Ssh client local root exploit which sets LD_PRELOAD and attempts to run /tmp/setuid. Works against old ssh clients.
eef2877afe4d941e69f7ba9aa3a9436d5478e81477e99426820f9fedbae143fc
Remote root exploit for Solaris Sparc 6-8 rpc.walld.
c1e410fe5ab1b188ba6d26dea7078a80e8c12c1aca5f21472f6d5a56a4dc4455
Microsoft IIS 4/5.0 remote .ida exploit. Spawns a shell on port 8008.
0fd5e0fbd77aa95dad4b9cbea18e4904d8c929ac25376f72fd816415bf8d97d3
Badblue webserver v1.5 for Windows remote directory traversal exploit.
a54d11c4fc9cf04a8c8071a4aec7f365e1cae05097b86eecfeb8f67e5513a8f8
Packet Storm new exploits for June, 2002.
a9309c94199b97391aa1b61578ee2e667eefcaa5fafbc34fd5259abcb6e4a35f
Telindus router 10xx and 11xx remote exploit.
404bb0a35d5c7eda3c26b9a45719176438cf8347496440a97caa87b792e26489
Unreal IRCD v3.1.1 to 3.1.3 denial of service exploit.
a655ff6119c077cef8aab063446e8798beeb633496ea38743ce791c016fc7c53
Perl portable Apache remote DoS v1.3.24/2.0.38 and below based on the recent flaw in chunked encoding. Causes a segmentation fault, does not rely on nc.
fe582a0b59e79190c792456893c0e6ffd8bbc9455f52dbd128886a3d61fdbf3b
IRIX xfsmd remote root exploit. Tested against Irix v6.2, 6.3, 6.4, 6.5, and 6.5.16.
c6084d769bc0885efa3d141525b7b1d3d51a171754bb048f0ab470504dd03df1
Third party Cygwin port of apache-nosejob.c, an Apache v1.3.24 remote exploit for FreeBSD, NetBSD, and OpenBSD. Includes targets for FreeBSD 4.5, OpenBSD 3.0 / 3.1, NetBSD 1.5.2, and brute force mode for several versions. Attack is usually not logged unless server is patched.
38a805dabdb402fd99b38a4ad893f01de6fd824eddaac965f0bc839fa1b5bbc0
Microsoft IIS 4(NT4) and - IIS 5(Windows 2k) .asp buffer overflow exploit. Includes targets for IIS5 Chinese SP0, SP1, and SP2 and English SP2. Binds a shell to port 7788. Includes brute force mode.
cff7c84fef9c4f74d0c37c73407a5acab0f309b70a8a522033b68e5349f2fc61
Apache v1.3.24 remote exploit for FreeBSD, NetBSD, and OpenBSD. Includes targets for FreeBSD 4.5, OpenBSD 3.0 / 3.1, NetBSD 1.5.2, and brute force mode for several versions. Attack is usually not logged unless server is patched.
5a75ae577a5a12c9bb55acb0331e7d91c88802723564bd02fc6f7ab9ad874070
Portable Apache remote DoS v1.3.24/2.0.38 and below based on the recent flaw in chunked encoding. Causes a segmentation fault.
911ee87d5b5c009e0fb65666de07aea43ac0990422525390fa82bfe42569d288
Openbsd/x86 Apache remote exploit for the chunking vulnerability. Spawns a shell. Tested on OpenBSD 3.0 and 3.1 running Apache v1.3.20, 1.3.22, 1.3.23, and 1.3.24. Brute force mode can exploit other versions without targets, including some OpenBSD 2.8 versions.
27015d30e73adc35e03cd319117cbd02bd4650cb0af6169cf8ce03433990dc20
Apachefun is Spike script which exploits the new apache chunked data vulnerability. Tested on Apache-AdvancedExtranetServer/1.3.23. Causes a segmentation fault.
9ed9fcf633dfcf3b3a1be428ab70c47b438e1a4d1d7914f38023343154914d01
Cisco VPN client v3.5.1rel-k9 (Linux version) buffer overflow exploit which spawns a root shell.
633f9a2103f78fbe980489511980039e5e2dc812f61513bd2d269345191b799a
TrACESroute v6.0 gold local format string exploit exploit. Tested on Red Hat Linux release 7.2 (Enigma).
14d19acb3a570221091bebb1f7f37f1e180242840c6fa9b621ec65b29374a9ed
Icecast v1.3.11 and below remote root exploit for linux/x86. Binds a shell to port 30464. Tested against SuSE 7.2, Debian 2.2r2, and Slackware 8.0.
766b53ac8f37a9dae4525d7da3fbb07b12711f55801b3625d281dc809594f972
Magiccard.cgi has a directory traversal bug in the page variable that allows any file on the system to be read.
ebeddfd494c8d0021e0b86e2f8493f37740875b8485e7be7afedc4a1cf819632
Morpheus request share files denial of service exploit. Ported to Cygwin by Luigi Grandini
ffc476b90e9c53aacd410867129ca28b410dec076d56ea21751f205cba44b39c
Execiis.c is a remote exploit for Bugtraq ID 2708 - Microsoft IIS CGI filename decode error. Ported to Cygwin by Luigi Grandini
41e56d9794973e1c019e15f98d3bc785395e501be437d345c64524ff25a8d55e
Cfingerd prior to v1.4.3 remote root exploit for linux/x86. Exploits a format string vulnerability in the syslog() call. Ported to Cygwin by Luigi Grandini
001eab558ecb8deaea5ecfd0cb633b3f88ddc7ca656b976fb86de7009f824ec4
This simple java program crashes the VM (at least 1.3.1-b24) on W2K, and is another example of Java-Frontier Bugs.
6f26c966da14268cd5e14f4a814470f95cfd0613135a33dbef76e8ce95c142f9
Linux/x86 remote exploit for Count.cgi. Ported to Cygwin by Luigi Grandini
13c02118daa0fb30122c7a68cd1e69217701c5d125658809ba7514a17e8b2c7a
Plusmail remote exploit - plusmail fails to check authenticity before creating new accounts.
c91855e474729b7e0528d2d0e88f929517bae5ee5a8ffd85d285f9e3dfd35ab1