exploit the possibilities
Showing 1 - 25 of 94 RSS Feed

Files Date: 2003-05-01 to 2003-05-31

Posted May 30, 2003
Authored by Floydman | Site securit.iquebec.com

LogIDS 1.0 is a real-time, log-analysis based intrusion detection system able to analyze log files from various sources, and can be used with LogAgent 4.0 to supply these log files. This utility allows for a user specified formatting of each log file it utilizes which then enables an end user to define rules for each of the files given, resulting in one single interface to analyze and display all this data gathered from varied sources, IE. Event Viewer, ComLog, antivirus logs, personal firewall logs, Snort logs, LogAgent 4.0 Pro Logs, ADSscan, IntegCheck, just to name a few examples. The interface is also pretty innovative as the GUI is a logical representation of your network architecture, where each node possesses its own window where logs belonging to it are displayed. Sounds can also be emitted for alerts and warnings with this utility. Screen captures are available here.

MD5 | f96604ce04c23e41dfef32bdd05ecc26
Posted May 30, 2003
Authored by Pokleyzz | Site scan-associates.net

b2 cafelog is a blogger system that comes with the b2-tools directory. The PHP scripts contained within this directory allow a remote user to specify input for a variable that in turn allows for remote command execution.

tags | exploit, remote, php
MD5 | ea5c0bc0de678c217be1cbe85a7d9052
Posted May 30, 2003
Authored by Pokleyzz | Site scan-associates.net

Geeklog version 1.3.7ar1 and below is susceptible to multiple vulnerabilities. There is a SQL integer manipulation flaw in the authentication script that will allow a remote attacker to get administrative access and there is also a lack of error checking when images are uploaded that allow an attacker to upload files with php code that can be used to execute any command as apache user on remote server.

tags | exploit, remote, php, vulnerability
MD5 | 3dd132c2b949914f5bf8010768bf739e
Posted May 30, 2003
Authored by Michael Scheidell | Site secnap.net

The Goldmine mail agent can run arbitrary code via a malicious formed HTML e-mail. It does not even run the email in the 'security zone' as does Microsoft Outlook, but passes anything that looks like HTML to be executed unrestricted directly to the default Browser, which for many is usually Internet Explorer.

tags | advisory, arbitrary
MD5 | eeedecb314651db083cfc7debb183791
Posted May 29, 2003
Authored by Dr. Insane

Baby FTP server version 1.2 allows for a directory traversal attack that lets a remote attacker view any file on the system by using non-standard characters with CWD. The server will also crash if multiple connections from the same host occur.

tags | exploit, remote
MD5 | 6a83ff2f09457fbac90e7f8623734cee
Posted May 29, 2003
Authored by Pokleyzz | Site scan-associates.net

Webfroot Shoutbox v2.32 and below suffers from a directory traversal and code injection vulnerability that allows a remote attacker to view any file on the system and the ability to commit remote command execution.

tags | exploit, remote
MD5 | c7ef81a32642aa53a38a48220ff5a153
Posted May 29, 2003
Authored by SPI Labs | Site spidynamics.com

Microsoft IIS versions 5.0 and 5.1 are vulnerable to a denial of service attack if an attacker sends a Webdav request with a body over 49,153 bytes using the 'PROPFIND' or 'SEARCH' request methods. This results in IIS restarting itself and terminating any active sessions.

tags | exploit, denial of service
MD5 | 466be4f57551e6a920e9059e50eaddf3
Posted May 29, 2003
Authored by Floydman | Site securit.iquebec.com

This tool is a log file monitoring and centralization tool. You can use it to monitor the Event Viewer logs, and ASCII log files from just about any application, including, but not limited to, antivirus, personal firewalls, ComLog, Snort, etc. LogAgent 4.0 also comes with 2 companion tools that are ADSScan and the combo HashGen and IntegCheck. ADSScan is an alternate data streams scanner, and HashGen/IntegCheck is a MD5-SHA1 file system integrity checker, or also known as a host-based intrusion detection system.

MD5 | 68928c66d3b622655059be9ec939d474
Posted May 29, 2003
Authored by Floydman | Site securit.iquebec.com

This tool is a command prompt (cmd.exe) logger, useful for generating intrusion evidence that was previously unavailable. With this tool, you can log command prompt sessions be it from the console, a compromised IIS system or through a netcat tunnel. Working a bit like a wrapper, ComLog takes the place of cmd.exe and passes the commands to be executed to the real cmd.exe which is renamed cm_.exe. Version 1.05 changes include MS-DOS icon added to the executable, and better camouflage to avoid detection by the monitored.

MD5 | 9ed0ade556bf85b90bdf1589de2b8e92
Posted May 29, 2003
Authored by Konstantin Klyagin | Site konst.org.ua

KRIPP is a simple and light-weight network passwords sniffer written in Perl, which uses tcpdump to intercept traffic. Can sniff and display ICQ, FTP and POP3 passwords.

Changes: CVS password sniffing and some minor bugfixes.
tags | tool, perl, sniffer
MD5 | 697c66aad367def18c9e8165b64ae4ca
Posted May 29, 2003
Authored by cameleonu

Updated version of a utility that removes LKM rootkits that normally are undetectable via the help of vmalloc which manages the memory for a kernel module. Tested against Adore, Knark, Sinapse, Heroin, and others.

tags | tool, kernel, rootkit
systems | unix
MD5 | 8c15ca479777cb3e1c5f8923e059f85f
Posted May 28, 2003
Authored by ORK | Site web.tiscali.it

libShellCodes is a library that can be included when writing linux/i386 exploits by providing functions that generate shellcode with user given parameters during runtime.

tags | shellcode
systems | linux
MD5 | d4694fec435afe7f766997be8f6aa9d6
Posted May 28, 2003
Authored by SPI Labs | Site spidynamics.com

The SunONE application server on Windows 2000 suffers from multiple vulnerabilities. The server allows a remote attacker to view the source code of JSPs, only logs the first 4042 characters of a request URI which allows an attacker to hide their attempts in the last 54 characters, has a cross site scripting issue, and has the username and password to the administrative server kept in clear text in a world readable file.

tags | exploit, remote, vulnerability, xss
systems | windows, 2k
MD5 | 5695d1e0f86bf5009e22b5b2c09ac452
Posted May 28, 2003

OpenSSH 3.6p2 backdoor that logs all logins and passwords to a file. Original backdoor ported for 3.6p2 by ajax.

tags | encryption
MD5 | ed31a68cc3dc02ff8414481e41aa096e
Posted May 28, 2003
Authored by teso, Sebastian Krahmer | Site team-teso.net

loaded version 0.21 is an IPv4 load balancer for Linux. It requires netfilter and the QUEUE target enabled in the kernel.

tags | kernel
systems | linux
MD5 | d467ee59815b3f7befd3c46911940c80
Posted May 28, 2003
Authored by teso, Sebastian Krahmer | Site team-teso.net

guess-who version 0.44 is a password brute force utility for SSH2.

MD5 | a40161347c970fe627631a1354f7d35d
Posted May 28, 2003
Authored by Kee Hinckley

Amusing addition to the vulnerability found in the Axis Network Camera HTTP server. Apparently the de-facto e-mail address for SMTP alerts is set to mail@somewhere.com and if this feature is enabled without changing the destination address, somewhere.com gets some very amusing insight as to what is being watched. Original vulnerability information is posted here.

tags | advisory, web
MD5 | 524a48a4b047f299af88f8248c550f54
Posted May 28, 2003
Authored by Juliano Rizzo | Site coresecurity.com

Core Security Technologies Advisory ID: CORE-2003-0403 - The Axis Network Camera HTTP server is vulnerable to an authentication bypass when a double slash is put in front of the admin directory in the URL. This allows a remote attacker to modify the configuration as they see fit and allows the root password to be reset. Doing this in conjunction with enabling the telnet server allows for a complete server compromise.

tags | exploit, remote, web, root
MD5 | a5e3469f753ba4068c41d8a4e0396b5b
Nikto Web Scanner 1.30
Posted May 28, 2003
Authored by Sullo | Site cirt.net

Nikto 1.30 is a PERL, open source web server scanner which supports SSL. Nikto checks for (and if possible attempts to exploit) over 2000 remote web server vulnerabilities and misconfigurations. It also looks for outdated software and modules, warns of any version specific problems, supports scans through proxies (with authentication), host Basic authentication and more. Data is kept in CSV format databases for easy maintenance, and supports the ability to automatically update local databases with current versions on the Nikto web site.

