Exploit the possiblities
Showing 1 - 25 of 40 RSS Feed

Files

elfrape2.c
Posted Jun 22, 2004

Proof of concept exploit that will patch an ELF binary to utilize the stack overflow in file 3.39 and below. If someone runs file against said binary, a suid shell is created as /tmp/.sh of that uid. New version works on both Linux and the BSDs .

tags | exploit, overflow, shell, proof of concept
systems | linux
MD5 | 7d7f9c560785a0ae752cb43a175504ba
elfrape.c
Posted Jun 22, 2004

Proof of concept exploit that will patch an ELF binary to utilize the stack overflow in file 3.39 and below. If someone runs file against said binary, a suid shell is created as /tmp/.sh of that uid.

tags | exploit, overflow, shell, proof of concept
MD5 | b1285b85abea7af08f5c4dc1bf2c4338
oC-zlib.c
Posted Nov 24, 2003
Authored by Dcryptr | Site crionized.net

Zlib gzprintf() proof-of-concept buffer overflow exploit.

tags | exploit, overflow
MD5 | d5b1906d63b88374446744f7749febd4
xf42local.c
Posted Nov 4, 2003
Authored by r3b00t | Site r3b00t.tx.pl

Local root exploit utilizing the overflow in XLOCALEDIR under XFree86 Version 4.2.x using xterm. Tested against Slackware 8.1 with kernel version 2.2.25.

tags | exploit, overflow, kernel, local, root
systems | linux, slackware
MD5 | c6db6a549211c9f37b33706e6efd1435
0303-exploits.tgz
Posted Sep 23, 2003
Authored by Todd J.

Packet Storm new exploits for March, 2003.

tags | exploit
MD5 | 8de821018c3d03573538a1be238a2355
0x333toper-local.c
Posted Jul 18, 2003
Authored by nic | Site 0x333.org

Local exploit that yields gid of games for /usr/bin/toppler. Tested against RedHat 8.0.

tags | exploit, local
systems | linux, redhat
MD5 | 3227eb42cffcb5a73535d8935e16bc6c
sphereexp.c
Posted Jul 6, 2003
Authored by sloth | Site nopninjas.com

Exploit for the win32 Sphere Server .55i from the Ultima Online Server Emulator.

tags | exploit
systems | windows
MD5 | e74b4d13c36b0b4a46576a1bf92939ff
axis1exp-13_3_0.c
Posted Jul 6, 2003
Authored by sloth | Site nopninjas.com

Exploit for remote administrative access on the freeware Ultima Online server emulator from sphereserver.com. Tested against axissvr 0.13.3.0.

tags | exploit, remote
MD5 | a91fed4ea17cee3ec66f075169cff84e
rs_iis.c
Posted Apr 11, 2003
Authored by Roman Medina-Heigl Hernandez aka RoMaNSoFt | Site rs-labs.com

Proof of concept exploit that will bind a cmd.exe shell on a given port utilizing the vulnerability in ntdll.dll described in ms03-007.

tags | exploit, shell, proof of concept
MD5 | bde683df66587c96ac1fc655a0bcd706
rs_iis_xpl.pl
Posted Apr 1, 2003
Authored by Knud Erik Hojgaard

Rs_iis_xpl.pl is a remote exploit for rs_iis.c, a remote IIS exploit. Sets up a web server, and if rs_iis.c is used to attempt an exploit, a shell will be spawned on the attacking host. Tested against FreeBSD 4.7-RELEASE-p7.

tags | exploit, remote, web, shell
systems | freebsd
MD5 | 666e7e0351c92f9cd0454a234f39b9e9
alexandria.txt
Posted Mar 29, 2003
Authored by Ulf Harnhammar | Site secunia.com

Alexandria versions 2.5 and 2.0, the open-source project management system used by Sourceforge, has multiple vulnerabilities in its PHP scripts. In the upload scripts there is a lack of input validation that allows an attacker to remotely retrieve any files off of the system, such as /etc/passwd. Other vulnerabilities including the sendmessage.php script allowing spammers to make use of it to mask real source identities and various cross site scripting problems exist as well.

tags | exploit, php, vulnerability, xss
MD5 | 53ef53a2cf3fb8f1209246dfd6d1f124
core.gnome.txt
Posted Mar 29, 2003
Site coresecurity.com

CORE Security Technologies Advisory - A vulnerability exists in GNOME's Eye of Gnome versions 2.2.0 and below that is locally exploitable. When EOG is used as a default image viewer, it takes in the image name as a command line argument and in turn can execute arbitrary commands with the privileges of the user attempting to view the image.

tags | exploit, arbitrary
MD5 | b683e87cc57b124ad78cf448c8ab8409
gespuis.c
Posted Mar 29, 2003
Authored by eSDee, netric | Site netric.org

Gespuis acts as an irc bouncer and exploits BitchX/Epic clients spawning a bindshell.

tags | exploit
MD5 | 3ca5ef2ff1acf701252d9a1695323968
SCSA012.txt
Posted Mar 29, 2003
Authored by Gregory Le Bras | Site Security-Corp.org

Security Corporation Security Advisory [SCSA-012]: The Sambar server default installation has a cgi-bin directory which contains executables that allow remote users to view information regarding the operating system and web server's directory. It also path disclosure and tons of cross site scripting vulnerabilities.

tags | exploit, remote, web, cgi, vulnerability, xss
MD5 | 2c0035655e239bc15b151194d7f7a88d
sa2003-01.txt
Posted Mar 29, 2003
Authored by NSFOCUS | Site nsfocus.com

