exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 76 - 100 of 2,420 RSS Feed

TCP Files

Windows/x86 Bind TCP Shellcode
Posted Oct 7, 2021
Authored by h4pp1n3ss

Windows/x86 bind TCP shellcode / dynamic PEB and EDT method null-free shellcode. This a bind tcp shellcode that open a listen socket on 0.0.0.0 and port 1337. In order to accomplish this task the shellcode uses the PEB method to locate the baseAddress of the required module and the Export Directory Table to locate symbols. Also the shellcode uses a hash function to gather dynamically the required symbols without worry about the length.

tags | x86, tcp, shellcode
systems | windows
SHA-256 | 7dd9706d9d60f259d8e6ef790111d2ef99c07abddaae6debfdc64b5c0856ce2f
Windows/x86 Reverse TCP Shellcode
Posted Sep 13, 2021
Authored by Xenofon Vassilakopoulos

330 bytes small Windows/x86 reverse TCP shellcode that connects to 192.168.201.11:4444.

tags | x86, tcp, shellcode
systems | windows
SHA-256 | 12149f06ca22bb6ea072202a3c3d714fb9e0922026292c67e2fc3c768fa2b30f
Samhain File Integrity Checker 4.4.6
Posted Sep 5, 2021
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.

Changes: Fixed Debian 10 compile problem in dnmalloc (mallinfo2). Fixed compile problem on Ubuntu 20 with make deb. Fixed make deb issue when compiling as client. Fixed issue with inotify.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
SHA-256 | 4a8101d820e391a210f836d8cb8fc953fc835a3ca83173448ab294811eb348ec
CyberArk Credential Provider Race Condition / Authorization Bypass
Posted Sep 2, 2021
Authored by Klayton Monroe | Site korelogic.com

CyberArk's Credential Provider loopback communications on TCP port 18923 are encrypted with key material that has extremely low entropy. In all currently-known use cases, the effective key space is less than 2^16. For an attacker who understands the key derivation scheme and encryption mechanics, knowledge of the source port and access to the payloads of a given client-server exchange are sufficient to reduce effective key space to one. In cases where the source port is not known, the encrypted payloads will be unable to withstand a brute force attack. Additionally, the user identification mechanism used by CyberArk's Credential Provider is vulnerable to a race condition where an unauthorized/unprivileged user can submit one or more encrypted query requests. If the race is won, the attacker will be able to retrieve sensitive information including passwords and password metadata. Versions prior to 12.1 are affected.

tags | exploit, tcp
advisories | CVE-2021-31797
SHA-256 | 7dede6bcc7b3021a2a5c5df1eb3c7bc0663ae7d954677866d63352936b9f568a
Nmap Port Scanner 7.92
Posted Aug 9, 2021
Authored by Fyodor | Site insecure.org

Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings.

Changes: Upgraded Npcap for Windows usage which now allows nmap to work on the Windows ARM architecture. New Nmap option --unique will prevent Nmap from scanning the same IP address twice. Various updates to NSE and many bugs were addressed in this release.
tags | tool, remote, udp, tcp, protocol, nmap
systems | unix
SHA-256 | 064183ea642dc4c12b1ab3b5358ce1cef7d2e7e11ffa2849f16d339f5b717117
Microsoft Windows WFP Default Rules AppContainer Capability Bypass Privilege Escalation
Posted Jul 20, 2021
Authored by James Forshaw, Google Security Research

The default rules for the WFP connect layers permit certain executables to connect TCP sockets in AppContainers without capabilities leading to elevation of privilege.

tags | exploit, tcp
SHA-256 | 817d39612fc53f7a2ee93673d737d89c13b73c3517209d386b6ada61eca137bb
Linux/x86 Egghunter Reverse TCP Shell Shellcode
Posted Jul 19, 2021
Authored by D7X

Linux/x86 egghunter reverse TCP shell shellcode generator with dynamic IP and port.

tags | shell, x86, tcp, shellcode
systems | linux
SHA-256 | f381e9e627457c622f41f2e0f02fd7275a109fbf7c64277852a12fa68a12f383
Windows TCP/IP Denial Of Service
Posted Jul 14, 2021
Authored by 0vercl0k | Site github.com

This is a proof of concept for a Windows TCP/IP denial of service vulnerability due to a NULL dereference in tcpip.sys. This was patched by Microsoft in February 2021. It is triggerable remotely by sending malicious UDP packet over IPv6.

tags | exploit, denial of service, udp, tcp, proof of concept
systems | windows
advisories | CVE-2021-24086
SHA-256 | 0516b2a0dc860ebf19e63ce4021cd59c81f89b4c0605fd9ecea4c32742d682e0
Global Socket 1.4.33
Posted Jul 13, 2021
Authored by thc | Site thc.org

Global Socket is a tool for moving data from here to there, securely, fast, and through NAT and firewalls. It uses the Global Socket Relay Network to connect TCP pipes, has end-to-end encryption (using OpenSSL's SRP / RFC-5054), AES-256 and key exchange using 4096-bit Prime, requires no PKI, has Perfect Forward Secrecy, and TOR support.

