This Metasploit module attempts to to bypass authentication using the WebDAV IIS6 Unicode vulnerability discovered by Kingcope. The vulnerability appears to be exploitable where WebDAV is enabled on the IIS6 server, and any protected folder requires either Basic, Digest or NTLM authentication.
5012479314892cd881dad187059b4c650acb9e753aec5bd911756919ebc31af4This Metasploit module generates a valid wpad.dat file for WPAD mitm attacks. Usually this module is used in combination with DNS attacks or the NetBIOS Name Service Spoofer module. Please remember as the server will be running by default on TCP port 80 you will need the required privileges to open that port.
dea84a22b01768d6a2d562778fdb7f6500af85950b2379daed227689d270ea29This Metasploit module exploits the buffer overflow found in the MKD command in IPSWITCH WS_FTP Server 5.03 discovered by Reed Arvin.
a02f6ac90722950f7cf9e9ec7de40ea0b4e16e7333b5eec50d5a521bbc791950Perl exploit for IPSwitch WhatsUp Gold version 8.03 that is susceptible to a remote buffer overflow. Tested on Win2k SP4. Successful exploitation binds a shell on port 28876.
b7b7d1f951c995bd27e62ff153bb7f9993e73e740853df20fdf3c84d9b75a8d6Shatter Master is a win32 program made in VB6 to develop and exploit shatter attacks in Windows NT/2k/XP. Related information available here.
c5950147449ed4a389f5d8bef53044cb8e1930a127a12b45da93507005f58a57Wmap v1.3 is a cgi scanner that attempts to be smarter than most. To increase the chance of finding useful stuff, wmap has a file containing interesting Directories (dirs.db) and other file containing common cgi dirs (dircgis.db) to search for. If a directory is found is added to the test. This include all the directories that are found in the html tags. For each directory found, not only scans for vulnerable CGI's (cgis.db) it scan for interesting files (ex. passwords.tmp) included in the file (file.db) and does an http PUT scan.
ac3b777a7381abf8276557c6f9dd8e715134d18322a8f3c05dc95e3bee0f5fe2Wmap v1.2 is a cgi scanner that attempts to be smarter than most. To increase the chance of finding useful stuff, wmap has a file containing interesting Directories (dirs.db) and other file containing common cgi dirs (dircgis.db) to search for. If a directory is found is added to the test. This include all the directories that are found in the html tags. For each directory found, not only scans for vulnerable CGI's (cgis.db) it scan for interesting files (ex. passwords.tmp) included in the file (file.db) and does an http PUT scan.
9401723e6a8fa8cef94bcdef5cc3e81baf2fd849c83c526c353df37664fcb743The Snoop Servlet on Release Build 3.1 and 3.0 of Tomcat from Apache Software Foundation reveals the full path to the webserver and OS.
4412a9fbf956a5c83fe9f9fb236ddce13ba9aaa0a2f53e147babce25c1a4ca6bTomcat v3.1 from the Apache Software Foundation displays the full path of the web server.
5db9188e04c6196fa5da09380ae76d6c9cd1be4273d6f1aaeb04095b15504e03LoWNOISE - ISMyASP - IIS ASP source code viewer using the ISM.DLL buffer truncation bug.
9241f106e5a1324d8a3d58d2cb7e0f90b573f60e513c6fc2476e0f44a3d799b3RightFax Web Client v5.2 allows anyone to hijack user's faxes.
b1cf8e924a8955fbca00ac2f800a2f581144ff0653bec1c93bfc51551e925f07sslcrack is a basic VB5 win9x brute force PIN SSL cracker. Zip includes HomeBanking.txt, which explains a common weakness in Home Banking systems that allows brute forcing the PIN.
11b9ec1913a404f6702c653d2d48e9dafae7c4ae3d992e80bf89f454dba7654dHow To Break Out of Restricted Shells and Menus, v2.3 - An excellent whitepaper detailing methods for breaking out of virtually any kind of restricted shell or menu you might come across.
0360f346bef57652d779fb01c3362de641f401dfd13d44fbab3f2c7c778c40b3PADLOCK-IT v1.01 contains numerous security holes and improperly manages passwords, making for a very unsecure implementation of the Twofish encryption algorithm.
c38a94329ea92d8f5dd5c2d3c70347785d9d8ea9241027546f6eac17314e04bdLoWKILL 2.1 is a Windows9x/NT port of the modem escape character Denial of Service exploit (+++ATHO). Designed for a user-friendly, low-quality, low-performance enviroment, LoWKILL 2.1 allows you to target entire subnets and select custom escape character sequences to kill Internet connections remotely.
79299c40c71a574ff56108046c9f12a209d6cb0607ca6067375edbdf9856a756The password protection program PADLOCK-IT Version 1.01 does not properly implement the TwoFish encryption used, rendering both the encryption algorithm and the software program security meaningless.
66148569b9eddf84dbdfee993d8bd1cd3c80b68754b5bbc178f3b54e7f1fd1fa
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed