seeing is believing
Showing 1 - 25 of 151 RSS Feed

Worm Files

Hak5 WiFi Pineapple Preconfiguration Command Injection 2
Posted Oct 19, 2016
Authored by catatonicprime | Site metasploit.com

This Metasploit module exploits a command injection vulnerability on WiFi Pineapples versions 2.0 and below and pineapple versions prior to 2.4. We use a combination of default credentials with a weakness in the anti-csrf generation to achieve command injection on fresh pineapple devices prior to configuration. Additionally if default credentials fail, you can enable a brute force solver for the proof-of-ownership challenge. This will reset the password to a known password if successful and may interrupt the user experience. These devices may typically be identified by their SSID beacons of 'Pineapple5_....'; details derived from the TospoVirus, a WiFi Pineapple infecting worm.

tags | exploit, worm
advisories | CVE-2015-4624
MD5 | 6decdeddc87bc1b4e2eab5e2ce78b412
Metamorphic Worms: Can They Remain Hidden?
Posted Feb 2, 2015
Authored by Reethi Kotti

Whitepaper that discusses types of computer worms and how metamorphic worms differ from the rest.

tags | paper, worm
MD5 | 4ae6e561c0c9dbfec13ce2965d4d8a49
Linksys E-Series TheMoon Remote Command Injection
Posted Apr 5, 2014
Authored by Michael Messner, Rew, juan vazquez, infodox, Johannes Ullrich | Site metasploit.com

Some Linksys E-Series Routers are vulnerable to an unauthenticated OS command injection. This vulnerability was used from the so called "TheMoon" worm. There are many Linksys systems that might be vulnerable including E4200, E3200, E3000, E2500, E2100L, E2000, E1550, E1500, E1200, E1000, E900. This Metasploit module was tested successfully against an E1500 v1.0.5.

tags | exploit, worm
MD5 | efd9a1fb2aa6013c587f6a0d62ca6b44
Linksys Worm Remote Root
Posted Feb 17, 2014
Authored by infodox

Proof of concept exploit used by the recent Linksys worm (known as "Moon"). Exploits blind command injection in tmUnblock.cgi.

tags | exploit, worm, cgi, proof of concept
MD5 | 98029f878e6fe6748f2a3f31170306c5
Linksys E-Series Remote Code Execution
Posted Feb 17, 2014
Authored by Rew

Linksys E-Series unauthenticated remote command execution exploit that leverages the same vulnerability as used in the "Moon" worm.

tags | exploit, worm, remote
MD5 | e5e8a82bab2ad32c6f6fbad03561fa32
To Kill A Centrifuge
Posted Nov 21, 2013
Authored by Ralph Langner | Site langner.com

Whitepaper called To Kill a Centrifuge - A Technical Analysis of What Stuxnet's Creators Tried to Achieve.

tags | paper, worm
MD5 | 378b0d6b52e08452f849a30292b24bad
Wormtrack Network IDS 0.1
Posted Nov 10, 2011
Authored by Aleksandr Brodskiy | Site code.google.com

Wormtrack is a network IDS that helps detect scanning worms on a local area network by monitoring anomalous ARP traffic. This allows detection of scanning threats on the network, without having privileged access on a switch to set up a dedicated monitor port, nor does it require a constant updating of the rules engine to address new threats.

tags | tool, worm, local, intrusion detection
systems | unix
MD5 | 82df762231b40c0bacfb4861cb2b105c
PHP-Nuke 7.0 / 8.1 / 8.1.35 Wormable Remote Code Execution
Posted May 5, 2010
Authored by Michael Brooks

PHP-Nuke versions 7.0, 8.1 and 8.1.35 wormable remote code execution exploit.

tags | exploit, worm, remote, php, code execution
MD5 | eb272c6ff1c00e0c3cdc8c49150c4be4
LPRng use_syslog Remote Format String Vulnerability
Posted Feb 17, 2010
Authored by jduck | Site metasploit.com

This Metasploit module exploits a format string vulnerability in the LPRng print server. This vulnerability was discovered by Chris Evans. There was a publicly circulating worm targeting this vulnerability, which prompted RedHat to pull their 7.0 release. They consequently re-released it as "7.0-respin".

tags | exploit, worm
systems | linux, redhat
advisories | CVE-2000-0917
MD5 | 6d35b4aae06d6486bf87ed8f10cfbfb4
Sasser Worm avserve FTP PORT Buffer Overflow
Posted Nov 26, 2009
Authored by patrick, Val Smith, chamuco | Site metasploit.com

This Metasploit module exploits the FTP server component of the Sasser worm. By sending an overly long PORT command the stack can be overwritten.

tags | exploit, worm
MD5 | d43c04ad521b75f49917fecff05e6333
How Conficker Makes Use Of MS08-067
Posted Apr 15, 2009
Authored by Bui Quang Minh, Hoang Xuan Minh

Whitepaper called How Conficker makes use of MS08-067.

