what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 917 RSS Feed

UDP Files

Memcached Stats Amplification Scanner
Posted Aug 31, 2024
Authored by Jon Hart, xistence, Marek Majkowski | Site metasploit.com

This Metasploit module can be used to discover Memcached servers which expose the unrestricted UDP port 11211. A basic "stats" request is executed to check if an amplification attack is possible against a third party.

tags | exploit, udp
advisories | CVE-2018-1000115
SHA-256 | cb5539054159e5bd7eb5991e8ba1abaed61e1b1644670a36b4815d24c61a9cab
UDP Amplification Scanner
Posted Aug 31, 2024
Authored by Jon Hart | Site metasploit.com

Detect UDP endpoints with UDP amplification vulnerabilities.

tags | exploit, udp, vulnerability
advisories | CVE-2013-5211
SHA-256 | 4b266aac321033bf9bd912f59c5fbdf160afa5b657e7351b0616cbfb0a87e10b
Gather Kademlia Server Information
Posted Aug 31, 2024
Authored by Jon Hart | Site metasploit.com

This Metasploit module uses the Kademlia BOOTSTRAP and PING messages to identify and extract information from Kademlia speaking UDP endpoints, typically belonging to eMule/eDonkey/BitTorrent servers or other P2P applications.

tags | exploit, udp
SHA-256 | eba8248b7c5e0ccdd26ca05535b352545a47360c55fc0541e56ac36a0e461848
NetBIOS Name Service Spoofer
Posted Aug 31, 2024
Authored by Jay Turla | Site metasploit.com

This Metasploit module forges NetBIOS Name Service (NBNS) responses. It will listen for NBNS requests sent to the local subnets broadcast address and spoof a response, redirecting the querying machine to an IP of the attackers choosing. Combined with auxiliary/server/capture/smb or auxiliary/server/capture/http_ntlm it is a highly effective means of collecting crackable hashes on common networks. This Metasploit module must be run as root and will bind to udp/137 on all interfaces.

tags | exploit, local, root, udp, spoof
SHA-256 | ff6e3182c34b77e4130a88264f526ca39f573748ca673f54fe46407ea6bf712a
Netgear R6700v3 Unauthenticated LAN Admin Password Reset
Posted Aug 31, 2024
Authored by Pedro Ribeiro, Radek Domanski, gwillcox-r7 | Site metasploit.com

This Metasploit module targets ZDI-20-704 (aka CVE-2020-10924), a buffer overflow vulnerability in the UPNP daemon (/usr/sbin/upnpd), on Netgear R6700v3 routers running firmware versions from V1.0.2.62 up to but not including V1.0.4.94, to reset the password for the admin user back to its factory default of password. Authentication is bypassed by using ZDI-20-703 (aka CVE-2020-10923), an authentication bypass that occurs when network adjacent computers send SOAPAction UPnP messages to a vulnerable Netgear R6700v3 router. Currently this module only supports exploiting Netgear R6700v3 routers running either the V1.0.0.4.82_10.0.57 or V1.0.0.4.84_10.0.58 firmware, however support for other firmware versions may be added in the future. Once the password has been reset, attackers can use the exploit/linux/telnet/netgear_telnetenable module to send a special packet to port 23/udp of the router to enable a telnet server on port 23/tcp. The attacker can then log into this telnet server using the new password, and obtain a shell as the "root" user. These last two steps have to be done manually, as the authors did not reverse the communication with the web interface. It should be noted that successful exploitation will result in the upnpd binary crashing on the target router. As the upnpd binary will not restart until the router is rebooted, this means that attackers can only exploit this vulnerability once per reboot of the router. This vulnerability was discovered and exploited at Pwn2Own Tokyo 2019 by the Flashback team (Pedro Ribeiro + Radek Domanski).

tags | exploit, web, overflow, shell, root, udp, tcp
systems | linux
advisories | CVE-2020-10923, CVE-2020-10924
SHA-256 | 9761d8c2da4ee95f5c6b4cfd77d3759b606692ed519993f3da76a637e562671b
Moxa Device Credential Retrieval
Posted Aug 31, 2024
Authored by K. Reid Wightman, Patrick DeSantis | Site metasploit.com

