what you don't know can hurt you
Showing 1 - 19 of 19 RSS Feed

Files from Cesar Cerrudo

Email addresscesar at argeniss.com
First Active2003-09-18
Last Active2010-08-12
Microsoft Windows Tracing Registry Key ACL Privilege Escalation
Posted Aug 12, 2010
Authored by Cesar Cerrudo

Microsoft Windows tracing register key ACL privilege escalation demonstration code.

tags | exploit
systems | windows
advisories | CVE-2010-2554
MD5 | 69bfbae5eedd0e4a8cbb13490de57eb9
Opening Intranets To Attacks By Using Internet Explorer
Posted Apr 7, 2009
Authored by Cesar Cerrudo | Site argeniss.com

Whitepaper called Opening Intranets to attacks by using Internet Explorer. This document covers the topic of hacking Intranet websites through various unconventional means. Technical details shed light on the impact of default security configuration settings within Internet Explorer that can be leveraged to attack internal Intranet websites remotely (from the Internet as well as remote users on the same LAN segment).

tags | paper, remote
MD5 | 98b92d80a44cb14ddf0e4fdde94bde10
Posted Oct 9, 2008
Authored by Cesar Cerrudo

Elevation of privileges proof of concept exploit for Token Kidnapping on Windows 2003.

tags | exploit, proof of concept
systems | windows
MD5 | a133719375519c641a32b7c2aef28d45
Posted Apr 21, 2008
Authored by Cesar Cerrudo

Whitepaper discussing token kidnapping on Microsoft Windows.

tags | paper
systems | windows
MD5 | fc55befe4d486f4b668dc6a4ebf1f79c
Posted Apr 21, 2008
Authored by Cesar Cerrudo | Site conference.hitb.org

Token Kidnapping - This presentation is about a new technique for elevating privileges on Windows mostly from services, this technique exploits design weaknesses in Microsoft Windows XP, 2003, Vista and even Windows 2008. While in Windows Vista and 2008 many new security protections have been added, because of other weaknesses some of the new protection mechanisms are almost useless.

systems | windows, xp, vista
MD5 | c6b3d60974ac3f57fd6280046e499b17
Posted Apr 18, 2008
Authored by Cesar Cerrudo | Site appsecinc.com

Team SHATTER Security Advisory - IBM DB2 UDB suffers from an arbitrary file overwrite vulnerability in the SYSPROC.NNSTAT procedure.

tags | advisory, arbitrary
MD5 | c624ca8b2e7f283918eac4c013a73fbc
Posted Apr 17, 2007
Authored by Cesar Cerrudo

Whitepaper entitled "Hacking Databases For Owning Your Data". This paper goes into specifics on how to compromise MS-SQL and Oracle databases. It includes tools and exploits as well.

tags | exploit
MD5 | 3440277c1163266452d9a9306f134a5c
Posted Mar 14, 2007
Authored by Cesar Cerrudo

Whitepaper that demonstrates an extremely simple technique to quickly audit a software product in order to infer how trustable and secure it is. Oracle is used as a test case. Proof of concept exploit is included.

tags | paper, proof of concept
MD5 | f03e3ab2a438557da1a24abb32338a7c
Posted Mar 15, 2006
Authored by Cesar Cerrudo | Site argeniss.com

Whitepaper entitled "WLSI - Windows Local Shellcode Injection" that describes a new technique to create 100% reliable local exploits for Microsoft Windows operating systems. The technique uses some Windows design weaknesses that allow low privileged processes to insert data into almost any Windows process regardless of their current privilege level. After a brief introduction and a description of the technique, a couple of samples (Exploits for MS05-012 and MS05-040) are included so the reader will be enabled to write their own exploits.

tags | paper, local, shellcode
systems | windows
MD5 | e6e381e24020aea49b16759a19981d23
Posted Aug 14, 2005
Authored by Cesar Cerrudo | Site argeniss.com

Exploit for the COM structured storage vulnerability as described in MS05-012. Work on Win2k SP4, WinXP SP2, and Win2k3 SP0.

tags | exploit
systems | windows, 2k
advisories | CVE-2005-0047
MD5 | f1c3fda65a4fd6c37c5c3622fa25e795
Posted Jul 23, 2005
Authored by Cesar Cerrudo | Site argeniss.com

Oracle 9R2 has an unpatched, known vulnerability in the CWM2_OLAP_AW_AWUTIL package. A flaw that was reported months ago and was claimed to be fixed in this last release.

tags | advisory
MD5 | b27b66b35c2615076263b7e86866bdac
Posted Mar 15, 2005
Authored by Cesar Cerrudo | Site argeniss.com

