what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 14 of 14 RSS Feed

Files from Jesus Oquendo

Email addresssil at infiltrated.net
First Active2006-07-26
Last Active2014-06-13
Yealink VoIP Phones XSS / CRLF Injection
Posted Jun 13, 2014
Authored by Jesus Oquendo

Yealink VoIP Phones suffer from CRLF injection and cross site scripting vulnerabilities. This affects firmware version 28.72.0.2 and hardware version 28.2.0.128.0.0.0.

tags | exploit, vulnerability, xss
advisories | CVE-2014-3427, CVE-2014-3428
SHA-256 | 5877e5e599e1ec8f3252efb057e48af4340a62c662c79b06e1baef4de7a15174
Ops View Pre 4.4.1 Blind SQL Injection
Posted Oct 29, 2013
Authored by Jesus Oquendo

Ops View version pre 4.4.41 suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2013-5694
SHA-256 | 92acf8e21feac8586d79811c350e5a6dedf7fd0f2d984f37157264df9d4b6078
Ops View Pre 4.4.1 Cross Site Scripting
Posted Oct 28, 2013
Authored by Jesus Oquendo

Ops View version pre 4.4.41 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2013-5695
SHA-256 | f03cc918c29800f4fb81785310e92c629c35a77aaa048713a3b86f607b6c1b59
Adtran Netvanta 7100 Bypass / XSS / Injection
Posted Sep 19, 2013
Authored by Jesus Oquendo

Adtran Netvanta 7100 with firmware prior to R10.5.3.HA suffers from bypass, injection, and cross site scripting vulnerabilities.

tags | advisory, vulnerability, xss, bypass
advisories | CVE-2013-5210
SHA-256 | de57cf95a25a199d03c85cba970136084ba737d94ce33a865bda94b7d07f6e41
Ransack Post Exploitation Tool
Posted May 3, 2012
Authored by Jesus Oquendo

Ransack is a post exploitation shellscript for penetration testers. Its purpose is to grab any information deemed relevant on a system, post root compromise. This information may include config files, ssh keys, ssl keys, or any other information deemed valuable.

tags | tool, root, forensics
SHA-256 | aa3c9a1ec450a0d4938e11d530ee62851d77207f5fd3de404050516ca2d51b5a
Phorensix VoIP Forensics Tool For Asterisk 1
Posted Jan 11, 2011
Authored by Jesus Oquendo

Phorensix is a post-login VoIP forensics tool created for Asterisk (tested on Asterisk 1.4.5 to be exact). Phorensix takes a look at a rogue host connecting to a vulnerable account. Who is connecting, where are they coming from, what are they doing to my PBX, what are they doing ON MY PBX.

tags | tool, forensics
SHA-256 | c1c3095c55f2ee325938757792b91d6a8739f648eb60657a6fc3e8c534058355
ie7-dos.txt
Posted Apr 19, 2007
Authored by Jesus Oquendo | Site infiltrated.net

Microsoft Internet Explorer version 7.0.5730.11 is susceptible to a denial of service condition via a malicious script tag.

tags | exploit, denial of service
SHA-256 | 32587f15bbb42c74cfa9fc2813a6618500bf3892730f92d4f3161e81ef007b14
sharpener.txt
Posted Nov 21, 2006
Authored by Jesus Oquendo | Site infiltrated.net

Sharpener is an ssh brute force blocking tool for Linux and the BSD's (Open/Net/Free). It runs in cron and parses out the brute force attempts to your server and automatically blocks those hosts from connecting. The script will also send an email of the attackers address to an account.

systems | linux, unix, bsd
SHA-256 | 0f0f3d5796706797226b090e68269f4841ad31cd4e8d7f8814fefb9374304dd7
modsecips.html
Posted Nov 13, 2006
Authored by Jesus Oquendo | Site infiltrated.net

Securing LAMP - A whitepaper that discusses a methodology to configure, test, and run a Secure LAMP environment.

tags | paper
SHA-256 | 0a73c4ff31794a44f95f44d0961f1120c44546bc0cf54caca727cf680291cce0
asterisk-bugtraq.asc
Posted Nov 3, 2006
Authored by Jesus Oquendo | Site infiltrated.net

A vulnerability exists in the SIP channel driver (channels/chan_sip.c) in all versions of Asterisk prior to 1.2.13. Local and remote attackers are able to cause a denial of service (resource consumption) via unspecified vectors that result in the creation of "a real pvt structure" that uses more resources than necessary.

tags | advisory, remote, denial of service, local
advisories | CVE-2006-5445
SHA-256 | a0b69f47536e73b285c774a48e73b782b7e994f357ef89aaf93b8cc152f27fde
asteroidv1.tar.gz
Posted Nov 3, 2006
Authored by Jesus Oquendo | Site infiltrated.net

Asteroid is a SIP Denial of Service testing tool. It consists of over 36,000 unique SIP packets and can be quickly modified to create others. Packets are grouped into their respective types (INVITES, BYE, CANCEL, etc.) and can be sent individually or called from a shell script and sent in clusters. Asteroid has effectively crashed all versions of Asterisk up until 1.2.13 and greater which were patched against the sequence which caused the crash.

tags | denial of service, shell
SHA-256 | 5869a4e08a370e2d07a88385b15e2b22923f638f5bd2d85e4e36f4bcae2197d4
asterisk-1.2.13.txt
Posted Oct 30, 2006
Authored by Jesus Oquendo | Site infiltrated.net

Asterisk Open Source PBX versions prior to 1.2.13 are vulnerable to local and remote denial of service attacks via a sequence of malformed packets.

tags | advisory, remote, denial of service, local
SHA-256 | 2b0be2f77b87a8b5e9ce286060248fb1dbf05ea28f09a44a6813660999d9e6f6
plague.txt
Posted Oct 27, 2006
Authored by Jesus Oquendo | Site infiltrated.net

Plague is an odd proof of concept backdoor tool based on the premise of using existing system files and commands to keep and maintain a backdoor on Linux systems. Uses awk and sed to make malicious commands seem innocuous.

tags | tool, rootkit, proof of concept
systems | linux, unix
SHA-256 | 6e5511d6e1d98fbe28a389f584a60200782738f61d0f946455bb06699e5de469
Achilles.c
Posted Jul 26, 2006
Authored by Jesus Oquendo

Modified version of the Achilles Windows Attack Tool that Microsoft claims does not demonstrate a denial of service vulnerability.

tags | exploit, denial of service
systems | windows
SHA-256 | 564614ac339c305d4dbfa6c62e1cd6f17eebc97d75ee17486b08afe3aedaa552
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close