NSFOCUS Security Advisory SA2003-01 - The NSFOCUS Security Team has found a buffer overflow vulnerability in Microsoft Windows XP Redirector that can be exploited locally and can allow attackers to crash the system or gain local system privilege by carefully crafted code.

tags | exploit, overflow, local
systems | windows, xp
MD5 | 32f822ed02f74b915809f044498b5f9f
ftpd.pl
Posted Mar 29, 2003
Authored by snooq | Site angelfire.com

The CuteFTP 5.0 client is vulnerable to an overflow in the LIST response. This exploit spawns a fake FTP daemon that will take advantage of an inbound vulnerable client.

tags | exploit, overflow
MD5 | 2ec2f7ed3b9660b30d8669fe95b5e839
wd.pl
Posted Mar 27, 2003
Authored by JW Oh | Site monkey.org

Wd.pl is a remote IIS exploit in perl which exploits the bug in ntdll.dll described inms03-007. Tested on Windows 2000 Advanced Server SP3 - Korean language edition.

tags | exploit, remote, perl
systems | windows, 2k
MD5 | bc7a10f11c570c05c9270352b83bc6cb
wb.c
Posted Mar 25, 2003
Authored by Kralor | Site coromputer.net

Ntdll.dll remote IIS exploit which exploits the bug described inms03-007. Attempts to spawn a remote shell.

tags | exploit, remote, shell
MD5 | ad7e1825587e07dd7be6c3a99a53089b
outblaze.txt
Posted Mar 17, 2003
Authored by Xpl017Elz

Outblaze web based email is vulnerable to user cookie spoofing that will allow an attacker to retrieve a user's password.

tags | exploit, web, spoof
MD5 | e5b6b1ace59084e8b7a607d370416569
kebi.txt
Posted Mar 17, 2003
Authored by Xpl017Elz

INetCop Security Advisory #2002-0x82-013 - The Kebi Academy 2001 Web Solution suffers from a basic directory traversal vulnerability which may allow remote attackers to execute code on the server.

tags | exploit, remote, web
MD5 | 170b01b195b33ebb9f6ea136257d9c6b
85pxe.c
Posted Mar 17, 2003
Authored by LByte, Crazy Einstein | Site lbyte.void.ru

Remote exploit for Intel's PXE (Pre-boot eXecution Environment) daemon on RedHat Linux 8.0.

tags | exploit, remote
systems | linux, redhat
MD5 | 2f512e5088c11ba8c64b2bfd733a7f06
hoagie_solarisldap.c
Posted Mar 14, 2003
Authored by Andi

Local exploit for the SUNWlldap library buffer overflow vulnerability on Sun Solaris x86.

tags | exploit, overflow, x86, local
systems | solaris
MD5 | 61e4ea12099a43481c81da63481e4cc7
OpenFuck.c
Posted Mar 14, 2003
Authored by SPAX | Site spabam.tk

Remote exploit for Apache + OpenSSL v0.9.6d and below. This exploit is based upon the openssl-too-open exploit by Solar Eclipse and offers more than 130 targets including various flavors of Linux.

tags | exploit, remote
systems | linux
MD5 | b6a3b4dc6f8899a7d85a1f7318d8bce4
cpanel.pl
Posted Mar 14, 2003
Authored by SPAX | Site spabam.tk

Remote CGI exploit written in Perl for Cpanel 5 Guestbook. Spawns a bash shell with the uid of the webserver.

tags | exploit, remote, shell, cgi, perl, bash
MD5 | b74b98833c694b43c9004d61d7c35c97
USG-ipp.c
Posted Mar 13, 2003
Authored by USG | Site usg.org.uk

IS 5.0 / Windows 2000 mass scanner / rooter which spawns a shell from a vulnerable system back over to the machine from where the attack is launched.

tags | exploit, shell
systems | windows, 2k
MD5 | f2661e8b34090be5c1ebafa036fe7f79
Page 1 of 2
Back12Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
NYPD Cops Need A Warrant To Snoop On Your Phone
Posted Nov 17, 2017

tags | headline, government, privacy, usa, phone
Oracle Scrambles To Fix Security Flaws In Tuxedo
Posted Nov 17, 2017

tags | headline, database, flaw, oracle
Github To Devs: Now You'll Get Security Alerts On Flaws In Popular Software Libraries
Posted Nov 17, 2017

tags | headline, flaw
Keystone Pipeline Leaked 210,000 Gallons Of Oil In South Dakota
Posted Nov 17, 2017

tags | headline, flaw
Cash Converters Reveals Data Breach
Posted Nov 16, 2017

tags | headline, hacker, cybercrime, data loss, fraud, identity theft
Kaspersky Defends Its Role In NSA Breach
Posted Nov 16, 2017

tags | headline, government, malware, usa, russia, data loss, spyware, nsa
McAfee Anti-Hacking Service Exposed Users To Banking Malware
Posted Nov 16, 2017

tags | headline, malware, bank, cybercrime, fraud, flaw, identity theft, mcafee
DJI Bug Bounty NDA Is 'Not Signable', Say Irate Infosec Researchers
Posted Nov 16, 2017

tags | headline, hacker, flaw
Government Just Figures Out You Can Hack Planes Remotely Due To Poor Design
Posted Nov 15, 2017

tags | headline, government, usa, flaw, terror
UK Security Chief Blames Russia For Hacks
Posted Nov 15, 2017

tags | headline, hacker, government, britain, russia, cyberwar
View More News →
packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close