exploit the possibilities
Showing 1 - 25 of 563 RSS Feed

Trojan Files

Trojan.Win32.Xocry.ff Insecure Permissions
Posted Jan 25, 2021
Authored by malvuln | Site malvuln.com

Trojan.Win32.Xocry.ff malware suffers from an insecure permissions vulnerability.

tags | exploit, trojan
systems | windows
MD5 | 932a00f5f7015f7fbe93a8d4673539e6
Newfuture Trojan V.1.0 BETA 1 Insecure Permissions
Posted Jan 19, 2021
Authored by malvuln | Site malvuln.com

Newfuture Trojan V.1.0 BETA 1 malware suffers from an insecure permissions vulnerability.

tags | exploit, trojan
MD5 | e267f7d69761b3693f04b9c14690bfa6
TROJAN.WIN32.JORIK.DMSPAMMER.SZ Remote Memory Corruption
Posted Jan 4, 2021
Authored by malvuln | Site malvuln.com

TROJAN.WIN32.JORIK.DMSPAMMER.SZ malware suffers from a remote memory corruption vulnerability.

tags | exploit, remote, trojan
systems | windows
MD5 | 55fd186c4f2c6e538578030ac38957e3
Trojan:Win32/Alyak.B Remote Stack Corruption
Posted Jan 4, 2021
Authored by malvuln | Site malvuln.com

Trojan:Win32/Alyak.B malware suffers from a remote stack corruption vulnerability.

tags | exploit, remote, trojan
systems | windows
MD5 | 06f8543da6c6582b57fde48c8e24b0a6
Trojan.Win32.Bayrob.cgau Insecure Permissions / Privilege Escalation
Posted Jan 4, 2021
Authored by malvuln | Site malvuln.com

Trojan.Win32.Bayrob.cgau malware suffers from an insecure permissions vulnerability that can allow for privilege escalation.

tags | exploit, trojan
systems | windows
MD5 | 846139c1b2a63ba6cc03a4216d4531c4
Trojan.Win32.Barjac Remote Stack Buffer Overflow
Posted Jan 4, 2021
Authored by malvuln | Site malvuln.com

Trojan.Win32.Barjac malware suffers from a remote stack buffer overflow vulnerability.

tags | exploit, remote, overflow, trojan
systems | windows
MD5 | de7ba11ed626c2d3eb52927ed32f9e6b
Trojan.Win32.Antavka.bz Insecure Permissions / Privilege Escalation
Posted Jan 4, 2021
Authored by malvuln | Site malvuln.com

Trojan.Win32.Antavka.bz malware suffers from an insecure permissions vulnerability that can allow for privilege escalation.

tags | exploit, trojan
systems | windows
MD5 | e6caa6b4d13212a574220913e5388693
The R.A.T In The Shell
Posted Feb 14, 2020
Authored by Pradyumn Khanchandani, Siddharth Balyan, Monika Arora

This whitepaper is an analysis of the breach into the Kudankulam Nuclear Power Plant through the lens of Cyber Kill Chain, the study of remote access trojans, and the targeting of critical infrastructure.

tags | paper, remote, trojan
MD5 | c9ed98dbcbf5c0a3dfbec128ccf74d1b
ScanGuard Antivirus Insecure Permissions
Posted Nov 13, 2019
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Scanguard versions through 2019-11-12 on Windows has insecure permissions for the installation directory, leading to privilege escalation via a trojan horse executable file.

tags | exploit, trojan
systems | windows
advisories | CVE-2019-18895
MD5 | 395b36711cd21e23af1e2c01cdd5e128
D-LINK Central WifiManager (CWM 100) 1.03 r0098 DLL Hijacking
Posted Nov 9, 2018
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

D-Link Central WiFiManager CWM-100 version 1.03 r0098 devices will load a trojan horse "quserex.dll" and will create a new thread running with SYSTEM integrity.

tags | exploit, trojan
advisories | CVE-2018-15515
MD5 | 7d5b487d0bc7a54d4746370b3f054425
Microsoft DirectX SDK (June 2010) Xact3.exe DLL Hijacking
Posted Aug 11, 2018
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

The Microsoft DirectX SDK "Xact3.exe" cross-platform tool allows for arbitrary code execution via a trojan horse file "xbdm.dll" in the current working directory, upon opening a ".xap" project file from the same location.

tags | exploit, arbitrary, trojan, code execution
MD5 | d7f1056ce3aa140ad0e115c7bf50b3c0
Polaris Office 2017 8.1 Remote Code Execution
Posted Jun 26, 2018
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Polaris Office 2017 version 8.1 allows attackers to execute arbitrary code via a trojan horse "puiframeworkproresenu.dll" file in the current working directory, due to a search order flaw vulnerability.

tags | exploit, arbitrary, trojan
advisories | CVE-2018-12589
MD5 | cb627d3986c07f094a3e4282ca8924de
Foscam Cameras And Network Devices Hardcoded Keys
Posted Apr 8, 2017
Authored by Nick M McKenna

