Crips - IP Tools To quickly get information about IP Address's, Web Pages and DNS records

This Tools is a collection of online IP Tools that can be used to quickly get information about IP Address's, Web Pages and DNS records. Menu Whois lookup Traceroute DNS Lookup Reverse DNS Lookup GeoIP Lookup Port Scan Reverse IP Lookup INSTALL & UPDATE Exit Whois lookup Determine the registered...

Cambium ePMP1000 3.1-3.5-RC7 Command Injection

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Cambium ePMP1000 'getchart' Shell via Command Injection v3.1-3.5-RC7", 'Description' = % This module exploits an OS Command Injection vulnerabilit...

Cambium ePMP1000 3.1-3.5-RC7 Command Injection Exploit

This Metasploit module exploits an OS Command Injection vulnerability in Cambium ePMP1000 device management portal. It requires any one of the following login credentials - admin/admin, installer/installer, home/home - to set up a reverse netcat shell. The module has been tested on versions...

Unix Command Shell, Reverse TCP (stub)

Creates an interactive shell through an inbound connection stub only, no payload This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 0 include Msf::Payload::Single include...

pfSense 2.1.3-RELEASE (amd64) Remote Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'pfSense authenticated graph status RCE', 'Description' = %q pfSense, a free BSD based open source firewall distribution, version...

Vitek RCE and Information Disclosure

Subject: Vitek RCE and Information Disclosure and possible other OEM Attack vector: Remote Authentication: Anonymous no credentials needed Researcher: bashis December 2017 PoC: https://github.com/mcw0/PoC Release date: December 22, 2017 Full Disclosure: 0-day heap: Executable + Non-ASLR stack:...

Puppet Enterprise Reverse Proxy Vulnerability

Puppet is a set of configuration management tools based on client/server C/S architecture from Puppet Labs in the U.S. It can be used to manage configuration files, users, cron tasks, packages, system services, etc. Puppet Enterprise is an enterprise version. A security vulnerability exists in...

Vitek Remote Code Execution / Information Disclosure

STX Subject: Vitek RCE and Information Disclosure and possible other OEM Attack vector: Remote Authentication: Anonymous no credentials needed Researcher: bashis December 2017 PoC: https://github.com/mcw0/PoC Release date: December 22, 2017 Full Disclosure: 0-day heap: Executable + Non-ASLR stack...

ReverShellGenerator - A Tool to Generate Various Ways to Do a Reverse Shell

A tool to generate various ways to do a reverse shell. Usage example Reverse Shell fonts http://bernardodamele.blogspot.com.br/2011/09/reverse-shells-one-liners.html http://pentestmonkey.net/cheat-sheet/shells/reverse-shell-cheat-sheet Download ReverShellGenerator...

Cambium ePMP1000 'ping' Shell via Command Injection (up to v2.5)

This module exploits an OS Command Injection vulnerability in Cambium ePMP1000 device management portal. It requires any one of the following login credentials - admin/admin, installer/installer, home/home - to set up a reverse netcat shell. This module requires Metasploit:...

CVE-2015-4100

CVE-2015-4100 affects Puppet Enterprise 3.7.x and 3.8.0, where remote authenticated users can manage certificates for arbitrary nodes by abusing a client certificate trusted by the master (Certificate Authority Reverse Proxy vulnerability). The issue is rooted in how certificates are trusted/hand...

CVE-2015-4100

Puppet Enterprise 3.7.x and 3.8.0 might allow remote authenticated users to manage certificates for arbitrary nodes by leveraging a client certificate trusted by the master, aka a "Certificate Authority Reverse Proxy Vulnerability."...

Advance Android Malware Analysis Framework: Droidefense

Droidefense originally named atom: analysis through observation machine is the codename for android apps/malware analysis/reversing tool. It was built focused on security issues and tricks that malware researcher have on they every day work. For those situations on where the malware has...

Apple iOS aarch64 Command Shell, Reverse TCP Inline

Connect back to attacker and spawn a command shell This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 152 include Msf::Payload::Single include Msf::Sessions::CommandShellOptions def...

GoAhead Web Server LD_PRELOAD Arbitrary Module Load

This module triggers an arbitrary shared library load vulnerability in GoAhead web server versions between 2.5 and that have the CGI module enabled. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModu...

Automatize Obfuscation and Generation of MS Office Documents: macro_pack

The macropack is a tool used to automatize obfuscation and generation of MS Office documents for pentest, demo, and social engineering assessments. The goal of macropack is to simplify antimalware solutions bypass and automatize the process from vba generation to final Office document generation...

Retargetable Machine-Code Decompiler: RetDec

RetDec is a retargetable machine-code decompiler based on LLVM . The decompiler is not limited to any particular target architecture, operating system, or executable file format: Supported file formats: ELF, PE, Mach-O, COFF, AR archive, Intel HEX, and raw machine code. Supported architectures 32...

undertow: Long URL proxy request lead to java.nio.BufferOverflowException and DoS

It was discovered that a long URL sent to EAP 7 Server operating as a reverse proxy with default buffer sizes causes a Denial of Service...

undertow: Long URL proxy request lead to java.nio.BufferOverflowException and DoS

It was discovered that a long URL sent to EAP 7 Server operating as a reverse proxy with default buffer sizes causes a Denial of Service...

undertow: Long URL proxy request lead to java.nio.BufferOverflowException and DoS

It was discovered that a long URL sent to EAP 7 Server operating as a reverse proxy with default buffer sizes causes a Denial of Service...