Argeniss Security Advisory - Oracle database servers versions 8i and 9i are susceptible to directory traversal attacks.

tags | exploit
MD5 | 0e886d91c292cb9b627ca6f50976bdef
Posted Jan 12, 2005
Authored by Cesar Cerrudo | Site appsecinc.com

AppSecInc Advisory - The Microsoft Windows LPC (Local Procedure Call) mechanism is susceptible to a heap overflow that allows for privilege escalation.

tags | advisory, overflow, local
systems | windows
MD5 | 8230ac79b610f3e607be8fdf31740552
Posted Jan 12, 2005
Authored by Cesar Cerrudo | Site appsecinc.com

AppSecInc Advisory - Improper token validation in Microsoft Windows allows for local privilege elevation in Windows 2000, Windows XP, and Windows 2003 (all service packs).

tags | advisory, local
systems | windows, 2k, xp
MD5 | a8183467b2662157250253c0ff2e1fc5
Posted Sep 9, 2004
Authored by Cesar Cerrudo, Esteban Martinez Fayo | Site appsecinc.com

AppSecInc Advisory - Multiple buffer overflow and denial of service (DoS) vulnerabilities exist in the Oracle Database Server which allow database users to take complete control over the database and optionally cause denial of service. Forty-four buffer overflows have been found. Exploitation of these vulnerabilities will allow an attacker to completely compromise the OS and the database if Oracle is running on Windows platform, because Oracle must run under the local System account or under an administrative account. If Oracle is running on *nix then only the database would be compromised because Oracle runs mostly under oracle user which has restricted permissions.

tags | advisory, denial of service, overflow, local, vulnerability
systems | windows
MD5 | 7c09d30119ac5d228eab0169c18d5b60
Posted Jul 14, 2004
Authored by Cesar Cerrudo

A local elevation of privileges exists in the Windows Utility Manager which allows any user to take complete control over the operating system. This vulnerability affects the Windows 2000 operating system family.

tags | advisory, local
systems | windows, 2k
advisories | CVE-2004-0213
MD5 | 2b4514b7f08e2e518c0e9d06663ed71d
Posted May 7, 2004
Authored by Cesar Cerrudo

The Microsoft Active Server Pages (ASP) engine does not properly handle special cookie values when they are retrieved. Because of this, an unhandled error is returned to the client. This behavior can be used maliciously to gather sensitive information from web applications. All Microsoft Internet Information Server (IIS) web applications using Active Server Pages (ASP) are affected.

tags | advisory, web, asp
MD5 | 75c0cc47922f883dd028dd0ea48ef8d9
Posted Oct 16, 2003
Authored by Cesar Cerrudo

Security Advisory detailing original research from the Microsoft Local Troubleshooter ActiveX control buffer overflow that affects all versions of Microsoft Windows 2000.

tags | advisory, overflow, local, activex
systems | windows, 2k
MD5 | b8d4a3696bc3358e92c12c6462e166e8
Posted Sep 18, 2003
Authored by Cesar Cerrudo

Yahoo! Webcam ActiveX controls are remotely susceptible to both a heap and stack based overflow vulnerability.

tags | advisory, overflow, activex
MD5 | 065758791ae0dc0b0351bfbf770d7209
Page 1 of 1

File Archive:

September 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    14 Files
  • 2
    Sep 2nd
    19 Files
  • 3
    Sep 3rd
    9 Files
  • 4
    Sep 4th
    1 Files
  • 5
    Sep 5th
    2 Files
  • 6
    Sep 6th
    3 Files
  • 7
    Sep 7th
    12 Files
  • 8
    Sep 8th
    22 Files
  • 9
    Sep 9th
    17 Files
  • 10
    Sep 10th
    19 Files
  • 11
    Sep 11th
    3 Files
  • 12
    Sep 12th
    2 Files
  • 13
    Sep 13th
    15 Files
  • 14
    Sep 14th
    16 Files
  • 15
    Sep 15th
    15 Files
  • 16
    Sep 16th
    7 Files
  • 17
    Sep 17th
    13 Files
  • 18
    Sep 18th
    2 Files
  • 19
    Sep 19th
    2 Files
  • 20
    Sep 20th
    14 Files
  • 21
    Sep 21st
    20 Files
  • 22
    Sep 22nd
    28 Files
  • 23
    Sep 23rd
    13 Files
  • 24
    Sep 24th
    10 Files
  • 25
    Sep 25th
    1 Files
  • 26
    Sep 26th
    1 Files
  • 27
    Sep 27th
    20 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2020 Packet Storm. All rights reserved.

Security Services
Hosting By