Exploit the possiblities
Showing 1 - 25 of 38 RSS Feed

Files from Piotr Bania

Email addressbania.piotr at gmail.com
First Active2005-03-22
Last Active2016-04-08
Apple Intel HD 3000 Graphics Driver 10.0.0 Privilege Escalation
Posted Apr 8, 2016
Authored by Piotr Bania, Cisco Talos

Apple Intel HD 3000 graphics driver version 10.0.0 suffers from a local privilege escalation vulnerability.

tags | exploit, local
systems | apple
advisories | CVE-2016-1743
MD5 | ad4d4766639445f4f89f542b24e09759
Securing The Kernel Via Static Binary Rewriting And Program Shepherding
Posted May 9, 2011
Authored by Piotr Bania

Whitepaper called Security the Kernel via Static binary Rewriting and Program Shepherding. -

tags | paper, kernel
MD5 | 22adf71f2de33aa77c98ceb1c592d5a0
JIT Spraying And Mitigations
Posted Sep 8, 2010
Authored by Piotr Bania

Whitepaper called JIT Spraying and Mitigations.

tags | paper
MD5 | f8c1bc46124a3121bae8455cacb38bf9
Security Mitigations For Return-Oriented Programming Attacks
Posted Aug 24, 2010
Authored by Piotr Bania

Whitepaper called Security Mitigations for Return-Oriented Programming Attacks.

tags | paper
MD5 | 967014e1fb1bc82e1243c56e2049da5a
Microsoft SRV2.SYS SMB Negotiate ProcessID Function Table Dereference
Posted Aug 17, 2010
Authored by Piotr Bania | Site piotrbania.com

Microsoft SRV2.SYS SMB negotiate ProcessID function table dereference exploit.

tags | exploit
MD5 | 8cba58cb68e1ea95df1c766612e2cf66
Evading Network-Level Emulation
Posted Jun 11, 2009
Authored by Piotr Bania | Site piotrbania.com

Whitepaper called Evading network-level emulation.

tags | paper
MD5 | bb07c56d03bfe2de76398463853fc273
Paper On Unpacking Malware
Posted May 27, 2009
Authored by Piotr Bania | Site piotrbania.com

Whitepaper called Generic Unpacking of Self-modifying, Aggressive, Packed Binary Programs.

tags | paper, virus
MD5 | 81a46edfe56293f98cd90b87ec31be2a
Dynamic Data Flow Analysis Via Virtual Code Integration
Posted May 19, 2009
Authored by Piotr Bania | Site piotrbania.com

Whitepaper called Dynamic Data Flow Analysis via Virtual Code Integration (aka The SpiderPig case).

tags | paper
MD5 | a55ed5e2cf789ab46dd5ae2da4480210
realplayer-heap-corruption-adv.txt
Posted Oct 26, 2007
Authored by Piotr Bania | Site piotrbania.com

RealNetworks RealPlayer/RealOne Player/Helix Player all suffer from a heap corruption vulnerability in the handling of specially crafted .mov files. Successful exploitation may lead to code execution.

tags | advisory, code execution
MD5 | e2ef19fcac9143f960d0e4730c0cc729
realplayer-memory-corruption-adv.txt
Posted Oct 26, 2007
Authored by Piotr Bania | Site piotrbania.com

RealNetworks RealPlayer/RealOne Player/Helix Player all suffer from a memory corruption vulnerability in the handling of specially crafted .mov files. Successful exploitation may lead to code execution.

tags | advisory, code execution
MD5 | d5f7cd811f442f4d147649a824c696fc
Zero Day Initiative Advisory 07-047
Posted Aug 15, 2007
Authored by Piotr Bania, Tipping Point | Site zerodayinitiative.com

A vulnerability allows attackers to execute arbitrary code on vulnerable installations of Microsoft Windows Media Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists while decompressing skin files (.WMZ and .WMD) with malformed headers. During this process the malformed values are used to improperly calculate data which can later allow an attacker to execute code under the rights of the current user.

tags | advisory, arbitrary
systems | windows
advisories | CVE-2007-3035
MD5 | 7c1d938cfe76e2cfb9b9a52fc4e8fcb3
Zero Day Initiative Advisory 07-046
Posted Aug 15, 2007
Authored by Piotr Bania, Tipping Point | Site zerodayinitiative.com

A vulnerability allows attackers to execute arbitrary code on vulnerable installations of Microsoft Windows Media Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists during the parsing of malformed skin files (WMZ). A size compressed / decompressed size mismatch can result in an under allocated heap buffer which can be leveraged by an attacker to eventually execute arbitrary code under the context of the current user.

tags | advisory, arbitrary
systems | windows
advisories | CVE-2007-3037
MD5 | 84f2d95dea182d5d542a792c2aad1a40
dis2.c
Posted Jun 7, 2007
Authored by Piotr Bania | Site piotrbania.com

Gaara virus disinfector type 2 for the TI-89.

tags | virus
MD5 | f98358c3bbe3ab69b253d4343904ac99
dis1.c
Posted Jun 7, 2007
Authored by Piotr Bania | Site piotrbania.com

Gaara virus disinfector type 1 for the TI-89.

tags | virus
MD5 | 14c04c934d383f4b5d40a6e0fc9df19d
ti89_gaara.asm.txt
Posted May 22, 2007
Authored by Piotr Bania | Site piotrbania.com

Gaara is world's first resident entry-point-obscuring virus for ti89 Titanium calculators. Written fully in Motorola 68K assembly. For educational purposes only.

