Twenty Year Anniversary
Showing 1 - 25 of 104 RSS Feed

Files from Todor Donev

Real NameTodor Donev
Email addresstodor.donev at gmail.com
Websiteethical-hacker.org
First Active2009-02-04
Last Active2018-07-07
View User Profile

Personal Background

Bulgarian security researcher, an independent security consultant and cyber threats analyst. Deputy Chair at International Cybersecurity Association.


Linux Awk To Perl Translator Buffer Overflow
Posted Jul 7, 2018
Authored by Todor Donev

Linux Awk to Perl (/usr/bin/a2p) suffers from a buffer overflow vulnerability.

tags | exploit, overflow, perl
systems | linux
MD5 | 5f941b7a5f120e4ea63ce6593fdf699a
Opencart 3.0.2.0 google_sitemap Remote Denial Of Service
Posted Jun 21, 2018
Authored by Todor Donev

Opencart versions 3.0.2.0 and below suffer from a google_sitemap remote denial of service vulnerability.

tags | exploit, remote, denial of service
MD5 | 7973225bf48d28a9d07972a7550c13c5
Facebook Graph OpenSearch Phone Number Metadata Crosswalk Mapping
Posted May 29, 2018
Authored by Todor Donev

Facebook Graph OpenSearch Phone Number metadata crosswalk mapping proof of concept exploit.

tags | exploit, proof of concept
MD5 | 5d3f5aa88d0b9164f01130597da46fc2
Facebook Graph Groups Crosswalk User Metadata Mapping Weakness
Posted Apr 19, 2018
Authored by Todor Donev

Facebook Graph groups crosswalk user's metadata mapping weakness demo proof of concept script.

tags | exploit, proof of concept
MD5 | cedc3e5b3dddf3d9c0b7c2ff3cd164ac
Facebook Graph Phone Number Metadata Crosswalk Mapping Proof Of Concept
Posted Apr 17, 2018
Authored by Todor Donev

This script is a proof of concept that lets you map out data from the Facebook Graph using a phone number.

tags | exploit, proof of concept
MD5 | 28accc5166d1544ceb05391fe341eb61
Facebook Graph Metadata Crosswalk Mapping Proof Of Concept
Posted Apr 17, 2018
Authored by Todor Donev

This script is a proof of concept that lets you map out data from the Facebook Graph.

tags | exploit, proof of concept
MD5 | ebd6f3ff9190c14f3543fce6a999a667
XOR File Encryption / Decryption
Posted Apr 10, 2018
Authored by Todor Donev

Script to perform basic XOR file encryption / decryption.

tags | tool, cracker
MD5 | 6d819a15e2f76aff3b5ae44bea5b8f22
SSH/SSL RSA Private Key Passphrase Dictionary Enumerator
Posted Apr 9, 2018
Authored by Todor Donev

This is a script to perform SSH/SSL RSA private key passphrase enumeration with a dictionary attack.

tags | tool, cracker
MD5 | a7800e5b746d5a13f5f887936bcbc785
RSA Factorization Attack Using Fermat's Algorithm
Posted Apr 5, 2018
Authored by Todor Donev

Script that performs RSA factorization attack using Fermat's algorithm.

tags | tool, cracker
MD5 | 1c37da73d3f7d27402cfcfb57295c95c
RC4 Simple FILE Encryption / Decryption
Posted Apr 5, 2018
Authored by Todor Donev

Simple script to perform RC4 encryption / decryption.

tags | tool, cracker
MD5 | 3a863b0b5164e05fa847e501c5eb915f
KeePass Simple Dictionary Password Enumerator
Posted Apr 4, 2018
Authored by Todor Donev

This is a simple perl script to perform dictionary attacks against the KeePass password manager.

tags | cracker, perl
MD5 | e2e787dabb8d179b58974a368b36d65f
Secutech RiS-11/RiS-22/RiS-33 5.07.52_es_FRI01 Remote DNS Changer
Posted Apr 2, 2018
Authored by Todor Donev

Secutech RiS-11/RiS-22/RiS-33 version 5.07.52_es_FRI01 remote DNS changer proof of concept exploit.

tags | exploit, remote, proof of concept
MD5 | b9610e5f8f43db01a247cd469065591e
glibc LD_AUDIT libmemusage.so RHEL-Based Arbitrary DSO Load Privilege Escalation
Posted Mar 30, 2018
Authored by Marco Ivaldi, Tavis Ormandy, Todor Donev, zx2c4, Brendan Coles | Site metasploit.com

This Metasploit module attempts to gain root privileges on Linux systems by abusing a vulnerability in the GNU C Library (glibc) dynamic linker with libmemusage.so library.

tags | exploit, root
systems | linux
advisories | CVE-2010-3847, CVE-2010-3856
MD5 | 82d002207d92e79c81d147d0cbc73594
Tenda FH303/A300 5.07.68_EN Remote DNS Changer
Posted Mar 30, 2018
Authored by Todor Donev

Tenda FH303/A300 with firmware version 5.07.68_EN cookie session weakness remote DNS changer proof of concept exploit.

tags | exploit, remote, proof of concept
MD5 | 2504ce8b0547c837ca7b83ab9b96f1e2
Tenda W3002R/A302/w309r Wireless Router 5.07.64_en DNS Changer
Posted Mar 30, 2018
Authored by Todor Donev

