what you don't know can hurt you
Showing 1 - 25 of 27 RSS Feed

Files Date: 2005-02-18

linux-2.6.10.c
Posted Feb 18, 2005
Authored by Georgi Guninski | Site guninski.com

Linux v2.6.10 and below kernel exploit which allows non-privileged users to read kernel memory.

tags | exploit, kernel
systems | linux
MD5 | f39502f31cc80538acad38883a2eb0ce
aanval-1.54-stable.tar.gz
Posted Feb 18, 2005
Site aanval.com

Aanval is a web based Snort intrusion detection console. Currently supporting Snort and syslog, Aanval provides dynamic monitoring, comprehensive reporting and powerful alerting capabilities. Several primary features are account hierarchy, data-archiving, real-time data displays, auto signature updating, sensor management tools, easy upgrading, advanced searching, artificial intelligence, timezone control, charts/graphs, query saving and more.

Changes: Bug fixes, new features, new look and feel.
tags | tool, web, sniffer
MD5 | 876a66b2d68869a7c168d3f47be07036
vbulletin-3.0.4-2.txt
Posted Feb 18, 2005
Authored by AL3NDALEEB

vBulletin v3.0 through 3.0.4 remote command execution exploit, written in PHP. Takes advantage of a bug in forumdisplay.php.

tags | exploit, remote, php
MD5 | fcdfb1e7e59b312e89ee3e3b65b0a189
vbulletin-3.0.4.txt
Posted Feb 18, 2005
Authored by AL3NDALEEB

vBulletin v3.0.4 remote command execution exploit. Takes advantage of a bug in forumdisplay.php.

tags | exploit, remote, php
MD5 | c0c2369e86ad1420dfea60826e04ad87
findjmp2.c
Posted Feb 18, 2005
Authored by class101 | Site Hat-Squad.com

Findjmp2.c is a tool which scans for call/jmp/pushret offsets, and logs to a file. This is a modified version of the Eeye tool Findjmp.

systems | unix
MD5 | 90acf8d9be091b8da5504ce5fc63e0e1
xprobe2-0.2.2.tar.gz
Posted Feb 18, 2005
Authored by Ofir Arkin, Fyodor Yarochkin, Meder Kydyraliev | Site prdownloads.sourceforge.net

Xprobe2 0.2.2 is a remote active OS fingerprinting tool which uses advanced techniques such as fuzzy logic.

tags | remote
systems | unix
MD5 | 8eea1406d035827bb8bfeb0536622e1f
snmpdos.c
Posted Feb 18, 2005
Authored by Fugi

SNMP reflection DoS which sends spoofed UDP packet and requests a GetBulk at the expense of the targets IP.

tags | denial of service, udp, spoof
MD5 | a8ebda2ec3804b4be42fc816378c8a5a
SInAR-0.2.tar.bz2
Posted Feb 18, 2005
Authored by Archim

SInAR Solaris rootkit v0.2. Invisible kernel based rootkit for Solaris 8, 9, and 10.

tags | tool, kernel, rootkit
systems | unix, solaris
MD5 | 6e5dc76977f8b3fed2fd9f21ffc375dd
argosoft.1.8.txt
Posted Feb 18, 2005
Authored by Dr. Insane | Site secunia.com

The ArGoSoft Mail Server 1.8.x contains three vulnerabilities which allow malicious people to cause a DoS, disclose sensitive information, and create arbitrary directories on a vulnerable system.

tags | advisory, arbitrary, vulnerability
MD5 | ee53807b6f3ad90df057150a1a6af6a9
XSS-Proxy_0_0_11.pl
Posted Feb 18, 2005
Authored by Anton Rager

This script is an XSS attack controller which allows an attacker to force a victim to read pages off a XSS vulnerable server and relay contents back to this controller. This process also provides client with new script commands.

tags | exploit
MD5 | ba0be2050a128c0a827628b9f3422076
Advanced_XSS_Control.txt
Posted Feb 18, 2005
Authored by Anton Rager