tags | virus
MD5 | 107cc4ce090ac29830113f6be8fc6f4a
nullsoft-winamp-s3m_module-in_mod-adv.txt
Posted Apr 8, 2007
Authored by Piotr Bania | Site piotrbania.com

AOL Nullsoft Winamp S3M module IN_MOD.DLL suffers from a remote heap memory corruption vulnerability.

tags | advisory, remote
MD5 | 255bbdd6a6b0b0cafa2967cec1011802
nullsoft-winamp-it_module-in_mod-adv.txt
Posted Apr 8, 2007
Authored by Piotr Bania | Site piotrbania.com

AOL Nullsoft Winamp IT module IN_MOD.DLL suffers from a remote heap memory corruption vulnerability.

tags | advisory, remote
MD5 | a472984363a7ed6bc383af106aa1c4fd
nullsoft-winamp-libsndfile-adv.txt
Posted Apr 8, 2007
Authored by Piotr Bania | Site piotrbania.com

AOL Nullsoft Winamp version 5.33 suffers from a remote memory corruption vulnerability in LIBSNDFILE.DLL.

tags | advisory, remote
MD5 | 2d5749e582bfd73f65c0c4541b91b1ac
quicktime-heap-adv-7.1.txt
Posted Mar 8, 2007
Authored by Piotr Bania | Site piotrbania.com

Apple QuickTime player version 7.1 on Windows suffers from a remote heap overflow vulnerability.

tags | advisory, remote, overflow
systems | windows, apple
MD5 | 58c3fe48a3a30c9dd27f603a5b44c1b0
adobe-acrobat-adv.txt
Posted Jan 13, 2007
Authored by Piotr Bania | Site piotrbania.com

Adobe Reader versions 7.0.8 and below suffer from a remote heap memory corruption vulnerability.

tags | advisory, remote
advisories | CVE-2006-5857
MD5 | 1037cb02ed27fe35c586c2d03d97daa1
quicktime-integer-overflow-h264-adv-7.1.txt
Posted Sep 13, 2006
Authored by Piotr Bania | Site piotrbania.com

The Apple QuickTime Player H.264 Codec suffers from a remote integer overflow.

tags | advisory, remote, overflow
systems | apple
advisories | CVE-2006-4386
MD5 | be4755f793ca0997b90f064c26311a5f
kadu-fun.txt
Posted Feb 17, 2006
Authored by Piotr Bania | Site piotrbania.com

When Kadu receives large number of image send requests from an attacker it crashes. POC included.

tags | exploit
MD5 | dc00a0f29d5f803409a3e1183ba1680a
disit01A.zip
Posted Feb 2, 2006
Authored by Piotr Bania | Site piotrbania.com

Disit is a new open source disassembler engine.

systems | linux
MD5 | 27e20a6021807b4697c92d801b0567d6
quicktime-pict-adv.txt
Posted Nov 4, 2005
Authored by Piotr Bania | Site pb.specialised.info

Apple QuickTime PictureViewer is reported prone to remote memory overwrite vulnerability (exploitable via remotely originated content). Expansion of compressed PICT data could exceed the size of the destination buffer, this cause an memory overwrite. The vulnerability may lead to remote code execution when specially crafted picture file (PICT file) is being loaded. Software affected: QuickTime package 7.0.1 for Mac OS X 10.3, QuickTime package 7.0.1 for Mac OS X 10.4, QuickTime package 6.5.2 for Mac OS X 10.3, QuickTime package 6.5.2 for Mac OS X 10.2, QuickTime package 7x for Windows.

tags | advisory, remote, code execution
systems | windows, apple, osx
advisories | CVE-2005-2756
MD5 | b9e93bbe39bd79cdd794441f8de22a7a
quicktime-mov-dos-adv.txt
Posted Nov 4, 2005
Authored by Piotr Bania | Site pb.specialised.info

Apple QuickTime Player is reported prone to remote denial of service attack (exploitable via remotely originated content). A missing movie attribute is interpreted as an extension, but the absence of the extension is not flagged as an error, resulting in a de-reference of a NULL pointer. This will cause a denial of service against any application loading remotely-originated content. Software affected: QuickTime package 7.0.1 for Mac OS X 10.3, QuickTime package 7.0.1 for Mac OS X 10.4, QuickTime package 6.5.2 for Mac OS X 10.3, QuickTime package 6.5.2 for Mac OS X 10.2, QuickTime package 7x for Windows.

tags | advisory, remote, denial of service
systems | windows, apple, osx
advisories | CVE-2005-2755
MD5 | dbf7f3da1cbe4327e8bdad1bb062b127
Page 1 of 2
Back12Next

File Archive:

November 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    22 Files
  • 2
    Nov 2nd
    28 Files
  • 3
    Nov 3rd
    10 Files
  • 4
    Nov 4th
    1 Files
  • 5
    Nov 5th
    5 Files
  • 6
    Nov 6th
    15 Files
  • 7
    Nov 7th
    15 Files
  • 8
    Nov 8th
    13 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    9 Files
  • 11
    Nov 11th
    3 Files
  • 12
    Nov 12th
    2 Files
  • 13
    Nov 13th
    15 Files
  • 14
    Nov 14th
    17 Files
  • 15
    Nov 15th
    19 Files
  • 16
    Nov 16th
    15 Files
  • 17
    Nov 17th
    19 Files
  • 18
    Nov 18th
    4 Files
  • 19
    Nov 19th
    2 Files
  • 20
    Nov 20th
    9 Files
  • 21
    Nov 21st
    15 Files
  • 22
    Nov 22nd
    23 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close