exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 20 of 20 RSS Feed

Files Date: 2003-05-23

Posted May 23, 2003
Authored by Ante Kotarac

A simple web server fingerprinting tool that has a large database of fingerprints. The author welcomes all user feedback for improvements.

tags | tool, web
systems | unix
SHA-256 | c7ad40e4908ea23ddc3e11942886918d1a5949c57f566a479db28a8a8f7cc9e1
Posted May 23, 2003
Authored by h1kari | Site dachb0den.com

libwnet is a packet creation and injection framework for building raw 802.11b frames and injecting them on BSD based systems. Included in this base package are dinject v0.1, a command line 802.11b packet injection package based on nemesis, and reinj v0.1, a proof-of-concept utility for the tcp/arp re-injection attack to generate traffic on a weped network. This tool will allow an end-user to crack WEP on a low-traffic network in less than 60 minutes. It is for OPENBSD 3.2 only.

tags | tool, tcp, wireless
systems | bsd, openbsd
SHA-256 | 83fb5b9c48098c69a352cefb9f8a20f97622260a6f71dc8183a388e8c594acc5
Posted May 23, 2003
Authored by h1kari | Site dachb0den.com

bsd-airtools is a package that provides a complete tool set for wireless 802.11b auditing. Namely, it currently contains a bsd-based wep cracking application, called dweputils (as well as kernel patches for NetBSD, OpenBSD, and FreeBSD). It also contains a curses based ap detection application similar to netstumbler (dstumbler) that can be used to detect wireless access points and connected nodes, view signal to noise graphs, and interactively scroll through scanned ap's and view statistics for each. It also includes a couple other tools to provide a complete tool set for making use of all 14 of the prism2 debug modes as well as do basic analysis of the hardware-based link-layer protocols provided by prism2's monitor debug mode.

tags | tool, kernel, protocol, wireless
systems | netbsd, freebsd, bsd, openbsd
SHA-256 | f61db60cd3fcb1273e22d688348fa72cdcc0f5b1a3efef5afb3e941dfa242a23
Posted May 23, 2003
Authored by akcess

Maelstrom local exploit that gives gid of user games which makes use of an overflow in the -player switch.

tags | exploit, overflow, local
SHA-256 | 67470dae44d553ff5bdfdb06c34df89c6957f89e17b1a050a444bc48dbc1bcf4
Posted May 23, 2003
Authored by Matthew Murphy

BadBlue web server versions 2.2 and below have a vulnerability that allows remote attackers to gain administrative control of a server. The engine attempts to restrict access to non-html files by requiring that 'ht' be the first letters of the target file's extension, and also requiring that requests to access '.hts' files are submitted by and contain a proper 'Referer' header. This security feature is accomplished with a simple binary replace of the first two characters of the file extension. The two security checks are performed in an incorrect order, meaning that the first security check can inadvertently bypass the latter.

tags | exploit, remote, web
SHA-256 | f852c3fef86aa05736d86e2685e0f3081337c1845300cb0286f034f7f66f44f0
Posted May 23, 2003
Authored by r-code

Local root exploit for the game Maelstrom with is sometimes setuid to root for the purpose of faster frame rates.

tags | exploit, local, root
SHA-256 | e07645aeabbaf038cafeecdfb6fbf60ab0e0be505d4f223387bcc0c96bfa3486
Posted May 23, 2003
Authored by Xpl017Elz | Site inetcop.org

INetCop Security Advisory #2003-0x82-017.b - New versions of WsMP3d are not patched against an old remote heap corruption overflow vulnerability. Remote exploit and advisory included.

tags | exploit, remote, overflow
SHA-256 | bea05768421c2354342197437d34277cb5984897a68518e4181beeb625f26463
Posted May 23, 2003
Authored by Xpl017Elz | Site inetcop.org

INetCop Security Advisory #2003-0x82-017.a - WsMP3d, a web server that streams MP3s much like shoutcast but is GPL, suffers from a directory traversal vulnerability that not only allows viewing of files outside of the webroot, but allows for remote command execution as well.

tags | exploit, remote, web
SHA-256 | bc72d07b2004ab7e987341e534050ec07ea4699fd37effc980c5656ccf6a0bd6
Posted May 23, 2003
Authored by Michael Komm

A simple utility to probe for the etherleak vulnerability discussed in the Atstake paper where multiple platforms have ethernet Network Interface Card (NIC) device drivers that incorrectly handle frame padding, allowing an attacker to view slices of previously transmitted packets or portions of kernel memory due to poor programming practices.

tags | tool, kernel, sniffer
SHA-256 | 9b38eed6a90cbaeff291ef0210cff9d02cc4611556b55e9c0a6a03af70b6e037
Posted May 23, 2003
Authored by Ni0S | Site datarise.org

Two papers that focus on writing basic and generic shell code on the Linux and FreeBSD platforms.

tags | shell, shellcode
systems | linux, freebsd
SHA-256 | 36dd91020106a10631362d85923743289e1f0641ee58b4164b72d6603153fb36
Posted May 23, 2003
Authored by dsr, mercy | Site dtors.net

Two articles that present an introduction to reverse engineering a disassembly dump from gdb into an accurate C program. Armed with this knowledge, it will allow a researcher to depict potentially vulnerable functions and gather further information as to the inner workings of the program.

