Packet Storm - Information Security News, Files, Tools, Exploits, Advisories and Whitepapers http://packetstormsecurity.org/ en-us Mon, 28 May 2012 08:01:07 GMT 144400 http://packetstormsecurity.org/ http://www.google-analytics.com/__utm.gif?utmwv=1.3&utmn=1430595800&utmcs=ISO-8859-1&utmsr=31337x31337&utmsc=32-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=Python%20Files%u2248%20Packet%20Storm&utmhn=packetstormsecurity.org&utmr=-&utmp=%2Ffiles%2Ftags%2Fpython%2F&utmac=UA-18885198-1&utmcc=__utma%3D32867617.1430595800.1338192067.1338192067.1338192067.1%3B%2B__utmz%3D32867617.1338192067.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none) http://packetstormsecurity.org/files/113003/mobiusft-0.5.13.tar.gz http://packetstormsecurity.org/files/113003/mobiusft-0.5.13.tar.gz http://packetstormsecurity.org/files/113003/Mobius-Forensic-Toolkit-0.5.13.html Thu, 24 May 2012 02:46:01 GMT Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools. http://packetstormsecurity.org/files/112856/hulk.zip http://packetstormsecurity.org/files/112856/hulk.zip http://packetstormsecurity.org/files/112856/HULK-Http-Unbearable-Load-King.html Fri, 18 May 2012 14:31:37 GMT HULK is a web server denial of service tool written for research purposes. It is designed to generate volumes of unique and obfuscated traffic at a webserver, bypassing caching engines and therefore hitting the server's direct resource pool. http://packetstormsecurity.org/files/112855/AdminpageFinder.py.txt http://packetstormsecurity.org/files/112855/AdminpageFinder.py.txt http://packetstormsecurity.org/files/112855/Admin-Page-Finder-Script.html Fri, 18 May 2012 14:29:33 GMT This python script looks for a large amount of possible administrative interfaces on a given site. http://packetstormsecurity.org/files/112607/md5db.py.txt http://packetstormsecurity.org/files/112607/md5db.py.txt http://packetstormsecurity.org/files/112607/MD5-MySQL-Brute-Forcer.html Thu, 10 May 2012 09:11:11 GMT This is a simple python script for cracking MySQL MD5 passwords. http://packetstormsecurity.org/files/112516/sa49110.txt http://packetstormsecurity.org/files/112516/sa49110.txt http://packetstormsecurity.org/files/112516/Secunia-Security-Advisory-49110.html Tue, 08 May 2012 04:16:49 GMT Secunia Security Advisory - SUSE has issued an update for rpm and rpm-python. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a user's system. http://packetstormsecurity.org/files/112352/RHSA-2012-0529-01.txt http://packetstormsecurity.org/files/112352/RHSA-2012-0529-01.txt http://packetstormsecurity.org/files/112352/Red-Hat-Security-Advisory-2012-0529-01.html Tue, 01 May 2012 21:32:48 GMT Red Hat Security Advisory 2012-0529-01 - Red Hat Enterprise MRG is a next-generation IT infrastructure for enterprise computing. MRG offers increased performance, reliability, interoperability, and faster computing for enterprise customers. MRG Messaging is a high-speed reliable messaging distribution for Linux based on AMQP, an open protocol standard for enterprise messaging that is designed to make mission critical messaging widely available as a standard service, and to make enterprise messaging interoperable across platforms, programming languages, and vendors. MRG Messaging includes an AMQP 0-10 messaging broker; AMQP 0-10 client libraries for C++, Java JMS, and Python; as well as persistence libraries and management tools. http://packetstormsecurity.org/files/112350/RHSA-2012-0528-01.txt http://packetstormsecurity.org/files/112350/RHSA-2012-0528-01.txt http://packetstormsecurity.org/files/112350/Red-Hat-Security-Advisory-2012-0528-01.html Tue, 01 May 2012 21:31:39 GMT Red Hat Security Advisory 2012-0528-01 - Red Hat Enterprise MRG is a next-generation IT infrastructure for enterprise computing. MRG offers increased performance, reliability, interoperability, and faster computing for enterprise customers. MRG Messaging