what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 24 of 24 RSS Feed

Files from Venglin

Email addressvenglin at freebsd.lublin.pl
First Active2000-02-29
Last Active2010-09-16
Linux Kernel ia32syscall Emulation Local Root
Posted Sep 16, 2010
Authored by Venglin, Wojciech Purczynski, Robert Swiecki, Pawel Pisarczyk, Ben Hawkes

Local root exploit for the x86_64 Linux kernel ia32syscall emulation vulnerability. This is a variant of a vulnerability found back in 2007.

tags | exploit, kernel, local, root
systems | linux
advisories | CVE-2007-4573, CVE-2010-3301
SHA-256 | a975a5a7e9e7bdcda51544b9df0e5c25b8e47ff9127f4b0b85f74f3553538ba9
linux-syscall.txt
Posted Sep 28, 2007
Authored by Venglin, Wojciech Purczynski, Robert Swiecki, Pawel Pisarczyk | Site atm-lab.pl

Local root exploit for the x86_64 Linux kernel ia32syscall emulation bug.

tags | exploit, kernel, local, root
systems | linux
SHA-256 | 8d91a3219d851d8406ae0d6bc5f4d6d08474c37d42d187149534fafa463a0295
ldsoWhoops.txt
Posted Jun 29, 2005
Authored by Venglin

ld.so from Solaris 9 and 10 does not check the LD_AUDIT environment variable when running setuid and setgid binaries, allowing a malicious party to run arbitrary code with elevated privileges.

tags | exploit, arbitrary
systems | solaris
SHA-256 | 99095146827726d63bfcc4635cf1196f0a332c6fd871b51f211d97645f2ae3c8
traceSolaris.txt
Posted Jun 25, 2005
Authored by Venglin | Site frasunek.com

traceroute under Solaris 10 is susceptible to a buffer overflow in the handling of the -g argument. Sample exploitation included.

tags | exploit, overflow
systems | solaris
SHA-256 | cb0c0dbe8ee0f3edaaa0aa00d00ef0112897f0cc43532ced7b96994aa211b0bb
googleSegFault.txt
Posted Dec 31, 2004
Authored by Venglin

Amusing tidbit showing Google segfaulting.

tags | advisory
SHA-256 | baad030777afff8736e17d8fe3f4fad86e49921d89f905960698e6c1306edf62
mtroff-by-one.txt
Posted Dec 30, 2004
Authored by Venglin

mtr is susceptible to raw socket hijacking, allowing for the spoofing of ICMP packets.

tags | advisory, spoof
SHA-256 | b3f8a5bc5b692a1d3e9aa51ea3ec27dc33da5b639807dd50e72b0fcff611b97f
zyxelP681.txt
Posted Sep 15, 2004
Authored by Venglin

Zyxel P681 SDSL routers disclose random portions of memory in ARP requests.

tags | advisory
SHA-256 | a8bca94387e9cd38728d7e3e9d38ccd9f127ae129768830595a01aae1c94881f
NetBSD-SA2004-009.txt
Posted Aug 19, 2004
Authored by Venglin | Site netbsd.org

NetBSD Security Advisory 2004-009 - A set of flaws in the ftpd source code can be used together to achieve root access within an ftp session. With root file manipulation ability, mechanisms to gain a shell are numerous, so this issue should be considered a remote root situation.

tags | advisory, remote, shell, root
systems | netbsd
SHA-256 | 19988f37ee9bac237bfdb409657a8f72e0dc9b3791fb9c48b914cfac30ce0bdd
obsd-cron.c
Posted Apr 15, 2002
Authored by Venglin

OpenBSD 3.0 cron / mail local root exploit. Creates a suid shell after /etc/daily runs.

tags | exploit, shell, local, root
systems | openbsd
SHA-256 | a5b14450d1deca2a74846d64060b6c511cf04d505827df0274ff8d1380dc0745
plogd2.c
Posted Nov 22, 2001
Authored by Venglin | Site freebsd.lublin.pl

Plogd v2 - syn/udp/icmp packet logger (freebsd version).

tags | udp, system logging
systems | unix, freebsd
SHA-256 | 6c7d6a373bf27fc4fe88c764bdf5b002ece8a6296bef7632474fc0eaa5c56233
globulka.pl
Posted Apr 17, 2001
Authored by Venglin

FreeBSD-4.2-Stable ftpd GLOB remote root exploit in perl. This version requires user access and writeable home dir without chroot.

tags | exploit, remote, root, perl
systems | freebsd
SHA-256 | d9d003dd6fbf397662aaadea0cda37b79f4f487bbe81f0f4dca4c6995f5cb632
bobek.c
Posted Dec 6, 2000
Authored by Venglin | Site b0f.freebsd.lublin.pl

Bobek.c is a Wu-Ftpd 2.6.0 remote root exploit (updated 05/08/2000). Bug is in the SITE EXEC command, an account is not required as anonymous access is enough. Tested against Redhat 6.2, FreeBSD 3.4-STABLE, and FreeBSD 5.0-CURRENT.

tags | exploit, remote, root
systems | linux, redhat, freebsd
SHA-256 | 271153fe402f54217a98ff64ba5860d7b6059482b6a0d067654ec98d32bd7b48
freebsd-systat.c
Posted Oct 11, 2000
Authored by Venglin

FreeBSD 4.X local /usr/bin/systat exploit. Gives a sgid kmem shell by exploiting the .terminfo bug in ncurses.

tags | exploit, shell, local
systems | freebsd
SHA-256 | 74912457abcb06d1b3486b0919890ed721d24f2ed15b58307dd60bb46c085361
hpux.ftpd.txt
Posted Aug 10, 2000
Authored by Venglin | Site freebsd.lublin.pl

HPUX's ftpd contains a remotely exploitable format string vulnerability in the PASS command.

tags | exploit
systems | hpux
SHA-256 | deb05390fad773d1f8e594e39f6c365b21288c7dc57008d1e696e4e2da8fcb7c
sms.c
Posted May 31, 2000
Authored by Venglin | Site b0f.freebsd.lublin.pl

sms.c is a remote SMS 1.8.2 (mail2sms gateway) long subject line remote buffer overflow exploit. Send the mail generated by this program and a shell will be listening on port 2222. Offsets adjusted for redhat.

tags | exploit, remote, overflow, shell
systems | linux, redhat
SHA-256 | 5263a1384cd6d126f626841f9e172551ca855196cc1ef2d42713cc721e51647b
sqlsyslogd.c
Posted Apr 26, 2000
Authored by Venglin | Site freebsd.lublin.pl

syslogd-to-MySQL wrapper v0.1 prebeta. Stores syslog messages in a MySQL database. Written for FreeBSD.

systems | freebsd
SHA-256 | b44da69a92c3350c4053b05fab764bff3d6940f5eb010c5337cd82acb8578da7
plogd2.c
Posted Apr 26, 2000
Authored by Venglin | Site freebsd.lublin.pl

Plogd v2 (Revision 1.5) is a syn/udp/icmp packet logger for freebsd.

Changes: Fixed fd leak, misc bugfixes.
tags | udp
systems | freebsd
SHA-256 | c8063e2434da5fb556ad35fc5af1b0a42d30521cf23bede1da4f7da952df83df
b0f3-ncurses.txt
Posted Apr 24, 2000
Authored by Venglin | Site b0f.com

BufferOverflow Security Advisory #3 - libncurses buffer overflow in NCURSES 1.8.6 on FreeBSD 3.4-STABLE. Setuid programs linked with libncurses can be exploited to obtain root access.

tags | overflow, root
systems | freebsd
SHA-256 | d3900b7fe44530224283ef6bcd98f8704f6c629dab6bcb828e3d5083c81ea48e
freebsd.mtr.c
Posted Apr 24, 2000
Authored by Venglin | Site freebsd.lublin.pl

FreeBSD mtr-0.41 local root exploit.

tags | exploit, local, root
systems | freebsd
SHA-256 | 8fb8c8be26e6cdcb84cb5bb42887b0e84ec53f58ef96682bfc2e84d893e90fd4
mars.c
Posted Apr 4, 2000
Authored by Venglin | Site b0f.freebsd.lublin.pl

mars_nwe 0.99pl14 root exploit (linux).

tags | root
systems | linux
SHA-256 | 1db24f34aca77024b88baaacbf9a1854e0ff4717e6afdfe44e406ecb090e7ea4
www.c
Posted Apr 3, 2000
Authored by Venglin | Site b0f.freebsd.lublin.pl

Novell NetWare webservers remote denial of service - Tested on Novell NetWare 4.11 with Novell-HTTP-Server/3.1R1, Novell NetWare 4.1 with Novell-HTTP-Server/2.51R1, Novell NetWare ?.? with YAWN/1.05.

tags | remote, web, denial of service
SHA-256 | 82e29ba646ae0fed257d1d55f00ab7948089713cf990959663a0e8bc3f3537f7
umount.c
Posted Mar 29, 2000
Authored by Venglin | Site b0f.freebsd.lublin.pl

FreeBSD 3.3 /sbin/umount exploit.

systems | freebsd
SHA-256 | c72ade93bd2e85828e67454faf5440e0cfe5b1c3a5790d0af0f11707b19a77e9
proftpd.c
Posted Mar 25, 2000
Authored by Venglin | Site b0f.freebsd.lublin.pl

Your ultimate proftpd pre0-3 exploiting toolkit based on adm-wuftpd by duke and kombajn do czere^vni by Lam3rZ.

SHA-256 | 1f50aad4915bd7f7f7e2832ddc97f43eb97406729b6e04f901fe4a0ae46c874f
redhat-man.c
Posted Feb 29, 2000
Authored by Venglin | Site freebsd.lublin.pl

Redhat /usr/bin/man exploit (gid=15 leads to potential root compromise).

tags | exploit, root
systems | linux, redhat
SHA-256 | d047a4471bf94117e04bb0e27a10406bced47cad8417a1cac07d960a8d4110c5
Page 1 of 1
Back1Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close