ARPtool has basically two functions: 1) it maps all the ip's on the same ethernet cable segment/LAN as the machine it runs on, which is useful to determine the hosts that could be victim of sniffing, hijacking, etc. 2) a general ARP generator function, for sending customized ARP packets, which can be used for spoofing hosts, DoS, etc.
f96b72b99bc27148614c3ba749b438239x CGI-BIN bug finder scans for cgi-bin exploits.
d778207f5c6eae4a1583c20ab2fb087cProgram to test the MS IIS 4 logging avoidance bug: ms-iis4-avoid-log.txt.
3dd8c2a0d3cbe439ae963a1871f8217emIRC 5.5 'DCC Server' hole Exploit Code - mIRC 5.5 new dcc server feature doesn't filter metachars(such as . and \) from sent filenames. This script fakes the sending of a harmless file and then puts malicious file in a wanted destination dir on the same harddrive (autostart dir is a good choice).
cce7c650777ea5154ff9ce50728333dcDescription of simple, working exploit that causes selected remote server to consume massive amounts of bandwidth.
8e67ab16a7588e5c8495b5130d1e23a7A simple CGI scanner with debug and exploit download features IF any CGI holes are found.
4b63aa0a552283d3004f65cc5b028f04Cgi Scanner v1.4 - Scan remote web servers for all commonly known and potentially exploitable CGI scripts. Some scripts are better (coded, designed, optimized, complete) than others, and this is one of those better scripts.
527ed23824ee7d98664df366ab287a20compulink-laserfiche-passwd.txt
115c652b4a48c759b2b98a3c1cc6bbe4Multiple vulnerabilities in ControlIT(tm) (formerly Remotely Possible/32) enterprise management software versions 4.5 and earlier. Local root compromise, Denial of Service attack.
33de7bbbb8a99c40f13b8345003b35baMSIE 4 Privacy Issue: clipboard content can be made public by a javascript code two lines long. Exploit code included.
7154c397ae28f144018828ec5c3b509dNumerous Digital Unix 4.0 exploitable buffer overflows introduced with new executable stack in 4.0 versions.
bf7c8637c1e74fa11dc113542d3b4c6dASM shellcode exploit, with good explanation, for Digital Unix 4.0 buffer overflow, resulting in local root compromise.
1f3033454771352110ac2627efd661d2FoolProof found to be full of security glitches. This info is by no means new or unknown, but this file summarizes many of the known exploits and loopholes very well.
5f0bf322b6c876b3a390bdff2465c556ftp-spoof.pl v0.01 - Local FTP server spoofer: Many FTP clients these days have a text file called (program-name).ini which will store the info like site-name, user-name, encrypted password and account-name. Instead of trying to decrypt the password for each different application (ws_ftp etc) do this: edit the (program-name).ini, wherever there is a site-name change it to 127.0.0.1, start this perl scipt, open your ftp program and click connect.
29461ca5d46edf5fa5be89481bba2390ftp-spoof.zip v0.01 - Zipped version of the above perl script.
d2048360cd41114eeb5237baa494d1d9ws_ftp security design weaknesses allow malicious cracker to take advantage of cached passwords with weak encryption. Remote root compromise possible.
5da15f14ab90f2a47f156373f8992049ie0199.exe-trojan.txt
c053f99fd54ec82ee707de14e6ade087IIS FTP Exploit/DoS Attack - Buffer Overflow in 3.0 and 4.0 versions of IIS results in Denial of Service attacks and possibility of remote execution of code.
eeca972f4cf1d65bc333ef4b5df5b3c9A denial of service problem has been found in Inferno 2.0. A program written in Limbo can produce a denial of service consuming all the memory of the computer. The Inferno's commands to prevent this DoS are not able to stop this attack. (Advisory in Spanish).
7be8f2a57fc6277a96fdc1a68adc85a6Bug in Linux 2.2.0 kernel allows any local user to execute a Denial of Service attack, forcing system reboot.
3369782f9296ae213a97b68df595191flpstat Exploit code for Solaris 2.6/2.7 X86 versions, resulting in local root compromise.
fd72e9145b76ee117fbb513ccc7efa9eIIS 4 Request Logging Security Advisory - Combination of problems with Microsoft IIS 4 servers allow successful HTTP requests to go unlogged.
8ebec3e41f436e55657c8197315cb896ms-iis4-siteserver2.txt
d8b4cf61d437facc79d4d89cab62799fMSIE 4, 5, Outlook and MS Word 97 security hole allows remote attacker to run hostile VBA (Visual Basic for Applications) programs on your PC or workstation without your having to click on any links or download anything. Simply VIEWING a hostile web page can leave you completely vulnerable to trojans, viruses, file deletion, information theft, etc.
5290f45f4a02faa4fe9fec0c7b655b38msie4-autoexec.bat-tdc.txt
605c274bfa2b455e7768024876c63238
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed