67 matches found
Smiths Medical Medfusion 4000 - DHCP Denial of Service Exploit
Exploit for hardware platform in category dos / poc !/usr/bin/python3 """PoC for MQX RTCS code execution via DHCP options overflow. This is just a quick hack to prove the vulnerability and was designed to run on a private network with the target device. """ import datetime import socket def main:...
CVE-2015-7855
The decodenetnum function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service assertion failure via a 6 or mode 7 packet containing a long data value...
Automated ettercap TCP/IP Hijacking Tool: Morpheus
morpheus framework automates tcp/udp packet manipulation tasks by using etter filters to manipulate target requests/responses under MitM attacks replacing the tcp/udp packet contents by our contents befor forward the packet back to the target host… workflow: 1. attacker - arp poison local lan mit...
OpenVPN 2.4.0 - Unauthenticated Denial of Service Exploit
Exploit for multiple platform in category dos / poc !/usr/bin/env python3 ''' $ ./dosserver.py & $ sudo ./openvpn-2.4.0/src/openvpn/openvpn conf/server-tls.conf ... Fri Feb 24 10:19:19 2017 192.168.149.1:64249 TLS: Initial packet from AFINET192.168.149.1:64249, sid=9a6c48a6 1467f5e1 Fri Feb 24...
Morpheus - Automated Ettercap TCP/IP Hijacking Tool
Morpheus framework automates tcp/udp packet manipulation tasks by using etter filters to manipulate target requests/responses under MitM attacks replacing the tcp/udp packet contents by our contents befor forward the packet back to the target host... workflow: 1º - attacker - arp poison local lan...
Auditing CAN Devices: CANSPY
A Platform for Auditing CAN Devices In the past few years, several tools have been released allowing hobbyists to connect to CAN buses found in cars. This is welcomed as the CAN protocol is becoming the backbone for embedded computers found in smartcars. Its use is now even spreading outside the...
The vulnerability of the Cisco IOS operating system, which allows a malicious actor to trigger a “disconnection”
Cisco IOS software contains a vulnerability in the intrusion detection service, which allows a malicious attacker to induce a “service failure” by manipulating DNS packets...
CVE-2015-8724
The AirPDcapDecryptWPABroadcastKey function in epan/crypt/airpdcap.c in the 802.11 dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not verify the WPA broadcast key length, which allows remote attackers to cause a denial of service out-of-bounds read and application crash v...
Man In The Middle Attack Framework: MITMf
Man In The Middle Attack Framework MITMf aims to provide a one-stop-shop for Man-In-The-Middle and network attacks while updating and improving existing attacks and techniques. Originally built to address the significant shortcomings of other tools e.g Ettercap, Mallory, it’s been almost complete...
Ettercap 0.8.0 0.8.1 - Multiple Denial of Service Vulnerabilities
Ettercap 0.8.0 0.8.1 - Multiple Denial of Service Vulnerabilities Exploit Title: 6 Remote ettercap Dos exploits to 1 Date: 19/12/2014 Exploit Author: Nick Sampanis Vendor Homepage: http://ettercap.github.io Software Link: https://github.com/Ettercap/ettercap/archive/v0.8.1.tar.gz Version: 8.0-8.1...
EZHomeTech EzServer <= 6.4.017 Stack Buffer Overflow Vulnerability
No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3...
Ghost Recon Advanced Warfighter Integer Overflow and Array Indexing Overflow
No description provided by source. Source: http://aluigi.org/adv/grawful-adv.txt Luigi Auriemma Applications: Ghost Recon Advanced Warfighter Ghost Recon Advanced Warfighter 2 http://ghostrecon.us.ubi.com/graw2/ Versions: GRAW = 1.35 GRAW2 = 1.05 Platforms: Windows Bugs: A interger overflow B Arr...
Proof of Concept for MS10-006 SMB Client-Side Bug
No description provided by source. More Info: http://g-laurent.blogspot.com/2010/04/turning-smb-client-bug-to-server-side.html import sys,SocketServer,socket,threading,time,random from random import from time import sleep from socket import if lensys.argv=2: sys.exit'Usage: pwn.py Yourip...
[Windbgshark] Windbg extension for VM traffic manipulation and analysis
This project includes an extension for the windbg debugger as well as a driver code, which allow you to manipulate the virtual machine network traffic and to integrate the wireshark protocol analyzer with the windbg commands. The motivation of this work came from the intention to find a handy...
Medium: wireshark
Issue Overview: Two flaws were found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. CVE-2013-3559, CVE-2013-4083 Several denial of service flaws were found in...
Race condition
Race condition in the IP implementation in the Linux kernel before 3.0 might allow remote attackers to cause a denial of service slab corruption and system crash by sending packets to an application that sets socket options during the handling of network traffic...
BNAT Router
This module will properly route BNAT traffic and allow for connections to be established to machines on ports which might not otherwise be accessible. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class...
THC-ipv6 Toolkit – Attacking the IPV6 Protocol
THC-ipv6 Toolkit – Attacking the IPV6 Protocol A complete tool set to attack the inherent protocol weaknesses of IPV6 and ICMP6, and includes an easy to use packet factory library. Please note to get full access to all the available tools you need to develop IPV6 tools yourself or submit patches,...
GSC Privilege Escalation Exploit
Name: Michael Gray Website: www.ownerarium.net Contact: [email protected] Discovered Exploit: 06-05-2008 Vulnerable Software Title: GSC Vulnerable Version: = 2067 Severity: CRITICAL Website: http://www.getgsc.com Reported to vendor: Yes Actively exploited: Yes Exploit Discovery...
CVE-2004-1869
CVE-2004-1869 affects Etherlords I (≤1.07) and Etherlords II (≤1.03). The issue arises in network handling: a crafted packet sets the size for the next packet and is followed by a larger packet, causing Etherlords to read unallocated memory and crash (DoS). The provided sources do not specify a r...