Tenda W3002R/A302/w309r wireless router version 5.07.64_en cookie session weakness remote DNS changer proof of concept exploit.

tags | exploit, remote, proof of concept
MD5 | fd6792545074adf74f37ff87b030925f
Tenda W316R Wireless Router 5.07.50 Remote DNS Changer
Posted Mar 30, 2018
Authored by Todor Donev

Tenda W316R wireless router version 5.07.50 cookie session weakness remote DNS changer proof of concept exploit.

tags | exploit, remote, proof of concept
MD5 | 64f928c7e3bf05e3ba5142d01cabff91
Tenda W308R V2 Wireless Router 5.07.48 DNS Changer
Posted Mar 29, 2018
Authored by Todor Donev

Tenda W308R V2 wireless router version 5.07.48 remote DNS changer proof of concept exploit.

tags | exploit, remote, proof of concept
MD5 | 78c72a9c8bc7ea5d1b1ada749accd592
Tenda N11 Wireless Router 5.07.43_en_NEX01 Remote DNS Changer
Posted Mar 27, 2018
Authored by Todor Donev

Tenda N11 wireless router version 5.07.43_en_NEX01 cookie session weakness remote dns change proof of concept exploit.

tags | exploit, remote, proof of concept
MD5 | cd4a8237b225bec1f095381ac7b0117d
glibc LD_AUDIT Arbitrary DSO Load Privilege Escalation
Posted Feb 10, 2018
Authored by Marco Ivaldi, Tavis Ormandy, Todor Donev, zx2c4, Brendan Coles | Site metasploit.com

This Metasploit module attempts to gain root privileges on Linux systems by abusing a vulnerability in the GNU C Library (glibc) dynamic linker. glibc ld.so in versions before 2.11.3, and 2.12.x before 2.12.2 does not properly restrict use of the LD_AUDIT environment variable when loading setuid executables. This allows loading arbitrary shared objects from the trusted library search path with the privileges of the suid user. This Metasploit module uses LD_AUDIT to load the libpcprofile.so shared object, distributed with some versions of glibc, and leverages arbitrary file creation functionality in the library constructor to write a root-owned world-writable file to a system trusted search path (usually /lib). The file is then overwritten with a shared object then loaded with LD_AUDIT resulting in arbitrary code execution. This Metasploit module has been tested successfully on glibc version 2.11.1 on Ubuntu 10.04 x86_64 and version 2.7 on Debian 5.0.4 i386. RHEL 5 is reportedly affected, but untested. Some glibc distributions do not contain the libpcprofile.so library required for successful exploitation.

tags | exploit, arbitrary, root, code execution
systems | linux, debian, ubuntu
advisories | CVE-2010-3847, CVE-2010-3856
MD5 | 2bf9e1106acf9e1f0a7b618fe7f2da3f
D-Link DSL-2640R Unauthenticated Remote DNS Changer
Posted Jan 16, 2018
Authored by Todor Donev

D-Link DSL-2640R unauthenticated remote DNS changing exploit.

tags | exploit, remote
MD5 | 960281695d209020856919aa5a842336
DNS/DNSSEC RR Stub Resolver Denial Of Service
Posted Jul 10, 2017
Authored by Todor Donev

DNS/DNSSEC RR stub resolvers amplification distributed denial of service exploit.

tags | exploit, denial of service
MD5 | 0dcc402c9b94f66a14d0a3fd9f69f56b
IoT mDNS/DNS-SD QM Amplification Distributed Denial Of Service
Posted Jul 5, 2017
Authored by Todor Donev

IoT mDNS/DNS-SD QM amplification distributed denial of service exploit.

tags | exploit, denial of service
MD5 | ac90410a7587c90900ab4cd9931a32ab
rpcinfo Portmap DUMP Call Amplification Distributed Denial Of Service
Posted Jul 5, 2017
Authored by Todor Donev

rpcinfo portmap DUMP call amplification distributed denial of service exploit.

tags | exploit, denial of service
MD5 | 7aecb7302e5513d6fb9ec619f90ed3a6
D-Link ADSL DSL-2640B SEA_1.01 Unauthenticated Remote DNS Changer
Posted Jun 20, 2017
Authored by Todor Donev

D-Link ADSL DSL-2640B SEA_1.01 remote dns changer exploit.

tags | exploit, remote
MD5 | 42bf229f831e70ca320881f824bb980c
Beetel BCM96338 ADSL Router Unauthenticated Remote DNS Changer
Posted Jun 18, 2017
Authored by Todor Donev

Beetel BCM96338 ADSL Router remote dns changer exploit.

tags | exploit, remote
MD5 | 2e02687e30079b52d3b80fe47e0ca4c5
Page 1 of 5
Back12345Next

File Archive:

December 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    11 Files
  • 2
    Dec 2nd
    1 Files
  • 3
    Dec 3rd
    18 Files
  • 4
    Dec 4th
    40 Files
  • 5
    Dec 5th
    16 Files
  • 6
    Dec 6th
    50 Files
  • 7
    Dec 7th
    12 Files
  • 8
    Dec 8th
    1 Files
  • 9
    Dec 9th
    1 Files
  • 10
    Dec 10th
    15 Files
  • 11
    Dec 11th
    24 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close