Exploit the possiblities
Showing 1 - 25 of 130 RSS Feed

Files from shinnai

Email addressshinnai at autistici.org
First Active2007-01-24
Last Active2017-07-27
Friends In War Make Or Break 1.7 Password Change
Posted Jul 27, 2017
Authored by shinnai

Friends in War Make or Break version 1.7 suffers from an unauthenticated administrative password change vulnerability.

tags | exploit
MD5 | 5427bf457a29587ce1e95a733a7678a5
UCanCode Remote Code Execution / Denial Of Service
Posted Nov 24, 2016
Authored by shinnai

UCanCode has active-x vulnerabilities which allow for remote code execution and denial of service attacks.

tags | exploit, remote, denial of service, vulnerability, code execution, activex
MD5 | a65bb98b56e177de39cb68a5ca7eaebb
Aloaha PDF Crypter 3.5.0.1164 File Overwrite
Posted Jan 24, 2013
Authored by shinnai | Site shinnai.altervista.org

Aloaha PDF Crypter version 3.5.0.1164 suffers from an active-x arbitrary file overwrite vulnerability.

tags | exploit, arbitrary, activex
MD5 | 888300add9c3236f7e878d81c2eec418
Aladdin Knowledge System Ltd ChooseFilePath Buffer Overflow
Posted Nov 1, 2012
Authored by shinnai, sinn3r, b33f, juan vazquez | Site metasploit.com

This Metasploit module exploits a vulnerability found in Aladdin Knowledge System's ActiveX component. By supplying a long string of data to the ChooseFilePath() function, a buffer overflow occurs, which may result in remote code execution under the context of the user.

tags | exploit, remote, overflow, code execution, activex
advisories | OSVDB-86723
MD5 | 40789844caa3e2d6a9f865696f2155f6
Aladdin Knowledge System Ltd. Active-X Buffer Overflow
Posted Oct 26, 2012
Authored by shinnai | Site shinnai.altervista.org

The Aladdin Knowledge System Ltd. PrivAgent active-x control version 2.0 suffers from buffer overflow and insecure file download vulnerabilities. Buffer overflow proof of concept included.

tags | exploit, overflow, vulnerability, activex, proof of concept
MD5 | 422a11e6eb6e42315f69e8973c8a4ef6
LibreOffice 3.5.3 FileOpen Crash
Posted May 28, 2012
Authored by shinnai | Site shinnai.altervista.org

LibreOffice version 3.5.3 suffers from a FileOpen crash denial of service condition when handling rtf files.

tags | exploit, denial of service
MD5 | 6e2a43b86334292c772715be0771a584
BeyondCHM 1.1 Buffer Overflow
Posted Apr 24, 2012
Authored by shinnai | Site shinnai.altervista.org

BeyondCHM version 1.1 suffers from a buffer overflow vulnerability when handling a specially crafted chm file. Proof of concept included.

tags | exploit, overflow, proof of concept
systems | linux
MD5 | 34685c0f1589495d901a6187bb5dac85
Mobipocket Reader 6.2 Build 608 Buffer Overflow
Posted Apr 23, 2012
Authored by shinnai | Site shinnai.altervista.org

Mobipocket Reader version 6.2 build 608 suffers from a buffer overflow vulnerability. Proof of concept included.

tags | exploit, overflow, proof of concept
MD5 | c965a12afc749d35e50648de2a8b0d3f
SumatraPDF 2.0.1 Memory Corruption
Posted Apr 23, 2012
Authored by shinnai | Site shinnai.altervista.org

SumatraPDF version 2.0.1 suffers from chm and mobi file memory corruption vulnerabilities. Proof of concept included.

tags | exploit, vulnerability, proof of concept
systems | linux
MD5 | d1240f9e28eeb1f159902d452dfed57d
LibreOffice 3.5.2.2 Memory Corruption
Posted Apr 18, 2012
Authored by shinnai | Site shinnai.altervista.org

LibreOffice version 3.5.2.2 suffers from a soffice.exe\soffice.bin memory corruption vulnerability when handling a malformed RTF file. This is a proof of concept exploit.

tags | exploit, proof of concept
MD5 | 7053d8f0483bacdf0019c43ec1e53220
PeerBlock 1.1 Denial Of Service
Posted Feb 10, 2012
Authored by shinnai

PeerBlock version 1.1 blue screen of death denial of service exploit.

tags | exploit, denial of service
MD5 | 19a9d1731d104571f3bab23500b62440
Viscom Software Movie Player Pro SDK Activex 6.8 Buffer Overflow
Posted Nov 20, 2011
Authored by shinnai, mr_me, TecR0c | Site metasploit.com

Stack-based buffer overflow in the MOVIEPLAYER.MoviePlayerCtrl.1 ActiveX control in MoviePlayer.ocx 6.8.0.0 in Viscom Software Movie Player Pro SDK ActiveX 6.8 allows remote attackers to execute arbitrary code via a long strFontName parameter to the DrawText method. The victim will first be required to trust the publisher Viscom Software. This Metasploit module has been designed to bypass DEP and ASLR under XP IE8, Vista and Win7 with Java support.

tags | exploit, java, remote, overflow, arbitrary, activex
advisories | CVE-2010-0356, OSVDB-61634
MD5 | ac5ee43cfc0509841b6c9a26de949d06
Black Ice Cover Page ActiveX Control Arbitrary File Download
Posted Jun 21, 2011
Authored by shinnai, mr_me, sinn3r | Site metasploit.com

This Metasploit module allows remote attackers to place arbitrary files on a users file system by abusing the "DownloadImageFileURL" method in the Black Ice BIImgFrm.ocx ActiveX Control (BIImgFrm.ocx 12.0.0.0). Code execution can be achieved by first uploading the payload to the remote machine, and then upload another mof file, which enables Windows Management Instrumentation service to execute the binary. Please note that this module currently only works for Windows before Vista. Also, a similar issue is reported in BIDIB.ocx (10.9.3.0) within the Barcode SDK.

tags | exploit, remote, arbitrary, code execution, activex
systems | windows
advisories | CVE-2008-2683, OSVDB-46007
MD5 | 095fce93622507998eeccf7f97bcb568
Haihaisoft PDF Reader Buffer Overflow
Posted Jul 17, 2010
Authored by shinnai

Haihaisoft PDF Reader with OCX control version 1.1.2.0 suffers from a remote buffer overflow vulnerability.

tags | exploit, remote, overflow
MD5 | 1143781c492509aaa54392191231be99
Yahoo CD Player Overflow
Posted Apr 20, 2010
Authored by shinnai

Yahoo! CD Player (YoPlyCd.dll) remote stack overflow exploit.

tags | exploit, remote, overflow
MD5 | cba2d78cfdd3f1a035cbb127d80fd01e
Viscom Movie Player Pro SDK 6.8 Buffer Overflow
Posted Apr 20, 2010
Authored by shinnai

Viscom Software Movie Player Pro SDK version 6.8 suffers from an Active-X related buffer overflow vulnerability.

tags | exploit, overflow, activex
MD5 | 55cad41a9c859bc0c50159d63d504564
Chilkat Crypt ActiveX WriteFile Unsafe Method
Posted Mar 5, 2010
Authored by shinnai, jduck | Site metasploit.com

This Metasploit module allows attackers to execute code via the 'WriteFile' unsafe method of Chilkat Software Inc's Crypt ActiveX control. This exploit is based on shinnai's exploit that uses an hcp:// protocol URI to execute our payload immediately. However, this method requires that the victim user be browsing with Administrator. Additionally, this method will not work on newer versions of Windows. NOTE: This vulnerability is still unpatched. The latest version of Chilkat Crypt at the time of this writing includes ChilkatCrypt2.DLL version 4.4.4.0.

tags | exploit, protocol, activex
systems | windows
advisories | CVE-2008-5002
MD5 | f3b162c328a7f7e6484b72aabd8fb52e
Ultra Shareware Office Control ActiveX HttpUpload Buffer Overflow
Posted Mar 5, 2010
Authored by shinnai, jduck | Site metasploit.com