Changes: OpenWRT related update and merged pull request #50 from hackerschoice/fixie.
tags | tool, tcp
systems | unix
SHA-256 | 5bbc850a274b933a4e8b0ac7d5bc8b0527c3eddbaee7f8a9389c284f27a6fe14
Linux/x86 Reverse TCP Shell Shellcode
Posted Jul 12, 2021
Authored by D7X

86 bytes small Linux/x86 reverse TCP shell with dynamic IP and port binding shellcode.

tags | shell, x86, tcp, shellcode
systems | linux
SHA-256 | 098ad2f853874de86f3c54be8fe5f0603e48dcd1deaae5ff49d0f3c6ecd04c34
Samhain File Integrity Checker 4.4.5
Posted Jul 1, 2021
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.

Changes: Fixed a memory leak introduced in 4.4.4.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
SHA-256 | bdb8a6488b759fe95ceeebf88694df69fbc77cb5b2be1390f21cfe378daef97e
Global Socket 1.4.32
Posted Jun 30, 2021
Authored by thc | Site thc.org

Global Socket is a tool for moving data from here to there, securely, fast, and through NAT and firewalls. It uses the Global Socket Relay Network to connect TCP pipes, has end-to-end encryption (using OpenSSL's SRP / RFC-5054), AES-256 and key exchange using 4096-bit Prime, requires no PKI, has Perfect Forward Secrecy, and TOR support.

Changes: Protocol upgrade to 1.3 that breaks backwards compatibility. New Key Derivation Method and fixed gs secret length. Added verbosity switches. Auto-reconnect for server added when DNS fails and keeps re-trying until success. Downgraded automake requirements to 2.69. deploy.sh support for Raspberry PI 4b+ (armv7l) added. Debian HURD support added. Various other updates.
tags | tool, tcp
systems | unix
SHA-256 | 70fc96e2f1e0cd752068e94fb4f37b3f19d670243921f76b0f2114578151f1e3
SAP Netweaver JAVA 7.50 Missing Authorization
Posted Jun 15, 2021
Authored by Ignacio D. Favro | Site onapsis.com

A malicious unauthenticated user could abuse the lack of authentication check on SAP Java P2P cluster communication in order to connect to the respective TCP ports and perform different privileged actions. SAP Netweaver JAVA versions 7.10 through 7.50 are affected.

tags | exploit, java, tcp
advisories | CVE-2020-26829
SHA-256 | 805643e688fbee4c048d322779d58d6f9b53b1939424fabfb2fd739907f62af5
CHIYU TCP/IP Converter CRLF Injection
Posted Jun 1, 2021
Authored by sirpedrotavares

CHIYU TCP/IP Converter devices suffers from a crlf injection vulnerability. Versions affected include BF-430, BF-431, and BF-450M.

tags | exploit, tcp
SHA-256 | e7a596a59cae5f2c12a480ba0005a90bec441a27f46a82c5481c45eb383eab21
Global Socket 1.4.30
Posted May 14, 2021
Authored by thc | Site thc.org

Global Socket is a tool for moving data from here to there, securely, fast, and through NAT and firewalls. It uses the Global Socket Relay Network to connect TCP pipes, has end-to-end encryption (using OpenSSL's SRP / RFC-5054), AES-256 and key exchange using 4096-bit Prime, requires no PKI, has Perfect Forward Secrecy, and TOR support.

Changes: Fixed a rare occasion where gs-netcat might consume 100% cpu load. Fixed OSX System Protection (workaround).
tags | tool, tcp
systems | unix
SHA-256 | 512c31ebafb9013dfaf82b0123e088f976d3c1b57658ea60a7c8825a1c4bf7c7
Global Socket 1.4.29
Posted Apr 7, 2021
Authored by thc | Site thc.org

Global Socket is a tool for moving data from here to there, securely, fast, and through NAT and firewalls. It uses the Global Socket Relay Network to connect TCP pipes, has end-to-end encryption (using OpenSSL's SRP / RFC-5054), AES-256 and key exchange using 4096-bit Prime, requires no PKI, has Perfect Forward Secrecy, and TOR support.

Changes: Debian shenanigans and lint-party clean ups.
tags | tool, tcp
systems | unix
SHA-256 | 5d6beae72888b5b7c4d4d6bcef2c37256c736435fd1b08ff642ee4c60a310ea5
Global Socket 1.4.28
Posted Apr 1, 2021
Authored by thc | Site thc.org

Global Socket is a tool for moving data from here to there, securely, fast, and through NAT and firewalls. It uses the Global Socket Relay Network to connect TCP pipes, has end-to-end encryption (using OpenSSL's SRP / RFC-5054), AES-256 and key exchange using 4096-bit Prime, requires no PKI, has Perfect Forward Secrecy, and TOR support.

