.:[ packet storm ]:.
                             
the world's security
the world's security

 Section:  .. / 0210-exploits  /

Page 1 of 2
<< 1 2 >> Files 1 - 25 of 32
Currently sorted by: File SizeSort By: File Name, Last Modified

 ///  File Name: 0210-exploits.tgz
Description:
 Packet Storm new exploits for October, 2002.
File Size:2215227
Last Modified:Nov 1 09:49:18 2002
MD5 Checksum:47543d2f228312316b7dee8cf60d6850

 ///  File Name: massrooterfinal.tar.gz
Description:
 Massrooter takes advantage of remote vulnerabilities in bind, PHP, lpd, rpc, wuftpd, null httpd, telnet, mail, ssl, and ssh on multiple systems.
Author:Daddy_cad
Homepage:http://www.abouthacking.net
File Size:1724731
Last Modified:Nov 13 16:43:19 2002
MD5 Checksum:f104041ba08694e3bfdd9e511715d7c5

 ///  File Name: sunos_telnet_for_cygwin.zip
Description:
 The Solaris 2.6, 7, and 8 /bin/login TTYPROMPT remote exploit compiled with Cygwin for Windows. Tested against SunOS 5.5, 5.5.1, 5.6, 5.7, 5.8 Sparc and SunOS 5.6, 5.7, 5.8 x86.
Homepage:http://www.cnhonker.net
File Size:431031
Last Modified:Oct 10 03:14:59 2002
MD5 Checksum:19b0e58b22e4cd4e3e8c9cced6a58e76

 ///  File Name: hackingcitrix.txt
Description:
 Citrix is a Remote Desktop application that is becoming widely popular. It is similar to Microsoft's Terminal Services, RDP (Remote Desktop Protocol). Unlike Terminal Services, Citrixs' lines of products allow the administrator to specify certain applications to be run on the server. This allows them to control which programs they want to allow the end user to execute. There exists an interesting gray line for the security of Citrix applications due to the mixing of both Citrix technology, and Microsoft technology. With an application that allows users remote access to not only published programs, but remote desktops, a serious threat arises.
Author:wirepair
File Size:17406
Last Modified:Oct 3 05:02:00 2002
MD5 Checksum:61e74e786bf9267b909c01e175a4c699

 ///  File Name: wc.tar.gz
Description:
 Two modified versions of the slapper worm exploit made more user-friendly with simple interaction to define what host and port will be hit with the exploit.
Author:aion
File Size:16231
Last Modified:Oct 25 05:58:22 2002
MD5 Checksum:4c26c877c1f0530353bfc2ef74331c67

 ///  File Name: onelove.c
Description:
 This is proof of concept code that demonstrates how commands can be injected in a ptraced telnet/ssh session.
Author:xenion.
File Size:13998
Last Modified:Oct 5 18:49:39 2002
MD5 Checksum:e063bb014f958db8cdaa416b1bd1e98b

 ///  File Name: ChmOverflow.zip
Description:
 Windows Help Buffer Overflow proof of concept remote exploit in Visual Basic 6. Starts a cmd.exe shell on Microsoft Windows XP Kernel Version 5.1.2600.0. Includes source.
Author:Sylvain Descoteaux
File Size:12979
Last Modified:Oct 10 04:41:06 2002
MD5 Checksum:3e134633e8a21051ff9f3c15d47c266d

 ///  File Name: euxploit.zip
Description:
 Remote exploit for the Eudora v5.x boundary buffer overflow. Works against Eudora v5.1 and 5.1.1 and is independent of Windows version.
Author:Vecna
File Size:12709
Last Modified:Oct 10 04:51:04 2002
MD5 Checksum:796d31fc38fbdbd23f050a46fee29a69

 ///  File Name: analogx-socks4a.sballo.pl
Description:
 This is an exploit for AnalogX Proxy 4.10 configurations running on Windows 2000 Pro (SP2). The exploit binds a shell to port 8008 TCP.
Author:File Size:11502
Last Modified:Oct 14 16:51:26 2002
MD5 Checksum:c262c0d90d724ec4b9601631e027d683

 ///  File Name: sortrace.c
Description:
 Linux Traceroute v1.4a5 and below local root exploit which takes advantage of a malloc chunk vulnerability. Uses gdb to find offsets.
Author:Sorbo
File Size:8207
Last Modified:Oct 10 04:39:55 2002
MD5 Checksum:b8b7f19d1870423e791ef80cef6f50a7

