exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 10 of 10 RSS Feed

Files Date: 2003-04-21

mod_ntlm.txt
Posted Apr 21, 2003
Authored by Matthew Murphy

mod_ntlm is the Apache module for versions 1.3 and 2.0 which gives Apache the ability to authenticate users via the NTLM authentication technology that is largely specific to Microsoft IIS. The log() function contains two remotely exploitable vulnerabilities. Both a heap overflow and an incorrect call to ap_log_rerror() allow for arbitrary code execution.

tags | exploit, overflow, arbitrary, vulnerability, code execution
SHA-256 | 802cd05c619e98126a7d5192a17c55f423eeb343fb55248fd94b28417e566c3d
monkeyHTTPd.txt
Posted Apr 21, 2003
Authored by Matthew Murphy

The Monkey HTTPd v0.6.1 web server is vulnerable to a remote buffer overflow in the handling of forms submitted with the POST request method. The unchecked buffer lies in the PostMethod() procedure.

tags | exploit, remote, web, overflow
SHA-256 | 0301f75e2783269edb2b7a6fa9c640c16ea311a21771c827602cb320b112c4d0
badblue.txt
Posted Apr 21, 2003
Authored by Matthew Murphy

BadBlue web server versions 2.15 and below have a vulnerability that allows remote attackers to gain administrative control of a server. The ext.dll that allows pages parsing with the LoadPage command attempts to prevent remote users from accessing .hts pages by checking the 'referer' HTTP header of requests, and also verifying that all requests for .hts pages originate from 127.0.0.1 (the loopback). By appending certain illegal characters to the requested filename, it is possible to cause BadBlue to interpret .hts files from a remote system, thereby yielding administrative control of the server to the attacker.

tags | exploit, remote, web
SHA-256 | 7c9fcc98b57a0be0b7411ecaa6864241a66336a2bf516c6147bd84a47cdcbafb
lkl-0.0.4.tar.gz
Posted Apr 21, 2003
Authored by Carlo Comin | Site spine-group.org

LKL is a userspace keylogger that runs under linux x86/arch. LKL logs everything which passes through the hardware keyboard port (0x60). Keycode to ASCII translation is supported.

Changes: Email feature added, code clean-up, debugging added, and more comments in the source code.
tags | x86
systems | linux
SHA-256 | f0de1933b29ee87bd407eea94eb88b315ea4ad870453c8de1332242a30529327
shellcode-v2.0.zip
Posted Apr 21, 2003
Authored by Delikon | Site delikon.de

Shellcode-v2.0 is a genetic win32 shellcode generator based mainly on kungfoo. You can generate a shellcode with the help of a GUI. Source and executable included.

Changes: The shellcode will be XOR-encoded to avoid NULLS.
tags | shellcode
systems | windows
SHA-256 | bf21bbcff72608584169174404116a665444ac4b9bdc106694a2fe9770f56f35
sp-urfuqed.pl
Posted Apr 21, 2003
Authored by Badpack3t | Site security-protocols.com

Remote exploit written in Perl for the Twilight Utilities TW-WebServer that is vulnerable to a denial of service attack by a long HTTP GET request.

tags | exploit, remote, web, denial of service, perl, file upload
SHA-256 | 5b78819f77d10006a5044fc9c98d823f9fdea06bd35a18fb71f025f700d55c14
ss-dos.c
Posted Apr 21, 2003
Authored by Shashank Pandey | Site geekgroove.8m.com

Remote exploit written in C for the Twilight Utilities TW-WebServer that is vulnerable to a denial of service attack by a long HTTP GET request.

tags | exploit, remote, web, denial of service
SHA-256 | 5af8bdb45687457c4bf9c6f394b6c9c89b07f12bfa6f277f4d309a52156f5f9f
XPracecondition.txt
Posted Apr 21, 2003
Authored by Matthew Murphy

A race condition exists in Windows XP Service Control Manager Service Shutdown Mechanism when a service shutdown is not correctly completed in a desired time period. Normal users can access open files which may end up with randomly cached data that could contain restricted data. Microsoft has not announce any plans to backport a patch but has announced that this issue will be addressed in Windows Server 2003.

tags | advisory
systems | windows
SHA-256 | 41a02ad828c3ebc0dc61cce406afdab9e7375f885ee18abb77135abf5f1365c2
arb-scan-0.5.0.tar.gz
Posted Apr 21, 2003
Site arbon.elxsi.de

Arb-Scan is a remote banner scanner, written in Bash and Perl. It currently supports ftpd, sshd, smtpd, domain, finger, httpd, pop2, pop3 and imapd banner checks. It features IP file reading and logging.

Changes: Added imapv3(port 220) banner check, renamed imap to imapv2.
tags | tool, remote, scanner, perl, bash
systems | unix
SHA-256 | d2ea910de9e48b78e8e7be942da2788ce6384cd15cf3f074f7246d83d61aa991
kripp-0.2.tar.gz
Posted Apr 21, 2003
Authored by Konstantin Klyagin | Site konst.org.ua

KRIPP is a simple and light-weight network passwords sniffer written in Perl, which uses tcpdump to intercept traffic. Can sniff and display ICQ, FTP and POP3 passwords.

Changes: New version includes HTTP support and a few bug fixes. Added support for more flavors of Unix.
tags | tool, perl, sniffer
SHA-256 | 3b877edc721b0e5395e90511a6d07a84aca22494cb6655b65de8d99e75353306
Page 1 of 1
Back1Next

File Archive:

September 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    23 Files
  • 2
    Sep 2nd
    12 Files
  • 3
    Sep 3rd
    0 Files
  • 4
    Sep 4th
    0 Files
  • 5
    Sep 5th
    10 Files
  • 6
    Sep 6th
    8 Files
  • 7
    Sep 7th
    30 Files
  • 8
    Sep 8th
    14 Files
  • 9
    Sep 9th
    26 Files
  • 10
    Sep 10th
    0 Files
  • 11
    Sep 11th
    0 Files
  • 12
    Sep 12th
    5 Files
  • 13
    Sep 13th
    28 Files
  • 14
    Sep 14th
    15 Files
  • 15
    Sep 15th
    17 Files
  • 16
    Sep 16th
    9 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    12 Files
  • 20
    Sep 20th
    15 Files
  • 21
    Sep 21st
    20 Files
  • 22
    Sep 22nd
    13 Files
  • 23
    Sep 23rd
    12 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    30 Files
  • 27
    Sep 27th
    27 Files
  • 28
    Sep 28th
    8 Files
  • 29
    Sep 29th
    14 Files
  • 30
    Sep 30th
    19 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close