Advanced Cross-Site-Scripting with Real-time Remote Attacker Control - Some people think XSS attacks are no big deal, but I plan to change that perception with the release of this paper and an accompanying tool called XSS-Proxy which allows XSS attacks to be fully controlled by a remote attacker. This paper describes current XSS attacks and introduces new methods/tool for making XSS attacks interactive, bi-directional, persistent and much more evil. This is not a detailed XSS HowTo, but an explanation of methods for taking XSS attacks much further. Attackers can access sites as the victim or forward specific blind requests to other servers.

tags | paper, remote, web
MD5 | e8745770f3e096cf690dba797b39c2c4
f-secure.arj.txt
Posted Feb 18, 2005
Site xforce.iss.net

F-Secure Antivirus Scanner multiple products vulnerability - A buffer overflow in the processing of ARJ archives allows remote code execution on multiple F-Secure products with no authentication required. Affected software includes F-Secure Anti-Virus 2004, F-Secure Anti-Virus 2005, F-Secure Anti-Virus 5.x, F-Secure Anti-Virus Client Security 5.x, F-Secure Anti-Virus for Firewalls 6.x, F-Secure Anti-Virus for Linux 4.x, F-Secure Anti-Virus for Microsoft Exchange 6.x, F-Secure Anti-Virus for MIMEsweeper 5.x, F-Secure Anti-Virus for Samba Servers 4.x, F-Secure Anti-Virus for Workstations 5.x, F-Secure Internet Gatekeeper 6.x, F-Secure Internet Gatekeeper for Linux 2.x, F-Secure Internet Security 2004, and F-Secure Internet Security 2005. See also here.

tags | advisory, remote, overflow, code execution, virus
systems | linux
MD5 | 8efda2c32a5fe68500a30323cf57ef90
brightstor.c
Posted Feb 18, 2005
Authored by Thor Doomen

The CA BrightStor ArcServe Discovery Service overflow exploit takes advantage of a vulnerability in the CA BrightStor Discovery Service which occurs when a large request is sent to UDP port 41524, triggering a stack overflow.

tags | exploit, overflow, udp
advisories | CVE-2005-0260
MD5 | 2a8650b78261f7d78d054919e396b362
cabrightstor_disco_servicepc.pm
Posted Feb 18, 2005
Authored by H D Moore | Site metasploit.com

CA BrightStor Discovery Service SERVICEPC Overflow for Win32, win2000, winxp, and win2003 which exploits a vulnerability in the TCP listener on port 45123. Affects all known versions of the BrightStor product. More information available here.

tags | exploit, overflow, tcp
systems | windows, 2k, 32
MD5 | 24691076d35d4bb512eadbea343374f2
cabrightstor_disco.pm
Posted Feb 18, 2005
Authored by Thor Doomen

The CA BrightStor Discovery Service overflow exploit is a perl module exploits a vulnerability in the CA BrightStor Discovery Service which occurs when a large request is sent to UDP port 41524, triggering a stack overflow. Targets include Win32, win2000, winxp, and win2003. More information available here.

tags | exploit, overflow, udp, perl
systems | windows, 2k, 32
advisories | CVE-2005-0260
MD5 | b2bd9b3e6cf0a59af941b2e26e28e90a
bb.tar.gz
Posted Feb 18, 2005
Authored by Phate

Brute Blocker is a python script which block brute force login attempts detected via swatch by editing hosts.deny. In Spanish.

tags | python
systems | unix
MD5 | 2ebed40429754a9220028a40eeaca8df
keyfinder.c
Posted Feb 18, 2005
Authored by van Hauser, thc | Site thc.org

THC Keyfinder analyses files for public/private keys and encrypted or compressed data. It identifies such areas by measuring the entropy, arithmetical mean and counter checking, and dumps the encrypted/compressed file sections.

