exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 18 of 18 RSS Feed

Files from Gregory Duchemin

First Active2000-03-04
Last Active2009-07-02
Sourcefire 3D Sensor / Defense Center Privilege Escalation
Posted Jul 2, 2009
Authored by Gregory Duchemin

Sourcefire 3D Sensor and Defense Center versions 4.8.1 and below suffer from a privilege escalation vulnerability.

tags | exploit
SHA-256 | 8d122104cad7e27e576d2a9001ec927db6865f70b597c09304127daf8c81ad95
D3VS-0.2.tar.gz
Posted Jul 28, 2008
Authored by Gregory Duchemin, Heike

Die Eier Von Satan is a quick and dirty rewrite of the old ADMnog00d code. This version exploits the DNS cache poisoning vulnerability and discovered by Dan Kaminsky. This proof of concept makes use of a MX RR to spread its poisonous payload, a A RR, but can easily be adapted for other flavors.

tags | exploit, proof of concept
advisories | CVE-2008-1447
SHA-256 | 10620955e93ad4e6de3b0a1a937dfcfaa4e383b2965a6eb178c2bfd654baf6da
MDCrack-17.zip
Posted Oct 31, 2006
Authored by Gregory Duchemin | Site mdcrack.openwall.net

MDCrack is a free, feature filled password cracker designed to bruteforce several commonly used hash algorithms at a very aggressive speed rate. It can retrieve any password made of up to 8 characters (16 for PIX algorithms) and 55 characters when salted. In order to achieve the highest possible speed rate, this program uses several cores for each algorithm it supports. Each one of these cores provides a different level of optimization designed to best fit with a specific set of command line options. Whatever command line configuration is used, MDCrack will always arrange to use the best available core. To date, this program supports bruteforce attacks on MD2, MD4, MD5, NTLMv1 and PIX (enable and users) hashes, the list of algorithms is growing up. Multithreading allows for parallel cracking and load sharing between several CPUs and multiplies overall speed by the number of available processor(s).

Changes: This release includes several bug fixes along with 6 new cores supporting FreeBSD MD5, Apache MD5 and Cisco IOS hashes.
tags | cracker
SHA-256 | 9593af74b8a11d0e64180ad1fb001d350707f3825c6d32f9b31644937f17766c
MDCrack-16.zip
Posted Oct 21, 2006
Authored by Gregory Duchemin | Site mdcrack.openwall.net

MDCrack is a free, feature filled password cracker designed to bruteforce several commonly used hash algorithms at a very aggressive speed rate. It can retrieve any password made of up to 8 characters (16 for PIX algorithms) and 55 characters when salted. In order to achieve the highest possible speed rate, this program uses several cores for each algorithm it supports. Each one of these cores provides a different level of optimization designed to best fit with a specific set of command line options. Whatever command line configuration is used, MDCrack will always arrange to use the best available core. To date, this program supports bruteforce attacks on MD2, MD4, MD5, NTLMv1 and PIX (enable and users) hashes, the list of algorithms is growing up. Multithreading allows for parallel cracking and load sharing between several CPUs and multiplies overall speed by the number of available processor(s).

Changes: This release includes several bug fixes along with 8 new cores supporting HMAC MD4 and HMAC MD5.
tags | cracker
SHA-256 | d82d9d0897fb3dcca072bcf641acc2c197e69d17e77d40bc57f48b84b307a906
MDCrack-15.zip
Posted Sep 7, 2006
Authored by Gregory Duchemin | Site mdcrack.openwall.net

MDCrack is a free, feature filled password cracker designed to bruteforce several commonly used hash algorithms at a very aggressive speed rate. It can retrieve any password made of up to 8 characters (16 for PIX algorithms) and 55 characters when salted. In order to achieve the highest possible speed rate, this program uses several cores for each algorithm it supports. Each one of these cores provides a different level of optimization designed to best fit with a specific set of command line options. Whatever command line configuration is used, MDCrack will always arrange to use the best available core. To date, this program supports bruteforce attacks on MD2, MD4, MD5, NTLMv1 and PIX (enable and users) hashes, the list of algorithms is growing up. Multithreading allows for parallel cracking and load sharing between several CPUs and multiplies overall speed by the number of available processor(s).

