what you don't know can hurt you
Showing 1 - 25 of 33 RSS Feed

Files from Dark-Puzzle

First Active2012-06-25
Last Active2014-05-05
Windows Heap Overflow Exploitation
Posted May 5, 2014
Authored by Dark-Puzzle

This article goes into detail on how to overflow a custom heap in Microsoft Windows 7.

tags | paper, overflow
systems | windows
SHA-256 | da85d1c71e43d3dd424e4a8554fff860e473083210aa9ad816da6ab171e9b515
64-bit calc.exe Stack Overflow Root Cause Analysis
Posted Dec 22, 2013
Authored by Dark-Puzzle

This is a brief write up discussing a root cause analysis of why spawning calc.exe triggered a stack overflow.

tags | paper, overflow, root
SHA-256 | df816f981278218c855742bbf91b22db7088072ca5aade2974f7d629781ce6e6
OllyDbg / Immunity Debugger Crash
Posted Jul 29, 2013
Authored by Dark-Puzzle

OllyDbg / Immunity debugger crash proof of concept denial of service exploit.

tags | exploit, denial of service, proof of concept
SHA-256 | 675d2824b19af798e908b299af4c63101ca4f8e7734c1c02006fdc9bf019156e
aSc Timetables 2013 Stack Buffer Overflow
Posted Jun 22, 2013
Authored by Dark-Puzzle

aSc Timetables 2013 suffers from a stack-based buffer overflow vulnerability.

tags | exploit, overflow
SHA-256 | 456f8e6a3244e971ad39ce281111d3f8cbb2a46cb66c2ae86b5dc1c3ed95dbb5
Beating A SEH/VEH Based Crackme
Posted Jun 22, 2013
Authored by Dark-Puzzle

In this paper, the author demonstrates how to beat an advanced crackme using an interesting way to calculate the length.

tags | paper
SHA-256 | f1f14e176c436b51bba232ca3a853a42254f21cd245f711f08f895f13a1ae639
Reversing Offline Games
Posted Apr 20, 2013
Authored by Dark-Puzzle

This is a brief tutorial that demonstrates how to reverse engineer an offline game (3D Pinball).

tags | paper
SHA-256 | 426f7edb198602eac9058b56437b9eeffe6b5b0b774f60a26ae114893d91c018
Twitter Cookie Handling Issue
Posted Jan 24, 2013
Authored by Dark-Puzzle

Twitter apparently fails to zero out and invalidate cookies upon logout, allowing for replay later.

tags | advisory
SHA-256 | 3d43799d9838174b65bdfa37b2cb2adddb40be1cc7d7947d3253b2eafac66181
Huawei UTPS Back-End Buffer Overflow
Posted Oct 18, 2012
Authored by Dark-Puzzle, Huawei PSIRT | Site huawei.com

Huawei Security Advisory 20120922-01-UTPS - The back-end UTPS software suffers from a buffer overflow vulnerability. The UTPS 1.0 back-end does not fully verify the incoming parameters when copying the character strings during the process of uploading the plug-in configuration files, which leads to the overflow (HWNSIRT-2012-0994). As a result, the script which is specified by some malicious users may be executed to run the application program which is specified by the malicious users.

tags | advisory, overflow
SHA-256 | 84b868d6a7c48aeacee07bcc35feff44b4cc4ca28212fcc648aff97251964d61
Joomla iCagenda SQL Injection / Path Disclosure
Posted Oct 16, 2012
Authored by Dark-Puzzle

The Joomla iCagenda component suffers from remote blind SQL injection and path disclosure vulnerabilities.

tags | exploit, remote, vulnerability, sql injection, info disclosure
advisories | OSVDB-85148
SHA-256 | c186dd88d27cbd897492034bea5e2be409f2d91cd8ee702fa3a083a05391695b
FL Studio 10 Producer Edition Buffer Overflow
Posted Oct 9, 2012
Authored by Dark-Puzzle

FL Studio 10 Producer Edition SEH based buffer overflow proof of concept exploit.

tags | exploit, overflow, proof of concept
SHA-256 | baccc3c89450e01403323b36347d890a84bd82c9b7faff4e753ea4c496b4259c
Huawei Internet Mobile Overflow
Posted Sep 16, 2012
Authored by Dark-Puzzle

Huawei Technologies Internet Mobile unicode SEH-based buffer overflow exploit. Works only on Windows XP SP1.

tags | exploit, overflow
systems | windows
SHA-256 | 94121e361b21a76c84d21b0577c7bd10dbd0821cac5bd77f02b44d238e67dc90
Linux Nmap Default Router Services Scan Shellcode
Posted Sep 14, 2012
Authored by Dark-Puzzle

73 bytes small Linux/x86 Nmap default router services scan shellcode.

