exploit the possibilities

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 25 of 218

Files from thc

THC Tips, Tricks, And Hacks Cheat Sheet 20240903

Posted Sep 3, 2024

Authored by thc | Site thc.org

This paper is a collection of THC's favorite tricks. Many of these tricks are not from them, they merely collect them. They show the tricks as-is without any explanation why they work. You need to know Linux to understand how and why they work. This is an updated copy of their data from 09/03/2024.

systems | linux

SHA-256 | 6c291ab6a834897c70f9cc2cc5395c9071af7fc9904002d87e350efb54d3f3be

Download | Favorite | View

American Fuzzy Lop plus plus 4.21c

Posted Jun 10, 2024

Authored by van Hauser, thc, Heiko Eissfeldt, Andrea Fioraldi, Dominik Maier | Site github.com

Google's American Fuzzy Lop is a brute-force fuzzer coupled with an exceedingly simple but rock-solid instrumentation-guided genetic algorithm. afl++ is a superior fork to Google's afl. It has more speed, more and better mutations, more and better instrumentation, custom module support, etc.

Changes: 21 updates to afl-fuzz, 7 updates to afl-cc, 1 update to afl-cmin, and 2 updates to afl-showmap. Fixed a shmem mmap bug. Added script generate_libtoken_dict.sh to libtokencap.

tags | tool, fuzzer

systems | unix

SHA-256 | 11f7c77d37cff6e7f65ac7cc55bab7901e0c6208e845a38764394d04ed567b30

Download | Favorite | View

Global Socket 1.4.43

Posted May 23, 2024

Authored by thc | Site thc.org

Global Socket is a tool for moving data from here to there, securely, fast, and through NAT and firewalls. It uses the Global Socket Relay Network to connect TCP pipes, has end-to-end encryption (using OpenSSL's SRP / RFC-5054), AES-256 and key exchange using 4096-bit Prime, requires no PKI, has Perfect Forward Secrecy, and TOR support.

Changes: A gcc _LARGEFILE_SOURCE fix has been applied.

tags | tool, tcp

systems | unix

SHA-256 | 078977937b6233eea0d8cf653bbdf3049072270327b44e0bc9a4e44e4a56d92f

Download | Favorite | View

American Fuzzy Lop plus plus 4.20c

Posted Apr 15, 2024

Authored by van Hauser, thc, Heiko Eissfeldt, Andrea Fioraldi, Dominik Maier | Site github.com

Google's American Fuzzy Lop is a brute-force fuzzer coupled with an exceedingly simple but rock-solid instrumentation-guided genetic algorithm. afl++ is a superior fork to Google's afl. It has more speed, more and better mutations, more and better instrumentation, custom module support, etc.

Changes: A new forkserver communication model is now introduced. AFL++ now supports up to 4 billion coverage edges, up from 6 million. There is a new compile option. 6 changes to afl-fuzz, 3 changes to afl-cc, and a few other updates.

tags | tool, fuzzer

systems | unix

SHA-256 | 855ddefbe9c88911146c1b7cb50dc5423b7623a7a59343f34f31bf038a865a24

Download | Favorite | View

American Fuzzy Lop plus plus 4.10c

Posted Feb 5, 2024

Authored by van Hauser, thc, Heiko Eissfeldt, Andrea Fioraldi, Dominik Maier | Site github.com

Google's American Fuzzy Lop is a brute-force fuzzer coupled with an exceedingly simple but rock-solid instrumentation-guided genetic algorithm. afl++ is a superior fork to Google's afl. It has more speed, more and better mutations, more and better instrumentation, custom module support, etc.

