Exploit the possiblities
Showing 1 - 9 of 9 RSS Feed

Files from Dan Kaminsky

Email addressdan at doxpara.com
First Active1999-08-17
Last Active2010-11-16
Phreebird DNSSEC Proxy 1.02
Posted Nov 16, 2010
Authored by Dan Kaminsky

Phreebird is a DNSSEC proxy that operates in front of an existing DNS server (such as BIND, Unbound, PowerDNS, Microsoft DNS, or QIP) and supplements its records with DNSSEC responses. Features of Phreebird include automatic key generation, realtime record signing, support for arbitrary responses, zero configuration, NSEC3 "White Lies", caching and rate limiting to deter DoS attacks, and experimental support for both Coarse Time over DNS and HTTP Virtual Channels. The suite also contains a large amount of sample code, including support for federated identity over OpenSSH. Finally, "Phreeload" enhances existing OpenSSL applications with DNSSEC support.

tags | tool, web, arbitrary
systems | unix
MD5 | 13afe1a7aa6ab753275c0b5289b6a8bc
Mozilla NSS NULL Character CA SSL Certificate Bypass
Posted Nov 17, 2009
Authored by Dan Kaminsky | Site doxpara.com

Mozilla NSS NULL character CA SSL certificate validation security bypass vulnerability.

tags | exploit, bypass
MD5 | 3a02a4eed8006d3a2834913dde03f727
Mozilla Firefox Remote Command Execution
Posted Sep 11, 2009
Authored by Dan Kaminsky | Site doxpara.com

Mozilla Firefox versions up through 3.0.13 suffer from an arbitrary command execution vulnerability due to the pkcs11.addmodule function.

tags | exploit, arbitrary
MD5 | 2676a9f8501c41fc246aceeafdea7a92
libspf2-parsing.txt
Posted Oct 23, 2008
Authored by Dan Kaminsky | Site ioactive.com

DNS TXT record parsing in LibSPF2 suffers from a memory corruption vulnerability. Heap overflow exploit included for reproduction purposes.

tags | exploit, overflow
MD5 | 480c18dde5e57166e2d350956e56f893
stripwire-1.1.tar.gz
Posted Dec 7, 2004
Authored by Dan Kaminsky | Site doxpara.com

Stripwire is a tool which demonstrates vulnerabilities in md5 checks described in this paper. Contains a perl script which proves that if md5(x) == md5(y), then md5(x+q) == md5(y+q) (assuming length(x) and length(y) are 0 mod 64, and q is any arbitrary data). This is true because once two blocks converge upon the same hash, the nature of them being different has thereafter been lost.

tags | paper, arbitrary, perl, vulnerability
MD5 | aa5a1a01f2f6e05656fff5d5304c59b2
md5_someday.pdf
Posted Dec 7, 2004
Authored by Dan Kaminsky | Site doxpara.com

Collision vulnerabilities in MD5 Checksums - It is possible to create different executables which have the same md5 hash. The attacks remain limited, for now. The attack allows blocks in the checksumm'd file to be swapped out for other blocks without changing the final hash. This is an excellent vector for malicious developers to get unsafe code past a group of auditors, perhaps to acquire a required third party signature. Alternatively, build tools themselves could be compromised to embed safe versions of dangerous payloads in each build. A tool to demonstrate these vulnerabilities is available here.

tags | paper, vulnerability
MD5 | 5e1605409d78efd92cdce0d11489010b
paketto-1.10.tar.gz
Posted Dec 24, 2002
Authored by Dan Kaminsky | Site doxpara.com

Paketto Keiretsu v1.10 implements many of the techniques described in recent here.

Changes: Now has OpenBSD and Solaris support. A new Distco mode actively discovers the distance to remote hosts by analyzing the TTL in returned TCP RST packets. Libnet was patched to pack its variables. Traceroute hopcount determination was improved.
systems | unix
MD5 | 7fd82af09a6493f24c8681f7bbf03898
paketto-1.0.tar.gz
Posted Nov 19, 2002
Authored by Dan Kaminsky | Site doxpara.com

Paketto Keiretsu v1.0 implements many of the techniques described in recent here.

systems | unix
MD5 | f974f9f115a422c4ddff73fb1e98269c
tcp_chorusing.html
Posted Aug 17, 1999
Authored by Dan Kaminsky

TCP Chorusing in the Windows 9x TCP/IP Stack - Flaws in the Windows 9x TCP/IP Stack can lead to Denial of Service attacks - this issue is not new, but the problems described by Dan Kaminsky in this article are.

tags | exploit, denial of service, tcp
systems | windows, 9x
MD5 | ffd495391bd83e8e47526540373e0024
Page 1 of 1
Back1Next

File Archive:

November 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    22 Files
  • 2
    Nov 2nd
    28 Files
  • 3
    Nov 3rd
    10 Files
  • 4
    Nov 4th
    1 Files
  • 5
    Nov 5th
    5 Files
  • 6
    Nov 6th
    15 Files
  • 7
    Nov 7th
    15 Files
  • 8
    Nov 8th
    13 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    9 Files
  • 11
    Nov 11th
    3 Files
  • 12
    Nov 12th
    2 Files
  • 13
    Nov 13th
    15 Files
  • 14
    Nov 14th
    17 Files
  • 15
    Nov 15th
    19 Files
  • 16
    Nov 16th
    15 Files
  • 17
    Nov 17th
    19 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close