Changes: Minor documentation updates.
tags | tool, tcp
systems | unix
SHA-256 | ef8eb970940d435e07001fccf2ac210f539a9bb09ea1ef146c5f6ff4cc15a402
Global Socket 1.4.27
Posted Mar 23, 2021
Authored by thc | Site thc.org

Global Socket is a tool for moving data from here to there, securely, fast, and through NAT and firewalls. It uses the Global Socket Relay Network to connect TCP pipes, has end-to-end encryption (using OpenSSL's SRP / RFC-5054), AES-256 and key exchange using 4096-bit Prime, requires no PKI, has Perfect Forward Secrecy, and TOR support.

Changes: Renamed gs to gsocket. Updated README.md.
tags | tool, tcp
systems | unix
SHA-256 | 850d5195de840280e1638f121743617ad47852109636541bccd20d4cdd953d6b
Global Socket 1.4.25
Posted Feb 24, 2021
Authored by thc | Site thc.org

Global Socket is a tool for moving data from here to there, securely, fast, and through NAT and firewalls. It uses the Global Socket Relay Network to connect TCP pipes, has end-to-end encryption (using OpenSSL's SRP / RFC-5054), AES-256 and key exchange using 4096-bit Prime, requires no PKI, has Perfect Forward Secrecy, and TOR support.

Changes: Terminal/ANSI code fixes.
tags | tool, tcp
systems | unix
SHA-256 | 70fae385cd6c9bbcc73c17efabd236f0a0bfe00d11b0c9360651ec7e4baf42c2
Global Socket 1.4.24
Posted Feb 22, 2021
Authored by thc | Site thc.org

Global Socket is a tool for moving data from here to there, securely, fast, and through NAT and firewalls. It uses the Global Socket Relay Network to connect TCP pipes, has end-to-end encryption (using OpenSSL's SRP / RFC-5054), AES-256 and key exchange using 4096-bit Prime, requires no PKI, has Perfect Forward Secrecy, and TOR support.

Changes: EEElite-Console, File Transfer and alerts when admin logs in.
tags | tool, tcp
systems | unix
SHA-256 | 0dd41d5c99202fa4387bb5b9db7ce55236fc913b65e3a9fb58f697d3480f14ef
Backdoor.Win32.Wollf.14 MVID-2021-0055 Missing Authentication
Posted Jan 27, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Wollf.14 malware has a backdoor on TCP/7614 that does not require any authentication.

tags | exploit, tcp
systems | windows
SHA-256 | 2f11b22f4a81eedb7df75e8958cdd82cecb3055d43ca8789947305c47f9b576a
Linux/x64 Bindshell With Password Shellcode
Posted Jan 25, 2021
Authored by Guillem Alminyana

142 bytes small Linux/x64 shellcode that binds a password protected shell to TCP 0.0.0.0:4444.

tags | shell, tcp, shellcode
systems | linux
SHA-256 | 333530589c154018011a1ee45adb6102c069fc8e7b0ef4eaecdb98fd693c95d6
Backdoor.Win32.Kraimer.11 MVID-2021-0046 Missing Authentication
Posted Jan 25, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Kraimer.11 malware has a backdoor on TCP/6668 that does not require any authentication.

tags | exploit, tcp
systems | windows
SHA-256 | 5f05a5534857a1ffa1de021039a3e94cc618d99cc6d1cf04bba6bde3ea222d6c
Backdoor.Win32.Verify.f MVID-2021-0043 Missing Authentication
Posted Jan 21, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Verify.f malware has backdoors running on TCP ports 1906 and 1907 that do not require any authentication.

tags | exploit, tcp
systems | windows
SHA-256 | cf0d05fad5bd20b1a4725f45b439683727f6fcb22ffc0ac1c0781c2dfad9a15f
Backdoor.Win32.Onalf MVID-2021-0042 Missing Authentication
Posted Jan 20, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Onalf malware has a backdoor running on TCP/2020 that does not require any authentication.

tags | exploit, tcp
systems | windows
SHA-256 | 11a484e66621a068144ad8f7018fb183228c9b73ab0087efdfb38ba9ac0ca945
Page 4 of 97
Back23456Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    0 Files
  • 5
    Mar 5th
    0 Files
  • 6
    Mar 6th
    0 Files
  • 7
    Mar 7th
    0 Files
  • 8
    Mar 8th
    0 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    0 Files
  • 12
    Mar 12th
    0 Files
  • 13
    Mar 13th
    0 Files
  • 14
    Mar 14th
    0 Files
  • 15
    Mar 15th
    0 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    0 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close