exploit the possibilities
Showing 1 - 25 of 2,326 RSS Feed

TCP Files

Global Socket 1.4.25
Posted Feb 24, 2021
Authored by thc | Site thc.org

Global Socket is a tool for moving data from here to there, securely, fast, and through NAT and firewalls. It uses the Global Socket Relay Network to connect TCP pipes, has end-to-end encryption (using OpenSSL's SRP / RFC-5054), AES-256 and key exchange using 4096-bit Prime, requires no PKI, has Perfect Forward Secrecy, and TOR support.

Changes: Terminal/ANSI code fixes.
tags | tool, tcp
systems | unix
MD5 | 678586d46969ea1bbd7e8b77dacafa3e
Global Socket 1.4.24
Posted Feb 22, 2021
Authored by thc | Site thc.org

Global Socket is a tool for moving data from here to there, securely, fast, and through NAT and firewalls. It uses the Global Socket Relay Network to connect TCP pipes, has end-to-end encryption (using OpenSSL's SRP / RFC-5054), AES-256 and key exchange using 4096-bit Prime, requires no PKI, has Perfect Forward Secrecy, and TOR support.

Changes: EEElite-Console, File Transfer and alerts when admin logs in.
tags | tool, tcp
systems | unix
MD5 | 20d802d5a4db9ffc08379aea052bd26f
Backdoor.Win32.Wollf.14 Missing Authentication
Posted Jan 27, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Wollf.14 malware has a backdoor on TCP/7614 that does not require any authentication.

tags | exploit, tcp
systems | windows
MD5 | 67751ad6a5636ad444a23dacf27f3961
Linux/x64 Bindshell With Password Shellcode
Posted Jan 25, 2021
Authored by Guillem Alminyana

142 bytes small Linux/x64 shellcode that binds a password protected shell to TCP 0.0.0.0:4444.

tags | shell, tcp, shellcode
systems | linux
MD5 | f8b947c4c7650a50507dafa334b79742
Backdoor.Win32.Kraimer.11 Missing Authentication
Posted Jan 25, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Kraimer.11 malware has a backdoor on TCP/6668 that does not require any authentication.

tags | exploit, tcp
systems | windows
MD5 | ab7914a32014a552e8902d32415b1aed
Backdoor.Win32.Verify.f Missing Authentication
Posted Jan 21, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Verify.f malware has backdoors running on TCP ports 1906 and 1907 that do not require any authentication.

tags | exploit, tcp
systems | windows
MD5 | ca8e4a026f7a8a413a34154343153445
Backdoor.Win32.Onalf Missing Authentication
Posted Jan 20, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Onalf malware has a backdoor running on TCP/2020 that does not require any authentication.

tags | exploit, tcp
systems | windows
MD5 | 8413023933171cccf3cf8f346fc00dc6
Backdoor.Win32.Zxman Missing Authentication
Posted Jan 20, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Zxman malware has a backdoor running on TCP/2048 that does not require any authentication.

tags | exploit, tcp
systems | windows
MD5 | e59d2f563516bdcc00be9a6bd0fe9c3e
Linux/x64 Reverse Shell Shellcode
Posted Jan 19, 2021
Authored by Guillem Alminyana

123 bytes small Linux/x64 reverse shell shellcode that connects to TCP/127.1.1.1:4444.

tags | shell, tcp, shellcode
systems | linux
MD5 | 6fdcaaec184d84b16a741d95de7b3961
Linux/x86 Bindshell Shellcode
Posted Jan 15, 2021
Authored by ac3

65 bytes small Linux/x86 bindshell shellcode that binds /bin/sh to TCP/0.0.0.0:13377.

tags | x86, tcp, shellcode
systems | linux
MD5 | b50ae92a79eb994d20eae879ab538a64
Backdoor.Win32.NinjaSpy.c Remote Stack Buffer Overflow
Posted Jan 8, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.NinjaSpy.c suffers from a remote stack buffer overflow vulnerability. The specimen drops a DLL named "cmd.dll" under C:\WINDOWS\ which listens on both TCP ports 2003 and 2004. By sending consecutive HTTP PUT requests with large payloads of characters, we can cause buffer overflow.