 ///  File Name: l-zonealarm.c
Description:
 Zone-Labs ZoneAlarm Pro 3.1.291 and 3.0 remote denial of service exploit which consumes all available CPU via synflooding. To fix, update to the newest zonealarm and run windows update.
Author:Lupsyn
File Size:7642
Last Modified:Oct 23 08:43:22 2002
MD5 Checksum:820d0cd440c7a6ca25f87098cfb94cd5

 ///  File Name: sendmail-8-11-x.c
Description:
 Sendmail 8.11.x linux/x86 local root exploit. Uses gdb to find offsets.
Author:sd[at]sf.cz
File Size:7399
Last Modified:Oct 22 09:01:13 2002
MD5 Checksum:2fe9594bfd8aa84b38546e5e85f92b8a

 ///  File Name: telnet.c
Description:
 SunOS 5.5, 5.5.1 and Solaris 2.6, 2.7, and 2.8 SPARC and SunOS 5.7 and 5.8 x86 /bin/login TTYPROMPT remote exploit.
Author:Lion
Homepage:http://www.cnhonker.com
File Size:6065
Last Modified:Oct 4 09:25:15 2002
MD5 Checksum:68bddb79920400ed85b5fa28ba605aaa

 ///  File Name: anhttpd141c_exploit.java
Description:
 AN HTTPD v1.30 to 1.41c remote heap overflow exploit written in java for Japanese Windows 2000 Pro (SP2).
Author:Kanatoko
Homepage:http://www.jumperz.net
File Size:5696
Last Modified:Oct 22 09:07:13 2002
MD5 Checksum:1f1b01d7ab128a508febb5ff2176e78a

 ///  File Name: neuter.c
Description:
 Remote denial of service exploit that can be used against systems running Apache Tomcat (versions prior to 4.1.10) combined with IIS.
Author:bmbr.
Homepage:http://www.enzotech.net
File Size:5419
Last Modified:Oct 15 14:39:38 2002
MD5 Checksum:309ea638b470473176e87002adebaf66

 ///  File Name: gm012-more-ie.txt
Description:
 Microsoft Internet Explorer versions 5.5 and 6.0 are susceptible to 9 attacks involving object caching. When communicating between windows, security checks ensure that both pages are in the same security zone and on the same domain. These crucial security checks wrongly assume that certain methods and objects are only going to be called through their respective window. This assumption enables some cached methods and objects to provide interoperability between otherwise separated documents.
Author:GreyMagic Software
Homepage:http://security.greymagic.com/
File Size:4927
Last Modified:Oct 25 06:22:39 2002
MD5 Checksum:1f5a5fed0d2cb400606aef190e3eef9f

 ///  File Name: virgil.txt
Description:
 Virgil CGI Scanner by Mark Ruef has a vulnerability where user input is trusted without being sanitized and is actually populating bash variables which end up getting executed. Simple exploit examples are included.
Author:KALIF research group, Joschka Fischer
File Size:3922
Last Modified:Oct 25 06:41:37 2002
MD5 Checksum:db03d67f3f01a9badd1d398868b94862

 ///  File Name: gm011-ie.txt
Description:
 Internet Explorer 5.5 SP2 and Internet Explorer 6 allow the oIFrameElement.Document reference to return a document with no security restrictions, allowing remote attackers to steal cookies from any site, gain access to content in sites (forging content), read local files and execute arbitrary programs on the client's machine. Exploit HTML included which reads the client's google.com cookie. IE6 SP1 is not affected. Four demonstration exploits are available here.
Author:GreyMagic Software
Homepage:http://security.greymagic.com
File Size:3810
Last Modified:Oct 17 04:24:10 2002
MD5 Checksum:c4e9108a3cc65e6a2d639324e9ba64d3

 ///  File Name: GetAd.c
Description:
 GetAd.c is a new Windows 2000 local exploit which gains Local System rights on Win2k SP1-3 be taking advantage of the NetDDE window of winlogon with a shatter attack. Binaries available here. SecurityFocus vulnerability information available here.
Author:Serus
Homepage:http://getad.chat.ru
File Size:3560
Last Modified:Oct 17 04:51:13 2002
MD5 Checksum:5aaf16bbab2ab14dcbff5aa6879af839

 ///  File Name: tomcat.dos.sh
Description:
 Apache Tomcat 3.3 and 4.0.4 for Windows NT and 2000 remote denial of service exploit. Uses device names like AUX, LPT1, CON, and PRN to crash the server.
Author:Olaf Schulz
Homepage:http://www.dcert.de
File Size:2317
Last Modified:Oct 17 07:52:33 2002
MD5 Checksum:d350ab2f1f17570561020752a2d24d68