Changes: Now has multiple host/port scanning, username guessing via cgiwrap, NTLM auth support, CSV output format & more.
tags | remote, web, local, cgi, perl, vulnerability
systems | unix
MD5 | fdc8fb9aa86e090ee104903d3b2e0a28
Posted May 28, 2003
Authored by thc | Site thc.org

THC-RUT (aRe yoU There) is a local network discovery tool developed to brute force its way into wvlan access points. It offers arp-request on ip-ranges and identifies the vendor of the NIC, spoofed DHCP, BOOTP and RARP requests, icmp-address mask request and router discovery techniques. This tool should be 'your first knife' on a foreign network.

Changes: New OS Fingerprint implementation by gathering tcp stack informations, banners, open/closed port characteristics and timing values and tosses them through a perl regular expression matrix to determine the OS with high accuracy.
tags | local, spoof
MD5 | 34fce7eee288137735cc4c92e7753fcf
Posted May 28, 2003
Authored by methodic | Site libpcap.net

orbs, or Omniscient Remote Banner Scanner, is a fast and light-weight banner scanner with features like telnet negotiation and HTML output.

tags | tool, remote, scanner
systems | unix
MD5 | b5eb868122199e067531104f58ecf014
Posted May 28, 2003
Authored by wsxz | Site Priv8security.com

Remote exploit for a buffer overflow in the Gnome Batalla Naval Game Server version 1.0.4. Gives user id of the account running the game server. Tested against Mandrake 9.0.

tags | exploit, remote, overflow
systems | linux, mandrake
MD5 | d975b9a72eb72639c21c11ad67d727b2
Posted May 28, 2003
Authored by Angelo Rosiello, rosiello | Site rosiello.org

bnc version 2.6.2 and below suffers from a denial of service vulnerability. Armed with a valid login and password, a remote user can kill the daemon.

tags | exploit, remote, denial of service
MD5 | 19b82bf820cb2ac8cc6dc2cea49ef122
Posted May 28, 2003
Authored by Ramon Pinuaga Cascales | Site s21sec.com

S 2 1 S E C Advisory 017 - The Vignette Content Management and Application Portal software is vulnerable to a remote attacker accessing the SQL database without authentication by modifying a cookie. Affected versions: StoryServer 4 and 5 and Vignette V/5.

tags | advisory, remote
MD5 | 46c27d0650a3f0472de8493880dc4ad6
Posted May 28, 2003
Authored by Ramon Pinuaga Cascales | Site s21sec.com

S 2 1 S E C Advisory 016 - Vignette Content Management and Application Portal software has a vulnerability that allows a remote attacker to inject a server side include that could lead to remote command execution. Affected versions include, but are not limited to, StoryServer 4 and 5 and Vignette V/5 and V/6.

tags | advisory, remote
MD5 | 61c49e1af45f2771f6e937e5630fa113
Page 1 of 4

File Archive:

November 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    19 Files
  • 2
    Nov 2nd
    25 Files
  • 3
    Nov 3rd
    8 Files
  • 4
    Nov 4th
    7 Files
  • 5
    Nov 5th
    24 Files
  • 6
    Nov 6th
    0 Files
  • 7
    Nov 7th
    0 Files
  • 8
    Nov 8th
    18 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    106 Files
  • 11
    Nov 11th
    19 Files
  • 12
    Nov 12th
    13 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    18 Files
  • 16
    Nov 16th
    12 Files
  • 17
    Nov 17th
    15 Files
  • 18
    Nov 18th
    12 Files
  • 19
    Nov 19th
    4 Files
  • 20
    Nov 20th
    2 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    22 Files
  • 23
    Nov 23rd
    14 Files
  • 24
    Nov 24th
    19 Files
  • 25
    Nov 25th
    4 Files
  • 26
    Nov 26th
    1 Files
  • 27
    Nov 27th
    4 Files
  • 28
    Nov 28th
    1 Files
  • 29
    Nov 29th
    11 Files
  • 30
    Nov 30th
    7 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2020 Packet Storm. All rights reserved.

Security Services
Hosting By