Authored by Klayton Monroe | Site korelogic.com

CyberArk's Credential Provider loopback communications on TCP port 18923 are encrypted with key material that has extremely low entropy. In all currently-known use cases, the effective key space is less than 2^16. For an attacker who understands the key derivation scheme and encryption mechanics, knowledge of the source port and access to the payloads of a given client-server exchange are sufficient to reduce effective key space to one. In cases where the source port is not known, the encrypted payloads will be unable to withstand a brute force attack. Additionally, the user identification mechanism used by CyberArk's Credential Provider is vulnerable to a race condition where an unauthorized/unprivileged user can submit one or more encrypted query requests. If the race is won, the attacker will be able to retrieve sensitive information including passwords and password metadata. Versions prior to 12.1 are affected.

tags | exploit, tcp
advisories | CVE-2021-31797
SHA-256 | 7dede6bcc7b3021a2a5c5df1eb3c7bc0663ae7d954677866d63352936b9f568a
Nmap Port Scanner 7.92
Posted Aug 9, 2021
Authored by Fyodor | Site insecure.org

Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings.

Changes: Upgraded Npcap for Windows usage which now allows nmap to work on the Windows ARM architecture. New Nmap option --unique will prevent Nmap from scanning the same IP address twice. Various updates to NSE and many bugs were addressed in this release.
tags | tool, remote, udp, tcp, protocol, nmap
systems | unix
SHA-256 | 064183ea642dc4c12b1ab3b5358ce1cef7d2e7e11ffa2849f16d339f5b717117
Microsoft Windows WFP Default Rules AppContainer Capability Bypass Privilege Escalation
Posted Jul 20, 2021
Authored by James Forshaw, Google Security Research

The default rules for the WFP connect layers permit certain executables to connect TCP sockets in AppContainers without capabilities leading to elevation of privilege.

tags | exploit, tcp
SHA-256 | 817d39612fc53f7a2ee93673d737d89c13b73c3517209d386b6ada61eca137bb
Linux/x86 Egghunter Reverse TCP Shell Shellcode
Posted Jul 19, 2021
Authored by D7X

Linux/x86 egghunter reverse TCP shell shellcode generator with dynamic IP and port.

tags | shell, x86, tcp, shellcode
systems | linux
SHA-256 | f381e9e627457c622f41f2e0f02fd7275a109fbf7c64277852a12fa68a12f383
Windows TCP/IP Denial Of Service
Posted Jul 14, 2021
Authored by 0vercl0k | Site github.com

This is a proof of concept for a Windows TCP/IP denial of service vulnerability due to a NULL dereference in tcpip.sys. This was patched by Microsoft in February 2021. It is triggerable remotely by sending malicious UDP packet over IPv6.

tags | exploit, denial of service, udp, tcp, proof of concept
systems | windows
advisories | CVE-2021-24086
SHA-256 | 0516b2a0dc860ebf19e63ce4021cd59c81f89b4c0605fd9ecea4c32742d682e0
Global Socket 1.4.33
Posted Jul 13, 2021
Authored by thc | Site thc.org

Global Socket is a tool for moving data from here to there, securely, fast, and through NAT and firewalls. It uses the Global Socket Relay Network to connect TCP pipes, has end-to-end encryption (using OpenSSL's SRP / RFC-5054), AES-256 and key exchange using 4096-bit Prime, requires no PKI, has Perfect Forward Secrecy, and TOR support.

Changes: OpenWRT related update and merged pull request #50 from hackerschoice/fixie.
tags | tool, tcp
systems | unix
SHA-256 | 5bbc850a274b933a4e8b0ac7d5bc8b0527c3eddbaee7f8a9389c284f27a6fe14
Linux/x86 Reverse TCP Shell Shellcode
Posted Jul 12, 2021
Authored by D7X

86 bytes small Linux/x86 reverse TCP shell with dynamic IP and port binding shellcode.

tags | shell, x86, tcp, shellcode
systems | linux
SHA-256 | 098ad2f853874de86f3c54be8fe5f0603e48dcd1deaae5ff49d0f3c6ecd04c34
Samhain File Integrity Checker 4.4.5
Posted Jul 1, 2021
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.

