IoTMap - Research Project On Heterogeneous IoT Protocols Modelling

IoTMap is a tool that models IoT networks using one or multiple protocols simultaneously. This is work in progress, as a part of a PhD thesis on Internet Of Things security. This repository is regularly updated as new results are obtained. This project supports 3 protocol as this time : BLE, ZigB...

MGASA-2020-0266 Updated scapy packages fix security vulnerability

Updated scapy packages fix security vulnerabilities: A vulnerability was found in scapy 2.4.0 and earlier is affected by: Denial of Services. The impact is: busy loop forever. The component is: RADIUSAttrPacketListField class. The attack vector is: a packet sent over the network or in a pcap...

Updated scapy packages fix security vulnerability

Updated scapy packages fix security vulnerabilities: A vulnerability was found in scapy 2.4.0 and earlier is affected by: Denial of Services. The impact is: busy loop forever. The component is: RADIUSAttrPacketListField class. The attack vector is: a packet sent over the network or in a pcap...

BIND - (TSIG) Denial of Service Exploit

BIND - TSIG Denial of Service Exploit !/usr/bin/python coding:utf-8 from scapy.all import DNS, DNSQR, IP, sr1, UDP, DNSRRTSIG, DNSRROPT tsig = DNSRRTSIGrrname="local-ddns", algoname="hmac-sha256", rclass=255, maclen=0, macdata="", timesigned=0, fudge=300, error=16 dnsreq =...

Eavesarp - Analyze ARP Requests To Identify Intercommunicating Hosts And Stale Network Address Configurations (SNACs)

A reconnaissance tool that analyzes ARP requests to identify hosts that are likely communicating with one another, which is useful in those dreaded situations where LLMNR/NBNS aren't in use for name resolution. Requirements/Installation This is only gon' work on Kali or other Debian-basedLinux...

Broadcom Wi-Fi Devices - (KR00K) Information Disclosure Exploit

Kr00ker Experimetal KR00K PoC in python3 using scapy Description: This script is a simple experiment to exploit the KR00K vulnerability CVE-2019-15126, that allows to decrypt some WPA2 CCMP data in vulnerable devices. More specifically this script attempts to retrieve Plaintext Data of WPA2 CCMP...

Exploit for Time-of-check Time-of-use (TOCTOU) Race Condition in Apple Ipados

kr00ker ============ Description This script is a simple ex...

Fedora Update for scapy FEDORA-2019-20d6b8f9c4

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

null

A remote administration tool a RAT is a piece of software that allows a remote "operator" to control a system as if he has physical access to that system. While desktop sharing and remote administration have many legal uses, "RAT" software is usually associated with criminal or malicious activity...

Anviz CrossChex 4.3.12 Local Buffer Overflow

Exploit Title: Anviz CrossChex 4.3.12 - Local Buffer Overflow Date: 2019-11-30 Exploit Author: Luis Catarino & Pedro Rodrigues Vendor Homepage: https://www.anviz.com/ Software Link: https://www.anviz.com/download.html Version: Crosschex Standard x86 = V4.3.12 Tested on: 4.3.8.0, 4.3.12 CVE : N/A...

Anviz CrossChex 4.3.12 - Local Buffer Overflow Exploit

Exploit Title: Anviz CrossChex 4.3.12 - Local Buffer Overflow Exploit Author: Luis Catarino & Pedro Rodrigues Vendor Homepage: https://www.anviz.com/ Software Link: https://www.anviz.com/download.html Version: Crosschex Standard x86 = V4.3.12 Tested on: 4.3.8.0, 4.3.12 CVE : N/A More info:...

Anviz CrossChex 4.3.12 - Local Buffer Overflow

Anviz CrossChex 4.3.12 - Local Buffer Overflow Exploit Title: Anviz CrossChex 4.3.12 - Local Buffer Overflow Date: 2019-11-30 Exploit Author: Luis Catarino & Pedro Rodrigues Vendor Homepage: https://www.anviz.com/ Software Link: https://www.anviz.com/download.html Version: Crosschex Standard x86 ...

Anviz CrossChex 4.3.12 - Local Buffer Overflow

Exploit Title: Anviz CrossChex 4.3.12 - Local Buffer Overflow Date: 2019-11-30 Exploit Author: Luis Catarino & Pedro Rodrigues Vendor Homepage: https://www.anviz.com/ Software Link: https://www.anviz.com/download.html Version: Crosschex Standard x86 = V4.3.12 Tested on: 4.3.8.0, 4.3.12 CVE : N/A...

Fedora Update for scapy FEDORA-2019-d49c8ec32b

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora 29 : scapy (2019-d49c8ec32b)

scapy bugfix release Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable Network Security,...

[SECURITY] Fedora 29 Update: scapy-2.4.3-2.fc29

Scapy is a powerful interactive packet manipulation program built on top of the Python interpreter. It can be used to forge or decode packets of a wide number of protocols, send them over the wire, capture them, match requests and replies, and much more...

Fedora 31 : scapy (2019-20d6b8f9c4)

The remote Fedora 31 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2019-20d6b8f9c4 advisory. bugfix bump to version 2.4.3 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has...

Fedora 30 : scapy (2019-47946eb312)

The remote Fedora 30 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2019-47946eb312 advisory. bugfix bump to version 2.4.3 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has...

[SECURITY] Fedora 30 Update: scapy-2.4.3-1.fc30

Scapy is a powerful interactive packet manipulation program built on top of the Python interpreter. It can be used to forge or decode packets of a wide number of protocols, send them over the wire, capture them, match requests and replies, and much more...

[SECURITY] Fedora 31 Update: scapy-2.4.3-1.fc31

Scapy is a powerful interactive packet manipulation program built on top of the Python interpreter. It can be used to forge or decode packets of a wide number of protocols, send them over the wire, capture them, match requests and replies, and much more...