the original cloud security
Showing 1 - 25 of 26 RSS Feed

Files from l0om

Email addressinnate at gmx.de
First Active2003-10-21
Last Active2015-02-14
Cosmoshop Cross Site Scripting
Posted Feb 14, 2015
Authored by l0om

Cosmoshop suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 15c73bb401389dc8b9128f4d7a9ff84f
Cosmoshop pwd.cgi htaccess Creation
Posted Mar 15, 2014
Authored by l0om

Cosmoshop suffers from having an unrestricted pwd.cgi script that allows for arbitrary creation of an htaccess file that can be leveraged to block access or perform phishing attacks.

tags | exploit, arbitrary, cgi
MD5 | e871b9476cf87b8e9d8a372f255acfc2
CosmoShop ePRO 10.17.00 Authentication Bypass
Posted Feb 26, 2014
Authored by l0om

CosmoShop ePRO version 10.17.00 suffers from an authentication bypass vulnerability.

tags | exploit, bypass
MD5 | 17d30cb060d174615f57b0093bf1b096
Reverberation UDP Echo Denial Of Service Tool
Posted Mar 9, 2010
Authored by l0om | Site excluded.org

Reverberation is a proof of concept denial of service tool that makes use of UDP echo servers.

tags | denial of service, udp, proof of concept
MD5 | 417ff5e37e88d914eff7eebf43090a98
Hippolyte Inactive Account Hijacker
Posted Sep 30, 2009
Authored by l0om | Site excluded.org

Hippolyte is a shell script that automates the checking of inactive account hijacking possibilities for accounts that may be used elsewhere for access (ie. Amazon, etc).

tags | shell, cracker
MD5 | aac4e6a6104ea8a05af7da4b6b31dccb
date_me.c
Posted Jan 6, 2008
Authored by l0om | Site excluded.org

This code searches for Google Calendar accounts which exist and are not password protected.

tags | tool, scanner
systems | unix
MD5 | dc4de7ed9a10b67377aa8a4680dd6068
gool-alpha.tar.gz
Posted Aug 8, 2007
Authored by l0om | Site excluded.org

C library written to implement the functionality of Google queries into C related projects.

tags | library
MD5 | 56122e6e5da2c246e6f4fb910a1bb919
cosmoshop.txt
Posted May 22, 2006
Authored by l0om | Site excluded.org

Cosmoshop versions 8.11.106 and below suffer from SQL injection and directory traversal flaws.

tags | exploit, sql injection
MD5 | 0a180ffbc04addb45fc31a7fec22fee3
guestbook06.txt
Posted Feb 25, 2006
Authored by l0om | Site excluded.org

Login - Guestbox version 0.6 suffers from cross site scripting and administrative bypass flaws.

tags | exploit, xss
MD5 | 524976647523d018bdecb03ae121f0db
DWL-G700AP.txt
Posted Feb 20, 2006
Authored by l0om | Site excluded.org

It is possible to crash the web interface on a D-Link DWL-G700AP by sending it a simple GET request. POC included.

tags | advisory, web
MD5 | 54fe1137106d52d891bdb223424243a9
cosmoshop81078.txt
Posted Aug 31, 2005
Authored by l0om | Site excluded.org

Cosmoshop versions 8.10.78 and below suffer from SQL injection flaws, clear text passwords, and directory traversal flaws.

tags | exploit, sql injection
MD5 | 43eb2a684a72cba7453b395b76af5865
icb.c
Posted Apr 18, 2005
Authored by l0om | Site excluded.org

icb was written to inject a small logical bomb in elf files without resizing sections of the file itself.

tags | denial of service
MD5 | c57d7e2b8ec9d49b68ba7016af31196c
dwcSQL.txt
Posted Oct 27, 2004
Authored by l0om | Site excluded.org

dwc_articles versions 1.6 and below suffer from various SQL injection attacks.

tags | advisory, sql injection
MD5 | c484862626521a28fa336229ddffa0a0
lgool.c
Posted Oct 24, 2004
Authored by l0om