The Moxa protocol listens on 4800/UDP and will respond to broadcast or direct traffic. The service is known to be used on Moxa devices in the NPort, OnCell, and MGate product lines. Many devices with firmware versions older than 2017 or late 2016 allow admin credentials and SNMP read and read/write community strings to be retrieved without authentication. This Metasploit module is the work of Patrick DeSantis of Cisco Talos and K. Reid Wightman. Tested on: Moxa NPort 6250 firmware v1.13, MGate MB3170 firmware 2.5, and NPort 5110 firmware 2.6.

tags | exploit, udp, protocol
systems | cisco
advisories | CVE-2016-9361
SHA-256 | 993fe76383658c80bcdb06cee32dc9d065dae5ecbd2b15061a1c670b3fa96e6d
MiniUPnPd 1.4 Denial of Service
Posted Aug 31, 2024
Authored by H D Moore, Dejan Lukan | Site metasploit.com

This Metasploit module allows remote attackers to cause a denial of service (DoS) in MiniUPnP 1.0 server via a specifically crafted UDP request.

tags | exploit, remote, denial of service, udp
advisories | CVE-2013-0229
SHA-256 | ae95c1cc86778001a1fb62a7b55dfa5b18cd92ec1effb4c0c6c39cb0dab75bd7
Mirage firewall for QubesOS 0.8.0-0.8.3 Denial of Service
Posted Aug 31, 2024
Authored by Krzysztof Burghardt | Site metasploit.com

This Metasploit module allows remote attackers to cause a denial of service (DoS) in Mirage firewall for QubesOS 0.8.0-0.8.3 via a specifically crafted UDP request.

tags | exploit, remote, denial of service, udp
advisories | CVE-2022-46770
SHA-256 | 2e49151f0bab4b89e2ac18ff83d1ad11489dfd6f54b04fa9c225a07019f25493
Wireshark CLDAP Dissector Denial of Service
Posted Aug 31, 2024
Authored by joernchen | Site metasploit.com

This Metasploit module causes infinite recursion to occur within the CLDAP dissector by sending a specially crafted UDP packet.

tags | exploit, udp
advisories | CVE-2011-1140
SHA-256 | 568ad7595459e481f0c75d26d5fcb1a38e0afde404c8592524a0292daf4d8f48
Wireshark CAPWAP Dissector Denial of Service
Posted Aug 31, 2024
Authored by Laurent Butti, j0sm1 | Site metasploit.com

This Metasploit module injects a malformed UDP packet to crash Wireshark and TShark 1.8.0 to 1.8.7, as well as 1.6.0 to 1.6.15. The vulnerability exists in the CAPWAP dissector which fails to handle a packet correctly when an incorrect length is given.

tags | exploit, udp
advisories | CVE-2013-4074
SHA-256 | cec94847adc64618aa31611cb0487ee9eec527cbaa3d2516f2ba91a164efcded
Siemens SIPROTEC 4 and SIPROTEC Compact EN100 Ethernet Module Denial Of Service
Posted Aug 31, 2024
Authored by M. Can Kurnaz | Site metasploit.com

This Metasploit module sends a specially crafted packet to port 50000/UDP causing a denial of service of the affected (Siemens SIPROTEC 4 and SIPROTEC Compact prior to version 4.25) devices. A manual reboot is required to return the device to service.

tags | exploit, denial of service, udp
advisories | CVE-2015-5374
SHA-256 | 2fbe8502afeff81c2e18f83d6d097f74872981a84592aeb940ec680bdb3f3e01
Beckhoff TwinCAT SCADA PLC 2.11.0.2004 Denial Of Service
Posted Aug 31, 2024
Authored by Luigi Auriemma, jfa | Site metasploit.com

Beckhoff TwinCAT versions 2.11.0.2004 and below can be brought down by sending a crafted UDP packet to port 48899 (TCATSysSrv.exe).