Changes: 3 changes to afl-fuzz, 3 changes to afl-cc, 6 changes to instrumentation, 1 change to qemu_mode, and a few other updates.

tags | tool, fuzzer

systems | unix

SHA-256 | c9a43894b87502a5f69efdb97dee637c9dd4d2c5dfef1c9d79b9d406adafdb76

Download | Favorite | View

American Fuzzy Lop plus plus 4.09c

Posted Dec 15, 2023

Authored by van Hauser, thc, Heiko Eissfeldt, Andrea Fioraldi, Dominik Maier | Site github.com

Google's American Fuzzy Lop is a brute-force fuzzer coupled with an exceedingly simple but rock-solid instrumentation-guided genetic algorithm. afl++ is a superior fork to Google's afl. It has more speed, more and better mutations, more and better instrumentation, custom module support, etc.

Changes: 9 changes to afl-fuzz, 4 changes to afl-whatsup, 2 changes to instrumentation, 1 fix for frida_mode, support for AFL_FUZZER_LOOPCOUNT for afl.rs and LLVMFuzzerTestOneInput, and a few other updates.

tags | tool, fuzzer

systems | unix

SHA-256 | 2d3b2e4f066b1f3eda17faff147dfa3e4b16fba044257361aca51a2322c5122d

Download | Favorite | View

Global Socket 1.4.41

Posted Sep 25, 2023

Authored by thc | Site thc.org

Global Socket is a tool for moving data from here to there, securely, fast, and through NAT and firewalls. It uses the Global Socket Relay Network to connect TCP pipes, has end-to-end encryption (using OpenSSL's SRP / RFC-5054), AES-256 and key exchange using 4096-bit Prime, requires no PKI, has Perfect Forward Secrecy, and TOR support.

Changes: Transparent proxy detection. muslcc localtime() bug work around.

tags | tool, tcp

systems | unix

SHA-256 | 35256f0fc9b7a99eeb830d321b5976dc55f4abafc463b09e57965f8a55be4200

Download | Favorite | View

American Fuzzy Lop plus plus 4.08c

Posted Aug 10, 2023

Authored by van Hauser, thc, Heiko Eissfeldt, Andrea Fioraldi, Dominik Maier | Site github.com

Google's American Fuzzy Lop is a brute-force fuzzer coupled with an exceedingly simple but rock-solid instrumentation-guided genetic algorithm. afl++ is a superior fork to Google's afl. It has more speed, more and better mutations, more and better instrumentation, custom module support, etc.

Changes: Six changes to afl-fuzz, three to afl-cmin/afl-cmin.bash, three to afl-cc, two for frida_mode, and one for qemu_mode.

tags | tool, fuzzer

systems | unix

SHA-256 | f8d93f2343a040323b88f0d09c93be33b043bf63ba483af45510cb85aa1a2305

Download | Favorite | View

American Fuzzy Lop plus plus 4.07c

Posted Jun 13, 2023

Authored by van Hauser, thc, Heiko Eissfeldt, Andrea Fioraldi, Dominik Maier | Site github.com

Google's American Fuzzy Lop is a brute-force fuzzer coupled with an exceedingly simple but rock-solid instrumentation-guided genetic algorithm. afl++ is a superior fork to Google's afl. It has more speed, more and better mutations, more and better instrumentation, custom module support, etc.

Changes: 3 updates to afl-fuzz, 6 updates to afl-cc, 2 updates to afl-showmap, 1 update to afl-cmin + afl-cmin.bash, 1 update to qemu_mode. Two new custom mutators.

tags | fuzzer

systems | unix

SHA-256 | cdb42834359b17336047814d1c24845f606456dbe4e6aff5edac66c21aa577db

Download | Favorite | View

Hydra Network Logon Cracker 9.5

Posted Jun 13, 2023

Authored by van Hauser, thc | Site thc.org

THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.

Changes: 2 updates to http-form, 1 fix for smb2, 1 fix for smtp, and 1 fix for rdp.

tags | tool, web, imap

systems | cisco, unix

SHA-256 | 9dd193b011fdb3c52a17b0da61a38a4148ffcad731557696819d4721d1bee76b

Download | Favorite | View

American Fuzzy Lop plus plus 4.06c

Posted Apr 17, 2023

Authored by van Hauser, thc, Heiko Eissfeldt, Andrea Fioraldi, Dominik Maier | Site github.com

Google's American Fuzzy Lop is a brute-force fuzzer coupled with an exceedingly simple but rock-solid instrumentation-guided genetic algorithm. afl++ is a superior fork to Google's afl. It has more speed, more and better mutations, more and better instrumentation, custom module support, etc.

