Twenty Year Anniversary
Showing 1 - 13 of 13 RSS Feed

Files from chr1x

Email addressprivate
Websitechr1x.sectester.net
First Active2009-09-29
Last Active2014-04-07
View User Profile
WinRAR Filename Spoofing
Posted Apr 7, 2014
Authored by chr1x, juan vazquez | Site metasploit.com

This Metasploit module abuses a filename spoofing vulnerability in WinRAR. The vulnerability exists when opening ZIP files. The file names showed in WinRAR when opening a ZIP file come from the central directory, but the file names used to extract and open contents come from the Local File Header. This inconsistency allows to spoof file names when opening ZIP files with WinRAR, which can be abused to execute arbitrary code, as exploited in the wild in March 2014.

tags | exploit, arbitrary, local, spoof
advisories | OSVDB-62610
MD5 | cafdd4f9d26e105df70ea3abd2dd23a0
DotDotPwn - The Directory Traversal Fuzzer 3.0
Posted Feb 11, 2012
Authored by nitr0us, chr1x

DotDotPwn is a very flexible intelligent fuzzer to discover directory traversal vulnerabilities in software such as Web/FTP/TFTP servers, Web platforms such as CMSs, ERPs,Blogs, etc. Also, it has a protocol-independent module to send the desired payload to the host and port specified. On the other hand, it also could be used in a scripting way using the STDOUT module.

Changes: Multiple new switches and encodings added.
tags | web, vulnerability, protocol, fuzzer
systems | unix
MD5 | 3843e851177812d4d3ff4b96ba6b5e4a
Fermitter Server FTP Directory Traversal
Posted Nov 8, 2010
Authored by chr1x

Fermitter FTP Server suffers from a directory traversal vulnerability.

tags | exploit, file inclusion
MD5 | 0dda2aea523e6ff567925f89b4846e33
DotDotPwn - The Directory Traversal Fuzzer 2.1
Posted Nov 2, 2010
Authored by nitr0us, chr1x

DotDotPwn is a very flexible intelligent fuzzer to discover directory traversal vulnerabilities in software such as Web/FTP/TFTP servers, Web platforms such as CMSs, ERPs,Blogs, etc. Also, it has a protocol-independent module to send the desired payload to the host and port specified. On the other hand, it also could be used in a scripting way using the STDOUT module.

tags | web, vulnerability, protocol, fuzzer
MD5 | 376c7c7edc5c0cebeae39d11ef744ef0
Home FTP Server 1.10.3 / 1.11.1 Directory Traversal
Posted Oct 29, 2010
Authored by chr1x

Home FTP Server versions 1.10.3 (build 144) and 1.11.1 (build 149) both suffer from a directory traversal vulnerability.

tags | exploit, file inclusion
MD5 | a873431ae17f48835410c655973b0fa4
TFTP Desktop 2.5 Directory Traversal
Posted Sep 1, 2010
Authored by chr1x

TFTP Desktop version 2.5 suffers from a directory traversal vulnerability.

tags | exploit, file inclusion
MD5 | 898e5d989da95c2440eeba3e54c34fc6
TFTPDWIN 0.4.2 Directory Traversal
Posted Sep 1, 2010
Authored by chr1x

TFTPDWIN version 0.4.2 suffers from a directory traversal vulnerability.

tags | exploit, file inclusion
MD5 | f656003b3289d7a806b0ae3a44cd7add
DotDotPwn Directory Traversal Scanner
Posted Aug 26, 2010
Authored by chr1x

DotDotPwn is a directory traversal scanner with a database of 871 payloads.

tags | tool, scanner
systems | unix
MD5 | ef26de7ba4e32f0d8cd6d03160e698d0
Wing FTP Server 3.4.3 Directory Traversal
Posted May 5, 2010
Authored by chr1x

Wing FTP Server version 3.4.3 suffers from a directory traversal vulnerability.

tags | exploit, file inclusion
MD5 | 99358932e8dd40a1785871446b318bae
VicFTP5 5.0 Directory Traversal
Posted May 5, 2010
Authored by chr1x

VicFTP5 version 5.0 suffers from a directory traversal vulnerability.

tags | exploit, file inclusion
MD5 | d591b05baa010f622e808377bbbc79d0
MultiThreaded HTTP Server 1.1 Directory Traversal
Posted Apr 20, 2010
Authored by chr1x

MultiThreaded HTTP Server version 1.1 suffers from a directory traversal vulnerability.

tags | exploit, web, file inclusion
MD5 | 993c978eeaa52e5213575d326db684a8
Embedthis Appweb 3.1.2 Denial Of Service
Posted Mar 16, 2010
Authored by chr1x

Embedthis Appweb version 3.1.2 remote denial of service exploit.

tags | exploit, remote, denial of service
MD5 | 21b1af26a52d6bc36668e826d80f52a0
WinRAR 3.80 Filename Spoofing
Posted Sep 29, 2009
Authored by chr1x

WinRAR version 3.80 suffers from a ZIP filename spoofing vulnerability.

tags | advisory, spoof
MD5 | 8acd312b18e011b742860a8201a4793c
Page 1 of 1
Back1Next

File Archive:

September 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    1 Files
  • 2
    Sep 2nd
    3 Files
  • 3
    Sep 3rd
    15 Files
  • 4
    Sep 4th
    15 Files
  • 5
    Sep 5th
    18 Files
  • 6
    Sep 6th
    18 Files
  • 7
    Sep 7th
    15 Files
  • 8
    Sep 8th
    2 Files
  • 9
    Sep 9th
    2 Files
  • 10
    Sep 10th
    16 Files
  • 11
    Sep 11th
    17 Files
  • 12
    Sep 12th
    15 Files
  • 13
    Sep 13th
    29 Files
  • 14
    Sep 14th
    21 Files
  • 15
    Sep 15th
    3 Files
  • 16
    Sep 16th
    1 Files
  • 17
    Sep 17th
    15 Files
  • 18
    Sep 18th
    16 Files
  • 19
    Sep 19th
    29 Files
  • 20
    Sep 20th
    18 Files
  • 21
    Sep 21st
    5 Files
  • 22
    Sep 22nd
    2 Files
  • 23
    Sep 23rd
    2 Files
  • 24
    Sep 24th
    15 Files
  • 25
    Sep 25th
    22 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close