what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 20 of 20 RSS Feed

Files from Andres Tarasco

Email addressatarasco at gmail.com
First Active2003-11-25
Last Active2008-11-14
smbrelay3.zip
Posted Nov 14, 2008
Authored by Andres Tarasco | Site 514.es

SmbRelay3 is a proof of concept tool that is able to replay NTLM authentication from several protocols like SMB/HTTP/IMAP/etc.

tags | web, imap, protocol, proof of concept
SHA-256 | c4576fe3ee7ac39a0393e9a737fca78376593895664fc89134376ec2cb90c4a2
2007-MessageQueue.zip
Posted Dec 24, 2007
Authored by Andres Tarasco, Mario Ballano | Site 514.es

Microsoft Windows 2000 AS SP4 Message Queue exploit that takes advantage of the vulnerability noted in MS07-065.

tags | exploit
systems | windows
advisories | CVE-2007-3039
SHA-256 | c98477bc57103e54dfdc98421ad052473c5dfb8a29b81a40cde4e96a8bd1735a
fscan-both.tgz
Posted Jul 25, 2007
Authored by Andres Tarasco | Site 514.es

Fast HTTP Auth Scanner is a new web security scanner for Windows that allows brute-force attacks against web based devices that require HTTP authentication. Source and binary included.

tags | web
systems | windows
SHA-256 | 6fdc2f841cacc72e9f514e6f59a51e63dafb283ee4928442ee10a184d4887dfb
Microsoft_Dns_Server_Exploit.zip
Posted Apr 17, 2007
Authored by Andres Tarasco, Mario Ballano | Site 514.es

Microsoft DNS Server remote code execution exploit and analysis. This exploit works against TCP port 445. Tested against Windows 2000 server SP4 and Windows 2003 SP2. Binds a shell to TCP port 4444.

tags | exploit, remote, shell, tcp, code execution
systems | windows
advisories | CVE-2007-1748
SHA-256 | da933bee902a9d0ad317df3b6dae1ddd4b4844a53889479f6ff633eed2376da5
dnsfun.c
Posted Mar 24, 2007
Authored by Andres Tarasco | Site 514.es

Exploiting Microsoft DNS dynamic updates for fun and profit.

tags | exploit
SHA-256 | c5ab6320f2c6c4fb706f554131fc0d9e5bb76c5ef5653d4c5995ddca09bf0050
Universal_printer_provider_exploit.zip
Posted Jan 30, 2007
Authored by Andres Tarasco | Site 514.es

Universal exploit for vulnerable EnumPrintersW() calls related to the spooler service. Allows code execution with SYSTEM privileges. Affected includes DiskAccess NFS Client (dapcnfsd.dll version 0.6.4.0), Citrix Metaframe - cpprov.dll, and Novell - nwspool.dll.

tags | exploit, code execution
advisories | CVE-2006-5854
SHA-256 | 2b62efa9f7692468c57fd5ccfb6faa392631ea515d577bee9c4b44042069ea68
NamedPipes.zip
Posted Oct 9, 2006
Authored by Andres Tarasco | Site 514.es

This tool allows you to impersonate user credentials (with namedpipes) and execute a shell. One of the best features of this tool is that it includes some new attack vectors (payload generator with -t parameter) to force network users to connect to a remote host (desktop.ini, html code, lnk files, url files,pps,) so smbrelay can also be used.

tags | remote, shell
SHA-256 | 9346dee563fb29b2b3df7d23637e8761553627b823a55102ab2f1771384d41cb
TokenExecution.zip
Posted Oct 9, 2006
Authored by Andres Tarasco | Site 514.es

This tool is able to duplicate all Tokens stored in the system by calling NtQuerySystemInformation(). Duplicated Tokens allow users with local Administrator rights to execute code with credentials of every user that is logged on to the system locally or over network. Default mode only extracts tokens from the lsass process.

tags | local
SHA-256 | 1a0435ffe70c05e1ac855b72e2791c48ef936b97e049469b6101088dd1cb7a06
ProcessInjector.zip
Posted Oct 9, 2006
Authored by Andres Tarasco | Site 514.es

This tool enumerates all processes and threads running and shows their Token owner information. Users with SE_DEBUG_NAME privilege should be able to inject code on a local process and execute code with their privileges. This could be useful to obtain an interactive shell (at port 8080) when an user session is locked.

tags | shell, local
SHA-256 | 1ac149ac191a602c8eba43f12c04a137a7aacdf4f3d5eb3938a05335167236e8
TibcoPasswordExtractor.c
Posted Sep 7, 2006
Authored by Andres Tarasco | Site 514.es

TIBCO RendezVous versions 7.4.11 and below local password extractor exploit.

