Sunday, April 26, 2020

Amnesia / Radiation Linux Botnet Targeting Remote Code Execution In CCTV DVR Samples


Reference
Amnesia / Radiation botnet samples targeting Remote Code Execution in CCTV DVR 







Download

             Other malware







Hashes


MD5SHA256SHA1
74bf554c4bc30d172cf1d73ac553d76606d30ba7c96dcaa87ac584c59748708205e813a4dffa7568c1befa52ae5f03743c40221177383da576b11a0b3f6b35d68a9cde74
5dd9056e5ab6a92e61822b6c04afd34610aa7b3863f34d340f960b89e64319186b6ffb5d2f86bf0da3f05e7dbc5d9653c865dd67853a24fd86ef74b05140827c1d5fd0bd
2b486466f4d3e30f7b22d0bc76cb68f9175fe89bbc8e44d45f4d86e0d96288e1e868524efa260ff07cb63194d04ea575ed62f6d1588bea33c20ababb42c02662d93d6015
3411bb2965f4c3d52c650aff04f48e521d8bc81acbba0fc56605f60f5a47743491d48dab43b97a40d4a7f6c21caca12a1e0281178b4a9d8dec74f50a7850867c87837435
34f915ac414e9aad2859217169f9a3aa2f9cd1d07c535aae41d5eed1f8851855b95b5b38fb6fe139b5f1ce43ed22df22d66f1e47c983a8d30ad7fd30cd08db8cd29a92b0
59e08f2ce1c3e55e2493baf36c1ad3c6327f24121d25ca818cf8414c1cc704c3004ae63a65a9128e283d64be03cdd42e90d45b81e9a97ddcc9911122f4e8fd439ccc8fa9
f4bc173bf80d922da4e755896af0db6137b2b33a8e344efcaca0abe56c6163ae64026ccef65278b232a9170ada1972affab32f8c3ce3a837e80a1d98ada41a5bf39b01e7
a253273e922ce93e2746a9791798e3fe3a595e7cc8e32071781e36bbbb680d8578ea307404ec07e3a78a030574da8f9699cfdec405f6a9f43d58b1856fce7ca3445395d3
335e322c56278e258e4d7b5e17ad98e64313af898c5e15a68616f8c40e8c7408f39e0996a9e4cc3e22e27e7aeb2f8d54504022707609a0fec9cbb21005cb0875be2a4726
93522e5f361a051f568bd1d74d901d3046ea20e3cf34d1d4cdfd797632c47396d9bdc568a75d550d208b91caa7d43a9be7fc96b2a92888572de2539f227c9a6625449f83
c86af536d87c1e5745e7d8c9f44fd25d4b0feb1dd459ade96297b361c69690ff69e97ca6ee5710c3dc6a030261ba69e06ef69a683913ae650634aedc40af8d595c45cb4f
90c7c5e257c95047dbf52bbfbe011fd64db9924decd3e578a6b7ed7476e499f8ed792202499b360204d6f5b807f881b81c3a9be6ae9300aaad00fb87d5407ed6e84ec80b
7c0528e54b086e5455ef92218ea23d035e6896b39c57d9609dc1285929b746b06e070886809692a4ac37f9e1b53b250c868abc912ff2fdcd733ff1da87e48e7d4c288a73
6405b42d2c7e42244ac73695bb7bfe6b64f03fff3ed6206337332a05ab9a84282f85a105432a3792e20711b920124707173aca65181c8da84e062c803a43a404ad49302d
6441157813de77d9849da5db9987d0bb6b2885a4f8c9d84e5dc49830abf7b1edbf1b458d8b9d2bafb680370106f93bc392dff9bdb31d3b9480d9e5f72a307715859dd094
614ea66b907314398cc14b3d2fdebe796b29b65c3886b6734df788cfc6628fbee4ce8921e3c0e8fc017e4dea2da0fd0bc7e71c42d391f9c69375505dbf3767ba967f9103
00fe3120a666a85b84500ded1af8fb61885dce73237c4d7b4d481460baffbd5694ab671197e8c285d53b551f893d6c09342ed67e08d16ab982a4012fcecdca060a5da46b
5477de039f7838dea20d3be1ae249fcb886136558ec806da5e70369ee22631bfb7fa06c27d16c987b6f6680423bc84b05b19202b45e5a58cadec8c2efa40fd924b64177d
91bf10249c5d98ea6ae11f17b6ef09708f57ec9dfba8cf181a723a6ac2f5a7f50b4550dd33a34637cf0f302c43fd0243682dab9ec3ff0b629cce4e16c9c74171dd2551d4
fb0a7e12d2861e8512a38a6cdef3ddf09351ee0364bdbb5b2ff7825699e1b1ee319b600ea0726fd9bb56d0bd6c6670cbc077c490bb22df9886475dc5bedfc6c032061024
9b7f5a1228fa66cbd35e75fb774fdc8e9c7a5239601a361b67b1aa3f19b462fd894402846f635550a1d63bee75eab0a2ae89bc6c5cc1818b3136a40961462327c3dececc
5b97d54dc5001eb7cf238292405070a6a010bf82e2c32cba896e04ec8dbff58e32eee9391f6986ab22c612165dad36a096d2194f5f3927de75605f6ca6110fe683383a01
642f523bb46c2e901416047dca1c5d4ead65c9937a376d9a53168e197d142eb27f04409432c387920c2ecfd7a0b941c8bbf667213a446bc9bc4a5a2e54e7391752e3a9b8
c617655312c573ecb01d292b320fff2eaeb480cf01696b7563580b77605558f9474c34d323b05e5e47bf43ff16b67d6ade102a6f35e08f18aa0c58358f5b22871eb0a45f
c8835a3d385162ae02bd4cb6c5ebac87b113ec41cc2fd9be9ac712410b9fd3854d7d5ad2dcaac33af2701102382d5815831eb9cf0dcd57a879c04830e54a3b85fe5d6229
1497740fa8920e4af6aa981a5b405937b13014435108b34bb7cbcef75c4ef00429b440a2adf22976c31a1645af5312528d6b90f0b88b1ad5dcc87d377e6a82dc6ac64211
5e925e315ff7a69c2f2cf1556423d5afb3d0d0e2144bd1ddd27843ef65a2fce382f6d590a8fee286fda49f807471154564fe900b3a2b030c28211404afa45703c6869dea
951ec487fb3fece58234677d7fe3e4dcbdefa773e3f09cdc409f03a09a3982f917a0cc656b306f0ece3dd1a2564a87720b03d9471522590530dd90ad30b2d235ec98b578
3e84998197fc25cbac57870e3cdeb2dec03b403d5de9778a2ec5949d869281f13976c2fc5b071e0f5f54277680c809020b9eb6d931dc6b226a913e89bb422f58228de0d0
c3a73d24df62057e299b6af183889e6bcb2382b818993ef6b8c738618cc74a39ecab243302e13fdddb02943d5ba794836a683ef6f7653e5ee64969cbbbe4403601ae9ded
d428f50a0f8cd57b0d8fe818ace6af20ce61dcfc3419ddef25e61b6d30da643a1213aa725d579221f7c2edef40ca2db39bd832256b94e43546dfb77532f6d70fcd1ce874
e1d6d4564b35bb19d2b85ca620d7b8f2d0bda184dfa31018fe999dfd9e1f99ca0ef502296c2cccf454dde30e5d3a9df9c1af00d3263893b5d23dbf38015fe3c6a92cefaf
e9502ae7b0048b9ea25dd7537818904ce7d6b3e1fba8cdf2f490031e8eb24cd515a30808cdd4aa15c2a41aa0016f80820e080ac0130ab3f7265df01b8397e4abd13c38cb
8eb34e1fb7dd9d9f0e1fef2803812759eb54dc959b3cc03fbd285cef9300c3cd2b7fe86b4adeb5ca7b098f90abb55b8a5310a99f0f8c92bfa2f8da87e60c645f2cae305a
ca0fc25ce066498031dc4ca3f72de4b8f23fecbb7386a2aa096819d857a48b853095a86c011d454da1fb8e862f2b45837f4d97eea294fc567b058b09cc915be56c2a80e1
5a2fcfff8d6aab9a0abe9ca97f6093edf6af2fa4f987df773d37d9bb44841a720817ce3817dbf1e983650b5af9295a16f4ddf49fbf23edb23f50be62637a4a688e352057
ed98e8fa385b39ca274e0de17b1007e6f7a737cb73802d54f7758afe4f9d0a7d2ea7fda4240904c0a79abae732605729a69d4c2b88bfe3a06245f8fbfb8abe5e9a894cec
320db5f1230fcfe0672c8515eb9ddcfcf7cf1e0d7756d1874630d0d697c3b0f3df0632500cff1845b6308b11059deb078d40dbf34a02dd43a81e5cdc58a0b11bfa9f5663
18d6af9211d0477f9251cf9524f898f3f97848514b63e9d655a5d554e62f9e102eb477c5767638eeec9efd5c6ad443d8b0e76be186fd609d5a8a33d59d16ffa3bdab1573

