exploit the possibilities
Showing 1 - 25 of 84 RSS Feed

Files from vade79

Email addressv9 at fakehalo.us
First Active2000-03-08
Last Active2007-07-31
corehttp-overflow.txt
Posted Jul 31, 2007
Authored by vade79 | Site fakehalo.us

corehttp version 0.5.3alpha remote buffer overflow exploit.

tags | exploit, remote, overflow
MD5 | f94cd9f83f91db05428a8f172d80259f
xwdp-cygwin.c
Posted May 17, 2007
Authored by vade79 | Site fakehalo.us

Webdesproxy version 0.0.1 GET request remote buffer overflow exploit.

tags | exploit, remote, overflow
MD5 | 243346b09ad17b18f42d97c551a609cb
xnotepad.c
Posted May 15, 2007
Authored by vade79

notepad++ version 4.1 ruby file processing buffer overflow exploit for win32.

tags | exploit, overflow, ruby
systems | windows
MD5 | 7d9f4e6f0fe368c14e601e299c42f65d
3proxy-win32.c
Posted May 3, 2007
Authored by vade79 | Site fakehalo.us

3proxy version 0.5.3g proxy.c logurl() remote buffer overflow exploit for win32. Binds a shell to tcp port 7979.

tags | exploit, remote, overflow, shell, tcp
systems | windows
MD5 | 6c25c781ca73d4e22164246425a48012
3proxy-linux.c
Posted May 3, 2007
Authored by vade79 | Site fakehalo.us

3proxy version 0.5.3g proxy.c logurl() remote buffer overflow exploit for Linux. Can spawn a bind shell or launch connect-back code.

tags | exploit, remote, overflow, shell
systems | linux
MD5 | 4aa3b80e3126b2db928f68b83dd8fe4d
iDEFENSE Security Advisory 2006-03-02.2
Posted Mar 3, 2006
Authored by vade79, iDefense Labs | Site idefense.com

iDefense Security Advisory 03.02.06 - Local exploitation of a design error in version 10.3.9 of Apple Computer Inc.'s Mac OS X could allow arbitrary files to be overwritten with user supplied contents. iDefense has confirmed the existence of this vulnerability in Mac OS X Version 10.3.9. In addition, the following versions been confirmed by the vendor to be vulnerable: Mac OS X Server Version 10.3.9, Mac OS X Version 10.4.5, Mac OS X Server Version 10.4.5.

tags | advisory, arbitrary, local
systems | apple, osx
advisories | CVE-2005-2713, CVE-2005-2714
MD5 | 713561ccc67de4e8e0127687de6ca534
xosx-passwd.pl.txt
Posted Mar 3, 2006
Authored by vade79

/usr/bin/passwd local root exploit for Mac OS X.

tags | exploit, local, root
systems | apple, osx
MD5 | 0b8e98d93c5a075a72311800794cc7c5
iDEFENSE Security Advisory 2005-11-11.t
Posted Nov 12, 2005
Authored by vade79, iDefense Labs | Site idefense.com

iDEFENSE Security Advisory 11.11.05 - Remote exploitation of a command injection vulnerability in various vendors' implementations of Lynx could allow attackers to execute arbitrary commands with the privileges of the underlying user. The problem specifically exists within the feature to execute local cgi-bin programs via the lynxcgi: URI handler. The handler is generally intended to be restricted to a specific directory or program(s). However, due to a configuration error on multiple platforms, the default settings allow for arbitrary websites to specify commands to run as the user running Lynx. iDEFENSE has confirmed the existence of this vulnerability in the latest stable release of Lynx, version 2.8.5. It is suspected that earlier versions are also affected.

tags | advisory, remote, arbitrary, local, cgi
advisories | CVE-2005-2929
MD5 | 51fe811052b9529851841a1252d1e59b
openVPN20x.txt
Posted Nov 1, 2005
Authored by vade79

OpenVPN version 2.0.x contain a remotely exploitable format string bug in the processing of its command-line and configuration arguments.

tags | advisory
MD5 | f77007a150f68a713ec441b3d28ede9b
iDEFENSE Security Advisory 2005-08-29.2
Posted Aug 31, 2005
Authored by vade79, iDefense Labs | Site idefense.com

iDEFENSE Security Advisory - Local exploitation of a design error in Adobe Systems, Inc. Version Cue allows local attackers to gain root privileges. Version Cue includes a setuid root application named VCNative which is vulnerable to a symlink attack. The vulnerability specifically exists due to the use of predictable log file names. VCNative uses a format such as VCNative-[pid].log for the filename and stores the file in the current working directory. Attackers can easily predict the created filename and supply user-controlled data via the -host and - port options. A carefully supplied value can cause a crafted log file to be written. Crafted strings written to root-owned files can lead to arbitrary code execution with root privileges.

