what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 16 of 16 RSS Feed

Files from Efrain Torres

Email addresset at cyberspace.org
First Active1999-08-17
Last Active2024-09-01
MS09-020 IIS6 WebDAV Unicode Authentication Bypass
Posted Sep 1, 2024
Authored by Efrain Torres, aushack | Site metasploit.com

This Metasploit module attempts to to bypass authentication using the WebDAV IIS6 Unicode vulnerability discovered by Kingcope. The vulnerability appears to be exploitable where WebDAV is enabled on the IIS6 server, and any protected folder requires either Basic, Digest or NTLM authentication.

tags | exploit
advisories | CVE-2009-1122, CVE-2009-1535
SHA-256 | 5012479314892cd881dad187059b4c650acb9e753aec5bd911756919ebc31af4
WPAD.dat File Server
Posted Aug 31, 2024
Authored by Efrain Torres | Site metasploit.com

This Metasploit module generates a valid wpad.dat file for WPAD mitm attacks. Usually this module is used in combination with DNS attacks or the NetBIOS Name Service Spoofer module. Please remember as the server will be running by default on TCP port 80 you will need the required privileges to open that port.

tags | exploit, tcp
SHA-256 | dea84a22b01768d6a2d562778fdb7f6500af85950b2379daed227689d270ea29
WS-FTP Server 5.03 MKD Overflow
Posted Nov 26, 2009
Authored by Efrain Torres, Reed Arvin | Site metasploit.com

This Metasploit module exploits the buffer overflow found in the MKD command in IPSWITCH WS_FTP Server 5.03 discovered by Reed Arvin.

tags | exploit, overflow
advisories | CVE-2004-1135
SHA-256 | a02f6ac90722950f7cf9e9ec7de40ea0b4e16e7333b5eec50d5a521bbc791950
NotmuchG.pl.txt
Posted Oct 13, 2004
Authored by Efrain Torres

Perl exploit for IPSwitch WhatsUp Gold version 8.03 that is susceptible to a remote buffer overflow. Tested on Win2k SP4. Successful exploitation binds a shell on port 28876.

tags | exploit, remote, overflow, shell, perl
systems | windows
SHA-256 | b7b7d1f951c995bd27e62ff153bb7f9993e73e740853df20fdf3c84d9b75a8d6
ShatterMaster.zip
Posted Aug 5, 2003
Authored by Efrain Torres

Shatter Master is a win32 program made in VB6 to develop and exploit shatter attacks in Windows NT/2k/XP. Related information available here.

systems | windows
SHA-256 | c5950147449ed4a389f5d8bef53044cb8e1930a127a12b45da93507005f58a57
wmap1.3.tar.gz
Posted Dec 29, 2002
Authored by Efrain Torres | Site pwp.007mundo.com

Wmap v1.3 is a cgi scanner that attempts to be smarter than most. To increase the chance of finding useful stuff, wmap has a file containing interesting Directories (dirs.db) and other file containing common cgi dirs (dircgis.db) to search for. If a directory is found is added to the test. This include all the directories that are found in the html tags. For each directory found, not only scans for vulnerable CGI's (cgis.db) it scan for interesting files (ex. passwords.tmp) included in the file (file.db) and does an http PUT scan.

Changes: Many bug fixes.
tags | web, cgi
systems | unix
SHA-256 | ac3b777a7381abf8276557c6f9dd8e715134d18322a8f3c05dc95e3bee0f5fe2
wmap1.2.tar.gz
Posted Feb 19, 2002
Authored by Efrain Torres | Site pwp.007mundo.com

Wmap v1.2 is a cgi scanner that attempts to be smarter than most. To increase the chance of finding useful stuff, wmap has a file containing interesting Directories (dirs.db) and other file containing common cgi dirs (dircgis.db) to search for. If a directory is found is added to the test. This include all the directories that are found in the html tags. For each directory found, not only scans for vulnerable CGI's (cgis.db) it scan for interesting files (ex. passwords.tmp) included in the file (file.db) and does an http PUT scan.

