A malicious Jar file can bypass all OS X Gatekeeper warnings and protections, allowing a remote attacker to execute arbitrary unsigned code downloaded by the user. Java must be installed on the victim's machine.
12bedb80e935c14c525f7aca1139b70f471d66838a84cc908b3de4717f0877b1
Windows Credentials Editor (WCE) allows you to list logon sessions and add, change, list and delete associated credentials (ex.: LM/NT hashes). This can be used, for example, to perform pass-the-hash on Windows and also obtain NT/LM hashes from memory (credentials not stored locally including domain credentials from interactive logons, services, remote desktop connections, etc.) which can be used in further attacks. This is the universal binary.
285b752a5654ebc12d1cdde6a34f79438f321b1ba9e23e9ca345f7cd9739587b
Windows Credentials Editor (WCE) allows to list logon sessions and add, change, list and delete associated credentials (ex.: LM/NT hashes and Kerberos tickets). This can be used, for example, to perform pass-the-hash on Windows, obtain NT/LM hashes from memory (from interactive logons, services, remote desktop connections, etc.) which can be used to perform further attacks, obtain Kerberos tickets and reuse them in other Windows or Unix systems.
099e55d14489dafd73cfdfa5499d3104b38a4256c3df9a93abae54beaa077d30
Windows Credentials Editor (WCE) allows you to list logon sessions and add, change, list and delete associated credentials (ex.: LM/NT hashes). This can be used, for example, to perform pass-the-hash on Windows and also obtain NT/LM hashes from memory (credentials not stored locally including domain credentials from interactive logons, services, remote desktop connections, etc.) which can be used in further attacks.
d5947a1b05bc5936dec425b3b826c1e9cea6c3295335bf93a05f071088349b99
Flaws in Microsoft's implementation of the NTLM challenge-response authentication protocol causing the server to generate duplicate challenges/nonces and an information leak allow an unauthenticated remote attacker without any kind of credentials to access the SMB service of the target system under the credentials of an authorized user. Depending on the privileges of the user, the attacker will be able to obtain and modify files on the target system and execute arbitrary code. Proof of concept exploit included.
6b3ebf2a7a39c7c5203cde6f4027d748b138e372cc4996244b973486d32706b4
The Pass-The-Hash Toolkit contains utilities to manipulate the Windows Logon Sessions maintained by the LSA (Local Security Authority) component. These tools allow you to list the current logon sessions with its corresponding NTLM credentials (e.g.: users remotely logged in thru Remote Desktop/Terminal Services), and also change in runtime the current username, domain name, and NTLM hashes (YES, PASS-THE-HASH on Windows!).
e7bde2f898cac6acd7178cbc1b56f32a0e4c5273632a401bcd79b11e77d91c0c
The Wifizoo wireless hacking tool enables you to sniff wireless networks for MSN, FTP, SMTP, POP3 data as well as cookie data. This is a customized version of 1.3 that has a redesigned front end using XHTML and CSS.
6258235bdac87cf025e6ccf2a1649e0504283c49b952a3cc27e3d3b887424101
The Pass-The-Hash Toolkit contains utilities to manipulate the Windows Logon Sessions maintained by the LSA (Local Security Authority) component. These tools allow you to list the current logon sessions with its corresponding NTLM credentials (e.g.: users remotely logged in thru Remote Desktop/Terminal Services), and also change in runtime the current username, domain name, and NTLM hashes (YES, PASS-THE-HASH on Windows!).
13ef7b8410107d58975fc08d8936ecc0c604229ac2938a11198712cf2d2625ab
The Pass-The-Hash Toolkit contains utilities to manipulate the Windows Logon Sessions maintained by the LSA (Local Security Authority) component. These tools allow you to list the current logon sessions with its corresponding NTLM credentials (e.g.: users remotely logged in thru Remote Desktop/Terminal Services), and also change in runtime the current username, domain name, and NTLM hashes (YES, PASS-THE-HASH on Windows!). Both source tarball and binary tarballs are included.
ca44f24d0aee8b477db09c45fa6771b0c852c2cebf644dd4a756951e9808fddc
WifiZoo is a tool to passively gather wifi information. It works much along the lines of Ferret and Dsniff but is written in Python.
23dd98b4c4d4fbd943fdb64c1cd923739212b95558384e65a6bbbf73c9fd96a7
WifiZoo is a tool to passively gather wifi information. It works much along the lines of Ferret and Dsniff but is written in Python.
e99dbc67af7d8d03efa5905858b1461e5a7b116f2d99aa2b3674382bf305f37d
WifiZoo is a tool to passively gather wifi information. It works much along the lines of Ferret and Dsniff but is written in Python.
6d20942b58b0159c26031081ad1518b2af217fd3b4340e6fa98f5f1c91f5fbfb
The Pass-The-Hash Toolkit contains utilities to manipulate the Windows Logon Sessions maintained by the LSA (Local Security Authority) component. These tools allow you to list the current logon sessions with its corresponding NTLM credentials (e.g.: users remotely logged in thru Remote Desktop/Terminal Services), and also change in runtime the current username, domain name, and NTLM hashes (YES, PASS-THE-HASH on Windows!). Both source tarball and binary tarballs are included.
6be2b9d8c80c3ce8623695fe34d59e1da13a69e745c495039e6e3840b294cafd
The Pass-The-Hash Toolkit contains utilities to manipulate the Windows Logon Sessions maintained by the LSA (Local Security Authority) component. These tools allow you to list the current logon sessions with its corresponding NTLM credentials (e.g.: users remotely logged in thru Remote Desktop/Terminal Services), and also change in runtime the current username, domain name, and NTLM hashes (YES, PASS-THE-HASH on Windows!). Both source tarball and binary tarballs are included.
12647279df0a167a813e91d94627b92abe1cca879d0528921db39c1d55eb68d2
Core Security Technologies Advisory ID: CORE-2003-0305-04 - Windows NetMeeting is vulnerable to a directory traversal attack that allows remote arbitrary code execution. Vulnerable version: NetMeeting 3.01 (4.4.3385), possibly others. Fixed in Service Pack 4.
37573598836434eb829a0bd11e8ad4eae7fa6d4cbf8c3647e8d0168be675a1ea