exploit the possibilities
Showing 1 - 25 of 27 RSS Feed

Files from Alexey Sintsov

Email addressdookie at inbox.ru
First Active2009-09-24
Last Active2011-11-30
IBM Lotus Domino Authentication Bypass
Posted Nov 30, 2011
Authored by Alexey Sintsov

IBM Lotus Domino versions 8.5.3 and 8.5.2 FP3 suffer from an authentication bypass vulnerability.

tags | exploit, bypass
advisories | CVE-2011-1519
MD5 | 76b18fd33ff899004aa14ab654d4beff
VMware Update Manager Directory Traversal
Posted Nov 21, 2011
Authored by Alexey Sintsov

VMware Update Manager versions 4.1 prior to update 2 suffer from a directory traversal vulnerability.

tags | exploit
advisories | CVE-2011-4404
MD5 | 3746eacef97d8c176609cb45f2f081e7
SAP NetWeaver ABAP Authorization Bypass / SMBRelay
Posted Nov 17, 2011
Authored by Alexey Sintsov

SAP NetWeaver ABAP suffers from authorization bypass, directory traversal, and SMBRelay vulnerabilities.

tags | advisory, vulnerability
MD5 | 924b503d275cb8007ae227956880e44d
DNS Reverse Download And Execute Shellcode
Posted May 27, 2011
Authored by Alexey Sintsov

This shellcode downloads and executes a file via a reverse DNS channel.

tags | shellcode
MD5 | 94f6df6c86f6e075d6eba043c9064915
Kaspersky Administration Kit Design Flaw
Posted Apr 25, 2011
Authored by Alexey Sintsov

The Service account used for the Kaspersky Administration Kit and its functionality allow for attacks on other hosts in the network.

tags | advisory
MD5 | 7fdb267ed2678f40bd7ebbee99b6db81
SAP GUI DLL Hijacking
Posted Mar 16, 2011
Authored by Sh2kerr, Alexey Sintsov

SAP Front End applications (SAPGui.exe) are vulnerable to DLL hijacking attacks allowing for remote code execution.

tags | advisory, remote, code execution
MD5 | 6b0a642a34a1ae77436a86bf00292bf2
SAP NetWeaver BSP Logon Page Cross Site Scripting
Posted Mar 14, 2011
Authored by Alexey Sintsov

SAP NetWeaver BSP suffers from a cross site scripting vulnerability via the logon page.

tags | advisory, xss
MD5 | aa03c302ad712f0de0bcb0ee4b46dfd8
Progress OpenEdge Enterprise RDBMS 10.2A Bypass
Posted Jan 25, 2011
Authored by Sh2kerr, Alexey Sintsov, Alexey Troshichev | Site dsecrg.com

Progress OpenEdge Enterprise RDBMS version 10.2A has some vulnerabilities that make it possible to enumerate UserID and bypass authentication.

tags | advisory, vulnerability
MD5 | 76ffa9c759047ceaeb2141ffe42c5431
Oracle Document Capture Insecure READ Method
Posted Jan 25, 2011
Authored by Sh2kerr, Alexey Sintsov | Site dsecrg.com

EasyMail ActiveX Control (emsmtp.dll) that included into Oracle Document Capture distrib can be used to read any file in target system. The vulnerable method is "ImportBodyText()".

tags | exploit, activex
advisories | CVE-2010-3595
MD5 | 2879def13c8d9eff941ac956ad0d6b85
SAP XRFC 6.40 / 7.00 Stack Overflow
Posted Nov 17, 2010
Authored by Alexey Sintsov

SAP XRFC version 6.40 and 7.00 suffers from a stack overflow vulnerability.

tags | advisory, overflow
MD5 | 667eaa5ad8953aaa39aa3f3bc7805f15
Safari JS JITed Shellcode
Posted Jul 7, 2010
Authored by Alexey Sintsov | Site dsecrg.com

Safari JavaScript JIT shellcode and spray for ASLR / DEP bypass on Win32.

tags | javascript, shellcode
systems | windows
MD5 | 63640503e6ee30eeb9ffcaa839e4b539
IBM BladeCenter Management Module Cross Site Scripting / Directory Traversal
Posted Jul 6, 2010
Authored by Alexey Sintsov | Site dsecrg.com

The IBM BladeCenter Management module suffers from cross site scripting and directory traversal vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 5da843bbe42c1abfa28b6102567b638b
Safari 4.0.5 Memory Corruption Exploit
Posted May 18, 2010
Authored by Alexey Sintsov

Safari version 4.0.5 parent.close() memory corruption exploit with ASLR and DEP bypass.

tags | exploit
MD5 | 7682bfcda76de91c029fbccfe9347982
VMware Portal 3.1 Cross Site Scripting
Posted May 14, 2010
Authored by Alexey Sintsov