tags | cracker
SHA-256 | e7746486dd30fc6921a9e419810f4a9c48ca31e4139cb7b2298bfea7b4875075
alcateladsl.txt
Posted Nov 13, 2004
Authored by Gregory Duchemin

The Alcatel/Thomson Speed Touch Pro ADSL modem suffers two security flaws allowing an insider to poison the intranet zone configured in the modem's embedded DNS server.

tags | advisory
SHA-256 | 9bbdb6331e0c1c32a010de746600968e00b87e55d153201e72c3355b25408791
DHCPing 0.90
Posted Jul 9, 2004
Authored by Gregory Duchemin | Site dhcping.openwall.net

DHCPing 0.90 is a tool that can be used for various security audits allowing an engineer the ability to create valid and invalid DHCP/BOOTP traffic via hping. It also features several exploits for the latest ISC Infoblox and DLink vulnerabilities.

tags | tool, scanner, vulnerability
systems | unix
SHA-256 | 754cd512468cc79d48d24f85f510728175eb4d01826e600d9c314f8af692341f
dlink624.txt
Posted Jul 1, 2004
Authored by Gregory Duchemin

The DI-624+ SOHO DLINK router suffers a script injection vulnerability that uses DHCP as a vector of attack.

tags | advisory
SHA-256 | d856de4fb4db87ed8574faf55666d66f7965ff1088c03f36522efd2cfcfa846e
dhcpdDOS.txt
Posted Jun 28, 2004
Authored by Gregory Duchemin

Original research data regarding ISC DHCPD 3.0.1 rc12 and rc13 denial of service attacks.

tags | advisory, denial of service
SHA-256 | af7361e4caaf6e24854e73423f133ae3002cdac83b977215361840b8ae51b713
dlink614.txt
Posted Jun 22, 2004
Authored by Gregory Duchemin

The DI-614+ SOHO DLINK router suffers a script injection vulnerability that uses DHCP as a vector of attack.

tags | exploit
SHA-256 | b89f567cac4704eaa1323775e91f7c938e9c34a4c6b3f5a58e198b767eca3571
dnsone.txt
Posted Jun 22, 2004
Authored by Gregory Duchemin

It has been reported that a vulnerability exists in DNS One, potentially allowing malicious people to conduct script insertion attacks. The problem is that input supplied to the HOSTNAME and CLIENTID parameters in a valid DHCP request are logged unfiltered, allowing arbitrary HTML and script code to be embedded. Successful exploitation allows code execution in an administrative user's browser in context of the affected site when the report / log is viewed. Reportedly, firmware version 2.4.0-8 and 2.4.0-8A and prior are affected.

tags | advisory, arbitrary, code execution
SHA-256 | 834a3a0d683b2f180754f7d96f8cbc06c96db82fa7ecf2da5fe00ff2985869ab
xpede.txt
Posted Mar 22, 2002
Authored by Gregory Duchemin

Intellisol Xpede v4.1 and 7.1 contains two remote vulnerabilities which disclose user passwords. Workaround information included.

tags | remote, vulnerability
SHA-256 | 81eb0c2ecc2614795ed95d5aecf4f16515e453e55ce6b04b45dccc19776c3a69
sneaky2.sh
Posted Jul 18, 2001
Authored by Gregory Duchemin | Site securite-internet.com

Sneaky2.sh is a swiss army knife for Hotmail/Messenger. Implements Spoofing/brute force/misconception/unexpected input Class Attacks. Will spoof Hotmail/messenger server to recover user hotmail/password, crash messenger client, remotely inject and execute malicious exe on the victim host.

tags | exploit, spoof
SHA-256 | a20cd1bbf47e56f622a99907ad68665a56c73da31f4c7353938fa59ca1b6d1f4
mdcrack-0.9.5.tar.gz
Posted May 14, 2001
Authored by Gregory Duchemin | Site mdcrack.multimania.com

MDcrack is a brute forcer for MD5 hashes. Many programs send MD5 hashes of passwords over the wire for security, not realizing that brute forcing MD5 hashes is as simple as brute forcing our old UNIX DES password. MDcrack has been built with performance in mind, and is capable of breaking up to 6 characters in length hashes in hours, 8 character passwords can be cracked in a couple days.

