what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 22 of 22 RSS Feed

Files from Patrik Karlsson

Email addresspatrik at cqure.net
First Active2001-10-24
Last Active2005-12-23
iDEFENSE Security Advisory 2005-12-16.t
Posted Dec 23, 2005
Authored by Patrik Karlsson, iDefense Labs | Site idefense.com

iDEFENSE Security Advisory 12.16.05 - Remote exploitation of a heap overflow vulnerability in Citrix, Inc.'s Program Neighborhood allows attackers to execute arbitrary code. The vulnerability specifically exists due to insufficient handling of corrupt Application Set responses. A heap-based buffer overflow will occur when the Citrix Program Neighborhood client receives an Application Set response containing a name value over 286 bytes. iDefense has confirmed the existence of this vulnerability in Citrix Presentation Server Client 9.0. All prior versions are suspected vulnerable.

tags | advisory, remote, overflow, arbitrary
advisories | CVE-2005-3652
SHA-256 | 6ea44b3f6b291474d433ca5dd285c702d83bfa6fb95f3dec9f5da6d3623ea280
iDEFENSE Security Advisory 2005-01-20.t
Posted Jan 25, 2005
Authored by Patrik Karlsson, iDefense Labs | Site idefense.com

iDEFENSE Security Advisory 01.20.05 - Remote exploitation of an input validation vulnerability in 3Com Corp.'s OfficeConnect Wireless 11g Access Point allows attackers to glean sensitive router information.

tags | advisory, remote
advisories | CVE-2005-0112
SHA-256 | 20d6f9dae34c3b4c99c46cf39adab6cad55fcb5b45259ad5e2453aaf25d2108c
iDEFENSE Security Advisory 2004-12-16.5
Posted Dec 30, 2004
Authored by Patrik Karlsson, iDefense Labs | Site idefense.com

iDEFENSE Security Advisory 12.16.2004-5 - Remote exploitation of a stack-based buffer overflow vulnerability in Veritas Backup Exec allows attackers to execute arbitrary code. The vulnerability specifically exists within the function responsible for receiving and parsing registration requests. The registration request packet contains the hostname and connecting TCP port of the client which is stored in an array on the stack. An attacker can send a registration request with an overly long hostname value to overflow the array and take control of the saved return address to execute arbitrary code.

tags | advisory, remote, overflow, arbitrary, tcp
advisories | CVE-2004-1172
SHA-256 | a924ddb439be900e0f1e0eb48321e5e919eec5354788d3a7cc611c97a744d51f
sqlat-src-1.1.0.tar.gz
Posted Jun 18, 2004
Authored by Patrik Karlsson | Site cqure.net

SQLAT is a suite of tools which could be useful for pen-testing a MS SQL Server. The tools do dictionary attacks, upload files, read registry and dump the SAM. They do this by wrapping extended stored procedures. There is also a tool for doing a minimal analysis of a SQL Server with output as HTML. You need to be 'sa' to run some of the tools, but this usually isn't a problem. SQLAT works over port 1433.

Changes: Applied patches from Eric Augustus and minor changes.
tags | registry
systems | unix
SHA-256 | 33ef7508838012b697f29ea87790514fe74b23e77d4da94f5351850384e86cad
cifspwscan-1_0_3.tar.gz
Posted Jun 18, 2004
Authored by Patrik Karlsson | Site cqure.net

A CIFS/SMB password scanner based on the jcifs implementation. The scanner and jcifs are both 100% pure Java, making it possible to run the scanner on a few different platforms. Both the Java source and binary distributions are included.

tags | tool, java, scanner
systems | unix
SHA-256 | d7ddc0a81891ee38242dfbcfd94e1c5afa8a97bf82ec803ca9d964710a6963bb
cqurecitrix.txt
Posted May 4, 2004
Authored by Patrik Karlsson | Site cqure.net

MetaFrame XP Presentation Server and MetaFrame 1.8 have a flaw that allows an administrator account to mount any client drive available in any user's Citrix session.

tags | advisory
SHA-256 | 34f23f9738b94f17232372cad784b2bf785946c38d216b82724c99af44ef901a
iehist-src-0_0_1.zip
Posted Apr 3, 2003
Authored by Patrik Karlsson | Site cqure.net

IEHist dumps Internet Explorer history from index.dat files into delimited files suitable for import into other tools.

