HACKING TOOLS / EXPLOITS ALL -- BY Athar.

Astalavista Tools and Utilities

1. Data Loss Prevention - Whitepaper called Data Loss Prevention
2. The Risks of Client-Side Data Storage - Whitepaper called The Risks of Client-Side Data Storage
3. BadAss 0.5 Beta - BadAss is a Ruby script that makes it very easy to perform cracking attacks, port scanning, and more.
   Changes: Interface re-written from scratch. New ruby scripts added. Various other additions.
4. QuickRecon 0.3 - QuickRecon is a python script for simple information gathering. It attempts to find subdomain names, perform zone transfers and gathers emails from Google and Bing.
   Changes: Qt4 based GUI. Improved Code.
5. Bluelog Bluetooth Scanner/Logger 0.9.9 - Bluelog is a Bluetooth scanner/logger written with speed in mind. It is intended to be used as a site survey tool, concerned more about accurately detecting the number of discoverable Bluetooth devices than individual device specifics. Bluelog also includes the unique "Bluelog Live" mode, which puts discovered devices into a constantly updating live webpage which you can serve up with your HTTP daemon of choice.
   Changes: This is a major rewrite. Completely revamped device cache code is faster and more accurate while preventing redundant scans. New features such as Amnesia mode and preliminary OpenWRT support. Numerous bugfixes and optimizations. A recommended update for all users.
6. Web Application Security Part 1 - Brief whitepaper called Web Application Security - Part 1. It discusses using SQL injection for login bypass.
7. Linux Exploit Development Part 4 - Whitepaper called Linux exploit development part 4 - ASCII armor bypass + return-to-plt.
8. Covert Data Storage Channel Using IP Packet Headers - A covert data channel is a communications channel that is hidden within the medium of a legitimate communications channel. Covert channels manipulate a communications medium in an unexpected or unconventional way in order to transmit information in an almost undetectable fashion. Otherwise said, a covert data channel transfers arbitrary bytes between two points in a fashion that would appear legitimate to someone scrutinizing the exchange. (Bingham, 2006)
9. Covert communications: subverting Windows applications - Whitepaper called Covert communications: subverting Windows applications
10. Inside-Out Vulnerabilities, Reverse Shells - Keeping data from leaking out of protected networks is becoming increasingly difficult due to the increase of malicious code that sends data from infected systems.

Packetstorm Last 10 Files

1. HP System Management Homepage Cross Site Scripting - HP System Management Homepage suffers from multiple cross site scripting vulnerabilities.
2. ChromeMedia SQL Injection - ChromeMedia suffers from a remote SQL injection vulnerability.
3. DH Softwares SQL Injection - DH Softwares suffers from a remote SQL injection vulnerability that allows for authentication bypass.
4. MyLittleForum 2.2.7 Cross Site Request Forgery - MyLittleForum CMS version 2.2.7 suffers from a cross site request forgery vulnerability.
5. PEEL Open E-Commerce Systems SQL Injection - PEEL Open E-Commerce Systems suffers from a remote SQL injection vulnerability.
6. PHPortfolio SQL Injection - PHPortfolio suffers from a remote SQL injection vulnerability.
7. Ciphertek Systems SQL Injection - Ciphertek Systems suffers from a remote SQL injection vulnerability.
8. MODx Revolution 2.0.8-pl Cross Site Request Forgery - MODx Revolution CMS version 2.0.8-pl suffers from a cross site request forgery vulnerability.
9. Textpattern 4.3.0 Cross Site Request Forgery - Textpattern CMS version 4.3.0 suffers from a cross site request forgery vulnerability.
10. Magix Musik Maker 16 .mmm Stack Buffer Overflow - This Metasploit module exploits a stack buffer overflow in Magix Musik Maker 16. When opening a specially crafted arrangement file (.mmm) in the application, an unsafe strcpy() will allow you to overwrite a SEH handler. This exploit bypasses DEP & ASLR, and works on XP, Vista & Windows 7. Egghunter is used, and might require up to several seconds to receive a shell.

