This Metasploit module exploits the buffer overflow found in the MKD command in IPSWITCH WS_FTP Server 5.03 discovered by Reed Arvin.
539d9fbaf6a97b6b59263a8a01f93ef5Perl exploit for IPSwitch WhatsUp Gold version 8.03 that is susceptible to a remote buffer overflow. Tested on Win2k SP4. Successful exploitation binds a shell on port 28876.
0c39361862f209e73e6107bf06e50093Shatter Master is a win32 program made in VB6 to develop and exploit shatter attacks in Windows NT/2k/XP. Related information available here.
30bb20752a2c7e1dc0ddf8f896c4b115Wmap v1.3 is a cgi scanner that attempts to be smarter than most. To increase the chance of finding useful stuff, wmap has a file containing interesting Directories (dirs.db) and other file containing common cgi dirs (dircgis.db) to search for. If a directory is found is added to the test. This include all the directories that are found in the html tags. For each directory found, not only scans for vulnerable CGI's (cgis.db) it scan for interesting files (ex. passwords.tmp) included in the file (file.db) and does an http PUT scan.
c6ea4d3cb5c9499182cb736b26942b2cWmap v1.2 is a cgi scanner that attempts to be smarter than most. To increase the chance of finding useful stuff, wmap has a file containing interesting Directories (dirs.db) and other file containing common cgi dirs (dircgis.db) to search for. If a directory is found is added to the test. This include all the directories that are found in the html tags. For each directory found, not only scans for vulnerable CGI's (cgis.db) it scan for interesting files (ex. passwords.tmp) included in the file (file.db) and does an http PUT scan.
db909b7bb866f015d9152671a46a299fThe Snoop Servlet on Release Build 3.1 and 3.0 of Tomcat from Apache Software Foundation reveals the full path to the webserver and OS.
9c79e1c0a5932d99efb8838bf96e6584Tomcat v3.1 from the Apache Software Foundation displays the full path of the web server.
de75c83927b64b063866cc4878105a5fLoWNOISE - ISMyASP - IIS ASP source code viewer using the ISM.DLL buffer truncation bug.
74e5c0d4d4d617d23fa8caadb98437f5RightFax Web Client v5.2 allows anyone to hijack user's faxes.
9bb7293d5c68e1a5c5585199bad613a5sslcrack is a basic VB5 win9x brute force PIN SSL cracker. Zip includes HomeBanking.txt, which explains a common weakness in Home Banking systems that allows brute forcing the PIN.
fadf78f286a4e7e5b2282305a32b401dHow To Break Out of Restricted Shells and Menus, v2.3 - An excellent whitepaper detailing methods for breaking out of virtually any kind of restricted shell or menu you might come across.
e7db43e9f3adcfb3393a5bbaff02f40fExcellent text file regarding methods and tactics used to break out of restricted shells and menus on UNIX systems.
eafcb431a07f04a3e8e5e317cc803126PADLOCK-IT v1.01 contains numerous security holes and improperly manages passwords, making for a very unsecure implementation of the Twofish encryption algorithm.
58e106a995548c3122f4f31a2d6de181LoWKILL 2.1 is a Windows9x/NT port of the modem escape character Denial of Service exploit (+++ATHO). Designed for a user-friendly, low-quality, low-performance enviroment, LoWKILL 2.1 allows you to target entire subnets and select custom escape character sequences to kill Internet connections remotely.
b956732203019bf6fd9e1800177f4f49The password protection program PADLOCK-IT Version 1.01 does not properly implement the TwoFish encryption used, rendering both the encryption algorithm and the software program security meaningless.
06070ea89646e2327e75582a1a5ea840
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed