Exploit the possiblities
Showing 1 - 16 of 16 RSS Feed

Files from Roelof Temmingh

First Active2000-07-07
Last Active2005-10-12
Posted Oct 12, 2005
Authored by Roelof Temmingh

Assessing Server Security - State of the Art. The talk takes into consideration the progress that has been made in web server security over the last few years, and the progress that has been made in attacking web servers over the same time. The paper visits the new vulnerabilities introduced by web applications and discuss the thinking applied to discover such vulnerabilities. It finally describes the state of the art of web server scanning technology.

tags | web, vulnerability
MD5 | 230a5f551f758a401bbb1186a0dce00d
Posted Mar 18, 2003
Authored by Roelof Temmingh | Site sensepost.com

Finder.pl remotely checks IIS Servers for most of the methods used by WebDAV. If the server does not complain about the method its an indication that WebDAV is in use. See ms03-007.

tags | tool, scanner
systems | unix
MD5 | c31f41b39801a66a3c8d24dac99eb301
Posted Sep 11, 2002
Authored by Roelof Temmingh | Site sensepost.com

MielieTool v.1.0 is an easy to use Perl based web application "fuzzer". It supports fuzzing of CGIs in forms and links and supports multiple sites. Requires HTTrack, Lynx, grep, find, and rm.

tags | tool, web, cgi, perl, fuzzer
systems | unix
MD5 | d6e9ad12f4e6ae9242db88fd9fb906bd
Posted Mar 25, 2002
Authored by Roelof Temmingh | Site sensepost.com

Sp_Quickkill scans internal networks for unpatched windows machines, IIS and SQL.

tags | exploit
systems | windows
MD5 | df1ed07f57c90114475fb5b2cedabf67
Posted Feb 26, 2002
Authored by Roelof Temmingh | Site sensepost.com

Mieliekoek.pl is a SQL insertion crawler which tests all forms on a web site for possible SQL insertion problems. This script takes the output of a web mirroring tools as input, inspecting every file and determine if there is a form in the file.

tags | web
systems | unix
MD5 | 69a47601ba11f3408544b2e8d0eeb20f
Posted Oct 4, 2001
Authored by Roelof Temmingh | Site sensepost.com

A guide for breaking into computer networks from the Internet v3.1 - Includes host enumeration, scanners, custom tools, protocols, windows information, and much more. PDF format.

tags | paper, protocol
systems | windows
MD5 | 184a6d6e97615dce942ead3a603062d0
Posted Jul 18, 2001
Authored by Roelof Temmingh, Haroon Meer | Site sensepost.com

Checkpoint Firewall-1's SecureRemote allows any IP to connect and download sensitive network information. This perl script gives a potential attacker a wealth of information including ip addresses, network masks (and even friendly descriptions).

tags | exploit, perl
MD5 | 64a69339c5b64edbad5cc889a991464a
Posted May 17, 2001
Authored by Roelof Temmingh | Site sensepost.com

Sensedecode.tgz includes 2 perl scripts which exploit the IIS url decoding bug. Decodecheck.pl checks for hosts that have the "decode" problem, and decodexecute executes code using the decoding problem, with redirection.

tags | exploit, perl
MD5 | 86d5e3c61e31daab59964869741639e5
Posted Apr 17, 2001
Authored by Roelof Temmingh

Go.pl allows you to scan ports through a misconfigured squid proxy.

tags | tool, scanner
systems | unix
MD5 | 241ff8ce887607227d0218d5ed556c80
Posted Feb 27, 2001
Authored by Roelof Temmingh | Site sensepost.com

Desperate is a collection of tools used to extract of usernames via EXPN and finger, and obtaining IP addresses via "brute force" DNS lookups. Contains lists of commonly used usernames and DNS names. Coded in PERL.

tags | tool, scanner, perl
systems | unix
MD5 | 3f4a9327eb0650a87901c43df92f9eef
Posted Jan 25, 2001
Authored by Roelof Temmingh | Site sensepost.com

Unitools.tgz contains two perl scripts - unicodeloader.pl uploads files to a vulnerable IIS site, and unicodexecute3.pl includes searches for more executable directories and is more robust and stable.

tags | exploit, perl
MD5 | 31eb60d9e98049816c3c0907cb176c03
Posted Jan 13, 2001
Authored by Roelof Temmingh | Site sensepost.com

Pudding is a proxy which recodes HTTP requests using most of RFP's IDS evasion encoding methods, plus random UTF-8 encoding support. Allows any web aware program/exploit/cgi-scanner to evade IDS without modification of the original code. Encoding methods include all uppercase, hex encoding, /./ directory insertion, fake parameters, premature URL endings, windows delimiters, and random UTF8 encoding.

tags | web, cgi
systems | windows, unix
MD5 | c59f537e8c2babca36afbce55c28089b
Posted Oct 28, 2000
Authored by Roelof Temmingh | Site sensepost.com

Unicodexecute2 is a simple perl script to execute commands on vulnerable IIS servers w/ Unicode, as described in this article.

tags | exploit, perl
MD5 | 89be00be29fc322dcc2642c23b1ab9de
Posted Oct 21, 2000
Authored by Roelof Temmingh | Site sensepost.com

decoyblues.pl is a denial of service attack against active firewalls. Works by basically creating a lot of decoys with nmap. Router/firewall will try to block all the (decoyed) IP numbers, eventually running out of access list/packetfilters, and possibly crashing, or overwriting access lists.

tags | denial of service
MD5 | b775b42865b17628b85c373ae67fbb99
Posted Sep 7, 2000
Authored by Roelof Temmingh

Win2k IIS remote exploit - Retrieves files using the Translate: f bug.

tags | exploit, remote
systems | windows
MD5 | ca39fae3ccf6cef0b09f5c8b1e171366
Posted Jul 7, 2000
Authored by Roelof Temmingh | Site sensepost.com

Default Passwords for many network switches and devices. Includes many 3com products, ACC, AcceleratedDSL, ADC, Alteon, Arrowpoint, AT&T, AXIS200, Bay routers and switches, BreezzeCOM, Cabletron, Cayman_DSL, Crystalview, digiCorp, DLink, Flowpoint, Jetform_design, Lantronics, Linksys, Livingston, Microplex, Motorola, Netopia, Netprint, Orbitor_console, Osicom, Shiva, SpeedstreamDSL, UClinux_for_UCsimm, Webramp, Xylan, Zyxel, and more. Another nice list of default passwords is here.

tags | paper
MD5 | 0f992b0a3061303b4129ec09c5f5f114
Page 1 of 1

Want To Donate?

Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

February 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    15 Files
  • 2
    Feb 2nd
    15 Files
  • 3
    Feb 3rd
    15 Files
  • 4
    Feb 4th
    13 Files
  • 5
    Feb 5th
    16 Files
  • 6
    Feb 6th
    15 Files
  • 7
    Feb 7th
    15 Files
  • 8
    Feb 8th
    15 Files
  • 9
    Feb 9th
    18 Files
  • 10
    Feb 10th
    8 Files
  • 11
    Feb 11th
    8 Files
  • 12
    Feb 12th
    17 Files
  • 13
    Feb 13th
    15 Files
  • 14
    Feb 14th
    15 Files
  • 15
    Feb 15th
    17 Files
  • 16
    Feb 16th
    18 Files
  • 17
    Feb 17th
    37 Files
  • 18
    Feb 18th
    2 Files
  • 19
    Feb 19th
    16 Files
  • 20
    Feb 20th
    16 Files
  • 21
    Feb 21st
    15 Files
  • 22
    Feb 22nd
    16 Files
  • 23
    Feb 23rd
    31 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2018 Packet Storm. All rights reserved.

Security Services
Hosting By