Exploit the possiblities
Showing 1 - 25 of 25 RSS Feed

Files from Marshall Whittaker

Email addressprivate
First Active2006-04-29
Last Active2017-10-26
View User Profile
Ansvif 1.8.1
Posted Oct 26, 2017
Authored by Marshall Whittaker | Site oxagast.github.io

Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.

Changes: Bug fixes and a new option to let you control if null characters are in the fuzz.
tags | tool, fuzzer
systems | unix
MD5 | 958bee7b83ae584ad404b7efaa9635ac
Ansvif 1.8
Posted Sep 12, 2017
Authored by Marshall Whittaker | Site oxagast.github.io

Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.

Changes: This release includes some touchups to the main ansvif code, better crash detection under linux, as well as a primary new feature: the frontend to ansvif.
tags | tool, fuzzer
systems | unix
MD5 | 1ab718b21b637249541d3d518f0641e9
Ansvif 1.7
Posted Apr 13, 2017
Authored by Marshall Whittaker | Site oxagast.github.io

Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.

Changes: This release marks easier compiling on most modern operating systems including Windows 7, Windows 10, Linux (Redhat and Debian based distros), and OpenBSD. It may compile/work on other operating systems but has not been tested. This is mostly a source code release with lots of code cleanup, and no new features.
tags | tool, fuzzer
systems | unix
MD5 | 477bcf4f4f8b5e2294e46d20f0d9f8d1
Ansvif 1.6.2
Posted Feb 25, 2017
Authored by Marshall Whittaker | Site oxagast.github.io

Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.

Changes: This release has lots of code cleanup, bug fixes, and includes a -y or -b 0 option for zero buffer size (useful with -A and -B when in use with other fuzzers), and a -K option to keep going after a crash (usually only useful when logging).
tags | tool, fuzzer
systems | unix
MD5 | cfa6a5023498f09090cfd480c310b8cd
Ansvif 1.6.1
Posted Nov 21, 2016
Authored by Marshall Whittaker | Site oxagast.github.io

Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.

Changes: This release includes a -M option for maximum arguments in the fuzz, as well as algorithmic control of ansvif fuzz testing (so that if it has already tried a particular fuzz it will not try it again, this speeds things up quite a bit).
tags | tool, fuzzer
systems | unix
MD5 | a1a9d5a417b5bbb3a4def98bfad33802
Ansvif 1.6
Posted Oct 2, 2016
Authored by Marshall Whittaker | Site oxagast.github.io

Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.

Changes: This release includes lots of bug fixes, and better Windows compatibility. Now there is no need for the extra .dll files in the Windows version.
tags | tool, fuzzer
systems | unix
MD5 | 78574201a60bed0e73d23ea05e7aa536
Ansvif 1.5.2
Posted Jun 21, 2016
Authored by Marshall Whittaker | Site oxagast.github.io

Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.

Changes: This release includes a bunch of bug fixes, and manual pages. No changes to the Windows code.
tags | tool, fuzzer
systems | unix
MD5 | e15781fd3ff2b6b54ffcf1146ecd200f
Ansvif 1.5.1
Posted Jun 2, 2016
Authored by Marshall Whittaker | Site oxagast.github.io

Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.

Changes: This release includes drafted manpages for ansvif and find_suid, plus binaries rebuilt on Debian Jessie for i386 and amd64. No changes to the Windows release were made.
tags | tool, fuzzer
systems | unix
MD5 | 9d8599991090441a912825ec5a91e7c0
Ansvif 1.5
Posted May 19, 2016
Authored by Marshall Whittaker | Site oxagast.github.io

Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.

Changes: This release includes new ways to crash programs using things like 1, -1, 0, x00 (null), etc. Also included are some minor bug fixes. It also includes binaries for most supported operating systems, Debian/Ubuntu 32 and 64 bit, Windows 10 32 and 64 bit.
tags | tool, fuzzer
systems | unix
MD5 | 07c83eab59174ada29de7b82d096a64f
Ansvif 1.4.2
Posted May 2, 2016
Authored by Marshall Whittaker | Site oxagast.github.io

Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.

Changes: This release includes bug fixes, more crash code detection for Windows, and better overall crash recognition.
tags | tool, fuzzer
systems | unix
MD5 | f1424cb108c0d4a01cd5f49c2993b8af
Ansvif 1.4.1
Posted Apr 26, 2016
Authored by Marshall Whittaker | Site oxagast.github.io

Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.

Changes: This release includes XML output support, the crash detection under Windows has been fixed, and is tested and working in Ubuntu, Windows, and OpenBSD.
tags | tool, fuzzer
systems | unix
MD5 | c77ebf6b44d2c7d120de72faa2765817
Ansvif 1.4
Posted Apr 18, 2016
Authored by Marshall Whittaker | Site oxagast.github.io

Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.

Changes: Various updates.
tags | tool, fuzzer
systems | unix
MD5 | bd1ec5f8001ded882c1ee5421e5cce84
Ansvif 1.3.4
Posted Apr 2, 2016
Authored by Marshall Whittaker | Site oxagast.github.io

Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.

