exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 64 RSS Feed

Files from Joxean Koret

Email addressjoxeankoret at yahoo.es
First Active2004-08-24
Last Active2014-04-11
eScan Web Management Console Command Injection
Posted Apr 11, 2014
Authored by Joxean Koret, juan vazquez | Site metasploit.com

This Metasploit module exploits a command injection vulnerability found in the eScan Web Management Console. The vulnerability exists while processing CheckPass login requests. An attacker with a valid username can use a malformed password to execute arbitrary commands. With mwconf privileges, the runasroot utility can be abused to get root privileges. This Metasploit module has been tested successfully on eScan 5.5-2 on Ubuntu 12.04.

tags | exploit, web, arbitrary, root
systems | linux, ubuntu
SHA-256 | be98f3a46fc9d7210a97e0f50b3bd1ba9ebef9cc6d3e9b5455d3e8e5c69531c0
Oracle TNS Poison
Posted Apr 26, 2012
Authored by Joxean Koret

Oracle Database versions 8i to 11g R2 suffers from a TNS related vulnerability that allow for a remote attacker to route legitimate connections to a malicious system.

tags | advisory, remote
SHA-256 | f6e015e3231892e2f60f0fdb097e58a74a7d728f40df74879e8d6435fe601648
Oracle Financials R12 SQL Injection
Posted Apr 16, 2010
Authored by Joxean Koret

Oracle Financials R12 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | bc6073b73bb7d906eb7b8c0c493c1fba57d3478f2f57be2d7035684045cce015
DeepToad Fuzzy Hash Tool 1.1.0
Posted Jan 4, 2010
Authored by Joxean Koret | Site code.google.com

DeepToad is a tool for computing fuzzy hashes from files. DeepToad can generate signatures, clusterize files and/or directories and compare them. It's inspired in the very good tool ssdeep and, in fact, both projects are very similar. The complete project is written in pure python and is distributed under the LGPL license.

tags | python, fuzzer
SHA-256 | 195b3d4c57d15a6fee7b7136f3351f12f13fb9a8144df5002b92a4485043bd1a
Oracle Times Ten Format String
Posted Jan 15, 2009
Authored by Joxean Koret

Oracle TimesTen remote format string vulnerability proof of concept exploit.

tags | exploit, remote, proof of concept
SHA-256 | bebdb947f4e466dcc6f48b65fba9c20daffa4ee812db84d318cf6cb2c1d84eb5
Oracle Secure Backup 10g Remote Code Execution
Posted Jan 15, 2009
Authored by Joxean Koret

The Oracle January 2009 Critical Patch Update fixes a vulnerability which allows a remote pre-authenticated attacker to execute arbitrary code in the context of the user running the web server of Oracle Secure Backup.In Windows environments, the vulnerability allows execution of arbitrary code as SYSTEM. In Unix and GNU/Linux environments, however, just as a normal user(oracle usually). Proof of concept code included.

tags | exploit, remote, web, arbitrary, proof of concept
systems | linux, windows, unix
SHA-256 | 0be6210659dc840c141aa2f7bab508fdbe7b79872fd8e733b4a438459e93b4c6
Project Zero Wine Malware Analysis
Posted Dec 31, 2008
Authored by Joxean Koret | Site zerowine.sourceforge.net

Zero wine is an open source research project to dynamically analyze the behavior of malware. Zero wine just runs the malware using WINE in a safe virtual sandbox (in an isolated environment) collecting information about the APIs called by the program.

systems | unix
SHA-256 | 127913ecc9ae147baf58b9cb4a644bc09171f124c54ce62693d70ab4ee9c29f7
Inguma Penetration Testing Toolkit
Posted Dec 31, 2008
Authored by Joxean Koret

Inguma is a free penetration testing and vulnerability discovery toolkit entirely written in python. Framework includes modules to discover hosts, gather information about, fuzz targets, brute force usernames and passwords, exploits, and a disassembler.

