exploit the possibilities
Showing 1 - 17 of 17 RSS Feed

Files from Marcin Kozlowski

Email addressmarcinguy at yahoo.com
First Active2007-12-20
Last Active2022-01-12
Libstagefright Heap Out-Of-Bounds Write
Posted Jan 12, 2022
Authored by Marcin Kozlowski | Site github.com

Libstagefright, the media framework on Android, suffers from an out-of-bounds write vulnerability on the heap.

tags | exploit
advisories | CVE-2021-39623
MD5 | ffff8660f32b4b8c6d18f4ae57ace71b
Dr Checker 4 Linux
Posted Aug 31, 2021
Authored by Marcin Kozlowski | Site github.com

This is an LLVM based tool to audit Linux kernel module security using both pointer and taint analyses that are flow-sensitive, context-sensitive, and fieldsensitive on kernel drivers. It is port of Dr. Checker.

tags | tool, kernel
systems | linux, unix
MD5 | 1207ca19604c60c69efd0cbad94d69ce
TCMalloc Inspector Tool
Posted Nov 19, 2020
Authored by Marcin Kozlowski | Site github.com

TCMalloc is an inspection tool that lets you parse and inspect tcmalloc internals, and detect lost memory, meaning memory which is not reachable via any (internal) pointers.

tags | tool
systems | unix
MD5 | 5bfabbb583351d1bd58083c6bba6c75c
Bluetooth Impersonation Attack (BIAS) Proof Of Concept
Posted Jun 3, 2020
Authored by Marcin Kozlowski, francozappa

This archive holds Bluetooth Impersonation Attack (BIAS) CVE-2020-10135 proof of concept and reproduction research from multiple researchers.

tags | exploit, proof of concept
advisories | CVE-2020-10135
MD5 | a475ec6792f7dd27ad27b9595b77195a
jQuery html() Cross Site Scripting
Posted Apr 25, 2020
Authored by Marcin Kozlowski, Masato Kinugawa

jQuery versions prior to 3.5 suffer from an html() cross site scripting vulnerability.

tags | exploit, xss
MD5 | 1eb6f7c99d9e83fd3ae94efce8b462a1
pppd 2.4.8 Buffer Overflow
Posted Mar 9, 2020
Authored by Marcin Kozlowski

Proof of concept crash exploit for pppd versions 2.4.2 through 2.4.8. It leverages a rhostname buffer overflow in the eap_request and eap_response functions in eap.c.

tags | exploit, overflow, proof of concept
advisories | CVE-2020-8597
MD5 | 694ecff0fb2c7aa589655a4edc33f057
Android-Gif-Drawable Double-Free
Posted Nov 27, 2019
Authored by Marcin Kozlowski

A double free vulnerability in the DDGifSlurp function in decoding.c in libpl_droidsonroids_gif before 1.2.15, as used in WhatsApp for Android before 2.19.244, allows remote attackers to execute arbitrary code or cause a denial of service. CVE-2019-11932 is a vulnerability in the android-gif-drawable library. Yet the CVE text doesn't mention "android-gif-drawable". It only mentions WhatsApp. There could be over 28,400 free Android apps that use this library.

tags | advisory, remote, denial of service, arbitrary
advisories | CVE-2019-11932
MD5 | a6614c2514fa1b374a4aab6d0310003c
Android Binder Use-After-Free
Posted Oct 18, 2019
Authored by Marcin Kozlowski

These are notes on further exploitation of the Android Binder use-after-free vulnerability as noted in CVE-2019-2215 and leveraged against Kernel 3.4.x and 3.18.x on Samsung Devices using Samsung Android and LineageOS.

tags | exploit, kernel
advisories | CVE-2019-2215
MD5 | 615c42102bb321281534f993eefa6acb
Android VideoPlayer ihevcd_parse_pps Out-Of-Bounds Write
Posted Jul 15, 2019
Authored by Marcin Kozlowski

VideoPlayer on Android versions 7 through 9 suffer from an ihevcd_parse_pps out-of-bounds write vulnerability.

tags | exploit
advisories | CVE-2019-2107
MD5 | b6e2167ecafb748c6ed3b913f56c4e69
Dynamic Loader Oriented Programming - Wiederganger Proof Of Concept
Posted Dec 12, 2018
Authored by Marcin Kozlowski

This paper and proof of concept describes the Wiederganger-Attack, a new attack vector that reliably allows to escalate unbounded array access vulnerabilities occurring in specifically allocated memory regions to full code execution on programs running on i386/x86_64 Linux. Wiederganger-attacks abuse determinism in Linux ASLR implementation combined with the fact that (even with protection mechanisms such as relro and glibc's pointer mangling enabled) there exist easy-to-hijack, writable (function) pointers in application memory.

tags | exploit, vulnerability, code execution, proof of concept
systems | linux
MD5 | 9450ff4b4e1f182c2f3845ea9c3bdb86
LineageOS 14.1 Blueborne Remote Code Execution
Posted Apr 6, 2018
Authored by Marcin Kozlowski

LineageOS version 14.1 Blueborne suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2017-0781
MD5 | 90410d5586fb58a108784ae1818b9a2b
BlueBorne BlueTooth Buffer Overflow Proof Of Concept
Posted Sep 25, 2017
Authored by Marcin Kozlowski

BlueBorne BlueTooth buffer overflow proof of concept exploit that causes a denial of service vulnerability on Linux kernels prior to 4.13.1.

tags | exploit, denial of service, overflow, kernel, proof of concept
systems | linux
advisories | CVE-2017-1000251
MD5 | 8fe062e0b377bb75c70ddb9e02781792
Ntpd ntp-4.2.6p5 ctl_putdata() Buffer Overflow
Posted Feb 16, 2016
Authored by Marcin Kozlowski

Ntpd versions ntp-4.2.6p5 and below ctl_putdata() buffer overflow exploit.

tags | exploit, overflow
MD5 | cf5f515d92a7b19604afb18d863b1a15
Posted Jul 25, 2008
Authored by Marcin Kozlowski | Site powerfuzzer.sourceforge.net

Powerfuzzer is a highly automated web fuzzer based on many other Open Source fuzzers available (including cfuzzer, fuzzled, fuzzer.pl, jbrofuzz, webscarab, wapiti, Socket Fuzzer) and information gathered from numerous security resources and websites. It is capable of spidering a website and identifying inputs.

tags | web, fuzzer
MD5 | 396b2d6d7bff4882890ef159d826b641
Posted Jan 18, 2008
Authored by Marcin Kozlowski

Microsoft Windows Message Queueing Server RPC buffer overflow exploit that relates to MS07-065.

tags | exploit, overflow
systems | windows
MD5 | 2d7ee74e959b003854de19078715c9c8
Posted Jan 7, 2008
Authored by Marcin Kozlowski

Apache mod_rewrite escape_absolute_uri() off-by-one buffer overflow Metasploit exploit module. This affects Apache versions 1.3.28 through 1.3.36, 2.0.46 through 2.0.58, and 2.2.1 through 2.2.2.

tags | exploit, overflow
advisories | CVE-2006-3747
MD5 | e71e56d7bfd5e229f331137228932628
Posted Dec 20, 2007
Authored by Marcin Kozlowski

3Proxy versions below 0.5.3h remote buffer overflow exploit that takes advantage of a vulnerability in logurl().

tags | exploit, remote, overflow
MD5 | f58544734ccbcf2bf4fdd69d9386a5d2
Page 1 of 1

File Archive:

January 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    2 Files
  • 2
    Jan 2nd
    0 Files
  • 3
    Jan 3rd
    20 Files
  • 4
    Jan 4th
    4 Files
  • 5
    Jan 5th
    37 Files
  • 6
    Jan 6th
    20 Files
  • 7
    Jan 7th
    4 Files
  • 8
    Jan 8th
    0 Files
  • 9
    Jan 9th
    0 Files
  • 10
    Jan 10th
    18 Files
  • 11
    Jan 11th
    8 Files
  • 12
    Jan 12th
    19 Files
  • 13
    Jan 13th
    31 Files
  • 14
    Jan 14th
    2 Files
  • 15
    Jan 15th
    2 Files
  • 16
    Jan 16th
    2 Files
  • 17
    Jan 17th
    18 Files
  • 18
    Jan 18th
    13 Files
  • 19
    Jan 19th
    15 Files
  • 20
    Jan 20th
    29 Files
  • 21
    Jan 21st
    12 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    17 Files
  • 25
    Jan 25th
    34 Files
  • 26
    Jan 26th
    23 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2020 Packet Storm. All rights reserved.

Security Services
Hosting By