Exploit the possiblities
Showing 101 - 125 of 2,187 RSS Feed

TCP Files

Linux/x86 TCP Reverse Shellcode
Posted Jul 8, 2016
Authored by sajith

75 bytes small Linux/x86 TCP reverse shellcode.

tags | x86, tcp, shellcode
systems | linux
MD5 | ff67d385d7d7c84ef688cc48b7052120
Linux/x86 TCP Bind Shell Port 4444 Shellcode
Posted Jul 4, 2016
Authored by sajith

98 bytes small Linux/x86 TCP bindshell shellcode that binds to port 4444.

tags | x86, tcp, shellcode
systems | linux
MD5 | 4a1ea50781ae2e42b0e0532389538780
Samhain File Integrity Checker 4.1.4
Posted Jun 2, 2016
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.

Changes: Various updates.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
MD5 | d14f54eb4b556510603c02ad3a35e458
Samhain File Integrity Checker 4.1.3
Posted Apr 19, 2016
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.

Changes: Various updates.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
MD5 | b87ae2ffb925cd1497ede1ce00b8145f
Asterisk Project Security Advisory - AST-2016-005
Posted Apr 14, 2016
Authored by Mark Michelson, George Joseph | Site asterisk.org

Asterisk Project Security Advisory - PJProject has a limit on the number of TCP connections that it can accept. Furthermore, PJProject does not close TCP connections it accepts. By default, this value is approximately 60. An attacker can deplete the number of allowed TCP connections by opening TCP connections and sending no data to Asterisk. If PJProject has been compiled in debug mode, then once the number of allowed TCP connections has been depleted, the next attempted TCP connection to Asterisk will crash due to an assertion in PJProject. If PJProject has not been compiled in debug mode, then any further TCP connection attempts will be rejected. This makes Asterisk unable to process TCP SIP traffic. Note that this only affects TCP/TLS, since UDP is connectionless. Also note that this does not affect chan_sip.

tags | advisory, udp, tcp
MD5 | 026e4e632f5b124c8f698629af722616
Nmap Port Scanner 7.12
Posted Mar 30, 2016
Authored by Fyodor | Site insecure.org

Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings.

Changes: Fixed a file corruption issue in Zenmap. Added new service probes and match lines for OpenVPN on UDP and TCP. NSE related VNC updates including vnc-brute support for TLS security type and negotiating a lower RFB version if the server sends an unknown higher version. NSE update with STARTTLS support added for VNC, NNTP, and LMTP.
tags | tool, remote, udp, tcp, protocol, nmap
systems | linux, unix
MD5 | 899aafdb24b202655f1fe79df42e0fc8
Nmap Port Scanner 7.11
Posted Mar 23, 2016
Authored by Fyodor | Site insecure.org

Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings.

Changes: Added some support and fixed some crashes.
tags | tool, remote, udp, tcp, protocol, nmap
systems | linux, unix
MD5 | 810902e1a71d8f5f9668a89561f03cc2
Apache Qpid Proton 0.12.0 SSL Failure
Posted Mar 23, 2016
Authored by M. Farrellee

Messaging applications using the Proton Python API to provision an SSL/TLS encrypted TCP connection may actually instantiate a non-encrypted connection without notice if SSL support is unavailable. This will result in all messages being sent in the clear without the knowledge of the user. Apache Qpid Proton python API versions starting at 0.9 and up to 0.12.0 are affected.

tags | advisory, tcp, python
advisories | CVE-2016-2166
MD5 | 027fbe7b9c88dfd3e93b88750fb08319
Cisco Security Advisory 20160323-l4f
Posted Mar 23, 2016
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - A vulnerability in the Wide Area Application Services (WAAS) Express feature of Cisco IOS Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to insufficient validation of TCP segments. An attacker could exploit this vulnerability by routing a crafted TCP segment through an affected device. A successful exploit could allow the attacker to cause the affected device to reload, causing a denial of service (DoS) condition. To exploit this vulnerability, the attacker needs to route a crafted TCP segment through an egress interface of a device because the vulnerable function is an output feature of the software. In addition, the WAAS Express feature must be enabled on the interface, typically a WAN interface. In most deployments, this means crafted traffic must be initiated from within a device to exploit the vulnerability. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

tags | advisory, remote, denial of service, tcp
systems | cisco
MD5 | 17af4d424262b70413c4e894c52ae972
Cisco Security Advisory 20160323-smi
Posted Mar 23, 2016
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - The Smart Install client feature in Cisco IOS and IOS XE Software contains a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to incorrect handling of image list parameters. An attacker could exploit this vulnerability by sending crafted Smart Install packets to TCP port 4786. A successful exploit could cause a Cisco Catalyst switch to reload, resulting in a DoS condition. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability other than disabling Smart Install functionality on the vulnerable device.

tags | advisory, remote, denial of service, tcp
systems | cisco, osx
MD5 | 748847f923f39a4ebca45945ba1c299c
NetSTR 0.19
Posted Mar 21, 2016
Authored by Jay Fink | Site systhread.net

NetSTR is an open source small, fast and easy to use port scanner and packet sniffer. IPv4 scanner can perform ranged, single or use an internal top ports list plus it has a flexible timers/port capability. IPv6 single port single host is supported. The tcp and arp sniffers print an easy to read dump format and have a full packet decode capability. Additionally netstr sports a fuzzy passive network scanner.

Changes: Timer bugfix on ipv4scan, start/stop times for scan6 and fast option bugfix.
tags | tool, scanner, tcp
systems | unix
MD5 | a6aad907e0ddb03b8694680c703f7057
Nmap Port Scanner 7.10
Posted Mar 19, 2016
Authored by Fyodor | Site insecure.org

Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings.

Changes: Integrated 12 IPv6 OS fingerprint submissions. Integrated all service/version fingerprinted submitted. Various other updates and fixes.
tags | tool, remote, udp, tcp, protocol, nmap
systems | linux, unix
MD5 | 0051acbd6e689f051c49ed86fb60873d
NetSTR 0.18
Posted Mar 13, 2016
Authored by Jay Fink | Site systhread.net

NetSTR is an open source small, fast and easy to use port scanner and packet sniffer. IPv4 scanner can perform ranged, single or use an internal top ports list plus it has a flexible timers/port capability. IPv6 single port single host is supported. The tcp and arp sniffers print an easy to read dump format and have a full packet decode capability. Additionally netstr sports a fuzzy passive network scanner.

Changes: Major speed improvements, passive utility bugs fixed, and better port connect/check code.
tags | tool, scanner, sniffer, tcp
systems | unix
MD5 | 8273edc5ec94e535cf58529a0a724c4f
Cisco Security Advisory 20160302-netstack
Posted Mar 3, 2016
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - A vulnerability in the TCP stack of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to improper processing of certain TCP packets in the closing sequence of a TCP session while the affected device is in a TIME_WAIT state. An attacker could exploit this vulnerability by sending a specific TCP packet to an affected device on a TCP session that is already in a TIME_WAIT state. An exploit could allow the attacker to cause a reload of the TCP stack on the affected device, resulting in a DoS condition. This vulnerability can be exploited using either IPv4 or IPv6 packets. The vulnerability can be triggered by a crafted sequence of TCP packets destined for TCP ports listening on the device. The packets may use the IPv4 or IPv6 unicast address of any interface configured on the device. This vulnerability can be triggered only by traffic destined to an affected device and cannot be exploited using traffic that transits an affected device. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

tags | advisory, remote, denial of service, tcp
systems | cisco
MD5 | 52389932f99024982430aaeb3930c377
NDI5aster - Privilege Escalation Through NDIS 5.x Filter Intermediate Drivers
Posted Feb 6, 2016
Authored by Kyriakos Economou

The Network Driver Interface Specification (NDIS) provides a programming interface specification that facilitates from the network driver architecture perspective the communication between a protocol driver and the underlying network adapter. In Windows OS the so called "NDIS wrapper" (implemented in the Ndis.sys) provides a programming layer of communication between network protocols (TCP/IP) and all the underlying NDIS device drivers so that the implementation of high-level protocol components are independent of the network adapter itself. During vulnerability research from a local security perspective that was performed over several software firewall products designed for Windows XP and Windows Server 2003 (R2 included), an issue during the loading and initialization of one of the OS NDIS protocol drivers was identified; specifically the 'Remote Access and Routing Driver' called wanarp.sys. This issue can be exploited through various NDIS 5.x filter intermediate drivers that provide the firewall functionality of several security related products. The resulting impact is vertical privilege escalation which allows a local attacker to execute code with kernel privileges from any account type, thus completely compromising the affected host.

tags | paper, remote, kernel, local, tcp, protocol
systems | windows, xp
MD5 | 7a760729b05fa6f6f5af09e62c2775ca
Linux TCP Reverse Shell Shellcode
Posted Jan 29, 2016
Authored by Sathish Kumar

122 bytes small Linux/x64 TCP reverse shell with password. Polymorphic version.

tags | shell, tcp, shellcode
systems | linux
MD5 | 8715bf5b1cbd3040b8bf30ae48f25523
FreeBSD Security Advisory - FreeBSD-SA-16:05.tcp
Posted Jan 15, 2016
Authored by Ryan Stone,

FreeBSD Security Advisory - A programming error in processing a TCP connection with both TCP_MD5SIG and TCP_NOOPT socket options may lead to kernel crash. A local attacker can crash the kernel, resulting in a denial-of-service. A remote attack is theoretically possible, if server has a listening socket with TCP_NOOPT set, and server is either out of SYN cache entries, or SYN cache is disabled by configuration.