tags | paper, worm
MD5 | 89a1d4338199280d5e76e4e9fa342747
Using ShoutBoxes To Control Malicious Software
Posted Apr 14, 2009
Authored by Feathers McGraw

Whitepaper called Using "ShoutBoxes" to control malicious software.

tags | paper, worm
MD5 | 551ed6acbcc96e5e1cda2bfd514bbbeb
Technical Cyber Security Alert 2009-88A
Posted Mar 30, 2009
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert TA09-088A - US-CERT is aware of public reports indicating a widespread infection of the Conficker worm, which can infect a Microsoft Windows system from a thumb drive, a network share, or directly across a network if the host is not patched with MS08-067.

tags | advisory, worm
systems | windows
MD5 | 11f2942a818aea1b0588694b2e6fb165
Exploit Web 2.0, Real Life XSS-Worm
Posted Feb 5, 2009
Authored by Zigma | Site nullarea.net

Whitepaper called Exploiting Web 2.0, Real Life XSS-Worm.

tags | paper, worm, web
MD5 | 6f43b52656e363dadf4f84b3c9cf8ce7
vbulletin-xssxsrf.txt
Posted Nov 20, 2008
Authored by Mx

The Visitor Messages add-on for vBulletin version 3.7.3 suffers from cross site scripting and cross site request forgery vulnerabilities. This is a worm exploit that takes advantage of these issues.

tags | exploit, worm, vulnerability, xss, csrf
MD5 | a4bd6a31749a23236f15aac1e67d2032
ACM-CFP2007.txt
Posted Jun 20, 2007
Site auto.tuwien.ac.at

The 5th ACM Workshop On Recurring Malcode (WORM) 2007 Call For Papers has been announced. It will be held on November 2, 2007 in Alexandria, VA, USA.

tags | paper, worm, conference
MD5 | 22042d6df89712ab5d890a119d751158
Technical Cyber Security Alert 2007-59A
Posted Mar 6, 2007
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert TA07-059A - A worm is exploiting a vulnerability in the telnet daemon (in.telnetd) on unpatched Sun Solaris systems. The vulnerability allows the worm (or any attacker) to log in via telnet (23/tcp) with elevated privileges.

tags | advisory, worm, tcp
systems | solaris
advisories | CVE-2007-0882
MD5 | 3c73f4b71f6456ca1c51dfdb2699536c
blastersteg.tar.gz
Posted Mar 6, 2007
Authored by s0ftpj, vecna | Site s0ftpj.org

This code shows how to send hidden data steganographed into a simulation of common (worm) traffic.

tags | worm
MD5 | 556f37cbd09cef7aaa5b1ac44a48cf4e
Worminator-src.tgz
Posted Dec 6, 2006
Authored by Yuri Gushin

A Win32 tool for easing/automating the process of creating IDS/IPS signatures for SMTP based worms, providing a comfortable GUI, including raw base64 variants and Snort signatures support. This tarball is the source version.

tags | tool, worm, sniffer
systems | windows
MD5 | bdf32a59c2698f26abe112066a65967d
Worminator-bin.tgz
Posted Dec 6, 2006
Authored by Yuri Gushin

A Win32 tool for easing/automating the process of creating IDS/IPS signatures for SMTP based worms, providing a comfortable GUI, including raw base64 variants and Snort signatures support. This tarball is the binary executable version.

tags | tool, worm, sniffer
systems | windows
MD5 | 1d3642adf9dab516eb15d202c3fc7ba4
vthrottle-0.60.tar.gz
Posted Nov 16, 2006
Authored by Jose Nazario | Site monkey.org

vthrottle is an implementation of an SMTP throttling engine for Sendmail servers, based upon M. Williamson's mechanisms, as described in his 2003 Usenix Security paper. It allows the administrator to control how much email users and hosts may send, hindering the rapid spread of viruses, worms, and spam. Exceptions can be made using a whitelist mechanism, which can be generated manually or with the included tool vmeasure.

Changes: Miscellaneous updates.
tags | worm
systems | unix
MD5 | 54bbcfefd188d4132efa6a21b37bb8ca
Advanced-Polymorphic-Worms.pdf
Posted Nov 1, 2006

Advanced Polymorphic Worms: Evading IDS by Blending with Normal Traffic.

tags | paper, worm
MD5 | 3590541dd2f42d7182e4d09494dcf016
Anomalous-Payload-based-Worm-Detection-and-Signature-Generation.pdf
Posted Nov 1, 2006

Anomalous Payloadbased Worm Detection and Signature Generation.

tags | paper, worm
MD5 | fa3d6697c273b49489b40e166f7818c5
Autograph.pdf
Posted Nov 1, 2006

Autograph: Toward Automated, Distributed Worm Signature Detection.

tags | paper, worm
MD5 | a55d83605ae8b4afde4c539036fa233c
Polygraph.pdf
Posted Nov 1, 2006

Polygraph: Automatically Generating Signatures for Polymorphic Worms.

tags | paper, worm
MD5 | 13b59cf5acd83feffb4917c2f463dfe3
Page 1 of 7
Back12345Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    7 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close