Advanced Network Reconnaissance Toolkit: badKarma

badKarma is a python3 GTK+ toolkit that aim to assist penetration testers during all the network infrastructure penetration testing activity phases. It allow testers to save time by having point-and-click access to their toolkits, launch them against single or multiple targets and interacte with...

docker-onion-nmap - Scan .onion hidden services with nmap using Tor, proxychains and dnsmasq in a minimal alpine Docker container

Use nmap to scan hidden "onion" services on the Tor network. Minimal image based on alpine, using proxychains to wrap nmap. Tor and dnsmasq are run as daemons via s6, and proxychains wraps nmap to use the Tor SOCKS proxy on port 9050. Tor is also configured via DNSPort to anonymously resolve DNS...

Path traversal

Untrusted search path vulnerability in ProxyChains-NG before 4.9 allows local users to gain privileges via a Trojan horse libproxychains4.so library in the current working directory, which is referenced in the LDPRELOAD path...

CVE-2015-3887

Untrusted search path vulnerability in ProxyChains-NG before 4.9 allows local users to gain privileges via a Trojan horse libproxychains4.so library in the current working directory, which is referenced in the LDPRELOAD path...

CVE-2015-3887

CVE-2015-3887 affects ProxyChains-NG up to version 4.9. The vulnerability arises from an untrusted search path: a Trojan horse library libproxychains4.so placed in the current working directory can be loaded via LD_PRELOAD, allowing local privilege escalation. Exploitation is local with no user i...

CVE-2015-3887

Untrusted search path vulnerability in ProxyChains-NG before 4.9 allows local users to gain privileges via a Trojan horse libproxychains4.so library in the current working directory, which is referenced in the LDPRELOAD path...

TorStat - Tor Statistics

Tor Statistics Requirements ProxyChains Optional - only if you need more features to work Colorama psutil Installation and execution Then you can download smap by cloning the Git repository: git clone https://github.com/suraj-root/TorStat.git cd TorStat/ proxychains python TorStat.py Demo video F...

A Red Teamer’s guide to pivoting

A Red Teamer’s guide to pivoting A Red Teamer's guide to pivoting Penetration testers often traverse logical network boundaries in order to gain access to client’s critical infrastracture. Common scenarios include developing the attack into the internal network after successful perimeter breach o...

Proxychains-ng 'LD_PRELOAD' 任意代码执行漏洞

No description provided by source...

Proxychains-ng 'LD_PRELOAD' Arbitrary Code Execution Vulnerability

Proxychains-ng is an endpoint proxy solution. An arbitrary code execution vulnerability exists in Proxychains-ng. The vulnerability can be exploited to execute arbitrary code by tricking a user into running an affected application that contains a malicious library file...

FreeBSD : proxychains-ng -- current path as the first directory for the library search path (9471ec47-05a2-11e5-8fda-002590263bf5)

Mamoru TASAKA reports : proxychains4 sets LDPRELOAD to dlopen libproxychains4.so and execvp the arbitrary command user has specified. proxychains4 sets the current directory as the first path to search libproxychains4.so %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text an...

proxychains-ng -- current path as the first directory for the library search path

Mamoru TASAKA reports: proxychains4 sets LDPRELOAD to dlopen libproxychains4.so and execvp the arbitrary command user has specified. proxychains4 sets the current directory as the first path to search libproxychains4.so...

proxychains-ng

ProxyChains is a UNIX program, that hooks network-related libc functions in DYNAMICALLY LINKED programs via a preloaded DLL dlsym, LDPRELOAD and redirects the connections through SOCKS4a/5 or HTTP proxies. It supports TCP only no UDP/ICMP etc. The way it works is basically a HACK; so it is possib...

Accellion Secure File Transfer Code Execution

, , . .' '. ', . , '. , ., , / / / \ \ ==/ /\ \ / / \ / \ / / | \ \ Y Y \ / /| / \ /||| / / /.-. / /:wq x.0 '=.|w|.=' ='"=. presents.. Accellion Secure File Transfer SFTP Satellite Remote Root Code Execution PDF:...

[Proxyp] Multithreaded Proxy Enumeration Utility

Proxyp is a small multithreaded Perl script written to enumerate latency, port numbers, server names, & geolocations of proxy IP addresses. This script started as a way to speed up use of proxychains, which is why I've added an append option for resulting live IP addresses to be placed at the end...