AV Evasion Improvements v2

This update updates AV evasion for agents generated using the binary wrapper, which is used by Package and Register, Serve Agent in Web Server, and similar executable generating modules.

AV Shell improvement

This update is to increase the realiability of AV shell module.

Trojan Agents Enhancements Rev 02

This update improves the reliability and AV Evasion of Agents generated with modules: . Package and Register Agent . Send Agent by E-Mail . Serve Agent in Web Server

Windows Debugging Subsystem Exploit Update 2

There is an authentication vulnerability in the Windows debugging subsystem (smss). This allows any user to obtain a handle with any access of any process running. With this handle an agent is injected in a SYSTEM process. The update fixes an issue with HANDLEType in win32native lib.

DHCP Server improvements

This update introduces improvements and fixes to classes related to DHCP servers.

Supported services list update

This package updates the list of network service TCP and UDP ports known to the Impact exploits framework.

TP-Link Camera Unauthenticated Remote Firmware Upgrade Exploit

The /cgi-bin/firmwareupgrade file in TP-Link IP cameras allows remote unauthenticated attackers to perform firmware upgrades. This module tries to verify if the vulnerability is present in the target device without actually upgrading its firmware.

Zavio Camera NTP Server OS Command Injection Exploit

The Zavio F3105 IP camera is vulnerable to OS command injection when the /opt/cgi/view/param binary parses the General.Time.NTP.Server configuration parameter. This vulnerability allows authenticated users to execute arbitrary code on the affected cameras.

IBM Director CIM Server Remote Code Execution Exploit update

This update resolves an issue related to the use of Impact's WebDAV server by this module.

TP-Link Camera servetest Command Injection Exploit

This module exploits an OS command injection vulnerability in the /cgi-bin/admin/servetest file of several TP-Link surveillance cameras. This vulnerability allows remote authenticated users to execute arbitrary commands on affected cameras.