Lgool is a program that will search Google for a given vulnerability. It does the exact same thing you could do by going to Google and searching for nasty stuff like passwd.cfg, but without all the trouble of actually opening a web browser. It operates in a way that is similar to "gooscan" (written by johnny and presented at defcon this year).

tags | web
systems | unix
MD5 | e55503a54689dadbc3579185b250e9d1
serverviewInsecure.txt
Posted Sep 10, 2004
Authored by l0om | Site excluded.org

The Serverview server management product is susceptible to multiple denial of service and data corruption attacks due to insecure file permissions.

tags | advisory, denial of service
MD5 | 94374dfccc6e4738003184a6f18e8bc3
advisory13.txt
Posted May 19, 2004
Authored by l0om | Site excluded.org

osCommerce versions 2.x suffer from a directory traversal attack that allows for access to directories outside of the webroot.

tags | exploit
MD5 | 9f27e4abcf8a58882000fc1a740db958
ftpgrep.c
Posted May 13, 2004
Authored by l0om | Site excluded.org

ftpgrep tries to grep for valid users on remote machines using the old CWD ~ ftpd bug found in wuftpd and some other variants.

tags | exploit, remote
MD5 | 5aa0a9f328551d2162919d3f19134247
suse-yast.txt
Posted Apr 5, 2004
Authored by l0om | Site excluded.org

Possible symlink attack in SuSe's Yast Online Update tool.

tags | advisory
systems | linux, suse
MD5 | 92e05ab461557575452e09a08e2058fd
clamVE.txt
Posted Mar 30, 2004
Authored by l0om | Site excluded.org

Security comments regarding the way clamav sets up VirusEvent information and how it could be improved. Due to a lack of input sanitizing, the variable taken in on the command line could be used for malicious purposes when put to a system().

tags | advisory
MD5 | 34af715b4ea6dc16cfe3e385f041aeb2
eTrust60.txt
Posted Feb 9, 2004
Authored by l0om

eTrust Virus Protection 6.0 InoculateIT for Linux is vulnerable to various symlink attacks and also creates multiple world writeable files and directories that can lead to system compromise.

tags | advisory, virus
systems | linux
MD5 | c50f1b9150db331ae5c5cd26774d54d1
suse90symlinks.txt
Posted Jan 20, 2004
Authored by l0om

Various init related script in SuSE 9.0 are susceptible to symlink attacks.

tags | advisory
systems | linux, suse
MD5 | b0a771d87e4879f9b01efe708f43ed7e
networker60.txt
Posted Jan 19, 2004
Authored by l0om

A plausible symlink attack exists in networker version 6.0 in the shutdown script.

tags | advisory
MD5 | b0aa295afc5af5e52ad594417b9bdc82
susegnome.txt
Posted Jan 14, 2004
Authored by l0om | Site excluded.org

Local exploit that makes use of a symlink vulnerability in YaST when using SuSEconfig.gnome-filesystem.

tags | exploit, local
MD5 | 0afb41e7b07762223cc3288875dd7751
antivir.c
Posted Jan 14, 2004
Authored by l0om | Site excluded.org

Local exploit that makes use of a symlink vulnerability that lies in Antivir for Linux version 2.0.9-9.

tags | exploit, local
systems | linux
MD5 | 5afdc59fb13c6f0d8baab28cbbbc0772
lotus602linux.txt
Posted Jan 8, 2004
Authored by l0om | Site excluded.org

Lotus Notes version 6.0.2 on Linux installs with faulty permissions on its notes.ini file which would allow local attackers to compromise the system.

tags | advisory, local
systems | linux
MD5 | ff479a3ada47d118cfedaa67912ff16d
Page 1 of 2
Back12Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    7 Files
  • 23
    Jul 23rd
    2 Files
  • 24
    Jul 24th
    19 Files
  • 25
    Jul 25th
    28 Files
  • 26
    Jul 26th
    2 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close