21 matches found
CVE-2023-2673
Improper Input Validation vulnerability in PHOENIX CONTACT FL/TC MGUARD Family in multiple versions may allow UDP packets to bypass the filter rules and access the solely connected device behind the MGUARD which can be used for flooding attacks...
Hyenae-Ng - An Advanced Cross-Platform Network Packet Generator And The Successor Of Hyenae
Hyenae NG Next Generation is a re-write of the original Hyenae tool which was originally published back in the year 2010. Besides switching from C to C++, using modern design concepts, Hyenae NG was just like the original Hyenae written with maximum portability in mind. Since the original Hyenae...
Gafgyt Botnet Lifts DDoS Tricks from Mirai
Several variants of the Gafgyt Linux-based botnet malware family have incorporated code from the infamous Mirai botnet, researchers have discovered. Gafgyt a.k.a. Bashlite is a botnet that was first uncovered in 2014. It targets vulnerable internet of things IoT devices like Huawei routers, Realt...
DDoS Attacks Wane in Q4 Amid Cryptomining Resurgence
Distributed denial-of-service DDoS attacks dropped significantly at the end of 2020, down 31 percent in the fourth quarter, according to researchers. The reason? Cybercriminals have switched their efforts and their botnets to cryptomining. According to an analysis from Kaspersky published Tuesday...
CVE-2020-3560 Cisco Aironet Access Points UDP Flooding Denial of Service Vulnerability
A vulnerability in Cisco Aironet Access Points APs could allow an unauthenticated, remote attacker to cause a denial of service DoS on an affected device. The vulnerability is due to improper resource management while processing specific packets. An attacker could exploit this vulnerability by...
CVE-2020-3560 Cisco Aironet Access Points UDP Flooding Denial of Service Vulnerability
A vulnerability in Cisco Aironet Access Points APs could allow an unauthenticated, remote attacker to cause a denial of service DoS on an affected device. The vulnerability is due to improper resource management while processing specific packets. An attacker could exploit this vulnerability by...
CVE-2018-18442
D-Link DCS-825L devices with firmware 1.08 do not employ a suitable mechanism to prevent denial-of-service DoS attacks. An attacker can harm the device availability i.e., live-online video/audio streaming by using the hping3 tool to perform an IPv4 flood attack. Verified attacks includes SYN...
Design/Logic Flaw
D-Link DCS-825L devices with firmware 1.08 do not employ a suitable mechanism to prevent denial-of-service DoS attacks. An attacker can harm the device availability i.e., live-online video/audio streaming by using the hping3 tool to perform an IPv4 flood attack. Verified attacks includes SYN...
CVE-2018-18442
CVE-2018-18442 affects the D-Link DCS-825L (firmware 1.08). The vulnerability is a DoS due to insufficient input validation in the firmware, enabling a remote attacker to disrupt device availability (e.g., live video/audio streaming) via crafted or flood-like network traffic (syn/udp/icmp, includ...
Malware exploit: Legend
Type: Remote Code Execution Author: shipcod3 / Jay Turla This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule Msf::Exploit::Remote Rank = ExcellentRanking include...
Dyn DDoS Could Have Topped 1 Tbps
As more time passes, researchers are getting insight into the size and structure of the DDoS attack against DNS provider Dyn last week, and the capabilities of the Mirai botnet. First, Dyn released a truncated post-mortem on the attack with admittedly some omissions as a law enforcement...
RSPET - Python Reverse Shell and Post Exploitation Tool
RSPET Reverse Shell and Post Exploitation Tool is a Python based reverse shell equipped with functionalities that assist in a post exploitation scenario. Features Remote Command Execution Trafic masking XORed insted of cleartext; for better results use port 4431 Built-in File/Binary transfer both...
Reverse Shell Post Exploitation Tool: RSPET
RSPET Reverse Shell Post Exploitation Tool is a Python based reverse shell equipped with functionalities that assist in a post exploitation scenario. Features Remote Command Execution Trafic masking XORed insted of cleartext; for better results use port 443 Built-in File/Binary transfer both ways...
Legend Perl IRC Bot Remote Code Execution Exploit
This Metasploit module exploits a remote command execution on the Legend Perl IRC Bot . This bot has been used as a payload in the Shellshock spam last October 2014. This particular bot has functionalities like NMAP scanning, TCP, HTTP, SQL, and UDP flooding, the ability to remove system logs, an...
Legend Perl IRC Bot Remote Code Execution
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Legend Perl IRC Bot Remote Code Execution', 'Description' = %q This module exploits a remote command execution on the Legend Perl IR...
Legend Perl IRC Bot Remote Code Execution
This module exploits a remote command execution on the Legend Perl IRC Bot. This bot has been used as a payload in the Shellshock spam last October 2014. This particular bot has functionalities like NMAP scanning, TCP, HTTP, SQL, and UDP flooding, the ability to remove system logs, and ability to...
ID Software Quake 1.9 - Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/3051/info Quake is a very popular 3D first-person-shooter game from ID software. A flaw has been identified in the product's network play features which allows a maliciously designed client to prevent legitimate players...
Platform Independent Network Packet Generator: Hyenae
Platform Independent Network Packet Generator Hyenae is a highly flexible platform independent network packet generator. It allows you to reproduce several MITM, DoS and DDoS attack scenarios, comes with a clusterable remote daemon and an interactive attack assistant. Features ARP-Request floodin...
Web Servers UDP Flooding Denial of Service (CVE-2011-2013)
A denial of service vulnerability has been reported in all web servers. The vulnerability is due to the server's inability to handle multiple incoming UDP requests within a short period of time. Remote attackers may exploit this issue by rapidly sending a large number of UDP requests to the serve...
DRDoS - Distributed Reflection Denial of Service
!/usr/bin/perl written by whoppix c 2007 This Piece of software may be freely re-distributed under the Terms of the LGPL. for a short usage type ./script --help this program requires: perl, Net::RawIP depends on libpcap, Getopt::Long which should be shipped along with your perl core distribution ...