Related articles

Posted by at No comments:

ASIS CTF Quals 2015 - Sawthis Writeup - Srand Remote Prediction


The remote service ask for a name, if you send more than 64 bytes, a memory leak happens.
The buffer next to the name's is the first random value used to init the srand()


If we get this value, and set our local srand([leaked] ^ [luckyNumber]) we will be able to predict the following randoms and win the game, but we have to see few details more ;)

The function used to read the input until the byte \n appears, but also up to 64 bytes, if we trigger this second condition there is not 0x00 and the print shows the random buffer :)

The nickname buffer:



The seed buffer:



So here it is clear, but let's see that the random values are computed with several gpu instructions which are decompiled incorrectly:







We tried to predict the random and aply the gpu divisions without luck :(



There was a missing detail in this predcitor, but there are always other creative ways to do the things.
We use the local software as a predictor, we inject the leaked seed on the local binary of the remote server and got a perfect syncronization, predicting the remote random values:




The process is a bit ugly becouse we combined automated process of leak exctraction and socket interactive mode, with the manual gdb macro.




The macro:



















Related links

  1. Raspberry Hacking
  2. Tutoriales Hacking
  3. Hacking Ethical
  4. Growth Hacking
  5. Raspberry Pi Hacking
  6. Crack Definicion
  7. Hacking Iphone
  8. Hacker Blanco
  9. Hacking Day
  10. Libro De Hacking
  11. Sean Ellis Growth Hacking
Posted by at No comments:

Saturday, April 25, 2020

A Quick Guide To Selection Sorting



In this Article I'll tell you about Selection Sort
Selection sort is that type of sorting in which smallest element of a list is searched and then this number is swapped with the first element of the list and then second smallest element is searched in the list and is swapped with the second element of the list and so on i,e this "thingy" thing continues on till n-1 times (where 'n' is the number of terms).
COMPLEXITY:-
Complexity of Selection sort is O(n^2) in best case as well as in worst case.
Well selection sort is not a good sorting algorithm which you can see even from the complexity of selection sort because selection sort performs same number of comparisons even in the best case as in the worst case. Which makes it very slow.
Pseudo-code:-
sort(Arr)
for i = 0 to n-1
smallest = location of smallest number from Arr[i] to Arr[n-1]
swap Arr[i] with Arr[smallest]
/*C Program: Implementation of Selection Sort*/
#include<stdio.h>
void swap(int a[], int i, int j){
    int tmp = a[i];
    a[i] = a[j];
    a[j] = tmp;
}
void selectionSort(int a[], int l, int h){
   for(int i=l; i<h; i++){
     int small  = i;
     for(int j=i+1; j<=h; j++){
       if(a[j] < a[i]) small = j;
     }
     swap(a,i,small);
   }
}
int main(void) {
   int arr[10], n;
   printf("Enter Size of Array: ");
   scanf("%d", &n);
   printf("Enter %d elements:\n", n);
   for(int i=0; i<n; i++) scanf("%d", &arr[i]);
   selectionSort(arr, 0, n-1);
   printf("Sorted Array is as:\n");
   for(int i=0; i<n; i++) printf("%d ", arr[i]);
   printf("\n");
   return 0;
}
Related word

  1. Cracker Definicion
  2. Que Estudia Un Hacker
  3. Libros Para Aprender A Hackear
  4. Hacking Health
  5. Hacking Simulator
  6. Etica Hacker
  7. Seguridad Y Hacking
  8. Que Significa Hat
  9. Hacking To The Gate
  10. Growth Hacking Tools
Posted by at No comments:

How To Start | How To Become An Ethical Hacker

Are you tired of reading endless news stories about ethical hacking and not really knowing what that means? Let's change that!
This Post is for the people that:

  • Have No Experience With Cybersecurity (Ethical Hacking)
  • Have Limited Experience.
  • Those That Just Can't Get A Break


OK, let's dive into the post and suggest some ways that you can get ahead in Cybersecurity.
I receive many messages on how to become a hacker. "I'm a beginner in hacking, how should I start?" or "I want to be able to hack my friend's Facebook account" are some of the more frequent queries. Hacking is a skill. And you must remember that if you want to learn hacking solely for the fun of hacking into your friend's Facebook account or email, things will not work out for you. You should decide to learn hacking because of your fascination for technology and your desire to be an expert in computer systems. Its time to change the color of your hat 😀

 I've had my good share of Hats. Black, white or sometimes a blackish shade of grey. The darker it gets, the more fun you have.

