SmbRelay3 is a proof of concept tool that is able to replay NTLM authentication from several protocols like SMB/HTTP/IMAP/etc.
c4576fe3ee7ac39a0393e9a737fca78376593895664fc89134376ec2cb90c4a2Microsoft Windows 2000 AS SP4 Message Queue exploit that takes advantage of the vulnerability noted in MS07-065.
c98477bc57103e54dfdc98421ad052473c5dfb8a29b81a40cde4e96a8bd1735aFast HTTP Auth Scanner is a new web security scanner for Windows that allows brute-force attacks against web based devices that require HTTP authentication. Source and binary included.
6fdc2f841cacc72e9f514e6f59a51e63dafb283ee4928442ee10a184d4887dfbMicrosoft DNS Server remote code execution exploit and analysis. This exploit works against TCP port 445. Tested against Windows 2000 server SP4 and Windows 2003 SP2. Binds a shell to TCP port 4444.
da933bee902a9d0ad317df3b6dae1ddd4b4844a53889479f6ff633eed2376da5Exploiting Microsoft DNS dynamic updates for fun and profit.
c5ab6320f2c6c4fb706f554131fc0d9e5bb76c5ef5653d4c5995ddca09bf0050Universal exploit for vulnerable EnumPrintersW() calls related to the spooler service. Allows code execution with SYSTEM privileges. Affected includes DiskAccess NFS Client (dapcnfsd.dll version 0.6.4.0), Citrix Metaframe - cpprov.dll, and Novell - nwspool.dll.
2b62efa9f7692468c57fd5ccfb6faa392631ea515d577bee9c4b44042069ea68This tool allows you to impersonate user credentials (with namedpipes) and execute a shell. One of the best features of this tool is that it includes some new attack vectors (payload generator with -t parameter) to force network users to connect to a remote host (desktop.ini, html code, lnk files, url files,pps,) so smbrelay can also be used.
9346dee563fb29b2b3df7d23637e8761553627b823a55102ab2f1771384d41cbThis tool is able to duplicate all Tokens stored in the system by calling NtQuerySystemInformation(). Duplicated Tokens allow users with local Administrator rights to execute code with credentials of every user that is logged on to the system locally or over network. Default mode only extracts tokens from the lsass process.
1a0435ffe70c05e1ac855b72e2791c48ef936b97e049469b6101088dd1cb7a06This tool enumerates all processes and threads running and shows their Token owner information. Users with SE_DEBUG_NAME privilege should be able to inject code on a local process and execute code with their privileges. This could be useful to obtain an interactive shell (at port 8080) when an user session is locked.
1ac149ac191a602c8eba43f12c04a137a7aacdf4f3d5eb3938a05335167236e8TIBCO RendezVous versions 7.4.11 and below local password extractor exploit.
37a8f2470720c05fb268d55580ae48abacf5b06355d3ed795e8b36f4da1109d8TIBCO RendezVous versions 7.4.11 and below remote buffer overflow proof of concept exploit for Win32.
a2acc82193bc944036d11007da642449232210befd672ef7859b1dc487c9713fPrivilege escalation exploit for Windows networks using weak service restrictions.
34bff3fb3d15bec768c08cd8b636431feca0c25ff6e698753eed31aa91257bbeSmall bindshell (908 bytes for binary) for Windows compacted to 804 bytes with a little Headers modification. Both binary and Source code (VC++) included.
c24879c1a910a3cda9f80e94fd66cb18d753862ab5efbb173718dbd4591c8a19Internet Explorer content advisor exploit that is related to MS05-020.
2f95b570804ce81df9cc63e603821d901dd46f7d675f57008472b4a884355879SIA has discovered a buffer overflow in EXT.DLL, a module that handles HTTP requests in BadBlue versions below 2.6.
b5607998c3430b98c9a9226f12852961b96d8150541c9eb0ce960333b9bd954aBadBlue webserver version 2.55 remote buffer overflow exploit. Tested under Windows 2000 Professional SP3/SP4 Spanish, Windows 2000 Server SP4 Spanish, and Windows XP SP1 Spanish.
fe7238baf095c01f92cdae15b943f6068e411290a7891e914c4bab324c9f43f7BadBlue webserver version 2.5 is susceptible to a remote buffer overflow vulnerability that allows for code execution. Full exploit provided.
73a20d2002ca46bb0adf0da831ff0b843279055c07ced4db282a219e1074b5fbRkdscan is a scanner designed to detect whether or not an NT based computer is infected with the Hacker Defender root kit. To do this, it makes use of a design flaw.
fb9cf84d81fd7fd2614c962389c68e8ab96259991c2e6cda0003ae94c0aab8e4Fastream NETFile FTP/Web Server versions 6.7.2.1085 and below suffer from input validation errors that allow malicious attackers to upload, create, and delete files in the application directory.
fd1a383030a6185b2e7e538d9fe23be9e41eb02241f1ecab5cc31cde950bba37The embedded webserver for the Thomson TCM315 cable modem is vulnerable to a buffer overflow during a typical GET method HTTP request.
9fe3659ee27d616cce7a519a8bdc569a333a69876d8490c3875cba0299d02fe9
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed