Saturday, July 23, 2011

Hack Tools/Exploits

There are many exploits available on internet This a list of some exploits on web
Astalavista Tools and Utilities
  1. BadAss 0.7 Beta - BadAss is a Ruby script that makes it very easy to perform cracking attacks, port scanning, and more.
  2. OATH Toolkit 1.10.0 - The OATH Toolkit attempts to collect several tools that are useful when deploying technologies related to OATH, such as HOTP one-time passwords. It is a fork of the earlier HOTP Toolkit.
  3. QuickRecon 0.3.1 - QuickRecon is a python script for simple information gathering. It attempts to find subdomain names, perform zone transfers and gathers emails from Google and Bing.
  4. Linux IPTables Firewall 1.4.11 - iptables is built on top of netfilter, the packet alteration framework for Linux 2.4.x and 2.6.x. It is a major rewrite of its predecessor ipchains, and is used to control packet filtering, Network Address Translation (masquerading, portforwarding, transparent proxying), and special effects such as packet mangling.
  5. Gotcha! : Virus and E-mail Hoaxes - This paper addresses the existence of virus and e-mail hoaxes uses resources, costs money, and picks and pulls at the already frayed nerves of the often overworked, understaffed information technology corps.
  6. Spam Filtering in a Small Business Environment, a Case Study - This case study describes the process of researching and implementing a filter for email "SPAM" in an organization of modest size, running Microsoft Exchange 5.5 and IMC.
  7. Securely Connecting Your Email System To the Internet - A Primer - This paper examines the basics that need to be considered when building a secure email connection to the Internet using an SMTP gateway.
  8. Options For Securely Deploying Outlook Web Access - This paper will provide an overview of Outlook Web Access and how it functions to deliver Exchange server mail via HTTP.
  9. Technologies to Combat Spam - This paper addresses the issue of spam and will give you some background, its proliferation, some of the issues and information about spam.
  10. Slippery Slope or Terra Firma? Current and Future Anti-Spam Measures - This paper will help to explain current methods that are used to send out spam, combat spam, and legislation in place to hold abusers accountable and will also take a look at what might be on the technology horizon with more robust filtering methods and perhaps a better SMTP standard.
Packetstorm Last 10 Files
  1. Godly Forums SQL Injection - Godly Forums suffers from a remote SQL injection vulnerability.
  2. Red Hat Security Advisory 2011-1087-01 - Red Hat Security Advisory 2011-1087-01 - The IBM 1.5.0 Java release includes the IBM Java 2 Runtime Environment and the IBM Java 2 Software Development Kit. This update fixes several vulnerabilities in the IBM Java 2 Runtime Environment and the IBM Java 2 Software Development Kit. All users of java-1.5.0-ibm are advised to upgrade to these updated packages, containing the IBM 1.5.0 SR12-FP5 Java release. All running instances of IBM Java must be restarted for this update to take effect.
  3. ExtCalendar2 SQL Injection / Authentcation Bypass - ExtCalendar2 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
  4. Kingsoft AntiVirus 2012 KisKrnl.sys Privilege Escalation - Kingsoft AntiVirus 2012 KisKrnl.sys versions 2011.7.8.913 and below local kernel mode privilege escalation exploit.
  5. Mandriva Linux Security Advisory 2011-117 - Mandriva Linux Security Advisory 2011-117 - ftpd.c in the GSS-API FTP daemon in MIT Kerberos Version 5 Applications 1.0.1 and earlier does not check the krb5_setegid return value, which allows remote authenticated users to bypass intended group access restrictions, and create, overwrite, delete, or read files, via standard FTP commands, related to missing autoconf tests in a configure script. The updated packages have been patched to correct this issue.
  6. Mandriva Linux Security Advisory 2011-116 - Mandriva Linux Security Advisory 2011-116 - The Curl_input_negotiate function in http_negotiate.c in libcurl 7.10.6 through 7.21.6, as used in curl and other products, always performs credential delegation during GSSAPI authentication, which allows remote servers to impersonate clients via GSSAPI requests.
  7. MyNews 1.6.5 Shell Upload - MyNews version 1.6.5 suffers from a shell upload vulnerability.
  8. Joomla! 1.7.0-RC / 1.6.x Cross Site Scripting - Several parameters in Joomla! core components suffer from a cross site scripting vulnerability. Joomla! versions 1.7.0-RC and 1.6.x are affected.
  9. Ubuntu Security Notice USN-1172-1 - Ubuntu Security Notice 1172-1 - It was discovered that logrotate incorrectly handled the creation of new log files. Local users could possibly read log files if they were opened before permissions were in place. This issue only affected Ubuntu 8.04 LTS. It was discovered that logrotate incorrectly handled certain log file names when used with the shred option. Local attackers able to create log files with specially crafted filenames could use this issue to execute arbitrary code. This issue only affected Ubuntu 10.04 LTS, 10.10, and 11.04. Various other issues were also addressed.
  10. Red Hat Security Advisory 2011-1085-01 - Red Hat Security Advisory 2011-1085-01 - A flaw was found in the way the FreeType font rendering engine processed certain PostScript Type 1 fonts. If a user loaded a specially-crafted font file with an application linked against FreeType, it could cause the application to crash or, possibly, execute arbitrary code with the privileges of the user running the application. Users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. The X server must be restarted for this update to take effect.
Packetstorm Tools
  1. ARP-Scan ARP Generation Tool 1.8.1 - arp-scan sends ARP (Address Resolution Protocol) queries to the specified targets, and displays any responses that are received. It allows any part of the outgoing ARP packets to be changed, allowing the behavior of targets to non-standard ARP packets to be examined. The IP address and hardware address of received packets are displayed, together with the vendor details. These details are obtained from the IEEE OUI and IAB listings, plus a few manual entries. It includes arp-fingerprint, which allows a system to be fingerprinted based on how it responds to non-standard ARP packets.
  2. WordPress Security Scanner 1.0 - WordPress Security Scanner can perform username enumeration, weak password cracking, version / vulnerability / plugin enumeration, and more.
  3. Malware Analyser 3.2 - Malware Analyser is freeware tool to perform static and dynamic analysis on malwares.
  4. Arachni Web Application Security Scanner Framework 0.2.4 - Arachni is a feature-full, modular, high-performance Ruby framework aimed towards helping penetration testers and administrators evaluate the security of web applications. Arachni is smart, it trains itself by learning from the HTTP responses it receives during the audit process. Unlike other scanners, Arachni takes into account the dynamic nature of web applications and can detect changes caused while travelling through the paths of a web application's cyclomatic complexity. This way attack/input vectors that would otherwise be undetectable by non-humans are seamlessly handled by Arachni.
  5. ROP Gadget Tool 2.3 - This tool lets you search your gadgets on your binaries to facilitate your ROP exploitation.
  6. SyRiAn Sh3ll 7 - SyRiAn Sh3ll is a PHP backdoor that allows for database access, local exploitation of the host, and more.
  7. LFI Scanner 4.0 - This is a simple perl script called Viper LFI Scanner that enumerates local file inclusion attempts when given a specific target.
  8. WiRouter KeyRec 1.0.8 - WiRouter KeyRec is a powerful and platform independent piece of software that recovers the default WPA passphrases of the supported router's models (Telecom Italia Alice AGPF, Fastweb Pirelli, Fastweb Tesley).
  9. Nmap Port Scanner 5.59BETA1 - Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings.
  10. Yakamoz phpMyAdmin Finder - This is a simple perl script that enumerates various possible directories on a given website in order to determine whether or not a phpMyAdmin instance may be installed.
Packetstorm Exploits
  1. Godly Forums SQL Injection - Godly Forums suffers from a remote SQL injection vulnerability.
  2. ExtCalendar2 SQL Injection / Authentcation Bypass - ExtCalendar2 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
  3. Kingsoft AntiVirus 2012 KisKrnl.sys Privilege Escalation - Kingsoft AntiVirus 2012 KisKrnl.sys versions 2011.7.8.913 and below local kernel mode privilege escalation exploit.
  4. MyNews 1.6.5 Shell Upload - MyNews version 1.6.5 suffers from a shell upload vulnerability.
  5. Joomla! 1.7.0-RC / 1.6.x Cross Site Scripting - Several parameters in Joomla! core components suffer from a cross site scripting vulnerability. Joomla! versions 1.7.0-RC and 1.6.x are affected.
  6. Testfire Cross Site Scripting / SQL Injection - Testfire suffers from cross site scripting and remote SQL injection vulnerabilities.
  7. Joomla Spo 1.5.x Local File Inclusion - Joomla Spo component version 1.5.x suffers from a local file inclusion vulnerability.
  8. Scriptlance Clone SQL Injection - Scriptlance Clone suffers from a remote SQL injection vulnerability.
  9. A1 Solutions SQL Injection - A1 Solutions suffers from a remote SQL injection vulnerability.
  10. Microsoft Internet Explorer toStaticHTML Information Disclosure - Microsoft Internet Explorer versions 8 and 9 can have the toStaticHTML function bypassed by a specially formed CSS.
Securiteam Exploits
  1. Apple Safari Text Nodes Use-after-free Vulnerability - Apple Safari contains a vulnerability caused by a use-after-free error in the WebKit library when processing certain text nodes.
  2. Cisco IPSec VPN Implementation Group Name Enumeration Vulnerability - Cisco IPSec VPN Implementation suffers from a Group Name Enumeration Vulnerability.
  3. Apache Tomcat ServletSecurity Annotation Security Bypass Vulnerability - A vulnerability has been identified in Apache Tomcat, which could be exploited by attackers to bypass restrictions.
  4. Related Posts WordPress Plugin Cross Site Scripting Vulnerability - The Related Posts WordPress Plugin contains a Cross Site Scripting Vulnerability.
  5. Recaptcha WordPress Plugin Cross Site Scripting Vulnerability - The WordPress Recaptcha Plugin contains a Cross Site Scripting Vulnerability.
Post a Comment