what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 71 RSS Feed

Files

0209-exploits.tgz
Posted Jun 7, 2004
Authored by Todd J. | Site packetstormsecurity.com

Packet Storm new exploits for September, 2002.

tags | exploit
SHA-256 | 045ca73a0cacb6605a118c823acedaca1f5dc5f8eed502958f744a3d2c351d5d
cgitelnetdbman.pdf
Posted Jun 7, 2004
Authored by Lawrence Lavigne | Site neoerudition.net

CGI-Telnet 1.0, a cgi telnet script that runs on various Unix and NT webservers has vulnerabilities which can be manipulated into giving a user access. The password file is accessible in the web path and passwords are kept DES encrypted.

tags | exploit, web, cgi, vulnerability
systems | unix
SHA-256 | e0b5370c22e2597643e3465f2bbcd9a427ce709060d55d274bb546ca92480c8e
teo-openssl-xpl.tgz
Posted Oct 21, 2003
Authored by Teolupus

Teolupus OpenSSL Exploiter is an automated OpenSSL vulnerability scanner able to find, log and exploit a server "without human intervention". It is based on Nebunu apscan2 but has much more targets. Includes openfuckv2 and openssl-too-open both with more than 130 targets.

tags | exploit
SHA-256 | ce85e0330ac595ce313685f1e0d5ef79db96eff660b53e1cdb8a6938e169de1c
SSL-scan.tar.gz
Posted Mar 12, 2003

Apache + OpenSSL v0.9.6d and below exploit for FreeBSD. Tested on FreeBSD 4.4-STABLE, FreeBSD 4.4-RELEASE, FreeBSD 4.5-RELEASE, and FreeBSD 4.6-RELEASE-p1 with Apache-1.3.26 and Apache-1.3.19. Modified to brute force the offset from openssl-too-open.c. Includes scanners. WARNING: The binaries in this archive are infected with the ELF_GMON.A virus which sets up a backdoor on UDP port 3049. Updated by Ech0. Notice: Previous versions of this .tar.gz (before 3-11-03) had several binaries infected with the linux.osf.8759 virus. This tar contains both cleaned and infected binaries, with the cleaned ones running by default.

tags | exploit, udp, virus
systems | linux, freebsd
SHA-256 | 284a089a6557cd9d4d23a493e8aced962e8dcf4a523227361dd66fdd462ebab7
zyxbrut.c
Posted Dec 14, 2002
Authored by BetaFly Computer Team

Zyxbrut.c is a brute force program written for the ZyXel router telnet service.

tags | exploit
SHA-256 | 09a2e8873fc29128a79a933087fd6b993b20bc25a6fb311b7d0228b7d714db16
rootprobe.sh
Posted Nov 30, 2002
Authored by Sebastian Krahmer | Site team-teso.net

Modprobe shell metacharacter expansion local root exploit for Red Hat 7.x and SuSE 7.x.

tags | exploit, shell, local, root
systems | linux, redhat, suse
SHA-256 | 7fbdc5e8a76bd2dfcc6ee414e1ca54dbf13a22c9c260b4f09dc6008c2feaf6c9
mdklinuxconf.c
Posted Nov 30, 2002
Authored by Pokleyzz

Mandrake 8.2 linuxconf local root exploit.

tags | exploit, local, root
systems | linux, mandrake
SHA-256 | 10ac292ecd095adfff7090099b436f9adcb2b98fee0c74a8249eeff765272b78
scalpel.c
Posted Nov 30, 2002
Authored by Sebastian Krahmer | Site team-teso.net

Local apache/PHP root exploit via libmm (apache-user -> root) temp race exploit. Spawns a root shell from the apache user.

tags | exploit, shell, local, root, php
SHA-256 | 1d5db464c8ba2e2fbf07162312ad2209781d2a9e0aa4407600ee8c2e6029a683
unishell.pl
Posted Oct 22, 2002
Authored by Pakk

Unicode IIS exploit in perl. Tries 20 ways.

tags | exploit, perl
SHA-256 | 8662d0aab8bd41a11af165611d21686de5ca89f17b76ea0ca9ec002d6a6ccc07
idefense.smrsh.txt
Posted Oct 2, 2002
Authored by Zen-Parse, Pedram Amini, David Endler | Site idefense.com

iDEFENSE Security Advisory 10.01.2002 - It is possible for an attacker to bypass the restrictions imposed by The Sendmail Consortium's Restricted Shell (SMRSH) and execute a binary of his choosing by inserting a special character sequence into his .forward file. Two attack methods both of which are detailed. Patch available here.

tags | exploit, shell
SHA-256 | e1968987be598ce21fb8b01554f9dd70ecddae77782675c6591f723f39c2dab1
gv-exploit.pdf
Posted Oct 1, 2002
Authored by Zen-Parse | Site idefense.com

Buffer overflow exploit for gv v3.5.8 on linux which creates the file /tmp/itworked when gv opens the PDF. Some mail readers use GV to view pdf's. Tested on Red Hat 7.3.

tags | exploit, overflow
systems | linux, redhat
SHA-256 | 17584573625605cf365839d42b6249b81ab8189d3e8207c905c43574b0b985ef
openssl-bsd.c
Posted Sep 30, 2002

Apache + OpenSSL v0.9.6d and below exploit for FreeBSD. Tested on FreeBSD 4.4-STABLE, FreeBSD 4.4-RELEASE, FreeBSD 4.5-RELEASE, and FreeBSD 4.6-RELEASE-p1 with Apache-1.3.26 and Apache-1.3.19. Modified to brute force the offset from openssl-too-open.c. Updated by Ech0, and ysbadaddn.

tags | exploit
systems | freebsd
SHA-256 | d22209dfa296d626007b88527d9af34b681b9169c571f3e5c5859d8428447224
apscan2.tgz
Posted Sep 30, 2002
Authored by Nebunu

Apache OpenSSL v0.9.6d mass scanner. When a vulnerable server is found code is launched. Includes targets for Apache 1.3.6, 1.3.9, 1.3.12, 1.3.19, 1.3.20, 1.3.26, 1.3.23, and 1.3.14. Includes openssl-too-open binary.

tags | exploit
SHA-256 | aa1467984afb050f4cdbdb18e5960709046b1acf4e899c587a3bb5f32f81af72
nslconf.c
Posted Sep 30, 2002
Authored by RaiSe | Site netsearch-ezine.com

Linuxconf v1.28r3 and below local exploit which uses the ptrace method to find the offset. Tested on Mandrake 8.0 and 8.2, and Redhat 7.2 and 7.3.

tags | exploit, local
systems | linux, redhat, mandrake
SHA-256 | 7c69399dd7f5a08de186e149072b4b0ffad0e4adecf6598bc7fb8d45d8cc6354
openbsd-select-bug.txt
Posted Sep 29, 2002
Authored by Sec | Site drugphish.ch

Research on the recent OpenBSD select() bug and its possible exploitation. Includes a local denial of service exploit which was tested on OpenBSD v2.6 - 3.1.

tags | exploit, denial of service, local
systems | openbsd
SHA-256 | a139e465d5432bfb22c8cb02fcaad81f3ba8d7d7f42d2f31a3ad875ca2065362
interbase-gds-exploit.c
Posted Sep 26, 2002
Authored by grazer | Site i-security.nl

This exploit uses a symbolic link vulnerability in the Borland Interbase gds_lock_mgr binary to overwrite /etc/xinetd.d/xinetdbd with code that spawns a root shell on port 666 TCP.

tags | exploit, shell, root, tcp
SHA-256 | d7d156c479c021809f9a0057514db6f1459ab7f03ab76f348bc1c94b1dfed0a8
apache-ssl-bug.c
Posted Sep 25, 2002
Authored by Andy

This exploit abuses the KEY_ARG buffer overflow that exists in SSL enabled Apache web servers that are compiled with OpenSSL versions prior to 0.9.6e. The apache-ssl-bug.c exploit is based on the Slapper worm (bugtraq.c), which is based on a early version of the apache-open-ssl exploit.

tags | exploit, worm, web, overflow
SHA-256 | 436090b56a7078c33d435bf10253452623305a3c47e6e5c7f13c05a10118fd8d
vbull.c
Posted Sep 25, 2002
Authored by Gosper

Vbulletin/calender.php remote command execution exploit.

tags | exploit, remote, php
SHA-256 | 696c47bb743d4c61635d2b53c61441cce1ff71882f95ce0d1f8c84b21ee7c0c4
qute.pl
Posted Sep 24, 2002
Authored by Arne Schwerdtfegger

Qute.pl is a perl script which exploits a buffer overflow in Qstat 2.5b. Since Qstat is not SUID by default this script is useless.

tags | exploit, overflow, perl
SHA-256 | e9f3bdc1f8a9d0bf7a7f036f80af23bc7c153c77c4f0d5f0a1ab127e999a6df2
idefense.dinoweb.txt
Posted Sep 24, 2002
Authored by David Endler | Site idefense.com

iDEFENSE Security Advisory 09.23.2002 - A vulnerability exists in the latest version of the Dino Webserver that can allow an attacker to view and retrieve any file on the system.

tags | exploit
SHA-256 | 173624a149e99e3fffdbb7f4f8d15aad56be0b1f6a78706b17e41d2dd0e718e6
alsaplayer-suid.c
Posted Sep 23, 2002
Authored by Zillion, Kevin Finisterre

AlsaPlayer contains a buffer overflow that can be used for privileges elevation when this program is setuid. Tested on Red Hat 7.3 linux with alsaplayer-devel-0.99.71-1 . The overflow has been fixed in AlsaPlayer 0.99.71.

tags | exploit, overflow
systems | linux, redhat
SHA-256 | 2875baab452b93c7ef7d5f24fbb1d46a9fa65f879a5d43f51352eee63870a710
bakkum.c
Posted Sep 23, 2002
Authored by eSDee, netric | Site netric.org

Remote root exploit for Linux systems running Null httpd 0.5.0. Tested to work against Red Hat Linux 7.3.

tags | exploit, remote, root
systems | linux, redhat
SHA-256 | f3ad09d77c82a11ae03bbf3d43ee72abb5ba62e08fc75bd608fa3668f74758b5
gawk_expl.c
Posted Sep 21, 2002
Site netric.org

Linux proof of concept exploit for a local buffer overflow in GNU Awk 3.1.0-x.

tags | exploit, overflow, local, proof of concept
systems | linux
SHA-256 | f62fd32136729fe65cb7f634394e8934f10a695c31a7af7773e53edb7313938d
compress_expl.c
Posted Sep 21, 2002
Site netric.org

Compress v4.2.4 local test exploit for Linux systems.

tags | exploit, local
systems | linux
SHA-256 | 318d7c70b2f38ab00a126f8d8729d585057a31c6d27afedab4e35dbadedd86bc
qspl.c
Posted Sep 21, 2002
Authored by Oscar Linderholm

Qstat 2.5b local root exploit for Linux. Tested on Debian GNU/Linux (Woody). Since Qstat is not SUID by default this script is not useful for gaining more access to a linux system.

tags | exploit, local, root
systems | linux, debian
SHA-256 | 0d005a95b831a74d01a12035f653c2f4e07221122ab18b3bb24edc23fa876100
Page 1 of 3
Back123Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
Sam Bankman-Fried's Sentencing Hearing Over FTX Fraud Begins Today
Posted Mar 28, 2024

tags | headline, fraud, cryptography
Sellafield To Be Prosecuted For IT Security Offenses
Posted Mar 28, 2024

tags | headline, government, britain, flaw
These 17,000 Microsoft Exchange Servers Are A Ticking Time Bomb
Posted Mar 28, 2024

tags | headline, microsoft, email, flaw
Analyse, Hunt, And Classify Malware Using .NET Metadata
Posted Mar 27, 2024

tags | headline, hacker, malware, microsoft
VPN Apps On Google Play Turn Android Devices Into Proxies
Posted Mar 27, 2024

tags | headline, privacy, phone, flaw, google
Fortinet FortiClient EMS SQL Injection Flaw Exploited In The Wild
Posted Mar 27, 2024

tags | headline, hacker, flaw
Google Reveals 0-Day Exploits In Enterprise Tech Surged 64% Last Year
Posted Mar 27, 2024

tags | headline, flaw, google, zero day
Ray AI Framework Vulnerability Exploited To Hack Hundreds Of Clusters
Posted Mar 27, 2024

tags | headline, hacker, flaw
Justice Dept Indicts 7 Accused In 14 Year Long Hack Campaign By Chinese Government
Posted Mar 26, 2024

tags | headline, hacker, government, usa, china, cyberwar, spyware, backdoor
Ransomware Can Mean Life Or Death At Hospital, But DEF CON Hackers Have A Plan
Posted Mar 26, 2024

tags | headline, hacker, malware, conference, cryptography
View More News →
packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close