Section: .. / 0210-exploits /
| /// File Name: |
0210-exploits.tgz |
Description:
|
Packet Storm new exploits for October, 2002.
| | File Size: | 2215227 | | Last Modified: | Nov 1 09:49:18 2002 |
| MD5 Checksum: | 47543d2f228312316b7dee8cf60d6850 |
|
| /// File Name: |
analogx-socks4a.sballo.pl |
Description:
|
This is an exploit for AnalogX Proxy 4.10 configurations running on Windows 2000 Pro (SP2). The exploit binds a shell to port 8008 TCP.
| | Author: | | File Size: | 11502 | | Last Modified: | Oct 14 16:51:26 2002 |
| MD5 Checksum: | c262c0d90d724ec4b9601631e027d683 |
|
| /// File Name: |
anhttpd141c_exploit.java |
Description:
|
AN HTTPD v1.30 to 1.41c remote heap overflow exploit written in java for Japanese Windows 2000 Pro (SP2).
| | Author: | Kanatoko | | Homepage: | http://www.jumperz.net | | File Size: | 5696 | | Last Modified: | Oct 22 09:07:13 2002 |
| MD5 Checksum: | 1f1b01d7ab128a508febb5ff2176e78a |
|
| /// File Name: |
bearshare.4.0.6.txt |
Description:
|
Bearshare v4.0.6 and below is contains a directory traversal bug which allows remote attackers to view any file on the system by sending a specially crafted HTTP request. Exploit URL's included.
| | Author: | Gluck, Mario Solares, Aviram Jenik | | Homepage: | http://www.BeyondSecurity.com | | File Size: | 2024 | | Last Modified: | Oct 4 09:19:54 2002 |
| MD5 Checksum: | 4deb6c402a2323bbbb6d32da4944cd84 |
|
| /// File Name: |
bop.pl |
Description:
|
PlanetDNS v1.14 remote buffer overflow exploit which sends 6K of data to port 80 of PlanetWeb.
| | Author: | Securma Massine | | File Size: | 1947 | | Last Modified: | Oct 21 07:58:26 2002 |
| MD5 Checksum: | 9350db07af8a58ea99c7d027033e8a96 |
|
| /// File Name: |
ChmOverflow.zip |
Description:
|
Windows Help Buffer Overflow proof of concept remote exploit in Visual Basic 6. Starts a cmd.exe shell on Microsoft Windows XP Kernel Version 5.1.2600.0. Includes source.
| | Author: | Sylvain Descoteaux | | File Size: | 12979 | | Last Modified: | Oct 10 04:41:06 2002 |
| MD5 Checksum: | 3e134633e8a21051ff9f3c15d47c266d |
|
| /// File Name: |
euxploit.zip |
Description:
|
Remote exploit for the Eudora v5.x boundary buffer overflow. Works against Eudora v5.1 and 5.1.1 and is independent of Windows version.
| | Author: | Vecna | | File Size: | 12709 | | Last Modified: | Oct 10 04:51:04 2002 |
| MD5 Checksum: | 796d31fc38fbdbd23f050a46fee29a69 |
|
| /// File Name: |
GetAd.c |
Description:
|
GetAd.c is a new Windows 2000 local exploit which gains Local System rights on Win2k SP1-3 be taking advantage of the NetDDE window of winlogon with a shatter attack. Binaries available here. SecurityFocus vulnerability information available here.
| | Author: | Serus | | Homepage: | http://getad.chat.ru | | File Size: | 3560 | | Last Modified: | Oct 17 04:51:13 2002 |
| MD5 Checksum: | 5aaf16bbab2ab14dcbff5aa6879af839 |
|
| /// File Name: |
gm011-ie.txt |
Description:
|
Internet Explorer 5.5 SP2 and Internet Explorer 6 allow the oIFrameElement.Document reference to return a document with no security restrictions, allowing remote attackers to steal cookies from any site, gain access to content in sites (forging content), read local files and execute arbitrary programs on the client's machine. Exploit HTML included which reads the client's google.com cookie. IE6 SP1 is not affected. Four demonstration exploits are available here.