tags | x86, shellcode
systems | linux
SHA-256 | eba44ff0ad200eedf51987bb0b0229abe3206f8011b11dfebdffd9fbc460b183
Linux man /bin/cat Shellcode
Posted Sep 14, 2012
Authored by Dark-Puzzle

121 bytes small Linux/x86 man /bin/cat shellcode.

tags | x86, shellcode
systems | linux
SHA-256 | 1f23c312df1064018158e04828ddd8afd600f9b3bfa0d16a31f90d173ea332c3
Linux cp/chmod /etc/shadow Shellcode
Posted Sep 14, 2012
Authored by Dark-Puzzle

126 bytes small Linux/x86 cp /etc/shadow /tmp && chmod 777 /tmp/shadow shellcode.

tags | x86, shellcode
systems | linux
SHA-256 | 3281284185894711f02603966afa216e2b23233c3410d64c430071df5a8869c3
Internet Download Manager SEH Based Buffer Overflow
Posted Sep 14, 2012
Authored by Dark-Puzzle

Internet Download Manager SEH based buffer overflow exploit that spawns cmd.exe.

tags | exploit, overflow
SHA-256 | 6b1d1f0931da27bc6e7a701bad516d556bcb7d07ac95b7850477f687fe80adc6
Internet Download Manager Buffer Overflow
Posted Sep 13, 2012
Authored by Dark-Puzzle

Internet Download Manager suffers from a buffer overflow vulnerability.

tags | exploit, overflow
SHA-256 | ac2a7cf7ff7d28aa6957250c17b97b117ba47f182bbbd26140d2b8a239610de7
WordPress Krea3AllMedias SQL Injection
Posted Sep 12, 2012
Authored by Dark-Puzzle

WordPress Krea3AllMedias third party plugin suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.

tags | exploit, remote, sql injection
SHA-256 | 82781413cae2166f326ac53a670a474a65d6db5c197757581b095f4f6d13833d
WordPress Tierra Audio Path Disclosure
Posted Sep 12, 2012
Authored by Dark-Puzzle

WordPress Tierra Audio third party plugin suffers from full path disclosure and directory listing vulnerabilities. Note that this finding houses site-specific data.

tags | exploit, vulnerability, info disclosure
SHA-256 | eb8bf13ce083445d9f8934609a93b31fdbda0da617aced0b90568a7a46902d18
Spam And Hackers
Posted Sep 2, 2012
Authored by Dark-Puzzle

This is a whitepaper discussing spam and hackers.

tags | paper
SHA-256 | edb8e62f33060078f8b356e775ce645ac9724f3072cc0ffd701749cf81b23d38
Joomla ICAgenda SQL Injection / Path Disclosure
Posted Aug 31, 2012
Authored by Dark-Puzzle

The Joomla ICAgenda component suffers from remote blind SQL injection and path disclosure vulnerabilities. Note that this finding houses site-specific data.

tags | exploit, remote, vulnerability, sql injection
SHA-256 | f03c312f386b157c2b2f9649b26d2b92df905d59d33fe475f5d68ae0a4722083
WordPress BBPress SQL Injection / Path Disclosure
Posted Aug 31, 2012
Authored by Dark-Puzzle

The WordPress BBPress third party plugin suffers from path disclosure and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection, info disclosure
SHA-256 | 789b82c3f132aaefb4f7c5bbc76519f1c7fd1fe2a7b261ace1fa3c5f84950de6
WordPress NextGen Cu3er Gallery Information Disclosure
Posted Aug 31, 2012
Authored by Dark-Puzzle

The WordPress NextGen Cu3er Gallery third party plugin suffers from multiple information disclosure vulnerabilities. Note that this finding houses site-specific data.

tags | exploit, vulnerability, info disclosure
SHA-256 | abf72377ec975a4d3d5a5185d66bf2176d2e93fb7206744c6730beca8685f837
Internet Download Manager Memory Corruption
Posted Aug 30, 2012
Authored by Dark-Puzzle

Internet Download Manager suffers from a denial of service vulnerability.

tags | exploit, denial of service
SHA-256 | 19dcbb058f55930947113cae0c2f76cc837250746a9ae391532c0501f0db61a7
Divx 6.8.2 Denial Of Service
Posted Aug 20, 2012
Authored by Dark-Puzzle

Divx version 6.8.2 suffers from a denial of service vulnerability.

tags | exploit, denial of service
SHA-256 | 9e4f3b9ce274360447887becad17d4617d27a3dc9c999659e4bc9cd7e48a92c4
VLC 2.0.2 Division By Zero
Posted Aug 2, 2012
Authored by Dark-Puzzle

VLC version 2.0.2 suffers form a division by zero vulnerability when parsing .3gp files.

tags | exploit
SHA-256 | da55a94e432e51e736b1d6f0ce42d24343527d51712743f54b3519ce8df13c19
Page 1 of 2
Back12Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    6 Files
  • 24
    May 24th
    19 Files
  • 25
    May 25th
    5 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close