MD5 | 20f051b74875bf54f6f424b11edd7adf
libnids-1.20.tar.gz
Posted Feb 18, 2005
Authored by Nergal | Site libnids.sourceforge.net

Libnids is a library that provides a functionality of one of NIDS (Network Intrusion Detection System) components, namely E-component. It means that libnids code watches all local network traffic, cooks received datagrams a bit, and provides convenient information on them to analyzing modules of NIDS. So, if you intend to develop a custom NIDS, you do not have to build low-level network code. If you decide to use libnids, and you have got E-component ready - you can focus on implementing other parts of NIDS.

Changes: Added wscale option parsing; surprisingly, it seems to be in some use, added nids_dispatch(), for systems which do not ignore pcap timeout, and the ability to specify hosts/networks for which we do not check checksums.
tags | tool, local, intrusion detection
systems | unix
MD5 | a36cbd45cbada12420ecc8f82a7e0852
ecl-eximspa.c
Posted Feb 18, 2005
Authored by Yuri Gushin

Exim <= 4.4.3 exploit for the SPA authentication vulnerability. Takes advantage of the spa_base64_to_bits() call.

tags | exploit
MD5 | f69c4523245f9862570d6f589b1eeb95
mercuryboard.1.1.1.txt
Posted Feb 18, 2005
Authored by Zeelock

Mercuryboard <= 1.1.1 remote sql injection exploit.

tags | exploit, remote, sql injection
MD5 | 9384f779a2199c9f460dbbcd5c742c30
my.phpforum.1.0.txt
Posted Feb 18, 2005
Authored by GHC

MyPHPForum v1.0 remote sql injection exploit. Shows administrators name and password. MyPHP Forum is available here.

tags | exploit, remote, sql injection
MD5 | 5dec0049a91d5e376accb46ad63d52d9
cms.core.txt
Posted Feb 18, 2005
Authored by GHC

CMS Core remote SQL injection exploit. CMS Core is available here.

tags | exploit, remote, sql injection
MD5 | 229fddbca1cb60c18695a06441a9f684
chipmunk.forum.txt
Posted Feb 18, 2005
Authored by GHC

Chipmunk Forum remote SQL injection exploit. Chipmunk forum is available here.

tags | exploit, remote, sql injection
MD5 | 1ab624794739e610d9f3ac5f1e106018
php-nuke.7.4.c
Posted Feb 18, 2005
Authored by Silentium | Site autistici.org

PHP-Nuke v7.4 remote exploit which allows you to create new admin with relative passwd that you specify on the command line. Allows you to take administrative control of the webPortal. See here for more information.

tags | exploit, remote, php
MD5 | bad0a943bf16781d72fa5671cbab00e1
postnuke.postwrap.txt
Posted Feb 18, 2005
Site albanianhaxorz.org

Postnuke Postwrap remote command execution exploit. Includes information on finding vulnerable systems with google.

tags | exploit, remote
MD5 | 0cb697ad4c75dda22556bedddae30ee1
Page 1 of 2
Back12Next

File Archive:

January 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    8 Files
  • 2
    Jan 2nd
    11 Files
  • 3
    Jan 3rd
    11 Files
  • 4
    Jan 4th
    2 Files
  • 5
    Jan 5th
    2 Files
  • 6
    Jan 6th
    18 Files
  • 7
    Jan 7th
    15 Files
  • 8
    Jan 8th
    16 Files
  • 9
    Jan 9th
    10 Files
  • 10
    Jan 10th
    13 Files
  • 11
    Jan 11th
    2 Files
  • 12
    Jan 12th
    4 Files
  • 13
    Jan 13th
    21 Files
  • 14
    Jan 14th
    18 Files
  • 15
    Jan 15th
    12 Files
  • 16
    Jan 16th
    18 Files
  • 17
    Jan 17th
    11 Files
  • 18
    Jan 18th
    2 Files
  • 19
    Jan 19th
    0 Files
  • 20
    Jan 20th
    0 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    0 Files
  • 25
    Jan 25th
    0 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close