exploit the possibilities

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 8 of 8

Files from Blue Panda

wgate41a.txt

Posted Oct 17, 2000

Authored by Blue Panda | Site bluepanda.box.sk

Wingate 4.1 Beta A and below allows users with access to read the logs to read any file on the filesystem by encoding the URL with escape codes, bypassing input validation. Includes wgate41a.c, proof of concept code. Fix available here.

tags | exploit, proof of concept

SHA-256 | d911de7376362eaa57534d66e1363dca6a222e4eac2a3b3c940f8173fb80d190

Download | Favorite | View

wgate401.pl

Posted Oct 2, 2000

Authored by Blue Panda | Site bluepanda.box.sk

There is a vulnerability in the Wingate engine that allows a malicious user to disable all services to the engine by sending an abnormal string to the enabled Winsock Redirecter Service. Wingate Home/Standard/Pro version 4.0.1 is vulnerable. The problem has been addressed in Wingate 4.1 Beta A.

tags | exploit

SHA-256 | adfb54633be316c75b5176b75c94c600197e9e47ad32afe8556a55aab94d4477

Download | Favorite | View

wftpd241-12-2.txt

Posted Sep 6, 2000

Authored by Blue Panda | Site bluepanda.box.sk

WFTPD/WFTPD Pro 2.41 RC12 devulges sensitive information by revealing the full path of the current directory. This is fixed in WFTPD/WFTPD Pro 2.41 RC13. Exploit details included.

tags | exploit

SHA-256 | 193366b65a5b1cdd836be3470f4aa6808039ca44452fe3c05bb6a2925d08ca56

Download | Favorite | View

wftpd241-12.txt

Posted Sep 6, 2000

Authored by Blue Panda | Site bluepanda.box.sk

WFTPD/WFTPD Pro 2.41 RC12 contains a remote denial of service vulnerability which does not require a valid login/password. Perl exploit code included.

tags | exploit, remote, denial of service, perl

SHA-256 | 2ce2075c4946300317f659cb6ce029291184ad6df10f2c8ceaee2b6620d0efc2

Download | Favorite | View

servu25e.txt

Posted Aug 4, 2000

Authored by Blue Panda | Site bluepanda.box.sk

FTP Serv-U 2.5e for Windows will stack fault if sent a string containing a large number of null bytes. The system Serv-U is running on may become sluggish/unstable and eventually bluescreen. A valid user/pass combination is not required to take advantage of this vulnerability. Perl proof of exploit code included.

tags | exploit, perl

systems | windows

SHA-256 | 3b7e71c07f801ae031ed4432adb13b794ae79a828e784b4fce4045c0749b45b7

Download | Favorite | View

wftpd241-11.tgz

Posted Jul 24, 2000

Authored by Blue Panda | Site bluepanda.box.sk

WFTPD/WFTPD Pro 2.41 RC11 contains four remote denial of service vulnerabilities. Perl proof of concept code included for each.

tags | exploit, remote, denial of service, perl, vulnerability, proof of concept

SHA-256 | f66747fe1c3efb7f98a0b76e20c56baf2efea4d7adf3ae8f603bfb1fcc4364e6

Download | Favorite | View

wftpd241.txt

Posted Jul 11, 2000

Authored by Blue Panda | Site bluepanda.box.sk

WFTPD and WFTPD Pro 2.41 RC10 are vulnerable to a dos attack which requires a valid account. An out of sequence RNTO command will cause WFTPD to crash. Perl exploit included.

tags | exploit, perl

SHA-256 | 197ff2faeb06d92d06fab0c053ca625b8fc4adc1e1873cc553d55608365fabf5

Download | Favorite | View

imbof102.txt

Posted Jun 29, 2000

Authored by Blue Panda | Site bluepanda.box.sk

iMesh 1.02 builds 116 and 177 for Windows are vulnerable to a buffer overflow that can be exploited to execute arbitrary code. Once iMesh connects to a server, it begins listening on a TCP port (varies). An attacker can connect to this port and cause an overflow which will overwrite EIP, effectively redirecting the flow of execution.

tags | exploit, overflow, arbitrary, tcp

systems | windows

SHA-256 | 7e6502a1050bf172ba5bec4d156f3a8bc7a2d4a1cece70a84fffcb07c167cf9c

Download | Favorite | View