If you have no experience don't worry. We ALL had to start somewhere, and we ALL needed help to get where we are today. No one is an island and no one is born with all the necessary skills. Period.OK, so you have zero experience and limited skills…my advice in this instance is that you teach yourself some absolute fundamentals.
Let's get this party started.
  •  What is hacking?
Hacking is identifying weakness and vulnerabilities of some system and gaining access with it.
Hacker gets unauthorized access by targeting system while ethical hacker have an official permission in a lawful and legitimate manner to assess the security posture of a target system(s)

 There's some types of hackers, a bit of "terminology".
White hat — ethical hacker.
Black hat — classical hacker, get unauthorized access.
Grey hat — person who gets unauthorized access but reveals the weaknesses to the company.
Script kiddie — person with no technical skills just used pre-made tools.
Hacktivist — person who hacks for some idea and leaves some messages. For example strike against copyright.
  •  Skills required to become ethical hacker.
  1. Curosity anf exploration
  2. Operating System
  3. Fundamentals of Networking
*Note this sites





More articles

  1. Sean Ellis Hacking Growth
  2. Curso De Hacking
  3. Hacking Ethical
  4. Hacking Pages
  5. Hacker Definicion
  6. Hacking Web Sql Injection
  7. Curso De Hacking Etico Gratis
  8. Hacking The System
  9. Hacking Youtube
Posted by at No comments:

FOOTPRITING AND INFORMATION GATHERING USED IN HACKING

WHAT IS FOOTPRITING AND INFORMATION GATHERING IN HACKING?

Footpriting is the technique used for gathering information about computer systems and the entities they belongs too. 
To get this information, a hacker might use various tools and technologies.

Basically it is the first step where hacker gather as much information as possible to find the way for cracking the whole system or target or atleast decide what types of attacks will be more suitable for the target.

Footpriting can be both passive and active.

Reviewing a company's website is an example of passive footprinting, 
whereas attempting to gain access to sensititve information through social engineering is an example of active information gathering.

During this phase hacking, a hacker can collect the following information>- Domain name
-IP Addresses
-Namespaces
-Employee information 
-Phone numbers
-E-mails 
Job information

Tip-You can use http://www.whois.com/ website to get detailed information about a domain name information including its owner,its registrar, date of registration, expiry, name servers owner's contact information etc.

Use of  Footprinting & Information Gathering in People Searching-
Now a days its very easy to find anyone with his/her full name in social media sites like Facebook, Instragram,Twitter,Linkdedin to gather information about date of birth,birthplace, real photos, education detail, hobbies, relationship status etc.

There are several sites like PIPL,PeekYou, Transport Sites such as mptransport,uptransport etc and Job placement Sites such as Shine.com,Naukari.com , Monster.com etc which are very useful for hacker to collect information about anyone.  
Hacker collect the information about you from your Resume which you uploaded on job placement site for seeking a job as well as  hacker collect the information from your vehicle number also from transport sites to know about the owner of vehicle, adderess etc then after they make plan how to attack on victim to earn money after know about him/her from collecting information.




INFORMATION GATHERING-It is the process of collecting the information from different places about any individual company,organization, server, ip address or person.
Most of the hacker spend his time in this process.

Information gathering plays a vital role for both investigating and attacking purposes.This is one of the best way to collect victim data and find the vulnerability and loopholes to get unauthorized modifications,deletion and unauthorized access.



Related links
  1. Hacking Traduccion
  2. Hacking Windows: Ataques A Sistemas Y Redes Microsoft
  3. Curso De Hacking Gratis
  4. Hacking Day
Posted by at No comments:

TYPES OF HACKER

7 Types of hacker 

1-Script Kiddies-They are  just download overused software & watch youtube video on how to use it. Script kiddies don't care about hacking.

2-White Hat-They are the good guys of the hacker world. They also known as Ethical Hacker.

3-Black Hat-They finds bank or other companies with weak security and steal money or credit card information. They also known as cracker. They are dangerous because they are illegal to gain unauthorized access.

4-Gray Hat-They don't steal money or information sometimes they deface a website or they don't help people for good.

5-Green Hat-These are the hacker "noobz" but unlike Script Kiddies.They care about Hacking  and strive to become full-blown hacker.

6-Red Hat-These are the vigilantes of the hacker world. They are like White Hats in that they halt Black Hats but these folks are downright SCARY to those who have ever tried so much as penetrest.

7-Blue Hat-If a Script Kiddy took revenge he/she might become a Blue Hat.Most Blue Hats are noobz.They have no desire to learn.

More articles


  1. Wargames Hacking
  2. Como Ser Hacker
  3. Hacking Pdf
  4. Hacking Udemy
  5. Como Empezar En El Hacking
  6. Hacker Definicion Informatica
  7. Master Hacking Etico
  8. Que Estudia Un Hacker
  9. Como Hackear
Posted by at No comments:

OnionDuke Samples










File attributes

Size: 219136
MD5:  28F96A57FA5FF663926E9BAD51A1D0CB

Size: 126464
MD5:  C8EB6040FD02D77660D19057A38FF769


Size: 316928
MD5:  D1CE79089578DA2D41F1AD901F7B1014


Virustotal info

https://www.virustotal.com/en/file/366affd094cc63e2c19c5d57a6866b487889dab5d1b07c084fff94262d8a390b/analysis/
SHA256: 366affd094cc63e2c19c5d57a6866b487889dab5d1b07c084fff94262d8a390b
File name: 366affd094cc63e2c19c5d57a6866b487889dab5d1b07c084fff94262d8a390b
Detection ratio: 8 / 52
Analysis date: 2014-11-15 18:37:30 UTC ( 8 hours, 44 minutes ago ) 
Antivirus Result Update
Baidu-International Trojan.Win32.Agent.adYf 20141107
F-Secure Backdoor:W32/OnionDuke.B 20141115
Ikarus Trojan.Win32.Agent 20141115
Kaspersky Backdoor.Win32.MiniDuke.x 20141115
Norman OnionDuke.A 20141115
Sophos Troj/Ransom-ALA 20141115
Symantec Backdoor.Miniduke!gen4 20141115
Tencent Win32.Trojan.Agent.Tbsl 20141115

https://www.virustotal.com/en/file/366affd094cc63e2c19c5d57a6866b487889dab5d1b07c084fff94262d8a390b/analysis/


SHA256: 366affd094cc63e2c19c5d57a6866b487889dab5d1b07c084fff94262d8a390b
File name: 366affd094cc63e2c19c5d57a6866b487889dab5d1b07c084fff94262d8a390b
Detection ratio: 8 / 52
Antivirus Result Update
Baidu-International Trojan.Win32.Agent.adYf 20141107
F-Secure Backdoor:W32/OnionDuke.B 20141115
Ikarus Trojan.Win32.Agent 20141115
Kaspersky Backdoor.Win32.MiniDuke.x 20141115
Norman OnionDuke.A 20141115
Sophos Troj/Ransom-ALA 20141115
Symantec Backdoor.Miniduke!gen4 20141115
Tencent Win32.Trojan.Agent.Tbsl 20141115

https://www.virustotal.com/en/file/0102777ec0357655c4313419be3a15c4ca17c4f9cb4a440bfb16195239905ade/analysis/
SHA256: 0102777ec0357655c4313419be3a15c4ca17c4f9cb4a440bfb16195239905ade
File name: 0102777ec0357655c4313419be3a15c4ca17c4f9cb4a440bfb16195239905ade
Detection ratio: 19 / 55
Analysis date: 2014-11-15 18:37:25 UTC ( 8 hours, 47 minutes ago ) 
Antivirus Result Update
AVware Trojan.Win32.Generic!BT 20141115
Ad-Aware Backdoor.Generic.933739 20141115
Baidu-International Trojan.Win32.OnionDuke.BA 20141107
BitDefender Backdoor.Generic.933739 20141115
ESET-NOD32 a variant of Win32/OnionDuke.A 20141115
Emsisoft Backdoor.Generic.933739 (B) 20141115
F-Secure Backdoor:W32/OnionDuke.A 20141115
GData Backdoor.Generic.933739 20141115
Ikarus Trojan.Win32.Onionduke 20141115
Kaspersky Backdoor.Win32.MiniDuke.x 20141115
McAfee RDN/Generic BackDoor!zw 20141115
McAfee-GW-Edition BehavesLike.Win32.Trojan.fh 20141114
MicroWorld-eScan Backdoor.Generic.933739 20141115
Norman OnionDuke.B 20141115
Sophos Troj/Ransom-ANU 20141115
Symantec Backdoor.Miniduke!gen4 20141115
TrendMicro BKDR_ONIONDUKE.AD 20141115
TrendMicro-HouseCall BKDR_ONIONDUKE.AD 20141115
VIPRE Trojan.Win32.Generic!BT 20141115


Related posts
Posted by at No comments:

Thursday, April 23, 2020

Trendnet Cameras - I Always Feel Like Somebody'S Watching Me.

Firstly this post requires the following song to be playing.

Now that we got that out of the way... I have been seeing posts on sites with people having fun with embedded systems/devices and I was feeling left out. I didn't really want to go out and buy a device so I looked at what was laying around. 

To start off the latest firmware for this device can be found at the following location :

First order of business was to update the camera with the most recent firmware:
Device info page confirming firmware version
Now that the device was using the same version of firmware as I was going to dive into, lets get to work. I will be using binwalk to fingerprint file headers that exist inside the firmware file. Binwalk can be downloaded from the following url: http://code.google.com/p/binwalk/

Running binwalk against the firmware file 
binwalk FW_TV-IP110W_1.1.0-104_20110325_r1006.pck 
DECIMAL   HEX       DESCRIPTION
-------------------------------------------------------------------------------------------------------
32320     0x7E40     gzip compressed data, from Unix, last modified: Thu Mar 24 22:59:08 2011, max compression
679136     0xA5CE0   gzip compressed data, was "rootfs", from Unix, last modified: Thu Mar 24 22:59:09 2011, max compression
Looks like there are two gzip files in the "pck" file. Lets carve them out using 'dd'. First cut the head off the file and save it off as '1_unk'
#dd if=FW_TV-IP110W_1.1.0-104_20110325_r1006.pck of=1_unk bs=1 count=32320
32320+0 records in
32320+0 records out
32320 bytes (32 kB) copied, 0.167867 s, 193 kB/s
Next cut out the first gzip file that was identified, we will call this file '2'
#dd if=FW_TV-IP110W_1.1.0-104_20110325_r1006.pck of=2 bs=1 skip=32320 count=646816
646816+0 records in
646816+0 records out
646816 bytes (647 kB) copied, 2.87656 s, 225 kB/s
Finally cut the last part of the file out that was identified as being a gzip file, call this file '3'
#dd if=FW_TV-IP110W_1.1.0-104_20110325_r1006.pck of=3 bs=1 skip=679136
2008256+0 records in
2008256+0 records out
2008256 bytes (2.0 MB) copied, 8.84203 s, 227 kB/s
For this post I am going to ignore files '1_unk' and '2' and just concentrate on file '3' as it contains an interesting bug :) Make a copy of the file '3' and extract it using gunzip
#file 3
3: gzip compressed data, was "rootfs", from Unix, last modified: Thu Mar 24 22:59:09 2011, max compression
#cp 3 3z.gz
#gunzip 3z.gz
gzip: 3z.gz: decompression OK, trailing garbage ignored
#file 3z
3z: Minix filesystem, 30 char names
As we can see the file '3' was a compressed Minix file system. Lets mount it and take a look around.
#mkdir cameraFS
#sudo mount -o loop -t minix 3z cameraFS/
#cd cameraFS/
#ls
bin  dev  etc  lib  linuxrc  mnt  proc  sbin  server  tmp  usr  var
There is all sorts of interesting stuff in the "/server" directory but we are going to zero in on a specific directory "/server/cgi-bin/anony/"
#cd server/cgi-bin/anony/
#ls
jpgview.htm  mjpeg.cgi  mjpg.cgi  view2.cgi
The "cgi-bin" directory is mapped to the root directory of http server of the camera, knowing this we can make a request to http://192.168.1.17/anony/mjpg.cgi and surprisingly we get a live stream from the camera. 

video stream. giving no fucks.


Now at first I am thinking, well the directory is named "anony" that means anonymous so this must be something that is enabled in the settings that we can disable.... Looking at the configuration screen you can see where users can be configured to access the camera. The following screen shows the users I have configured (user, guest)
Users configured with passwords.

Still after setting up users with passwords the camera is more than happy to let me view its video stream by making our previous request. There does not appear to be a way to disable access to the video stream, I can't really believe this is something that is intended by the manufacturer. Lets see who is out there :)

Because the web server requires authentication to access it (normally) we can use this information to fingerprint the camera easily. We can use the realm of 'netcam' to conduct our searches 
HTTP Auth with 'netcam' realm
Hopping on over to Shodan (http://www.shodanhq.com) we can search for 'netcam' and see if there is anyone out there for us to watch
9,500 results
If we check a few we can see this is limited to only those results with the realm of 'netcam' and not 'Netcam'
creepy hole in the wall

front doors to some business
Doing this manually is boring and tedious, wouldn't it be great if we could automagically walk through all 9,500 results and log the 'good' hosts.... http://consolecowboys.org/scripts/camscan.py

This python script requires the shodan api libs http://docs.shodanhq.com/ and an API key. It will crawl the shodan results and check if the device is vulnerable and log it. The only caveat here is that the shodan api.py file needs to be edited to allow for including result page offsets. I have highlighted the required changes below.
    def search(self, query,page=1):
        """Search the SHODAN database.
     
        Arguments:
        query    -- search query; identical syntax to the website
        page     -- page number of results      

        Returns:
        A dictionary with 3 main items: matches, countries and total.
        Visit the website for more detailed information.
     
        """
        return self._request('search', {'q': query,'page':page})

Last I ran this there was something like 350 vulnerable devices that were available via shodan. Enjoy.

Update: We are in no way associated with the @TRENDnetExposed twitter account.
Related links
Posted by at No comments:

Chinese Hackers Using New iPhone Hack To Spy On Uyghurs Muslims

A Chinese hacking group has been found leveraging a new exploit chain in iOS devices to install a spyware implant targeting the Uyghur Muslim minority in China's autonomous region of Xinjiang. The findings, published by digital forensics firm Volexity, reveal that the exploit — named "Insomnia" — works against iOS versions 12.3, 12.3.1, and 12.3.2 using a flaw in WebKit that was patched by

via The Hacker News
This article is the property of Tenochtitlan Offensive Security. Verlo Completo --> https://tenochtitlan-sec.blogspot.com

More articles


Posted by at No comments:

An Overview Of Exploit Packs (Update 25) May 2015


Update May 12, 2015

Added CVE-2015-0359 and updates for CVE-2015-0336


Reference table : Exploit References 2014-2015


Update March 20, 2015

Added CVE-2015-0336

------------------------
Update February 19, 2015

Added Hanjuan Exploit kit and CVE-2015-3013 for Angler 

Update January 24, 2015 
http://www.kahusecurity.com

Added CVE-2015-3010, CVE-2015-3011 for Agler and a few reference articles. 
If you notice any errors, or some CVE that need to be removed (were retired by the pack authors), please let me know. Thank you very much!


Update December 12, 2014


Update Jan 8, 2014

 This is version 20 of the exploit pack table - see the added exploit packs and vulnerabilities listed below.

                                             Exploit Pack Table Update 20                                           
  Click to view or download from Google Apps

I want to give special thanks to Kafeine  L0NGC47,  Fibon and  Curt Shaffer for their help and update they made.  Note the new Yara rules sheet / tab for yara rules for exploit kit.
I also want to thank Kahu securityKafeineMalforsec and all security companies listed in References for their research.

If you wish to be a contributor (be able to update/change the exploits or add yara rules), please contact me :)
If you have additions or corrections, please email, leave post comments, or tweet (@snowfl0w) < thank you!

The Wild Wild West image was created by Kahu Security  - It shows current and retired (retiring) kits.

List of changed kits
Gong Da / GonDad Redkit 2.2 x2o (Redkit Light)Fiesta (=Neosploit)  Cool  Styxy DotkaChef
CVE-2011-3544CVE-2013-2551CVE-2013-2465CVE-2010-0188CVE-2010-0188CVE-2012-5692
CVE-2012-0507CVE-2013-2471CVE-2013-0074/3896CVE-2011-3402CVE-2013-1493
CVE-2012-1723CVE-2013-1493CVE-2013-0431
CVE-2013-0431
CVE-2013-2423
CVE-2012-1889CVE-2013-2460CVE-2013-0634 CVE-2013-1493
CVE-2012-4681CVE-2013-2551 CVE-2013-2423
CVE-2012-5076
CVE-2013-0422
CVE-2013-0634
CVE-2013-2465



Angler FlashPack = SafePack White Lotus Magnitude (Popads)Nuclear 3.x Sweet Orange 
CVE-2013-0074/3896CVE-2013-0074/3896CVE-2011-3544CVE-2011-3402CVE-2010-0188CVE-2013-2423
CVE-2013-0634CVE-2013-2551CVE-2013-2465CVE-2012-0507CVE-2012-1723CVE-2013-2471
CVE-2013-2551 CVE-2013-2551CVE-2013-0634CVE-2013-0422CVE-2013-2551
CVE-2013-5329CVE-2013-2460CVE-2013-2423
CVE-2013-2471 ??CVE-2013-2471CVE-2013-2460
CVE-2013-2551CVE-2013-2551

CK HiManNeutrino  Blackhole (last)Grandsoft  Private EK
CVE-2011-3544CVE-2010-0188CVE-2013-0431CVE-2013-0422CVE-2010-0188 CVE-2006-0003
CVE-2012-1889CVE-2011-3544CVE-2013-2460CVE-2013-2460CVE-2011-3544CVE-2010-0188
CVE-2012-4681CVE-2013-0634CVE-2013-2463*CVE-2013-2471CVE-2013-0422CVE-2011-3544
CVE-2012-4792*CVE-2013-2465CVE-2013-2465*and + all or someCVE-2013-2423CVE-2013-1347
CVE-2013-0422CVE-2013-2551CVE-2013-2551exploitsCVE-2013-2463CVE-2013-1493
CVE-2013-0634* switch 2463*<>2465*from the previousCVE-2013-2423
CVE-2013-3897Possibly + exploitsversionCVE-2013-2460
* removedfrom the previous
version

Sakura 1.x LightsOutGlazunov Rawin Flimkit  Cool EK (Kore-sh)Kore (formely Sibhost) 
cve-2013-2471CVE-2012-1723CVE-2013-2463CVE-2012-0507CVE-2012-1723CVE-2013-2460CVE-2013-2423
CVE-2013-2460CVE-2013-1347cve-2013-2471CVE-2013-1493CVE-2013-2423CVE-2013-2463CVE-2013-2460
and + all or someCVE-2013-1690CVE-2013-2423CVE-2013-2471CVE-2013-2463
exploitsCVE-2013-2465CVE-2013-2471
from the previous
version


Styx 4.0Cool Topic EK Nice EK
CVE-2010-0188CVE-2012-0755CVE-2013-2423CVE-2012-1723
CVE-2011-3402CVE-2012-1876
CVE-2012-1723CVE-2013-0634
CVE-2013-0422CVE-2013-2465
CVE-2013-1493cve-2013-2471
CVE-2013-2423and + all or some
CVE-2013-2460exploits
CVE-2013-2463from the previous
CVE-2013-2472version
CVE-2013-2551
Social Eng








=================================================================

The Explot Pack Table has been updated and you can view it here.

