what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 18 of 18 RSS Feed

Files from Gregory Duchemin

First Active2000-03-04
Last Active2009-07-02
Sourcefire 3D Sensor / Defense Center Privilege Escalation
Posted Jul 2, 2009
Authored by Gregory Duchemin

Sourcefire 3D Sensor and Defense Center versions 4.8.1 and below suffer from a privilege escalation vulnerability.

tags | exploit
SHA-256 | 8d122104cad7e27e576d2a9001ec927db6865f70b597c09304127daf8c81ad95
D3VS-0.2.tar.gz
Posted Jul 28, 2008
Authored by Gregory Duchemin, Heike

Die Eier Von Satan is a quick and dirty rewrite of the old ADMnog00d code. This version exploits the DNS cache poisoning vulnerability and discovered by Dan Kaminsky. This proof of concept makes use of a MX RR to spread its poisonous payload, a A RR, but can easily be adapted for other flavors.

tags | exploit, proof of concept
advisories | CVE-2008-1447
SHA-256 | 10620955e93ad4e6de3b0a1a937dfcfaa4e383b2965a6eb178c2bfd654baf6da
MDCrack-17.zip
Posted Oct 31, 2006
Authored by Gregory Duchemin | Site mdcrack.openwall.net

MDCrack is a free, feature filled password cracker designed to bruteforce several commonly used hash algorithms at a very aggressive speed rate. It can retrieve any password made of up to 8 characters (16 for PIX algorithms) and 55 characters when salted. In order to achieve the highest possible speed rate, this program uses several cores for each algorithm it supports. Each one of these cores provides a different level of optimization designed to best fit with a specific set of command line options. Whatever command line configuration is used, MDCrack will always arrange to use the best available core. To date, this program supports bruteforce attacks on MD2, MD4, MD5, NTLMv1 and PIX (enable and users) hashes, the list of algorithms is growing up. Multithreading allows for parallel cracking and load sharing between several CPUs and multiplies overall speed by the number of available processor(s).

Changes: This release includes several bug fixes along with 6 new cores supporting FreeBSD MD5, Apache MD5 and Cisco IOS hashes.
tags | cracker
SHA-256 | 9593af74b8a11d0e64180ad1fb001d350707f3825c6d32f9b31644937f17766c
MDCrack-16.zip
Posted Oct 21, 2006
Authored by Gregory Duchemin | Site mdcrack.openwall.net

MDCrack is a free, feature filled password cracker designed to bruteforce several commonly used hash algorithms at a very aggressive speed rate. It can retrieve any password made of up to 8 characters (16 for PIX algorithms) and 55 characters when salted. In order to achieve the highest possible speed rate, this program uses several cores for each algorithm it supports. Each one of these cores provides a different level of optimization designed to best fit with a specific set of command line options. Whatever command line configuration is used, MDCrack will always arrange to use the best available core. To date, this program supports bruteforce attacks on MD2, MD4, MD5, NTLMv1 and PIX (enable and users) hashes, the list of algorithms is growing up. Multithreading allows for parallel cracking and load sharing between several CPUs and multiplies overall speed by the number of available processor(s).

Changes: This release includes several bug fixes along with 8 new cores supporting HMAC MD4 and HMAC MD5.
tags | cracker
SHA-256 | d82d9d0897fb3dcca072bcf641acc2c197e69d17e77d40bc57f48b84b307a906
MDCrack-15.zip
Posted Sep 7, 2006
Authored by Gregory Duchemin | Site mdcrack.openwall.net

MDCrack is a free, feature filled password cracker designed to bruteforce several commonly used hash algorithms at a very aggressive speed rate. It can retrieve any password made of up to 8 characters (16 for PIX algorithms) and 55 characters when salted. In order to achieve the highest possible speed rate, this program uses several cores for each algorithm it supports. Each one of these cores provides a different level of optimization designed to best fit with a specific set of command line options. Whatever command line configuration is used, MDCrack will always arrange to use the best available core. To date, this program supports bruteforce attacks on MD2, MD4, MD5, NTLMv1 and PIX (enable and users) hashes, the list of algorithms is growing up. Multithreading allows for parallel cracking and load sharing between several CPUs and multiplies overall speed by the number of available processor(s).

