Denial Of Service (DoS)

Scapy is vulnerable to denial of service DoS attacks. It uses a buggy unnecessary class RADIUSAttrPacketListField which does not validate the input when reading the length field in the RADIUS packets Attribute Value Pairs AVP, causing an infinite loop and an application crash. This vulnerability ...

PT-2019-11477 · Secdev +1 · Scapy +1

Name of the Vulnerable Software and Affected Versions: scapy version 2.4.0 Description: The issue is a Denial of Service that results in an infinite loop, resource consumption, and the program becoming unresponsive. The component affected is the RADIUSAttrPacketListField.getfieldself.. function...

Scapy - The Python-based Interactive Packet Manipulation Program & Library

Scapy is a powerful Python-based interactive packet manipulation program and library. It is able to forge or decode packets of a wide number of protocols, send them on the wire, capture them, store or read them using pcap files, match requests and replies, and much more. It is designed to allow...

DNSlivery - Easy Files And Payloads Delivery Over DNS

Easy files and payloads delivery over DNS. Acknowledgments This project has been originally inspired by PowerDNS and Joff Thyer's technical segment on the Paul's Security Weekly podcast 590 youtu.be/CP6cIwFJswQ. Description TL;DR DNSlivery allows delivering files to a target using DNS as the...

Schneider Electric Modicon M580 UMAS set breakpoint denial-of-service vulnerability

Summary An exploitable denial-of-service vulnerability exists in the UMAS set breakpoint functionality of the Schneider Electric Modicon M580 Programmable Automation Controller, firmware version SV2.70. A specially crafted UMAS command can cause the device to enter a non-recoverable fault state,...

ISF - Industrial Control System Exploitation Framework

ISFIndustrial Exploitation Framework is a exploitation framework based on Python, it's similar to metasploit framework. ISF is based on open source project routersploit. Read this in other languages:English, 简体中文, ICS Protocol Clients Name | Path | Description ---|---|--- modbustcpclient |...

Scapy-sploit: Python Network Tool is Vulnerable to Denial of Service (DoS) Attack CVE pending

We recently discovered that the latest version of Scapy, a powerful packet manipulation tool used by cybersecurity researchers and network engineers, is susceptible to a Denial of Service DoS vulnerability. Ironically, we found this vulnerability while researching ways to better detect and fight...

192.168.2.10

A remote administration tool a RAT is a piece of software that allows a remote "operator" to control a system as if he has physical access to that system. While desktop sharing and remote administration have many legal uses, "RAT" software is usually associated with criminal or malicious activity...

192.168.3.174

A remote administration tool a RAT is a piece of software that allows a remote "operator" to control a system as if he has physical access to that system. While desktop sharing and remote administration have many legal uses, "RAT" software is usually associated with criminal or malicious activity...

Malcom - Malware Communications Analyzer

Malcom is a tool designed to analyze a system's network communication using graphical representations of network traffic, and cross-reference them with known malware sources. This comes handy when analyzing how certain malware species try to communicate with the outside world. What is Malcom?...

Mutiny Fuzzing Framework

The Mutiny Fuzzing Framework is a network fuzzer that operates by replaying PCAPs through a mutational fuzzer. The goal is to begin network fuzzing as quickly as possible, at the expense of being thorough. The general workflow for Mutiny is to take a sample of legitimate traffic, such as a browse...

KillerBee - IEEE 802.15.4/ZigBee Security Research Toolkit

This is KillerBee - Framework and Tools for Attacking ZigBee and IEEE 802.15.4 networks. REQUIREMENTS KillerBee is developed and tested on Linux systems. OS X usage is possible but not supported. We have striven to use a minimum number of software dependencies, however, it is necessary to install...

RF Fuzzing Framework: TumbleRF

TumbleRF is a framework that orchestrates the application of fuzzing techniques to RF systems. While fuzzing has always been a powerful mechanism for fingerprinting and enumerating bugs within software systems, the application of these techniques to wireless and hardware systems has historically...

DynoRoot DHCP - Client Command Injection Exploit

Exploit for linux platform in category local exploits Exploit Title: DynoRoot DHCP - Client Command Injection Exploit Author: Kevin Kirsche Exploit Repository: https://github.com/kkirsche/CVE-2018-1111 Exploit Discoverer: Felix Wilhelm Vendor Homepage: https://www.redhat.com/ Version: RHEL 6.x /...

DynoRoot DHCP Client - Command Injection

Exploit Title: DynoRoot DHCP - Client Command Injection Date: 2018-05-18 Exploit Author: Kevin Kirsche Exploit Repository: https://github.com/kkirsche/CVE-2018-1111 Exploit Discoverer: Felix Wilhelm Vendor Homepage: https://www.redhat.com/ Version: RHEL 6.x / 7.x and CentOS 6.x/7.x Tested on:...

Memcrashed-DDoS-Exploit - DDoS Attack Tool For Sending Forged UDP Packets To Vulnerable Memcached Servers Obtained Using Shodan API

This tool allows you to send forged UDP packets to Memcached servers obtained from Shodan.io Prerequisites The only thing you need installed is Python 3.x apt-get install python3 You also require to have Scapy and Shodan modules installed pip install scapy pip install shodan Using Shodan API This...

Memcached - memcrashed Denial of Service Exploit

Exploit for linux platform in category dos / poc Written by Alex Conrey Download: https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/bin-sploits/44254.zip This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public...

Mitm6 - Pwning IPv4 Via IPv6

Mitm6 is a pentesting tool that exploits the default configuration of Windows to take over the default DNS server. It does this by replying to DHCPv6 messages, providing victims with a link-local IPv6 address and setting the attackers host as default DNS server. As DNS server, mitm6 will...

PcapXray - A Network Forensics Tool To visualize a Packet Capture offline as a Network Diagram

PcapXray is a Network Forensics Tool To visualize a Packet Capture offline as a Network Diagram including device identification, highlight important communication and file extraction. PcapXray Design Specification Goal: Given a Pcap File, plot a network diagram displaying hosts in the network,...

FuzzerTCP

This is yet a simple fuzzer written in Python that uses SCAPY to create IP packages and send them over a socket, it works as a server/client and logs all packet in hexadecimal to make it easier to modify. Fuzzer Author: Juan Sacco Date and time: 31 October 2017 Description: This a yet simple fuzz...