exploit the possibilities
Showing 1 - 25 of 36 RSS Feed

Files from LMH

Email addresslmh at info-pull.com
First Active2006-10-27
Last Active2009-11-26
SHTTPD <= 1.34 URI-Encoded POST Request Overflow (win32)
Posted Nov 26, 2009
Authored by H D Moore, skOd, LMH | Site metasploit.com

This Metasploit module exploits a stack overflow in SHTTPD <= 1.34. The vulnerability is caused due to a boundary error within the handling of POST requests. Based on an original exploit by skOd but using a different method found by hdm.

tags | exploit, overflow
advisories | CVE-2006-5216
MD5 | b21fb21fbf2bc5aea9b40ebb37bd6696
wordpress-toolkit-gui.txt
Posted Sep 13, 2007
Authored by LMH | Site info-pull.com

Wordpress Pwnpress Exploitation Toolkit. Works on multiple versions. GUI version.

tags | exploit
MD5 | 18c66358575d49e3c24753de610a82b1
wordpress-toolkit.txt
Posted Sep 13, 2007
Authored by LMH | Site info-pull.com

Wordpress Pwnpress Exploitation Toolkit. Works on multiple versions.

tags | exploit
MD5 | f7bfd53ae883561b4be53475432bd30f
MOAB-29-01-2007.rb.txt
Posted Jan 31, 2007
Authored by LMH | Site projects.info-pull.com

Month of Apple Bugs - Apple iChat Bonjour functionality is affected by several remotely exploitable denial of service flaws which can be triggered via advertising presence services over multicast DNS. This is the denial of service proof of concept exploit.

tags | exploit, denial of service, proof of concept
systems | apple
MD5 | 3c46cb42934dba072146951e4a6e1324
MOAB-28-01-2007.rb.txt
Posted Jan 29, 2007
Authored by Kevin Finisterre, LMH | Site projects.info-pull.com

Month of Apple Bugs - crashdump follows symlinks within the /Library/Logs/CrashReporter/ directory, allowing admin-group users to execute arbitrary code and overwrite files with elevated privileges. In couple with a specially crafted Mach-O binary, this can be used to write a malicious crontab entry, which will run with root privileges. This ruby code demonstrates this vulnerability.

tags | exploit, arbitrary, root, ruby
systems | apple
advisories | CVE-2007-0467
MD5 | d2a1cdd08b0f39cc9d815a3572650b30
MOAB-27-01-2007.tgz
Posted Jan 29, 2007
Authored by Kevin Finisterre, LMH | Site projects.info-pull.com

Month of Apple Bugs - Flip4Mac fails to properly handle WMV files with a crafted ASF_File_Properties_Object size field, leading to an exploitable memory corruption condition, which can be abused remotely for arbitrary code execution. This tgz holds a malicious .wmv file that demonstrates this vulnerability.

tags | exploit, arbitrary, code execution
systems | apple
advisories | CVE-2007-0466
MD5 | 251f0955c2ec6f2f9ea3ea7160b05822
MOAB-25-01-2007.rb.txt
Posted Jan 27, 2007
Authored by LMH | Site projects.info-pull.com

Month of Apple Bugs - Ruby exploit that demonstrates how CFNetwork fails to handle certain HTTP responses properly, causing the _CFNetConnectionWillEnqueueRequests() function to dereference a NULL pointer, leading to a denial of service condition.

tags | exploit, web, denial of service, ruby
systems | apple
advisories | CVE-2007-0464
MD5 | d7a1cfb7ab5a8a173db599dc81d957de
MOAB-25-01-2007.c
Posted Jan 27, 2007
Authored by LMH | Site projects.info-pull.com

Month of Apple Bugs - C exploit that demonstrates how CFNetwork fails to handle certain HTTP responses properly, causing the _CFNetConnectionWillEnqueueRequests() function to dereference a NULL pointer, leading to a denial of service condition.

tags | exploit, web, denial of service
systems | apple
advisories | CVE-2007-0464
MD5 | ac9a8250d37eaab982f149693cdcbca0
MOAB-23-01-2007.pct
Posted Jan 24, 2007
Authored by LMH | Site projects.info-pull.com

Month of Apple Bugs - A vulnerability exists in the handling of ARGB records (Alpha RGB) within PICT images, that leads to an exploitable memory corruption condition. This is the proof of concept exploit in .pct format that demonstrates this vulnerability.

tags | exploit, proof of concept
systems | apple
advisories | CVE-2007-0462
MD5 | fcae7cb4702799a0830019747e1aba01
MOAB-22-01-2007.rb.txt
Posted Jan 24, 2007
Authored by Kevin Finisterre, LMH | Site projects.info-pull.com