tags | advisory, arbitrary, local, root, code execution
advisories | CVE-2005-1842
MD5 | 006c050c25449b61284a0e704ee87d4d
iDEFENSE Security Advisory 2005-08-29.1
Posted Aug 31, 2005
Authored by vade79, iDefense Labs | Site idefense.com

iDEFENSE Security Advisory - Local exploitation of a design error in Adobe Systems, Inc. Version Cue allows local attackers to gain root privileges. Version Cue includes a setuid root application named VCNative which contains a design error that allows local attackers to gain root privileges. The vulnerability specifically exists due to an unchecked command line option parameter. The -lib command line option allows users to specify library bundles which allows for the introduction of arbitrary code in the context of a root owned process. The init function in a shared library is executed immediately upon loading. By utilizing the -lib argument to load a malicious library, local attackers can execute arbitrary code with root privileges.

tags | advisory, arbitrary, local, root
advisories | CVE-2005-1843
MD5 | 12a71c59d4665571e0ee8aacf0fef6d1
ethereal-SMB-DoS.c
Posted May 27, 2005
Authored by vade79, Nicob

Ethereal versions 0.10.10 and below SMB dissector remote denial of service exploit. Tested on 0.9.4 and 0.10.10.

tags | exploit, remote, denial of service
MD5 | 3ab2b3f2fbc4facb56d109e6506558d3
xtcpdump-isis-dos.c
Posted Apr 27, 2005
Authored by vade79 | Site fakehalo.us

Tcpdump v3.8.x/3.9.1 remote infinite loop denial of service exploit which takes advantage of the isis_print() function by sending a GRE packet.

tags | exploit, remote, denial of service
MD5 | a350bbe8a4a509d9a7ea62aee31f4411
xtcpdump-bgp-dos.c
Posted Apr 27, 2005
Authored by vade79 | Site fakehalo.us

Tcpdump v3.8.x and below remote denial of service exploit which causes tcpdump to go into an infinite loop when it processes an evil BGP packet. Works if TCP port 179 is not filtered.

tags | exploit, remote, denial of service, tcp
MD5 | 7910a287be1c5dc61afe4be886bba8be
xtcpdump-ldp-dos.c
Posted Apr 27, 2005
Authored by vade79 | Site fakehalo.us

Tcpdump v3.8.3 and below remote denial of service exploit which causes tcpdump to go into an infinite loop when it processes an evil LDP packet.

tags | exploit, remote, denial of service
MD5 | 3991741f125a8d4af45b16bccb9449a5
xtcpdump+ethr-rsvp-dos.c
Posted Apr 27, 2005
Authored by vade79 | Site fakehalo.us

Tcpdump v3.9.1 and below and Ethereal v0.10.10 and below remote denial of service exploit which takes advantage of a bug in rsvp_print().

tags | exploit, remote, denial of service
MD5 | e53d15334d77bab6ccbe7c0f187f5ca9
xosx-cf.c
Posted Mar 24, 2005
Authored by vade79 | Site fakehalo.us

Local root exploit for /usr/bin/su on Mac OS X that makes use of the buffer overflow vulnerability discovered by iDefense using the CF_CHARSET_PATH environment variable.

tags | exploit, overflow, local, root
systems | apple, osx
advisories | CVE-2005-0716
MD5 | f6fb2b97ea877182983ee16dafacce16
xfinder-ds.pl
Posted Feb 22, 2005
Authored by vade79

The Finder utility that Mac OSX uses to launch and manipulate files and applications fails to check for hard linked files before performing changes. This allows an unprivileged user the ability to overwrite files as root. Full exploit included.

tags | exploit, root
systems | apple
MD5 | f7793f2703c2dbe3aa10b3b3a94c160c
xfkey.c
Posted Jan 25, 2005
Authored by vade79 | Site fakehalo.us

fkey version 0.0.2 local file accessibility exploit.

tags | exploit, local
MD5 | 2afe0de2da98e6a863a419723fd42326
xxchat-socks5.c
Posted May 4, 2004
Authored by vade79

X-Chat versions 2.0.8 through 1.8.0 remote exploit that makes use of a buffer overflow in the SOCKS-5 proxy code. Successful exploitation binds a shell to port 7979.

tags | exploit, remote, overflow, shell
MD5 | 962882454041913d71efc4a5444ef886
xmpg123.c
Posted Sep 23, 2003
Authored by vade79

mpg123 v0.59r and 0.59s remote client-side heap corruption exploit that makes use of the overflow found in the readstring() function of httpget.c which does not limit the amount of data written to a buffer.

tags | exploit, remote, overflow
MD5 | 578765a85ce61b5cbc41aa2541e2d7dc
netscript-1.7.0.tgz
Posted Feb 27, 2002
Authored by vade79, realhalo | Site realhalo.org

Netscript is a portable and lightweight tcp socket scripting tool. It is intended to allow anyone to script situations based on a word-to-word ruleset response system. Includes wildcard support, character replacement, random replacement, argument inclusion, server timeout, initial send, display altering, multiple character dump formats, telnet protocol support, logging, program to socket dumping, executable ruleset support and reverse binding among other things.