Changes: This release includes % hex notation for fuzzing things like browsers that accept %41 (A), etc.
tags | tool, fuzzer
systems | unix
MD5 | e807932ecec741401b428e495b254044
AOL Instant Messenger 8.0.1.5 Binary Planting
Posted Jul 8, 2013
Authored by Marshall Whittaker

AOL Instant Messenger versions 8.0.1.5 and below suffer from a binary file planting vulnerability.

tags | exploit
systems | windows
MD5 | 13056739581434413b3e0a06ff6eb9c3
Perl CGI Shell
Posted Oct 15, 2011
Authored by Marshall Whittaker

This is a Perl CGI backdoor that provides shell-like capability.

tags | tool, shell, cgi, perl, rootkit
systems | unix
MD5 | e09fcae11cb6f6b92baca45b082449ce
GKrellM2 System Monitor Plugin Local Exploit
Posted Jul 20, 2010
Authored by Marshall Whittaker

GKrellM2 System Monitor Plugin local proof of concept exploit that spawns a shell on tcp/6666.

tags | exploit, shell, local, tcp, proof of concept
MD5 | 45cf633dccfcdb742412c24ea501ae5d
iOffice 0.1 Remote Command Execution
Posted Jul 18, 2010
Authored by Marshall Whittaker

iOffice version 0.1 suffers from a remote command execution vulnerability.

tags | exploit, remote
MD5 | 85d9631aceb81c8323a0fbd825b22bbc
Miyabi CGI Tools Input Validation
Posted Jun 30, 2010
Authored by Marshall Whittaker

Miyabi CGI Tools suffers from an input validation vulnerability that allows for command execution.

tags | exploit, cgi
MD5 | ee9151c8647b7387472af60f455a7332
Perl Pipe Exploitation Testing Tool
Posted Jun 23, 2010
Authored by Marshall Whittaker

This is a simple script that attempts to check if a CGI script suffers from an input validation command execution vulnerability.

tags | tool, cgi, scanner
systems | unix
MD5 | 4565cae26f669dd9f83e682845410bf1
Fjallfoss.fcc.gov Cross Site Scripting
Posted May 25, 2010
Authored by Marshall Whittaker

Fjallfoss.fcc.gov suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | e6a6b7b9302456ff7632ab268e46dd77
MAPDAV - More Accurate Password Dictionary Attack Vector 1.0p5
Posted Oct 2, 2009
Authored by Marshall Whittaker | Site mapdav.sourceforge.net

MAPDAV, or the More Accurate Password Dictionary Attack Vector, is designed to use what is known about a user or users (ex, username, first name, middle name, last name, etc) on a unix/linux system from a /etc/passwd file and tries to come up with probable combinations that could be the user's password. An administrator could run the output through a cracker and see if their user's passwords are anything easy to guess.

Changes: Now has THC-Hydra colon separated value support.
tags | cracker
systems | linux, unix
MD5 | 1a3e4c524ba399e0e52cddb3ee090949
Wachovia Bank Cross Site Scripting
Posted Sep 1, 2009
Authored by Marshall Whittaker

Wachovia Bank suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | d814035da3d97aa7170bff3dfb030b62
MAPDAV - More Accurate Password Dictionary Attack Vector
Posted Jun 26, 2009
Authored by Marshall Whittaker | Site mapdav.sourceforge.net

MAPDAV, or the More Accurate Password Dictionary Attack Vector, is designed to use what is known about a user or users (ex, username, first name, middle name, last name, etc) on a unix/linux system from a /etc/passwd file and tries to come up with probable combinations that could be the user's password. An administrator could run the output through a cracker and see if their user's passwords are anything easy to guess.

tags | cracker
systems | linux, unix
MD5 | 11438dc5dff244650bcdbdc5069918a2
nmapstripper-1.3.1.tar.gz
Posted Sep 30, 2007
Authored by Marshall Whittaker | Site fluxnet.no-ip.org

Nmap Log Stripper is a Bash script intended to be a way to condense all, or some, of the IPs of a "random" (-iR) Nmap scan into a file for later usage. Common uses are to be able to feed the file back into nmap with the -iL switch, or feeding it into another port or vulnerability scanner of your choice. Stripper supports stripping the Nmap log of all but the IPs of hosts running a certain service, a version of a service, or even an arbitrary banner, and writing them to a file.

Changes: Various fixes including the removal of a backdoor.
tags | tool, arbitrary, nmap, bash
systems | unix
MD5 | 4be0eeb3d5c5dd7da75ebeedf2d020f6
nmapstripper-1.2.tar.gz
Posted Apr 29, 2006
Authored by Marshall Whittaker | Site fluxnet.no-ip.org

Nmap Log Stripper is a Bash script intended to be a way to condense all, or some, of the IPs of a "random" (-iR) Nmap scan into a file for later usage. Common uses are to be able to feed the file back into nmap with the -iL switch, or feeding it into another port or vulnerability scanner of your choice. Stripper supports stripping the Nmap log of all but the IPs of hosts running a certain service, a version of a service, or even an arbitrary banner, and writing them to a file.

Changes: version 1.2
tags | tool, arbitrary, nmap, bash
systems | unix
MD5 | db232b775589a87dbf6fd38b3756f274
Page 1 of 1
Back1Next

File Archive:

November 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    22 Files
  • 2
    Nov 2nd
    28 Files
  • 3
    Nov 3rd
    10 Files
  • 4
    Nov 4th
    1 Files
  • 5
    Nov 5th
    5 Files
  • 6
    Nov 6th
    15 Files
  • 7
    Nov 7th
    15 Files
  • 8
    Nov 8th
    13 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    9 Files
  • 11
    Nov 11th
    3 Files
  • 12
    Nov 12th
    2 Files
  • 13
    Nov 13th
    15 Files
  • 14
    Nov 14th
    17 Files
  • 15
    Nov 15th
    19 Files
  • 16
    Nov 16th
    15 Files
  • 17
    Nov 17th
    19 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close