Security
Headlines
HeadlinesLatestCVEs

Latest News

Oracle XML DB SID Discovery Via Brute Force

This Metasploit module attempts to retrieve the sid from the Oracle XML DB httpd server, utilizing Pete Finnigans default oracle password list.

Packet Storm
#git#oracle#pdf#auth
Oracle ISQLPlus SID Check

This Metasploit module attempts to bruteforce the SID on the Oracle application server iSQL*Plus login pages. It does this by testing Oracle error responses returned in the HTTP response. Incorrect username/pass with a correct SID will produce an Oracle ORA-01017 error. Works against Oracle 9.2, 10.1 and 10.2 iSQL*Plus. This Metasploit module will attempt to fingerprint the version and automatically select the correct POST request.

Oracle Account Discovery

This Metasploit module uses a list of well known default authentication credentials to discover easily guessed accounts.

Oracle TNS Listener SID Enumeration

This Metasploit module simply queries the TNS listener for the Oracle SID. With Oracle 9.2.0.8 and above the listener will be protected and the SID will have to be bruteforced or guessed.

Oracle TNS Listener Checker

This Metasploit module checks the server for vulnerabilities like TNS Poison. Module sends a server a packet with command to register new TNS Listener and checks for a response indicating an error. If the registration is errored, the target is not vulnerable. Otherwise, the target is vulnerable to malicious registrations.

UDP Amplification Scanner

Detect UDP endpoints with UDP amplification vulnerabilities.

URGENT/11 Scanner, Based On Detection Tool By Armis

This Metasploit module detects VxWorks and the IPnet IP stack, along with devices vulnerable to CVE-2019-12258.

Cisco IKE Information Disclosure

A vulnerability in Internet Key Exchange version 1 (IKEv1) packet processing code in Cisco IOS, Cisco IOS XE, and Cisco IOS XR Software could allow an unauthenticated, remote attacker to retrieve memory contents, which could lead to the disclosure of confidential information. The vulnerability is due to insufficient condition checks in the part of the code that handles IKEv1 security negotiation requests. An attacker could exploit this vulnerability by sending a crafted IKEv1 packet to an affected device configured to accept IKEv1 security negotiation requests. A successful exploit could allow the attacker to retrieve memory contents, which could lead to the disclosure of confidential information.

Etcd Keys API Information Gathering

This Metasploit module queries the etcd API to recursively retrieve all of the stored key value pairs. Etcd by default does not utilize authentication.

VMware Server Directory Traversal

This Metasploit modules exploits the VMware Server Directory Traversal vulnerability in VMware Server 1.x before 1.0.10 build 203137 and 2.x before 2.0.2 build 203138 on Linux, VMware ESXi 3.5, and VMware ESX 3.0.3 and 3.5 allows remote attackers to read arbitrary files. Common VMware server ports 80/8222 and 443/8333 SSL. If you want to download the entire VM, check out the gueststealer tool.