Twenty Year Anniversary
Showing 1 - 13 of 13 RSS Feed

Files from chr1x

Email addressprivate
Websitechr1x.sectester.net
First Active2009-09-29
Last Active2014-04-07
View User Profile
WinRAR Filename Spoofing
Posted Apr 7, 2014
Authored by chr1x, juan vazquez | Site metasploit.com

This Metasploit module abuses a filename spoofing vulnerability in WinRAR. The vulnerability exists when opening ZIP files. The file names showed in WinRAR when opening a ZIP file come from the central directory, but the file names used to extract and open contents come from the Local File Header. This inconsistency allows to spoof file names when opening ZIP files with WinRAR, which can be abused to execute arbitrary code, as exploited in the wild in March 2014.

tags | exploit, arbitrary, local, spoof
advisories | OSVDB-62610
MD5 | cafdd4f9d26e105df70ea3abd2dd23a0
DotDotPwn - The Directory Traversal Fuzzer 3.0
Posted Feb 11, 2012
Authored by nitr0us, chr1x

DotDotPwn is a very flexible intelligent fuzzer to discover directory traversal vulnerabilities in software such as Web/FTP/TFTP servers, Web platforms such as CMSs, ERPs,Blogs, etc. Also, it has a protocol-independent module to send the desired payload to the host and port specified. On the other hand, it also could be used in a scripting way using the STDOUT module.

Changes: Multiple new switches and encodings added.
tags | web, vulnerability, protocol, fuzzer
systems | unix
MD5 | 3843e851177812d4d3ff4b96ba6b5e4a
Fermitter Server FTP Directory Traversal
Posted Nov 8, 2010
Authored by chr1x

Fermitter FTP Server suffers from a directory traversal vulnerability.

tags | exploit, file inclusion
MD5 | 0dda2aea523e6ff567925f89b4846e33
DotDotPwn - The Directory Traversal Fuzzer 2.1
Posted Nov 2, 2010
Authored by nitr0us, chr1x

DotDotPwn is a very flexible intelligent fuzzer to discover directory traversal vulnerabilities in software such as Web/FTP/TFTP servers, Web platforms such as CMSs, ERPs,Blogs, etc. Also, it has a protocol-independent module to send the desired payload to the host and port specified. On the other hand, it also could be used in a scripting way using the STDOUT module.

tags | web, vulnerability, protocol, fuzzer
MD5 | 376c7c7edc5c0cebeae39d11ef744ef0
Home FTP Server 1.10.3 / 1.11.1 Directory Traversal
Posted Oct 29, 2010
Authored by chr1x

Home FTP Server versions 1.10.3 (build 144) and 1.11.1 (build 149) both suffer from a directory traversal vulnerability.

tags | exploit, file inclusion
MD5 | a873431ae17f48835410c655973b0fa4
TFTP Desktop 2.5 Directory Traversal
Posted Sep 1, 2010
Authored by chr1x

TFTP Desktop version 2.5 suffers from a directory traversal vulnerability.

tags | exploit, file inclusion
MD5 | 898e5d989da95c2440eeba3e54c34fc6
TFTPDWIN 0.4.2 Directory Traversal
Posted Sep 1, 2010
Authored by chr1x

TFTPDWIN version 0.4.2 suffers from a directory traversal vulnerability.

tags | exploit, file inclusion
MD5 | f656003b3289d7a806b0ae3a44cd7add
DotDotPwn Directory Traversal Scanner
Posted Aug 26, 2010
Authored by chr1x

DotDotPwn is a directory traversal scanner with a database of 871 payloads.

tags | tool, scanner
systems | unix
MD5 | ef26de7ba4e32f0d8cd6d03160e698d0
Wing FTP Server 3.4.3 Directory Traversal
Posted May 5, 2010
Authored by chr1x

Wing FTP Server version 3.4.3 suffers from a directory traversal vulnerability.

tags | exploit, file inclusion
MD5 | 99358932e8dd40a1785871446b318bae
VicFTP5 5.0 Directory Traversal
Posted May 5, 2010
Authored by chr1x

VicFTP5 version 5.0 suffers from a directory traversal vulnerability.

tags | exploit, file inclusion
MD5 | d591b05baa010f622e808377bbbc79d0
MultiThreaded HTTP Server 1.1 Directory Traversal
Posted Apr 20, 2010
Authored by chr1x

MultiThreaded HTTP Server version 1.1 suffers from a directory traversal vulnerability.

tags | exploit, web, file inclusion
MD5 | 993c978eeaa52e5213575d326db684a8
Embedthis Appweb 3.1.2 Denial Of Service
Posted Mar 16, 2010
Authored by chr1x

Embedthis Appweb version 3.1.2 remote denial of service exploit.

tags | exploit, remote, denial of service
MD5 | 21b1af26a52d6bc36668e826d80f52a0
WinRAR 3.80 Filename Spoofing
Posted Sep 29, 2009
Authored by chr1x

WinRAR version 3.80 suffers from a ZIP filename spoofing vulnerability.

tags | advisory, spoof
MD5 | 8acd312b18e011b742860a8201a4793c
Page 1 of 1
Back1Next

File Archive:

November 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    10 Files
  • 2
    Nov 2nd
    15 Files
  • 3
    Nov 3rd
    2 Files
  • 4
    Nov 4th
    2 Files
  • 5
    Nov 5th
    32 Files
  • 6
    Nov 6th
    27 Files
  • 7
    Nov 7th
    8 Files
  • 8
    Nov 8th
    9 Files
  • 9
    Nov 9th
    17 Files
  • 10
    Nov 10th
    2 Files
  • 11
    Nov 11th
    2 Files
  • 12
    Nov 12th
    33 Files
  • 13
    Nov 13th
    29 Files
  • 14
    Nov 14th
    23 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close