exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 65 RSS Feed

Files

7350cowboy.c
Posted Nov 17, 2002
Authored by teso

7350cowboy.c is supposedly a PHP/3.0.12, 3.0.15, and 3.0.16 with apache 1.3.12 remote format string exploit for FreeBSD 3.4, Slackware Linux 4.0, and 7.0. Very similar to http://packetstormsecurity.org/0010-exploits/phploit.c.

tags | exploit, remote, web, php
systems | linux, freebsd, slackware
SHA-256 | e940a4a8984ee2cd304f252e58a8dff2073d5977d73bfb168d98d7d54ca42f0f
locale_sol.txt
Posted Nov 22, 2001
Authored by Solar Eclipse | Site phreedom.org

This paper describes in detail the exploitation of the libc locale format string vulnerability on Solaris/SPARC. The full source code for the exploit is presented and some details of the implementation are discussed.

tags | exploit
systems | solaris
SHA-256 | 7b17fe99c5995c3700f946e8abe827d958a46295cd8e9068e1a590b08b7ef993
macosxsetuidroot.txt
Posted Oct 24, 2001
Site securemac.com

Mac OS X v10.1 and below contains a local root vulnerability which allows logged in users to get a root shell by running a specific series of applications. More info here.

tags | exploit, shell, local, root
systems | apple, osx
SHA-256 | 46aabb3e472e54612654c559a4bc57f5adf76fa15eb0274b3c38f0cc2b38d0d4
0010-exploits.tgz
Posted Nov 2, 2000
Authored by Todd J. | Site packetstormsecurity.com

Packet Storm new exploits for October, 2000.

tags | exploit
SHA-256 | f1145b6d659bf5ec559a08dd9096cf689913972f0351e3538d9060762579d13c
guninski26.txt
Posted Oct 31, 2000
Authored by Georgi Guninski | Site nat.bg

Georgi Guninski security advisory #26 - Using specially designed URLs, IIS 5.0 may return user specified content to the browser. This poses great security risk, especially if the browser is JavaScript enabled and the problem is greater in IE. By clicking on links, just visiting hostile web pages or opening HTML email the target IIS sever may return user defined malicous active content. This is a bug in IIS 5.0, but it affects end users and is exploited with a browser. A typical exploit scenario is stealing cookies which may contain sensitive information.

tags | exploit, web, javascript
SHA-256 | 6b6ccfbe0c8d541e629a7ae9731b71c0ae8c45f405aa6e7a7b3f0a9674808daa
utilmind-maillist-exploit.pl
Posted Oct 28, 2000
Authored by Telehor | Site teleh0r.cjb.net

Mailing List & News Version 1.7 remote exploit - takes advantage of insecure mail handling to spawn a shell on tcp port 60179.

tags | exploit, remote, shell, tcp
SHA-256 | 3a148d33c2f43170a5459c274e9265844c395aa32ff20393b2138faa0365ddd6
listmail-exploit.pl
Posted Oct 28, 2000
Authored by Telehor | Site teleh0r.cjb.net

Listmail v112 remote exploit which spawns a shell on tcp port 60179. Takes advantage of an insecure open call.

tags | exploit, remote, shell, tcp
SHA-256 | a2ac27c937b546ef9d313562c45140abe85c463a173244433131cd8154e5689a
formnow-exploit.pl
Posted Oct 28, 2000
Authored by Telehor | Site teleh0r.cjb.net

FormNow CGI script v1.0 remote exploit - Takes advantage of an insecure sendmail call to bind a shell to tcp port 60179.

tags | exploit, remote, shell, cgi, tcp
SHA-256 | 42bf2ffcf31c7fb94d3cd685478259c9560724e80bf63d3d45532dea4c785e1e
newsexp.tar.gz
Posted Oct 28, 2000
Authored by Morpheusbd | Site brightdarkness.de

News Update 1.1 advisory / remote exploit which allows changing the passwords for the cgi program without knowing the former password, allowing malicious users to modify your news-page.

tags | exploit, remote, cgi
SHA-256 | 8ebdb22642d1fa6286496e52ac9000e2dacc42f9352cbae20dec72dc68ce24bc
hostexp.c
Posted Oct 28, 2000
Authored by Antirez | Site kyuzz.org

Older version of the host command contains a remotely exploitable buffer overflow. The host command is used to perform the AXFR request to obtain the zone transfer information, and can be caused to execute arbitrary code when connecting to a fake DNS server, a netcat process listening on port 53.

tags | exploit, overflow, arbitrary
SHA-256 | 39951d3f589829a119033d3606128b1ac7e7273f64901d487f9e72eb6efa1de7
hl-advisory.asc
Posted Oct 28, 2000
Authored by Condor, Csh | Site sekure.org

The Half-life Dedicated Server for Linux contains remotely exploitable buffer overflow vulnerabilities. Includes remote buffer overflow exploit hl-rcon.c which has been tested against v3.1.0.x for Linux x86.

tags | exploit, remote, overflow, x86, vulnerability
systems | linux
SHA-256 | 4e21668332d5a5c5d6b07f99eee2df8e776267a63c81e42ab56b09b08e270f90
pqwak2.zip
Posted Oct 28, 2000
Authored by Shane Hird

This program exploits a flaw in the share level password authentication of MS windows 95/98/ME in its CIFS protocol to find the password of a given share on one of these machines, as discussed in ms00-072. Google flags this as malware so only use this if you know what you are doing. The password to unarchive this zip is the word "infected".

Changes: Lots of bug fixes! Works much better.
tags | exploit, protocol
systems | windows
SHA-256 | 96e29bad718463491122f8f7ad5158fa52c389629d4c02a73b7d0bb812c5f9c8
unicodexecute2.pl
Posted Oct 28, 2000
Authored by Roelof Temmingh | Site sensepost.com

Unicodexecute2 is a simple perl script to execute commands on vulnerable IIS servers w/ Unicode, as described in this article.

tags | exploit, perl
SHA-256 | 5b2cf0d0ae0a8d6764aa36ceead14fd067a55867c82158f7611f7b7fe312bc2c
godmessageIV.zip
Posted Oct 27, 2000
Authored by The Pull

Godmessage 4 Revision 5 is an implementation of Georgi Guninski's recent ActiveX exploit for Internet Explorer which attempts to install a trojan on any machine which views the included HTML.

Changes: Revision 5 has all of the rest of the bug updates, plus includes an encrypted version, and denial of service versions (to force the user to reboot and shut down the server). It also includes an important hints section, and generally has been the work of the three developer's and a ton of testers. Warning: Do not view the included HTML files with an unpatched browser if you run Windows.
tags | exploit, trojan, activex
SHA-256 | 4169810d4b2ebb4d39ec0d7dcc8a86bacb18f9009719e1fafc944364097eda78
inbusdos.c
Posted Oct 27, 2000
Authored by Incubus | Site securax.org

Denial of Service attack against an Intel InBusiness eMail Station. Will send a 630 char buffer to the pop server as argument of a USER command. The little box needs to be "powered off" and -on again.

tags | exploit, denial of service
SHA-256 | 097d217d961c8d8bf396fe40cca2df3a255ed805abb39c1fe873baf76da9a46a
ntop-w-exp.c
Posted Oct 27, 2000
Authored by JW Oh

Ntop -w v1.2a1 remote stack overflow exploit. Ntop in web mode (-w) contains an overflow when a long filename is requested. Fix available here.

tags | exploit, remote, web, overflow
SHA-256 | ce04a0904b889efb589dd7afd4461f07739d833d857e3149af3cf2126d26ec8e
hp-ux.crontab.sh
Posted Oct 24, 2000
Authored by Kyong-won Cho | Site hackerslab.com

HP/UX crontab local shell script exploit.

tags | exploit, shell, local
systems | hpux
SHA-256 | 8db2472fc166d889f4791e2f620b41fb4436110f5536153e1ce57597db33ec00
pqwak.zip
Posted Oct 24, 2000
Authored by Shane Hird

This program exploits a flaw in the share level password authentication of MS windows 95/98/ME in its CIFS protocol to find the password of a given share on one of these machines, as discussed in ms00-072. Google flags this as malware so only use this if you know what you are doing. The password to unarchive this zip is the word "infected".

tags | exploit, protocol
systems | windows
SHA-256 | 84e85c9487fc7ab4b25b357ee23948e85add674c5c955c17a2f3230d2fe92178
iis.asp.txt
Posted Oct 24, 2000
Site videotron.ca

How to read ASP source code on an IIS 5 server using the recently discovered IIS vulnerability.

tags | exploit, asp
SHA-256 | fbbc4a903d4d14e72415134d1f5fec3c86d4c7566f7cc3e2e8f21160f8293dc4
redhat.lpr.txt
Posted Oct 21, 2000
Authored by Zen-Parse

Lpr lpr-0.50-4 and below contains vulnerabilities which allow local users to access other accounts, and sometimes root.

tags | exploit, local, root, vulnerability
SHA-256 | 6ab9815eb4979f4f020da0a0b9a0978875d632bc2a0951630c7aef34b390f59a
xzarch.c
Posted Oct 21, 2000
Authored by vade79, realhalo | Site realhalo.org

Linux /usr/games/zarch v.92 local root buffer overflow exploit.

tags | exploit, overflow, local, root
systems | linux
SHA-256 | d420c219019c22b1db498fbe394d018774d0fc7f953b8a9a311f957a40202d37
oracle-815.c
Posted Oct 21, 2000
Authored by Kim Yong-jun | Site hackerslab.org

Oracle 8.1.5 local buffer overflow exploit for Linux.

tags | exploit, overflow, local
systems | linux
SHA-256 | d10cd01d2e252d4560cf80fd8e8ad2a8ab0de947c5c91cad0cda66125a53492f
webevent.txt
Posted Oct 21, 2000

Webevent v3.3.3 (webevent.pl) is an online calendar which contains a remote cgi vulnerability which allows administrative access.

tags | exploit, remote, cgi
SHA-256 | 5496ce9dcc8d0910d984fc7e479e1a67727682f51767ceae31adf5e834118d53
xsplumber.c
Posted Oct 21, 2000
Authored by vade79, realhalo | Site realhalo.org

Linux space plumber (/usr/games/splumber) local buffer overflow exploit.

tags | exploit, overflow, local
systems | linux
SHA-256 | 807d031351ea5f76324fc2b5994894828847822ca1112cab19cbaff5f38514e9
unicode.pl
Posted Oct 21, 2000
Authored by SteeLe

Unicde.pl exploits vulnerable IIS servers which allow remote command execition, as described in iis-unicode.txt.

tags | exploit, remote
SHA-256 | ab15a086254fb78c36eb6996bbda2ad646248d11ed4dc609531b7f3030a47b81
Page 1 of 3
Back123Next

Top Authors In Last 30 Days

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close