mDNSResponder contains multiple memory-based vulnerabilities

Overview mDNSResponder provides unicast and multicast mDNS services on UNIX-like operating systems such as OS X. mDNSResponder version 379.27 and above prior to version 625.41.2 is vulnerable to several buffer overflow vulnerabilities, as well as a null pointer dereference. Description CWE-120:...

Pythem - Python Network/Pentesting Tool

PytheM is a python network/pentesting tool. Same has been developed in the hope that it will be useful and i don't take responsabillity of any misapplication of it. Only for GNU/Linux OS. Installation $sudo git clone https://github.com/m4n3dw0lf/PytheM/ $cd PytheM $sudo pip install -r...

Linux/x86 - /bin/nc -le /bin/sh -vp13337 Shellcode (56 bytes)

/ Linux x86 /bin/nc -le /bin/sh -vp13337 shellcode56bytes Author: Author: sajith Tested on: i686 GNU/Linux Shellcode Length: 56 SLAE - 750 Disassembly of section .text: 08048060 : 8048060: 31 c0 xor eax,eax 8048062: 50 push eax 8048063: 68 33 33 33 37 push 0x37333333 8048068: 68 2d 76 70 31 push...

Yasr Screen Reader 0.6.9 - Local Buffer Overflow

''' Exploit Author: Juan Sacco - http://www.exploitpack.com - [email protected] Program affected: General-purpose console screen reader Version: 0.6.9-5 Tested and developed under: Kali Linux 2.0 x86 - https://www.kali.org Program description: Yasr is a general-purpose console screen reader...

Yasr Screen Reader 0.6.9 - Local Buffer Overflow

Yasr Screen Reader 0.6.9 - Local Buffer Overflow ''' Exploit Author: Juan Sacco - http://www.exploitpack.com - [email protected] Program affected: General-purpose console screen reader Version: 0.6.9-5 Tested and developed under: Kali Linux 2.0 x86 - https://www.kali.org Program description:...

[SECURITY] Fedora 24 Update: torbrowser-launcher-0.2.4-1.fc24

Tor Browser Launcher is intended to make Tor Browser easier to install and use for GNU/Linux users. You install torbrowser-launcher from your distribution's package manager and it handles everything else: Downloads and installs the most recent version of Tor Browser in your lan guage and for your...

[SECURITY] Fedora 22 Update: torbrowser-launcher-0.2.4-1.fc22

Tor Browser Launcher is intended to make Tor Browser easier to install and use for GNU/Linux users. You install torbrowser-launcher from your distribution's package manager and it handles everything else: Downloads and installs the most recent version of Tor Browser in your lan guage and for your...

Adversary Resistant Computing Platform: SubgraphOS

Subgraph OS is an adversary resistant computing platform. The main purpose of Subgraph OS is to empower people to communicate, share, and collaborate without fear of surveillance and interference. What this means in practical terms is that users of Subgraph OS can safely perform their day-to-day...

IcedTea: Multiple vulnerabilities

Background IcedTea’s aim is to provide OpenJDK in a form suitable for easy configuration, compilation and distribution with the primary goal of allowing inclusion in GNU/Linux distributions. Description Various OpenJDK attack vectors in IcedTea, such as 2D, Corba, Hotspot, Libraries, and JAXP,...

ffmpeg and Libav cross-domain information disclosure vulnerability

Overview ffmpeg is a "cross-platform solution to record, convert and stream audio and video". ffmpeg is vulnerable to local file disclosure due to improper enforcement of domain restrictions when processing playlist files. Description CWE-201: Information Exposure Through Sent Data- CVE-2016-1897...

OpenSSH Client contains a client information leak vulnerability and buffer overflow

Overview OpenSSH client code versions 5.4 through 7.1p1 contains a client information leak vulnerability that could allow an OpenSSH client to leak information not limited to but including private keys, as well as a buffer overflow in certain non-default configurations. Description CWE-200:...

Dream Gallery 1.0 SQL Injection

Sql Injection on Dream Gallery v1.0 + Date: 10/01/2016 + Risk: High + CWE Number : CWE-89 + Author: Felipe Andrian Peixoto + Vendor Homepage: http://clareslab.com.br/ + Software Demo : http://clareslab.com.br/dream/ + Contact: [email protected] + Tested on: Windows 7 and Gnu/Linux + Dork:...

Phpsploit - Stealth Post-Exploitation Framework

PhpSploit is a remote control framework, aiming to provide a stealth interactive shell-like connection over HTTP between client and web server. It is a post-exploitation tool capable to maintain access to a compromised web server for privilege escalation purposes. Overview The obfuscated...

Beurk - Experimental Unix Rootkit

BEURK is an userland preload rootkit for GNU/Linux, heavily focused around anti-debugging and anti-detection. NOTE: BEURK is a recursive acronym for B EURK E xperimental U nix R oot K it Features Hide attacker files and directories Realtime log cleanup on utmp/wtmp Anti process and login detectio...

TUDU 0.82 - Local Stack-Based Buffer Overflow Exploit

Exploit for linux platform in category local exploits Exploit Author: Juan Sacco - http://www.exploitpack.com Program: tudu - Command line hierarchical ToDo list Tested on: GNU/Linux - Kali Linux 2.0 x86 Description: TUDU v0.82 and prior is prone to a stack-based buffer overflow vulnerability...

FBZX 2.10 Local Buffer Overflow

Exploit Author: Juan Sacco - http://www.exploitpack.com Program: fbzx - ZX Spectrum Emulator for X Tested on: GNU/Linux - Kali Linux 2.0 x86 Description: FBZX v2.10 and prior is prone to a stack-based buffer overflow vulnerability because the application fails to perform adequate boundary-checks ...

TACK 1.07 - Local Stack Buffer Overflow

Exploit Author: Juan Sacco - http://www.exploitpack.com Program: tack - Terminal action checker Tested on: GNU/Linux - Kali Linux 2.0 x86 Description: TACK v1.07 and prior is prone to a stack-based buffer overflow vulnerability because the application fails to perform adequate boundary-checks on...

TACK 1.07 - Local Stack Buffer Overflow

TACK 1.07 - Local Stack Buffer Overflow Exploit Author: Juan Sacco - http://www.exploitpack.com Program: tack - Terminal action checker Tested on: GNU/Linux - Kali Linux 2.0 x86 Description: TACK v1.07 and prior is prone to a stack-based buffer overflow vulnerability because the application fails...

TACK 1.07 - Local Stack-Based Buffer Overflow Exploit

Exploit for linux platform in category local exploits Exploit Author: Juan Sacco - http://www.exploitpack.com Program: tack - Terminal action checker Tested on: GNU/Linux - Kali Linux 2.0 x86 Description: TACK v1.07 and prior is prone to a stack-based buffer overflow vulnerability because the...

FBZX 2.10 - Local Stack Buffer Overflow

FBZX 2.10 - Local Stack Buffer Overflow Exploit Author: Juan Sacco - http://www.exploitpack.com Program: fbzx - ZX Spectrum Emulator for X Tested on: GNU/Linux - Kali Linux 2.0 x86 Description: FBZX v2.10 and prior is prone to a stack-based buffer overflow vulnerability because the application...