Quantcast
Channel: TCP Files ≈ Packet Storm
Browsing latest articles
Browse All 71 View Live

Calibre 7.15.0 Python Code Injection

This Metasploit module exploits a Python code injection vulnerability in the Content Server component of Calibre version 6.9.0 through 7.15.0. Once enabled (disabled by default), it will listen in its...

View Article


DiCal-RED 4009 Missing Authentication

DiCal-RED version 4009 provides a Telnet service on TCP port 23. This service grants access to an interactive shell as the system's root user and does not require authentication.

View Article


DiCal-RED 4009 Missing Authentication

DiCal-RED version 4009 provides an FTP service on TCP port 21. This service allows anonymous access, i.e. logging in as the user "anonymous" with an arbitrary password. Anonymous users get read access...

View Article

DiCal-RED 4009 Information Disclosure

DiCal-RED version 4009 provides a network server on TCP port 2101. This service does not seem to process any input, but it regularly sends data to connected clients. This includes operation messages...

View Article

GNUnet P2P Framework 0.22.0

GNUnet is a peer-to-peer framework with focus on providing security. All peer-to-peer messages in the network are confidential and authenticated. The framework provides a transport abstraction layer...

View Article


7-Technologies IGSS 9 IGSSdataServer.exe Denial Of Service

The 7-Technologies SCADA IGSS Data Server (IGSSdataServer.exe) versions 9.0.0.10306 and below can be brought down by sending a crafted TCP packet to port 12401.

View Article

Apache mod_isapi Dangling Pointer

This Metasploit module triggers a use-after-free vulnerability in the Apache Software Foundation mod_isapi extension for versions 2.2.14 and earlier. In order to reach the vulnerable code, the target...

View Article

TCP SYN Flooder

A simple TCP SYN flooder.

View Article


Juniper JunOS Malformed TCP Option

This Metasploit module exploits a denial of service vulnerability in Juniper Networks JunOS router operating system. By sending a TCP packet with TCP option 101 set, an attacker can cause an affected...

View Article


Apache ZooKeeper Information Disclosure

Apache ZooKeeper server service runs on TCP 2181 and by default, it is accessible without any authentication. This Metasploit module targets Apache ZooKeeper service instances to extract information...

View Article

CheckPoint Firewall-1 SecuRemote Topology Service Hostname Disclosure

This Metasploit module sends a query to the port 264/TCP on CheckPoint Firewall-1 firewalls to obtain the firewall name and management station (such as SmartCenter) name via a pre-authentication...

View Article

WPAD.dat File Server

This Metasploit module generates a valid wpad.dat file for WPAD mitm attacks. Usually this module is used in combination with DNS attacks or the NetBIOS Name Service Spoofer module. Please remember as...

View Article

PhoenixContact PLC Remote START/STOP Command

PhoenixContact Programmable Logic Controllers are built upon a variant of ProConOS. Communicating using a proprietary protocol over ports TCP/1962 and TCP/41100 or TCP/20547. It allows a remote user to...

View Article


Netgear R6700v3 Unauthenticated LAN Admin Password Reset

This Metasploit module targets ZDI-20-704 (aka CVE-2020-10924), a buffer overflow vulnerability in the UPNP daemon (/usr/sbin/upnpd), on Netgear R6700v3 routers running firmware versions from V1.0.2.62...

View Article

Sielco Sistemi Winlog Remote File Access

This Metasploit module exploits a directory traversal in Sielco Sistemi Winlog. The vulnerability exists in the Runtime.exe service and can be triggered by sending a specially crafted packet to the...

View Article


FTP Bounce Port Scanner

Enumerate TCP services via the FTP bounce PORT/LIST method.

View Article

TCP SYN Port Scanner

Enumerate open TCP services using a raw SYN scan.

View Article


Titan FTP Administrative Password Disclosure

On Titan FTP servers prior to version 9.14.1628, an attacker can retrieve the username and password for the administrative XML-RPC interface, which listens on TCP Port 31001 by default, by sending an...

View Article

SurgeNews User Credentials

This Metasploit module exploits a vulnerability in the WebNews web interface of SurgeNews on TCP ports 9080 and 8119 which allows unauthenticated users to download arbitrary files from the software...

View Article

EasyCafe Server Remote File Access

This Metasploit module exploits a file retrieval vulnerability in EasyCafe Server. The vulnerability can be triggered by sending a specially crafted packet (opcode 0x43) to the 831/TCP port. This...

View Article

Ray Sharp DVR Password Retriever

This Metasploit module takes advantage of a protocol design issue with the Ray Sharp based DVR systems. It is possible to retrieve the username and password through the TCP service running on port...

View Article


Novell ZENworks Configuration Management Preboot Service Remote File Access

This Metasploit module exploits a directory traversal in the ZENworks Configuration Management. The vulnerability exists in the Preboot service and can be triggered by sending a specially crafted...

View Article


Samhain File Integrity Checker 4.5.1

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server....

View Article

GNUnet P2P Framework 0.22.1

GNUnet is a peer-to-peer framework with focus on providing security. All peer-to-peer messages in the network are confidential and authenticated. The framework provides a transport abstraction layer...

View Article

GNUnet P2P Framework 0.22.2

GNUnet is a peer-to-peer framework with focus on providing security. All peer-to-peer messages in the network are confidential and authenticated. The framework provides a transport abstraction layer...

View Article

Browsing latest articles
Browse All 71 View Live