tags | advisory, remote, kernel, local, tcp
systems | freebsd
advisories | CVE-2016-1882
MD5 | 12d51fd2729f1bed2be6f8dc0ef11a09
Red Hat Security Advisory 2016-0005-01
Posted Jan 7, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0005-01 - The rpcbind utility is a server that converts RPC program numbers into universal addresses. It must be running on the host to be able to make RPC calls on a server on that machine. A use-after-free flaw related to the PMAP_CALLIT operation and TCP/UDP connections was discovered in rpcbind. A remote attacker could possibly exploit this flaw to crash the rpcbind service by performing a series of UDP and TCP calls. All rpcbind users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. If the rpcbind service is running, it will be automatically restarted after installing this update.

tags | advisory, remote, udp, tcp
systems | linux, redhat
advisories | CVE-2015-7236
MD5 | e100980c6b32a8e007eb994d1c4d1444
TCP Reverse Shell Shellcode
Posted Jan 6, 2016
Authored by Sathish Kumar

151 bytes small TCP reverse shell with password prompt shellcode.

tags | shell, tcp, shellcode
MD5 | 5a835776fd58339b3d3ea541293e73dc
x86_64 Linux Bind TCP Port Shellcode
Posted Jan 2, 2016
Authored by ScOrPiOn

103 bytes small TCP bindshell x86_64 shellcode.

tags | tcp, shellcode
MD5 | b89d3ea4f6475c667c98cd5050d8d8e8
TCP Bindshell With Password Prompt Shellcode
Posted Jan 2, 2016
Authored by Sathish Kumar

162 bytes small TCP bindshell with password prompt shellcode.

tags | tcp, shellcode
MD5 | 336a7e7b07eb08f7f07a11fd952e52a4
Samhain File Integrity Checker 4.1.2
Posted Dec 21, 2015
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.

Changes: Various updates.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
MD5 | 80133dc11bd71ffd7250311e9f556802
Nmap Port Scanner 7.01
Posted Dec 11, 2015
Authored by Fyodor | Site insecure.org

Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings.

Changes: Switched to using gtk-mac-bundler and jhbuild for building the OS X installer. The Windows installer is now built with NSIS 2.47 which features LoadLibrary security hardening to prevent DLL hijacking and other unsafe use of temporary directories. Various other updates and fixes.
tags | tool, remote, udp, tcp, protocol, nmap
systems | linux, unix
MD5 | 70f5cd6f014f79104a8d2be2f961e1b3
Legend Perl IRC Bot Remote Code Execution
Posted Dec 11, 2015
Authored by Jay Turla | Site metasploit.com

This Metasploit module exploits a remote command execution on the Legend Perl IRC Bot . This bot has been used as a payload in the Shellshock spam last October 2014. This particular bot has functionalities like NMAP scanning, TCP, HTTP, SQL, and UDP flooding, the ability to remove system logs, and ability to gain root, and VNC scanning. Kevin Stevens, a Senior Threat Researcher at Damballa has uploaded this script to VirusTotal with a md5 of 11a9f1589472efa719827079c3d13f76.

tags | exploit, remote, web, root, udp, perl, tcp
MD5 | 1d45434e3435a7b498a03833cf1d9027
Nmap Port Scanner 7.00
Posted Nov 20, 2015
Authored by Fyodor | Site insecure.org

Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings.

Changes: This is the product of three and a half years of work, nearly 3200 code commits, and more than a dozen point releases since the big Nmap 6 release in May 2012. Nmap turned 18 years old in September this year and celebrates its birthday with 171 new NSE scripts, expanded IPv6 support, world-class SSL/TLS analysis, and more user-requested features than ever.
tags | tool, remote, udp, tcp, protocol, nmap
systems | linux, unix
MD5 | a2dd8bd8b64624b0d92e1fdd4be0b9cd
Page 5 of 88
Back34567Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

January 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    2 Files
  • 2
    Jan 2nd
    13 Files
  • 3
    Jan 3rd
    16 Files
  • 4
    Jan 4th
    39 Files
  • 5
    Jan 5th
    26 Files
  • 6
    Jan 6th
    40 Files
  • 7
    Jan 7th
    2 Files
  • 8
    Jan 8th
    16 Files
  • 9
    Jan 9th
    25 Files
  • 10
    Jan 10th
    28 Files
  • 11
    Jan 11th
    44 Files
  • 12
    Jan 12th
    32 Files
  • 13
    Jan 13th
    2 Files
  • 14
    Jan 14th
    4 Files
  • 15
    Jan 15th
    31 Files
  • 16
    Jan 16th
    15 Files
  • 17
    Jan 17th
    16 Files
  • 18
    Jan 18th
    8 Files
  • 19
    Jan 19th
    0 Files
  • 20
    Jan 20th
    0 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    0 Files
  • 25
    Jan 25th
    0 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close