is a high-speed reliable messaging distribution for Linux based on AMQP, an open protocol standard for enterprise messaging that is designed to make mission critical messaging widely available as a standard service, and to make enterprise messaging interoperable across platforms, programming languages, and vendors. MRG Messaging includes an AMQP 0-10 messaging broker; AMQP 0-10 client libraries for C++, Java JMS, and Python; as well as persistence libraries and management tools. http://packetstormsecurity.org/files/112381/sha1db.py.txt http://packetstormsecurity.org/files/112381/sha1db.py.txt http://packetstormsecurity.org/files/112381/SHA-1-MySQL-Bruteforcer.html Mon, 30 Apr 2012 18:11:11 GMT SHA-1 MySQL database brute forcing utility. Written in Python. http://packetstormsecurity.org/files/112296/VMSA-2012-0008.txt http://packetstormsecurity.org/files/112296/VMSA-2012-0008.txt http://packetstormsecurity.org/files/112296/VMware-Security-Advisory-2012-0008.html Fri, 27 Apr 2012 20:42:35 GMT VMware Security Advisory 2012-0008 - VMware ESX updates have been created for the ESX Service Console. The ESX Service Console Operating System (COS) kernel is updated which addresses several security issues in the COS kernel. The ESX Console Operating System (COS) libxml2 rpms are updated to the following versions libxml2-2.6.26-2.1.12.el5_7.2 and libxml2-python-2.6.26-2.1.12.el5_7.2 which addresses several security issues. Various other issues have also been addressed. http://packetstormsecurity.org/files/112063/mobiusft-0.5.12.tar.gz http://packetstormsecurity.org/files/112063/mobiusft-0.5.12.tar.gz http://packetstormsecurity.org/files/112063/Mobius-Forensic-Toolkit-0.5.12.html Sat, 21 Apr 2012 00:22:35 GMT Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools. http://packetstormsecurity.org/files/111798/dsa-2449-1.txt http://packetstormsecurity.org/files/111798/dsa-2449-1.txt http://packetstormsecurity.org/files/111798/Debian-Security-Advisory-2449-1.html Thu, 12 Apr 2012 15:37:15 GMT Debian Linux Security Advisory 2449-1 - It was discovered that sqlalchemy, an SQL toolkit and object relational mapper for python, is not sanitizing input passed to the limit/offset keywords to select() as well as the value passed to select.limit()/offset(). This allows an attacker to perform SQL injection attacks against applications using sqlalchemy that do not implement their own filtering. http://packetstormsecurity.org/files/111806/sa48746.txt http://packetstormsecurity.org/files/111806/sa48746.txt http://packetstormsecurity.org/files/111806/Secunia-Security-Advisory-48746.html Thu, 12 Apr 2012 03:09:27 GMT Secunia Security Advisory - SUSE has issued an update for python-pam. This fixes a vulnerability, which can potentially be exploited by malicious people to compromise a vulnerable system. http://packetstormsecurity.org/files/111540/darkd0rk3r-0.7.py.txt http://packetstormsecurity.org/files/111540/darkd0rk3r-0.7.py.txt http://packetstormsecurity.org/files/111540/Dark-D0rk3r-0.7.html Wed, 04 Apr 2012 14:28:44 GMT Dark D0rk3r is a python script that performs dork searching and searches for local file inclusion and SQL injection errors. http://packetstormsecurity.org/files/111510/darkBing-v.0.1.py.txt http://packetstormsecurity.org/files/111510/darkBing-v.0.1.py.txt http://packetstormsecurity.org/files/111510/darkBing-SQL-Scanner-0.1.html Wed, 04 Apr 2012 01:26:41 GMT darkBing is a tool written in python that leverages bing for mining data on systems that may be susceptible to SQL injection. http://packetstormsecurity.org/files/111374/sa48635.txt http://packetstormsecurity.org/files/111374/sa48635.txt http://packetstormsecurity.org/files/111374/Secunia-Security-Advisory-48635.html Fri, 30 Mar 2012 01:49:01 GMT Secunia Security Advisory - A vulnerability has been reported in Python trytond Module, which can be exploited by malicious users to