Exploit the possiblities
Showing 1 - 25 of 41 RSS Feed

Files

access-counter.pl
Posted Sep 13, 2000
Authored by Slash | Site b0f.freebsd.lublin.pl

The popular CGI web page access counter version 4.0.7 by George Burgyan allows execution of arbitrary commands due to unchecked user input. Commands are executed with the same privilege as the web server.

tags | web, arbitrary, cgi
MD5 | 2beb4c9aa7ffd4a6559b4ee451132a24
lpset.pl
Posted Sep 13, 2000
Authored by Slash | Site b0f.freebsd.lublin.pl

Perl port of the /usr/bin/lpset local root vulnerability in Solaris/SPARC 2.7. Based on lpset.sh.

tags | local, root, perl
systems | solaris
MD5 | 273a18bea943ed29e39af2008e2f53e1
smegma_v0.4.tgz
Posted Jul 24, 2000
Authored by Scrippie | Site b0f.freebsd.lublin.pl

SMEGMA is an engine for generating garbled shellcode using several encryption mechanisms and making it self-decryptable by putting an Intel x86 machine-code decryptor in front of it. It uses a hand-written C lexer to grab the shellcode from sourcefiles and try and identify it. Use SMEGMA to modify shellcode in which characters get ruined by regular expressions (often seen in CGI binaries, web applications and webservers).

Changes: Fixed all NULL byte problems - you can now use smegma to rid shellcode of NULL characters, more garbling algorithms, more efficient garbling algorithms, fixed the size problem.
tags | web, x86, cgi, shellcode
MD5 | 651b6173fc24873f8ad4e5f846fba666
smegma_v0.2.tgz
Posted Jul 8, 2000
Authored by Scrippie | Site b0f.freebsd.lublin.pl

SMEGMA is an engine for generating garbled shellcode using several encryption mechanisms and making it self-decryptable by putting an Intel x86 machine-code decryptor in front of it. It uses a hand-written C lexer to grab the shellcode from sourcefiles and try and identify it. Use SMEGMA to modify shellcode in which characters get ruined by regular expressions (often seen in CGI binaries, web applications and webservers).

tags | web, x86, cgi, shellcode
MD5 | 42981bfacdfe3138a8734be57bbed972
htaccess-admin.tar.gz
Posted Jul 5, 2000
Authored by Slash | Site b0f.freebsd.lublin.pl

htaccess.tar - Perl script for adding users to the .htaccess file. Includes information on how to set up password protected web pages.

tags | web, perl, add administrator
MD5 | 27de7a057fe0c6373a9ad4390699239f
elm-exploit.c
Posted Jul 5, 2000
Authored by Slash | Site b0f.freebsd.lublin.pl

Linux Elm 2.4/2.5 local exploit - This will give you a shell(gid=12) if /usr/bin/elm is SGID. Tested on slackware 4.0 and redhat 5.1.

tags | shell, local
systems | linux, redhat, slackware
MD5 | 82f10bfc8741bb629281379f2f03ccc9
majordomeX.sh
Posted Jul 5, 2000
Authored by Slash | Site b0f.freebsd.lublin.pl

Majordomo v1.94.5 local linux exploit - run commands as the UID that majordomo runs under.

tags | local
systems | linux
MD5 | 5ce22449e2db60174798412395e28845
sscan2k-pre3.b0f.tar.gz
Posted Jun 8, 2000
Authored by eth0 | Site b0f.freebsd.lublin.pl

sscan2k is a remote auditing/vulnerability scanner which determines remote OS, and scans the host for applicable vulnerabilities. Features updated vulnerability checks, a scripting language, support for plugins and addons, configureable OS fingerprints, dns zone and subnet scans. Based off sscan by jsbach.

