Twenty Year Anniversary
Showing 1 - 25 of 71 RSS Feed

Files

0209-exploits.tgz
Posted Jun 7, 2004
Authored by Todd J.

Packet Storm new exploits for September, 2002.

tags | exploit
MD5 | 72b57f8c0241e3393ea2b6135dbe42ba
cgitelnetdbman.pdf
Posted Jun 7, 2004
Authored by Lawrence Lavigne | Site neoerudition.net

CGI-Telnet 1.0, a cgi telnet script that runs on various Unix and NT webservers has vulnerabilities which can be manipulated into giving a user access. The password file is accessible in the web path and passwords are kept DES encrypted.

tags | exploit, web, cgi, vulnerability
systems | unix
MD5 | 5a370b31c3a81464a6d4fc140e949b83
teo-openssl-xpl.tgz
Posted Oct 21, 2003
Authored by Teolupus

Teolupus OpenSSL Exploiter is an automated OpenSSL vulnerability scanner able to find, log and exploit a server "without human intervention". It is based on Nebunu apscan2 but has much more targets. Includes openfuckv2 and openssl-too-open both with more than 130 targets.

tags | exploit
MD5 | b05e333e5fa377ca6c476149ed50c8e9
SSL-scan.tar.gz
Posted Mar 12, 2003

Apache + OpenSSL v0.9.6d and below exploit for FreeBSD. Tested on FreeBSD 4.4-STABLE, FreeBSD 4.4-RELEASE, FreeBSD 4.5-RELEASE, and FreeBSD 4.6-RELEASE-p1 with Apache-1.3.26 and Apache-1.3.19. Modified to brute force the offset from openssl-too-open.c. Includes scanners. WARNING: The binaries in this archive are infected with the ELF_GMON.A virus which sets up a backdoor on UDP port 3049. Updated by Ech0. Notice: Previous versions of this .tar.gz (before 3-11-03) had several binaries infected with the linux.osf.8759 virus. This tar contains both cleaned and infected binaries, with the cleaned ones running by default.

tags | exploit, udp, virus
systems | linux, freebsd
MD5 | f210224fbf3fbc145f3e84ab7c844ed1
zyxbrut.c
Posted Dec 14, 2002
Authored by BetaFly Computer Team

Zyxbrut.c is a brute force program written for the ZyXel router telnet service.

tags | exploit
MD5 | aa0507fb1ed8677a43d8e629ad4d5380
rootprobe.sh
Posted Nov 30, 2002
Authored by Sebastian Krahmer | Site team-teso.net

Modprobe shell metacharacter expansion local root exploit for Red Hat 7.x and SuSE 7.x.

tags | exploit, shell, local, root
systems | linux, redhat, suse
MD5 | 28b219ae719f042d7c7ce6eac9ef28bd
mdklinuxconf.c
Posted Nov 30, 2002
Authored by Pokleyzz

Mandrake 8.2 linuxconf local root exploit.

tags | exploit, local, root
systems | linux, mandrake
MD5 | e617b71655e152bbee80aa2767e49ca1
scalpel.c
Posted Nov 30, 2002
Authored by Sebastian Krahmer | Site team-teso.net

Local apache/PHP root exploit via libmm (apache-user -> root) temp race exploit. Spawns a root shell from the apache user.

tags | exploit, shell, local, root, php
MD5 | dcffeb448888592287ff24ca6be0c617
unishell.pl
Posted Oct 22, 2002
Authored by Pakk

Unicode IIS exploit in perl. Tries 20 ways.

tags | exploit, perl
MD5 | b31f98e1ede92b439df11826c886cdd8
idefense.smrsh.txt
Posted Oct 2, 2002
Authored by Zen-Parse, Pedram Amini, David Endler | Site idefense.com

iDEFENSE Security Advisory 10.01.2002 - It is possible for an attacker to bypass the restrictions imposed by The Sendmail Consortium's Restricted Shell (SMRSH) and execute a binary of his choosing by inserting a special character sequence into his .forward file. Two attack methods both of which are detailed. Patch available here.

tags | exploit, shell
MD5 | 6b1f79ee66a3ac3df14ff5df61ce1de7
gv-exploit.pdf
Posted Oct 1, 2002
Authored by Zen-Parse | Site idefense.com

Buffer overflow exploit for gv v3.5.8 on linux which creates the file /tmp/itworked when gv opens the PDF. Some mail readers use GV to view pdf's. Tested on Red Hat 7.3.

tags | exploit, overflow
systems | linux, redhat
MD5 | da9705f79a8782d078819470306ac5c0
openssl-bsd.c
Posted Sep 30, 2002

Apache + OpenSSL v0.9.6d and below exploit for FreeBSD. Tested on FreeBSD 4.4-STABLE, FreeBSD 4.4-RELEASE, FreeBSD 4.5-RELEASE, and FreeBSD 4.6-RELEASE-p1 with Apache-1.3.26 and Apache-1.3.19. Modified to brute force the offset from openssl-too-open.c. Updated by Ech0, and ysbadaddn.

tags | exploit
systems | freebsd
MD5 | 93c74bbed4fa5628590f8a08cc6a569d
apscan2.tgz
Posted Sep 30, 2002
Authored by Nebunu

Apache OpenSSL v0.9.6d mass scanner. When a vulnerable server is found code is launched. Includes targets for Apache 1.3.6, 1.3.9, 1.3.12, 1.3.19, 1.3.20, 1.3.26, 1.3.23, and 1.3.14. Includes openssl-too-open binary.

tags | exploit
MD5 | f56c7c14685cd643a637f60e42497615
nslconf.c
Posted Sep 30, 2002
Authored by RaiSe | Site netsearch-ezine.com

Linuxconf v1.28r3 and below local exploit which uses the ptrace method to find the offset. Tested on Mandrake 8.0 and 8.2, and Redhat 7.2 and 7.3.

tags | exploit, local
systems | linux, redhat, mandrake
MD5 | d7351358fc20587891f1f8c16b558242
openbsd-select-bug.txt
Posted Sep 29, 2002
Authored by Sec | Site drugphish.ch

Research on the recent OpenBSD select() bug and its possible exploitation. Includes a local denial of service exploit which was tested on OpenBSD v2.6 - 3.1.

tags | exploit, denial of service, local
systems | openbsd
MD5 | 11b34ff9c52e9241262598028265afec
interbase-gds-exploit.c
Posted Sep 26, 2002
Authored by grazer | Site i-security.nl

This exploit uses a symbolic link vulnerability in the Borland Interbase gds_lock_mgr binary to overwrite /etc/xinetd.d/xinetdbd with code that spawns a root shell on port 666 TCP.

tags | exploit, shell, root, tcp
MD5 | 0ecb679470d57b48ec01e63e5ca67c13
apache-ssl-bug.c
Posted Sep 25, 2002
Authored by Andy

This exploit abuses the KEY_ARG buffer overflow that exists in SSL enabled Apache web servers that are compiled with OpenSSL versions prior to 0.9.6e. The apache-ssl-bug.c exploit is based on the Slapper worm (bugtraq.c), which is based on a early version of the apache-open-ssl exploit.

tags | exploit, worm, web, overflow
MD5 | 1be047c32ae0e2d1d8930d2ce4c4f7cc
vbull.c
Posted Sep 25, 2002
Authored by Gosper

Vbulletin/calender.php remote command execution exploit.

tags | exploit, remote, php
MD5 | 0569a0851a81caa5f67a940a3af6fe2d
qute.pl
Posted Sep 24, 2002
Authored by Arne Schwerdtfegger

Qute.pl is a perl script which exploits a buffer overflow in Qstat 2.5b. Since Qstat is not SUID by default this script is useless.

tags | exploit, overflow, perl
MD5 | 6182325164cd3e63f9c2688fa96bcc6f
idefense.dinoweb.txt
Posted Sep 24, 2002
Authored by David Endler | Site idefense.com

iDEFENSE Security Advisory 09.23.2002 - A vulnerability exists in the latest version of the Dino Webserver that can allow an attacker to view and retrieve any file on the system.

tags | exploit
MD5 | c2e5dd5d49683b918059438a2f7d405a
alsaplayer-suid.c
Posted Sep 23, 2002
Authored by Zillion, Kevin Finisterre

AlsaPlayer contains a buffer overflow that can be used for privileges elevation when this program is setuid. Tested on Red Hat 7.3 linux with alsaplayer-devel-0.99.71-1 . The overflow has been fixed in AlsaPlayer 0.99.71.

tags | exploit, overflow
systems | linux, redhat
MD5 | d3864c1d3454e61a8246fa4e1966ac8f
bakkum.c
Posted Sep 23, 2002
Authored by eSDee, netric | Site netric.org

Remote root exploit for Linux systems running Null httpd 0.5.0. Tested to work against Red Hat Linux 7.3.

tags | exploit, remote, root
systems | linux, redhat
MD5 | 88f53e3ca0b89baf95643a18cb9584bb
gawk_expl.c
Posted Sep 21, 2002
Site netric.org

Linux proof of concept exploit for a local buffer overflow in GNU Awk 3.1.0-x.

tags | exploit, overflow, local, proof of concept
systems | linux
MD5 | 9e653a0462e3f7ef60c123e9ca381c63
compress_expl.c
Posted Sep 21, 2002
Site netric.org

Compress v4.2.4 local test exploit for Linux systems.

tags | exploit, local
systems | linux
MD5 | 599d99a8e14ed34f83f118d3d2d84799
qspl.c
Posted Sep 21, 2002
Authored by Oscar Linderholm

Qstat 2.5b local root exploit for Linux. Tested on Debian GNU/Linux (Woody). Since Qstat is not SUID by default this script is not useful for gaining more access to a linux system.

tags | exploit, local, root
systems | linux, debian
MD5 | 5bd205acc310c5c0a4a244f24352737d
Page 1 of 3
Back123Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

Top Authors In Last 30 Days

Recent News

News RSS Feed
Federal Court Rules Trump Can't Block People On Twitter
Posted May 24, 2018

This is an article straight from the wires, you can read the full story here.

tags | headline, government, usa
FBI Seeks To Thwart Cyber Attack On Ukraine
Posted May 24, 2018

This is an article straight from the wires, you can read the full story here.

tags | headline, government, usa, cyberwar, fbi
GDPR In Real Life: Transparency, Innovation, And Adoption Across Borders And Organizations
Posted May 24, 2018

This is an article straight from the wires, you can read the full story here.

tags | headline, government, privacy
FBI Seizes Domain Russia Allegedly Used To Infect 500,000 Routers
Posted May 24, 2018

This is an article straight from the wires, you can read the full story here.

tags | headline, malware, usa, russia, botnet, cyberwar, fbi
Police Are Using Amazon's Face Recognition Service
Posted May 23, 2018

This is an article straight from the wires, you can read the full story here.

tags | headline, government, privacy, amazon
Zuckerberg's European Parliament Testimony Criticized
Posted May 23, 2018

This is an article straight from the wires, you can read the full story here.

tags | headline, government, privacy, data loss, facebook
FBI Inflated Encrypted Device Figures, Misleading Public
Posted May 23, 2018

This is an article straight from the wires, you can read the full story here.

tags | headline, government, privacy, usa, phone, apple, fbi, cryptography
Who's Afraid Of Kaspersky?
Posted May 23, 2018

This is an article straight from the wires, you can read the full story here.

tags | headline, malware, virus, russia, cyberwar, conference
Greenwich University Hit With Massive Data Breach Fine
Posted May 22, 2018

This is an article straight from the wires, you can read the full story here.

tags | headline, privacy, britain, data loss
Spectre Chip Security Vulnerability Strikes Again
Posted May 22, 2018

This is an article straight from the wires, you can read the full story here.

tags | headline, flaw, intel
View More News →
packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close