Month of Apple Bugs - InputManager provided by the user. Code within the input manager will run under wheel privileges. In combination with diskutil and a wheel-writable setuid binary, this allows unprivileged users to gain root privileges. This is the proof of concept exploit that demonstrates this vulnerability.

tags | exploit, root, proof of concept
systems | apple
advisories | CVE-2007-0023
MD5 | 0822f8f385381a6dada4f24b194e032f
MOAB-21-01-2007.rb.txt
Posted Jan 24, 2007
Authored by Kevin Finisterre, LMH | Site projects.info-pull.com

Month of Apple Bugs - The preference panes setuid helper, writeconfig, makes use of a shell script which lacks of PATH sanitization, allowing users to execute arbitrary binaries under root privileges. This is the proof of concept exploit that demonstrates this vulnerability.

tags | exploit, arbitrary, shell, root, proof of concept
systems | apple
advisories | CVE-2007-0022
MD5 | c16f4b258d9bb1185318cdd04d6a3967
MOAB-20-01-2007.tgz
Posted Jan 24, 2007
Authored by Kevin Finisterre, LMH | Site projects.info-pull.com

Month of Apple Bugs - Apple iChat AIM URI scheme (referred as the 'url handler') handling is affected by a classic format string vulnerability, allowing remote users to cause a denial of service condition or arbitrary code execution. This is the proof of concept exploit that demonstrates this vulnerability.

tags | exploit, remote, denial of service, arbitrary, code execution, proof of concept
systems | apple
advisories | CVE-2007-0021
MD5 | 63c02efdb8962b52b3440ecb316ff35b
MOAB-19-01-2007.tgz
Posted Jan 24, 2007
Authored by Kevin Finisterre, LMH | Site projects.info-pull.com

Month of Apple Bugs - Transmit does not allocate enough space when dealing with the string passed on via the ftps:// URL handler, leading to an exploitable heap-based buffer overflow condition. This is the proof of concept exploit.

tags | exploit, overflow, proof of concept
systems | apple
advisories | CVE-2007-0020
MD5 | 7370fba31d7c89633f6e4ad90a5ccc4a
MOAB-18-01-2007.rb.txt
Posted Jan 20, 2007
Authored by Kevin Finisterre, LMH | Site projects.info-pull.com

Month of Apple Bugs - Proof of concept exploit rumpusd. rumpusd is vulnerable to different remotely exploitable heap-based buffer overflows, denial of service conditions and local privilege escalation issues.

tags | exploit, denial of service, overflow, local, proof of concept
systems | apple
advisories | CVE-2007-0019
MD5 | f346f828f0229f5d5c055f66c3cc0e16
MOAB-17-01-2007.rb.txt
Posted Jan 20, 2007
Authored by Kevin Finisterre, LMH | Site projects.info-pull.com

Month of Apple Bugs - Proof of concept exploit for slpd. slpd is vulnerable to a buffer overflow condition when processing the attr-list field of a registration request, leading to an exploitable denial of service condition and potential arbitrary execution. It would allow unprivileged local (and possibly remote) users to execute arbitrary code under root privileges.

tags | exploit, remote, denial of service, overflow, arbitrary, local, root, proof of concept
systems | apple
MD5 | 4e5ef169ae8d60a1ea2d97be091df8b0
MOAB-16-01-2007.rb.txt
Posted Jan 20, 2007
Authored by Kevin Finisterre, LMH | Site projects.info-pull.com

Month of Apple Bugs - Proof of concept exploit for Colloquy. Colloquy is vulnerable to a format string vulnerability in the handling of INVITE requests, that can be abused by remote users and requires no interaction at all, leading to a denial of service and potential arbitrary code execution.

tags | exploit, remote, denial of service, arbitrary, code execution, proof of concept
systems | apple
MD5 | cdd6c9e0e59a872c2790c1ee93429dcd
MOAB-15-01-2007.rb.txt
Posted Jan 20, 2007
Authored by LMH | Site projects.info-pull.com

Month of Apple Bugs - Proof of concept exploit for a local privilege escalation vulnerability on Mac OS X. Multiple binaries inside the /Applications directory tree are setuid root, but remain writable by users in the admin group (ex. first user by default in a non-server Mac OS X installation), allowing privilege escalation.

tags | exploit, local, root, proof of concept
systems | apple, osx
MD5 | 6762c468a26eb0f93504c63d879495d9
MOAB-14-01-2007.c
Posted Jan 20, 2007
Authored by LMH | Site projects.info-pull.com