Changes: Ncurses interface, 20% faster, long password support, precomputed hashes improved, and more information is displayed.
systems | unix
SHA-256 | f461126b4ca11233cfa062d480d4aa8188198ac11ff3d4e420a6641323aee8c2
mdcrack-0.7.tar.gz
Posted Mar 27, 2001
Authored by Gregory Duchemin | Site mdcrack.multimania.com

MDcrack is a brute forcer for MD5 hashes. Many programs send MD5 hashes of passwords over the wire for security, not realizing that brute forcing MD5 hashes is as simple as brute forcing our old UNIX DES password. MDcrack has been built with performance in mind, and is capable of breaking up to 6 characters in length hashes in hours, 8 character passwords can be cracked in a couple days.

Changes: Now includes a human readable form output so grep can be used to search through results, a -F option to write in non-human form speeding up performance by 60%, and bug fixes.
systems | unix
SHA-256 | b1d8492042611af996c56bf4b7c71729c98dae5e8ba376bc094d8dcd96bad7e9
mdcrack-0.6.tar.gz
Posted Mar 15, 2001
Authored by Gregory Duchemin | Site mdcrack.multimania.com

MDcrack is a brute forcer for MD5 hashes. Many programs send MD5 hashes of passwords over the wire for security, not realizing that brute forcing MD5 hashes is as simple as brute forcing our old UNIX DES password. MDcrack has been built with performance in mind, and is capable of breaking up to 6 characters in length hashes in hours, 8 character passwords can be cracked in a couple days.

Changes: It is now possible to simulate a complete authentication process using a server side pseudo-random key. Two options '-e' (end) and '-b' (beginning) concatenate the server static string to the password being cracked. Hashes are now rightly displayed during a verbose session.
systems | unix
SHA-256 | 781feb57179e68b95e8c36683c6db09e1e322cff17f77a37cc7bb27bb0c0b78c
mdcrack-0.5.tar.gz
Posted Mar 14, 2001
Authored by Gregory Duchemin | Site mdcrack.multimania.com

MDcrack is a bruteforcer for MD5 hashes. Many programs send MD5 hashes of passwords over the wire for security, not realizing that brute forcing MD5 hashes is as simple as brute forcing our old UNIX DES password. MDcrack has been built with performance in mind, and is capable of breaking up to 6 characters in length hashes in hours, 8 character passwords can be cracked in a couple days.

systems | unix
SHA-256 | e7c05bb6ff9e970c66ab43e0e0a84f5f0cdbe2c7d8be2d82f35dc22061edc3da
officescan.txt
Posted Mar 4, 2000
Authored by Gregory Duchemin | Site securite-internet.com

Trendmicro Officescan 3.5 has severe remote vulnerabilities, allowing a malicious user to remotely uninstall the anti virus, remotely stop the scan, remotely make the anti virus inefficient by modifying the scan configuration file through the network on the target pc, and finally, remotely write anywhere on the target file system! Includes exploit instructions.

tags | exploit, remote, vulnerability, virus
SHA-256 | 1b397afbf8b09ecf70d57af6cf9b203f751689535272af2e5daa44bfc52d3737
Page 1 of 1
Back1Next

File Archive:

October 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    39 Files
  • 2
    Oct 2nd
    23 Files
  • 3
    Oct 3rd
    18 Files
  • 4
    Oct 4th
    20 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    17 Files
  • 8
    Oct 8th
    66 Files
  • 9
    Oct 9th
    25 Files
  • 10
    Oct 10th
    20 Files
  • 11
    Oct 11th
    21 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    14 Files
  • 15
    Oct 15th
    49 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close