| | Author: | GreyMagic Software | | Homepage: | http://security.greymagic.com | | File Size: | 3810 | | Last Modified: | Oct 17 04:24:10 2002 |
| MD5 Checksum: | c4e9108a3cc65e6a2d639324e9ba64d3 |
|
| /// File Name: |
gm012-more-ie.txt |
Description:
|
Microsoft Internet Explorer versions 5.5 and 6.0 are susceptible to 9 attacks involving object caching. When communicating between windows, security checks ensure that both pages are in the same security zone and on the same domain. These crucial security checks wrongly assume that certain methods and objects are only going to be called through their respective window. This assumption enables some cached methods and objects to provide interoperability between otherwise separated documents.
| | Author: | GreyMagic Software | | Homepage: | http://security.greymagic.com/ | | File Size: | 4927 | | Last Modified: | Oct 25 06:22:39 2002 |
| MD5 Checksum: | 1f5a5fed0d2cb400606aef190e3eef9f |
|
| /// File Name: |
hackingcitrix.txt |
Description:
|
Citrix is a Remote Desktop application that is becoming widely popular. It is similar to Microsoft's Terminal Services, RDP (Remote Desktop Protocol). Unlike Terminal Services, Citrixs' lines of products allow the administrator to specify certain applications to be run on the server. This allows them to control which programs they want to allow the end user to execute. There exists an interesting gray line for the security of Citrix applications due to the mixing of both Citrix technology, and Microsoft technology. With an application that allows users remote access to not only published programs, but remote desktops, a serious threat arises.
| | Author: | wirepair | | File Size: | 17406 | | Last Modified: | Oct 3 05:02:00 2002 |
| MD5 Checksum: | 61e74e786bf9267b909c01e175a4c699 |
|
| /// File Name: |
iosmash2.c |
Description:
|
Iosmash2.c is a local root exploit for the FreeBSD file descriptors kernel bug that resides in all releases of FreeBSD up to and including 4.6-RELEASE. The exploit create 5 valid root passwords that give instant root access trough S/key.
| | Author: | Dvdman | | Homepage: | http://www.l33tsecurity.com | | File Size: | 2150 | | Last Modified: | Oct 7 02:12:32 2002 |
| MD5 Checksum: | 7b28078a9bc5a3407f5939b88d2cf0ec |
|
| /// File Name: |
kitkat.pl |
Description:
|
Kitkat.pl exploits a directory traversal bug in webMathematica v1.0.0 and 1.0.0.1.
| | Author: | NTFX | | Homepage: | http://legion2000.security.nu | | File Size: | 1296 | | Last Modified: | Oct 17 07:46:39 2002 |
| MD5 Checksum: | bf6c938417e1bb5537a706e1f973e070 |
|
| /// File Name: |
l-zonealarm.c |
Description:
|
Zone-Labs ZoneAlarm Pro 3.1.291 and 3.0 remote denial of service exploit which consumes all available CPU via synflooding. To fix, update to the newest zonealarm and run windows update.
| | Author: | Lupsyn | | File Size: | 7642 | | Last Modified: | Oct 23 08:43:22 2002 |
| MD5 Checksum: | 820d0cd440c7a6ca25f87098cfb94cd5 |
|
| /// File Name: |
massrooterfinal.tar.gz |
Description:
|
Massrooter takes advantage of remote vulnerabilities in bind, PHP, lpd, rpc, wuftpd, null httpd, telnet, mail, ssl, and ssh on multiple systems.
| | Author: | Daddy_cad | | Homepage: | http://www.abouthacking.net | | File Size: | 1724731 | | Last Modified: | Nov 13 16:43:19 2002 |
| MD5 Checksum: | f104041ba08694e3bfdd9e511715d7c5 |
|
| /// File Name: |
mod_ssl-toolkit.tar.gz |
Description:
|
Mod_ssl off-by-one bug exploitation toolkit for OpenBSD. Creates a malicious .htaccess file which replaces the apache server process with an included HTTP server.
