Welcome to The Forum

Register now to gain access to all of our features. Once registered and logged in, you will be able to create topics, post replies to

existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile

and so much more. This message will be removed once you have signed in.

Active Hackers

The best community of active hackers. This community has been working in hacking for more than 10 years.

 

Hacker Forum

Hacker from all countries join this community to share their knowledge and their hacking tools

    Hacking Tools

    You can find thousands of tools shared by hackers. RAT's, Bot's, Crypters FUD, Stealers, Binders, Ransomware, Mallware, Virus, Cracked Accounts, Configs, Guides, Videos and many other things.

      PRIV8

      Become a Priv8 user and access all parts of the forum without restrictions and without limit of download. It only costs 100 dollars, and it will last you for a lifetime.

      Read Rules

      In this community we follow and respect rules, and they are the same for everyone, regardless of the user's rank. Read the rules well not to be prohibited.

      Sign in to follow this  
      1337day-Exploits

      Tor Browser 7.0.8 Information Disclosure

      Recommended Posts

      This write up holds the details for the Tor Browser information disclosure vulnerability as discussed in CVE-2017-16541. Version 7.0.8 is affected.

      Hidden Content

        Give reaction to this post to see the hidden content.

      Share this post


      Link to post
      Share on other sites
      Guest
      This topic is now closed to further replies.
      Sign in to follow this  

      • Similar Content

        • By itsMe

          Hidden Content
          Give reaction to this post to see the hidden content. HawkScan
          Security Tool for Reconnaissance and Information Gathering on a website. (python 2.x & 3.x)
          This script uses “WafW00f” to detect the WAF in the first step.
          This script uses “Sublist3r” to scan subdomains.
          This script uses “waybacktool” to check in waybackmachine.
          Features
               URL fuzzing and dir/file detection
               Test backup/old file on all the files found (index.php.bak, index.php~ …)
               Check header information
               Check DNS information
               Check whois information
               User-agent random or personal
               Extract files
               Keep a trace of the scan
               Check @mail in the website and check if @mails leaked
               CMS detection + version and vulns
               Subdomain Checker
              Backup system (if the script stopped, it take again in the same place)
               WAF detection
               Add personal prefix
              Auto-update script
               Auto or personal output of scan (scan.txt)
               Check Github
              Recursive dir/file
              Scan with an authentication cookie
               Option –profil to pass profil page during the scan
               HTML report
               Work it with py2 and py3
              Add option rate-limit if the app is unstable (–timesleep)
              Check-in waybackmachine
               Response error to WAF
              Check if DataBase firebaseio exist and accessible
              Automatic threads depending on the response to a website (and reconfig if WAF detected too many times). Max: 30
               Search S3 buckets in source code page
               Testing bypass of waf if detected
               Testing if it’s possible scanning with “localhost” host
          Changelog v1.5.3
               – add setup.sh


          Hidden Content
          Give reaction to this post to see the hidden content.
        • By itsMe

          Hidden Content
          Give reaction to this post to see the hidden content. This tool gives information about the phone number that you entered.
          What IS Moriarty?
              Advanced Information Gathering And Osint Tool
              Moriarty is a tool that tries to find good information about the phone number that you provieded;
          ->Tries To Find Owner Of The Number
          ->Tries To Find Risk Level Of The Number
          ->Tries To Find Location,Time Zone Of The Number,Carrier
          ->Tries To Find Social Media Platforms That The Number Is Registered
          ->Tries To Find Links About Phone Number
          ->Tries To Find Comments About Phone Number
          ->Sends Sms To Phone Number With Amazon Aws

          Hidden Content
          Give reaction to this post to see the hidden content.
        • By dEEpEst
          We share a lot of information on the internet. Some of which is extremely personal, and we should not share it with anybody. Because this can provide us with financial and social harm, in this world of technology, anyone can access our data if he gets a little information. He can access our data that we don’t want to share. He can also access our bank account information that can provide us with financial damage. So, we have to share our personal information on the internet with great attention following are some useful tips to secure your personal information on the internet and avoid damage because of this.
          Always turn on data backup
          Update your device software regularly
          Always turn off your PC after use
          Always Protect your Password
          Delete files properly
          Always turn off Bluetooth and Wi-Fi when not in use
          Protect Your Device With Security Lock
          Reset Your Device Properly Before Selling
          Don’t share personal information on random calls, SMS, or emails
          Be careful while shopping online
          Don’t share your personal information publically on social media
          Take care of the privacy settings of your device
          Don’t add any random person to your friend list on social media sites
          Avoid using Public wifi for personal browsing and online banking.
          Always sign out from important sites
          Always use two-way authentication
          Don’t open random links on email and WhatsApp
          Turn on SMS or email service for bank transactions
          Always use antivirus for your device
          Don’t let everybody use your device
        • By itsMe