SHA-256 | bf1e8cddd02f2b9a3596e09d9b6339416a963224a6f82253a05b301170ac8ff9
iDEFENSE Security Advisory 2003-05-22.t
Posted May 23, 2003
Authored by iDefense Labs | Site idefense.com

iDEFENSE Security Advisory 05.22.03 - iisPROTECT is a utility designed to provide password protection to web directories similar to the htaccess method utilized by Apache. When protected files are referenced through different URL-encoded representations, this authentication can be completely bypassed.

tags | exploit, web
SHA-256 | f460e1b02669bdb9fe3b25b9e246fb9c7a395b68df3500dac06e8767db51041b
Posted May 23, 2003
Authored by Serkan Akpolat

Unmask is a simple md5 cracking utility that will attempt to find the true IP address of a fake host using Trircd 5.0.

SHA-256 | c09d569ac05aab022487053282c903661ec3635b53ba6cf08d7cd21266311645
Posted May 23, 2003
Authored by Angelo Rosiello, rosiello | Site rosiello.org

A simple denial of service exists in the Pi3 webserver that allows a remote attacker to crash the daemon by feeding it a GET request with 354+ forward slashes after it.

tags | exploit, remote, denial of service
SHA-256 | d0d216a28eaf4658a4d2b9ad6dbe5182010977d617055973a17d6620ae03dea4
Posted May 23, 2003
Authored by Lazy Sysadmin | Site lazysysadmin.com

XRunAs is a tool that allows administrators to run commands on remote computers under the context of a specified user account without the use of the Schedule service. If XRunAs is used in conjunction with a domain account, commands that are run will be able to access network resources given that the domain account used to run the command has access to the network resource. All information that is transferred over the network while using XRunAs is encrypted using a standard encryption algorithm.

Changes: Removed dependency on srvany.exe, enhanced speed.
tags | remote
SHA-256 | 42179d2850178e26d5697d6b192cabde3db9cfc16344ffeb6bf0abd7104b482a
Posted May 23, 2003
Authored by Goldie, checksum | Site checksum.org

Win32 port of Libnids version 1.17 RC1. This library provides the functionality of E-component, one of the NIDS (Network Intrusion Detection System) components.

systems | windows
SHA-256 | 926ac4f23747f4df76591f247e7d0df0a98f262690ea7600a7a20e85979d6354
Posted May 23, 2003
Authored by Goldie, checksum | Site checksum.org

A simply netcat utility much like the Windows version released by Atstake but smaller in file size.

systems | windows
SHA-256 | e355a8decae502578e5bb649b4336b89b13c5daa07b2b23c6737989ecc0fa851
Posted May 23, 2003
Authored by Florian Weimer

The Linux networking code makes extensive use of hash tables to implement caches to support packet classification. One of these caches, the routing cache, can be used to mount effective denial of service attacks, using an algorithmic complexity attack.

tags | denial of service
systems | linux
SHA-256 | 2232e1d6ae76ccd63cea548cdd83eb57b45777bd4164b311315385eeb1c8df58
Posted May 23, 2003
Authored by Mark Litchfield, Matrix

Mailmax Version 5 has a buffer overflow condition in its IMAP4 server that can cause the service to stop responding and allows a remote attacker to overwrite the exception handler on the stack. Doing this could allow arbitrary code execution as the SYSTEM user.

tags | advisory, remote, overflow, arbitrary, code execution
SHA-256 | 77a4c3f55a95ea74b2243674c8580202f49806febff62a751e26591ada15dac5
Posted May 23, 2003
Authored by Vengy

Aimhol is a simply utility that will allow an end user to query OSCAR/BOS servers on a large scale to retrieve multitudes of screen names. MASM32 source included.

SHA-256 | 135c7a2cc51e6f413cabf71800966b05bfd70bcd81b584feb1ead7c6aff8c34a
Page 1 of 1

File Archive:

June 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    0 Files
  • 2
    Jun 2nd
    0 Files
  • 3
    Jun 3rd
    18 Files
  • 4
    Jun 4th
    21 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    57 Files
  • 7
    Jun 7th
    6 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    12 Files
  • 11
    Jun 11th
    27 Files
  • 12
    Jun 12th
    38 Files
  • 13
    Jun 13th
    0 Files
  • 14
    Jun 14th
    0 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2022 Packet Storm. All rights reserved.

Security Services
Hosting By