tags | exploit, local
SHA-256 | 37a8f2470720c05fb268d55580ae48abacf5b06355d3ed795e8b36f4da1109d8
tibco_POC.c
Posted Sep 7, 2006
Authored by Andres Tarasco | Site 514.es

TIBCO RendezVous versions 7.4.11 and below remote buffer overflow proof of concept exploit for Win32.

tags | exploit, remote, overflow, proof of concept
systems | windows
SHA-256 | a2acc82193bc944036d11007da642449232210befd672ef7859b1dc487c9713f
srvcheck2.zip
Posted Feb 14, 2006
Authored by Andres Tarasco | Site haxorcitos.com

Privilege escalation exploit for Windows networks using weak service restrictions.

tags | exploit
systems | windows
SHA-256 | 34bff3fb3d15bec768c08cd8b636431feca0c25ff6e698753eed31aa91257bbe
minishell.zip
Posted Feb 14, 2006
Authored by Andres Tarasco, Miguel Tarasco Acuna | Site haxorcitos.com

Small bindshell (908 bytes for binary) for Windows compacted to 804 bytes with a little Headers modification. Both binary and Source code (VC++) included.

systems | windows
SHA-256 | c24879c1a910a3cda9f80e94fd66cb18d753862ab5efbb173718dbd4591c8a19
RatBof.cpp
Posted May 27, 2005
Authored by Andres Tarasco, Miguel Tarasco Acuna | Site haxorcitos.com

Internet Explorer content advisor exploit that is related to MS05-020.

tags | exploit
SHA-256 | 2f95b570804ce81df9cc63e603821d901dd46f7d675f57008472b4a884355879
badblue-adv.txt
Posted Feb 28, 2005
Authored by Andres Tarasco

SIA has discovered a buffer overflow in EXT.DLL, a module that handles HTTP requests in BadBlue versions below 2.6.

tags | advisory, web, overflow
SHA-256 | b5607998c3430b98c9a9226f12852961b96d8150541c9eb0ce960333b9bd954a
badblue.cpp
Posted Feb 28, 2005
Authored by Andres Tarasco, Miguel

BadBlue webserver version 2.55 remote buffer overflow exploit. Tested under Windows 2000 Professional SP3/SP4 Spanish, Windows 2000 Server SP4 Spanish, and Windows XP SP1 Spanish.

tags | exploit, remote, overflow
systems | windows
SHA-256 | fe7238baf095c01f92cdae15b943f6068e411290a7891e914c4bab324c9f43f7
badblue25.c
Posted Feb 28, 2005
Authored by class101, Andres Tarasco | Site Hat-Squad.com

BadBlue webserver version 2.5 is susceptible to a remote buffer overflow vulnerability that allows for code execution. Full exploit provided.

tags | exploit, remote, overflow, code execution
SHA-256 | 73a20d2002ca46bb0adf0da831ff0b843279055c07ced4db282a219e1074b5fb
rkdscan.zip
Posted Oct 26, 2004
Authored by Andres Tarasco | Site siainternational.com

Rkdscan is a scanner designed to detect whether or not an NT based computer is infected with the Hacker Defender root kit. To do this, it makes use of a design flaw.

tags | tool, root, scanner
systems | unix
SHA-256 | fb9cf84d81fd7fd2614c962389c68e8ab96259991c2e6cda0003ae94c0aab8e4
Fastream_advisory.txt
Posted Jul 4, 2004
Authored by Andres Tarasco | Site haxorcitos.com

Fastream NETFile FTP/Web Server versions 6.7.2.1085 and below suffer from input validation errors that allow malicious attackers to upload, create, and delete files in the application directory.

tags | advisory, web
SHA-256 | fd1a383030a6185b2e7e538d9fe23be9e41eb02241f1ecab5cc31cde950bba37
TCM315.txt
Posted Nov 25, 2003
Authored by Andres Tarasco

The embedded webserver for the Thomson TCM315 cable modem is vulnerable to a buffer overflow during a typical GET method HTTP request.

tags | exploit, web, overflow
SHA-256 | 9fe3659ee27d616cce7a519a8bdc569a333a69876d8490c3875cba0299d02fe9
Page 1 of 1
Back1Next

File Archive:

July 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    52 Files
  • 2
    Jul 2nd
    0 Files
  • 3
    Jul 3rd
    0 Files
  • 4
    Jul 4th
    11 Files
  • 5
    Jul 5th
    8 Files
  • 6
    Jul 6th
    8 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    0 Files
  • 9
    Jul 9th
    0 Files
  • 10
    Jul 10th
    0 Files
  • 11
    Jul 11th
    0 Files
  • 12
    Jul 12th
    0 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    0 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close