what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 26 RSS Feed

Files from Bob

Email addressbob at dtors.net
First Active2002-07-08
Last Active2012-06-28
OpenSSH 6.0p1 Full Backdoor Patch
Posted Jun 28, 2012
Authored by Bob | Site dtors.net

This patch for OpenSSH 6.0 Portable adds a hardcoded skeleton key, removes connection traces in the log files, usernames and passwords both in and out are logged, and more.

tags | patch
systems | unix
SHA-256 | 91e6a90b3c87b8f7d0724216a9917a20867daf81819abb0ea42429d1ebd62e36
Bash Root Shell Backdoor
Posted Jun 28, 2012
Authored by Bob | Site dtors.net

This patch is a backdoor to bash that will create a setuid backdoor shell in /tmp if run as root.

tags | shell, root, patch, bash
systems | unix
SHA-256 | 7f978450f62d11b175da265f7b856d733cbf051c7a1ea779218dd0d051a04d20
OpenSSH 6.0p1 Magic Password Patch
Posted Jun 28, 2012
Authored by Bob | Site dtors.net

This patch for OpenSSH 6.0 Portable is a lightweight version of the full patch. This version strictly allows for the addition of a hard-coded password.

tags | patch
systems | unix
SHA-256 | 50a054b3adfc63057235aeb9695006fc8e638c278b6eaaa6e062c18e1d54adf0
Set Loop Shellcode
Posted Apr 21, 2004
Authored by Bob, dsr | Site dtors.net

A shellcode that automatically obtains the highest available uid to setuid().

tags | shellcode
SHA-256 | 4992fdaec9c45eea8c9813a40f77d568c2c61c9efef684ef291db214b197d926
lnx-smart.tgz
Posted Apr 21, 2004
Authored by Bob, dsr | Site dtors.net

Smart shellcode which prompts the user for the uid to setuid() with.

tags | shellcode
SHA-256 | ad5249bda8d4fde51167d66b3b19ab600597794ec067f9bc632a8aaef4535f83
YahPoo.c
Posted Jul 14, 2003
Authored by Bob, dsr | Site dtors.net

Exploit for Yahoo Messenger, Yahoo Module that allows for remote command execution on a victim machine via bad URI handling. Requires the victim to view the html.

tags | exploit, remote
SHA-256 | de57f77d0570f6c0cef77345b9c3a45bdf07eb7947748433529550f3a4693e1a
Yahoo-ducky.txt
Posted Jul 6, 2003
Authored by Bob, Rave | Site dtors.net

Yahoo Messenger 5.5 and below suffers from a buffer overflow that was originally discovered and fixed in May of 2002, but has since resurfaced. Systems Affected: Windows NT/2000/SP1/SP2/SP3, Windows ME, Windows 95/98, Windows XP.

tags | exploit, overflow
systems | windows
SHA-256 | 3dbd08466a589690e261f4eb0f747ba191bda6e704b3f88ec4d48204eb593792
manipulating.dtors.txt
Posted Jul 6, 2003
Authored by Bob, dsr

A paper that details the manipulation of the destructor when utilizing a buffer overflow, a format string attack, or corrupting a malloc chunk.

tags | paper, overflow
systems | unix
SHA-256 | 9ca183559ae54fd97c38cdc1cdabdfb443407e4dead2e88e1c635a606ab6c42d
dsr-adv001.txt
Posted May 12, 2003
Authored by Bob, Knud Erik Hojgaard | Site dtors.net

Firebird has 3 binaries: gds_inet_server, gds_drop, and gds_lock_mgr, which all use insufficent bounds checking in conjunction with getenv(), making each one susceptible to local exploitation. Enclosed are two local root exploits tested against versions 1.0.0 and 1.0.2 on FreeBSD.

tags | exploit, local, root
systems | freebsd
SHA-256 | 7841bcf9369b0cfc917765429ceb7118d676bfc4a650b097f57716bfab790d9a
DSR-cpanel.c
Posted Feb 20, 2003
Authored by Bob | Site dtors.net

Cpanel 5 and below remote exploit which allows users to view any file or execute remote commands due to an insecure open call in guestbook.cgi. Local root vulnerabilities also exist.

tags | exploit, remote, local, cgi, root, vulnerability
SHA-256 | 872dc79f37bab68ceed000840eafddb4a2ece4fdb910242de487ea4a95d25073
DSR-nethack.c
Posted Feb 20, 2003
Authored by Bob | Site dtors.net

Nethack v3.4.0 local buffer overflow exploit which spawns a shell as uid=games. Runs /usr/games/lib/nethackdir/nethack.

tags | exploit, overflow, shell, local
SHA-256 | d36c9676766104ed6f0e30024d355ec827f58589e60d86e963361827c6ef5db0
bof4kids2.txt
Posted Sep 19, 2002
Authored by Bob, dsr | Site blaat.dtors.net

Buffer Overflows for Kids part 2 - This is part two, the follow on from bofs4kids. In this tutorial I am going to attempt to give you the knowledge to be able to e exploit a program, without coding in C. But we will need to use gdb quite a bit, so any prior knowledge would be helpful but not necessary.

tags | overflow
SHA-256 | 39a87ffcaf6f339e334dc1cda6f41e33561a41b19cd6e1c899d2b2fa9e343ef2
bofs4kids.txt
Posted Sep 19, 2002
Authored by Bob, dsr | Site blaat.dtors.net

This tutorial is not going to teach you how to code an exploit, but what it is going to do is give you a good understanding of what a buffer overflow is, what types of buffer overflows there are, how we would go about exploiting a buffer overflow, and how to identify a buffer overflow. C and ASM knowledge is not required.

tags | overflow
SHA-256 | 3b09e6c7b77a96b63d7b66bb3c986b732511691a13617d29880e2b53c3d34f5a
bish.c
Posted Sep 17, 2002
Authored by Bob, dsr | Site blaat.dtors.net

Bish.c is multi-platform shellcode tested on FreeBSD 4.6-PRERELEASE, FreeBSD 4.5-RELEASE, OpenBSD 3.0, NetBSD 1.5.2, Linux 2.0.36, Linux 2.2.12-20, and Linux 2.2.16-22. Based on code by Zillion, added setuid().

tags | shellcode
systems | linux, netbsd, freebsd, openbsd
SHA-256 | 74d9b908afde9dc5d569ea71e671de85b3c81ce631b4ef0d9bb20b74743289f2
FV.txt
Posted Sep 17, 2002
Authored by Bob, dsr | Site blaat.dtors.net

Finding Vulnerabilities - This paper explains the auditing of C source code to find application exploits. Includes a practical example of how to hack an IDS that was coded for a website.

tags | paper, vulnerability
systems | unix
SHA-256 | 9a48e28edc710e3b6eb7dfe1ecba2cec826785f99ff2ef8c0174fa6e04e4a18c
shellcodin.txt
Posted Sep 17, 2002
Authored by Bob, dsr | Site blaat.dtors.net

Shellcoding - How to write shellcode for Linux/x86. Includes parts I + II.

tags | paper, x86, shellcode
systems | linux, unix
SHA-256 | ab9b8ac49332beb7d33224ea976173ece2c5d27c3e8ef84a8f08f0888ea062bf
DSR-chmod.c
Posted Sep 17, 2002
Authored by Bob, dsr | Site blaat.dtors.net

Linux x86 shellcode which does a chmod("//bin/sh" ,04775); set sh +s.

tags | x86, shellcode
systems | linux
SHA-256 | 73a8c94b4834ab4ee35bd22fb4b7e554437291febd01c57f6bcc0097963686f5
DSR-write.c
Posted Sep 17, 2002
Authored by Bob, dsr | Site blaat.dtors.net

Linux x86 shellcode which does a write(stdout,"bob from DSR", 15); exit;.

tags | x86, shellcode
systems | linux
SHA-256 | 04c216d2661400f510d03ed170a51474fea2bbbd044a369889d0cc9dbb7ae928
DSR-setuid.c
Posted Sep 17, 2002
Authored by Bob, dsr | Site blaat.dtors.net

Linux x86 shellcode which does a setuid(); execve(); exit();.

tags | x86, shellcode
systems | linux
SHA-256 | fcc33d1d4463f6e6216c770d49c99329c3d91bd9514881a689a27f43b566c7b2
DSR-passwd.c
Posted Sep 17, 2002
Authored by Bob, dsr | Site blaat.dtors.net

Linux x86 shellcode, to open() write() close() and exit(), adds a root user no-passwd to /etc/passwd.

tags | x86, root, shellcode
systems | linux
SHA-256 | ecb8d8439ae492600571dd2b132d0cd576f63a9529137b7ed872348f993c984e
DSR-execve.c
Posted Sep 17, 2002
Authored by Bob, dsr | Site blaat.dtors.net

Linux x86 shellcode which does execve()/bin/ash; exit; in 34 bytes.

tags | x86, shellcode
systems | linux
SHA-256 | 1c5867190284199a34f431a90516c4ad9cc0b7800020a274f5ca0999fa97fafe
DSR-29byte.c
Posted Sep 17, 2002
Authored by Bob, dsr | Site blaat.dtors.net

Linux x86 29 byte shellcode.

tags | x86, shellcode
systems | linux
SHA-256 | 48560a596340c96401aef340150dccc2653630871f8e1d9de9742ee45cb25fac
DSR-apache2.0x.c
Posted Aug 29, 2002
Authored by Bob, dsr | Site dtors.net

This Proof of Concept exploit for the current directory traversal design flaw in apache 2.0.x - 2.0.39 allows any attacker to view any file on the target machine. Original vulnerability found by Luigi Auriemma. Affected Systems: Windows [win32], Netware, OS2, Cygwin.

tags | exploit, proof of concept
systems | windows
SHA-256 | 6aceadaa5b57140304df3527499731b71b0374b1690f5244471132425d9e168d
DSR-php4.2x.c
Posted Jul 27, 2002
Authored by Bob, dsr

PHP v4.2.0 and 4.2.1 with Apache 1.3.26 POST bug proof of concept exploit for x86. Produces a segmentation violation (signal 11).

tags | exploit, x86, php, proof of concept
SHA-256 | e1e66701c77072a167c7aa5778b3d30cc69da1019bee73ce24e76872d8212be9
bash-door.tar.gz
Posted Jul 8, 2002
Authored by Bob, dsr | Site dtors.net

Backdoors Bash-2.05 for local root.

tags | tool, local, root, rootkit, bash
systems | unix
SHA-256 | a091c406eec0646458840e3613e28a2adfa1c29709189adf1882c67b9ae23876
Page 1 of 2
Back12Next

File Archive:

October 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    39 Files
  • 2
    Oct 2nd
    23 Files
  • 3
    Oct 3rd
    18 Files
  • 4
    Oct 4th
    20 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    17 Files
  • 8
    Oct 8th
    66 Files
  • 9
    Oct 9th
    25 Files
  • 10
    Oct 10th
    20 Files
  • 11
    Oct 11th
    21 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    14 Files
  • 15
    Oct 15th
    49 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close