bypass certain security restrictions. http://packetstormsecurity.org/files/111346/dsa-2444-1.txt http://packetstormsecurity.org/files/111346/dsa-2444-1.txt http://packetstormsecurity.org/files/111346/Debian-Security-Advisory-2444-1.html Thu, 29 Mar 2012 23:50:01 GMT Debian Linux Security Advisory 2444-1 - It was discovered that the Tryton application framework for Python allows authenticated users to escalate their privileges by editing the Many2Many field. http://packetstormsecurity.org/files/111198/codetective-0.7.tar.bz2 http://packetstormsecurity.org/files/111198/codetective-0.7.tar.bz2 http://packetstormsecurity.org/files/111198/Codetective-0.7.html Tue, 27 Mar 2012 12:12:12 GMT Codetective is an analysis tool to determine the crypto/encoding algorithm used according to traces of its representation. It can be used as a standalone version or as a volatility plugin for memory analysis. Written in Python. http://packetstormsecurity.org/files/111044/sa48428.txt http://packetstormsecurity.org/files/111044/sa48428.txt http://packetstormsecurity.org/files/111044/Secunia-Security-Advisory-48428.html Wed, 21 Mar 2012 07:16:09 GMT Secunia Security Advisory - A vulnerability has been reported in Python mwlib Library, which can be exploited by malicious people to cause a DoS (Denial of Service). http://packetstormsecurity.org/files/111025/peerftp-dos.txt http://packetstormsecurity.org/files/111025/peerftp-dos.txt http://packetstormsecurity.org/files/111025/PeerFTP-Server-4.01-Denial-Of-Service.html Tue, 20 Mar 2012 16:22:22 GMT PeerFTP Server versions 4.01 and below remote crash proof of concept exploit. Written in Python. http://packetstormsecurity.org/files/110966/zinf-overflow.rar http://packetstormsecurity.org/files/110966/zinf-overflow.rar http://packetstormsecurity.org/files/110966/Zinf-Audio-Player-2.2.1-Buffer-Overflow.html Mon, 19 Mar 2012 22:25:48 GMT Zinf Audio Player version 2.2.1 buffer overflow exploit that creates a malicious .m3u file. Written in Python. http://packetstormsecurity.org/files/110913/pakyu_cenloder.py.txt http://packetstormsecurity.org/files/110913/pakyu_cenloder.py.txt http://packetstormsecurity.org/files/110913/Pakyu-Cenloder-Microsoft-Remote-Desktop-Denial-Of-Service.html Sat, 17 Mar 2012 01:56:18 GMT Pakyu Cenloder Microsoft Remote Desktop python denial of service exploit. http://packetstormsecurity.org/files/110712/backfuzz.tar.gz http://packetstormsecurity.org/files/110712/backfuzz.tar.gz http://packetstormsecurity.org/files/110712/Back-To-The-FUZZer-Toolkit.html Mon, 12 Mar 2012 17:22:11 GMT This tool is for fuzzing different protocols such as FTP, HTTP, IMAP, and more. It also has no-protocol plugins like a file fuzzer. Written in Python. http://packetstormsecurity.org/files/110727/sa48312.txt http://packetstormsecurity.org/files/110727/sa48312.txt http://packetstormsecurity.org/files/110727/Secunia-Security-Advisory-48312.html Mon, 12 Mar 2012 10:10:08 GMT Secunia Security Advisory - Debian has issued an update for python-pam. This fixes a vulnerability, which can potentially be exploited by malicious people to compromise a vulnerable system. http://packetstormsecurity.org/files/110722/sa48347.txt http://packetstormsecurity.org/files/110722/sa48347.txt http://packetstormsecurity.org/files/110722/Secunia-Security-Advisory-48347.html Mon, 12 Mar 2012 10:09:53 GMT Secunia Security Advisory - A vulnerability has been reported in Python, which can be exploited by malicious people to cause a DoS (Denial of Service). http://packetstormsecurity.org/files/110666/dsa-2430-1.txt http://packetstormsecurity.org/files/110666/dsa-2430-1.txt http://packetstormsecurity.org/files/110666/Debian-Security-Advisory-2430-1.html Sun, 11 Mar 2012 12:12:00 GMT Debian Linux Security Advisory 2430-1 - Markus Vervier discovered a double free in the Python interface to the PAM library, which could lead to denial of service.