Changes: Fixes by mixter.
tags | remote, vulnerability
MD5 | f2afd7708edbbf1d301f9597e8fe4b30
mod_backdoor.c
Posted Jun 5, 2000
Authored by Slash | Site b0f.freebsd.lublin.pl

Apache DSO backdoor - A get request to a "special" url allows remote command execution.

tags | remote
MD5 | 84e2f164eca988c6647d0dc512f4536c
hellex.c
Posted May 23, 2000
Authored by Narrow | Site b0f.freebsd.lublin.pl

hellex.c is a local buffer overflow exploit for the Hellkit 1.2 shellcode generation package. Tested on Red Hat 6.0.

tags | overflow, local, shellcode
systems | linux, redhat
MD5 | 7e9d7f936be9cf422b078cf7e5a25146
sscan2k-pre2.b0f.tar.gz
Posted May 22, 2000
Authored by eth0, axess. Fixes: Mixter | Site b0f.com

sscan was given to buffer0verfl0w security by jsbach for the project to be continued for jsbach. From now on sscan will go as sscan2k. sscan2k now has updated vulnerability checks along with all the other great features it had before, improved OS detection (user can update the fingerprints by editing Osdefs.ms [which comes in sscan2k scripting language]), etc.

MD5 | 3ee58f3c6e90d5e587cc8b068b22548d
syrin15.zip
Posted May 17, 2000
Authored by Digital Monkey | Site b0f.freebsd.lublin.pl

Buffer Syringe is a tool for win32 that tests a daemon for buffer overflow on it's parameter(s) sort of "brute forcing" or "stressing" the daemon by means of injecting a user specified parameter or a command with a value of a user specified number of characters to the daemon. Chances are, if the parameter being tested is vulnerable to an overflow, and the user specified number of characters exceeds that of the parameter's limit, then the daemon would likely crash.

tags | overflow
systems | windows
MD5 | 51bab6a00325ec97984338d5a6892f72
Neon_beta5.c
Posted May 12, 2000
Authored by Axess | Site b0f.freebsd.lublin.pl

Neon beta5 - Simple Host or Iplist cgi Scanner which does 358 checks.

Changes: Added more cgi, fixed better output.
tags | cgi
MD5 | 0f51bd2e126eb23a4b2bb5ea4e549ad8
Neon_beta4.c
Posted May 9, 2000
Authored by Axess | Site b0f.com

-(- Neon beta4 -)- Simple Host or Iplist Cgi Scanner ( 356 ) Checks

tags | cgi
MD5 | fcbbe41e4081d6f3ffc4902b86c685c9
OMNI.SH
Posted May 9, 2000
Authored by sirius | Site b0f.com

Exploit/DoS for OmniHTTPd pro v.2.06 Win98 (NT not tested). The result is crash of remote server.

tags | remote
systems | windows
MD5 | bcacbf9c5c4468cc5daa396b467a2b3e
b0stt.tar.gz
Posted May 8, 2000
Authored by Xfer | Site b0f.freebsd.lublin.pl

Buffer0verfl0w Security Team Ssh Trojan - Does not log anything to system logs(utmp,wtmp,lastlog and the rest of syslogd logs), it also logs all incoming/outcoming ssh passwords.

tags | trojan
MD5 | 3ca811fa7c30725b688e469ac3d73e0a
aurora.tgz
Posted May 5, 2000
Authored by Lamagra | Site lamagra.seKure.de

Project aurora is lamagra's non-blind LAN spoofing project. It can be used to create TCP connections from a non-existing box or another box in the network. The biggest problem while spoofing was guessing the sequence numbers to acknowledge and that the other box always sends back a reset when it receives a SYN|ACK. This used to be solved by abusing small bugs in the tcpip stack.

tags | spoof, tcp
MD5 | 6b276aa4c57241cef0a88d7306e26461
spider.tgz
Posted May 5, 2000
Authored by Lamagra | Site lamagra.seKure.de

fs-spider is a multi-threaded bad permissions finder (user defined). It

MD5 | 48bb15ad312e8be76f26b4bcc38bb6be
connect.c
Posted May 5, 2000
Authored by Lamagra | Site lamagra.seKure.de

