what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 11 of 11 RSS Feed

Files from I)ruid

Email addressdruid at caughq.org
First Active2004-08-24
Last Active2011-12-01
InfoSec Southwest 2012 Call For Papers
Posted Dec 1, 2011
Authored by I)ruid | Site infosecsouthwest.com

The InfoSec Southwest staff are now soliciting papers to be presented at their 2012 conference to be held March 30th through April 1st, 2012 in Austin, Texas.

tags | paper, conference
SHA-256 | d9a8b78ff7f095354470943cd115931c553c2ef7ae0abbceba8f8c08fcaa4dd2
Metasploit Framework Telephony
Posted Jan 10, 2011
Authored by I)ruid

Whitepaper called Metasploit Framework Telephony.

tags | paper
SHA-256 | 8ad97e0f40ee20abff399d896a837b73c149d2772681b082896b4784a32ee866
Test Dialup Exploit
Posted Dec 31, 2009
Authored by I)ruid | Site metasploit.com

This exploit connects to a system's modem over dialup and provides the user with a readout of the login banner.

tags | exploit
SHA-256 | 6e01f6b1ed3484659805eb43e03eb97a23a6273485669abbe6a07c7362a7a728
Solaris ypupdated Command Execution
Posted Oct 28, 2009
Authored by I)ruid

This exploit targets a weakness in the way the ypupdated RPC application uses the command shell when handling a MAP UPDATE request.

tags | exploit, shell
advisories | CVE-1999-0209
SHA-256 | 7c27019bedb0e26575dc7a9ad1810a98487a76f946e66dee2a85a79237351e19
System V Derived /bin/login Extraneous Arguments Buffer Overflow
Posted Oct 27, 2009
Authored by I)ruid

This exploit connects to a system's modem over dialup and exploits a buffer overflow vulnerability in it's System V derived /bin/login. The vulnerability is triggered by providing a large number of arguments.

tags | exploit, overflow
advisories | CVE-2001-0797
SHA-256 | 879fb76e40bddd82af476396294fcefd3b2cf5ce2ed0dcf7a06b1239ed4be912
bailiwicked_domain.rb.txt
Posted Jul 24, 2008
Authored by H D Moore, I)ruid | Site caughq.org

This exploit targets a fairly ubiquitous flaw in DNS implementations which allow the insertion of malicious DNS records into the cache of the target nameserver. This exploit caches a single malicious nameserver entry into the target nameserver which replaces the legitimate nameservers for the target domain. By causing the target nameserver to query for random hostnames at the target domain, the attacker can spoof a response to the target server including an answer for the query, an authority server record, and an additional record for that server, causing target nameserver to insert the additional record into the cache. This insertion completely replaces the original nameserver records for the target domain.

tags | exploit, spoof
advisories | CVE-2008-1447
SHA-256 | 59998e85046f16a5c63dc45a0b65a8c3c0309d28215b39b9b32e8e980b05bf05
bailiwicked_host.rb.txt
Posted Jul 24, 2008
Authored by H D Moore, I)ruid | Site caughq.org

This exploit targets a fairly ubiquitous flaw in DNS implementations which allow the insertion of malicious DNS records into the cache of the target nameserver. This exploit caches a single malicious host entry into the target nameserver. By causing the target nameserver to query for random hostnames at the target domain, the attacker can spoof a response to the target server including an answer for the query, an authority server record, and an additional record for that server, causing target nameserver to insert the additional record into the cache.

tags | exploit, spoof
advisories | CVE-2008-1447
SHA-256 | 11e910b2fd7ce8685913d022a8c861ee68b58c8de15e6ff4788583be2137f4aa
CAU-EX-2008-0001.txt
Posted Apr 8, 2008
Authored by I)ruid | Site caughq.org

This Metasploit exploit module targets a weakness in the way the ypupdated RPC application uses the command shell when handling a MAP UPDATE request.

tags | exploit, shell
SHA-256 | 9508276a4fbb171eff7a9532f66f01f74e089238bc4b6dbb7429902506c0fd54
uninformed-vol9.tgz
Posted Jan 28, 2008
Authored by Matt Miller, warlord, I)ruid, Skywing, uninformed | Site uninformed.org

Uninformed is pleased to announce the release of its ninth volume. This volume includes 4 articles on reverse engineering and exploitation technology. These articles include - Engineering in Reverse: An Objective Analysis of the Lockdown Protection System for Battle.net. Exploitation Technology: ActiveX - Active Exploitation. Exploitation Technology: Context-keyed Payload Encoding. Exploitation Technology: Improving Software Security Analysis using Exploitation Properties.

tags | activex
SHA-256 | 23204c2fa4fa808fc62b756a27911c4c41e187e0ee04cf3d9b776e2b1c45f249
Computer Academic Underground Advisory 2006.1
Posted Nov 19, 2006
Authored by I)ruid, Computer Academic Underground, int3l | Site caughq.org

Myspace.com's navigation menu can be replaced with a malicious menu via CSS code in the attacker's profile.

tags | advisory
SHA-256 | a3b9d50ae789cce4e96929980808df6b3eace71418a5cdfe6a186d22f8dae2b8
Computer Academic Underground Advisory 2004.2
Posted Aug 24, 2004
Authored by I)ruid, Computer Academic Underground | Site caughq.org

imwheel version 1.0.0pre11 uses a predictably named PID file for management of multiple imwheel processes. A race condition exists when the -k command-line option is used to kill existing imwheel processes. This race condition may be used by a local user to Denial of Service another user using imwheel, lead to resource exhaustion of the host system, or append data to arbitrary files.

tags | advisory, denial of service, arbitrary, local
SHA-256 | f6ab085f417793a02d07c3de39249974381b31d162ecd131d00e5b53e4085e33
Page 1 of 1
Back1Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    25 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close