tags | exploit, udp
advisories | CVE-2011-3486
SHA-256 | 47a8fbcae615cfd77bd78922f54ca50e6c686e7627deeb269b32a102f239001e
GNUnet P2P Framework 0.22.0
Posted Aug 30, 2024
Authored by Christian Grothoff | Site ovmj.org

GNUnet is a peer-to-peer framework with focus on providing security. All peer-to-peer messages in the network are confidential and authenticated. The framework provides a transport abstraction layer and can currently encapsulate the network traffic in UDP (IPv4 and IPv6), TCP (IPv4 and IPv6), HTTP, or SMTP messages. GNUnet supports accounting to provide contributing nodes with better service. The primary service build on top of the framework is anonymous file sharing.

Changes: New logging API to print/parse hex bytes. Added RFC9180 HPKE and associated KEMs. Replaced oneshot PKE and KEM APIs with HPKE. New Elligator KEM. Namestore API allows multiple records to be inserted in a single transaction. New ECDH API that uses KDFs instead of hash. Renamed GNUNET_CRYPTO_hkdf to GNUNET_CRYPTO_hkdf_gnunet. Added new standard SHA256-based HKDF APIs. New hostlist bootstrap domain.
tags | tool, web, udp, tcp, peer2peer
SHA-256 | 3263e6bd50751dadccfae19ff8c3d5cd91022890218bd95f0dd6aae993ea8926
Alecto IVM-100 2019-11-12 Missing Authentication
Posted Jul 30, 2024
Authored by Willem Westerhof, Jasper Nota, Martijn Baalman

An issue was discovered on Alecto IVM-100 2019-11-12 devices. The device uses a custom UDP protocol to start and control video and audio services. The protocol has been partially reverse engineered. Based upon the reverse engineering, no password or username is ever transferred over this protocol. Thus, one can set up the camera connection feed with only the encoded UID. It is possible to set up sessions with the camera over the Internet by using the encoded UID and the custom UDP protocol, because authentication happens at the client side.

tags | advisory, udp, protocol
advisories | CVE-2019-20461
SHA-256 | 30be5b3d8a4c41b0bd80dbb9c3ff49c1407c5db44ff864668aaab8728b0c851d
Sannce Smart HD Wifi Security Camera EAN 2 950004 595317 Denial Of Service
Posted Jul 30, 2024
Authored by Willem Westerhof, Jasper Nota, Martijn Baalman

An issue was discovered on Sannce Smart HD Wifi Security Camera EAN 2 950004 595317 devices. A crash and reboot can be triggered by crafted IP traffic, as demonstrated by the Nikto vulnerability scanner. For example, sending the 111111 string to UDP port 20188 causes a reboot. To deny service for a long time period, the crafted IP traffic may be sent periodically.

tags | advisory, denial of service, udp
advisories | CVE-2019-20463
SHA-256 | 6ec2dd61152dfc79f755826cd417ef76f9308483fefb98de18929d3fc231ad62
Sannce Smart HD Wifi Security Camera EAN 2 950004 595317 Missing Authentication
Posted Jul 30, 2024
Authored by Willem Westerhof, Jasper Nota, Martijn Baalman

An issue was discovered on Sannce Smart HD Wifi Security Camera EAN 2 950004 595317 devices. By default, a mobile application is used to stream over UDP. However, the device offers many more services that also enable streaming. Although the service used by the mobile application requires a password, the other streaming services do not. By initiating communication on the RTSP port, an attacker can obtain access to the video feed without authenticating.

tags | advisory, udp
advisories | CVE-2019-20464
SHA-256 | 850c930ab6136aac773a8e8414bf0c0de76c080804cb4d19d853a1e3a6ae67e2
GNUnet P2P Framework 0.21.2
Posted Jun 10, 2024
Authored by Christian Grothoff | Site ovmj.org

GNUnet is a peer-to-peer framework with focus on providing security. All peer-to-peer messages in the network are confidential and authenticated. The framework provides a transport abstraction layer and can currently encapsulate the network traffic in UDP (IPv4 and IPv6), TCP (IPv4 and IPv6), HTTP, or SMTP messages. GNUnet supports accounting to provide contributing nodes with better service. The primary service build on top of the framework is anonymous file sharing.

