Twenty Year Anniversary
Showing 1 - 25 of 30 RSS Feed

Posted Dec 18, 2001
Authored by Todd Sabin | Site

Microsoft HK local exploit - Executes any command as SYSTEM, as described in MS01-003. Good for recovering lost admin rights. Includes C source and binary.

tags | exploit, local
MD5 | c304bfd8147a60c82839eaa4930b067a
Posted Nov 12, 2001
Authored by Luki Rustianto

This is wuftpd2.6.0x and qpop2.1.4 exploit ported to PHP. Even php in safe mode can not stop this script from working. Webhosting providers who provide PHP need to be careful.

tags | exploit, php
MD5 | 3b84eccc265a9360ac00d4e6a518d991
Posted Apr 24, 2001
Authored by B-root is an exploit for the IIS unicode bug which allows you to enter commands as if in a cmd.exe shell and uses 20 different URL's to check for the vulnerability.

tags | exploit, shell
MD5 | 2fe5c09d88a363ca4fa10754b99b24ca
Posted Feb 2, 2001
Authored by Todd J.

Packet Storm new exploits for January, 2001.

tags | exploit
MD5 | 529b73bf0d83aa85bfa82f9b57548e48
Posted Feb 1, 2001
Authored by anonymous

Bind-tsig.c is a trojan which pretends to be a Bind 8 exploit, but actually attacks

tags | exploit, trojan
MD5 | cd4a8638d718185f1f26451e0817ef66
Posted Jan 31, 2001
Authored by Krfinisterre

The Progress Database Server v8.x and 9.x for Unix has several locally exploitable buffer overflows which can allow arbitrary code to run as root. Proof of concept exploit attached.

tags | exploit, overflow, arbitrary, root, proof of concept
systems | unix
MD5 | d02e5d8479bbefc220465668d82b3f20
Posted Jan 27, 2001
Authored by Robert Keyes | Site

Naptha v1.1 is a denial of service attack against many OS's which uses established TCP connections to create a resource starvation attack. Includes three tools - bogusarp makes a bogus entry in the router's arp cache so it actually puts packets with our faked source address on the Ethernet, synsend, and srvr which replaces ackfin from Naptha 1.0. Tested against Windows 95, 98 and NT4 and more. Compiles on Linux 2.2.x, OpenBSD 2.7, FreeBSD 4.0.

tags | exploit, denial of service, tcp
systems | linux, windows, 9x, freebsd, openbsd
MD5 | 9e461df6b11c94a3409cd933dfbe9a0a
Posted Jan 27, 2001
Authored by Charles Stevenson

Glibc prior to v2.1.9x allows local users to read any file. This shell script exploits this bug using the Openssh-2.3.0p1 binary. Tested against Debian 2.3 and Redhat 7.0.

tags | exploit, shell, local
systems | linux, redhat, debian
MD5 | 4c421f7d5f1a7e40155c52fc44daa995
Posted Jan 27, 2001
Authored by Pablo Sor

/usr/bin/write overflow proof of concept exploit - Tested against Solaris 7 x86.

tags | exploit, overflow, x86, proof of concept
systems | solaris
MD5 | fe5dc0ffbbd4dbd5da424b640fbbdb5b
Posted Jan 27, 2001
Authored by IhaQueR

Due to a various race conditions in the init level editing script /sbin/rctab it is possible for any local user to overwrite any system's file with arbitrary data. This may result in denial of service attack, local or even remote root compromise, if root runs the /sbin/rctab script. Tested against SuSE 7.0.

tags | exploit, remote, denial of service, arbitrary, local, root
systems | linux, suse
MD5 | 51769f0a559e55a0fbe445c318e64d5b
Posted Jan 27, 2001
Authored by ADM, Shane A. Macaulay

SCO OpenServer v5.0.5 /usr/bin/mscreen local exploit.

tags | exploit, local
MD5 | 0d6decf4c717851249cad2b166d2b635
Posted Jan 27, 2001
Authored by ADM, Shane A. Macaulay

Tru64 (OSF/1) /usr/bin/su local exploit - Works if executable stack is on.

tags | exploit, local
MD5 | 3dd785c49420cd2ce460d0f2717087ad
Posted Jan 27, 2001
Authored by Plathond | Site

FreeBSD ipfw+ECE proof of concept code - Using FreeBSD divert rule, all outgoing traffic will have the ECE flag added to it, bypassing ipfw if it passes established connections.

tags | exploit, proof of concept
systems | freebsd
MD5 | 81b9fda7f3e1e97294cd43a16f4d4c76
Posted Jan 27, 2001
Authored by Fyodor

Netscape Enterprise Server 4.0 remote root exploit - Tested against Sparc SunOS 5.7.

tags | exploit, remote, root
systems | solaris
MD5 | bd9a07a89b35b15672e6de6fbc167ecf
Posted Jan 25, 2001
Authored by Michel MaXX Kaempf

SplitVT v1.6.4 and below local format string exploit which overflows the -rcfile command line flag. Tested on Slackware 7.1, Debian 2.2.

tags | exploit, overflow, local
systems | linux, slackware, debian
MD5 | 97dcfd07f4dcf6be30fef0197b1c1ca1
Posted Jan 25, 2001
Authored by Roelof Temmingh | Site

