what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 27 RSS Feed

Files Date: 2005-02-18

linux-2.6.10.c
Posted Feb 18, 2005
Authored by Georgi Guninski | Site guninski.com

Linux v2.6.10 and below kernel exploit which allows non-privileged users to read kernel memory.

tags | exploit, kernel
systems | linux
SHA-256 | 64668cf27bf96d59d1d1f9aeceaa70ae1834d86bc88475e6ae009a8b38a70a8b
aanval-1.54-stable.tar.gz
Posted Feb 18, 2005
Site aanval.com

Aanval is a web based Snort intrusion detection console. Currently supporting Snort and syslog, Aanval provides dynamic monitoring, comprehensive reporting and powerful alerting capabilities. Several primary features are account hierarchy, data-archiving, real-time data displays, auto signature updating, sensor management tools, easy upgrading, advanced searching, artificial intelligence, timezone control, charts/graphs, query saving and more.

Changes: Bug fixes, new features, new look and feel.
tags | tool, web, sniffer
SHA-256 | 3c0a3023b264dbaaa65785291bca02ad2f778cb607ecb3bc916125dc2fd7271d
vbulletin-3.0.4-2.txt
Posted Feb 18, 2005
Authored by AL3NDALEEB

vBulletin v3.0 through 3.0.4 remote command execution exploit, written in PHP. Takes advantage of a bug in forumdisplay.php.

tags | exploit, remote, php
SHA-256 | 9298c75854aa587dfdd3e80741730d6f2b862b5d96bfb83aeddbe88066b7cad1
vbulletin-3.0.4.txt
Posted Feb 18, 2005
Authored by AL3NDALEEB

vBulletin v3.0.4 remote command execution exploit. Takes advantage of a bug in forumdisplay.php.

tags | exploit, remote, php
SHA-256 | d4524c7e2e8566f6e4f5d23e18d2fb7a5b4bedeac23a5e39c07cff16fff4f799
findjmp2.c
Posted Feb 18, 2005
Authored by class101 | Site Hat-Squad.com

Findjmp2.c is a tool which scans for call/jmp/pushret offsets, and logs to a file. This is a modified version of the Eeye tool Findjmp.

systems | unix
SHA-256 | ded944f6f1617a78aca173788e57b43956af8818eef58eb78f07ee8c81cc8bae
xprobe2-0.2.2.tar.gz
Posted Feb 18, 2005
Authored by Ofir Arkin, Fyodor Yarochkin, Meder Kydyraliev | Site prdownloads.sourceforge.net

Xprobe2 0.2.2 is a remote active OS fingerprinting tool which uses advanced techniques such as fuzzy logic.

tags | remote
systems | unix
SHA-256 | bfe28acfadb1c41490347ff80010ed5272e944a5815887a49a8c7804009fd2f5
snmpdos.c
Posted Feb 18, 2005
Authored by Fugi

SNMP reflection DoS which sends spoofed UDP packet and requests a GetBulk at the expense of the targets IP.

tags | denial of service, udp, spoof
SHA-256 | da431f1771160b6b7ea712d672341bcce46035b7b7563183e8bfec8ff4cf662b
SInAR-0.2.tar.bz2
Posted Feb 18, 2005
Authored by Archim

SInAR Solaris rootkit v0.2. Invisible kernel based rootkit for Solaris 8, 9, and 10.

tags | tool, kernel, rootkit
systems | unix, solaris
SHA-256 | 8e59094c902a8a45f4cd71d579415c5f32b38e1e7a5960171b90f5a1b7db3da6
argosoft.1.8.txt
Posted Feb 18, 2005
Authored by Dr. Insane | Site secunia.com

The ArGoSoft Mail Server 1.8.x contains three vulnerabilities which allow malicious people to cause a DoS, disclose sensitive information, and create arbitrary directories on a vulnerable system.

tags | advisory, arbitrary, vulnerability
SHA-256 | c8abedf9720b940afbc695aee2fc49b3df7592e49541a0d51bf51af49e759140
XSS-Proxy_0_0_11.pl
Posted Feb 18, 2005
Authored by Anton Rager

This script is an XSS attack controller which allows an attacker to force a victim to read pages off a XSS vulnerable server and relay contents back to this controller. This process also provides client with new script commands.

tags | exploit
SHA-256 | 0b27ece0f83b8dea923f98d2bfd7fbb0b2ab348556d89d44948eac0530dfa175
Advanced_XSS_Control.txt
Posted Feb 18, 2005
Authored by Anton Rager

Advanced Cross-Site-Scripting with Real-time Remote Attacker Control - Some people think XSS attacks are no big deal, but I plan to change that perception with the release of this paper and an accompanying tool called XSS-Proxy which allows XSS attacks to be fully controlled by a remote attacker. This paper describes current XSS attacks and introduces new methods/tool for making XSS attacks interactive, bi-directional, persistent and much more evil. This is not a detailed XSS HowTo, but an explanation of methods for taking XSS attacks much further. Attackers can access sites as the victim or forward specific blind requests to other servers.

tags | paper, remote, web
SHA-256 | 8f3f833faade0f8c6add6576e39ff2be36df99d31657b8eb6613799fa7945aa6
f-secure.arj.txt
Posted Feb 18, 2005
Site xforce.iss.net

F-Secure Antivirus Scanner multiple products vulnerability - A buffer overflow in the processing of ARJ archives allows remote code execution on multiple F-Secure products with no authentication required. Affected software includes F-Secure Anti-Virus 2004, F-Secure Anti-Virus 2005, F-Secure Anti-Virus 5.x, F-Secure Anti-Virus Client Security 5.x, F-Secure Anti-Virus for Firewalls 6.x, F-Secure Anti-Virus for Linux 4.x, F-Secure Anti-Virus for Microsoft Exchange 6.x, F-Secure Anti-Virus for MIMEsweeper 5.x, F-Secure Anti-Virus for Samba Servers 4.x, F-Secure Anti-Virus for Workstations 5.x, F-Secure Internet Gatekeeper 6.x, F-Secure Internet Gatekeeper for Linux 2.x, F-Secure Internet Security 2004, and F-Secure Internet Security 2005. See also here.

tags | advisory, remote, overflow, code execution, virus
systems | linux
SHA-256 | a5bce77f36680f7f5d0a72394b009ba5dadc6be110f0240e4a7d97305fddb0af
brightstor.c
Posted Feb 18, 2005
Authored by Thor Doomen

The CA BrightStor ArcServe Discovery Service overflow exploit takes advantage of a vulnerability in the CA BrightStor Discovery Service which occurs when a large request is sent to UDP port 41524, triggering a stack overflow.

tags | exploit, overflow, udp
advisories | CVE-2005-0260
SHA-256 | 7d0b4a2e24e12ce44e33a8962a865ecfdab582d552df7e09621a2b9dfe423cca
cabrightstor_disco_servicepc.pm
Posted Feb 18, 2005
Authored by H D Moore | Site metasploit.com

CA BrightStor Discovery Service SERVICEPC Overflow for Win32, win2000, winxp, and win2003 which exploits a vulnerability in the TCP listener on port 45123. Affects all known versions of the BrightStor product. More information available here.

tags | exploit, overflow, tcp
systems | windows
SHA-256 | 06aea5c93f017821b6f5bb745269cc286814e9aac984c4e232a1da82215c07b2
cabrightstor_disco.pm
Posted Feb 18, 2005
Authored by Thor Doomen

The CA BrightStor Discovery Service overflow exploit is a perl module exploits a vulnerability in the CA BrightStor Discovery Service which occurs when a large request is sent to UDP port 41524, triggering a stack overflow. Targets include Win32, win2000, winxp, and win2003. More information available here.

tags | exploit, overflow, udp, perl
systems | windows
advisories | CVE-2005-0260
SHA-256 | 6ebf5e3c394cc6d934ad22365dc61149ffa66fc65a6227931ed9237c32d8be19
bb.tar.gz
Posted Feb 18, 2005
Authored by Phate

Brute Blocker is a python script which block brute force login attempts detected via swatch by editing hosts.deny. In Spanish.

tags | python
systems | unix
SHA-256 | 26ac288a83b20f78956929d64779087d72974229bc2cabc3867c02d9aa5be128
keyfinder.c
Posted Feb 18, 2005
Authored by van Hauser, thc | Site thc.org

THC Keyfinder analyses files for public/private keys and encrypted or compressed data. It identifies such areas by measuring the entropy, arithmetical mean and counter checking, and dumps the encrypted/compressed file sections.

SHA-256 | 35a9a7d340627b6885d74cb98d01849cc87a8deda546b6155dd85efc2df56ee5
libnids-1.20.tar.gz
Posted Feb 18, 2005
Authored by Nergal | Site libnids.sourceforge.net

Libnids is a library that provides a functionality of one of NIDS (Network Intrusion Detection System) components, namely E-component. It means that libnids code watches all local network traffic, cooks received datagrams a bit, and provides convenient information on them to analyzing modules of NIDS. So, if you intend to develop a custom NIDS, you do not have to build low-level network code. If you decide to use libnids, and you have got E-component ready - you can focus on implementing other parts of NIDS.

Changes: Added wscale option parsing; surprisingly, it seems to be in some use, added nids_dispatch(), for systems which do not ignore pcap timeout, and the ability to specify hosts/networks for which we do not check checksums.
tags | tool, local, intrusion detection
systems | unix
SHA-256 | c5a7553f64bed2384ecc9535e67cf7d80ccf7f7f34ab8b132703b60d0eaec604
ecl-eximspa.c
Posted Feb 18, 2005
Authored by Yuri Gushin

Exim <= 4.4.3 exploit for the SPA authentication vulnerability. Takes advantage of the spa_base64_to_bits() call.

tags | exploit
SHA-256 | d290358d63001c6fed4824d7d8bda0f645b150ab15fca97112a1d0cd421de646
mercuryboard.1.1.1.txt
Posted Feb 18, 2005
Authored by Zeelock

Mercuryboard <= 1.1.1 remote sql injection exploit.

tags | exploit, remote, sql injection
SHA-256 | 1a5ee612aa7218d1e301bf5ac4bc98b6cb169d340b1b5bfa8dd94a59aa7833ca
my.phpforum.1.0.txt
Posted Feb 18, 2005
Authored by GHC

MyPHPForum v1.0 remote sql injection exploit. Shows administrators name and password. MyPHP Forum is available here.

tags | exploit, remote, sql injection
SHA-256 | 6cd1c3d8353e7558ac8dd9f5b96f18be76d6c86edacd05ecc29d53784a443ad6
cms.core.txt
Posted Feb 18, 2005
Authored by GHC

CMS Core remote SQL injection exploit. CMS Core is available here.

tags | exploit, remote, sql injection
SHA-256 | d352c17e29e51f28fab9caf8dc1125f5aa0c16058c15c070d22256ed0186d71a
chipmunk.forum.txt
Posted Feb 18, 2005
Authored by GHC

Chipmunk Forum remote SQL injection exploit. Chipmunk forum is available here.

tags | exploit, remote, sql injection
SHA-256 | 79b0a3c4fc4f911965e6c040f69341a77bb31810050eb6aec57eade7e3c99981
php-nuke.7.4.c
Posted Feb 18, 2005
Authored by Silentium | Site autistici.org

PHP-Nuke v7.4 remote exploit which allows you to create new admin with relative passwd that you specify on the command line. Allows you to take administrative control of the webPortal. See here for more information.

tags | exploit, remote, php
SHA-256 | d4519b08516e4a2b394f9870d72fa7a2e76009da122c00757f5e8ba8dabc2814
postnuke.postwrap.txt
Posted Feb 18, 2005
Site albanianhaxorz.org

Postnuke Postwrap remote command execution exploit. Includes information on finding vulnerable systems with google.

tags | exploit, remote
SHA-256 | 7485adac9a7f99f5fec2d43521344bc6ce806e1156b799b3e86948debe621742
Page 1 of 2
Back12Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close