exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 40 RSS Feed

Files

elfrape2.c
Posted Jun 22, 2004

Proof of concept exploit that will patch an ELF binary to utilize the stack overflow in file 3.39 and below. If someone runs file against said binary, a suid shell is created as /tmp/.sh of that uid. New version works on both Linux and the BSDs .

tags | exploit, overflow, shell, proof of concept
systems | linux
SHA-256 | 21103ace980bf29abaf0743ed5d8816533999653245d3642f709e758b76ba991
elfrape.c
Posted Jun 22, 2004

Proof of concept exploit that will patch an ELF binary to utilize the stack overflow in file 3.39 and below. If someone runs file against said binary, a suid shell is created as /tmp/.sh of that uid.

tags | exploit, overflow, shell, proof of concept
SHA-256 | 15a084aac71ca804bb1ff97e1ca230d473228271616ff4493d50b4b2a3d11cd4
oC-zlib.c
Posted Nov 24, 2003
Authored by Dcryptr | Site crionized.net

Zlib gzprintf() proof-of-concept buffer overflow exploit.

tags | exploit, overflow
SHA-256 | 526b27a79eccef0155d5959f4134946835d3f413dd6d008aa45c728ec96c60bd
xf42local.c
Posted Nov 4, 2003
Authored by r3b00t | Site r3b00t.tx.pl

Local root exploit utilizing the overflow in XLOCALEDIR under XFree86 Version 4.2.x using xterm. Tested against Slackware 8.1 with kernel version 2.2.25.

tags | exploit, overflow, kernel, local, root
systems | linux, slackware
SHA-256 | 5fd8f78f2af0410dd41eacb2da05936e9ffd1dfde65f9fc1f23fe0893668246c
0303-exploits.tgz
Posted Sep 23, 2003
Authored by Todd J. | Site packetstormsecurity.com

Packet Storm new exploits for March, 2003.

tags | exploit
SHA-256 | 99a4af813d300038af78ac3abb7d9b6bd8d2dceb9b661b5b112f238494160780
0x333toper-local.c
Posted Jul 18, 2003
Authored by nic | Site 0x333.org

Local exploit that yields gid of games for /usr/bin/toppler. Tested against RedHat 8.0.

tags | exploit, local
systems | linux, redhat
SHA-256 | c92cab560b62bccb2088bbd7e1ee2b423795fe4783101d37181185d7c3dbad96
sphereexp.c
Posted Jul 6, 2003
Authored by sloth | Site nopninjas.com

Exploit for the win32 Sphere Server .55i from the Ultima Online Server Emulator.

tags | exploit
systems | windows
SHA-256 | c61f895011cca1cf9179eac1583450d27e65398ee74ab2bebbbc0cc2f78f02e7
axis1exp-13_3_0.c
Posted Jul 6, 2003
Authored by sloth | Site nopninjas.com

Exploit for remote administrative access on the freeware Ultima Online server emulator from sphereserver.com. Tested against axissvr 0.13.3.0.

tags | exploit, remote
SHA-256 | 1e2e497dc7b1abee56419b300adc740941e8fbad2c4768089ac1e0f1a2735a3f
rs_iis.c
Posted Apr 11, 2003
Authored by Roman Medina-Heigl Hernandez aka RoMaNSoFt | Site rs-labs.com

Proof of concept exploit that will bind a cmd.exe shell on a given port utilizing the vulnerability in ntdll.dll described in ms03-007.

tags | exploit, shell, proof of concept
SHA-256 | 4a6a2dbc4a7b778869518e506ac6cd06819603c1bdf12113faff2f380ee3bcb8
rs_iis_xpl.pl
Posted Apr 1, 2003
Authored by Knud Erik Hojgaard

Rs_iis_xpl.pl is a remote exploit for rs_iis.c, a remote IIS exploit. Sets up a web server, and if rs_iis.c is used to attempt an exploit, a shell will be spawned on the attacking host. Tested against FreeBSD 4.7-RELEASE-p7.

tags | exploit, remote, web, shell
systems | freebsd
SHA-256 | 53a1d6f18d614b512a0d0c1ca5a75101a70147c7534c005448527d40e2891a82
alexandria.txt
Posted Mar 29, 2003
Authored by Ulf Harnhammar | Site secunia.com

Alexandria versions 2.5 and 2.0, the open-source project management system used by Sourceforge, has multiple vulnerabilities in its PHP scripts. In the upload scripts there is a lack of input validation that allows an attacker to remotely retrieve any files off of the system, such as /etc/passwd. Other vulnerabilities including the sendmessage.php script allowing spammers to make use of it to mask real source identities and various cross site scripting problems exist as well.

tags | exploit, php, vulnerability, xss
SHA-256 | 3b8cd898c56ffd9fbcad5f8c4a643c6201ae0184608d07c89c46e5d1ba679c07
core.gnome.txt
Posted Mar 29, 2003
Site coresecurity.com

CORE Security Technologies Advisory - A vulnerability exists in GNOME's Eye of Gnome versions 2.2.0 and below that is locally exploitable. When EOG is used as a default image viewer, it takes in the image name as a command line argument and in turn can execute arbitrary commands with the privileges of the user attempting to view the image.

tags | exploit, arbitrary
SHA-256 | 1950228f33b065eb6ab55bc204fca15b96faec949e0b20489cd4de91304831bb
gespuis.c
Posted Mar 29, 2003
Authored by eSDee, netric | Site netric.org

