Multihtml.c is a remote exploit for /cgi-bin/multihtml.pl, versions previous to 2.2 which spawns a remote shell.
1cb8b402e54df7815270db3a85536296536997d3459dfb03bc464424e639323cQuick perl script to search through the history file of each user on your system for a certain command (i.e. "cat /etc/passwd").
9bff10e0b13f74501fe381001cf0e37279e3be5fca0e60e87cb1c850a547780fsploitmon.pl is a simple yet sophisticated perl script that runs in the background to monitor Apache's access_log file for indications of an exploit scan. If one is detected, a new exploit_scan_log file is created with the details. Checks for /cgi-bin/phf, /cgi-bin/nph-test-cgi, and /cgi-bin/whois_raw.cgi.
a9a2d6cb059ca360921cfea53192a86691abc7cab592a0d3711c7ca85e80a471A simple yet sophisticated perl script that runs in the background and monitors for user attempts to su to root. If one is detected, the log file is immediately mailed to a specified user and a backup is created in /tmp. Very useful for attempting to keep track of logs after an intrusion has occured.
9d5a05a262ce5c62f5af07164aa226ee20f05a3529a13f4c3b10f6642e980ec1suidbofcheck.pl searches the system for suid binaries in /usr/bin, /bin, /sbin, and /usr/sbin and tests each one against a standard buffer overflow (both with and without the use of environmental variables) at a specified offset.
cdfabbf02010e314aaf0717fec7794934ca6e1c28d934c051807997557d665e4Exploits the auto registration feature of most ChanServ bots and causes it to die. This exploit has been known to work on networks including DalNet, CobraNet and RelicNet.
865f6f01d3cc5bf17ccb21f2ea7ad728f0e13a90f25b6ff1a1fe00b5b3a4ad68ICQ Web Front DOS Exploit - guestbook.cgi, part of ICQ web front, is vulnerable to a remote denial of service attack. This shell script exploit generates a malformed POST request and uses netcat to send it to port 80 of the victim host.
b8e9e0819dfa1cd572dcf565fd2d91d1830fea0eb549bcc41414b0da7e85f832Exploit for the (patched) major security issue with networksolutions.com(easysteps.pl) which would have set up a bindshell if it had been run.
9341f14a0079af7d87506afc61d98b1ef1589d7eeb8b50a03d204c3b48807cbfcommunigate.pl is a DoS exploit against CommuniGatePro 3.1 for NT.
3c4ca0bd0f5f75d0a744d6c32d7bbbc01e060250be2da4e3f804f20d72c0e403attrition.pl gets the latest x (you specify how many) defacements from attrition. Just use the script to save the latest defacements to a file and then include them on your page through SSI.
1dc09a27daea3b7dc5e06b5ec698922863ab4b98158b1c6f5ea7765c284c1112Everybody knows about the _vti_pvt password files, but what about those misconfigured Frontpage servers that allow remote login and authoring without a login and password? This script will check for both vulnerabilties.
9040980cfe8b96a201e33ee28fbdd4f0ee1d4f87da6b7f725166cb677e745d00Grinder.pl scans a range of IP's looking for a URL. Could be used to search for sites with a certain URL or CGI program.
17a62deebdd349e5d8c73be75d2c23ff06c8637cbc112b275271d2d25c11d2c9This script will upload a trojan to an RDS vulnerable site running NT and execute the trojan.
103493a4c6051cab304f220b22274a4ca432f01306d62d03af4825d7c7bf7105
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed