Showing 1 - 13 of 13

Files from chr1x

WinRAR Filename Spoofing: Posted Apr 7, 2014; Authored by chr1x, juan vazquez | Site metasploit.com; This Metasploit module abuses a filename spoofing vulnerability in WinRAR. The vulnerability exists when opening ZIP files. The file names showed in WinRAR when opening a ZIP file come from the central directory, but the file names used to extract and open contents come from the Local File Header. This inconsistency allows to spoof file names when opening ZIP files with WinRAR, which can be abused to execute arbitrary code, as exploited in the wild in March 2014.; tags | exploit, arbitrary, local, spoof; advisories | OSVDB-62610; SHA-256 | 77adfa4fa0e23c97becb1de4580cf456d6594ca7beef63394258815f48627e38; Download | Favorite | View

DotDotPwn - The Directory Traversal Fuzzer 3.0: Posted Feb 11, 2012; Authored by nitr0us, chr1x; DotDotPwn is a very flexible intelligent fuzzer to discover directory traversal vulnerabilities in software such as Web/FTP/TFTP servers, Web platforms such as CMSs, ERPs,Blogs, etc. Also, it has a protocol-independent module to send the desired payload to the host and port specified. On the other hand, it also could be used in a scripting way using the STDOUT module.; Changes: Multiple new switches and encodings added.; tags | web, vulnerability, protocol, fuzzer; systems | unix; SHA-256 | 7c954b9db834e02e36acbc4ebda32cfec3049f30d94668702004db28f42c7afe; Download | Favorite | View

Fermitter Server FTP Directory Traversal: Posted Nov 8, 2010; Authored by chr1x; Fermitter FTP Server suffers from a directory traversal vulnerability.; tags | exploit, file inclusion; SHA-256 | 970132c5b10ed122fd864cc7c3e29e404e1caf4476593f359daff81c5e0cb58e; Download | Favorite | View

DotDotPwn - The Directory Traversal Fuzzer 2.1: Posted Nov 2, 2010; Authored by nitr0us, chr1x; DotDotPwn is a very flexible intelligent fuzzer to discover directory traversal vulnerabilities in software such as Web/FTP/TFTP servers, Web platforms such as CMSs, ERPs,Blogs, etc. Also, it has a protocol-independent module to send the desired payload to the host and port specified. On the other hand, it also could be used in a scripting way using the STDOUT module.; tags | web, vulnerability, protocol, fuzzer; SHA-256 | dc08b1efa2acdffd376cece72189cb8862611ee023be690fd9a155d4b30878b6; Download | Favorite | View

Home FTP Server 1.10.3 / 1.11.1 Directory Traversal: Posted Oct 29, 2010; Authored by chr1x; Home FTP Server versions 1.10.3 (build 144) and 1.11.1 (build 149) both suffer from a directory traversal vulnerability.; tags | exploit, file inclusion; SHA-256 | 9d81ecb61b5e435a53bf11a418f751e73163b649c341f2fb52a0397841218a0e; Download | Favorite | View

TFTP Desktop 2.5 Directory Traversal: Posted Sep 1, 2010; Authored by chr1x; TFTP Desktop version 2.5 suffers from a directory traversal vulnerability.; tags | exploit, file inclusion; SHA-256 | 0fba52121f139f361783100a4e7602e6739c3d372cec5c7ce4e052c5324029fe; Download | Favorite | View

TFTPDWIN 0.4.2 Directory Traversal: Posted Sep 1, 2010; Authored by chr1x; TFTPDWIN version 0.4.2 suffers from a directory traversal vulnerability.; tags | exploit, file inclusion; SHA-256 | 6b25596cb5f2b7dc11c07f6c696f52e039cebe0da74ac55862020b1ad4889478; Download | Favorite | View

DotDotPwn Directory Traversal Scanner: Posted Aug 26, 2010; Authored by chr1x; DotDotPwn is a directory traversal scanner with a database of 871 payloads.; tags | tool, scanner; systems | unix; SHA-256 | 47254c2549152775e87ea36f793d29f7720b1e9b4c205f3487f8926af4a921b3; Download | Favorite | View

Wing FTP Server 3.4.3 Directory Traversal: Posted May 5, 2010; Authored by chr1x; Wing FTP Server version 3.4.3 suffers from a directory traversal vulnerability.; tags | exploit, file inclusion; SHA-256 | d7fb4ac82e2b9d3473faa005fc39eebb2473b9c4233535710d7434aa884e0454; Download | Favorite | View

VicFTP5 5.0 Directory Traversal: Posted May 5, 2010; Authored by chr1x; VicFTP5 version 5.0 suffers from a directory traversal vulnerability.; tags | exploit, file inclusion; SHA-256 | fed412cbab1d8cdc8d497dd77ac6ce03a95a17847a8bcd4a895d7407275c24bf; Download | Favorite | View

MultiThreaded HTTP Server 1.1 Directory Traversal: Posted Apr 20, 2010; Authored by chr1x; MultiThreaded HTTP Server version 1.1 suffers from a directory traversal vulnerability.; tags | exploit, web, file inclusion; SHA-256 | 9dbf62deaca4914b270f6ad4441fc332589f96ae1e08adb1bc7d678f3824bff1; Download | Favorite | View

Embedthis Appweb 3.1.2 Denial Of Service: Posted Mar 16, 2010; Authored by chr1x; Embedthis Appweb version 3.1.2 remote denial of service exploit.; tags | exploit, remote, denial of service; SHA-256 | ba154d0b11a211b6d23de88823245b3b47942976389c8e0fba1e257a275ff35d; Download | Favorite | View

WinRAR 3.80 Filename Spoofing: Posted Sep 29, 2009; Authored by chr1x; WinRAR version 3.80 suffers from a ZIP filename spoofing vulnerability.; tags | advisory, spoof; SHA-256 | 4880f2bb7f9786ba0a35c233213dc63a64301bccc3f90b77bbd582104b13228f; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days