exploit the possibilities
Showing 1 - 25 of 54 RSS Feed

Files Date: 2008-04-21

D2T2_-_Benjamin_Hagen_and_Walter_Goulet_-_Real_World_Attacks_Against_3G_Networks_Using_Subscriber_Devices.zip
Posted Apr 21, 2008
Authored by Walter Goulet, Benjamin Hagen | Site conference.hitb.org

Real World Attacks Against 3G Networks Using Subscriber Devices - Cellular networks, like any other data network, requires careful attention to network design such as proper segmentation of subscriber generated traffic from network management and signaling traffic. This presentation discusses an attack penetration method using only standard subscriber equipment to compromise an operator network.

MD5 | 0754f579735e10e3a81025c89d98d37a
RDdbenum.py.txt
Posted Apr 21, 2008
Authored by Rodrigo Marcos, Mark Crowther | Site irmplc.com

RedDot CMS versions 7.5 Build 7.5.0.48 and below full database enumeration exploit that takes advantage of a remote SQL injection vulnerability in ioRD.asp.

tags | exploit, remote, sql injection, asp
advisories | CVE-2008-1613
MD5 | b3e6d17bdc4a0dcb97d352f7f51cee73
reddot-sql.txt
Posted Apr 21, 2008
Authored by Rodrigo Marcos, Mark Crowther | Site irmplc.com

RedDot CMS versions 7.5 Build 7.5.0.48 and below suffer from a remote SQL injection vulnerability in ioRD.asp.

tags | exploit, remote, sql injection, asp
advisories | CVE-2008-1613
MD5 | e0792209f14eb0e65fa09f4998833156
adobealbum-overflow.txt
Posted Apr 21, 2008
Authored by c0ntex | Site open-security.org

Adobe Photoshop Album Starter, Adobe After Effects CS3, and Adobe Photoshop CS3 all suffer from a local buffer overflow vulnerability. Included is an exploit for Album Starter version 3.2 on Microsoft Windows SP2 that launches calc.exe.

tags | exploit, overflow, local
systems | windows
MD5 | d0187265d6b58112df406426a0db3181
metagoofil-1.4.tar.gz
Posted Apr 21, 2008
Authored by Christian Martorella | Site edge-security.com

Metagoofil is an information gathering tool designed for extracting the Meta-Data of public documents (pdf,doc,xls,ppt,etc) available on target/victim websites. It will generate a html page with the results of the Meta-Data extracted, plus a list of potential usernames.

Changes: This new version extracts the MAC address of Microsoft Office documents. The output has some changes and some minor fixes have been implemented.
tags | tool, forensics
MD5 | 1e291245f802261ea669d82e94001ef3
Mandriva Linux Security Advisory 2008-090
Posted Apr 21, 2008
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - A heap overflow was discovered in OpenOffice.org's EMF parser. An attacker could create a carefully crafted EMF file that could cause OpenOffice.org to crash or potentially execute arbitrary code if the malicious EMF image was added to a document or if a document containing such an EMF file was opened. A heap overflow was discovered in the OLE Structured Storage file parser, a format used by Microsoft Office documents. An attacker could create a carefully crafted OLE file that could cause OpenOffice.org to crash or potentially execute arbitrary code.

tags | advisory, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2007-5746, CVE-2008-0320
MD5 | e7db4216804e0067e84bf3c32ba3e8ab
trnews-sql.txt
Posted Apr 21, 2008
Authored by His0k4

TR News version 2.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | ee448441d742b66883034afc16a0fa32
smf_captcha.zip
Posted Apr 21, 2008
Authored by Michael Brooks | Site rooksecurity.com

Tool that demonstrates the breaking of Simple Machine Forum's audio CAPTCHA.

tags | exploit
MD5 | 22c081a2babb99cea4891aa3d2381d5f
php_nuke_captcha.zip
Posted Apr 21, 2008
Authored by Michael Brooks | Site rooksecurity.com

Tool that demonstrates how the CAPTCHA used in PHP-Nuke version 8.1 can be deciphered with 100% accuracy.

tags | exploit, php
MD5 | 92d58b644baec0fc297eb1ba602c537d
crazygoomba-sql.txt
Posted Apr 21, 2008
Authored by ZoRLu | Site yildirimordulari.org

Crazy Goomba version 1.2.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | cd16ba5694e9957e54533171c7862e4a
TokenKidnapping.pdf
Posted Apr 21, 2008
Authored by Cesar Cerrudo

Whitepaper discussing token kidnapping on Microsoft Windows.

tags | paper
systems | windows
MD5 | fc55befe4d486f4b668dc6a4ebf1f79c
acidcat-multi.txt
Posted Apr 21, 2008
Authored by AmnPardaz Security Research Team | Site bugreport.ir

Acidcat CMS version 3.4.1 suffers from multiple vulnerabilities including SQL injection, arbitrary upload, and cross site scripting flaws.

tags | exploit, arbitrary, vulnerability, xss, sql injection
MD5 | e317ea20c9a7fe67ba18b0d68d86c7fa
incognito-v0.1.zip
Posted Apr 21, 2008
Authored by Luke Jennings | Site mwrinfosecurity.com

Incognito is a tool for manipulating windows access tokens and is intended for use by penetration testers, security consultants and system administrators.

systems | windows
MD5 | 7a7edfc965e2b70db37bc32b72f0438e
mwri_security-implications-of-windows-access-tokens_2008-04-14.pdf
Posted Apr 21, 2008
Authored by Luke Jennings | Site mwrinfosecurity.com