Changes: Many new additions, various support, and a few changes have been made.
tags | tool, scanner, python
systems | unix
SHA-256 | 8d2c9670ee8b7e32c24e719d2f3be71a7d66596177066c10ed4d9db6063ef761
iDEFENSE Security Advisory 2008-10-09.1
Posted Oct 15, 2008
Authored by iDefense Labs, Joxean Koret | Site idefense.com

iDefense Security Advisory 10.09.08 - Remote exploitation of a heap based buffer overflow in Sun Microsystems Inc.'s Sun Java Web Proxy could allow an attacker to execute arbitrary code. A heap based buffer overflow exists in the handling of FTP resources. Specifically the vulnerability resides within the code responsible for handling HTTP GET requests. Sun Java System Web Proxy Server 4.0 through 4.0.7 is vulnerable in the following versions: SPARC Platform prior to patch 120981-15, x86 Platform prior to patch 120982-15, Linux prior to patch 120983-15, HP-UX prior to patch 123532-05, Windows prior to patch 126325-05.

tags | advisory, java, remote, web, overflow, arbitrary, x86
systems | linux, windows, hpux
advisories | CVE-2008-4541
SHA-256 | f6a92e493a76a9b47f215b7530718298cbd6b92be1e2d9ac53b1345ab7319330
inguma-0.0.9.1.tar.gz
Posted Aug 13, 2008
Authored by Joxean Koret

Inguma is a free penetration testing and vulnerability discovery toolkit entirely written in python. Framework includes modules to discover hosts, gather information about, fuzz targets, brute force usernames and passwords, exploits, and a disassembler.

Changes: Various bug fixes, new modules added, and a lot of new exploits.
tags | tool, scanner, python
systems | unix
SHA-256 | e5c56aed374969acc0d9b93fac8849bb83482705761f98a010ffad11047b6ca6
oracleidir-dos.txt
Posted Jul 21, 2008
Authored by Joxean Koret

Oracle Internet Directory version 10.1.4 remote pre-authentication denial of service exploit.

tags | exploit, remote, denial of service
advisories | CVE-2008-2595
SHA-256 | 8d1454c1f63a29730308467b4cbabfa22ad6cd5aef0563cb61441a2c8e3c5904
oracleuntrust-local.txt
Posted Jul 21, 2008
Authored by Joxean Koret

Oracle 10g R2 and Oracle 11g suffers from a local root compromise vulnerable via the extjob binary.

tags | advisory, local, root
advisories | CVE-2008-2613
SHA-256 | 5801b5819247158291af1a2ef9c8573ea460ec9ef2edb3928337fe02dab30040
iDEFENSE Security Advisory 2008-07-15.3
Posted Jul 16, 2008
Authored by iDefense Labs, Joxean Koret | Site idefense.com

iDefense Security Advisory 07.15.08 - Local exploitation of an untrusted library path vulnerability in Oracle Corp.'s Oracle Database product allows attackers to gain elevated privileges. This vulnerability specifically exists in a set-uid root program distributed with Oracle Database for Linux and Unix platforms. By replacing a module owned by the oracle user, which is loaded by this program, an attacker can execute arbitrary code as root. iDefense confirmed the existence of this vulnerability in Oracle 11g R1 version 11.1.0.6.0 on 32-bit Linux platform. Previous versions may also be affected.

tags | advisory, arbitrary, local, root
systems | linux, unix
advisories | CVE-2008-2613
SHA-256 | 01a615097a77c6303f3b770b31f3e4481133f468b5bad9ffbcfaea23ea933114
iDEFENSE Security Advisory 2008-07-15.2
Posted Jul 16, 2008
Authored by iDefense Labs, Joxean Koret | Site idefense.com

iDefense Security Advisory 07.15.08 - Remote exploitation of a buffer overflow vulnerability in the DBMS_AQELM package in Oracle Corp.'s Oracle Database product allows attackers to execute arbitrary code with the privileges of the database user. This vulnerability exists due to improper input validation when handling a parameter passed to a procedure within the DBMS_AQELM package. Since the parameter is not properly validated, providing a long string can cause a buffer overflow to occur. This results in corruption of the database and could allow for the execution of arbitrary code as the database user. iDefense confirmed the existence of this vulnerability in Oracle Database version 10.2.0.3 and 11.1.0.6 with the October 2007 CPU applied. Previous versions may also be affected.