Gespuis acts as an irc bouncer and exploits BitchX/Epic clients spawning a bindshell.

tags | exploit
SHA-256 | dd15eaa198ba5124d4a8fee6a3430072539d129c6f1f74f1e39e66f5101144cb
SCSA012.txt
Posted Mar 29, 2003
Authored by Gregory Le Bras | Site Security-Corp.org

Security Corporation Security Advisory [SCSA-012]: The Sambar server default installation has a cgi-bin directory which contains executables that allow remote users to view information regarding the operating system and web server's directory. It also path disclosure and tons of cross site scripting vulnerabilities.

tags | exploit, remote, web, cgi, vulnerability, xss
SHA-256 | b897ec3ddb97840373628aa3bb5efc9f8c599d518df5000da8a5091885486a75
sa2003-01.txt
Posted Mar 29, 2003
Authored by NSFOCUS | Site nsfocus.com

NSFOCUS Security Advisory SA2003-01 - The NSFOCUS Security Team has found a buffer overflow vulnerability in Microsoft Windows XP Redirector that can be exploited locally and can allow attackers to crash the system or gain local system privilege by carefully crafted code.

tags | exploit, overflow, local
systems | windows
SHA-256 | 4bce606470486613bbe2edd6d19c384969079d8be9debbb1f30a27d5174adf73
ftpd.pl
Posted Mar 29, 2003
Authored by snooq | Site angelfire.com

The CuteFTP 5.0 client is vulnerable to an overflow in the LIST response. This exploit spawns a fake FTP daemon that will take advantage of an inbound vulnerable client.

tags | exploit, overflow
SHA-256 | 0d90fa34ef19917ca10687f8f44e64d6c882b732e003af9733fd1171ab14236f
wd.pl
Posted Mar 27, 2003
Authored by JW Oh | Site monkey.org

Wd.pl is a remote IIS exploit in perl which exploits the bug in ntdll.dll described inms03-007. Tested on Windows 2000 Advanced Server SP3 - Korean language edition.

tags | exploit, remote, perl
systems | windows
SHA-256 | 5ea1f6ba50a1127397038bd3ad1cc1ed795a67a840eab0ac0c674e81cf2d7b19
wb.c
Posted Mar 25, 2003
Authored by Kralor | Site coromputer.net

Ntdll.dll remote IIS exploit which exploits the bug described inms03-007. Attempts to spawn a remote shell.

tags | exploit, remote, shell
SHA-256 | 8fd2cc3cb35d4d32afa6c2889e3056ee970fc039cea7bda513e5554fd8b1068b
outblaze.txt
Posted Mar 17, 2003
Authored by Xpl017Elz

Outblaze web based email is vulnerable to user cookie spoofing that will allow an attacker to retrieve a user's password.

tags | exploit, web, spoof
SHA-256 | 27cb8401290217c09af3cc57b0eac1a72004aee543b0d3820828ddb0cc9e207b
kebi.txt
Posted Mar 17, 2003
Authored by Xpl017Elz

INetCop Security Advisory #2002-0x82-013 - The Kebi Academy 2001 Web Solution suffers from a basic directory traversal vulnerability which may allow remote attackers to execute code on the server.

tags | exploit, remote, web
SHA-256 | 852fd7f68269e8865c32455952d42b80d4eef0257eeec6af4e85f898aa68088d
85pxe.c
Posted Mar 17, 2003
Authored by LByte, Crazy Einstein | Site lbyte.void.ru

Remote exploit for Intel's PXE (Pre-boot eXecution Environment) daemon on RedHat Linux 8.0.

tags | exploit, remote
systems | linux, redhat
SHA-256 | 6ee7f60bbf12228d58ccf17f6d93e028fed34300347b2f6d532b8eabc173c677
hoagie_solarisldap.c
Posted Mar 14, 2003
Authored by Andi

Local exploit for the SUNWlldap library buffer overflow vulnerability on Sun Solaris x86.

tags | exploit, overflow, x86, local
systems | solaris
SHA-256 | 9741295723632b8059de0525584841db6e2fb91f9d27d52e0c0d9caf0562ad64
OpenFuck.c
Posted Mar 14, 2003
Authored by SPAX | Site spabam.tk

Remote exploit for Apache + OpenSSL v0.9.6d and below. This exploit is based upon the openssl-too-open exploit by Solar Eclipse and offers more than 130 targets including various flavors of Linux.

tags | exploit, remote
systems | linux
SHA-256 | 3a5210e98085c90e9f463fc1ab409702683f014b9cd595a3baf694c9a429a289
cpanel.pl
Posted Mar 14, 2003
Authored by SPAX | Site spabam.tk

Remote CGI exploit written in Perl for Cpanel 5 Guestbook. Spawns a bash shell with the uid of the webserver.

tags | exploit, remote, shell, cgi, perl, bash
SHA-256 | ca9f2885c908445eb60e8177358c48d394aa727280a6bb55d5f86eff26d45bb7
USG-ipp.c
Posted Mar 13, 2003
Authored by USG | Site usg.org.uk

IS 5.0 / Windows 2000 mass scanner / rooter which spawns a shell from a vulnerable system back over to the machine from where the attack is launched.

tags | exploit, shell
systems | windows
SHA-256 | 24f0ee8484f067e1f4b58579af1d7deca6ff9ef430a2ae999a08629bbc3e11c1
Page 1 of 2
Back12Next

Top Authors In Last 30 Days

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close