exploit the possibilities

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 21 of 21

Files from nitr0us

NeuroServer 0.7.4 Denial Of Service

Posted Aug 11, 2015

Authored by nitr0us

NeuroServer version 0.7.4 suffers from a remote denial of service vulnerability.

tags | exploit, remote, denial of service

SHA-256 | ae7a9b1978e25b76292356e560fc913019ece2f561906ed81d42f72200bd9068

Download | Favorite | View

OpenBSD 5.6 Kernel Panic

Posted Apr 21, 2015

Authored by nitr0us

Proof of concept exploit for OpenBSD versions 5.6 and below that causes a kernel panic in sys/uvm/uvm_map.c.

tags | exploit, kernel, proof of concept

systems | openbsd

SHA-256 | 85418d5d6e75f156c9e54a0e8d83c42c375ef65d5592db9ab51ada3a7746d9f6

Download | Favorite | View

MINIX 3.3.0 Denial Of Service

Posted Nov 18, 2014

Authored by nitr0us

MINIX versions 3.3.0 and below remote TCP/IP stack denial of service exploit that leverages a malformed TCP option.

tags | exploit, remote, denial of service, tcp

systems | minix

SHA-256 | 78ee0c01b3e508a77897e2ea4fdd9158a72765371532e2e44e2c9e95e2de9827

Download | Favorite | View

MINIX 3.3.0 Local Denial Of Service

Posted Nov 7, 2014

Authored by nitr0us

MINIX version 3.3.0 suffers from multiple local denial of service vulnerabilities.

tags | exploit, denial of service, local, vulnerability

systems | linux, minix

SHA-256 | 40086fc74c8599d4596dfbb864da460b250c6d49623833b63a455feef026b081

Download | Favorite | View

OpenBSD 5.5 Local Kernel Panic

Posted Oct 23, 2014

Authored by nitr0us

OpenBSD versions 5.5 and below local kernel panic proof of concept exploit for i386.

tags | exploit, kernel, local, proof of concept

systems | openbsd

SHA-256 | 4c958cff42a397da0e7fd1de737c29e8578e3c3d90dd8e62623fb389e271ae47

Download | Favorite | View

Melkor ELF Fuzzer 1.0

Posted Aug 19, 2014

Authored by nitr0us

Melkor is an ELF fuzzer that mutates the existing data in an ELF sample given to create orcs (malformed ELFs), however, it does not change values randomly (dumb fuzzing), instead, it fuzzes certain metadata with semi-valid values through the use of fuzzing rules (knowledge base). Written in C, Melkor is a very intuitive and easy-to-use fuzzer to find functional (and security) bugs in ELF parsers.

tags | tool, fuzzer

systems | unix

SHA-256 | dd37ddae34290ee552fdb5daee71e308b3ff192171694e83af256441719509d2

Download | Favorite | View

Coloured ELF File Dissector

Posted Apr 1, 2014

Authored by nitr0us

This code dissects the internal data structures in ELF files. It supports x86 and x86_64 archs and runs under Linux.

tags | tool, x86

systems | linux, unix

SHA-256 | f8636edd94e628d8a05706d8252fa410c215dd08dce94844785f2866ad7bbf50

Download | Favorite | View

Common Name Grabber Script

Posted Mar 4, 2013

Authored by nitr0us

This is a simple perl script that will scan a given IP range and extract the Common Name from all SSL certificates. It is useful for discovery during penetration tests.

tags | tool, perl

systems | unix

SHA-256 | 8bee3b0c0b06ba802a3816adb1b076af310701d747f2d5b5a2c0056512339dd9

Download | Favorite | View

GNU Debugger 7.5.1 NULL Pointer Dereference

Posted Dec 20, 2012

Authored by nitr0us

gdb (GNU debugger) versions 7.5.1 and below ELF anti-debugging / reversing patcher that causes a NULL pointer dereference to trigger.

tags | exploit

SHA-256 | 15210b5f30b75a27a8fe6e678bec4c924fc5aef2e3e9c1327f048ca3f2e13b9f

Download | Favorite | View

IDA Pro 6.3 ELF Anti-Debugging / Reversing Patcher

Posted Dec 19, 2012

Authored by nitr0us

IDA Pro 6.3 ELF anti-debugging / reversing patcher that causes a crash.

tags | exploit

SHA-256 | b621ceacd09444ff9fc01a41d5f4753069ac4eaac545eed53223b30f95090c1f

Download | Favorite | View

Happy B-Day HKM Shellcode

Posted Oct 19, 2012

Authored by nitr0us

50 bytes small novelty Happy B-day HKM shellcode.

