exploit the possibilities
Showing 1 - 25 of 25 RSS Feed

Files from c0ntex

Email addressc0ntexb at gmail.com
First Active2003-07-14
Last Active2012-08-01
eGlibc Signedness Code Execution
Posted Aug 1, 2012
Authored by c0ntex

A patch introduced a signedness bug causing any program compiled against the vulnerable version of eglibc and using optimized functions such as memcpy_ssse3 and memcpy-ssse3-back to be potentially vulnerable to unexpected code execution.

tags | exploit, code execution
advisories | CVE-2011-2702
MD5 | 0118c7235154fbe0b55f82748fc0a10c
adobealbum-overflow.txt
Posted Apr 21, 2008
Authored by c0ntex | Site open-security.org

Adobe Photoshop Album Starter, Adobe After Effects CS3, and Adobe Photoshop CS3 all suffer from a local buffer overflow vulnerability. Included is an exploit for Album Starter version 3.2 on Microsoft Windows SP2 that launches calc.exe.

tags | exploit, overflow, local
systems | windows
MD5 | d0187265d6b58112df406426a0db3181
iphone-dos.txt
Posted Jan 25, 2008
Authored by c0ntex | Site open-security.org

Apple iPhone version 1.1.2 remote denial of service exploit that makes use of Safari.

tags | exploit, remote, denial of service
systems | apple, iphone
MD5 | 0f28fba458c3357e71321054e38ead81
kadmind-overflow.txt
Posted Apr 11, 2007
Authored by c0ntex | Site open-security.org

Kerberos version 1.5.1 kadmind remote root buffer overflow exploit.

tags | exploit, remote, overflow, root
advisories | CVE-2007-0957
MD5 | 312f46436cdece29d180831d7743ee97
16.txt
Posted Apr 28, 2006
Authored by c0ntex | Site open-security.org

open security advisory #16 - Xine Media Player Format String Bug - There are 2 format string bugs in the latest version of Xine that could be exploited by a malicious person to execute code on the system of a remote user running the media player against a malicious playlist file. By passing a format specifier in the path of a file that is embedded in a remote playlist, it is possible to trigger this bug.

tags | advisory, remote
MD5 | 92858d7f11e1322f1c6da1305e571109
win-hlp.txt
Posted Apr 19, 2006
Authored by c0ntex | Site open-security.org

There is a heap based buffer overflow in the rendering engine of .hlp files in winhlp32.exe which will allow some attacker the possibility of modifying the internal structure of the process with a means to execute arbitrary and malicious code.

tags | advisory, overflow, arbitrary
MD5 | 33b60955417c926660ca43ebfc698105
windowsHelp.txt
Posted Apr 1, 2006
Authored by c0ntex | Site open-security.org

There is a heap based buffer overflow in the rendering engine of .hlp files in winhlp32.exe which will allow some attacker the possibility of modifying the internal structure of the process with a means to execute arbitrary and malicious code.

tags | advisory, overflow, arbitrary
MD5 | 6e1e64447f6b86d638f37dff20bc45c6
appfluent.txt
Posted Dec 14, 2005
Authored by c0ntex | Site open-security.org

Appfluent Database IDS version 2.0 suffers from an environment variable overflow that can be manipulated using sudo as an attack vector. Exploit provided.

tags | exploit, overflow
MD5 | 32c5b58d9d21114244ca445df9985b02
formatPaper.txt
Posted Nov 5, 2005
Authored by c0ntex | Site open-security.org

Whitepaper regarding further advances in the exploitation in format string bugs.

tags | paper
MD5 | bbfafb1b672e36222c05dec034fe9b2e
OSG_Advisory_13.txt
Posted Sep 27, 2005
Authored by c0ntex | Site open-security.org

RealPlayer and Helix Player remote format string exploit. This flaw makes use of the .rp and .rt file formats. Code tested on Debian 3.1 against RealPlayer 10 Gold's latest version.

tags | exploit, remote
systems | linux, debian
MD5 | b753c5e729eb9c6216cb72df318e125c
lnx_binsh4.c
Posted Sep 7, 2005
Authored by c0ntex, BaCkSpAcE

23 byte linux/x86 /bin/sh sysenter opcode array payload.

tags | x86, shellcode
systems | linux
MD5 | 1b97a981e1770f9eee0d01bbb4fd6641
GOT_Hijack.txt
Posted Aug 28, 2005
Authored by c0ntex | Site open-security.org

This short paper discusses the method of overwriting a pointer used in a function for the sake of overwriting the associated entry in the Global Offset Table (GOT) which in turn allows for execution flow redirection.

tags | paper
MD5 | ffbeb2e8b0768454f781f66654e95478
elmexPoC.c
Posted Aug 24, 2005
Authored by c0ntex

Proof of concept exploit for Elm versions 2.5.8 and below that makes use of a buffer overflow during the parsing of the Expires field.

tags | exploit, overflow, proof of concept
MD5 | 30c19e44672429391d6d1363aa6295f6
lnx_binsh2.c
Posted Aug 24, 2005
Authored by c0ntex

45 Byte /bin/sh sysenter Opcode Array Payload.

tags | shellcode
MD5 | b5699162386024148234727723f1be59
lantronixRoot.txt
Posted Aug 6, 2005
Authored by c0ntex

Multiple Lantronix Secure Console Server local root exploits that make use of security issues allowing for unrestricted shell access.

tags | exploit, shell, local, root
MD5 | 8b24a3e766f3d0ae39e6caba270cd4d6
Return-to-libc.txt
Posted Jul 21, 2005
Authored by c0ntex

Cool whitepaper discussing the return into libc attacks used to bypass non-executable stacks.

tags | paper
MD5 | 2cdf9eb2ba348d35e4923412c4b6b7e8
siteminder55.txt
Posted Jul 9, 2005
Authored by c0ntex

eTrust's Siteminder version 5.5 is susceptible to a cross site scripting flaw.

tags | advisory, xss
MD5 | 3b816bdb021c2a73797b10d37d636034
eRoomVuln.txt
Posted Jul 7, 2005
Authored by c0ntex

Documentum eRoom 6.x suffers from problematic cookie handling and code execution vulnerabilities.

tags | exploit, vulnerability, code execution
MD5 | 9ad509c16d38a6589ebbcc6fd5a81779
McAfeeIPS.txt
Posted Jul 7, 2005
Authored by c0ntex

The McAfee Intrushield IPS Management Console has been found susceptible to html and javascript injection, privilege escalation, and unauthenticated report deletion.

tags | exploit, javascript
MD5 | 0ef5c12f8f6e2b58401a866929272c3e
solsockjack.c
Posted Jul 7, 2005
Authored by c0ntex

Solaris has a bug in the use of SO_REUSEADDR in that the kernel favors any socket binding operation that is more specific than the general *.* wildcard bind(). Due to this, a malicious socket can bind to an already bound interface if a specific IP address is used. Exploit included.

tags | exploit, kernel
systems | solaris
MD5 | 7950a3e21801d1f24dc251082d058b05
Xines_Mine.c
Posted Aug 9, 2004
Authored by c0ntex | Site open-security.org

Xine v0.99.2 remote stack overflow exploit. A overflow in all versions of xine-lib allow the vcd:// input source to execute arbitrary code, even if the file is .mp3, .mpeg, .mpg or .avi media. Fix available (currently only in the cvs xine-lib) here.

tags | exploit, remote, overflow, arbitrary
MD5 | 668f275c96645dcec143700e91ca40dd
memplayer.c
Posted Jun 27, 2004
Authored by c0ntex

All versions of MPlayer, the movie player for Linux, are vulnerable to a buffer overflow attack that allows for privilege escalation. Local exploit included. Tested against Redhat Linux with Gnome, FreeBSD and latest cvsup plus ports with Gnome.

tags | exploit, overflow, local
systems | linux, redhat, freebsd
MD5 | cbe5d9e292378ea65f396eb994717fdb
lnx_reboot.c
Posted Apr 22, 2004
Authored by c0ntex

lnx_reboot version 2 - 59 Byte reboot Opcode array.

tags | shellcode
MD5 | 202cf86947708a476f6d52cc5b6848d3
oracle_ownage.c
Posted Oct 17, 2003
Authored by c0ntex

Local exploit for Oracle Release 2 Patch Set 3 Version 9.2.0.4.0 for Linux x86 that makes use of a buffer overflow to escalate user privileges via the oracle binary.

tags | exploit, overflow, x86, local
systems | linux
MD5 | e67aa2d4ffbc82a005daedd92002cbf9
exceed.c
Posted Jul 14, 2003
Authored by c0ntex

Hummingbird's Exceed X emulator mishandles fonts and is vulnerable to both remote and local denial of service attacks and may allow an attacker to remotely gain root privileges.

tags | exploit, remote, denial of service, local, root
MD5 | 0b5ebb158eab213b26366e5f689ba41c
Page 1 of 1
Back1Next

File Archive:

December 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    1 Files
  • 2
    Dec 2nd
    16 Files
  • 3
    Dec 3rd
    17 Files
  • 4
    Dec 4th
    23 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close