Exploit the possiblities
Showing 1 - 13 of 13 RSS Feed

Files from chr1x

Email addressprivate
Websitechr1x.sectester.net
First Active2009-09-29
Last Active2014-04-07
View User Profile
WinRAR Filename Spoofing
Posted Apr 7, 2014
Authored by chr1x, juan vazquez | Site metasploit.com

This Metasploit module abuses a filename spoofing vulnerability in WinRAR. The vulnerability exists when opening ZIP files. The file names showed in WinRAR when opening a ZIP file come from the central directory, but the file names used to extract and open contents come from the Local File Header. This inconsistency allows to spoof file names when opening ZIP files with WinRAR, which can be abused to execute arbitrary code, as exploited in the wild in March 2014.

tags | exploit, arbitrary, local, spoof
advisories | OSVDB-62610
MD5 | cafdd4f9d26e105df70ea3abd2dd23a0
DotDotPwn - The Directory Traversal Fuzzer 3.0
Posted Feb 11, 2012
Authored by nitr0us, chr1x

DotDotPwn is a very flexible intelligent fuzzer to discover directory traversal vulnerabilities in software such as Web/FTP/TFTP servers, Web platforms such as CMSs, ERPs,Blogs, etc. Also, it has a protocol-independent module to send the desired payload to the host and port specified. On the other hand, it also could be used in a scripting way using the STDOUT module.

Changes: Multiple new switches and encodings added.
tags | web, vulnerability, protocol, fuzzer
systems | unix
MD5 | 3843e851177812d4d3ff4b96ba6b5e4a
Fermitter Server FTP Directory Traversal
Posted Nov 8, 2010
Authored by chr1x

Fermitter FTP Server suffers from a directory traversal vulnerability.

tags | exploit, file inclusion
MD5 | 0dda2aea523e6ff567925f89b4846e33
DotDotPwn - The Directory Traversal Fuzzer 2.1
Posted Nov 2, 2010
Authored by nitr0us, chr1x

DotDotPwn is a very flexible intelligent fuzzer to discover directory traversal vulnerabilities in software such as Web/FTP/TFTP servers, Web platforms such as CMSs, ERPs,Blogs, etc. Also, it has a protocol-independent module to send the desired payload to the host and port specified. On the other hand, it also could be used in a scripting way using the STDOUT module.

tags | web, vulnerability, protocol, fuzzer
MD5 | 376c7c7edc5c0cebeae39d11ef744ef0
Home FTP Server 1.10.3 / 1.11.1 Directory Traversal
Posted Oct 29, 2010
Authored by chr1x

Home FTP Server versions 1.10.3 (build 144) and 1.11.1 (build 149) both suffer from a directory traversal vulnerability.

tags | exploit, file inclusion
MD5 | a873431ae17f48835410c655973b0fa4
TFTP Desktop 2.5 Directory Traversal
Posted Sep 1, 2010
Authored by chr1x

TFTP Desktop version 2.5 suffers from a directory traversal vulnerability.

tags | exploit, file inclusion
MD5 | 898e5d989da95c2440eeba3e54c34fc6
TFTPDWIN 0.4.2 Directory Traversal
Posted Sep 1, 2010
Authored by chr1x

TFTPDWIN version 0.4.2 suffers from a directory traversal vulnerability.

tags | exploit, file inclusion
MD5 | f656003b3289d7a806b0ae3a44cd7add
DotDotPwn Directory Traversal Scanner
Posted Aug 26, 2010
Authored by chr1x

DotDotPwn is a directory traversal scanner with a database of 871 payloads.

tags | tool, scanner
systems | unix
MD5 | ef26de7ba4e32f0d8cd6d03160e698d0
Wing FTP Server 3.4.3 Directory Traversal
Posted May 5, 2010
Authored by chr1x

Wing FTP Server version 3.4.3 suffers from a directory traversal vulnerability.

tags | exploit, file inclusion
MD5 | 99358932e8dd40a1785871446b318bae
VicFTP5 5.0 Directory Traversal
Posted May 5, 2010
Authored by chr1x

VicFTP5 version 5.0 suffers from a directory traversal vulnerability.

tags | exploit, file inclusion
MD5 | d591b05baa010f622e808377bbbc79d0
MultiThreaded HTTP Server 1.1 Directory Traversal
Posted Apr 20, 2010
Authored by chr1x

MultiThreaded HTTP Server version 1.1 suffers from a directory traversal vulnerability.

tags | exploit, web, file inclusion
MD5 | 993c978eeaa52e5213575d326db684a8
Embedthis Appweb 3.1.2 Denial Of Service
Posted Mar 16, 2010
Authored by chr1x

Embedthis Appweb version 3.1.2 remote denial of service exploit.

tags | exploit, remote, denial of service
MD5 | 21b1af26a52d6bc36668e826d80f52a0
WinRAR 3.80 Filename Spoofing
Posted Sep 29, 2009
Authored by chr1x

WinRAR version 3.80 suffers from a ZIP filename spoofing vulnerability.

tags | advisory, spoof
MD5 | 8acd312b18e011b742860a8201a4793c
Page 1 of 1
Back1Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

January 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    2 Files
  • 2
    Jan 2nd
    13 Files
  • 3
    Jan 3rd
    16 Files
  • 4
    Jan 4th
    39 Files
  • 5
    Jan 5th
    26 Files
  • 6
    Jan 6th
    40 Files
  • 7
    Jan 7th
    2 Files
  • 8
    Jan 8th
    16 Files
  • 9
    Jan 9th
    25 Files
  • 10
    Jan 10th
    28 Files
  • 11
    Jan 11th
    44 Files
  • 12
    Jan 12th
    32 Files
  • 13
    Jan 13th
    2 Files
  • 14
    Jan 14th
    4 Files
  • 15
    Jan 15th
    31 Files
  • 16
    Jan 16th
    15 Files
  • 17
    Jan 17th
    16 Files
  • 18
    Jan 18th
    8 Files
  • 19
    Jan 19th
    0 Files
  • 20
    Jan 20th
    0 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    0 Files
  • 25
    Jan 25th
    0 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close