SUSE SLED12 / SLES12 Security Update : python3 (SUSE-SU-2018:2696-1)

This update for python3 provides the following fixes : These security issues were fixed : CVE-2018-1061: Prevent catastrophic backtracking in the difflib.ISLINEJUNK method. An attacker could have used this flaw to cause denial of service bsc1088004. CVE-2018-1060: Prevent catastrophic backtrackin...

SUSE-SU-2018:2696-1 Security update for python3

This update for python3 provides the following fixes: These security issues were fixed: - CVE-2018-1061: Prevent catastrophic backtracking in the difflib.ISLINEJUNK method. An attacker could have used this flaw to cause denial of service bsc1088004. - CVE-2018-1060: Prevent catastrophic...

LG Smart IP Camera 1508190 - Backup File Download

Exploit Title: LG Smart IP Camera 1508190 - Backup File Download Date: 2018-09-11 Exploit Author: Ege Balci Vendor Homepage: https://www.lg.com Software version: 1310250 " exit0 print"==========================================================================" print" Exploit Title: LG Smart IP...

Linux/x86 - IPv6 Reverse TCP Shellcode Generator (94 bytes)

!/usr/bin/env python3 Exploit Title: Linux x86 IPv6 Reverse TCP Shellcode Generator 94 bytes Shellcode Author: Kevin Kirsche Shellcode Repository: https://github.com/kkirsche/SLAE/tree/master/assignment2-reverseshell Tested on: Shell on Ubuntu 18.04 with gcc 7.3.0 / Connecting to Kali 2018.2 This...

badKarma - Advanced Network Reconnaissance Toolkit

badKarma is a python3 GTK+ network infrastructure penetration testing toolkit. badKarma aim to help the tester in all the penetration testing phases information gathering, vulnerability assessment,exploitation,post-exploitation and reporting. It allow the tester to save time by having...

Ducky-Exploit - Arduino Rubber Ducky Framework

Ducky Exploit is python framework which helps as to code Digispark as Rubber Ducky. This script has been tested on KaliLinux 18.2 Ubuntu 18.04 Windows Works with both Python2 and Python3 Installation Ubuntu and Kali Usage git clone https://github.com/itsmehacker5/Ducky-Exploit.git cd Ducky-Exploi...

Important Photon OS Security Update - PHSA-2018-0178

Updates of 'strongswan', 'postgresql', 'python2', 'python3' packages of Photon OS have been released...

CMSeeK v1.0.9 - CMS Detection And Exploitation Suite (Scan WordPress, Joomla, Drupal And 100 Other CMSs)

What is a CMS? A content management system CMS manages the creation and modification of digital content. It typically supports multiple users in a collaborative environment. Some noteable examples are: WordPress, Joomla, Drupal etc. Release History - Version 1.0.9 21-08-2018 - Version 1.0.8...

Photon OS 1.0: Binutils / Httpd / Mercurial / Mysql / Net / Paramiko / Patch / Pycrypto / Python3 / Sqlite / Strongswan / Xerces PHSA-2018-1.0-0126 (deprecated)

An update of 'paramiko', 'mysql', 'mercurial', 'binutils', 'pycrypto', 'patch', 'sqlite-autoconf', 'httpd', 'python3', 'xerces-c', 'strongswan', 'net-snmp' packages of Photon OS has been released. C Tenable Network Security, Inc. @DEPRECATED@ Disabled on 2/7/2019 The descriptive text and package...

Photon OS 1.0: Openjdk / Openjre / Pycrypto / Python3 PHSA-2017-0026 (deprecated)

An update of openjdk,openjre,pycrypto,python3-pycrypto packages for PhotonOS has been released. C Tenable Network Security, Inc. @DEPRECATED@ Disabled on 2/7/2019 The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2017-0026. The text itself is...

Security fix for the ALT Linux 10 package samba version 4.8.4-alt1.S1

Aug. 14, 2018 Evgeny Sinelnikov 4.8.4-alt1.S1 - Update to summer security release - Security fixes: + CVE-2018-1139 Weak authentication protocol allowed + CVE-2018-1140 Denial of Service Attack on DNS and LDAP server + CVE-2018-10858 Insufficient input validation on client directory listing in...

CMSeeK v1.0.7 - CMS Detection And Exploitation Suite (Scan WordPress, Joomla, Drupal And 50 Other CMSs)

What is a CMS? A content management system CMS manages the creation and modification of digital content. It typically supports multiple users in a collaborative environment. Some noteable examples are: WordPress, Joomla, Drupal etc. Release History - Version 1.0.7 07-08-2018 - Version 1.0.6...

RouterSploit v3.3.0 - Exploitation Framework For Embedded Devices

The RouterSploit Framework is an open-source exploitation framework dedicated to embedded devices. It consists of various modules that aids penetration testing operations: exploits - modules that take advantage of identified vulnerabilities creds - modules designed to test credentials against...

openSUSE Security Update : sssd (openSUSE-2018-847)

This update for sssd fixes the following security issue : - CVE-2018-10852: Set stricter permissions on /var/lib/sss/pipes/sudo to prevent the disclosure of sudo rules for arbitrary users bsc1098377. This update was imported from the SUSE:SLE-15:Update update project. %NASLMINLEVEL 70300 C Tenabl...

Apfell - A macOS, Post-Exploit, Red Teaming Framework

A macOS, post-exploit, red teaming framework built with python3 and JavaScript. It's designed to provide a collaborative and user friendly interface for operators, managers, and reporting throughout mac and linux based red teaming. Details Check out thre blog post on the initial release of the...

OWTF v2.4 - Offensive Web Testing Framework

OWASP OWTF is a project focused on penetration testing efficiency and alignment of security tests to security standards like the OWASP Testing Guide v3 and v4, the OWASP Top 10, PTES and NIST so that pentesters will have more time to See the big picture and think out of the box More efficiently...

Photon OS 2.0 : Zsh / Python3 / Xerces / Mercurial / Pmd / Pycrypto / Net / Python2 / Util / Mysql / Paramiko / Binutils / Patch / Sqlite (PhotonOS-PHSA-2018-2.0-0037) (deprecated)

An update of 'mercurial', 'python2', 'zsh', 'pycrypto', 'patch', 'binutils', 'paramiko', 'httpd', 'mysql', 'xerces-c', 'util-linux', 'net-snmp', 'python3', 'sqlite' packages of Photon OS has been released. C Tenable Network Security, Inc. @DEPRECATED@ Disabled on 2/7/2019 The descriptive text and...

CMSeeK v1.0.5 - CMS Detection And Exploitation Suite

What is a CMS? A content management system CMS manages the creation and modification of digital content. It typically supports multiple users in a collaborative environment. Some noteable examples are: WordPress, Joomla, Drupal etc. Release History - Version 1.0.5 19-07-2018 - Version 1.0.4...

Seeker - Find GeoLocation With High Accuracy

Seeker utilizes HTML5, Javascript, JQuery and PHP to grab Device Information and GeoLocation with High Accuracy. Other tools and services offer IP Geolocation which is not very accurate and does not give location of user. Generally if a user accepts location permsission, Accuracy of the informati...

Monstra CMS < 3.0.4 - Cross-Site Scripting Exploit

Exploit for php platform in category web applications Title: Monstra CMS www.target.com' url = input'Target : ' print' Required admin's PHPSESSID.' PHPSESSID = input'PHPSESSID : ' pagename = input'Pagename : ' script = input'Script : ' target = 'http://' + url +...