tags | shellcode

SHA-256 | d3fd68cf8cf5f083dcba30cf495843ea1bdc136f3ec361aa1a4bb9fbd81c8bfa

Download | Favorite | View

Linux x86 rm -fr / Shellcode

Posted Jul 2, 2012

Authored by nitr0us

58 bytes small Linux/x86 rm -fr / shellcode.

tags | x86, shellcode

systems | linux

SHA-256 | f97ca9b35911145e544f8f2c9253eb7646968fcbab53346ae763b8c0513a2b5a

Download | Favorite | View

DotDotPwn - The Directory Traversal Fuzzer 3.0

Posted Feb 11, 2012

Authored by nitr0us, chr1x

DotDotPwn is a very flexible intelligent fuzzer to discover directory traversal vulnerabilities in software such as Web/FTP/TFTP servers, Web platforms such as CMSs, ERPs,Blogs, etc. Also, it has a protocol-independent module to send the desired payload to the host and port specified. On the other hand, it also could be used in a scripting way using the STDOUT module.

Changes: Multiple new switches and encodings added.

tags | web, vulnerability, protocol, fuzzer

systems | unix

SHA-256 | 7c954b9db834e02e36acbc4ebda32cfec3049f30d94668702004db28f42c7afe

Download | Favorite | View

Blue Coat Reporter 9.1.x / 9.2.x Directory Traversal

Posted Sep 22, 2011

Authored by nitr0us

Blue Coat Reporter versions 9.1.x and 9.2.x suffer from an unauthenticated directory traversal vulnerability.

tags | exploit, file inclusion

SHA-256 | c95584bb52b8fdac0511f9e7187ff91fb07dbb25ff55a569ad9a80cc33f03b75

Download | Favorite | View

DotDotPwn - The Directory Traversal Fuzzer 2.1

Posted Nov 2, 2010

Authored by nitr0us, chr1x

DotDotPwn is a very flexible intelligent fuzzer to discover directory traversal vulnerabilities in software such as Web/FTP/TFTP servers, Web platforms such as CMSs, ERPs,Blogs, etc. Also, it has a protocol-independent module to send the desired payload to the host and port specified. On the other hand, it also could be used in a scripting way using the STDOUT module.

tags | web, vulnerability, protocol, fuzzer

SHA-256 | dc08b1efa2acdffd376cece72189cb8862611ee023be690fd9a155d4b30878b6

Download | Favorite | View

Yaws 1.89 Directory Traversal

Posted Nov 2, 2010

Authored by nitr0us

Yaws version 1.89 suffers from directory traversal vulnerabilities.

tags | exploit, vulnerability, file inclusion

SHA-256 | 422ffd9928f2e9d3b034af951782e1779777b7f67b219e7d1e79832e022c92f0

Download | Favorite | View

Mongoose Web Server 2.11 Directory Traversal

Posted Nov 1, 2010

Authored by nitr0us

Mongoose Web Server version 2.11 suffers from directory traversal vulnerabilities.

tags | exploit, web, vulnerability, file inclusion

SHA-256 | 74af731d1e007a43282f6effec2953ff20250a69d95957c35ab69e40d51f7fcd

Download | Favorite | View

Trend Micro Data Loss Prevention 5.2 Data Leakage

Posted Jun 2, 2010

Authored by nitr0us

Trend Micro Data Loss Prevention version 5.2 suffers from a data leakage vulnerability.

tags | advisory

SHA-256 | 4f5ab127e23041435d6d53ee801402ea15cf4d953803bb39a87e4dc0789f0def

Download | Favorite | View

Cisco ACE XML Gateway 6.0 IP Disclosure

Posted Sep 26, 2009

Authored by nitr0us

Cisco ACE XML Gateway versions 6.0 and below suffer from an internal IP address disclosure.

tags | advisory, info disclosure

systems | cisco

SHA-256 | 10bcb1121c5acc6108bd14846e869fa5d909a554f39476024703a4b6603e3d13

Download | Favorite | View

neotracepro-overflow.txt

Posted Jul 10, 2007

Authored by nitr0us

NeoTracePro version 3.25 ActiveC TraceTarger() remote buffer overflow exploit.

tags | exploit, remote, overflow

SHA-256 | 11d3f30745554bc47b955ab0c7601ddc908689f79b7a829efcc671e96a905865

Download | Favorite | View

knock-out.tar.gz

Posted Dec 7, 2006

Authored by nitr0us

Knock-Out is a remote administration tool using port-knocking techniques. It supports both UDP and TCP transmission and is customizable. It allows both bind ports and reverse shells. Note that all documentation, etc, is written in Spanish.

tags | tool, remote, shell, udp, scanner, tcp

systems | unix

SHA-256 | fdb438413d035a837a56b80605b9f9120afc5fd8327492f7ba22953c2b66b386

Download | Favorite | View