          Hidden Content
          Give reaction to this post to see the hidden content. jackdaw
          Jackdaw is here to collect all information in your domain, store it in a SQL database and show you nice graphs on how your domain objects interact with each-other a how a potential attacker may exploit these interactions. It also comes with a handy feature to help you in a password-cracking project by storing/looking up/reporting hashes/passwords/users.

          Features
          Data acquisition
          via LDAP
          LDAP enumeration phase acquires data on AD info, User, Machine, OU, Group objects which will be represented as a node in the graph, and as a separate table in the DB. Additionally, all aforementioned objects’ Security Description will be parsed and the ACLs for the DACL added to the DB. This, together with the membership information will be represented as edges in the graph. Additionally, custom SQL queries can be performed on any of the aforementioned data types when needed.
          via SMB
          SMB enumeration phase acquires data on shares, localgroups, sessions, NTLM data via connecting to each machine in the domain (which is acquired via LDAP)
          via LSASS dumps (optional)
          The framework allows users to upload LSASS memory dumps to store credentials and extend the session information table. Both will be used as additional edges in the graph (shared password and session respectively). The framework also uses this information to create a password report on weak/shared/cracked credentials.
          via DCSYNC results (optional)
          The framework allows users to upload impacket’s DCSYNC files to store credentials. This is used as additional edges in the graph (shared password). The framework also uses this information to create a password report on weak/shared/cracked credentials.
          via manual upload (optional)
          The framework allows manually extending the available DB in every aspect. Example: when user-session information on a given computer is discovered (outside of the automatic enumeration) there is a possibility to manually upload these sessions, which will populate the DB and also the resulting graph
          Graph
          The framework can generate a graph using the available information in the database and plot it via the web UI (nest). Furthermore, the graph generation and path calculations can be invoked programmatically, either by using the web API (/ui endpoint) or the graph object’s functions.
          Anomalies detection
          The framework can identify common AD misconfigurations without graph generation. Currently only via the web API.
          User
          User anomalies detection involves the detection of insecure UAC permissions and extensive user description values. This feature set is expected to grow in the future as new features will be implemented.
          Machine
          Machine anomalies detection involves detection of insecure UAC permissions, non-mandatory SMB singing, outdated OS version, out-of-domain machines. This feature set is expected to grow in the future as new features will be implemented.
          Password cracking
          The framework is not performing any cracking, only organizing the hashes and the cracking results
          currently main focus is on impacket and aiosmb’s dcsync results !NT and LM hashes only!
          Sample process is the following:
              Harvesting credentials as a text file via impacket/aiosmb or as memory dumps of the LSASS process via whatever tool you see fit.
              Upload the harvested credentials via the API
              Poll uncracked hashes via the API
              Crack them (hashcat?)
              Upload the results to the framework via the API
              Generate a report on the cracked/uncracked users and password strength and password sharing
          note from the author: This feature was implemented for both attackers and defenders. Personally I don’t see much-added value on either side since at the point one obtained the NT hash of a user it’s just as good as the password… Nonetheless, more and more companies are performing password strength exercises, and this feature would help them. As for attackers: it is just showing off at this point, but be my guest. Maybe scare management for extra points.
          Changelog v0.2.24
              new release, lot of fixes, even more features

          Hidden Content
          Give reaction to this post to see the hidden content.
        • By itsMe

          Hidden Content
          Give reaction to this post to see the hidden content. Ghost Eye is an Information Gathering Tool I made in python 3. To run Ghost Eye, it only needs a domain or ip. Ghost Eye can work with any Linux distros if they support Python 3.
          Ghost Eye gathers information data such as:
              Whois Lookup
              DNS Lookup
              EtherApe
              Nmap Port Scan
              HTTP Header Grabber
              Clickjacking Test
              Robots.txt Scanner
              Link Grabber
              IP Location Finder
              Traceroute
              Have I been pwned
              Exit

          Hidden Content
          Give reaction to this post to see the hidden content.