tags | advisory, remote, overflow, arbitrary
advisories | CVE-2008-2607
SHA-256 | 01ee6c67c85787f73c33c76013b6095d4c5cc691acac1583a9413464e178ede0
iDEFENSE Security Advisory 2008-07-15.1
Posted Jul 16, 2008
Authored by iDefense Labs, Joxean Koret | Site idefense.com

iDefense Security Advisory 07.15.08 - Remote exploitation of a pre-authentication input validation vulnerability in Oracle Corp.'s Oracle Internet Directory allows an attacker to conduct a denial of service attack on a vulnerable host. Internet Directory consists of two processes. One process acts as a listener. It handles incoming connections and passes them off to the second process. The second process, which handles requests, contains the vulnerability. When processing a malformed LDAP request, it is possible to cause the handler to dereference a NULL pointer. This results in the process crashing. Future connection requests will be accepted by the listener process, and then immediately closed when it finds that there is no handler process running. iDefense confirmed the existence of this vulnerability in Oracle Internet Directory for Windows version 10.1.4.0.1 with the April 2007 CPU installed. Previous versions may also be affected.

tags | advisory, remote, denial of service
systems | windows
advisories | CVE-2008-2595
SHA-256 | b68c1567bcbb9c57e54d5c5d2a26fa9cc93258efcc805e6245e76fe2cfb9c7e1
iDEFENSE Security Advisory 2008-04-15.1
Posted Apr 16, 2008
Authored by iDefense Labs, Joxean Koret | Site idefense.com

iDefense Security Advisory 04.15.08 - Local exploitation of a design error vulnerability in Oracle Corp.'s Application Express web application development tool allows attackers to gain elevated privileges. The vulnerability exists in "run_ddl" function within the "wwv_execute_immediate" package. This package is included in the "flows_030000" schema. This function allows attackers to execute SQL commands as any database user, such as SYS. iDefense confirmed the existence of this vulnerability in Oracle Application Express version 3.0.1.00.08, which is installed by default with Oracle Database 11g R1 (version 11.1.0.6.0). Previous versions may also be affected. However, Oracle Database 10g R2 does not install Oracle Application Express by default.

tags | advisory, web, local
advisories | CVE-2008-1811
SHA-256 | e62655ecf9cf417e237bbdfa2451137b6da01ab4c98426bae246e30ac759b70b
inguma-0.0.7.2.tar.gz
Posted Mar 13, 2008
Authored by Joxean Koret

Inguma is a free penetration testing and vulnerability discovery toolkit entirely written in python. Framework includes modules to discover hosts, gather information about, fuzz targets, brute force usernames and passwords, exploits, and a disassembler.

Changes: New modules and exploits have been added. Many bug fixes have been implemented.
tags | tool, scanner, python
systems | unix
SHA-256 | 8ca227a5185935eb4e9d9d9589b2b5a530796988f05cb346e009c89cdf86cd5d
Zero Day Initiative Advisory 07-058
Posted Nov 1, 2007
Authored by Joxean Koret, Tipping Point | Site zerodayinitiative.com

This vulnerability allows remote attackers to inject arbitrary SQL on vulnerable installations of Oracle E-Business Suite. Authentication is not required to exploit this vulnerability. E-Business Suite 11 and 12 are affected.

tags | advisory, remote, arbitrary
advisories | CVE-2007-5766
SHA-256 | 96684c7132ac3e55d227aa3711a66591be381cb18aa2e292f322af5e49447875
oracle_database_vault_en.pdf
Posted Oct 29, 2007
Authored by Joxean Koret

Slides from the presentation Oracle Database Vault: Design Failures.

tags | paper
SHA-256 | aa413dac2420e9793150ea25140ef356d8f3b5c166c5a82b88e5082a51840006
inguma-0.0.5.1.tar.gz
Posted Oct 23, 2007
Authored by Joxean Koret

Inguma is a free penetration testing and vulnerability discovery toolkit entirely written in python. Framework includes modules to discover hosts, gather information about, fuzz targets, brute force usernames and passwords, exploits, and a disassembler.

