seeing is believing
Showing 1 - 25 of 71 RSS Feed

Files

0209-exploits.tgz
Posted Jun 7, 2004
Authored by Todd J.

Packet Storm new exploits for September, 2002.

tags | exploit
MD5 | 72b57f8c0241e3393ea2b6135dbe42ba
cgitelnetdbman.pdf
Posted Jun 7, 2004
Authored by Lawrence Lavigne | Site neoerudition.net

CGI-Telnet 1.0, a cgi telnet script that runs on various Unix and NT webservers has vulnerabilities which can be manipulated into giving a user access. The password file is accessible in the web path and passwords are kept DES encrypted.

tags | exploit, web, cgi, vulnerability
systems | unix
MD5 | 5a370b31c3a81464a6d4fc140e949b83
teo-openssl-xpl.tgz
Posted Oct 21, 2003
Authored by Teolupus

Teolupus OpenSSL Exploiter is an automated OpenSSL vulnerability scanner able to find, log and exploit a server "without human intervention". It is based on Nebunu apscan2 but has much more targets. Includes openfuckv2 and openssl-too-open both with more than 130 targets.

tags | exploit
MD5 | b05e333e5fa377ca6c476149ed50c8e9
SSL-scan.tar.gz
Posted Mar 12, 2003

Apache + OpenSSL v0.9.6d and below exploit for FreeBSD. Tested on FreeBSD 4.4-STABLE, FreeBSD 4.4-RELEASE, FreeBSD 4.5-RELEASE, and FreeBSD 4.6-RELEASE-p1 with Apache-1.3.26 and Apache-1.3.19. Modified to brute force the offset from openssl-too-open.c. Includes scanners. WARNING: The binaries in this archive are infected with the ELF_GMON.A virus which sets up a backdoor on UDP port 3049. Updated by Ech0. Notice: Previous versions of this .tar.gz (before 3-11-03) had several binaries infected with the linux.osf.8759 virus. This tar contains both cleaned and infected binaries, with the cleaned ones running by default.

tags | exploit, udp, virus
systems | linux, freebsd
MD5 | f210224fbf3fbc145f3e84ab7c844ed1
zyxbrut.c
Posted Dec 14, 2002
Authored by BetaFly Computer Team

Zyxbrut.c is a brute force program written for the ZyXel router telnet service.

tags | exploit
MD5 | aa0507fb1ed8677a43d8e629ad4d5380
rootprobe.sh
Posted Nov 30, 2002
Authored by Sebastian Krahmer | Site team-teso.net

Modprobe shell metacharacter expansion local root exploit for Red Hat 7.x and SuSE 7.x.

tags | exploit, shell, local, root
systems | linux, redhat, suse
MD5 | 28b219ae719f042d7c7ce6eac9ef28bd
mdklinuxconf.c
Posted Nov 30, 2002
Authored by Pokleyzz

Mandrake 8.2 linuxconf local root exploit.

tags | exploit, local, root
systems | linux, mandrake
MD5 | e617b71655e152bbee80aa2767e49ca1
scalpel.c
Posted Nov 30, 2002
Authored by Sebastian Krahmer | Site team-teso.net

Local apache/PHP root exploit via libmm (apache-user -> root) temp race exploit. Spawns a root shell from the apache user.

tags | exploit, shell, local, root, php
MD5 | dcffeb448888592287ff24ca6be0c617
unishell.pl
Posted Oct 22, 2002
Authored by Pakk

Unicode IIS exploit in perl. Tries 20 ways.

tags | exploit, perl
MD5 | b31f98e1ede92b439df11826c886cdd8
idefense.smrsh.txt
Posted Oct 2, 2002
Authored by Zen-Parse, Pedram Amini, David Endler | Site idefense.com

iDEFENSE Security Advisory 10.01.2002 - It is possible for an attacker to bypass the restrictions imposed by The Sendmail Consortium's Restricted Shell (SMRSH) and execute a binary of his choosing by inserting a special character sequence into his .forward file. Two attack methods both of which are detailed. Patch available here.

tags | exploit, shell
MD5 | 6b1f79ee66a3ac3df14ff5df61ce1de7
gv-exploit.pdf
Posted Oct 1, 2002
Authored by Zen-Parse | Site idefense.com

Buffer overflow exploit for gv v3.5.8 on linux which creates the file /tmp/itworked when gv opens the PDF. Some mail readers use GV to view pdf's. Tested on Red Hat 7.3.

tags | exploit, overflow
systems | linux, redhat
MD5 | da9705f79a8782d078819470306ac5c0
openssl-bsd.c
Posted Sep 30, 2002

Apache + OpenSSL v0.9.6d and below exploit for FreeBSD. Tested on FreeBSD 4.4-STABLE, FreeBSD 4.4-RELEASE, FreeBSD 4.5-RELEASE, and FreeBSD 4.6-RELEASE-p1 with Apache-1.3.26 and Apache-1.3.19. Modified to brute force the offset from openssl-too-open.c. Updated by Ech0, and ysbadaddn.

tags | exploit
systems | freebsd
MD5 | 93c74bbed4fa5628590f8a08cc6a569d
apscan2.tgz
Posted Sep 30, 2002
Authored by Nebunu

Apache OpenSSL v0.9.6d mass scanner. When a vulnerable server is found code is launched. Includes targets for Apache 1.3.6, 1.3.9, 1.3.12, 1.3.19, 1.3.20, 1.3.26, 1.3.23, and 1.3.14. Includes openssl-too-open binary.

tags | exploit
MD5 | f56c7c14685cd643a637f60e42497615
nslconf.c
Posted Sep 30, 2002
Authored by RaiSe | Site netsearch-ezine.com

Linuxconf v1.28r3 and below local exploit which uses the ptrace method to find the offset. Tested on Mandrake 8.0 and 8.2, and Redhat 7.2 and 7.3.

tags | exploit, local
systems | linux, redhat, mandrake
MD5 | d7351358fc20587891f1f8c16b558242
openbsd-select-bug.txt
Posted Sep 29, 2002
Authored by Sec | Site drugphish.ch

Research on the recent OpenBSD select() bug and its possible exploitation. Includes a local denial of service exploit which was tested on OpenBSD v2.6 - 3.1.

tags | exploit, denial of service, local
systems | openbsd
MD5 | 11b34ff9c52e9241262598028265afec
interbase-gds-exploit.c
Posted Sep 26, 2002
Authored by grazer | Site i-security.nl

This exploit uses a symbolic link vulnerability in the Borland Interbase gds_lock_mgr binary to overwrite /etc/xinetd.d/xinetdbd with code that spawns a root shell on port 666 TCP.

tags | exploit, shell, root, tcp
MD5 | 0ecb679470d57b48ec01e63e5ca67c13
apache-ssl-bug.c
Posted Sep 25, 2002
Authored by Andy

This exploit abuses the KEY_ARG buffer overflow that exists in SSL enabled Apache web servers that are compiled with OpenSSL versions prior to 0.9.6e. The apache-ssl-bug.c exploit is based on the Slapper worm (bugtraq.c), which is based on a early version of the apache-open-ssl exploit.

tags | exploit, worm, web, overflow
MD5 | 1be047c32ae0e2d1d8930d2ce4c4f7cc
vbull.c
Posted Sep 25, 2002
Authored by Gosper

Vbulletin/calender.php remote command execution exploit.

tags | exploit, remote, php
MD5 | 0569a0851a81caa5f67a940a3af6fe2d
qute.pl
Posted Sep 24, 2002
Authored by Arne Schwerdtfegger

Qute.pl is a perl script which exploits a buffer overflow in Qstat 2.5b. Since Qstat is not SUID by default this script is useless.

tags | exploit, overflow, perl
MD5 | 6182325164cd3e63f9c2688fa96bcc6f
idefense.dinoweb.txt
Posted Sep 24, 2002
Authored by David Endler | Site idefense.com

iDEFENSE Security Advisory 09.23.2002 - A vulnerability exists in the latest version of the Dino Webserver that can allow an attacker to view and retrieve any file on the system.

tags | exploit
MD5 | c2e5dd5d49683b918059438a2f7d405a
alsaplayer-suid.c
Posted Sep 23, 2002
Authored by Zillion, Kevin Finisterre

AlsaPlayer contains a buffer overflow that can be used for privileges elevation when this program is setuid. Tested on Red Hat 7.3 linux with alsaplayer-devel-0.99.71-1 . The overflow has been fixed in AlsaPlayer 0.99.71.

tags | exploit, overflow
systems | linux, redhat
MD5 | d3864c1d3454e61a8246fa4e1966ac8f
bakkum.c
Posted Sep 23, 2002
Authored by eSDee, netric | Site netric.org

Remote root exploit for Linux systems running Null httpd 0.5.0. Tested to work against Red Hat Linux 7.3.

tags | exploit, remote, root
systems | linux, redhat
MD5 | 88f53e3ca0b89baf95643a18cb9584bb
gawk_expl.c
Posted Sep 21, 2002
Site netric.org

Linux proof of concept exploit for a local buffer overflow in GNU Awk 3.1.0-x.

tags | exploit, overflow, local, proof of concept
systems | linux
MD5 | 9e653a0462e3f7ef60c123e9ca381c63
compress_expl.c
Posted Sep 21, 2002
Site netric.org

Compress v4.2.4 local test exploit for Linux systems.

tags | exploit, local
systems | linux
MD5 | 599d99a8e14ed34f83f118d3d2d84799
qspl.c
Posted Sep 21, 2002
Authored by Oscar Linderholm

Qstat 2.5b local root exploit for Linux. Tested on Debian GNU/Linux (Woody). Since Qstat is not SUID by default this script is not useful for gaining more access to a linux system.

tags | exploit, local, root
systems | linux, debian
MD5 | 5bd205acc310c5c0a4a244f24352737d
Page 1 of 3
Back123Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
Phishers Getting Smarter By Making Use Of User Location
Posted Oct 20, 2017

tags | headline, malware, cybercrime, fraud, phish
OSX Malware Spread Via Compromised Software Downloads
Posted Oct 20, 2017

tags | headline, malware, apple
Canadian Spooks Release Their Own Malware Detection Tool
Posted Oct 20, 2017

tags | headline, government, malware, canada, spyware
Judge: MalwareTech Is No Longer Under Curfew, GPS Monitoring
Posted Oct 20, 2017

tags | headline, hacker, government, malware, usa, conference
Microsoft Mocks Google For Failed Security Fix Deployment Methodology
Posted Oct 19, 2017

tags | headline, microsoft, flaw, google, chrome
Malicious Mineraft Apps In Google Play Enslave Your Device To A Botnet
Posted Oct 19, 2017

tags | headline, malware, microsoft, phone, botnet, google
OAIC Received 114 Voluntary Data Breach Notifications In Two Years
Posted Oct 19, 2017

tags | headline, hacker, privacy, australia, data loss
US-CERT Predicts Machine Learning To Become Security Risk
Posted Oct 19, 2017

tags | headline, flaw
ATM Malware Available Online For Online $5,000
Posted Oct 18, 2017

tags | headline, malware, bank, cybercrime, fraud
Oracle Swats 252 Bugs In Patch Update
Posted Oct 18, 2017

tags | headline, flaw, patch, oracle
View More News →
packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close