Changes: Fixed a memory leak introduced in 4.4.4.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
SHA-256 | bdb8a6488b759fe95ceeebf88694df69fbc77cb5b2be1390f21cfe378daef97e
Global Socket 1.4.32
Posted Jun 30, 2021
Authored by thc | Site thc.org

Global Socket is a tool for moving data from here to there, securely, fast, and through NAT and firewalls. It uses the Global Socket Relay Network to connect TCP pipes, has end-to-end encryption (using OpenSSL's SRP / RFC-5054), AES-256 and key exchange using 4096-bit Prime, requires no PKI, has Perfect Forward Secrecy, and TOR support.

Changes: Protocol upgrade to 1.3 that breaks backwards compatibility. New Key Derivation Method and fixed gs secret length. Added verbosity switches. Auto-reconnect for server added when DNS fails and keeps re-trying until success. Downgraded automake requirements to 2.69. deploy.sh support for Raspberry PI 4b+ (armv7l) added. Debian HURD support added. Various other updates.
tags | tool, tcp
systems | unix
SHA-256 | 70fc96e2f1e0cd752068e94fb4f37b3f19d670243921f76b0f2114578151f1e3
SAP Netweaver JAVA 7.50 Missing Authorization
Posted Jun 15, 2021
Authored by Ignacio D. Favro | Site onapsis.com

A malicious unauthenticated user could abuse the lack of authentication check on SAP Java P2P cluster communication in order to connect to the respective TCP ports and perform different privileged actions. SAP Netweaver JAVA versions 7.10 through 7.50 are affected.

tags | exploit, java, tcp
advisories | CVE-2020-26829
SHA-256 | 805643e688fbee4c048d322779d58d6f9b53b1939424fabfb2fd739907f62af5
CHIYU TCP/IP Converter CRLF Injection
Posted Jun 1, 2021
Authored by sirpedrotavares

CHIYU TCP/IP Converter devices suffers from a crlf injection vulnerability. Versions affected include BF-430, BF-431, and BF-450M.

tags | exploit, tcp
SHA-256 | e7a596a59cae5f2c12a480ba0005a90bec441a27f46a82c5481c45eb383eab21
Global Socket 1.4.30
Posted May 14, 2021
Authored by thc | Site thc.org

Global Socket is a tool for moving data from here to there, securely, fast, and through NAT and firewalls. It uses the Global Socket Relay Network to connect TCP pipes, has end-to-end encryption (using OpenSSL's SRP / RFC-5054), AES-256 and key exchange using 4096-bit Prime, requires no PKI, has Perfect Forward Secrecy, and TOR support.

Changes: Fixed a rare occasion where gs-netcat might consume 100% cpu load. Fixed OSX System Protection (workaround).
tags | tool, tcp
systems | unix
SHA-256 | 512c31ebafb9013dfaf82b0123e088f976d3c1b57658ea60a7c8825a1c4bf7c7
Global Socket 1.4.29
Posted Apr 7, 2021
Authored by thc | Site thc.org

Global Socket is a tool for moving data from here to there, securely, fast, and through NAT and firewalls. It uses the Global Socket Relay Network to connect TCP pipes, has end-to-end encryption (using OpenSSL's SRP / RFC-5054), AES-256 and key exchange using 4096-bit Prime, requires no PKI, has Perfect Forward Secrecy, and TOR support.

Changes: Debian shenanigans and lint-party clean ups.
tags | tool, tcp
systems | unix
SHA-256 | 5d6beae72888b5b7c4d4d6bcef2c37256c736435fd1b08ff642ee4c60a310ea5
Global Socket 1.4.28
Posted Apr 1, 2021
Authored by thc | Site thc.org

Global Socket is a tool for moving data from here to there, securely, fast, and through NAT and firewalls. It uses the Global Socket Relay Network to connect TCP pipes, has end-to-end encryption (using OpenSSL's SRP / RFC-5054), AES-256 and key exchange using 4096-bit Prime, requires no PKI, has Perfect Forward Secrecy, and TOR support.

Changes: Minor documentation updates.
tags | tool, tcp
systems | unix
SHA-256 | ef8eb970940d435e07001fccf2ac210f539a9bb09ea1ef146c5f6ff4cc15a402
Page 1 of 95
Back12345Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close