| | Author: | Grange | | File Size: | 2311 | | Last Modified: | Oct 10 04:59:41 2002 |
| MD5 Checksum: | 01386026a91e1adfdfa0829e0c211b3f |
|
| /// File Name: |
neuter.c |
Description:
|
Remote denial of service exploit that can be used against systems running Apache Tomcat (versions prior to 4.1.10) combined with IIS.
| | Author: | bmbr. | | Homepage: | http://www.enzotech.net | | File Size: | 5419 | | Last Modified: | Oct 15 14:39:38 2002 |
| MD5 Checksum: | 309ea638b470473176e87002adebaf66 |
|
| /// File Name: |
onelove.c |
Description:
|
This is proof of concept code that demonstrates how commands can be injected in a ptraced telnet/ssh session.
| | Author: | xenion. | | File Size: | 13998 | | Last Modified: | Oct 5 18:49:39 2002 |
| MD5 Checksum: | e063bb014f958db8cdaa416b1bd1e98b |
|
| /// File Name: |
Oracle9iAS.dos.pl |
Description:
|
Oracle9iAS Web Cache Denial of Service exploit in perl, as described in Atstake advisory a102802-1.
| | Author: | Deadbeat | | File Size: | 1389 | | Last Modified: | Oct 30 08:52:04 2002 |
| MD5 Checksum: | 5587607f8f49ffd172b5844f93e01670 |
|
| /// File Name: |
sambar.5.1.pl |
Description:
|
Sambar Webserver v5.1 for Windows Pbcgi.exe remote denial of service exploit in perl.
| | Author: | Sebastian Breit | | Homepage: | http://www.systat.cl | | File Size: | 936 | | Last Modified: | Oct 31 06:09:52 2002 |
| MD5 Checksum: | fd9bc557a02bc20a56871b03f3fb968b |
|
| /// File Name: |
sendmail-8-11-x.c |
Description:
|
Sendmail 8.11.x linux/x86 local root exploit. Uses gdb to find offsets.
| | Author: | sd[at]sf.cz | | File Size: | 7399 | | Last Modified: | Oct 22 09:01:13 2002 |
| MD5 Checksum: | 2fe9594bfd8aa84b38546e5e85f92b8a |
|
| /// File Name: |
solarhell |
Description:
|
Solarhell is a remote root exploit shell script which abuses the Solaris /bin/login bug by using telnet. Solaris 2.6, 2.7 and 2.8 (7.0 and 8.0) is vulnerable. More information available here.
| | Author: | Deloitte & Touche SSG (Security Services Group). | | Homepage: | http://www.deloitte.co.za/ | | File Size: | 768 | | Last Modified: | Oct 29 14:49:29 2002 |
| MD5 Checksum: | 750b7545abb4813fae07fb331e4b0c43 |
|
| /// File Name: |
solaris.login.txt |
Description:
|
This document describes how to compromise Solaris systems prior to version 9 by using a telnet client only.
| | Author: | Jonathan Stuart. | | File Size: | 1203 | | Last Modified: | Oct 2 22:35:08 2002 |
| MD5 Checksum: | 37c0ebd7f767b321deb20890747689f2 |
|
| /// File Name: |
sortrace.c |
Description:
|
Linux Traceroute v1.4a5 and below local root exploit which takes advantage of a malloc chunk vulnerability. Uses gdb to find offsets.
| | Author: | Sorbo | | File Size: | 8207 | | Last Modified: | Oct 10 04:39:55 2002 |
| MD5 Checksum: | b8b7f19d1870423e791ef80cef6f50a7 |
|
| /// File Name: |
sunos_telnet_for_cygwin.zip |
Description:
|
The Solaris 2.6, 7, and 8 /bin/login TTYPROMPT remote exploit compiled with Cygwin for Windows. Tested against SunOS 5.5, 5.5.1, 5.6, 5.7, 5.8 Sparc and SunOS 5.6, 5.7, 5.8 x86.
| | Homepage: | http://www.cnhonker.net | | File Size: | 431031 | | Last Modified: | Oct 10 03:14:59 2002 |
| MD5 Checksum: | 19b0e58b22e4cd4e3e8c9cced6a58e76 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