Changes: Reworked TESTING API. Disabled many old-style tests. Introduced GNUNET_TESTING_command_new_ac. Changed return type to bool from GNUNET_is_zero(). Added GNUNET_GNS_parse_ztld helper API.
tags | tool, web, udp, tcp, peer2peer
systems | unix
SHA-256 | 8c2351268e9b8ba2ad288b8b337ce399f79c18e3ffd960803f4ed5de7dda9fa1
SIPPTS 4.0
Posted May 16, 2024
Authored by Pepelux | Site github.com

Sippts is a set of tools to audit VoIP servers and devices using SIP protocol. It is programmed in Python script and it allows us to check the security of a VoIP server using SIP protocol, over UDP, TCP and TLS protocols.

Changes: Unified scripts into one. Bug fixes. Deleted script sipfuzzer. Added two parameters.
tags | tool, udp, telephony, tcp, protocol, python
systems | unix
SHA-256 | c39fa34d085c0c332acd12f54b5016ced5d9dfc4d1687a6d231fee23f51a101e
Ubuntu Security Notice USN-6657-2
Posted Apr 25, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6657-2 - USN-6657-1 fixed several vulnerabilities in Dnsmasq. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Elias Heftrig, Haya Schulmann, Niklas Vogel, and Michael Waidner discovered that Dnsmasq incorrectly handled validating DNSSEC messages. A remote attacker could possibly use this issue to cause Dnsmasq to consume resources, leading to a denial of service. It was discovered that Dnsmasq incorrectly handled preparing an NSEC3 closest encloser proof. A remote attacker could possibly use this issue to cause Dnsmasq to consume resources, leading to a denial of service. It was discovered that Dnsmasq incorrectly set the maximum EDNS.0 UDP packet size as required by DNS Flag Day 2020. This issue only affected Ubuntu 23.10.

tags | advisory, remote, denial of service, udp, vulnerability
systems | linux, ubuntu
advisories | CVE-2023-28450, CVE-2023-50387, CVE-2023-50868
SHA-256 | 1fe74e528f9c677caecbbdfcd678431e4752e4565e8a9eb7cd614192a3dcc6e0
Nmap Port Scanner 7.95
Posted Apr 23, 2024
Authored by Fyodor | Site insecure.org

Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings.

Changes: Integrated over 4000 IPv4 OS fingerprints submitted since June 2020. Added 336 fingerprints, bringing the new total to 6036. Integrated over 2500 service/version detection fingerprints submitted since June 2020. The signature count went up 1.4% to 12089, including 9 new softmatches. Four new NSE scripts. Various other improvements and bug fixes.
tags | tool, remote, udp, tcp, protocol, nmap
systems | unix
SHA-256 | e14ab530e47b5afd88f1c8a2bac7f89cd8fe6b478e22d255c5b9bddb7a1c5778
GNUnet P2P Framework 0.21.1
Posted Mar 19, 2024
Authored by Christian Grothoff | Site ovmj.org

GNUnet is a peer-to-peer framework with focus on providing security. All peer-to-peer messages in the network are confidential and authenticated. The framework provides a transport abstraction layer and can currently encapsulate the network traffic in UDP (IPv4 and IPv6), TCP (IPv4 and IPv6), HTTP, or SMTP messages. GNUnet supports accounting to provide contributing nodes with better service. The primary service build on top of the framework is anonymous file sharing.

Changes: Communicator and connectivity bugfixes.
tags | tool, web, udp, tcp, peer2peer
systems | unix
SHA-256 | 2faf30a7c965ee27488aa615351736f44a121eeb9316eea19a0fa4904265c2c5
Simple Packet Sender 5.0
Posted Oct 9, 2023
Authored by Hohlraum | Site sites.google.com

Simple Packet Sender (SPS) is a Linux packet crafting tool. It supports IPv4, IPv6 (but not extension headers yet), and tunneling IPv6 over IPv4. Written in C on Linux with GUI built using GTK+. Both source and binaries are included. Features include packet crafting and sending one, multiple, or flooding packets of type TCP, ICMP, or UDP. All values within ethernet frame can be modified arbitrarily. Supports TCP, ICMP and UDP data as well, with input from either keyboard as UTF-8/ASCII, keyboard as hexadecimal, or from file. Various other features exist as well.

Changes: Dozens of updates as this is the first release since 2015.
tags | tool, udp, scanner, tcp
systems | linux, unix
SHA-256 | 27655eb9a3a11f0253a3989eedbe5dd12a1cb92bbb5594ec4c58e5663a454db3
GNUnet P2P Framework 0.20.0
Posted Sep 25, 2023
Authored by Christian Grothoff | Site ovmj.org

GNUnet is a peer-to-peer framework with focus on providing security. All peer-to-peer messages in the network are confidential and authenticated. The framework provides a transport abstraction layer and can currently encapsulate the network traffic in UDP (IPv4 and IPv6), TCP (IPv4 and IPv6), HTTP, or SMTP messages. GNUnet supports accounting to provide contributing nodes with better service. The primary service build on top of the framework is anonymous file sharing.

Changes: Added GNUNET_PQ_get_oid_by_name. Added GNUNET_PQ_get_oid(). Added new CCA-secure KEM and use in IDENTITY encryption. Added KEM API to avoid ephemeral private key management. Various other additions, updates, and improvements in this release.
tags | tool, web, udp, tcp, peer2peer
systems | unix
SHA-256 | 56029e78a99c04d52b1358094ae5074e4cd8ea9b98cf6855f57ad9af27ac9518
Ubuntu Security Notice USN-6382-1
Posted Sep 20, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6382-1 - It was discovered that Memcached incorrectly handled certain multi-packet uploads in UDP. An attacker could possibly use this issue to cause a denial of service.

tags | advisory, denial of service, udp
systems | linux, ubuntu
advisories | CVE-2022-48571
SHA-256 | 13aa929001799968f902eb7351f815bcb9c74e028d3c818808cc6e1630287d0a
Red Hat Security Advisory 2023-4571-01
Posted Aug 9, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4571-01 - Iperf is a tool which can measure maximum TCP bandwidth and tune various parameters and UDP characteristics. Iperf reports bandwidth, delay jitter, and data-gram loss.

tags | advisory, udp, tcp
systems | linux, redhat
advisories | CVE-2023-38403
SHA-256 | 649b4756ae9affefac4a3eff17b9062a43ac79ec7d41e42dc8384364fe8203a5
Page 1 of 37
Back12345Next

File Archive:

August 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    15 Files
  • 2
    Aug 2nd
    22 Files
  • 3
    Aug 3rd
    0 Files
  • 4
    Aug 4th
    0 Files
  • 5
    Aug 5th
    15 Files
  • 6
    Aug 6th
    11 Files
  • 7
    Aug 7th
    43 Files
  • 8
    Aug 8th
    42 Files
  • 9
    Aug 9th
    36 Files
  • 10
    Aug 10th
    0 Files
  • 11
    Aug 11th
    0 Files
  • 12
    Aug 12th
    27 Files
  • 13
    Aug 13th
    18 Files
  • 14
    Aug 14th
    50 Files
  • 15
    Aug 15th
    33 Files
  • 16
    Aug 16th
    23 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    43 Files
  • 20
    Aug 20th
    29 Files
  • 21
    Aug 21st
    42 Files
  • 22
    Aug 22nd
    26 Files
  • 23
    Aug 23rd
    25 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    21 Files
  • 27
    Aug 27th
    28 Files
  • 28
    Aug 28th
    15 Files
  • 29
    Aug 29th
    41 Files
  • 30
    Aug 30th
    13 Files
  • 31
    Aug 31st
    467 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close