tags | exploit, remote, web, overflow, tcp
systems | windows, 32
MD5 | 8f5ab251df42addd482e25bdea7aa8d8
Linux/x86 Reverse TCP Shellcode
Posted Dec 31, 2020
Authored by Stylianos Voukatas

114 bytes small Linux/x86 reverse TCP shellcode.

tags | x86, tcp, shellcode
systems | linux
MD5 | 736ab2fee6b1fc77956e403631161630
Barco wePresent Admin Credential Exposure
Posted Nov 20, 2020
Authored by Jim Becher | Site korelogic.com

An attacker armed with hardcoded API credentials from KL-001-2020-004 (CVE-2020-28329) can issue an authenticated query to display the admin password for the main web user interface listening on port 443/tcp for Barco wePresent WiPG-1600W version 2.5.1.8.

tags | exploit, web, tcp
advisories | CVE-2020-28329, CVE-2020-28330
MD5 | 3ad24677ecaeff25f5cac17ee343f4a9
Global Socket 1.4.22
Posted Nov 19, 2020
Authored by thc | Site thc.org

Global Socket is a tool for moving data from here to there, securely, fast, and through NAT and firewalls. It uses the Global Socket Relay Network to connect TCP pipes, has end-to-end encryption (using OpenSSL's SRP / RFC-5054), AES-256 and key exchange using 4096-bit Prime, requires no PKI, has Perfect Forward Secrecy, and TOR support.

tags | tool, tcp
systems | unix
MD5 | 697aff8d6aa465252692af99375ce8f7
Asterisk 17.6.0 / 17.5.1 Denial Of Service
Posted Nov 6, 2020
Authored by Sandro Gauci | Site enablesecurity.com

Asterisk versions 17.5.1 and 17.6.0 were found vulnerability to a denial of service condition where Asterisk segfaults when receiving an INVITE flood over TCP.

tags | exploit, denial of service, tcp
MD5 | 9a5d9ec730691495e303171a44bcc12b
Red Hat Security Advisory 2020-4619-01
Posted Nov 4, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4619-01 - FRRouting is free software that manages TCP/IP based routing protocols. It supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR, EIGRP and BFD. Issues addressed include denial of service and information leakage vulnerabilities.

tags | advisory, denial of service, tcp, vulnerability, protocol
systems | linux, redhat
advisories | CVE-2020-12831
MD5 | 0edbca111a4f4b5b6e9df0234bfa4526
Samhain File Integrity Checker 4.4.3
Posted Nov 2, 2020
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.

Changes: Now allows console logging to a unix domain socket. Fixed spurious cppcheck warnings, gcc 10 compiler warning in sh_audit.c, gcc 10 compiler warning in sh_ipvx.c, gcc 10 compile problem in sh_tiger1_64.c, and gcc 10 compiler warning in sh_portcheck.c.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
MD5 | 5a314bb9e345e93012bf2e9b2ffb7b24
Nmap Port Scanner 7.91
Posted Oct 12, 2020
Authored by Fyodor | Site insecure.org

Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings.

Changes: Various bug fixes.
tags | tool, remote, udp, tcp, protocol, nmap
systems | unix
MD5 | a071afc6a4b5f4a5dc93d1aef82dfa9d
Nmap Port Scanner 7.90
Posted Oct 3, 2020
Authored by Fyodor | Site insecure.org

Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings.

Changes: Upgraded Npcap. Integrated over 800 service/version detection fingerprints submitted since August 2017. Integrated over 330 of the most-frequently-submitted IPv4 OS fingerprints since August 2017. Added 26 fingerprints, bringing the new total to 5,678. Various other additions and improvements.
tags | tool, remote, udp, tcp, protocol, nmap
systems | unix
MD5 | c8bda5e6a7177c97efedccdcff00ef55
Cisco AnyConnect Privilege Escalation
Posted Sep 30, 2020
Authored by Yorick Koster, Christophe de la Fuente, Antoine Goichot | Site metasploit.com