Changes: A (modified) cygwin/windows binary based on the netscript.c source was added. The syslog priority level was changed to better suit some situations and local display of error/statistical messages was changed to use less space. A bug with the -M option (that forced the -R option) and misplacing of a #ifdef were fixed.
tags | tcp, protocol
systems | unix
MD5 | 55026e6fa66f467d9c4870918c31aa8a
netscript-1.6.8.tgz
Posted Jan 3, 2002
Authored by vade79, realhalo | Site realhalo.org

Netscript is a portable and lightweight tcp socket scripting tool. It is intended to allow anyone to script situations based on a word-to-word ruleset response system. Includes wildcard support, character replacement, random replacement, argument inclusion, server timeout, initial send, display altering, multiple character dump formats, telnet protocol support, logging, program to socket dumping, executable ruleset support and reverse binding among other things.

Changes: Routing support (-R, -k, -j, and -J options), a new $\ variable to send data directly to the route socket, a $" variable to only send data after an alloted amount of time, a -Q option to define socket options, a --interactive command line option to allow interactive use of netscript, reading of ~/.nsrc to to precurse any other interactive commands, a --list command line option to quickly list and execute rulesets, a $NS_PATH environmental variable to assist the --list option, a new manual page, MD5SUM validity check file, and some new/modified rulesets.
tags | tcp, protocol
systems | unix
MD5 | ec29e37f3d8fa6195904f099686cba85
netscript-1.6.7.tgz
Posted Jan 1, 2002
Authored by vade79 | Site realhalo.org

Netscript is a portable and lightweight tcp socket scripting tool. It is intended to allow anyone to script situations based on a word-to-word ruleset response system. Includes wildcard support, character replacement, random replacement, argument inclusion, server timeout, initial send, display altering, multiple character dump formats, telnet protocol support, logging, program to socket dumping, executable ruleset support and reverse binding among other things.

Changes: This release adds -O to select an alternative shell to execute for third party programs, -o to omit socket reading of supplied character(s), -m to change the working directory, -M to change the root directory, and $' to change the current working directory via the ruleset. The standard reading of input has been changed to check for the tty name instead of the generic /dev/tty. All related third party executions have been modified to use $SHELL. A segmentation fault introduced in the previous version (-u with a user name that doesn't exist) has been fixed. This was not a security issue.
tags | tcp, protocol
systems | unix
MD5 | dec2f5ce7f142a8a95a3cccb5883a913
netscript-1.6.6.tgz
Posted Dec 14, 2001
Authored by vade79, realhalo | Site realhalo.org

Netscript is a portable and lightweight tcp socket scripting tool. It is intended to allow anyone to script situations based on a word-to-word ruleset response system. Includes wildcard support, character replacement, random replacement, argument inclusion, server timeout, initial send, display altering, multiple character dump formats, telnet protocol support, logging, program to socket dumping, executable ruleset support and reverse binding among other things.

Changes: This release adds -Z (system logging support) for when it is running at a syslog accessible level. -u has changed so that it will now apply the supplementary groups to the id change. Also, if no group id is specified, it will apply the group id of the user id. The ns_exit() module function has been changed to pass the type of exit.
tags | tcp, protocol
systems | unix
MD5 | 38fc96a05a72c5e011618a3a4a7596b3
Page 1 of 4
Back1234Next

File Archive:

April 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    21 Files
  • 2
    Apr 2nd
    35 Files
  • 3
    Apr 3rd
    21 Files
  • 4
    Apr 4th
    16 Files
  • 5
    Apr 5th
    15 Files
  • 6
    Apr 6th
    1 Files
  • 7
    Apr 7th
    2 Files
  • 8
    Apr 8th
    23 Files
  • 9
    Apr 9th
    19 Files
  • 10
    Apr 10th
    15 Files
  • 11
    Apr 11th
    14 Files
  • 12
    Apr 12th
    11 Files
  • 13
    Apr 13th
    2 Files
  • 14
    Apr 14th
    5 Files
  • 15
    Apr 15th
    14 Files
  • 16
    Apr 16th
    19 Files
  • 17
    Apr 17th
    19 Files
  • 18
    Apr 18th
    8 Files
  • 19
    Apr 19th
    4 Files
  • 20
    Apr 20th
    5 Files
  • 21
    Apr 21st
    1 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close