Changes: Added an exploit, modules, a tool, and password crackers.
tags | tool, scanner, python
systems | unix
SHA-256 | 43a552e512b8861681b69844961c7428f2bac3f6ad0e5fec9cf4a463e848fbb6
inguma-0.0.3.tar.gz
Posted Sep 7, 2007
Authored by Joxean Koret

Inguma is a free penetration testing and vulnerability discovery toolkit entirely written in python. Framework includes modules to discover hosts, gather information about, fuzz targets, brute force usernames and passwords, exploits, and a disassembler.

tags | tool, scanner, python
systems | unix
SHA-256 | 523cb75e2904a5baaab11420acd5d4ebab73e8744c2ba5ea5d3e5c18c17dcde8
enterprisedb-pointer.txt
Posted Aug 30, 2007
Authored by Joxean Koret

EnterpriseDB Advanced Server version 8.2 suffers from an uninitialized pointer vulnerability that may allow for remote code execution.

tags | advisory, remote, code execution
SHA-256 | b2765a949f88838b2b0e83991de18eb81e1d045502375c29a4da8077445d7b69
exploit.py.txt
Posted Aug 27, 2007
Authored by Joxean Koret

Alpha Centauri Software SIDVault LDAP server remote root exploit.

tags | exploit, remote, root
SHA-256 | 2750f20b02511bfcdb88b26b23e7a140b13e9a579b3042dbe76e879bf45a24e3
sidvault-overflow.txt
Posted Aug 27, 2007
Authored by Joxean Koret

The SIDVault LDAP server is susceptible to a remote buffer overflow vulnerability.

tags | advisory, remote, overflow
SHA-256 | 557a00ff64bdd8c62eeceae1b18c65745435c5ae707fced95efd1184e1ba5b52
iDEFENSE Security Advisory 2007-05-08.4
Posted May 10, 2007
Authored by iDefense Labs, Joxean Koret | Site idefense.com

iDefense Security Advisory 05.08.07 - Remote exploitation of an integer overflow vulnerability in the IMAP service of Microsoft Exchange 2000 could allow a remote attacker to crash all running Exchange services and other services in the same process. The vulnerability specifically exists in code responsible for reading of literals in the IMAP4 service. When the IMAP4 service encounters a specially crafted literal, it fails to properly process it. An access violation occurs causing an unhandled exception that terminates the process. iDefense confirmed the existence of this vulnerability in Microsoft Exchange 2000 with Service Pack 3.

tags | advisory, remote, overflow, imap
advisories | CVE-2007-0221
SHA-256 | fced1ee1ae6edabb2f453b8dea3d929f5b5acd4a65d224dfbf4d2976fa6ca9cb
Page 1 of 3
Back123Next

File Archive:

September 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    23 Files
  • 2
    Sep 2nd
    12 Files
  • 3
    Sep 3rd
    0 Files
  • 4
    Sep 4th
    0 Files
  • 5
    Sep 5th
    10 Files
  • 6
    Sep 6th
    8 Files
  • 7
    Sep 7th
    30 Files
  • 8
    Sep 8th
    14 Files
  • 9
    Sep 9th
    26 Files
  • 10
    Sep 10th
    0 Files
  • 11
    Sep 11th
    0 Files
  • 12
    Sep 12th
    5 Files
  • 13
    Sep 13th
    28 Files
  • 14
    Sep 14th
    15 Files
  • 15
    Sep 15th
    17 Files
  • 16
    Sep 16th
    9 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    12 Files
  • 20
    Sep 20th
    15 Files
  • 21
    Sep 21st
    20 Files
  • 22
    Sep 22nd
    13 Files
  • 23
    Sep 23rd
    12 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close