tags | web, cgi
systems | unix
SHA-256 | 9401723e6a8fa8cef94bcdef5cc3e81baf2fd849c83c526c353df37664fcb743
snoop.servlet.txt
Posted Jul 20, 2000
Authored by Efrain Torres, lownoise

The Snoop Servlet on Release Build 3.1 and 3.0 of Tomcat from Apache Software Foundation reveals the full path to the webserver and OS.

tags | exploit
SHA-256 | 4412a9fbf956a5c83fe9f9fb236ddce13ba9aaa0a2f53e147babce25c1a4ca6b
tomcat-3.1.path.txt
Posted Jul 20, 2000
Authored by Efrain Torres, lownoise

Tomcat v3.1 from the Apache Software Foundation displays the full path of the web server.

tags | exploit, web
SHA-256 | 5db9188e04c6196fa5da09380ae76d6c9cd1be4273d6f1aaeb04095b15504e03
ismyasp.pl
Posted May 15, 2000
Authored by Efrain Torres, lownoise

LoWNOISE - ISMyASP - IIS ASP source code viewer using the ISM.DLL buffer truncation bug.

tags | exploit, asp
SHA-256 | 9241f106e5a1324d8a3d58d2cb7e0f90b573f60e513c6fc2476e0f44a3d799b3
rightfax.txt
Posted Feb 1, 2000
Authored by Efrain Torres, lownoise

RightFax Web Client v5.2 allows anyone to hijack user's faxes.

tags | exploit, web
SHA-256 | b1cf8e924a8955fbca00ac2f800a2f581144ff0653bec1c93bfc51551e925f07
sslcrack.zip
Posted Nov 15, 1999
Authored by Efrain Torres, lownoise

sslcrack is a basic VB5 win9x brute force PIN SSL cracker. Zip includes HomeBanking.txt, which explains a common weakness in Home Banking systems that allows brute forcing the PIN.

systems | windows
SHA-256 | 11b9ec1913a404f6702c653d2d48e9dafae7c4ae3d992e80bf89f454dba7654d
menu2eng.txt
Posted Aug 17, 1999
Authored by Efrain Torres, lownoise

How To Break Out of Restricted Shells and Menus, v2.3 - An excellent whitepaper detailing methods for breaking out of virtually any kind of restricted shell or menu you might come across.

tags | paper, shell
SHA-256 | 0360f346bef57652d779fb01c3362de641f401dfd13d44fbab3f2c7c778c40b3
PADLOCK.txt
Posted Aug 17, 1999
Authored by Efrain Torres

PADLOCK-IT v1.01 contains numerous security holes and improperly manages passwords, making for a very unsecure implementation of the Twofish encryption algorithm.

tags | exploit
SHA-256 | c38a94329ea92d8f5dd5c2d3c70347785d9d8ea9241027546f6eac17314e04bd
lowkill21.zip
Posted Aug 17, 1999
Authored by Efrain Torres, lownoise

LoWKILL 2.1 is a Windows9x/NT port of the modem escape character Denial of Service exploit (+++ATHO). Designed for a user-friendly, low-quality, low-performance enviroment, LoWKILL 2.1 allows you to target entire subnets and select custom escape character sequences to kill Internet connections remotely.

tags | exploit, denial of service
SHA-256 | 79299c40c71a574ff56108046c9f12a209d6cb0607ca6067375edbdf9856a756
padlock-it.txt
Posted Aug 17, 1999
Authored by Efrain Torres, lownoise

The password protection program PADLOCK-IT Version 1.01 does not properly implement the TwoFish encryption used, rendering both the encryption algorithm and the software program security meaningless.

tags | exploit
SHA-256 | 66148569b9eddf84dbdfee993d8bd1cd3c80b68754b5bbc178f3b54e7f1fd1fa
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close