 ///  File Name: mod_ssl-toolkit.tar.gz
Description:
 Mod_ssl off-by-one bug exploitation toolkit for OpenBSD. Creates a malicious .htaccess file which replaces the apache server process with an included HTTP server.
Author:Grange
File Size:2311
Last Modified:Oct 10 04:59:41 2002
MD5 Checksum:01386026a91e1adfdfa0829e0c211b3f

 ///  File Name: iosmash2.c
Description:
 Iosmash2.c is a local root exploit for the FreeBSD file descriptors kernel bug that resides in all releases of FreeBSD up to and including 4.6-RELEASE. The exploit create 5 valid root passwords that give instant root access trough S/key.
Author:Dvdman
Homepage:http://www.l33tsecurity.com
File Size:2150
Last Modified:Oct 7 02:12:32 2002
MD5 Checksum:7b28078a9bc5a3407f5939b88d2cf0ec

 ///  File Name: bearshare.4.0.6.txt
Description:
 Bearshare v4.0.6 and below is contains a directory traversal bug which allows remote attackers to view any file on the system by sending a specially crafted HTTP request. Exploit URL's included.
Author:Gluck, Mario Solares, Aviram Jenik
Homepage:http://www.BeyondSecurity.com
File Size:2024
Last Modified:Oct 4 09:19:54 2002
MD5 Checksum:4deb6c402a2323bbbb6d32da4944cd84

 ///  File Name: tftp.dos.pl
Description:
 Solarwinds TFTP server v5.0.55 and below remote denial of service exploit in perl.
Author:D4rkGr3y
Homepage:http://www.dhgroup.org
File Size:1972
Last Modified:Oct 25 07:27:22 2002
MD5 Checksum:940a91e472909d558a7cf5bdf8d5360b

 ///  File Name: bop.pl
Description:
 PlanetDNS v1.14 remote buffer overflow exploit which sends 6K of data to port 80 of PlanetWeb.
Author:Securma Massine
File Size:1947
Last Modified:Oct 21 07:58:26 2002
MD5 Checksum:9350db07af8a58ea99c7d027033e8a96
 

 ///  Last 10 Files
  1. :· USN-703-1.txt
  2. :· USN-702-1.txt
  3. :· phpauctionsystem-insecure.txt
  4. :· phpauctionsystem-sqlxss.txt
  5. :· joomlaphoca-sql.txt
  6. :· lfi-rfi2.txt
  7. :· theratcms-sql.txt
  8. :· walusoft-traversal.txt
  9. :· dmp161lst4-overflow.txt
  10. :· seacureit-cfp2009.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Advisories
  1. :· USN-703-1.txt
  2. :· USN-702-1.txt
  3. :· walusoft-traversal.txt
  4. :· dsa-1695-1.txt
  5. :· dsa-1694-1.txt
  6. :· nokia560-dos.txt
  7. :· MDVSA-2008-246.txt
  8. :· dsa-1693-1.txt
  9. :· dsa-1692-1.txt
  10. :· phpgd-leak.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Exploits
  1. :· phpauctionsystem-insecure.txt
  2. :· phpauctionsystem-sqlxss.txt
  3. :· joomlaphoca-sql.txt
  4. :· theratcms-sql.txt
  5. :· dmp161lst4-overflow.txt
  6. :· plxautoreminder-sql.txt
  7. :· safari-heap.txt
  8. :· dmp161lst3-overflow.txt
  9. :· solucion-sql.txt
  10. :· joomlanewsdesc-sql.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Tools
  1. :· lfi-rfi2.txt
  2. :· tor.uclibc.i686.20090105.iso
  3. :· RFIDIOt-0.1v.tgz
  4. :· ratproxy-1.53.tar.gz
  5. :· opennhrp-0.9.2.tar.bz2
  6. :· rkhunter-1.3.4.tar.gz
  7. :· zerowine-0.0.1.tar.gz
  8. :· inguma-0.1.1.tar.gz
  9. :· fspy-0.1.0.tar.gz
  10. :· sipwitch-0.3.8.tar.gz
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Misc
  1. :· seacureit-cfp2009.txt
  2. :· msfxdc-contest.txt
  3. :· valsmith_colin_blog_spam.pdf
  4. :· dquist_valsmith_further_down_the_vm_spiral.pdf
  5. :· valsmith_dquist_hacking_malware.pdf
  6. :· uCon2009-CFP.txt
  7. :· md5-considered-harmful.pdf
  8. :· clickjack-xss.txt
  9. :· w3af-userguide.pdf
  10. :· understanding-xss.txt
[ Last 20 | Last 50 | Last 100 ]


 .:. TopPrivacy Statement | Copyright Notice