Changes: 9 updates to afl-fuzz, 7 updates to afl-cc, 2 updates to qemu_mode, 2 updates to frida_mode. Multiple general bug fixes.

tags | tool, fuzzer

systems | unix

SHA-256 | 98ef9d9a1eee10b1642067700a3ea2ff87ee7aa6ca4a15cb924053c41d119423

Download | Favorite | View

Global Socket 1.4.40

Posted Mar 28, 2023

Authored by thc | Site thc.org

Global Socket is a tool for moving data from here to there, securely, fast, and through NAT and firewalls. It uses the Global Socket Relay Network to connect TCP pipes, has end-to-end encryption (using OpenSSL's SRP / RFC-5054), AES-256 and key exchange using 4096-bit Prime, requires no PKI, has Perfect Forward Secrecy, and TOR support.

Changes: Removed ugly SSL error during valid exit from shell.

tags | tool, tcp

systems | unix

SHA-256 | 628e139e7f12c2e5cac243778c3fe428c878aaf690e64cf650e0be14915eee1e

Download | Favorite | View

American Fuzzy Lop plus plus 4.05c

Posted Jan 6, 2023

Authored by van Hauser, thc, Heiko Eissfeldt, Andrea Fioraldi, Dominik Maier | Site github.com

Google's American Fuzzy Lop is a brute-force fuzzer coupled with an exceedingly simple but rock-solid instrumentation-guided genetic algorithm. afl++ is a superior fork to Google's afl. It has more speed, more and better mutations, more and better instrumentation, custom module support, etc.

Changes: 3 updates to afl-fuzz, one update to afl-showmap/afl-cmin, unicorn_mode updated, updated rust custom mutator dependencies and LibAFL custom mutator, and several minor bugfixes. Some libraries stopped working on macOS.

tags | tool, fuzzer

systems | unix

SHA-256 | 5a2a7e94690771e2d80d2b30a72352e16bcc14f2cfff6d6fc1fd67f0ce2a9d3b

Download | Favorite | View

Global Socket 1.4.39

Posted Dec 14, 2022

Authored by thc | Site thc.org

Global Socket is a tool for moving data from here to there, securely, fast, and through NAT and firewalls. It uses the Global Socket Relay Network to connect TCP pipes, has end-to-end encryption (using OpenSSL's SRP / RFC-5054), AES-256 and key exchange using 4096-bit Prime, requires no PKI, has Perfect Forward Secrecy, and TOR support.

Changes: -t flag to check for listening peer, software emulation of PTY if /dev/ptmx is unavailable, and keepalive improvement for port 443 added.

tags | tool, tcp

systems | unix

SHA-256 | 2042b3773e03285939fe7f0d0597a77c8d4958644b1d8a366cc71d384f1e5c30

Download | Favorite | View

American Fuzzy Lop plus plus 4.04c

Posted Oct 11, 2022

Authored by van Hauser, thc, Heiko Eissfeldt, Andrea Fioraldi, Dominik Maier | Site github.com

Google's American Fuzzy Lop is a brute-force fuzzer coupled with an exceedingly simple but rock-solid instrumentation-guided genetic algorithm. afl++ is a superior fork to Google's afl. It has more speed, more and better mutations, more and better instrumentation, custom module support, etc.

Changes: Fixed gramatron and grammar_mutator build scripts. Enhancements to the afl-persistent-config and afl-system-config scripts. Forced writing all stats on exit for afl-fuzz. Make gcc_mode (afl-gcc-fast) work with gcc down to version 3.6 for afl-cc. Fixed 10x speed degradation in v4.03c and added qemu_mode/fastexit helper library for qemu_mode. Enabled tricore arch and updated Capstone version in Rust bindings for unicorn_mode. AFL runtime will always pass inputs via shared memory, when possible, ignoring the command line in llvm-mode.

tags | tool, fuzzer

systems | unix

SHA-256 | 979ae35bc9a06f5283240955762ac69ea91f36a519ec6521b4ee48d2bcea53c2

Download | Favorite | View

American Fuzzy Lop plus plus 4.03c

Posted Sep 21, 2022

Authored by van Hauser, thc, Heiko Eissfeldt, Andrea Fioraldi, Dominik Maier | Site github.com

Google's American Fuzzy Lop is a brute-force fuzzer coupled with an exceedingly simple but rock-solid instrumentation-guided genetic algorithm. afl++ is a superior fork to Google's afl. It has more speed, more and better mutations, more and better instrumentation, custom module support, etc.

Changes: 2 changes to afl-fuzz. 6 changes to afl-cc. 1 change to qemu_mode. 3 changes to unicorn_mode. A handful of other changes as well.

tags | tool, fuzzer

systems | unix

SHA-256 | 22b6f9a7627fe44c2fef014a485af2e8dbb971d22884e9ed86c9286b93ccbd1e

Download | Favorite | View

Hydra Network Logon Cracker 9.4

Posted Sep 8, 2022

Authored by van Hauser, thc | Site thc.org

THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.

Changes: Switched from pcre/pcre3 to pcre2 as pcre/pcre3 will be dropped from Debian. Small fix for weird RTSP servers. Added "2=" optional parameter to http-post-form module to tell hydra that a "302" HTTP return code means success. Replaced wait3 with waitpid for better compatibility.

tags | tool, web, imap

systems | cisco, unix

SHA-256 | c906e2dd959da7ea192861bc4bccddfed9bc1799826f7600255f57160fd765f8

Download | Favorite | View

American Fuzzy Lop plus plus 4.02c

Posted Aug 8, 2022

Authored by van Hauser, thc, Heiko Eissfeldt, Andrea Fioraldi, Dominik Maier | Site github.com

Google's American Fuzzy Lop is a brute-force fuzzer coupled with an exceedingly simple but rock-solid instrumentation-guided genetic algorithm. afl++ is a superior fork to Google's afl. It has more speed, more and better mutations, more and better instrumentation, custom module support, etc.

Changes: In afl-cc, an important fix was added for the default pcguard mode when LLVM IR vector selects are produced. frida_mode now works on Android. A few additional bug fixes.

tags | tool, fuzzer

systems | unix

SHA-256 | 55bf55c23ad3af98ba8b098c490b16c7d59a4f5cf7ca284cdbc46d065973c862

Download | Favorite | View

Global Socket 1.4.38

Posted Jul 18, 2022

Authored by thc | Site thc.org

Global Socket is a tool for moving data from here to there, securely, fast, and through NAT and firewalls. It uses the Global Socket Relay Network to connect TCP pipes, has end-to-end encryption (using OpenSSL's SRP / RFC-5054), AES-256 and key exchange using 4096-bit Prime, requires no PKI, has Perfect Forward Secrecy, and TOR support.

Changes: Fixed LD_PRELOAD feature for OSX. Minor bug fixes.

tags | tool, tcp

systems | unix

SHA-256 | 6d336ad00e83873e2bdef0880f0488b9ad9085b89f459019665fb03a6a5e42bb

Download | Favorite | View

Global Socket 1.4.37

Posted Jul 4, 2022

Authored by thc | Site thc.org

Global Socket is a tool for moving data from here to there, securely, fast, and through NAT and firewalls. It uses the Global Socket Relay Network to connect TCP pipes, has end-to-end encryption (using OpenSSL's SRP / RFC-5054), AES-256 and key exchange using 4096-bit Prime, requires no PKI, has Perfect Forward Secrecy, and TOR support.