tags | cracker
SHA-256 | e7746486dd30fc6921a9e419810f4a9c48ca31e4139cb7b2298bfea7b4875075
alcateladsl.txt
Posted Nov 13, 2004
Authored by Gregory Duchemin

The Alcatel/Thomson Speed Touch Pro ADSL modem suffers two security flaws allowing an insider to poison the intranet zone configured in the modem's embedded DNS server.

tags | advisory
SHA-256 | 9bbdb6331e0c1c32a010de746600968e00b87e55d153201e72c3355b25408791
DHCPing 0.90
Posted Jul 9, 2004
Authored by Gregory Duchemin | Site dhcping.openwall.net

DHCPing 0.90 is a tool that can be used for various security audits allowing an engineer the ability to create valid and invalid DHCP/BOOTP traffic via hping. It also features several exploits for the latest ISC Infoblox and DLink vulnerabilities.

tags | tool, scanner, vulnerability
systems | unix
SHA-256 | 754cd512468cc79d48d24f85f510728175eb4d01826e600d9c314f8af692341f
dlink624.txt
Posted Jul 1, 2004
Authored by Gregory Duchemin

The DI-624+ SOHO DLINK router suffers a script injection vulnerability that uses DHCP as a vector of attack.

tags | advisory
SHA-256 | d856de4fb4db87ed8574faf55666d66f7965ff1088c03f36522efd2cfcfa846e
dhcpdDOS.txt
Posted Jun 28, 2004
Authored by Gregory Duchemin

Original research data regarding ISC DHCPD 3.0.1 rc12 and rc13 denial of service attacks.

tags | advisory, denial of service
SHA-256 | af7361e4caaf6e24854e73423f133ae3002cdac83b977215361840b8ae51b713
dlink614.txt
Posted Jun 22, 2004
Authored by Gregory Duchemin

The DI-614+ SOHO DLINK router suffers a script injection vulnerability that uses DHCP as a vector of attack.

tags | exploit
SHA-256 | b89f567cac4704eaa1323775e91f7c938e9c34a4c6b3f5a58e198b767eca3571
dnsone.txt
Posted Jun 22, 2004
Authored by Gregory Duchemin

It has been reported that a vulnerability exists in DNS One, potentially allowing malicious people to conduct script insertion attacks. The problem is that input supplied to the HOSTNAME and CLIENTID parameters in a valid DHCP request are logged unfiltered, allowing arbitrary HTML and script code to be embedded. Successful exploitation allows code execution in an administrative user's browser in context of the affected site when the report / log is viewed. Reportedly, firmware version 2.4.0-8 and 2.4.0-8A and prior are affected.

tags | advisory, arbitrary, code execution
SHA-256 | 834a3a0d683b2f180754f7d96f8cbc06c96db82fa7ecf2da5fe00ff2985869ab
xpede.txt
Posted Mar 22, 2002
Authored by Gregory Duchemin

Intellisol Xpede v4.1 and 7.1 contains two remote vulnerabilities which disclose user passwords. Workaround information included.

tags | remote, vulnerability
SHA-256 | 81eb0c2ecc2614795ed95d5aecf4f16515e453e55ce6b04b45dccc19776c3a69
sneaky2.sh
Posted Jul 18, 2001
Authored by Gregory Duchemin | Site securite-internet.com

Sneaky2.sh is a swiss army knife for Hotmail/Messenger. Implements Spoofing/brute force/misconception/unexpected input Class Attacks. Will spoof Hotmail/messenger server to recover user hotmail/password, crash messenger client, remotely inject and execute malicious exe on the victim host.

tags | exploit, spoof
SHA-256 | a20cd1bbf47e56f622a99907ad68665a56c73da31f4c7353938fa59ca1b6d1f4
mdcrack-0.9.5.tar.gz
Posted May 14, 2001
Authored by Gregory Duchemin | Site mdcrack.multimania.com

MDcrack is a brute forcer for MD5 hashes. Many programs send MD5 hashes of passwords over the wire for security, not realizing that brute forcing MD5 hashes is as simple as brute forcing our old UNIX DES password. MDcrack has been built with performance in mind, and is capable of breaking up to 6 characters in length hashes in hours, 8 character passwords can be cracked in a couple days.

Changes: Ncurses interface, 20% faster, long password support, precomputed hashes improved, and more information is displayed.
systems | unix
SHA-256 | f461126b4ca11233cfa062d480d4aa8188198ac11ff3d4e420a6641323aee8c2
mdcrack-0.7.tar.gz
Posted Mar 27, 2001
Authored by Gregory Duchemin | Site mdcrack.multimania.com

MDcrack is a brute forcer for MD5 hashes. Many programs send MD5 hashes of passwords over the wire for security, not realizing that brute forcing MD5 hashes is as simple as brute forcing our old UNIX DES password. MDcrack has been built with performance in mind, and is capable of breaking up to 6 characters in length hashes in hours, 8 character passwords can be cracked in a couple days.

Changes: Now includes a human readable form output so grep can be used to search through results, a -F option to write in non-human form speeding up performance by 60%, and bug fixes.
systems | unix
SHA-256 | b1d8492042611af996c56bf4b7c71729c98dae5e8ba376bc094d8dcd96bad7e9
mdcrack-0.6.tar.gz
Posted Mar 15, 2001
Authored by Gregory Duchemin | Site mdcrack.multimania.com

MDcrack is a brute forcer for MD5 hashes. Many programs send MD5 hashes of passwords over the wire for security, not realizing that brute forcing MD5 hashes is as simple as brute forcing our old UNIX DES password. MDcrack has been built with performance in mind, and is capable of breaking up to 6 characters in length hashes in hours, 8 character passwords can be cracked in a couple days.

Changes: It is now possible to simulate a complete authentication process using a server side pseudo-random key. Two options '-e' (end) and '-b' (beginning) concatenate the server static string to the password being cracked. Hashes are now rightly displayed during a verbose session.
systems | unix
SHA-256 | 781feb57179e68b95e8c36683c6db09e1e322cff17f77a37cc7bb27bb0c0b78c
mdcrack-0.5.tar.gz
Posted Mar 14, 2001
Authored by Gregory Duchemin | Site mdcrack.multimania.com

MDcrack is a bruteforcer for MD5 hashes. Many programs send MD5 hashes of passwords over the wire for security, not realizing that brute forcing MD5 hashes is as simple as brute forcing our old UNIX DES password. MDcrack has been built with performance in mind, and is capable of breaking up to 6 characters in length hashes in hours, 8 character passwords can be cracked in a couple days.

systems | unix
SHA-256 | e7c05bb6ff9e970c66ab43e0e0a84f5f0cdbe2c7d8be2d82f35dc22061edc3da
officescan.txt
Posted Mar 4, 2000
Authored by Gregory Duchemin | Site securite-internet.com

Trendmicro Officescan 3.5 has severe remote vulnerabilities, allowing a malicious user to remotely uninstall the anti virus, remotely stop the scan, remotely make the anti virus inefficient by modifying the scan configuration file through the network on the target pc, and finally, remotely write anywhere on the target file system! Includes exploit instructions.

tags | exploit, remote, vulnerability, virus
SHA-256 | 1b397afbf8b09ecf70d57af6cf9b203f751689535272af2e5daa44bfc52d3737
Page 1 of 1
Back1Next

File Archive:

September 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    2 Files
  • 2
    Sep 2nd
    21 Files
  • 3
    Sep 3rd
    0 Files
  • 4
    Sep 4th
    17 Files
  • 5
    Sep 5th
    34 Files
  • 6
    Sep 6th
    29 Files
  • 7
    Sep 7th
    11 Files
  • 8
    Sep 8th
    25 Files
  • 9
    Sep 9th
    0 Files
  • 10
    Sep 10th
    0 Files
  • 11
    Sep 11th
    26 Files
  • 12
    Sep 12th
    23 Files
  • 13
    Sep 13th
    17 Files
  • 14
    Sep 14th
    22 Files
  • 15
    Sep 15th
    16 Files
  • 16
    Sep 16th
    0 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    19 Files
  • 19
    Sep 19th
    60 Files
  • 20
    Sep 20th
    23 Files
  • 21
    Sep 21st
    15 Files
  • 22
    Sep 22nd
    8 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    17 Files
  • 26
    Sep 26th
    3 Files
  • 27
    Sep 27th
    13 Files
  • 28
    Sep 28th
    5 Files
  • 29
    Sep 29th
    12 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close