Exploit Pack Table Update 19.1  - View or Download from Google Apps

If you keep track of exploit packs and can/wish  to contribute and be able to make changes, please contact me (see email in my profile)
I want to thank L0NGC47, Fibon, and Kafeine,  Francois Paget, Eric Romang, and other researchers who sent information for their help.




Update April 28, 2013 - added CVE-2013-2423 (Released April 17, 2013) to several packs. 
Now the following packs serve the latest Java exploit (update your Java!)

  1. Styx
  2. Sweet Orange
  3. Neutrino
  4. Sakura
  5. Whitehole
  6. Cool
  7. Safe Pack
  8. Crime Boss
  9. CritX



Other changes
Updated:
  1. Whitehole
  2. Redkit
  3. Nuclear
  4. Sakura
  5. Cool Pack
  6. Blackhole
  7. Gong Da
Added:
  1. KaiXin
  2. Sibhost
  3. Popads 
  4. Alpha Pack
  5. Safe Pack
  6. Serenity
  7. SPL Pack

    There are 5 tabs in the bottom of the sheet
  1. 2011-2013
  2. References
  3. 2011 and older
  4. List of exploit kits
  5. V. 16 with older credits



March 2013
The Explot Pack Table, which has been just updated, has migrated to Google Apps - the link is below. The new format will allow easier viewing and access for those who volunteered their time to keep it up to date.

In particular, I want to thank
L0NGC47, Fibon, and Kafeine  for their help.

There are 5 tabs in the bottom of the sheet
  1. 2011-2013
  2. References
  3. 2011 and older
  4. List of exploit kits
  5. V. 16 with older credits
The updates include
  1. Neutrino  - new
  2. Cool Pack - update
  3. Sweet Orange - update
  4. SofosFO aka Stamp EK - new
  5. Styx 2.0 - new
  6. Impact - new
  7. CritXPack - new
  8. Gong Da  - update
  9. Redkit - update
  10. Whitehole - new
  11. Red Dot  - new





The long overdue Exploit pack table Update 17 is finally here. It got a colorful facelift and has newer packs (Dec. 2011-today) on a separate sheet for easier reading.
Updates / new entries for the following 13 packs have been added (see exploit listing below)


  1. Redkit 
  2. Neo Sploit
  3. Cool Pack
  4. Black hole 2.0
  5. Black hole 1.2.5
  6. Private no name
  7. Nuclear 2.2 (Update to 2.0 - actual v. # is unknown)
  8. Nuclear 2.1  (Update to 2.0 - actual v. # is unknown)
  9. CrimeBoss
  10. Grandsoft
  11. Sweet Orange 1.1 Update to 1.0 actual v. # is unknown)
  12. Sweet Orange 1.0
  13. Phoenix  3.1.15
  14. NucSoft
  15. Sakura 1.1 (Update to 1.0  actual v. # is unknown)
  16. AssocAID (unconfirmed)  






Exploit lists for the added/updated packs
AssocAID (unconfirmed)
09-'12
CVE-2011-3106
CVE-2012-1876
CVE-2012-1880
CVE-2012-3683
Unknown CVE
5


Redkit
08-'12
CVE-2010-0188
CVE-2012-0507
CVE-2012-4681
3

Neo Sploit
09-'12
CVE-2012-1723
CVE-2012-4681
2?

Cool
08-'12
CVE-2006-0003
CVE-2010-0188
CVE-2011-3402
CVE-2012-0507
CVE-2012-1723
CVE-2012-4681
5

Black hole 2.0
09-'12
CVE-2006-0003
CVE-2010-0188
CVE-2012-0507
CVE-2012-1723
CVE-2012-4681
CVE-2012-4969 promised
5

Black hole 1.2.5
08-'12
CVE-2006-0003
CVE-2007-5659 /2008-0655
CVE-2008-2992
CVE-2009-0927
CVE-2010-0188
CVE-2010-1885
CVE-2011-0559
CVE-2011-2110
CVE-2012-1723
CVE-2012-1889
CVE-2012-4681
11

Private no name
09-'12
CVE-2010-0188
CVE-2012-1723
CVE-2012-4681
3

Nuclear 2.2 (Update to 2.0 - actual v. # is unknown)
03-'12
CVE-2010-0188
CVE-2011-3544
CVE-2012-1723
CVE-2012-4681
4

Nuclear 2.1 (Update to 2.0 - actual v. # is unknown)
03-'12
CVE-2010-0188
CVE-2011-3544
CVE-2012-1723
3

CrimeBoss
09-'12
Java Signed Applet
CVE-2011-3544
CVE-2012-4681
3

Grandsoft
09-'12
CVE-2010-0188
CVE-2011-3544
2?

Sweet Orange 1.1
09-'12
CVE-2006-0003
CVE-2010-0188
CVE-2011-3544
CVE-2012-4681
4?

Sweet Orange 1.0
05-'12
CVE-2006-0003
CVE-2010-0188
CVE-2011-3544
3?

Phoenix  3.1.15
05-'12
CVE-2010-0842
CVE: 2010-0248
CVE-2011-2110
CVE-2011-2140
CVE: 2011-2371
CVE-2011-3544
CVE-2011-3659
Firefox social
CVE: 2012-0500
CVE-2012-0507
CVE-2012-0779
11

NucSoft
2012
CVE-2010-0188
CVE-2012-0507
2

Sakura 1.1
08-'12
CVE-2006-0003
CVE-2010-0806
CVE-2010-0842
CVE-2011-3544
CVE-2012-4681
5


Version 16. April 2, 2012
Thanks to Kahu security
for Wild Wild West graphic 

The full table in xls format - Version 16 can be downloaded from here. 