All Foscam cameras and network devices use the same SSL private key that is hard coded into the downloadable firmware. The keys were extracted using the utility 'binwalk' and allow an attacker to MITM any Foscam device.

tags | exploit, trojan
MD5 | f9b6c2e53b7f33e185a5629869b46838
Apache OpenOffice 1.0 Windows Installer Trojan Execution
Posted Nov 26, 2016
Authored by Cyril Vallicari

The Apache OpenOffice installer for Windows contained a defective operation that could trigger execution of unwanted software installed by a Trojan Horse application. The installer defect is known as an unquoted Windows search path vulnerability. In the case of Apache OpenOffice installers for Windows, the PC must have previously been infected by a Trojan Horse application (or user) running with administrator privilege. Any installer with the unquoted search path vulnerability becomes a delayed trigger for the exploit. The exploit may already have operated on the user's PC.

tags | advisory, trojan
systems | windows
advisories | CVE-2016-6803
MD5 | 7705d5ab1a4089c1df13600a4048d119
HP Security Bulletin HPSBNS03635 1
Posted Aug 22, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBNS03635 1 - Multiple potential remote and local vulnerabilities impacting Perl and PHP have been addressed by HPE NonStop Servers OSS Script Languages. The vulnerabilities include Perl's opportunistic loading of optional modules which might allow local users to gain elevation of privilege via a Trojan horse library under the current working directory. Revision 1 of this advisory.

tags | advisory, remote, local, trojan, perl, php, vulnerability
advisories | CVE-2013-7456, CVE-2014-4330, CVE-2015-8383, CVE-2015-8386, CVE-2015-8387, CVE-2015-8389, CVE-2015-8390, CVE-2015-8391, CVE-2015-8393, CVE-2015-8394, CVE-2015-8607, CVE-2015-8853, CVE-2015-8865, CVE-2015-8874, CVE-2016-1238, CVE-2016-1903, CVE-2016-2381, CVE-2016-2554, CVE-2016-3074, CVE-2016-4070, CVE-2016-4071, CVE-2016-4072, CVE-2016-4073, CVE-2016-4342, CVE-2016-4343, CVE-2016-4537, CVE-2016-4538, CVE-2016-4539
MD5 | 208143266211c16a2e73608c2b984f2c
Linux.Liora ELF Prepender
Posted May 7, 2015
Authored by TMZ

Linux.Liora is an ELF binary infection tool written in Go. Archive password is set to p4ssw0rd. Use at your own risk.

tags | trojan
systems | linux
MD5 | 1da80990474640002885d779ca73905c
Linux.Zariche File Prepender Virus
Posted Mar 12, 2015
Authored by TMZ

Source code for Linux.Zariche, a proof of concept elf (x86_64) file prepender, written in Vala. Archive password is set to p4ssw0rd. Use at your own risk.

tags | trojan, proof of concept
systems | linux
MD5 | 367de68d9e9604a69a4e2ce440386280
Hesperbot Detection Scanner 1.0
Posted Nov 7, 2014
Authored by Mert SARICA | Site mertsarica.com

Hesperbot Scanner is a windows binary that is able to detect the Hesperbot banking trojan by fingerprinting memory and looking for things that traditional antivirus software fails to catch early during the malware campaigns.

tags | tool, trojan
systems | windows
MD5 | 6e50932089aaee64f33c7521af785baa
Mandriva Linux Security Advisory 2014-162
Posted Sep 2, 2014
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2014-162 - Untrusted search path vulnerability in Catfish allows local users to gain privileges via a Trojan horse catfish.py in the current working directory.

tags | advisory, local, trojan
systems | linux, mandriva
advisories | CVE-2014-2093
MD5 | 22bdaf3a14f26e6a8f8ee1e4859bb0a8
Check Rootkit 0.50
Posted May 23, 2014
Authored by Nelson Murilo | Site chkrootkit.org

Chkrootkit checks locally for signs of a rootkit. Chkrootkit includes ifpromisc.c to check and see if the interface is in promisc mode, chklastlog.c to check lastlog for deletions, and chkwtmp.c to check wtmp for deletions, strings.c for quick and dirty strings replacement, check_wtmpx.c to check for wtmpx deletions and the files chkproc.c and chkdirs.c to check for LKM trojans. Tested on Linux 2.0.x, 2.2.x and 2.4.x, FreeBSD 2.2.x, 3.x, 4.x, and 5.x, BSDI, OpenBSD 2.6, 2.7, 2.8, 2.9, 3.0 and 3.1, NetBSD 1.5.2 and Solaris 2.5.1, 2.6 and 8.0, and HP-UX 11.