This whitepaper discusses the security exposures that can occur due to the manner in which access tokens are implemented in the Microsoft Windows Operating System. A brief overview of the intended function, design and implementation of Windows access tokens is given, followed by a discussion of the relevant security consequences of their design. More specific technical details are then given on how the features of Windows access tokens can be used to perform powerful post-exploitation functions during penetration testing, along with a basic methodology for including an assessment of the vulnerabilities exposed through tokens in a standard penetration test.

tags | paper, vulnerability
systems | windows
MD5 | 3db61250e4b375fb5b3216cd0316f311
kubelance-lfi.txt
Posted Apr 21, 2008
Authored by Crackers_Child

Kubelance suffers from a local file inclusion vulnerability in ipn.php.

tags | exploit, local, php, file inclusion
MD5 | c1c5d18ef98a52c90c3040c4d3e7160d
hostdir-cookie.txt
Posted Apr 21, 2008
Authored by Crackers_Child

HostDirectory Pro suffers from an insecure handling of cookies vulnerability.

tags | exploit
MD5 | 54f0c86a0bd527995cd627d78e7fbf9c
apartmentsearch-sql.txt
Posted Apr 21, 2008
Authored by Crackers_Child

The Apartment Search Script suffers from a SQL injection vulnerability in listtest.php.

tags | exploit, php, sql injection
MD5 | 2faec4bf41618e3572708e2d260cb157
blogworx-sql.txt
Posted Apr 21, 2008
Authored by U238 | Site noexec.blogspot.com

BlogWorx version 1.0 suffers from a SQL injection vulnerability in view.asp.

tags | exploit, sql injection, asp
MD5 | 85d47619876657091ce1d7a29bfaa0e0
philboard1-sql.txt
Posted Apr 21, 2008
Authored by U238 | Site noexec.blogspot.com

W1L3D4 Philboard version 1.0 suffers from a SQL injection vulnerability in philboard_reply.asp.

tags | exploit, sql injection, asp
MD5 | 22685f8e427fa4d78a8344ba031495e5
Debian Linux Security Advisory 1553-1
Posted Apr 21, 2008
Authored by Debian | Site debian.org

Debian Security Advisory 1553-1 - It has been discovered that ikiwiki, a Wiki implementation, does not guard password and content changes against cross-site request forgery (CSRF) attacks.

tags | advisory, csrf
systems | linux, debian
advisories | CVE-2008-0165
MD5 | 40145921dada82148fce1f0b2786e383
Debian Linux Security Advisory 1552-1
Posted Apr 21, 2008
Authored by Debian | Site debian.org

Debian Security Advisory 1552-1 - It was discovered that the MPlayer movie player performs insufficient input sanitising on SDP session data, leading to potential execution of arbitrary code through a malformed multimedia stream.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2008-1558
MD5 | 61e35e32377c68a3a4e5e395f60218c1
Debian Linux Security Advisory 1551-1
Posted Apr 21, 2008
Authored by Debian | Site debian.org

Debian Security Advisory 1551-1 - Several vulnerabilities have been discovered in the interpreter for the Python language.

tags | advisory, vulnerability, python
systems | linux, debian
advisories | CVE-2007-2052, CVE-2007-4965, CVE-2008-1679, CVE-2008-1721, CVE-2008-1887
MD5 | a4a07e88ffe379e85df8a36fe88b84c7
strongSwan IPsec / IKEv1 / IKEv2 Implementation For Linux
Posted Apr 21, 2008
Authored by Andreas Steffen | Site strongswan.org

strongSwan is a complete IPsec and IKEv1 implementation for Linux 2.4 and 2.6 kernels. It interoperates with most other IPsec-based VPN products. It is a descendant of the discontinued FreeS/WAN project. The focus of the strongSwan project is on strong authentication mechanisms using X.509 public key certificates and optional secure storage of private keys on smartcards through a standardized PKCS#11 interface. A unique feature is the use of X.509 attribute certificates to implement advanced access control schemes based on group memberships.

Changes: Support for "Hash and URL" encoded certificate payloads has been implemented in the IKEv2 daemon charon. The IKEv2 daemon charon now supports the "uniqueids" option to close multiple IKE_SAs with the same peer. The new trustchain verification introduced in 4.2.0 has been parallelized. Various other fixes and improvements.
tags | kernel, encryption
systems | linux
MD5 | 1af259dd8c1c3b6e402579cc0efe212a
atter-lfi.txt
Posted Apr 21, 2008
Authored by KnocKout | Site cyber-warrior.org

Atter version 0.9.1 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
MD5 | 131df2a2b8358823671a1a46937da94d
xoopsall-sql.txt
Posted Apr 21, 2008
Authored by Cr@zy_King

XOOPS remote blind SQL injection exploit that takes advantage of Article.PHP.

tags | exploit, remote, php, sql injection
MD5 | 485dfaabedd517ce561f3f0da54545d9
Page 1 of 3
Back123Next

File Archive:

September 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    1 Files
  • 2
    Sep 2nd
    38 Files
  • 3
    Sep 3rd
    30 Files
  • 4
    Sep 4th
    15 Files
  • 5
    Sep 5th
    12 Files
  • 6
    Sep 6th
    17 Files
  • 7
    Sep 7th
    3 Files
  • 8
    Sep 8th
    1 Files
  • 9
    Sep 9th
    24 Files
  • 10
    Sep 10th
    22 Files
  • 11
    Sep 11th
    22 Files
  • 12
    Sep 12th
    15 Files
  • 13
    Sep 13th
    5 Files
  • 14
    Sep 14th
    2 Files
  • 15
    Sep 15th
    1 Files
  • 16
    Sep 16th
    11 Files
  • 17
    Sep 17th
    14 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close