 










ADDITIONS AND CHANGES:

1. Blackhole Exploit Kit 1.2.3
Added:
  1. CVE-2011-0559 - Flash memory corruption via F-Secure
  2. CVE-2012-0507 - Java Atomic via Krebs on Security
  3. CVE-2011-3544 - Java Rhino  via Krebs on Security
2. Eleonore Exploit Kit 1.8.91 and above- via Kahu Security
Added:
  1. CVE-2012-0507 - Java Atomic- after 1.8.91was released
  2. CVE-2011-3544 - Java Rhino
  3. CVE-2011-3521 - Java Upd.27  see Timo HirvonenContagio, Kahu Security and Michael 'mihi' Schierl 
  4. CVE-2011-2462 - Adobe PDF U3D
Also includes
"Flash pack" (presumably the same as before)
"Quicktime" - CVE-2010-1818 ?
3. Incognito Exploit Pack v.2 and above 
there are rumors that Incognito development stopped after v.2 in 2011 and it is a different pack now. If you know, please send links or files.

Added after v.2 was released:
  1. CVE-2012-0507 - Java Atomic
See V.2 analysis via StopMalvertizing

4. Phoenix Exploit Kit v3.1 - via Malware Don't Need Coffee
Added:
  1. CVE-2012-0507 -  Java Atomic
  2. CVE-2011-3544 -  Java Rhino + Java TC (in one file)

5. Nuclear Pack v.2 - via TrustWave Spiderlabs


  1. CVE-2011-3544 Oracle Java Rhino
  2. CVE-2010-0840 JRE Trusted Method Chaining
  3. CVE-2010-0188 Acrobat Reader  – LibTIFF
  4. CVE-2006-0003 MDAC
6. Sakura Exploit Pack > v.1 via DaMaGeLaB

  1. CVE-2011-3544 - Java Rhino (It was in Exploitpack table v15, listing it to show all packs with this exploit)

7. Chinese Zhi Zhu Pack via Kahu Security and Francois Paget (McAfee)
  1. CVE-2012-0003 -  WMP MIDI 
  2. CVE-2011-1255 - IE Time Element Memory Corruption
  3. CVE-2011-2140 - Flash 10.3.183.x
  4. CVE-2011-2110 - Flash 10.3.181.x 
  5. CVE-2010-0806 - IEPeers

8. Gong Da Pack via Kahu Security 
  1. CVE-2011-2140  - Flash 10.3.183.x
  2. CVE-2012-0003 -  WMP MIDI  
  3. CVE-2011-3544 - Java Rhino 





  1. CVE-2010-0886 - Java SMB
  2. CVE-2010-0840 - JRE Trusted Method Chaining
  3. CVE-2008-2463 - Snapshot
  4. CVE-2010-0806 - IEPeers
  5. CVE-2007-5659/2008-0655 - Collab.collectEmailInfo
  6. CVE-2008-2992 - util.printf
  7. CVE-2009-0927 - getIco
  8. CVE-2009-4324 - newPlayer



Version 15. January 28, 2012

Additions - with many thanks to Kahu Security

 Hierarchy Exploit Pack
=================
CVE-2006-0003
CVE-2009-0927
CVE-2010-0094
CVE-2010-0188
CVE-2010-0806
CVE-2010-0840
CVE-2010-1297
CVE-2010-1885
CVE-2011-0611
JavaSignedApplet

Siberia Private
==========
CVE-2005-0055
CVE-2006-0003
CVE-2007-5659
CVE-2008-2463
CVE-2008-2992
CVE-2009-0075
CVE-2009-0927
CVE-2009-3867
CVE-2009-4324
CVE-2010-0806

Techno XPack
===========
CVE-2008-2992
CVE-2010-0188
CVE-2010-0842
CVE-2010-1297
CVE-2010-2884
CVE-2010-3552
CVE-2010-3654
JavaSignedApplet

"Yang Pack"
=========
CVE-2010-0806
CVE-2011-2110
CVE-2011-2140
CVE-2011-354
Version 14. January 19, 2012
Version 14 Exploit Pack table additions:

Credits for the excellent Wild Wild West (October 2011 edition) go to kahusecurity.com

With many thanks to  XyliBox (Xylitol - Steven),  Malware Intelligence blog,  and xakepy.cc for the information:

  1. Blackhole 1.2.1  (Java Rhino added, weaker Java exploits removed)
  2. Blackhole 1.2.1 (Java Skyline added)
  3. Sakura Exploit Pack 1.0  (new kid on the block, private pack)
  4. Phoenix 2.8. mini (condensed version of 2.7)
  5. Fragus Black (weak Spanish twist on the original, black colored admin panel, a few old exploits added)
If you find any errors or CVE information for packs not featured , please send it to my email (in my profile above, thank you very much) .
























 
The full table in xls format - Version 14 can be downloaded from here. 

The exploit pack table in XLSX format
The exploit pack table in csv format 

 P.S. There are always corrections and additions thanks to your feedback after the document release, come back in a day or two to check in case v.15 is out.



Version 13. Aug 20, 2011


Kahusecurity issued an updated version of their Wild Wild West graphic that will help you learn Who is Who in the world of exploit packs. You can view the full version of their post in the link above.

Version 13 exploit pack table additions:
  1. Bleeding Life 3.0
  2. Merry Christmas Pack (many thanks to kahusecurity.com)+
  3. Best Pack (many thanks to kahusecurity.com)
  4. Sava Pack (many thanks to kahusecurity.com)
  5. LinuQ 
  6. Eleonore 1.6.5
  7. Zero Pack
  8. Salo Pack (incomplete but it is also old)



List of packs in the table in alphabetical order
  1. Best Pack
  2. Blackhole Exploit 1.0
  3. Blackhole Exploit 1.1
  4. Bleeding Life 2.0
  5. Bleeding Life 3.0
  6. Bomba
  7. CRIMEPACK 2.2.1
  8. CRIMEPACK 2.2.8
  9. CRIMEPACK 3.0
  10. CRIMEPACK 3.1.3
  11. Dloader
  12. EL Fiiesta
  13. Eleonore 1.3.2
  14. Eleonore 1.4.1
  15. Eleonore 1.4.4 Moded
  16. Eleonore 1.6.3a
  17. Eleonore 1.6.4
  18. Eleonore 1.6.5
  19. Fragus 1
  20. Icepack
  21. Impassioned Framework 1.0
  22. Incognito
  23. iPack
  24. JustExploit
  25. Katrin
  26. Merry Christmas Pack
  27. Liberty  1.0.7
  28. Liberty 2.1.0*
  29. LinuQ pack
  30. Lupit
  31. Mpack
  32. Mushroom/unknown
  33. Open Source Exploit (Metapack)
  34. Papka
  35. Phoenix  2.0 
  36. Phoenix 2.1
  37. Phoenix 2.2
  38. Phoenix 2.3
  39. Phoenix 2.4
  40. Phoenix 2.5
  41. Phoenix 2.7
  42. Robopak
  43. Salo pack
  44. Sava Pack
  45. SEO Sploit pack
  46. Siberia
  47. T-Iframer
  48. Unique Pack Sploit 2.1
  49. Webattack
  50. Yes Exploit 3.0RC
  51. Zero Pack
  52. Zombie Infection kit
  53. Zopack