SHA-256 | b8aa5e9a301292fd275a632be35c3791be8407e584979256137f32203de3a450
vncpwdump-src-1_0_0.zip
Posted Apr 3, 2003
Authored by Patrik Karlsson | Site cqure.net

VNCPwdump can be used to dump and decrypt the registry key containing the encrypted VNC password in a few different ways. It supports dumping and decrypting the password by: Dumping the current users registry key, retrieving it from a NTUSER.DAT file, decrypting a command line supplied encrypted password, and injecting the VNC process and dumping the owner's password.

tags | cracker, registry
SHA-256 | ebf49f069d3620f60c4c84681dfca3061ff616033ee023578474e84bc7623eed
passifist_src_1.0.0.tgz
Posted Apr 3, 2003
Authored by Patrik Karlsson | Site cqure.net

Passifist is a tool for passive network discovery. It could be used for a number of different things, but was mainly written to discover hosts without actively probing a network. The tool analyzes broadcast traffic and has a plugin architecture through which it dissects and reports services found. Initial version holds support for the following protocols and plugins: CDP, CIM, HSRP, IPX, NETOP, SMB, TFTP.

tags | tool, sniffer, protocol
SHA-256 | 8bc5231456824abbfdbf91481823c7a14a7be0f5e42fc530de99aeb9ac3314bb
oat-source-1.3.0.zip
Posted Jan 5, 2003
Authored by Patrik Karlsson | Site cqure.net

OAT v1.3.0 is a set of tools which can be used to audit Oracle databases running on the Microsoft Windows platform. The Tools are Java based and were tested on both Windows and Linux. They should hopefully also run on any other Java platform.

Changes: Added support for manually specifying remote os when running (O)racle (S)ystem (E)exec. Bugfixes.
tags | java
systems | linux, windows, unix
SHA-256 | f74397f5dff0d95279b307a2fc6334c3acae4a79d5a794fddf202a2e0033b02a
oat-source-1.2.0.zip
Posted Jul 15, 2002
Authored by Patrik Karlsson | Site cqure.net

OAT v1.2.0 is a set of tools which can be used to audit Oracle databases running on the Microsoft Windows platform. The Tools are Java based and were tested on both Windows and Linux. They should hopefully also run on any other Java platform.

Changes: Support for command execution on Solaris was added. Now includes OracleQuery, a minimal commandline sql query tool. Many Bugfixes were made.
tags | java
systems | linux, windows, unix
SHA-256 | 17b789dc0c4f20818e16e097cd8de94348b2acdbe7665d63d8ff1b91c2df0e9b
sqlbf-all-src-1.0.1.zip
Posted Jul 15, 2002
Authored by Patrik Karlsson | Site cqure.net

This tool should be used to audit the strength of Microsoft SQL Server passwords offline. The tool can be used either in BruteForce mode or in Dictionary attack mode. The performance on a 1 Ghz Pentium (256mb) is around 750,000 guesses/sec. This is the source - Windows and Linux binaries available here.

tags | cracker
systems | linux, windows
SHA-256 | 70225e564e5dad311fc27b7eb5302b9441f8adc52da4eaf2c2d49d79708fe23d
iXsecurity.20020404.4d_webserver.a
Posted May 10, 2002
Authored by Patrik Karlsson, Jonas Landin | Site cqure.net

The 4D webserver v4.7.3 has a buffer overflow condition in the username or password field in a basic authentication resulting in EIP overwrite and possible arbitrary code execution.

tags | overflow, arbitrary, code execution
SHA-256 | b96f3931116f62370d7fc24b352b14216c1aa472d09e0f7a13ec66181f1c021f
cqure.net.20020412.bordermanager_36_mv1.a
Posted May 10, 2002
Authored by Patrik Karlsson, Jonas Landin

Cqure.net Security Advisory cqure.net.20020412.bordermanager_36_mv1.a - Three vulnerabilities were identified in Novell Border Manager 3.6. The vulnerabilities will cause the handling NLM to abend, and in some cases result in a denial of service to to Novell server.

tags | denial of service, vulnerability
SHA-256 | f299bcf1188f4c8c7d32630643702fd962fc7a016d90a590fa5014a2d1f6d783
cqure.net.20020412.netware_sdmr.a
Posted May 10, 2002
Authored by Patrik Karlsson, Jonas Landin

Cqure.net Security Advisory cqure.net.20020412.netware_sdmr.a - The IPX compatibility issue Posted to BugTraq on July 11, 2000 by Dimuthu Parussalla applies to Netware 6.0 SP 1 as well. An attacker could cause the SDMR.NLM to abend and in some cases reboot the server.

SHA-256 | 6e6452d419db4e473889709434156d711e2dea30704458f960ad8691c0bfdd80
cqure.net.20020412.netware_client.a
Posted May 10, 2002
Authored by Patrik Karlsson, Jonas Landin

Cqure.net Security Advisory cqure.net.20020412.netware_client.a - Multiple buffer overflow conditions exist in the Novell Netware client for Windows v4.83 which allow an attacker to crash any software relying in name resolution.

tags | overflow
systems | windows
SHA-256 | acf676864959962a18ec7ee46cd42809dc4d8f63457b8d3aa66b57a2932b55b5
cqure.net.20020408.netware_nwftpd.a.txt
Posted May 10, 2002
Authored by Patrik Karlsson, Jonas Landin

Cqure.net Security Advisory 20020408.netware_nwftpd.a - A vulnerability found in the Novell Netware 6.0 SP1 FTP daemon can be used in a denial of service against this application. Exploitation of this problem can result that the daemon starts consuming all CPU resources.

tags | denial of service
SHA-256 | 090c17bdcfa438d7edb5199d6b979d712c815b29b6cfad263682923334c7e20b
sqlat-src-1.0.0.tar.gz
Posted Feb 26, 2002
Authored by Patrik Karlsson | Site cqure.net

SQLAT is a suite of tools which could be useful for pen-testing a MS SQL Server. The tools do dictionary attacks, upload files, read registry and dump the SAM. They do this by wrapping extended stored procedures. There is also a tool for doing a minimal analysis of a SQL Server with output as HTML. You need to be 'sa' to run some of the tools, but this usually isn't a problem. SQLAT works over port 1433.

tags | registry
systems | unix
SHA-256 | 0a6676ead453d7eb681412ed238737347e7d9999a9a49c421d11ecd2fa62ddf7
oat-source-1.1.0.zip
Posted Feb 26, 2002
Authored by Patrik Karlsson | Site cqure.net

OAT 1.1.0 is a set of tools which can be used to audit Oracle databases running on the Microsoft Windows platform. The Tools are Java based and were tested on both Windows and Linux. They should hopefully also run on any other Java platform.

Changes: The password guessing is now done on all SIDs of the database. The SIDs enumeration should now be more reliable, Errors reported in a more readable form.
tags | java
systems | linux, windows, unix
SHA-256 | bc9ed0ea0c85421c9784e1ff06ab40b9281dd0c95e8d3000643a6c092d7de444
wavestumbler-1.2.0.tar.gz
Posted Feb 26, 2002
Authored by Patrik Karlsson | Site cqure.net

WaveStumbler is console based 802.11 network mapper for Linux and supports WEP, ESSID, MAC and more. This package includes a kernel patch (for the wireless nic drivers) which can be applied to the linux-2.4.17 sources and a program called wavestumbler. The program interacts with the patched network drivers to map wireless networks.

Changes: New kernel patch + massive bugfixes! WEP, Noise and channel should now be displayed properly. Added time fields "firstseen", "lastseen", "maxsignal". Added curses support.
tags | tool, kernel, wireless
systems | linux
SHA-256 | 319a2fe4cb418f7de47ee1cd5c4b13d741d5068d4d306365a9efe4016383edba
wavestumbler-1.0.4.tar.gz
Posted Feb 5, 2002
Authored by Patrik Karlsson | Site cqure.net

WaveStumbler is console based 802.11 network mapper for Linux and supports WEP, ESSID, MAC and more. This package includes a kernel patch (for the wireless nic drivers) which can be applied to the linux-2.4.17 sources and a program called wavestumbler. The program interacts with the patched network drivers to map wireless networks.

tags | tool, kernel, wireless
systems | linux
SHA-256 | 4194bbebe1197ab17393b9b111e5d57f13bd75d916018ecb3a297a88c41dc29c
smbbf-0.9.1.tar.gz
Posted Oct 24, 2001
Authored by Patrik Karlsson

The SMB Auditing Tool is a password auditing tool for the Windows and the SMB platform. It makes it possible to exploit the timeout architecture bug in Windows 2000/XP, making it extremely fast to guess passwords on these platforms. Running a large password file against Windows 2000/XP, shows statistics up to 1200 logins/sec. This means that you could run a commonly used English dictionary with 53 000 words against a server under a minute. Supports SMB over Netbios and native SMB over tcp port 445. Compiles on Linux, BSD, and Cygwin.

tags | cracker, tcp
systems | linux, windows, bsd
SHA-256 | 1e3300ae5e5ea40279f6d80a3ed0fccb68f2cde69c5f19250d5446805f317df0
Page 1 of 1
Back1Next

File Archive:

June 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    19 Files
  • 2
    Jun 2nd
    16 Files
  • 3
    Jun 3rd
    28 Files
  • 4
    Jun 4th
    0 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    19 Files
  • 7
    Jun 7th
    23 Files
  • 8
    Jun 8th
    11 Files
  • 9
    Jun 9th
    10 Files
  • 10
    Jun 10th
    4 Files
  • 11
    Jun 11th
    0 Files
  • 12
    Jun 12th
    0 Files
  • 13
    Jun 13th
    0 Files
  • 14
    Jun 14th
    0 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    27 Files
  • 20
    Jun 20th
    65 Files
  • 21
    Jun 21st
    10 Files
  • 22
    Jun 22nd
    8 Files
  • 23
    Jun 23rd
    6 Files
  • 24
    Jun 24th
    6 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    15 Files
  • 28
    Jun 28th
    14 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close