Changes: OpenWRT shenanigans.

tags | tool, tcp

systems | unix

SHA-256 | 0c246a23964f65220f171fb5fb32f9599d9fd5c6b1251bd8b3a4e7869fb3669f

Download | Favorite | View

Global Socket 1.4.36

Posted Jun 29, 2022

Authored by thc | Site thc.org

Global Socket is a tool for moving data from here to there, securely, fast, and through NAT and firewalls. It uses the Global Socket Relay Network to connect TCP pipes, has end-to-end encryption (using OpenSSL's SRP / RFC-5054), AES-256 and key exchange using 4096-bit Prime, requires no PKI, has Perfect Forward Secrecy, and TOR support.

Changes: shutdown() bug fixes added and default port is now tcp/443.

tags | tool, tcp

systems | unix

SHA-256 | ff1d344181d05c6949bd3827a7fefc475615242c6e03537e048ae910d550222e

Download | Favorite | View

American Fuzzy Lop plus plus 4.01c

Posted Jun 28, 2022

Authored by van Hauser, thc, Heiko Eissfeldt, Andrea Fioraldi, Dominik Maier | Site github.com

Google's American Fuzzy Lop is a brute-force fuzzer coupled with an exceedingly simple but rock-solid instrumentation-guided genetic algorithm. afl++ is a superior fork to Google's afl. It has more speed, more and better mutations, more and better instrumentation, custom module support, etc.

Changes: New custom_mutator libafl with token fuzzing. A dozen changes made to afl-fuzz, four changes to afl-cc, and a few additional updates to other functionality.

tags | tool, fuzzer

systems | unix

SHA-256 | 4a0b42a62272c8f07cfba8f5f2fc43a5c072a30d0dbee47732bb2f06ecd7e44f

Download | Favorite | View

Hydra Network Logon Cracker 9.3

Posted Feb 3, 2022

Authored by van Hauser, thc | Site thc.org

THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.

Changes: Added support for Xcode compilation and new module cobaltstrike. Fixed ssh to support -M or ip/rangeix, rdp to detect empty passwords, http-form to no send empty headers, http on non-default ports when using with a proxy for vnc/cisco/, support IPv6 addresses in -M, and more.

tags | tool, web, imap

systems | cisco, unix

SHA-256 | 3977221a7eb176cd100298c6d47939999a920a628868ae1aceed408a21e04013

Download | Favorite | View

American Fuzzy Lop plus plus 4.00c

Posted Jan 27, 2022

Authored by van Hauser, thc, Heiko Eissfeldt, Andrea Fioraldi, Dominik Maier | Site github.com

Google's American Fuzzy Lop is a brute-force fuzzer coupled with an exceedingly simple but rock-solid instrumentation-guided genetic algorithm. afl++ is a superior fork to Google's afl. It has more speed, more and better mutations, more and better instrumentation, custom module support, etc.

Changes: Dozens of changesincluding a complete documentation restructuring, changes to unicorn_mode, afl-fuzz, and more.

tags | tool, fuzzer

systems | unix

SHA-256 | f427294ed674e37d34a1b756a2190de17937e046ef21abb3ae37bba018a760f1

Download | Favorite | View

American Fuzzy Lop plus plus 3.14c

Posted Jul 19, 2021

Authored by van Hauser, thc, Heiko Eissfeldt, Andrea Fioraldi, Dominik Maier | Site thc.org

Google's American Fuzzy Lop is a brute-force fuzzer coupled with an exceedingly simple but rock-solid instrumentation-guided genetic algorithm. afl++ is a superior fork to Google's afl. It has more speed, more and better mutations, more and better instrumentation, custom module support, etc.

Changes: Dozens of changes applied across afl-fuzz, frida_mode, afl-cc, and other functionality.

tags | tool, fuzzer

systems | unix

SHA-256 | 36552e3aac5c390dfec4f75d0dd60dc802c3e97b8baf042aa1edb6529dba0766

Download | Favorite | View