exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 26 RSS Feed

Files from l0om

Email addressinnate at gmx.de
First Active2003-10-21
Last Active2015-02-14
Cosmoshop Cross Site Scripting
Posted Feb 14, 2015
Authored by l0om

Cosmoshop suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 3a5e674c472acb0da22de2b4fe8eb6999aaedf57bf00a44f5c67812ad8a330b1
Cosmoshop pwd.cgi htaccess Creation
Posted Mar 15, 2014
Authored by l0om

Cosmoshop suffers from having an unrestricted pwd.cgi script that allows for arbitrary creation of an htaccess file that can be leveraged to block access or perform phishing attacks.

tags | exploit, arbitrary, cgi
SHA-256 | 53f0f39b47e349790d4106dadcb4f94299cf242f14f2206dfedf4903924e2e8a
CosmoShop ePRO 10.17.00 Authentication Bypass
Posted Feb 26, 2014
Authored by l0om

CosmoShop ePRO version 10.17.00 suffers from an authentication bypass vulnerability.

tags | exploit, bypass
SHA-256 | 9ca82553e2a91b39a4615aa811e754f8bc091c8b5bfe3f6def05090e26d88f4c
Reverberation UDP Echo Denial Of Service Tool
Posted Mar 9, 2010
Authored by l0om | Site excluded.org

Reverberation is a proof of concept denial of service tool that makes use of UDP echo servers.

tags | denial of service, udp, proof of concept
SHA-256 | 14699b1e6d5e32f01ee4e0376b52b221fce84d7267f7896bf740da0191cc46ba
Hippolyte Inactive Account Hijacker
Posted Sep 30, 2009
Authored by l0om | Site excluded.org

Hippolyte is a shell script that automates the checking of inactive account hijacking possibilities for accounts that may be used elsewhere for access (ie. Amazon, etc).

tags | shell, cracker
SHA-256 | 1c0cc2c62ba866eb985107f9934f171a08c1a9c308b03ebae41c7f1d8555a69e
date_me.c
Posted Jan 6, 2008
Authored by l0om | Site excluded.org

This code searches for Google Calendar accounts which exist and are not password protected.

tags | tool, scanner
systems | unix
SHA-256 | 3151bb236822f342ed070d2d4b6ddae739cbb33cf4ba0c9777a56abb9f7bb51b
gool-alpha.tar.gz
Posted Aug 8, 2007
Authored by l0om | Site excluded.org

C library written to implement the functionality of Google queries into C related projects.

tags | library
SHA-256 | 135efb82700e7d3117b9caeffbc267fd572f84133cfe5a370c23d799c910c8da
cosmoshop.txt
Posted May 22, 2006
Authored by l0om | Site excluded.org

Cosmoshop versions 8.11.106 and below suffer from SQL injection and directory traversal flaws.

tags | exploit, sql injection
SHA-256 | 8b27208612e77657b4af85607e71e76051898f89a6acde4b8fb317e982698949
guestbook06.txt
Posted Feb 25, 2006
Authored by l0om | Site excluded.org

Login - Guestbox version 0.6 suffers from cross site scripting and administrative bypass flaws.

tags | exploit, xss
SHA-256 | e7678dce241a98b21a240835ec53db5b588aaa2c1116c60056d1f0f6406a043e
DWL-G700AP.txt
Posted Feb 20, 2006
Authored by l0om | Site excluded.org

It is possible to crash the web interface on a D-Link DWL-G700AP by sending it a simple GET request. POC included.

tags | advisory, web
SHA-256 | b871451dc09aa313045fd79f0f175a1b7c4a71df8e6f5fc1ed298a782aff19be
cosmoshop81078.txt
Posted Aug 31, 2005
Authored by l0om | Site excluded.org

Cosmoshop versions 8.10.78 and below suffer from SQL injection flaws, clear text passwords, and directory traversal flaws.

tags | exploit, sql injection
SHA-256 | 7afc580e4915d241635c89dec9a0e70603c257327ef5b3095f6601a40f25460b
icb.c
Posted Apr 18, 2005
Authored by l0om | Site excluded.org

icb was written to inject a small logical bomb in elf files without resizing sections of the file itself.

tags | denial of service
SHA-256 | 61287a1c4dface850c210335f648bd0a3137e0eb906f483141ebcb8d3f9c98af
dwcSQL.txt
Posted Oct 27, 2004
Authored by l0om | Site excluded.org

dwc_articles versions 1.6 and below suffer from various SQL injection attacks.

tags | advisory, sql injection
SHA-256 | 868b0d709c04337ab6679a6750c0c3949932eafe1e106b3ce4937e990b0ec271
lgool.c
Posted Oct 24, 2004
Authored by l0om