Month of Apple Bugs - Proof of concept exploit for the _ATPsndrsp function. The _ATPsndrsp function is vulnerable to a heap-based buffer overflow condition, due to insufficient checking of user input. This leads to a denial of service condition and potential arbitrary code execution by unprivileged users.

tags | exploit, denial of service, overflow, arbitrary, code execution, proof of concept
systems | apple
advisories | CVE-2007-0236
MD5 | d8a22e613c075522ee7d1a0b3bdf1403
MOAB-13-01-2007.dmg.gz
Posted Jan 20, 2007
Authored by LMH | Site projects.info-pull.com

Month of Apple Bugs - This is a specially crafted HFS+ filesystem in a DMG image that can cause the do_hfs_truncate() function to panic the kernel (denial of service), when attempting to remove a file from the mounted filesystem. This issue can't lead to arbitrary code execution, although there's a significant risk of local HFS+ filesystems corruption.

tags | exploit, denial of service, arbitrary, kernel, local, code execution
systems | apple
advisories | CVE-2006-5482
MD5 | bfca8d4401098b7bcee7f1364f4cf014
MOAB-09-01-2007.dmg
Posted Jan 13, 2007
Authored by LMH | Site projects.info-pull.com

Month of Apple Bugs - Exploit for a vulnerability in Finder. Finder is affected by a memory corruption vulnerability, which leads to an exploitable denial of service condition and potential arbitrary code execution, that can be triggered by DMG images. One of two exploits.

tags | exploit, denial of service, arbitrary, code execution
systems | apple
MD5 | a6a5c160414d7278e288b1c921280d61
MOAB-09-01-2007.rb.txt
Posted Jan 13, 2007
Authored by LMH | Site projects.info-pull.com

Month of Apple Bugs - Exploit for a vulnerability in Finder. Finder is affected by a memory corruption vulnerability, which leads to an exploitable denial of service condition and potential arbitrary code execution, that can be triggered by DMG images. One of two exploits.

tags | exploit, denial of service, arbitrary, code execution
systems | apple
MD5 | 7c18ab0283bcd54f3690d40678de850b
exploit-of-the-apes.rb.txt
Posted Jan 13, 2007
Authored by LMH, Johnny Pwnerseed | Site projects.info-pull.com

Month of Apple Bugs - Exploit for the Application Enhancer (APE), which is affected by a local privilege escalation vulnerability that allows local users to gain root privileges.

tags | exploit, local, root
systems | apple
MD5 | ba29c0afc8360ed6c048e0ad74fcdca5
MOAB-07-01-2007.html
Posted Jan 13, 2007
Authored by Kevin Finisterre, LMH | Site projects.info-pull.com

Month of Apple Bugs - This HTML file is an exploit for OmniWeb. OmniWeb is affected by a format string vulnerability in the handling of Javascript alert() function, which could allow remote arbitrary code execution.

tags | exploit, remote, arbitrary, javascript, code execution
systems | apple
MD5 | 47bf65470e57cbcf70bc69bb1157e73f
MOAB-06-01-2007.pdf
Posted Jan 13, 2007
Authored by Kevin Finisterre, LMH | Site projects.info-pull.com

Month of Apple Bugs - Warning, this pdf is an exploit. The current PDF specification is affected by a design flaw, a rogue Pages entry or malicious catalog dictionary could cause a denial of service (memory corruption condition, memory leakage, etc) or potential arbitrary code execution in the reader application.

tags | exploit, denial of service, arbitrary, code execution, memory leak
systems | apple
MD5 | 525a1a163dab2a135fb38b6bf1510f4d
MOAB-05-01-2007_cron.rb.txt
Posted Jan 13, 2007
Authored by Kevin Finisterre, LMH | Site projects.info-pull.com

Month of Apple Bugs - Exploit for a vulnerability in the handling of BOM files by the DiskManagement/diskutil that allows the setting of rogue permissions on the filesystem. This can be used to execute arbitrary code and escalate privileges. One of two exploits.

tags | exploit, arbitrary
systems | apple
MD5 | 4bba5041b23f5ecfadda777f84452e81
Page 1 of 2
Back12Next

File Archive:

July 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    15 Files
  • 2
    Jul 2nd
    19 Files
  • 3
    Jul 3rd
    12 Files
  • 4
    Jul 4th
    1 Files
  • 5
    Jul 5th
    2 Files
  • 6
    Jul 6th
    25 Files
  • 7
    Jul 7th
    35 Files
  • 8
    Jul 8th
    4 Files
  • 9
    Jul 9th
    9 Files
  • 10
    Jul 10th
    7 Files
  • 11
    Jul 11th
    4 Files
  • 12
    Jul 12th
    4 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    0 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close