Changes: New and enhanced tests, minor bug fixes.
tags | tool, trojan, integrity, rootkit
systems | linux, netbsd, unix, solaris, freebsd, openbsd, hpux
MD5 | 9e67dd56f835264d43aeb04944610b03
Ammyy Admin 3.2 Access Bypass
Posted Jan 19, 2014
Authored by Bhadresh Patel

There is a hidden option and access control vulnerability in Ammyy Admin tool which allows an attacker to utilize "Ammyy Admin tool" as a trojan horse to access the computer without a victim's information. Versions 3.2 and below are affected.

tags | exploit, trojan
advisories | CVE-2013-5581, CVE-2013-5582
MD5 | 30120c2b49d33e102046637f8588d5b7
Emperor Security Magazine #2
Posted Jun 16, 2013
Authored by est | Site emperor-team.org

Emperor Security Magazine issue number two. This issue discusses SSL, EIGRP, trojans, and more. Written in Persian.

tags | trojan, magazine
MD5 | 1b813329d3c49ff598bbaa3406380bb6
Manipulating Memory For Fun And Profit
Posted Feb 9, 2013
Authored by High-Tech Bridge SA, Frederic Bourla | Site htbridge.com

Memory analysis and manipulation can provide security analysts with formidable weapons. During his talk at Information Security Day for ISACA Luxembourg Chapter, Frederic BOURLA presented most memory manipulation tricks from both offensive and defensive angles. The talk first dealt with the attacker’s layer, from pivoting attacks to IEEE1394 issues through in-memory fuzzing, which permits auditors to bypass built-in features, network limitations and encryption to remain able to uncover security vulnerabilities in a running application. In a second stage, the talk focused on the benefits of memory manipulation in computer forensics and malware analysis fields, especially when facing sophisticated malcode, such as kernel rootkits or heavily encrypted reverse trojans. Basically, this talk aimed to open the doors to a fascinating world which could easily allow security analysts to save lots of time during their recurrent duties. These are the slides from the talk.

tags | paper, kernel, trojan, vulnerability
MD5 | 15b76834e6e1d95bcaf4711fcf9bed73
Mandriva Linux Security Advisory 2012-077
Posted May 17, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-077 - Untrusted search path vulnerability in configure.c in ImageMagick before 6.6.5-5, when MAGICKCORE_INSTALLED_SUPPORT is defined, allows local users to gain privileges via a Trojan horse configuration file in the current working directory. A flaw was found in the way ImageMagick processed images with malformed Exchangeable image file format metadata. An attacker could create a specially-crafted image file that, when opened by a victim, would cause ImageMagick to crash or, potentially, execute arbitrary code. A denial of service flaw was found in the way ImageMagick processed images with malformed Exif metadata. An attacker could create a specially-crafted image file that, when opened by a victim, could cause ImageMagick to enter an infinite loop. Various other issues have also been addressed.

tags | advisory, denial of service, arbitrary, local, trojan
systems | linux, mandriva
advisories | CVE-2010-4167, CVE-2012-0247, CVE-2012-0248, CVE-2012-1185, CVE-2012-0259, CVE-2012-0260, CVE-2012-1798
MD5 | fa1ac8dbf0bf748076337278c27ec507
HP Security Bulletin HPSBPV02754 SSRT100803 2
Posted Apr 27, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSBPV02754 SSRT100803 2 - A potential security vulnerability has been identified with certain HP ProCurve 5400 zl switches using a compact flash card which may contain malware content that is a PC trojan executable. The ProCurve switch operating system is not infected with the malware and the content on the compact flash card has no impact on the operation of the switch. Reuse of the compact flash card in a personal computer and manual execution of the malware content could result in a compromise of that system's integrity. Revision 2 of this advisory.

tags | advisory, trojan
advisories | CVE-2012-0133
MD5 | 4d95f4cfc66c0fa4f9c45feaf62536b8
Page 1 of 23
Back12345Next

File Archive:

January 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    4 Files
  • 2
    Jan 2nd
    3 Files
  • 3
    Jan 3rd
    3 Files
  • 4
    Jan 4th
    33 Files
  • 5
    Jan 5th
    31 Files
  • 6
    Jan 6th
    21 Files
  • 7
    Jan 7th
    15 Files
  • 8
    Jan 8th
    19 Files
  • 9
    Jan 9th
    1 Files
  • 10
    Jan 10th
    1 Files
  • 11
    Jan 11th
    33 Files
  • 12
    Jan 12th
    19 Files
  • 13
    Jan 13th
    27 Files
  • 14
    Jan 14th
    8 Files
  • 15
    Jan 15th
    16 Files
  • 16
    Jan 16th
    1 Files
  • 17
    Jan 17th
    2 Files
  • 18
    Jan 18th
    20 Files
  • 19
    Jan 19th
    32 Files
  • 20
    Jan 20th
    15 Files
  • 21
    Jan 21st
    10 Files
  • 22
    Jan 22nd
    16 Files
  • 23
    Jan 23rd
    1 Files
  • 24
    Jan 24th
    1 Files
  • 25
    Jan 25th
    36 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close