exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 18 of 18 RSS Feed

Files Date: 2003-04-30

Posted Apr 30, 2003
Authored by Watercloud | Site xfocus.org

The enq program under AIX has an overflow that exists in the command line argument parsing. This exploit successfully utilizes the vulnerability to escalate privileges to egid=printq. Tested on AIX 4.3.3.

tags | exploit, overflow
systems | aix
SHA-256 | b9aa6fde8e33084acefb4bf66b450b630fbf86049e406631ffdece9bd065b6e7
Posted Apr 30, 2003
Authored by Secret Squirrel

A high-speed brute-force password cracker for MySQL hashed passwords. It can break an 8-character password containing any printable ASCII characters in a matter of hours.

tags | cracker
SHA-256 | 124ae704ea210354bcd693361cbb0422d6c9271c715fd794d16e619576ca22b5
Posted Apr 30, 2003

Remote root exploit for PoPToP, the PPTP server designed for Linux, versions 1.1.4-b3 and below. Fixed by blightninjas. Original code by einstein.

tags | exploit, remote, root
systems | linux
SHA-256 | 7b259fb68ba2f2394efa8a75f26c214b7561cd714f3e1726df283dfa4947ffe2
Posted Apr 30, 2003
Authored by Victor Pereira

Getdata Protocol Analyzer is another sniffer made with libpcap that supports multiple protocols like TCP, UDP, ICMP, IGMP, etc.

Changes: Added experimental support for traffic statistics and various bugfixes.
tags | tool, udp, sniffer, tcp, protocol
SHA-256 | 8285a9d512c65e7274f5cba58bb8fe1ca1b585b0e3af544f58156a031e5c130a
Posted Apr 30, 2003
Authored by Shaun Clowes | Site securereality.com.au

Injectso is a tool that can be used to inject shared libraries into running processes on Linux (x86/IA32 and Sparc) and Solaris (Sparc). It also provides routines that can be used by injected libraries to easily modify the behavior of the host process by intercepting library function calls. This allows you to intercept input or output, send and receive information over open sockets in that process, read and write to files opened exclusively by that process, close a file descriptor to a socket and redirect the i/o to a file for debugging, and much more. This is similar to an article in Phrack 59, but more refined. More information available here.

Changes: Support for symbol hash table lookups, more documentation, modified intercept routines, improved signal handling, and more.
tags | x86
systems | linux, unix, solaris
SHA-256 | 25106b23436fc67af56f43cfd1460da33596d3d37d9f72f591582b65d8ed3225
Posted Apr 30, 2003
Authored by Shaun Clowes, Neel Mehta | Site securereality.com.au

Shiva is a tool to encrypt ELF executables under Linux. Shiva can be used to wrap an executable in such a way that though it continues to run as it did before it is very difficult to debug or reverse engineer. Shiva can be used to password protect critical programs, including setuid programs, or simply to obfuscate sensitive data stored within programs.

tags | encryption
systems | linux
SHA-256 | ab9b952d330d5b067330bad8fe8c5a78d38d920e6daffaa451428a427464cd7b
Posted Apr 30, 2003
Authored by Bysin

Remote root exploit for Sendmail 8.12.8 and below that makes use of the vulnerability in prescan(). Note: This exploit is crippled and needs to be fixed.

tags | exploit, remote, root
SHA-256 | b3c08d4687af2292f82e2d9dac63e977ef8497f5afbf665b31499dbc02ad22ba
Posted Apr 30, 2003
Authored by Bysin

Remote root exploit for Sendmail 8.12.8 and below that uses the vulnerability in crackaddr().

tags | exploit, remote, root
SHA-256 | 939cd7761692b6a6fdd91b9b6e74d8c5e902c6f7530d6acd1c651d71efcfc833
Posted Apr 30, 2003
Authored by Xpl017Elz | Site inetcop.org

Local root exploit for Qpopper v4.0.x poppassd that utilizes the ability to set the smbpasswd path.