The installer component of Cisco AnyConnect Secure Mobility Client for Windows prior to 4.8.02042 is vulnerable to path traversal and allows local attackers to create/overwrite files in arbitrary locations with system level privileges. The installer component of Cisco AnyConnect Secure Mobility Client for Windows prior to 4.9.00086 is vulnerable to a DLL hijacking and allows local attackers to execute code on the affected machine with with system level privileges. Both attacks consist in sending a specially crafted IPC request to the TCP port 62522 on the loopback device, which is exposed by the Cisco AnyConnect Secure Mobility Agent service.

tags | exploit, arbitrary, local, tcp
systems | cisco, windows
advisories | CVE-2020-3153, CVE-2020-3433
MD5 | 6dab51a6758b6569e7dba4af74f482ed
Linux/x86 Reverse TCP Shellcode
Posted Aug 24, 2020
Authored by Xenofon Vassilakopoulos

84 bytes small Linux/x86 reverse TCP shellcode.

tags | x86, tcp, shellcode
systems | linux
MD5 | d27c925e63f6be65e2fe56789bbf7646
Ericom Access Server 9.2.0 Server-Side Request Forgery
Posted Aug 22, 2020
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Ericom Access Server allows attackers to initiate SSRF requests making outbound connections to arbitrary hosts and TCP ports. Attackers, who can reach the AccessNow server can target internal systems that are behind firewalls that are typically not accessible. This can also be used to target third-party systems from the AccessNow server itself. Version 9.2.0 is affected.

tags | exploit, arbitrary, tcp
advisories | CVE-2020-24548
MD5 | 00835b7add7f159a6244efac16d7a915
Ubuntu Security Notice USN-4468-1
Posted Aug 21, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4468-1 - Emanuel Almeida discovered that Bind incorrectly handled certain TCP payloads. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS. Joseph Gullo discovered that Bind incorrectly handled QNAME minimization when used in certain configurations. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS. Various other issues were also addressed.

tags | advisory, remote, denial of service, tcp
systems | linux, ubuntu
advisories | CVE-2020-8620, CVE-2020-8621, CVE-2020-8622, CVE-2020-8623, CVE-2020-8624
MD5 | b7dcb2f5025b482f2cbb92a36354b19b
Samhain File Integrity Checker 4.4.2
Posted Aug 1, 2020
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.

Changes: Re-enabled reading options from option group [samhain] in my.cnf. Fixed server install in configure.ac. Added more verbosity to portable binary installer. Fixed minor issues.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
MD5 | dadeb345093737a3fe1024d585cf1ec5
Cisco AnyConnect Path Traversal / Privilege Escalation
Posted Jun 25, 2020
Authored by Yorick Koster, Christophe de la Fuente, Antoine Goichot | Site metasploit.com

The installer component of Cisco AnyConnect Secure Mobility Client for Windows prior to version 4.8.02042 is vulnerable to path traversal and allows local attackers to create/overwrite files in arbitrary locations with system level privileges. The attack consists in sending a specially crafted IPC request to the TCP port 62522 on the loopback device, which is exposed by the Cisco AnyConnect Secure Mobility Agent service. This service will then launch the vulnerable installer component (vpndownloader), which copies itself to an arbitrary location before being executed with system privileges. Since vpndownloader is also vulnerable to DLL hijacking, a specially crafted DLL (dbghelp.dll) is created at the same location vpndownloader will be copied to get code execution with system privileges. This exploit has been successfully tested against Cisco AnyConnect Secure Mobility Client versions 4.5.04029, 4.5.05030 and 4.7.04056 on Windows 10 version 1909 (x64) and Windows 7 SP1 (x86).

tags | exploit, arbitrary, x86, local, tcp, code execution
systems | cisco, windows, 7
advisories | CVE-2020-3153
MD5 | 0ce466f922be78b19e5b1169c13ef711
Page 1 of 94
Back12345Next

File Archive:

March 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    19 Files
  • 2
    Mar 2nd
    15 Files
  • 3
    Mar 3rd
    30 Files
  • 4
    Mar 4th
    0 Files
  • 5
    Mar 5th
    0 Files
  • 6
    Mar 6th
    0 Files
  • 7
    Mar 7th
    0 Files
  • 8
    Mar 8th
    0 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    0 Files
  • 12
    Mar 12th
    0 Files
  • 13
    Mar 13th
    0 Files
  • 14
    Mar 14th
    0 Files
  • 15
    Mar 15th
    0 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    0 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close