Lucene search
+L

162 matches found

Kitploit
Kitploit
added 2013/07/04 2:1 a.m.19 views

[Salted Hash Kracker v1.5] Recover the Password from Salted Hash text

Salted Hash Kracker is the free all-in-one tool to recover the Password from Salted Hash text. These days most websites and applications use salt based hash generation to prevent it from being cracked easily using precomputed hash tables such as Rainbow Crack. In such cases, 'Salted Hash Kracker'...

7.5AI score
Exploits0
Metasploit
Metasploit
added 2013/06/24 7:23 p.m.273 views

IPMI 2.0 RAKP Remote SHA1 Password Hash Retrieval

This module identifies IPMI 2.0-compatible systems and attempts to retrieve the HMAC-SHA1 password hashes of default usernames. The hashes can be stored in a file using the OUTPUTFILE option and then cracked using hmacsha1crack.rb in the tools subdirectory as well hashcat cpu 0.46 or newer using...

7.5CVSS7AI score0.81802EPSS
Exploits2
OSV
OSV
added 2013/04/09 8:55 p.m.14 views

CVE-2013-1800

The crack gem 0.3.1 and earlier for Ruby does not properly restrict casts of string values, which might allow remote attackers to conduct object-injection attacks and execute arbitrary code, or cause a denial of service memory and CPU consumption by leveraging Action Pack support for 1 YAML type...

7.5AI score
Exploits0References7
OSV
OSV
added 2013/04/09 8:55 p.m.4 views

DEBIAN-CVE-2013-1800

The crack gem 0.3.1 and earlier for Ruby does not properly restrict casts of string values, which might allow remote attackers to conduct object-injection attacks and execute arbitrary code, or cause a denial of service memory and CPU consumption by leveraging Action Pack support for 1 YAML type...

7.5CVSS9.3AI score0.04952EPSS
Exploits1References1
Prion
Prion
added 2013/04/09 8:55 p.m.45 views

Type confusion

The crack gem 0.3.1 and earlier for Ruby does not properly restrict casts of string values, which might allow remote attackers to conduct object-injection attacks and execute arbitrary code, or cause a denial of service memory and CPU consumption by leveraging Action Pack support for 1 YAML type...

7.5CVSS7.7AI score0.99449EPSS
Exploits22References6Affected Software1
OSV
OSV
added 2013/04/09 8:55 p.m.5 views

UBUNTU-CVE-2013-1800

The crack gem 0.3.1 and earlier for Ruby does not properly restrict casts of string values, which might allow remote attackers to conduct object-injection attacks and execute arbitrary code, or cause a denial of service memory and CPU consumption by leveraging Action Pack support for 1 YAML type...

7.5CVSS6.1AI score0.04952EPSS
Exploits1References2
CVE
CVE
added 2013/04/09 8:0 p.m.118 views

CVE-2013-1800

CVE-2013-1800 concerns the crack gem for Ruby (0.3.1 and earlier). The issue arises from improper restriction of casts of string values, enabling potential object-injection and arbitrary code execution, or a denial of service, via Action Pack support for YAML type conversion or Symbol type conver...

7.5CVSS9.6AI score0.04952EPSS
Exploits1References6Affected Software1
Kitploit
Kitploit
added 2013/03/25 12:35 a.m.31 views

[Hash Kracker Console] Tool to find out the password from the Hash

Hash Kracker Console is the all-in-one command-line tool to find out the password from the Hash. Currently it supports password recovery from following popular Hash types MD5 SHA1 SHA256 SHA384 SHA512 Also it offers 4 types of Password Recovery methods based on the complexity of password Dictiona...

7.4AI score
Exploits0
RubySec
RubySec
added 2013/01/09 12:0 a.m.49 views

CVE-2013-1800 rubygem-crack: YAML parameter parsing vulnerability

The crack gem 0.3.1 and earlier for Ruby does not properly restrict casts of string values, which might allow remote attackers to conduct object-injection attacks and execute arbitrary code, or cause a denial of service memory and CPU consumption by leveraging Action Pack support for 1 YAML type...

7.5CVSS6.4AI score0.04952EPSS
Exploits1References1Affected Software1
ThreatPost
ThreatPost
added 2012/12/31 1:3 p.m.7 views

Tool Aids in Cracking Mysterious Gauss Malware Encryption

The mystery wrapped inside a riddle that is the Gauss malware’s encryption scheme may be closer to falling. Late last week, researcher Jens Steube, known as Atom, put the wraps on a tool that should bring experts closer to breaking open the encryption surrounding the espionage malware’s payload...

6.9AI score
Exploits0References4
The Hacker News
The Hacker News
added 2012/10/12 6:27 p.m.9 views

Windows 8 Security flaw : Logon Passwords Stores in Plain Text

Windows 8 is the first operating system from Microsoft to support alternative non-biometric authentication mechanisms such as Picture Password and PIN. A vulnerability discovered by a password security vendor - "Passcape" in Microsoft's Windows 8 operating system that it saves a log on password i...

6.7AI score
Exploits0
Metasploit
Metasploit
added 2012/07/15 11:55 p.m.27 views

Authentication Capture: MySQL

This module provides a fake MySQL service that is designed to capture authentication credentials. It captures challenge and response pairs that can be supplied to Cain or JtR for cracking. This module requires Metasploit: https://metasploit.com/download Current source:...

0.3AI score
Exploits0
Metasploit
Metasploit
added 2011/10/18 12:54 a.m.16 views

Oracle Password Hashdump

This module dumps the usernames and password hashes from Oracle given the proper Credentials and SID. These are then stored as creds for later cracking using auxiliary/analyze/jtroraclefast. This module supports Oracle DB versions 8i, 9i, 10g, 11g, and 12c. This module requires Metasploit:...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2011/08/12 12:0 a.m.31 views

Topsi SQL Injection

|=----=----=----=----=----=--------=| | | | /\ /\ \ /\ /\ \ | | //\ /\ \ \L\ \ \ \ \ Turki$ hackers | | \ \ \ \ \ '\ \ \ | | \ \ \ \ \ \L\ \ \ \ \ \ | | \ \ \ / \ \ \ | | // // //// | | | | | |=----=----=----=----=----=--------=|...

0.1AI score
Exploits0
The Hacker News
The Hacker News
added 2011/07/15 9:27 a.m.8 views

Armitage 07.12.11 - Updated Version

Armitage 07.12.11 - Updated Version Armitage is a graphical cyber attack management tool for Metasploit that visualizes your targets, recommends exploits, and exposes the advanced capabilities of the framework. Armitage aims to make Metasploit usable for security practitioners who understand...

6.6AI score
Exploits0
myhack58
myhack58
added 2011/05/25 12:0 a.m.22 views

Crack jsky 3.5.1 domain constraints of the method-vulnerability warning-the black bar safety net

| Recently many people add QQ ask me to, in fact I have no cracked version, is to amuse everyone play, but is actually very simple you can hack domain name restrictions of the method Official download address: the trial version I was the first to open as Shadow Defender is such a shadow system,...

1.1AI score
Exploits0
The Hacker News
The Hacker News
added 2011/04/11 1:15 p.m.16 views

Sqlmap v.0.9 - automatic SQL injection and database takeover tool !

Sqlmap v.0.9 - automatic SQL injection and database takeover tool ! sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a kick-ass detection engine, many niche features for...

8.2AI score
Exploits0
The Hacker News
The Hacker News
added 2011/04/06 1:7 p.m.8 views

ZeuS Source Code Leaked, Available for Sale !

ZeuS Source Code Leaked, Available for Sale ! The source is C++ and supposedly contains everything. The seller is asking for 5500 WebMoney/LibertyReserve for the full source code of version 2.0.8.9. The source code has been leaked but the archive is password-protected. Now there's a race to see w...

7.2AI score
Exploits0
ThreatPost
ThreatPost
added 2010/09/17 4:59 p.m.7 views

Intel Finds BluRay HDCP Crack

Intel has confirmed Blu-ray HDCP encryption is cracked after admitting a leaked master key is the real deal. High-bandwidth Digital Content Protection HDCP copy protection technology is designed to protect high-definition video content as it travels across digital interfaces. Read the full...

1.5AI score
Exploits0References2
myhack58
myhack58
added 2010/07/17 12:0 a.m.18 views

Struts2/XWork < 2.2.0 remote execution of arbitrary code vulnerability analysis and patch-vulnerability warning-the black bar safety net

Neeao's Blog http://neeao.com/ : 1. exploit-db website on 7 month 1 4 day broke aStruts2 remote execution of arbitrary code vulnerabilityvulnerability, hazard of large, can be described as a crack shot, directly to the root, as long as the use Struts2 and webwork framework of the system for the...

0.7AI score
Exploits0
Rows per page
Query Builder