VMware View Portal versions 3.1 and below suffer from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2010-1143
MD5 | 3fc218e6b65892b0fdceee2c8038598d
ProSSHD 1.2 Remote Post-Auth Exploit
Posted May 3, 2010
Authored by Alexey Sintsov

ProSSHD version 1.2 remote post-authentication exploit with ASLR and DEP bypass.

tags | exploit, remote
MD5 | 03d2843b77832c04e6a5bad95667f53b
BladeCenter AMM Denial Of Service
Posted Apr 16, 2010
Authored by Alexey Sintsov

The IBM BladeCenter Management module suffers from a denial of service vulnerability.

tags | exploit, denial of service
MD5 | 380f7ca4856e2f8a4b39f6f6dfe2e682
VMware Remote Console Format String
Posted Apr 14, 2010
Authored by Alexey Sintsov | Site dsecrg.com

VMware Remote Console Plug-in can be installed from WEB interface of VMware vSphere. This software contains of ActiveX objects and executable files for remote console of guest OS. VMrc vulnerable to format string attacks. Exploitation of this issue may lead to arbitrary code execution on the system where VMrc is installed.

tags | advisory, remote, web, arbitrary, code execution, activex
advisories | CVE-2009-3732
MD5 | 086438aad57475ec11043229c4ec0935
JITed Egg-Hunter Stage-0 Universal Shellcode
Posted Mar 28, 2010
Authored by Alexey Sintsov

JITed egg-hunter stage-0 universal shellcode for XP/Vista/Win7.

tags | shellcode
MD5 | eeb45a6f5dde55ac4a3dd5ccff61b9d3
jitedegg-shellcode.txt
Posted Mar 24, 2010
Authored by Alexey Sintsov

JITed egg-hunter stage-0 shellcode (permanent DEP bypass).

tags | shellcode
MD5 | 082a390a59eb6658a03bb24daee76924
SAP GUI 7.1 Insecure Method
Posted Mar 23, 2010
Authored by Alexey Sintsov

An insecure method vulnerability was discovered in SAP GUI version 7.1.

tags | advisory
MD5 | 13030044a24e94ec61e5937729ca26ef
JITed Exec Notepad Shellcode
Posted Mar 8, 2010
Authored by Alexey Sintsov

JITed exec notepad shellcode.

tags | shellcode
MD5 | b15fa36a2f9128b2f690400ae91f85a5
JITed Stage-0 Shellcode
Posted Mar 8, 2010
Authored by Alexey Sintsov

JITed Stage-0 Shellcode. This JIT shellcode finds VirtualProtect, restores the address of the shellcode, makes mem exec and jumps to it.

tags | shellcode
MD5 | 0d7fb99e6c6d84c075b2d24543bc6ae4
Writing JIT-Spray Shellcode For Fun And Profit
Posted Mar 8, 2010
Authored by Alexey Sintsov | Site dsecrg.com

Whitepaper called Writing JIT-Spray Shellcode For Fun And Profit.

tags | paper, shellcode
MD5 | 2b22c0c79fdfac6d6ec759fe2a2845be
Oracle Document Capture Buffer Overflow JIT-Spray
Posted Mar 8, 2010
Authored by Alexey Sintsov | Site dsecrg.com

Oracle Document Capture (EasyMail Objects EMSMTP.DLL version 6.0.1) Active-X control buffer overflow JIT-Spray exploit.

tags | exploit, overflow, activex
MD5 | 2deece0e4a04e5d2d2964754202e5dfa
SAP GUI 7.10 WebViewer 3D Active-X JIT-Spray
Posted Mar 8, 2010
Authored by Alexey Sintsov | Site dsecrg.com

SAP GUI version 7.10 WebViewer3D Active-X JIT-Spray exploit.

tags | exploit, activex
MD5 | ecdcfd44aa28996e595d1ad2416aaf39
Page 1 of 2
Back12Next

File Archive:

July 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    34 Files
  • 2
    Jul 2nd
    15 Files
  • 3
    Jul 3rd
    9 Files
  • 4
    Jul 4th
    8 Files
  • 5
    Jul 5th
    2 Files
  • 6
    Jul 6th
    3 Files
  • 7
    Jul 7th
    1 Files
  • 8
    Jul 8th
    15 Files
  • 9
    Jul 9th
    15 Files
  • 10
    Jul 10th
    20 Files
  • 11
    Jul 11th
    17 Files
  • 12
    Jul 12th
    15 Files
  • 13
    Jul 13th
    2 Files
  • 14
    Jul 14th
    1 Files
  • 15
    Jul 15th
    20 Files
  • 16
    Jul 16th
    27 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close