Twenty Year Anniversary
Showing 1 - 25 of 36 RSS Feed

Files

l0pht.00-07-20.ikey
Posted Jul 25, 2000
Authored by Kingpin | Site l0pht.com

L0pht Security Advisory - Rainbow Technologies' iKey 1000 contains vulnerabilities which allow an attacker to login as administrator and access all private information stored on the device with no detection by the legitimate user. The attack requires physical access to the device and a EEPROM programmer. Includes a proof of concept tool, iSpy, which retrieves and displays configuration data for the inserted iKey and displays ll public and private data.

tags | vulnerability, proof of concept
MD5 | 067ddab1726a135890936d3da78d624e
l0pht.00-07-18.netzero
Posted Jul 25, 2000
Authored by Brian Carrier | Site l0pht.com

L0pht Security Advisory - Passwords can be easily decrypted by exploiting NetZero's encryption algorithm. Includes proof of concept code to decode the password stored in jnetz.prop.

tags | proof of concept
MD5 | 4f9160ba188abe167da39ce209985986
asniff_advisory.txt
Posted May 16, 2000

asniff_advisory.txt

MD5 | b61f0af94f258db4dc2bfa38dc6925a5
msoua.txt
Posted May 14, 2000
Authored by Dildog | Site l0pht.com

L0pht Security Advisory - Microsoft Office 2000 UA Control Scripting is categorized as being "safe for scripting", allowing malicious active content to execute regardless of macro virus protection settings. Scripts can be executed without users consent from any HTML page viewed with active scripting enabled, including both Internet Explorer and Outlook e-mail in their default configurations. Online demonstration of this vulnerability in action here.

tags | virus
MD5 | 0f6b61dc993c3fee2f57006f1e3e085b
heimlich.zip
Posted May 9, 2000
Site l0pht.com

Heimlich, Proof-of-concept tool for Win98 (47kB), can be used in regards to the eToken vulnerability.

systems | windows
MD5 | 5818c71e9174404e37fd6c3553e2e549
l0pht.00-05-04.etoken
Posted May 9, 2000
Authored by Kingpin | Site l0pht.com

l0pht Security Advisory - eToken Private Information Extraction and Physical Attack. Aladdin Knowledge Systems' (http://www.ealaddin.com) eToken is a portable USB (Universal Serial Bus) authentication device providing complete access control for digital assets. eToken stores private keys, passwords or electronic certificates in a hardware token the size of a house key. The eToken makes use of two-factor authentication. Using the legitimate user's PIN number ("what you know") and the physical USB key ("what you have"), access to the public and private data within the key will be granted.

tags | web
MD5 | 97f4c19f2239b97a10ed938e821a3388
l0pht.00-05-09.7180backdoor
Posted May 9, 2000
Authored by oblivion | Site l0pht.com

l0pht Security Advisory - NetStructure 7180 remote backdoor vulnerability. The NetStructure 7180 can be compromised via the admin console even after the admin password has been changed. Root access can be obtained via the Internet when used in a poorly configured or default configuration. Additionally, web based management authentication is done in the clear.

tags | remote, web, root
MD5 | 985179a32afe579a2b6c1814fb00fd31
l0pht.00-05-09.7110console
Posted May 9, 2000
Authored by oblivion | Site l0pht.com

l0pht Security Advisory - NetStructure 7110 console backdoor. The NetStructure 7110 can be compromised via the admin console even after the admin password has been changed. An undocumented command list exists known as 'wizard' mode. Through this mode there is a password that overides the admin password and allows full access to the internal components of the NetStructure 7110. This password can be used from within the admin command line interface or to overide the admin password at an initial login prompt.

MD5 | b639f43b08ef928267b0e36a153b17a0
l0pht.00-04-27.cart32fix
Posted Apr 28, 2000

No information is available for this file.

MD5 | 8928e3653780d406db9c365c584c615e
TBA_v1_prc.zip
Posted Mar 29, 2000
Authored by Kingpin | Site l0pht.com

TBA is the first wardialer for the PalmOS platform. Using a Palm device with a modem, you can wardial from anywhere a phone line is available - throw it in a phone can to retrieve later, toss it up in the ceiling during a security audit - the possibilities are endless.

systems | palmos
MD5 | 9b9b88bfd0010913b9cf8ad1422de349
TBA_Handbook.doc
Posted Mar 27, 2000
Authored by Kingpin | Site l0pht.com

Documentation for TBA, the first wardialer for the PalmOS platform. In Microsoft Word format.

systems | palmos
MD5 | 7e1d8c62ca2d5659009e0d54103a5df5
beamcrack.zip
Posted Mar 20, 2000
Authored by Kingpin | Site l0pht.com

BeamCrack is a simple application that will set or reset the bit in each application's database header which tells the launcher that it should or shouldn't be beamable, thus bypassing the PalmPilot's infantile copy-protection.

