Microsoft HK local exploit - Executes any command as SYSTEM, as described in MS01-003. Good for recovering lost admin rights. Includes C source and binary.
c304bfd8147a60c82839eaa4930b067aThis is wuftpd2.6.0x and qpop2.1.4 exploit ported to PHP. Even php in safe mode can not stop this script from working. Webhosting providers who provide PHP need to be careful.
3b84eccc265a9360ac00d4e6a518d991Unicode_shell.pl is an exploit for the IIS unicode bug which allows you to enter commands as if in a cmd.exe shell and uses 20 different URL's to check for the vulnerability.
2fe5c09d88a363ca4fa10754b99b24caPacket Storm new exploits for January, 2001.
529b73bf0d83aa85bfa82f9b57548e48Bind-tsig.c is a trojan which pretends to be a Bind 8 exploit, but actually attacks dns1.nai.com.
cd4a8638d718185f1f26451e0817ef66The Progress Database Server v8.x and 9.x for Unix has several locally exploitable buffer overflows which can allow arbitrary code to run as root. Proof of concept exploit attached.
d02e5d8479bbefc220465668d82b3f20Naptha v1.1 is a denial of service attack against many OS's which uses established TCP connections to create a resource starvation attack. Includes three tools - bogusarp makes a bogus entry in the router's arp cache so it actually puts packets with our faked source address on the Ethernet, synsend, and srvr which replaces ackfin from Naptha 1.0. Tested against Windows 95, 98 and NT4 and more. Compiles on Linux 2.2.x, OpenBSD 2.7, FreeBSD 4.0.
9e461df6b11c94a3409cd933dfbe9a0aGlibc prior to v2.1.9x allows local users to read any file. This shell script exploits this bug using the Openssh-2.3.0p1 binary. Tested against Debian 2.3 and Redhat 7.0.
4c421f7d5f1a7e40155c52fc44daa995/usr/bin/write overflow proof of concept exploit - Tested against Solaris 7 x86.
fe5dc0ffbbd4dbd5da424b640fbbdb5bDue to a various race conditions in the init level editing script /sbin/rctab it is possible for any local user to overwrite any system's file with arbitrary data. This may result in denial of service attack, local or even remote root compromise, if root runs the /sbin/rctab script. Tested against SuSE 7.0.
51769f0a559e55a0fbe445c318e64d5bSCO OpenServer v5.0.5 /usr/bin/mscreen local exploit.
0d6decf4c717851249cad2b166d2b635Tru64 (OSF/1) /usr/bin/su local exploit - Works if executable stack is on.
3dd785c49420cd2ce460d0f2717087adFreeBSD ipfw+ECE proof of concept code - Using FreeBSD divert rule, all outgoing traffic will have the ECE flag added to it, bypassing ipfw if it passes established connections.
81b9fda7f3e1e97294cd43a16f4d4c76Netscape Enterprise Server 4.0 remote root exploit - Tested against Sparc SunOS 5.7.
bd9a07a89b35b15672e6de6fbc167ecfSplitVT v1.6.4 and below local format string exploit which overflows the -rcfile command line flag. Tested on Slackware 7.1, Debian 2.2.
97dcfd07f4dcf6be30fef0197b1c1ca1Unitools.tgz contains two perl scripts - unicodeloader.pl uploads files to a vulnerable IIS site, and unicodexecute3.pl includes searches for more executable directories and is more robust and stable.
31eb60d9e98049816c3c0907cb176c03Thong.pl is a perl script which exploits several vulnerabilities found in Cisco products. Includes the Cisco Catalyst ssh Protocol Mismatch dos, Cisco 675 Web Administration dos, Cisco Catalyst 3500 XL command execution, and the Cisco IOS Software HTTP Request dos.
d98c376f39aee68581c072f95ed01b71Denial of service attack against the Iris The Network Traffic Analyzer beta 1.01. Causes Iris to hang when it the traffic is examined.
644e11c8434d6546a2ada3504d491ce1Tcpdump v3.5.2 remote root exploit - Tested against X86 Linux. Exploits an overflow in the AFS packet parsing which requires the snaplen (-s) to be set to 500 or greater. Fixed in v3.62.
289510d424aa0a665ee3161b20c9ababSolaris /usr/sbin/arp local root stack overflow exploit.
9c79d0fb32487641840dd6b081e6d8faWhois.pl is a remote exploit for Fastgraf's whois.cgi perl script.
cab6f0b2ef5ed6f5bb75170b42fd55acThe Bat! v1.48f and below has a client side vulnerability which allows malicious mail messages to add any files in any directory on the disk where user stores his attachments.
ca77c4383a98f689f532016cfb080be4Defcom Labs Advisory def-2001-01 - ImageCast V4.1.0 for Windows, a rapid-PC-deployment tool much like Ghost, has problems handling malformed input which result in a dos attack against the ImageCast Control Center.
b6325a0535100802bdaa273349db1d0aDefcom Labs Advisory def-2001-02 - IBM WebSphere 3.52 (IBM HTTP Server 1.3.12) for Windows NT has a memory leak which can be used as a remote denial of service attack. Workaround included.
d1c60ae0b02e1129be8ae653925d8ea4HP-UX v11.00 /bin/cu local buffer overflow exploit - Exploits the -l option. Provides a uid=bin shell.
41bfb9a22eefc441486dce25261ca9f9
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed