exploit the possibilities
Showing 1 - 25 of 26 RSS Feed

Files Date: 2002-12-24

Posted Dec 24, 2002
Site microsoft.com

Microsoft Security Advisory MS02-072 - The Windows Shell has a serious buffer overflow in the routine that extracts attribute information from audio files which allows remote attackers to execute code with privileges of the user if you move your mouse pointer over an evil mp3 or wma file on a website, HTML email, or windows share. An HTML email could cause the vulnerable code to be invoked when a user opened or previewed the email.

tags | remote, overflow, shell
systems | windows
MD5 | dbdd34a9a4d287e5729ad6111853f2e8
Posted Dec 24, 2002
Site sourceforge.net

Tcpreplay v1.3.1 - Tcpreplay is a set of tools aimed at testing the performance of a NIDS by replaying real background network traffic in which to hide attacks. Tcpreplay allows you to control the speed at which the traffic is replayed, and can replay arbitrary tcpdump traces. Unlike programmatically-generated artificial traffic which doesn't exercise the application/protocol inspection that a NIDS performs, and doesn't reproduce the real-world anomalies that appear on production networks (asymmetric routes, traffic bursts/lulls, fragmentation, retransmissions, etc.), tcpreplay allows for exact replication of real traffic seen on real networks.

Changes: Fixes a packaging problem that caused compilation issues on non-Linux systems.
tags | tool, arbitrary, protocol, intrusion detection
systems | unix
MD5 | 98d2082769ca3aa34c923998126db8af
Posted Dec 24, 2002
Site relevanttechnologies.com

A detailed vendor analysis on Kaspersky's line of anti-virus products.

tags | paper, virus
MD5 | a3fb0418877ad5b3027e97a141cf113f
Posted Dec 24, 2002
Authored by Nelson Murilo | Site chkrootkit.org

Chkrootkit locally checks for signs of a rootkit. Includes detection of LKM rootkits, ifpromisc.c to check and see if the interface is in promisc mode, chklastlog.c to check lastlog for deletions, and chkwtmp.c to check wtmp for deletions. Tested on Linux 2.0.x, 2.2.x and 2.4.x, FreeBSD 2.2.x, 3.x and 4.x, OpenBSD 2.6, 2.7, 2.8, 2.9, 3.0 and 3.1, NetBSD 1.5.2 and Solaris 2.5.1, 2.6 and 8.0.

Changes: chkdirs.c added. chkproc.c improvements. Now includes slapper B, sebek LKM, LOC, and Romanian rootkit detection. new test added: trojan tcpdump. Minor bug fixes in the chkrootkit script.
tags | tool, integrity, rootkit
systems | linux, netbsd, unix, solaris, freebsd, openbsd
MD5 | 53a0d56d8b5bd1300237fc448c0b37eb
Posted Dec 24, 2002
Authored by Dan Kaminsky | Site doxpara.com

Paketto Keiretsu v1.10 implements many of the techniques described in recent here.

Changes: Now has OpenBSD and Solaris support. A new Distco mode actively discovers the distance to remote hosts by analyzing the TTL in returned TCP RST packets. Libnet was patched to pack its variables. Traceroute hopcount determination was improved.
systems | unix
MD5 | 7fd82af09a6493f24c8681f7bbf03898
Posted Dec 24, 2002
Site thc.org

s390 portbinding shellcode.

tags | shellcode
MD5 | ada4dee501818a29ef45a4bc19a9c3be
Posted Dec 24, 2002
Site thc.org

Setuid/setgid 0 execve s390 shellcode.

tags | shellcode
MD5 | 707d6b6af82a86eaf60c1c0a07e21f83
Posted Dec 24, 2002
Site thc.org

s390 shellcode which connects back to a listening netcat on port 31337 by default.

tags | shellcode
MD5 | d0cc0d8c977991206d8fe2e6f1c6b982
Posted Dec 24, 2002
Site thc.org

s390 shellcode which breaks out of a chrooted environment with setuid / setgid.

tags | shellcode
MD5 | 7fd4ef3e9447f9bfe4d2510bd63149c3
Posted Dec 24, 2002
Authored by Innerphobia

Remote buffer overflow exploit for the melange chat server v1.10. Tested on SuSE 8.0 and Redhat 7.3.

tags | exploit, remote, overflow
systems | linux, redhat, suse
MD5 | eb0643524b95dd0331af7784ffa7fcf1
Posted Dec 24, 2002
Authored by Vic Abell

Lsof is an extremely powerful unix diagnostic tool. Its name stands for LiSt Open Files, and it does just that. It lists information about any files that are open by processes currently running on the system. It easily pinpoints which process is using each network connection / open port. FAQ available here.

Changes: Implemented the HASNOSOCKSECURITY compile-time option which causes lsof to list only the user's open files, but will also list anyone else's open socket files, provided the "-i" option selects their listing. Added support for OpenBSD 3.2 and its kernel trace file. Improved lsof help (-h) and version (-v) information reporting. Upgraded True 64 UNIX support to the 5.1B release. Fixed a FreeBSD 4.7 and above off-by-two UNIX domain socket path termination bug.
tags | tool, intrusion detection
systems | unix
MD5 | 599d7b86ed67818509fc4c6fee4433cc
Posted Dec 24, 2002
Authored by teso | Site teso.scene.at

Burneye ELF encryption program 1.0.1 with full source and docs.

MD5 | 848ae0d696d2438a01753a0fad665270
Posted Dec 24, 2002

Krb 4-1.2 kadmind remote stack overflow remote root exploit for FreeBSD 4.x, BSD/OS 4.2, SUSE 8.0, OpenBSD 2.9 and 3.0, Slackware 8.0, and OpenWall 0.10.

tags | exploit, remote, overflow, root
systems | linux, freebsd, suse, bsd, slackware, openbsd
MD5 | 8552bda183d078984fb3df592e0d2a7c
Posted Dec 24, 2002
Authored by Leech

Fake Freebsd-4.6 remote telnetd setenv() heap overflow exploit which is very similar to 7350854.c.

tags | exploit, remote, overflow
systems | freebsd
MD5 | 434ec5141e899879ea5f80edadf2238e
Posted Dec 24, 2002
Authored by Irian

Cyrus-imap v2.1.10 remote exploit. Tested against Slackware linux v8.0 with glibc-2.2.3 and kernel 2.4.19. Localhost IP is hard coded.

tags | exploit, remote, kernel, imap
systems | linux, slackware
MD5 | afbe9453571139bd2ac3ca8601630a09
Posted Dec 24, 2002
Authored by Icesk

Tcpdump v3.6.3 remote root exploit. Tested against FreeBSD-4.6.

tags | exploit, remote, root
systems | freebsd
MD5 | dd364284b9e6dca09cb5ff4e7d13c6b5
Posted Dec 24, 2002
Authored by v1pee//nerf | Site nerf.ru

Local /sbin/ifenslave buffer overflow exploit tested on Redhat 8.0.

tags | exploit, overflow, local
systems | linux, redhat
MD5 | da70c26f960c310b74891c2f214de527
Posted Dec 24, 2002
Authored by Knight420

artyfarty.c is a local root /opt/kde/bin/artswrapper exploit tested against Slakware 8.1. Artswrapper is setuid on some distributions.

tags | exploit, local, root
MD5 | 5d4fe9514d8fcdb1df0501a379536b86
Posted Dec 24, 2002
Authored by Dekadish

WU-IMAP v2000.287 linux/x86 remote root exploit. Tested against Debian 2.2. This code is also known as 7350owex.c.

tags | exploit, remote, x86, root, imap
systems | linux, debian
MD5 | 8d14482320cf3f9273391a43e04ffa6b
Posted Dec 24, 2002
Authored by Sunnyholer

0x09wule.c is a Linux/x86 wu-ftpd v2.6.2(1) remote root exploit. Tested against RedHat 7.2 running wu-ftpd-2.6.2(1) on the default install. Note: This exploit is reported to be old and does not work.

tags | exploit, remote, x86, root
systems | linux, redhat
MD5 | a7b2bf13c624a3f76c3a4f0b91a59c30
Posted Dec 24, 2002
Authored by electronicsouls, Brain Storm

ES-Malaria is a ptrace() injector.

tags | tool, rootkit
systems | unix
MD5 | 7fe96ade196dc0c3b70e65b6ce6b8242
Posted Dec 24, 2002
Authored by Securma Massine

The Hyperion FTP Server v2.8.11 and below for Windows 95/98/NT/2000 contains a buffer overflow in ftpservx.dll which allows remote code execution.

tags | advisory, remote, overflow, code execution
systems | windows, 9x
MD5 | 792d44051f6dac84c2bb56401940a3d5
Posted Dec 24, 2002
Authored by phish

Sneaky-sneaky is a bidirectional spoofed ICMP tunnel backdoor that has built-in encryption and logging capabilities. It communicates via echo replies keeping the true source IP address encrypted inside of the payload.

Changes: Now with delays, decoys, timeouts and spoofing options.
tags | tool, spoof, rootkit
systems | unix
MD5 | d670d308e31f0caca1bda8cde0fc72c2
iDEFENSE Security Advisory 2002-12-23.t
Posted Dec 24, 2002
Authored by Zen-Parse, iDefense Labs | Site idefense.com

iDEFENSE Security Advisory 12.23.02 - Easy Software Products' Common Unix Printing System (CUPS) and Xpdf contains an integer overflow which allows local users to access to privileges of the lp user.

tags | advisory, overflow, local
systems | unix
MD5 | b9f198d095e9f137bc9fc1167f95bfe7
Posted Dec 24, 2002
Authored by Advanced Research Corporation | Site www-arc.com

Security Auditor's Research Assistant (SARA) is a security analysis tool based on the SATAN model. It is updated twice a month to address the latest threats. Checks for common old holes, backdoors, trust relationships, default cgi, common logins, open shares, and much more.

Changes: Added test for newdsn.exe, Microsoft IIS Executable File Parsing, Updated smb.sara to check for user enumeration, registry access, and guessable passwords, Updated to detect vulnerable mysql services, fixed bugs.
tags | tool, cgi, scanner
systems | unix
MD5 | 21204242b33e2a87edce2b89684926d0
Page 1 of 2

File Archive:

June 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    10 Files
  • 2
    Jun 2nd
    9 Files
  • 3
    Jun 3rd
    0 Files
  • 4
    Jun 4th
    0 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    0 Files
  • 7
    Jun 7th
    0 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    0 Files
  • 11
    Jun 11th
    0 Files
  • 12
    Jun 12th
    0 Files
  • 13
    Jun 13th
    0 Files
  • 14
    Jun 14th
    0 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2020 Packet Storm. All rights reserved.

Security Services
Hosting By