Unitools.tgz contains two perl scripts - uploads files to a vulnerable IIS site, and includes searches for more executable directories and is more robust and stable.

tags | exploit, perl
MD5 | 31eb60d9e98049816c3c0907cb176c03
Posted Jan 25, 2001
Authored by Hypoclear | Site is a perl script which exploits several vulnerabilities found in Cisco products. Includes the Cisco Catalyst ssh Protocol Mismatch dos, Cisco 675 Web Administration dos, Cisco Catalyst 3500 XL command execution, and the Cisco IOS Software HTTP Request dos.

tags | exploit, web, perl, vulnerability, protocol
systems | cisco
MD5 | d98c376f39aee68581c072f95ed01b71
Posted Jan 24, 2001
Authored by Wouter ter Maat | Site

Denial of service attack against the Iris The Network Traffic Analyzer beta 1.01. Causes Iris to hang when it the traffic is examined.

tags | exploit, denial of service
MD5 | 644e11c8434d6546a2ada3504d491ce1
Posted Jan 15, 2001
Authored by Zhodiac | Site

Tcpdump v3.5.2 remote root exploit - Tested against X86 Linux. Exploits an overflow in the AFS packet parsing which requires the snaplen (-s) to be set to 500 or greater. Fixed in v3.62.

tags | exploit, remote, overflow, x86, root
systems | linux
MD5 | 289510d424aa0a665ee3161b20c9abab
Posted Jan 13, 2001
Authored by Sor Pablo Sebastian, Dave Ahmed | Site

Solaris /usr/sbin/arp local root stack overflow exploit.

tags | exploit, overflow, local, root
systems | solaris
MD5 | 9c79d0fb32487641840dd6b081e6d8fa
Posted Jan 13, 2001
Authored by Marco van Berkum is a remote exploit for Fastgraf's whois.cgi perl script.

tags | exploit, remote, cgi, perl
MD5 | cab6f0b2ef5ed6f5bb75170b42fd55ac
Posted Jan 9, 2001
Authored by 3APA3A | Site

The Bat! v1.48f and below has a client side vulnerability which allows malicious mail messages to add any files in any directory on the disk where user stores his attachments.

tags | exploit
MD5 | ca77c4383a98f689f532016cfb080be4
Posted Jan 9, 2001
Authored by Defcom Labs | Site

Defcom Labs Advisory def-2001-01 - ImageCast V4.1.0 for Windows, a rapid-PC-deployment tool much like Ghost, has problems handling malformed input which result in a dos attack against the ImageCast Control Center.

tags | exploit
systems | windows
MD5 | b6325a0535100802bdaa273349db1d0a
Posted Jan 9, 2001
Authored by Defcom Labs | Site

Defcom Labs Advisory def-2001-02 - IBM WebSphere 3.52 (IBM HTTP Server 1.3.12) for Windows NT has a memory leak which can be used as a remote denial of service attack. Workaround included.

tags | exploit, remote, web, denial of service, memory leak
systems | windows, nt
MD5 | d1c60ae0b02e1129be8ae653925d8ea4
Posted Jan 9, 2001
Authored by Zorgon

HP-UX v11.00 /bin/cu local buffer overflow exploit - Exploits the -l option. Provides a uid=bin shell.

tags | exploit, overflow, shell, local
systems | hpux
MD5 | 41bfb9a22eefc441486dce25261ca9f9
Page 1 of 2

Want To Donate?

Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

Top Authors In Last 30 Days

Recent News

News RSS Feed
Google Expands Bug Bounty To Include Fraud Protection Bypass
Posted Aug 16, 2018

tags | headline, fraud, flaw, google
Credit Card Skimmers Now Need To Fear The Reaper
Posted Aug 16, 2018

tags | headline, hacker, bank, cybercrime, fraud, conference
The Hackers Hunting Down Missing People
Posted Aug 16, 2018

tags | headline, hacker, privacy, conference
President Trump Relaxes US Cyber-Attack Rules
Posted Aug 16, 2018

tags | headline, government, usa, cyberwar, fbi, nsa, cia
Mystery Russian Satellite's Behavior Raises Alarm In US
Posted Aug 15, 2018

tags | headline, usa, russia, space, cyberwar, spyware
Adobe Fixes Critical Code Execution Flaws In Latest Patch Update
Posted Aug 15, 2018

tags | headline, flaw, adobe, patch
Instagram Hack Is Locking Hundreds Of Users Out Of Their Accounts
Posted Aug 15, 2018

tags | headline, hacker, denial of service, password, facebook
Foreshadow And Intel SGX Software Attestation: The Whole Trust Model Collapses
Posted Aug 15, 2018

tags | headline, flaw, cryptography, intel
Hackers Can Edit Policy Body Cam Footage Without Anybody Noticing
Posted Aug 15, 2018

tags | headline, hacker, government
Google Tracks Users Who Turn Off Location History
Posted Aug 15, 2018

tags | headline, privacy, google, spyware
View More News →
packet storm

© 2018 Packet Storm. All rights reserved.

Security Services
Hosting By