Source code for all the examples used in tutorials 1 through 4 of 'Writing Stack Based Overflows On Windows'.
860b53e6a362f1432b875fd79227494b5d512c72cfa9e23132fc2648cd5ae25e
Writing Stack Based Overflows on Windows - Part IV: Shellcode creation and exploitation an application remotely.
8574a8998f8d62e5c51157c0cfca653779fe111f04fd2362565eb53dd4584fb2
Writing Stack Based Overflows on Windows - Part III: Walking through a stack based overflow and writing an exploit for a local overflow.
f90a0115f7445c95c71fa6878bcc43ebb6802fec3409da9bbdfa11726c784353
Iwar is a war dialer written for Unix type (Linux/OpenBSD/etc) operating systems. It supports a nice curses based front end, ASCII/MySQL logging, system identification, multiple modems support, random/sequential dialing, key stroke logging, and more. Note: this is the source tarball for use under Unix variants.
b8064ef9ba605903a94cb9f7f62d0bb616599319b1493c3bda8118af85f4ddb0
Iwar is a war dialer written for Unix type (Linux/OpenBSD/etc) operating systems. It supports a nice curses based front end, ASCII/MySQL logging, system identification, multiple modems support, random/sequential dialing, key stroke logging, and more. Note: this is the Cygwin version.
f751be6be7256e79d683cb0cac49edc8019bb7913147b8871645a6168abb41a3
NuFW is a set of daemons that filters packets on a per-user basis. The gateway authorizes a packet depending on which remote user has sent it. On the client side, users have to run a client that sends authentication packets to the gateway. On the server side, the gateway associates user ids to packets, thus enabling the possibility to filter packets on a user basis. Furthermore, the server architecture is done to use external authentication source such as an LDAP server.
89930c14ca97923365a142ba62a5972ef30ba14cce65eebb429f42d1bdc95051
arpalert uses ARP address monitoring to help prevent unauthorized connections on the local network. If an illegal connection is detected, a program or script is launched, which could be used to send an alert message, for example.
8808dfc169757701cdb0c29529dd1b913bd7e9c782a794f0a4b161062047ac20
The Openwall Linux kernel patch is a collection of security hardening features for the Linux kernel which can stop most 'cookbook' buffer overflow exploits. The patch can also add more privacy to the system by restricting access to parts of /proc so that users may not see what others are doing. Also tightens down file descriptors 0, 1, and 2, implements process limits and shared memory destruction.
bef89e4d59252dc6292974f13587c0a88fbec212e15d455e4d4d2d27d188a956
Nixory is an innovative, fast, and powerful anti-spyware program, with a user-friendly graphical interface. It protects Mozilla Firefox from dangerous spyware and harmful cookies. Platform independent source zip file.
6335c16eff0984a0b215a95c774388110f6efa38efcc7eb1d9d383c7d0a415ce
Mandriva Linux Security Advisory - Jack Louis discovered a format string vulnerability in miniserv.pl Perl web server in Webmin before 1.250 and Usermin before 1.180, with syslog logging enabled. This can allow remote attackers to cause a denial of service (crash or memory consumption) and possibly execute arbitrary code via format string specifiers in the username parameter to the login form, which is ultimately used in a syslog call.
0fee6cfab26096bc7f6d51ca1fae2f550ceb001780b74a0358d40e8fb8ca3888
Mandriva Linux Security Advisory - Scrubber.py in Mailman 2.1.4 through 2.1.6 does not properly handle UTF8 character encodings in filenames of e-mail attachments, which allows remote attackers to cause a denial of service. In addition, these versions of mailman have an issue where the server will fail with an overflow on bad date data in a processed message.
f425e7c90ac8f9e309cae39b0cabc54364500222c5a30f89b8265ff017246c54
Mandriva Linux Security Advisory - SpamAssassin 3.0.4 allows attackers to bypass spam detection via an e-mail with a large number of recipients, which triggers a bus error in Perl.
9f7417bbb2d00f88c7609d6aef727ad016083afc9856bfd4c2dad15e077d16ce
Zen-Cart versions 1.2.6d and below are susceptible to blind SQL injection and remote command execution attacks. Exploit included.
16d5983a9f0364ddea49421fbc4f0e240f1760df33699aa25fd6e85b9567fb3d
It appears that the Free Help Desk software by Help Desk Reloaded leaves the install.php file in place post installation, allowing remote attackers to create accounts without any authentication or access.
804b6bf95c701fc3e436588dcb9bb2b6c18779f0bb612923c56a2ad5eb75b375
SEC-CONSULT Security Advisory 20051202-0 - GMX Webmail when used with Microsoft Internet Explorer lends itself to cross site scripting attacks.
2a6711c44f9c685e8b7cc7212fd8144d93f917d56b960b6843bd977d8b2481f7
Ubuntu Security Notice USN-222-1 - Jack Louis of Dyad Security discovered that Perl did not sufficiently check the explicit length argument in format strings. Specially crafted format strings with overly large length arguments led to a crash of the Perl interpreter or even to execution of arbitrary attacker-defined code with the privileges of the user running the Perl program.
bfe55a56e657241ef7dc2839ec85a1d525daa274af5d85c1db814fa6967a6512
Format String Vulnerabilities in Perl Programs - Whitepaper discussing all the attack and impact details of recent discussions surrounding format string exploitation in perl. Provides further insight on how these flaws can be manipulated and has examples.
1f644276a53775b2a1efbef6e98a60ccf369cc0a40fb16ff4f0877b18aea1d03
Debian Security Advisory DSA 913-1 - An integer overflow has been discovered in helix-player, the helix audio and video player. This flaw could allow a remote attacker to run arbitrary code on a victims computer by supplying a specially crafted network resource.
e179e51f3e9797508dd52404da38fedbe35d0ebe8081da2653062dcb8be36066
WinEggDropShell Eternity version 1.7 is susceptible to preauth stack overflows. Proof of concept denial of service exploit included.
2ec95ea1eb4e9a0c406b4c6e8ae0c57a3f64aba3b51d781bc5062ceb434bc713
phpMyChat version 0.14.6 is susceptible to cross site scripting flaws in start_page.css.php, style.css.php, and users_popupL.php.
ab6d9e1e48b89ca2d7a166ddce989029d13c54b332b9e4bcad235e469d3ca99a
Openmotif version 2.2.3 is susceptible to multiple buffer overflow vulnerabilities.
f305a8bd59f1f7cadacd438fb87151f8341629efdbb056c1ebaf294c3af53637
PBNJ is a network tool that can be used to give an overview of a machine or multiple machines and includes the details about the services running on them. PBNJ is different from other tools because it is based on using a scan from nmap parsed to amap. PBNJ parses the data from a scan and outputs to a CSV format file for each ip address scanned.
d75cad2daadc7fb0d9557d8ab4ba0d92ff4bb341606471f81dd36e99e6420cc3
Cisco Security Advisory - A vulnerability exists in the IOS HTTP server in which HTML code inserted into dynamically generated output, such as the output from a 'show buffers' command, will be passed to the browser requesting the page. This HTML code could be interpreted by the client browser and potentially execute malicious commands against the device or other possible cross-site scripting attacks. This security advisory applies to all Cisco products that run Cisco IOS Software versions 11.0 through 12.4 with the HTTP server enabled.
714b1c38572020e3ea7316ed9c36d2d58449b24d1be80a093082f494f0ad0cd2
Edgewall Trac version 0.9 is susceptible to a SQL injection attack due to a lack of sanity checking on the group variable.
0e476544b659e0558351730fac351de96b79fa2ac9ed9599c2b7042ef2694279
GameFly, the popular online video game rental service, suffers from a cross site scripting flaw.
ce3987d843bd39dcd1478bb5df3c15e8d042e5a41f5b48309878a478c11ec86a