what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 13 of 13 RSS Feed

Files Date: 2003-09-29

Posted Sep 29, 2003
Site echu.org

GuppY versions 2.4p1 and below are susceptible to cross site scripting attacks.

tags | exploit, xss
SHA-256 | 2f0514a9a3fa459e3558f6b788b7b89322133fbab342c2b85cfd06203c1aac33
Posted Sep 29, 2003
Site cert.org

CERT Advisory notice that clarifies the slew of recent vulnerabilities in OpenSSH. It covers the buffer management errors, PAM challenge authentication failures, and the PAM conversion stack corruption.

tags | advisory, vulnerability
SHA-256 | 8449aa3e99be0546fbd8e7e2af73625b1196bbdd34a3db0ff39bbc6bb7a4050a
Posted Sep 29, 2003
Authored by ThEcYnicaLonE

Simple tone generator script that will play the 2600Hz blue box tone on an HP39G graphical calculator.

tags | telephony
SHA-256 | 9bf3a037ffe01de3ed4f73753a1bff4dbfae8e03a78eba1a52e03d25492d6eeb
Posted Sep 29, 2003
Authored by Ulf Harnhammar, Richard R. Vasquez, Simon Cornelius P. Umacob | Site sourceforge.net

kses is an HTML/XHTML filter written in PHP. It removes all unwanted HTML elements and attributes, no matter how malformed HTML input you give it. It also does several checks on attribute values. kses can be used to avoid Cross-Site Scripting (XSS), Buffer Overflows and Denial of Service attacks, among other things.

tags | denial of service, overflow, php, xss
systems | unix
SHA-256 | 650ffa702ed6c8d0c73b7c94d754b38660d482b371122c9d3809924aab1d6f76
Nikto Web Scanner 1.31
Posted Sep 29, 2003
Authored by Sullo | Site cirt.net

Nikto 1.31 is a PERL, open source web server scanner which supports SSL. Nikto checks for (and if possible attempts to exploit) over 2000 remote web server vulnerabilities and misconfigurations. It also looks for outdated software and modules, warns of any version specific problems, supports scans through proxies (with authentication), host Basic authentication and more. Data is kept in CSV format databases for easy maintenance, and supports the ability to automatically update local databases with current versions on the Nikto web site.

Changes: LibWhisker 1.8, additional configuration options, enhanced multiple-host scanning, and multiple bug fixes and more.
tags | remote, web, local, cgi, perl, vulnerability
systems | unix
SHA-256 | e659d4e34f697bd861c843571f8632c1cf0acc37372abe33af2f6c7ad8814846
Posted Sep 29, 2003
Authored by Todd MacDermid | Site synacklabs.net

Stegtunnel is a tool written to hide data within TCP/IP header fields. It was designed to be undetectable, even by people familiar with the tool. It can hide the data underneath real TCP connections, using real, unmodified clients and servers to provide the TCP conversation. In this way, detection of odd-looking sessions is avoided. It provides covert channels in the sequence numbers and IPIDs of TCP connections.

Changes: Added a reliable file transfer mode using Hamming-style error correction, and removes the requirement for a proxy IP address on some operating systems.
tags | encryption, tcp, steganography
SHA-256 | 11966b466a58cdf47871a9d251dd8d6cc2391268979f455414922b1a72b8a13d
Posted Sep 29, 2003
Site synacklabs.net

Packet Purgatory is a library the provides a portable API for intercepting, rewriting, and otherwise mangling flows of packets. It provides multiple mechanisms through the same interface for tweaking these packets, all without the local host's kernel being aware, or requiring any kernel modules. It enables odd packets to be modified in arbitrary streams without requiring the use of specialized client software.

tags | arbitrary, kernel, local, library
SHA-256 | e33b036f3f6e53cf86e1566a171ce75e7abe25f0e2054cf808d0b4f2b83cc211
Posted Sep 29, 2003
Site debian.org

Debian Security Advisory DSA 392-1 - webfs has been found vulnerable to buffer overflows and multiple directory traversal attacks.

tags | advisory, overflow
systems | linux, debian
advisories | CVE-2003-0832, CVE-2003-0833
SHA-256 | 9443b8e1123e6cdc03ed05065c4960fe80ad9286e2141b58396091a3b511d50b
Posted Sep 29, 2003
Authored by Brett Moore SA | Site security-assessment.com

Version three of this paper discussing more shatter attacks that are possible using progress bars. Related information available here.

tags | exploit
SHA-256 | 787e917da3242f5237e198f43f899c54f8b8719ed978cf8961d1090447b3c4c9
Posted Sep 29, 2003
Authored by Lorenzo Hernandez Garcia-Hierro | Site security.novappc.com

Geeklog versions 2.x and below are susceptible to cross site scripting vulnerabilities and various SQL injection attacks.

tags | exploit, vulnerability, xss, sql injection
SHA-256 | 00084a1aaef68a8f9088d25e72f314aded4e7fda302ffd1525cd89404e07df72
Posted Sep 29, 2003
Authored by jsk

Remote exploit for Cfengine versions 2.-2.0.3 that makes use of a stack overflow discussed here. Binds a shell to port 26112. Tested against RedHat.

tags | exploit, remote, overflow, shell
systems | linux, redhat
SHA-256 | 3d6399d602afc8e1234d04097ff5ebf01664d6980f11dcdde0306ddfc376b787
Posted Sep 29, 2003
Authored by rosiello

Contest ELF binary of arcs

SHA-256 | 615dc4fcd40c7f7d4123ecb43350ad08345f65e8de32e8c7d92f91c1ee49e6d3
Posted Sep 29, 2003
Authored by rosiello

Contest file that has been encrypted with A.R.C.S. This file has a special message inside. Once cracked, utilize the instructions to redeem a free t-shirt.

SHA-256 | e0d5eaeef711c7ec0bdbf227d50ccdb48fc4279a59d6e1743828a9699da2285a
Page 1 of 1

File Archive:

October 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    10 Files
  • 2
    Oct 2nd
    0 Files
  • 3
    Oct 3rd
    0 Files
  • 4
    Oct 4th
    0 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    0 Files
  • 8
    Oct 8th
    0 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By