tags | exploit, local, root
SHA-256 | ce5f5d341e016678062e1b6bd29ac00f6270e383375a46773cf0166a0247087f
Posted Apr 30, 2003
Authored by Cowboy, 0x333 | Site 0x333.org

Samba 2.2.x Remote root exploit. Tested against RedHat 8.0.

tags | exploit, remote, root
systems | linux, redhat
SHA-256 | 13c39033253a9725ddb7ac8cf13eb639cca2208e1d16c19ff60bf316d0a4fbee
Posted Apr 30, 2003
Authored by netric, Sacrine | Site netric.org

A simple TCP packetlogger/sniffer for Linux which includes background logging.

tags | tcp
systems | linux
SHA-256 | 35c08a7777d1b751a168478dad9d3126b0d7fa46d8d372c1035af3c21843f383
Posted Apr 30, 2003
Authored by David Litchfield | Site ngssoftware.com

Software Insight Security Research Advisory #NISR29042003 - A classic stack based buffer overflow vulnerability exists in the Oracle database server that can be set up for exploitation by providing an overly long parameter for a connect string with the 'CREATE DATABASE LINK' query.

tags | advisory, overflow
SHA-256 | c3f8b0302120eee28deb89f9e37d6fc46825608d07e31b5127eebc4b72b60651
Posted Apr 30, 2003
Authored by Bugghy | Site vaida.bogdan.googlepages.com

bug-exploit is a utility designed to go through a list of setuid and setgid files and will assist a coder in figuring out whether or not a buffer overflow exists in the command line arguments fed to the binary.

tags | overflow
systems | unix
SHA-256 | 2e38a2ca5690f924d27eedd76b77db17c972e891c972352e2e474555002f1fe4
Posted Apr 30, 2003
Authored by Filip Waeytens | Site scanit.be

Simple Perl script to enumerate information on Machines that are running SNMP

tags | tool, scanner, perl
systems | unix
SHA-256 | 4f4f920f8b8d8bb5b11f535163c3bba075a441377d423b39895918db914bc1b4
Posted Apr 30, 2003
Authored by Emiliano Kargieman, Hernan Gips, Javier Burroni | Site coresecurity.com

Kerio Personal Firewall version 2.1.4 and below is vulnerable to a replay attack against the authenticated/encrypted channel for remote administration. A remotely exploitable buffer overflow also exists in the authentication process.

tags | advisory, remote, overflow
SHA-256 | 51f426c01a5ad688ec33c74da88fe1f7fc33549a9d8404fc4084179856d88505
Posted Apr 30, 2003
Authored by Matt 'Zola' Stevens | Site zola.org.uk

This utility scans a class C or B network for hosts infected with the Code Red II worm. It does this by checking for the presence of /scripts/root.exe which is the backdoor Code Red II leaves behind.

tags | tool, worm, root, scanner
systems | unix
SHA-256 | 9d7ac64116e321ee9ad184ad22c7d68ea6e8821fb7ce10daf672883ea8effbea
Posted Apr 30, 2003
Authored by Xpl017Elz | Site inetcop.org

INetCop Security Advisory #2003-0x82-016 - Qpopper v4.0.x poppassd, the utility that allows users to change their mail passwords, is setuid root and allows for a definable path to smbpasswd. In doing so, a local attacker can easily escalate to root privileges.

tags | advisory, local, root
SHA-256 | 20cb7ad78ee34a4462fc2669a4d2d11d3fe2de2037bd5095118d7d9b3abee361
Posted Apr 30, 2003
Authored by thc, Johnny Cyberpunk | Site thc.org

Updated version of the remote root exploit for Realserver 8 on several Windows platforms.

Changes: New shellcode added and the code has been condensed.
tags | exploit, remote, root
systems | windows
SHA-256 | faac60e3244b42b5c4ede35ae529a0d44f8df9e59b986f1e0455c38db816a155
Page 1 of 1

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    30 Files
  • 16
    Apr 16th
    10 Files
  • 17
    Apr 17th
    22 Files
  • 18
    Apr 18th
    45 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2022 Packet Storm. All rights reserved.

Security Services
Hosting By