This shellcode creates a connection to a host/port and starts a shell. This should be more anti-IDS then the others and it can go through a firewall.

tags | shell, shellcode
MD5 | b92b48091663aeca497d26a0b45769f0
tp2.sh
Posted Apr 27, 2000
Authored by eth0 | Site b0f.freebsd.lublin.pl

Timbuktu Pro 2.0b650 denial of service exploit.

tags | denial of service
MD5 | 9f2830f69b5d9919739d014f885ba830
sqlsyslogd.c
Posted Apr 26, 2000
Authored by Venglin | Site freebsd.lublin.pl

syslogd-to-MySQL wrapper v0.1 prebeta. Stores syslog messages in a MySQL database. Written for FreeBSD.

systems | freebsd
MD5 | 9a055ca5347884d3708e659ce3ae8a55
plogd2.c
Posted Apr 26, 2000
Authored by Venglin | Site freebsd.lublin.pl

Plogd v2 (Revision 1.5) is a syn/udp/icmp packet logger for freebsd.

Changes: Fixed fd leak, misc bugfixes.
tags | udp
systems | freebsd
MD5 | eef674504b75af8c3aa2b70b04a1ae7d
b0f3-ncurses.txt
Posted Apr 24, 2000
Authored by Venglin | Site b0f.com

BufferOverflow Security Advisory #3 - libncurses buffer overflow in NCURSES 1.8.6 on FreeBSD 3.4-STABLE. Setuid programs linked with libncurses can be exploited to obtain root access.

tags | overflow, root
systems | freebsd
MD5 | 6498cacb6f034cf8c3e1a0d842966aaa
gibd00r3.c
Posted Apr 21, 2000
Authored by Axess | Site b0f.com

gibd00r3.c is a passworded backdoor which pretends to be an ident daemon.

MD5 | 967dd190a53f9ccca2ee70bb035b752f
nschecker.sh
Posted Apr 21, 2000
Authored by Axess | Site b0f.com

nschecker.sh NS Security Scanner - Uses dig to query the bind version from a list of ips.

MD5 | 62f4b7a9625cf389e7e581a0e97e8536
Page 1 of 2
Back12Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
Cash Converters Reveals Data Breach
Posted Nov 16, 2017

tags | headline, hacker, cybercrime, data loss, fraud, identity theft
Kaspersky Defends Its Role In NSA Breach
Posted Nov 16, 2017

tags | headline, government, malware, usa, russia, data loss, spyware, nsa
McAfee Anti-Hacking Service Exposed Users To Banking Malware
Posted Nov 16, 2017

tags | headline, malware, bank, cybercrime, fraud, flaw, identity theft, mcafee
DJI Bug Bounty NDA Is 'Not Signable', Say Irate Infosec Researchers
Posted Nov 16, 2017

tags | headline, hacker, flaw
Government Just Figures Out You Can Hack Planes Remotely Due To Poor Design
Posted Nov 15, 2017

tags | headline, government, usa, flaw, terror
UK Security Chief Blames Russia For Hacks
Posted Nov 15, 2017

tags | headline, hacker, government, britain, russia, cyberwar
Forbes 30 Under 30 Conference Site Exposed Attendee Details
Posted Nov 15, 2017

tags | headline, privacy, data loss, flaw, conference
The Motherboard Guide To Not Getting Hacked
Posted Nov 15, 2017

tags | headline, hacker, privacy, data loss, fraud, identity theft
Votes In 18 Nations 'Hacked' In Last Year
Posted Nov 14, 2017

tags | headline, government, usa, russia, fraud, cyberwar, social
Shut The Front Door: Jewson Admits To Data Breach
Posted Nov 14, 2017

tags | headline, hacker, privacy, data loss
View More News →
packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close