This Metasploit module exploits a stack-based buffer overflow in Ultra Shareware's Office Control. When processing the 'HttpUpload' method, the arguments are concatenated together to form a command line to run a bundled version of cURL. If the command fails to run, a stack-based buffer overflow occurs when building the error message. This is due to the use of sprintf() without proper bounds checking. NOTE: Due to input restrictions, this exploit uses a heap-spray to get the payload into memory unmodified.

tags | exploit, overflow
advisories | CVE-2008-3878
MD5 | aefc32154c02bb9668cd3b779b48f669
AwingSoft Winds3D Player SceneURL Buffer Overflow
Posted Dec 31, 2009
Authored by shinnai, Trancer, jduck | Site metasploit.com

This Metasploit module exploits a data segment buffer overflow within Winds3D Viewer of AwingSoft Awakening 3.x (WindsPly.ocx v3.6.0.0). This ActiveX is a plugin of AwingSoft Web3D Player. By setting an overly long value to the 'SceneURL' property, an attacker can overrun a buffer and execute arbitrary code.

tags | exploit, overflow, arbitrary, activex
MD5 | 6977698db9b53be800c84623cf31a3e0
HaiHaiSoft Universal Player Buffer Overflow
Posted Dec 2, 2009
Authored by shinnai | Site shinnai.altervista.org

HaiHaiSoft Universal Player version 1.4.8.0 suffers from buffer overflow vulnerability.

tags | exploit, overflow
MD5 | d009dbaeeae47129f451c6b4276050a1
AwingSoft Web3D Player Buffer Overflow
Posted Jul 13, 2009
Authored by shinnai | Site shinnai.altervista.org

AwingSoft Web3D Player using WindsPly.ocx versions 3.5.0.0 and below suffer from a remote buffer overflow vulnerability in SceneURL().

tags | exploit, remote, overflow
MD5 | 5bfc5135f6abcdc19b3b73c34c9d6509
Zervit 0.4 Traversal / Memory Corruption
Posted May 13, 2009
Authored by shinnai, e.wiZz! | Site shinnai.altervista.org

Zervit webserver version 0.4 directory traversal and memory corruption proof of concept exploit.

tags | exploit, proof of concept, file inclusion
MD5 | 89249d0718d5b5848d880a83ad871351
Java SE Runtime Environment Denial Of Service
Posted May 13, 2009
Authored by shinnai | Site shinnai.altervista.org

Java SE Runtime Environment resource consumption exploit.

tags | exploit, java, denial of service
MD5 | bad898b73e19deb96f64d46fe7ac596c
Quick N Easay Mail Server 3.3 Denial Of Service
Posted May 5, 2009
Authored by shinnai | Site shinnai.altervista.org

Quick 'N Easy Mail Server version 3.3 remote denial of service exploit.

tags | exploit, remote, denial of service
MD5 | 76de621ff2abc11b2339f5c503777a02
Norton Ghost Support Module Denial Of Service
Posted Apr 23, 2009
Authored by shinnai | Site shinnai.altervista.org

Norton Ghost Support module for EasySetup wizard suffers from a remote denial of service vulnerability.

tags | exploit, remote, denial of service
MD5 | 8b0d59b36fb5e49ef8469aaf9d862d53
Page 1 of 6
Back12345Next

File Archive:

December 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    15 Files
  • 2
    Dec 2nd
    2 Files
  • 3
    Dec 3rd
    1 Files
  • 4
    Dec 4th
    15 Files
  • 5
    Dec 5th
    15 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    17 Files
  • 8
    Dec 8th
    15 Files
  • 9
    Dec 9th
    13 Files
  • 10
    Dec 10th
    4 Files
  • 11
    Dec 11th
    41 Files
  • 12
    Dec 12th
    44 Files
  • 13
    Dec 13th
    25 Files
  • 14
    Dec 14th
    10 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close