MD5 | e476e15f20efe0fbc045a2f0f260fdc9
ballz.zip
Posted Feb 14, 2000
Authored by Kingpin | Site l0pht.com

Enables you to examine all of the registers inside the Motorola DragonBall processor (running the show on the PalmPilot). Very nifty. Use at your own risk. For devices running MC68328 only.

MD5 | a06def97848b519b1fe82c606ce80142
l0pht.00-01-08.lpd
Posted Jan 12, 2000
Authored by Dildog

L0pht Advisory - A remote user can execute arbitrary code on a properly configured Linux LPD server.

tags | remote, arbitrary
systems | linux
MD5 | a0df4a0b1fdf8e6852ec294c2926baff
l0pht.99-10-04.shell-lock.txt
Posted Oct 5, 1999
Authored by Mudge, lumpy

Application: Cactus Software's shell-lock. (a) A trivial encoding mechanism is used for obfuscating the shell code in the "compiled" binary. Anyone with read permissions to the file in question can decode and retrieve the original shell code. Another vulnerability exists where the user can retrieve the un-encoded shell script without needing to actually decode the binary. (b) The vendors claim the program to be useful in creating SUID binaries on systems that do not honor SUID shell scripts and also to protect against the security problems with SUID shell scripts. As it turns out any shell-lock "compiled" program that is SUID root will allow any user to execute any program with root privileges.

tags | shell, root
MD5 | 362b8239fdd28d279fda9454b7143107
l0pht.97-10-08.imap4.1
Posted Sep 23, 1999

l0pht.97-10-08.imap4.1

MD5 | 0eb9b08a0a9311a95758aebb9cad991e
l0pht.97-11-01.mie.40
Posted Sep 23, 1999

l0pht.97-11-01.mie.40

MD5 | 9334d959c86b12d154ec163f3815c80c
l0pht.98-01-20.lotus_domino
Posted Sep 23, 1999

l0pht.98-01-20.lotus_domino

MD5 | 0df1f070fef3280eb915d8da8ba20d69
l0pht.98-02-06.nt.port.binding.vuln
Posted Sep 23, 1999

l0pht.98-02-06.nt.port.binding.vuln

MD5 | ac63ecac60e4624b2f575666652b91c9
l0pht.98-02-23.solaris.printd
Posted Sep 23, 1999

l0pht.98-02-23.solaris.printd

systems | solaris
MD5 | aaa3da93923ebd9ef2906bfeff908e28
l0pht.98-10-09.lotus.domino
Posted Sep 23, 1999

l0pht.98-10-09.lotus.domino

MD5 | 8434ca8722a230cf3d4f4094b55a7c05
l0pht.99-01-03.suguard
Posted Sep 23, 1999

l0pht.99-01-03.suguard

MD5 | 3b959db3869cdcef5c998b3766f1a7af
l0pht.99-01-08.clearcase
Posted Sep 23, 1999

l0pht.99-01-08.clearcase

MD5 | 3c7aa6f4002b692adb1da302998fef47
l0pht.99-01-08.tmp-watch
Posted Sep 23, 1999

l0pht.99-01-08.tmp-watch

MD5 | a67162cd32a07345afd39e7a1cd127d8
l0pht.99-01-21.password_appraiser
Posted Sep 23, 1999

l0pht.99-01-21.password_appraiser

MD5 | 68742535c1e4d9e0f03e2371a04967b7
Page 1 of 2
Back12Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

Top Authors In Last 30 Days

Recent News

News RSS Feed
After Indictment, Russian Hackers' Lives Changed Forever, Ex-Ambassador Says
Posted Jul 16, 2018

tags | headline, hacker, government, usa, russia, fraud, cyberwar, spyware
Can Graphical Passwords Keep Us Secure Online?
Posted Jul 16, 2018

tags | headline, data loss, password
Kodak Bitcoin Mining Scam Evaporates
Posted Jul 16, 2018

tags | headline, fraud
Russians Mined Bitcoin To Fund DNC Hack
Posted Jul 16, 2018

tags | headline, hacker, government, usa, russia, cyberwar
Mueller Indicts 12 Russian Intelligence Officers, Including Guccifer 2.0, For Hacking Democrats
Posted Jul 13, 2018

tags | headline, hacker, government, usa, russia, cyberwar, spyware, fbi
Bogus MDM System Used To Hack iPhones In India
Posted Jul 13, 2018

tags | headline, malware, phone, india, fraud, apple
Chrome Adds Ambitious Browser Mitigation For Spectre
Posted Jul 13, 2018

tags | headline, flaw, google, patch, chrome, intel
Cisco Patches High-Severity Bug In VoIP Phones
Posted Jul 13, 2018

tags | headline, flaw, patch, cisco
Ukraine Claims It Blocked VPNFilter Attack At Chemical Plant
Posted Jul 13, 2018

tags | headline, malware, cyberwar, scada
Ticketmaster Breach Part Of Massive Card Skimming Campaign
Posted Jul 12, 2018

tags | headline, hacker, privacy, bank, data loss, fraud
View More News →
packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close