Lgool is a program that will search Google for a given vulnerability. It does the exact same thing you could do by going to Google and searching for nasty stuff like passwd.cfg, but without all the trouble of actually opening a web browser. It operates in a way that is similar to "gooscan" (written by johnny and presented at defcon this year).

tags | web
systems | unix
SHA-256 | fc84bedf31be38ae83ff3d535b74ab23de27f74cc69a13e4347fc8c5f24bbf9e
serverviewInsecure.txt
Posted Sep 10, 2004
Authored by l0om | Site excluded.org

The Serverview server management product is susceptible to multiple denial of service and data corruption attacks due to insecure file permissions.

tags | advisory, denial of service
SHA-256 | 108fcccc833eb5fcd6c72e00dec99910326570a898687b5d0d5fcb0084408a96
advisory13.txt
Posted May 19, 2004
Authored by l0om | Site excluded.org

osCommerce versions 2.x suffer from a directory traversal attack that allows for access to directories outside of the webroot.

tags | exploit
SHA-256 | 3107c48a97297e43059422e4412939d4c8573f182c0a92a23911da5610afd136
ftpgrep.c
Posted May 13, 2004
Authored by l0om | Site excluded.org

ftpgrep tries to grep for valid users on remote machines using the old CWD ~ ftpd bug found in wuftpd and some other variants.

tags | exploit, remote
SHA-256 | 3464aef370394a488838a73ebe145b21b8ec9a413fa217fe3f91b965c6cd0a8a
suse-yast.txt
Posted Apr 5, 2004
Authored by l0om | Site excluded.org

Possible symlink attack in SuSe's Yast Online Update tool.

tags | advisory
systems | linux, suse
SHA-256 | fa5ad54174d9f2e28e10a089d616b0f4ebc3a38a0f1b21434805e9abf2d6c5a7
clamVE.txt
Posted Mar 30, 2004
Authored by l0om | Site excluded.org

Security comments regarding the way clamav sets up VirusEvent information and how it could be improved. Due to a lack of input sanitizing, the variable taken in on the command line could be used for malicious purposes when put to a system().

tags | advisory
SHA-256 | c4b9e905084bd1c5af9e8ca8c970424ede8be3a4306833892f7fe3f5f705853b
eTrust60.txt
Posted Feb 9, 2004
Authored by l0om

eTrust Virus Protection 6.0 InoculateIT for Linux is vulnerable to various symlink attacks and also creates multiple world writeable files and directories that can lead to system compromise.

tags | advisory, virus
systems | linux
SHA-256 | 8b163eb967dcd0f8561591434297e9b857a280d9af0cc48874c8eca5debb3f11
suse90symlinks.txt
Posted Jan 20, 2004
Authored by l0om

Various init related script in SuSE 9.0 are susceptible to symlink attacks.

tags | advisory
systems | linux, suse
SHA-256 | 558fe9c77b84013499f18e08a176fcedcda8445c9e6304fead1629d649ed6cc9
networker60.txt
Posted Jan 19, 2004
Authored by l0om

A plausible symlink attack exists in networker version 6.0 in the shutdown script.

tags | advisory
SHA-256 | f71446ef6211d128c354e2004097b4569b81064c3ae7c06613e3f72160b90019
susegnome.txt
Posted Jan 14, 2004
Authored by l0om | Site excluded.org

Local exploit that makes use of a symlink vulnerability in YaST when using SuSEconfig.gnome-filesystem.

tags | exploit, local
SHA-256 | b52db200e1ea04d1dd8b34e13eb95b40a438eeed156071a65829e4a699a709a6
antivir.c
Posted Jan 14, 2004
Authored by l0om | Site excluded.org

Local exploit that makes use of a symlink vulnerability that lies in Antivir for Linux version 2.0.9-9.

tags | exploit, local
systems | linux
SHA-256 | 16c3a212203098718f24a83489734c130a494f00fe79ca71a4e1ce777906a39d
lotus602linux.txt
Posted Jan 8, 2004
Authored by l0om | Site excluded.org

Lotus Notes version 6.0.2 on Linux installs with faulty permissions on its notes.ini file which would allow local attackers to compromise the system.

tags | advisory, local
systems | linux
SHA-256 | 99641299508cfd2408eb78d99c4ead40d71cad304a5188181956419b494672ec
Page 1 of 2
Back12Next

File Archive:

June 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    0 Files
  • 2
    Jun 2nd
    0 Files
  • 3
    Jun 3rd
    18 Files
  • 4
    Jun 4th
    21 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    57 Files
  • 7
    Jun 7th
    6 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    12 Files
  • 11
    Jun 11th
    27 Files
  • 12
    Jun 12th
    38 Files
  • 13
    Jun 13th
    16 Files
  • 14
    Jun 14th
    14 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    16 Files
  • 18
    Jun 18th
    26 Files
  • 19
    Jun 19th
    15 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close