Packetstorm Tools

1. BadAss 0.6 Beta - BadAss is a Ruby script that makes it very easy to perform cracking attacks, port scanning, and more.
2. Pytbull 1.3 - pytbull is an intrusion detection/prevention system (IDS/IPS) testing framework for Snort and Suricata. It can be used to test the detection and blocking capabilities of an IDS/IPS, to compare IDS/IPS, to compare configuration modifications and to check/validate configurations. The framework is shipped with about 300 tests grouped into 8 testing modules.
3. Mptcp Packet Manipulator 1.8 - Mpctp is a tool for manipulation of raw packets that allows a large number of options. Its primary purpose is to diagnose and test several scenarios that involving the use of the types of TCP/IP packets. It is able to send certain types of packets to any specific target and manipulations of various fields at runtime. These fields can be modified in its structure as the the Source/Destination IP address and Source/Destination MAC address.
4. Google Hack DB Tool 1.2 - Google Hack DB Tool is a database tool with almost 8,000 entries. It allows administrators the ability to check their site for vulnerabilities based on data stored in Google.
5. QuickRecon 0.3 - QuickRecon is a python script for simple information gathering. It attempts to find subdomain names, perform zone transfers and gathers emails from Google and Bing.
6. BadAss 0.5 Beta - BadAss is a Ruby script that makes it very easy to perform cracking attacks, port scanning, and more.
7. Bluelog Bluetooth Scanner/Logger 0.9.9 - Bluelog is a Bluetooth scanner/logger written with speed in mind. It is intended to be used as a site survey tool, concerned more about accurately detecting the number of discoverable Bluetooth devices than individual device specifics. Bluelog also includes the unique "Bluelog Live" mode, which puts discovered devices into a constantly updating live webpage which you can serve up with your HTTP daemon of choice.
8. DNS Spider Multithreaded Bruteforcer 0.1 - DNS Spider is a multithreaded bruteforcer of subdomains that leverages a wordlist and/or character permutation.
9. BadAss 0.4 Beta - BadAss is a Ruby script that makes it very easy to perform cracking attacks, port scanning, and more.
10. Samhain File Integrity Checker 2.8.4a - Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.

Packetstorm Exploits

1. HP System Management Homepage Cross Site Scripting - HP System Management Homepage suffers from multiple cross site scripting vulnerabilities.
2. ChromeMedia SQL Injection - ChromeMedia suffers from a remote SQL injection vulnerability.
3. DH Softwares SQL Injection - DH Softwares suffers from a remote SQL injection vulnerability that allows for authentication bypass.
4. MyLittleForum 2.2.7 Cross Site Request Forgery - MyLittleForum CMS version 2.2.7 suffers from a cross site request forgery vulnerability.
5. PEEL Open E-Commerce Systems SQL Injection - PEEL Open E-Commerce Systems suffers from a remote SQL injection vulnerability.
6. PHPortfolio SQL Injection - PHPortfolio suffers from a remote SQL injection vulnerability.
7. Ciphertek Systems SQL Injection - Ciphertek Systems suffers from a remote SQL injection vulnerability.
8. MODx Revolution 2.0.8-pl Cross Site Request Forgery - MODx Revolution CMS version 2.0.8-pl suffers from a cross site request forgery vulnerability.
9. Textpattern 4.3.0 Cross Site Request Forgery - Textpattern CMS version 4.3.0 suffers from a cross site request forgery vulnerability.
10. Magix Musik Maker 16 .mmm Stack Buffer Overflow - This Metasploit module exploits a stack buffer overflow in Magix Musik Maker 16. When opening a specially crafted arrangement file (.mmm) in the application, an unsafe strcpy() will allow you to overwrite a SEH handler. This exploit bypasses DEP & ASLR, and works on XP, Vista & Windows 7. Egghunter is used, and might require up to several seconds to receive a shell.

Securiteam Exploits

1. Adobe Shockwave TextXtra Invalid Seek Code Execution Vulnerability - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Shockwave.
2. Adobe Shockwave dirapi.dll IFWV Trusted Offset Code Execution Vulnerability - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Adobe Shockwave Player.
3. Adobe Flash Player Point Object Code Execution Vulnerability - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash Player.
4. Hewlett-Packard Virtual SAN Appliance hydra.exe Login Request Code Execution Vulnerability - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard Virtual SAN appiance.
5. IBM Lotus Domino Server Controller Authentication Bypass Code Execution Vulnerability - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Lotus Domino Server Controller.

Posted in: Hacking