Twenty Year Anniversary
Showing 26 - 50 of 51 RSS Feed

Files from Ramon de C Valle

Email addressprivate
First Active2003-09-13
Last Active2015-11-06
View User Profile
Linux eCryptfs parse_tag_11_packet Literal Data Overflow
Posted Jul 28, 2009
Authored by Ramon de C Valle | Site risesecurity.org

There exists a vulnerability within a function of Linux eCryptfs (Enterprise Cryptographic Filesystem), which when properly exploited can lead to compromise of the vulnerable system. This vulnerability was confirmed in the Linux kernel version 2.6.30.3. Linux kernel versions 2.6.19 and later have eCryptfs support and may be also affected.

tags | advisory, kernel
systems | linux
MD5 | 64aafba24cc62576d7aa592e5f3f57b8
TooTalk Buffer Overflow
Posted Jun 20, 2009
Authored by Ramon de C Valle, Adriano Lima | Site risesecurity.org

ToolTalk suffers from a rpc.ttdbserverd _tt_internal_realpath related buffer overflow vulnerability. IBM AIX versions 5.1.0 through 6.1.3 appear affected.

tags | advisory, overflow
systems | aix
MD5 | 419e81bb2e4ca5dac3f2b938870caa9e
Linux On Power/Cell BE Architecture Buffer Oveflows
Posted Jan 15, 2009
Authored by Ramon de C Valle | Site risesecurity.org

Whitepaper called Linux on Power/Cell BE Architecture Buffer Overflow Vulnerabilities.

tags | paper, overflow, vulnerability
systems | linux
MD5 | 21f4d600b502ac9a6ff01a502e440d66
Linux Slab Allocator Buffer Overflow Vulnerabilities
Posted Dec 12, 2008
Authored by Ramon de C Valle | Site risesecurity.org

This article discusses buffer overflow vulnerabilities in Linux kernel's Slab Allocator. All examples presented on this article were developed and executed on a x86 processor-based machine running Slackware Linux 10.2. Previous knowledge of buffer overflows is required.

tags | paper, overflow, x86, kernel, vulnerability
systems | linux, slackware
MD5 | 43b5680bee813109f98fd58f1f611cfe
unixasm-1.3.0.tar.gz
Posted Nov 18, 2008
Authored by Ramon de C Valle | Site risesecurity.org

A collection of shellcodes for various platforms such as bsd-x86, linux-x86, sco-x86, and solaris-x86. This project contains a set of assembly components for proof of concept codes on different operating systems and architectures. These components were carefully designed and implemented for maximum reliability, following strict coding standards and requirements, such as system call invocation standards, position independent, register independent and zero free code. A special attention was put on code length when designing and implementing them, resulting in the most reliable and shortest codes for such purpose available today.

Changes: Some small bug fixes to AIX Power assembly components and payload modules. New assembly components and payload modules for AIX Power. New assembly components and payload modules for Linux Power/Cell Broadband Engine Architecture. New assembly components and payload modules for Linux Power/Cell Broadband Engine Architecture.
tags | x86, shellcode, proof of concept
systems | linux, solaris, bsd
MD5 | 4083bae1e65229922048b72f023ca139
unixasm-1.2.0.tar.gz
Posted Sep 11, 2008
Authored by Ramon de C Valle | Site risesecurity.org

A collection of shellcodes for various platforms such as bsd-x86, linux-x86, sco-x86, and solaris-x86. This project contains a set of assembly components for proof of concept codes on different operating systems and architectures. These components were carefully designed and implemented for maximum reliability, following strict coding standards and requirements, such as system call invocation standards, position independent, register independent and zero free code. A special attention was put on code length when designing and implementing them, resulting in the most reliable and shortest codes for such purpose available today.

Changes: This new version includes new Network server code (bndsockcode), Network connect code (cntsockcode) and Find socket code (fndsockcode) assembly components for AIX POWER/PowerPC.
tags | x86, shellcode, proof of concept
systems | linux, solaris, bsd
MD5 | 21d668df5ccda18111116a361c67de33
unixasm-1.1.0.tar.gz
Posted Feb 8, 2008
Authored by Ramon de C Valle | Site risesecurity.org

A collection of shellcode for various platforms bsd-x86, linux-x86, sco-x86, and solaris-x86. This project contains a set of assembly components for proof of concept codes on different operating systems and architectures. These components were carefully designed and implemented for maximum reliability, following strict coding standards and requirements, such as system call invocation standards, position independent, register independent and zero free code. A special attention was put on code length when designing and implementing them, resulting in the most reliable and shortest codes for such purpose available today.

tags | x86, shellcode, proof of concept
systems | linux, solaris, bsd
MD5 | 7acca0d1774b5bc17f886e2fbed28efb
RISE-2007004.txt
Posted Nov 16, 2007
Authored by Ramon de C Valle, Adriano Lima | Site risesecurity.org

There exists a vulnerability within an architecture dependent function of the Apple Mac OS X 10.4.x kernel, which when properly exploited can lead to local compromise of the vulnerable system. Proof of concept code included.

tags | exploit, kernel, local, proof of concept
systems | apple, osx
MD5 | f7cb9a678cad1e52e9b8323a667b2f32
RISE-2007003.txt
Posted Oct 5, 2007
Authored by Ramon de C Valle, Adriano Lima | Site risesecurity.org

There exists multiple vulnerabilities within functions of Firebird Relational Database, which when properly exploited can lead to remote compromise of the vulnerable system.

tags | advisory, remote, vulnerability
MD5 | 753f638ff1f38bd6f940a2b2e36a9a86
RISE-2007002.txt
Posted Oct 5, 2007
Authored by Ramon de C Valle, Adriano Lima | Site risesecurity.org

There exists multiple vulnerabilities within functions of Borland InterBase, which when properly exploited can lead to remote compromise of the vulnerable system.

tags | advisory, remote, vulnerability
MD5 | 85a799f75c832790b0ad9494e597ebd7
interbase_create.rb.txt
Posted Aug 8, 2007
Authored by Ramon de C Valle, Adriano Lima

This Metasploit module exploits a stack overflow in Borland Interbase 2007 by sending a specially crafted create request.

tags | exploit, overflow
advisories | CVE-2007-3566
MD5 | 3ef34ee4eb779dc56090ec465f15b7e8
lsa_transnames_heap-osx.rb.txt
Posted Jul 26, 2007
Authored by H D Moore, Ramon de C Valle, Adriano Lima | Site risesecurity.org

This Metasploit module triggers a heap overflow in the LSA RPC service of the Samba daemon. This module uses the szone_free() to overwrite the size() or free() pointer in initial_malloc_zones structure. OSX version.

tags | exploit, overflow
systems | apple
advisories | CVE-2007-2446
MD5 | 1489b440c6e816a74e273d76060e724f
lsa_transnames_heap-solaris.rb.txt
Posted Jul 26, 2007
Authored by H D Moore, Ramon de C Valle, Adriano Lima | Site risesecurity.org

This Metasploit module triggers a heap overflow in the LSA RPC service of the Samba daemon. This module uses the TALLOC chunk overwrite method (credit Ramon and Adriano), which only works with Samba versions 3.0.21 through 3.0.24. Additionally, this module will not work when the Samba "log level" parameter is higher than "2". Solaris version.

tags | exploit, overflow
systems | solaris
advisories | CVE-2007-2446
MD5 | 9f07c9cd8fd013c9608f103024c1c839
lsa_transnames_heap-linux.rb.txt
Posted Jul 26, 2007
Authored by H D Moore, Ramon de C Valle, Adriano Lima | Site risesecurity.org

This Metasploit module triggers a heap overflow in the LSA RPC service of the Samba daemon. This module uses the TALLOC chunk overwrite method (credit Ramon and Adriano), which only works with Samba versions 3.0.21 through 3.0.24. Additionally, this module will not work when the Samba "log level" parameter is higher than "2". Linux version.

tags | exploit, overflow
systems | linux
advisories | CVE-2007-2446
MD5 | 4f3d9021ab7aeab8ee51f9ee5605ad0c
mswin-anim.txt
Posted Jun 11, 2007
Authored by Ramon de C Valle | Site risesecurity.org

Microsoft Windows animated cursor stack overflow exploit with reverse shellcode.

tags | exploit, overflow, shellcode
systems | windows
MD5 | 6052eb221c6b2c346813e542f18279ae
RISE-2006002.txt
Posted Oct 2, 2006
Authored by Ramon de C Valle, RISE Security | Site risesecurity.org

RISE-2006002: There exists a vulnerability within a architecture dependent function of the FreeBSD kernel (FreeBSD 5.2-RELEASE through FreeBSD 5.5-RELEASE), which when properly exploited can lead to local compromise of the vulnerable system. This vulnerability was fixed in FreeBSD 6.0-RELEASE, but production (legacy) releases 5.2 through 5.5 are still vulnerable.

tags | advisory, kernel, local
systems | freebsd
MD5 | f2780f72b89096adff1c6779d3cc1a1f
sco-x86-xkb.c
Posted Sep 8, 2006
Authored by Ramon de C Valle, RISE Security | Site risesecurity.org

Proof of concept code for the X11R6 XKEYBOARD extension strcmp() buffer overflow vulnerability. Written for SCO UnixWare 7.1.3.

tags | exploit, overflow, proof of concept
systems | unixware
MD5 | 97f83a40b64fafcd498739b46be1edb6
sol-x86-xkb.c
Posted Sep 8, 2006
Authored by Ramon de C Valle, RISE Security | Site risesecurity.org

Proof of concept code for the X11R6 XKEYBOARD extension strcmp() buffer overflow vulnerability. Written for Solaris 8, 9, and 10 on the x86 architecture.

tags | exploit, overflow, x86, proof of concept
systems | solaris
MD5 | 5e33870c66dee8090b827d1e90fca1de
sol-sparc-xkb.c
Posted Sep 8, 2006
Authored by Ramon de C Valle, RISE Security | Site risesecurity.org

Proof of concept code for the X11R6 XKEYBOARD extension strcmp() buffer overflow vulnerability. Written for Solaris 8, 9, and 10 on the SPARC architecture.

tags | exploit, overflow, proof of concept
systems | solaris
MD5 | d519d3c2e1c4a250425f76b723ca6a87
RISE-2006001.txt
Posted Sep 8, 2006
Authored by Ramon de C Valle, RISE Security | Site risesecurity.org

There exists a vulnerability within a string manipulation function of the X11R6 (X11R6.4 and lower) X Window System library, which when properly exploited can lead to local compromise of the vulnerable system.

tags | advisory, local
MD5 | 95101d42b595fa4ece656cd209c5f556
osx86_mmdfdeliver.c
Posted Oct 26, 2004
Authored by Ramon de C Valle

MMDF deliver local root exploit for SCO OpenServer 5.0.7 x86.

tags | exploit, x86, local, root
advisories | CVE-2004-0510
MD5 | fb00af86ece2ed6422cdbc89c50c5b4c
unixasm-1.0.0.tar.gz
Posted Oct 24, 2004
Authored by Ramon de C Valle | Site risesecurity.org

A collection of shellcode for various platforms bsd-x86, linux-x86, sco-x86, and solaris-x86.

tags | x86, shellcode
systems | linux, solaris, bsd
MD5 | fc13f3ccec0ad1229966cbedb1d54ea5
x86-linux-shellcode
Posted Sep 13, 2003
Authored by Ramon de C Valle | Site risesecurity.org

Code that executes /bin/sh.

tags | shellcode
MD5 | 09ca8554189e398cd233066a12895d8c
x86-linux-setuidcode
Posted Sep 13, 2003
Authored by Ramon de C Valle | Site risesecurity.org

Code that attempts to restore root privileges.

tags | root, shellcode
MD5 | ef537511fd224aa6b8ecc0d1d33c335c
x86-linux-bindsocketshellcode
Posted Sep 13, 2003
Authored by Ramon de C Valle | Site risesecurity.org

Network server code that creates a listening TCP socket on port 65535 and executes /bin/sh.

tags | tcp, shellcode
MD5 | e48352b79c2f4c657379c300f2eb79c0
Page 2 of 2
Back12Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

April 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    5 Files
  • 2
    Apr 2nd
    17 Files
  • 3
    Apr 3rd
    11 Files
  • 4
    Apr 4th
    21 Files
  • 5
    Apr 5th
    17 Files
  • 6
    Apr 6th
    12 Files
  • 7
    Apr 7th
    1 Files
  • 8
    Apr 8th
    6 Files
  • 9
    Apr 9th
    21 Files
  • 10
    Apr 10th
    18 Files
  • 11
    Apr 11th
    42 Files
  • 12
    Apr 12th
    7 Files
  • 13
    Apr 13th
    14 Files
  • 14
    Apr 14th
    1 Files
  • 15
    Apr 15th
    1 Files
  • 16
    Apr 16th
    15 Files
  • 17
    Apr 17th
    20 Files
  • 18
    Apr 18th
    24 Files
  • 19
    Apr 19th
    20 Files
  • 20
    Apr 20th
    2 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close