----------------------------------------------
Bleeding Life 3.0
New Version Ad is here 

Merry Christmas Pack
read analysis at
kahusecurity.com
  
Best Pack
read analysis at 
kahusecurity.com
 Sava Pack
read analysis at
kahusecurity.com
Eleonore 1.6.5 
[+] CVE-2011-0611
[+] CVE-2011-0559
[+] CVE-2010-4452
[-] CVE-2010-0886
Salo Pack
Old (2009), added just for
the collection


Zero Pack
62 exploits from various packs (mostly Open Source pack)
LinuQ pack
Designed to compromise linux servers using vulnerable PHPMyAdmin. Comes with DDoS bot but any kind of code can be loaded for Linux botnet creation.
LinuQ pack is PhpMyAdmin exploit pack with 4 PMA exploits based on a previous Russian version of the Romanian PMA scanner ZmEu. it is not considered to be original, unique, new, or anything special. All exploits are public and known well.


It is designed to be installed on an IRC server (like UnrealIRCD). IP ranges already listed in bios.txt can be scanned, vulnerable IPs and specific PMA vulnerabilities will be listed in vuln.txt, then the corresponding exploits can be launched against the vulnerable server. It is more like a bot using PMA vulnerabilities than exploit pack.
It is using
CVE-2009-1148 (unconfirmed)
CVE-2009-1149 (unconfirmed)
CVE-2009-1150 (unconfirmed)
CVE-2009-1151 (confirmed)



 ====================================================================
Version 12. May 26, 2011
additional changes (many thanks to kahusecurity.com)
Bomba
Papka

See the list of packs covered in the list below


The full table in xls format - Version 12 can be downloaded from here.
I want to thank everyone who sent packs and information  :)





Version 11 May 26, 2011 Changes:
    1. Phoenix2.7
    2. "Dloader" (well, dloader is a loader but the pack is  some unnamed pack http://damagelab.org/lofiversion/index.php?t=20852)
    3. nuclear pack
    4. Katrin
    5. Robopak
    6. Blackhole exploit kit 1.1.0
    7. Mushroom/unknown
    8. Open Source Exploit kit






    ====================================================================

    10. May 8, 2011 Version 10        Exploit Pack Table_V10May11
    First, I want to thank everyone who sent and posted comments for updates and corrections. 

    *** The Wild Wild West picture is from a great post about evolution of exploit packs by Kahu Security  Wild Wild West Update


     As usual, send your corrections and update lists.


    Changes:
    • Eleonore 1.6.4
    • Eleonore 1.6.3a
    • Incognito
    • Blackhole
    Go1Pack  (not included) as reported as being a fake pack, here is a gui. Here is a threatpost article referencing it as it was used for an attack 
    Also, here is another article claiming it is not a fake http://community.websense.com/blogs/securitylabs/archive/2011/04/19/Mass-Injections-Leading-to-g01pack-Exploit-Kit.aspx
    Go1 Pack CVE are reportedly
    CVE-2006-0003
    CVE-2009-0927
    CVE-2010-1423
    CVE-2010-1885
    Does anyone have this pack or see it offered for sale?

    Exploit kits I am planning to analyze and add (and/or find CVE listing for) are:

    • Open Source Exploit Kit
    • SALO
    • K0de

    Legend: 
    Black color entries by Francois Paget
    Red color entries by Gunther
    Blue color entries by Mila

    Also, here is a great presentation by Ratsoul (Donato Ferrante) about Java Exploits (http://www.inreverse.net/?p=1687)

    --------------------------------------------------------
     9.  April 5, 2011  Version 9        ExploitPackTable_V9Apr11

    It actually needs another update but I am posting it now and will issue version 10 as soon as I can.

    Changes:
    Phoenix 2.5
    IFramer
    Tornado
    Bleeding life

    Many thanks to Gunther for his contributions.
    If you wish to add some, please send your info together with the reference links. Also please feel free to send corrections if you notice any mistakes






    8. Update 8 Oct 22, 2010 Version 8 ExploitPackTable_V8Oct22-10

    Changes: 
    1. Eleonore 1.4.4 Moded added (thanks to malwareint.blogspot.com)
    2. Correction on CVE-2010-0746 in Phoenix 2.2 and 2.3. It is a mistake and the correct CVE is CVE-2010-0886 (thanks to etonshell for noticing)
    3. SEO Sploit pack added (thanks to whsbehind.blogspot.com,  evilcodecave.blogspot.com and blog.ahnlab.com)


    7. Update 7 Oct 18, 2010 Version 7 ExploitPackTable_V7Oct18-10 released
     thanks to SecNiche we have updates for Phoenix 2.4 :)
      
    We also added shorthand/slang/abbreviated names for exploits for easy matching of exploits to CVE in the future. Please send us more information re packs, exploit names that can be added in the list. Thank you!

     
    6. Update 6 Sept 27, 2010 Version 6 ExploitPackTable_V6Sept26-10 released
     Thanks to Francois Paget (McAfee) we have updates for Phoenix 2.2 and Phoenix 2.3


    5. Update 5. Sept 27, 2010 Version 5 ExploitPackTable_V5Sept26-10 released
    Added updates for Phoenix 2.1 and Crimepack 3.1.3

      
    4 Update 4  July 23, 2010  Version 4 ExploitPackTable_V4Ju23-10 released. Added a new Russian exploit kit called Zombie Infection Kit to the table. Read more at malwareview.com
    Update 3  July 7, 2010. Please read more about this on the Brian Krebs' blog Pirate Bay Hack Exposes User Booty 
    Update 2 June 27, 2010 Sorry but Impassioned Framework is back where it belongs - blue
    Update 1 June 24, 2010 Eleonore 1.4.1 columns was updated to include the correct list of the current exploits.

    Francois Paget  www.avertlabs.com kindly agreed to allow us to make additions to his Overview of Exploit Packs table published on Avertlabs (McAfee Blog)

    Many thanks to Gunther from ARTeam for his help with the update. There are a few blanks and question marks, please do no hesitate to email me if you know the answer or if you see any errors.



    Please click on the image below to expand it (it is a partial screenshot)  Impassioned Framework is tentatively marked a different color because the author claims it is a security audit tool not exploit pack. However, there was no sufficient information provided yet to validate such claims. The pack is temporarily/tentatively marked a different color. We'll keep you posted.


    Related news


    Posted by at No comments:
    Subscribe to: Posts (Atom)