mIRC v5.91 and below has an exploitable bug which allows remote code execution. mIRC assumes the current nickname of the client as sent by the server is fewer than 100 characters long. mIRC stores the current and alternative nickname as a static array. Sending a nickname over 200 characters long allows overwriting of a key variable, the index to the current nickname. Fix available here.
7be119c91ef0d3642fc205b923d39056b40a51bb3e468568211d9c3586fdc091
Appcap is an application for x86 Linux which allows root on a machine to attach and redirect standard input and output of any application to his actual tty. Appcap can help admins running a multiuser machine to snoop on users. It is especially very useful for tracing and monitoring ssh and telnet sessions.
cddc2516ea1f004646e84826e5bcfaa6f30d6b1b47320ef43edca41f1c33e5f8
FreeBSD/Linux exploit for a buffer overflow in the snes9x Nintendo emulator. The linux shellcode works also on FreeBSD since snes9x runs on those systems with linux emulation.
db628cc64cef1685a7de38aff3d19885b177d6ead58e67ec5e2be496541d0bc2
Linux x86 shellcode that does an execve of /bin/sh. This shellcode contains no slashes so it can bypass certain application filters and was originally written for a snes9x buffer overflow.
4ef2d0f1cd24777b5709b44238b964e296e95e992d81fd668b2dcd7eb70e8405
Cw.c is a udp flooder which does not need root, based off udp-bitchslap.c.
fd4fa0ce23247466ed1ce79fba1ac0cba1ac50e5323529de536791507e4c9994
Lotus Domino web server prior to v5.0.9 allows password protected features to be accessed without the password by sending a malformed URL.
341aaccaace7b4578c0a8e33e943b60798194133ad005fdf50c6a57861cef67d
NetBSD Security Advisory 2001-018 - A remote buffer overflow in BSD derived Line Printer Daemons can lead to a remote root compromise. This vulnerability affects NetBSD current, 1.5, 1.5.1 and 1.5.2.
b589390a59a8227dbdee0c06ef0e0f5ace6b72b971cd71a9fbf5cd832adc1ed3
NetBSD Security Advisory 2001-017 - Sendmail's incorrect command line argument check can lead to a local root privilege compromise. This vulnerability affects all sendmail versions between 8.10.0 to 8.11.5.
c1d946cc82df64dd75efc0311699d13db94d85dfddc1469a505f55afa5c3f41a
The Winter issue of Hacker's Digest - In this issue: Microsoft The Soup Nazis, Hacker's Digest Focus - The Honeynet Project, Changing Your IP With @Home Service Without the aid of Tech Support, A Mobile Phone ANI Diversion Technique, An Analysis of the RADIUS Authentication Protocol, A Detailed Look Into Prison Phone Systems, Fingerprinting Port 80 Attacks - A look into web server, and web application, attack signatures, Letters!, Windows 2000 and XP Terminal Service IP Address Spoofing, An Insightful Look at the GOVnet Network, iDEFENSE Labs Analyzes Feasibility of Distributed Attacks using SubSeven, Full Disclosure of Vulnerabilities - pros/cons and fake arguments, and Microsoft Passport Account Hijack Attack.
561b44ae4abba35c92535f6a350886a372fe1938c53b253a8422d394a1ef833f
NetBSD Security Advisory 2001-016 - The fts functions are provided for traversing UNIX file hierarchies. The NetBSD fts implementation can be tricked to follow symbolic links and can therefore be abused by local users. All NetBSD releases prior to July 9, 2001 are affected by this vulnerability.
f57f124958aad1172bfa011eb3991d0cb4f8265a45e2b79e6e2404b5bb702613
NetBSD Security Advisory 2001-015 - Several buffer overflows found in the NetBSD kernel can enable local users to crash the system or gain superuser privileges. This vulnerability affects NetBSD-current, 1.4.*, 1.5, and 1.5.1.
4100e22d5d95db64c64e1eea57538c4244bb28b9aa2f17e30a3b540f5f1c60a0
TESO Security Advisory - LIDS Linux Intrusion Detection System vulnerability. The "Linux Intrusion Detection System" security patch for the Linux kernel creates a security vulnerability. Exploitation is easy and local users may be able to gain unrestricted root privileges.
8db59c973f0a09a893a58ab51abf452ad932286369e021ea1f5d4515063ef9d4
NetBSD Security Advisory 2001-014 - Dump (/sbin/dump), which is setgid tty, does not drop its privileges correctly and can be used to execute commands with setgid tty privileges by using the RCMD_CMD environment variable. This vulnerability affects the NetBSD-1.4, 1.5, 1.5.1 and current branch.
529f55f5564a602c83f290e0f3090627ee3a03395e7520f50edb110c86697cf7
NetBSD Security Advisory 2001-013 - The OpenSSL libcrypto includes a PRNG (pseudo random number generator) implementation. The logic used for PRNG was not strong enough, and allows attackers to guess the internal state of the PRNG. Therefore, attackers can predict future PRNG output. This vulnerability undermines the security level of cryptographic programs such as ssh and pgp.
264acefa92a1c14959125bb710b0220fa91d956f0c123a93d60a53ec07ffb5b8
NetBSD Security Advisory 2001-012 - A remotely exploitable buffer overflow found in BSD derived telnet daemons can be used to execute shell code with root privileges.
abd588019233fcad4fe67559cd67fe90fa0e9b1db3af226b1c231844e91ea10b
Linux x86 shellcode that does a sync(),sync() and then reboot(). Exit() was added in case the previous syscalls fail.
2a81a00a01fb93b1d0701c442911f09ffe9075a1f32d755a4eefdd63a9c2d8e1
Linux x86 shellcode that does a rename() of /bin/motd to /bin/owned.txt.
c08087a9d2b40464bf48bb83e0210b95af5595e13cc818be21c128b45db326ab
Linux x86 shellcode that does a reboot().
a60f971b1b2c77391e3e9d43a47e554227ec63b5cc99a417cf70f5e18f451dc1
Linux x86 shellcode that does an execve of /bin/sh /tmp/p00p.
a63c3eefd42c563f8c4553b56dde2155a919427d878f9e92c32def321f5074c9
Linux x86 shellcode that does an execve() of /sbin/iptables -F in order to flush activated firewall rules.
3ce24c6dbb6a4441745c8a1f8f94109161f80d7f25a9e6b22f721f5a034324f1
Linux x86 shell code that does an execve of /sbin/ipchains -F.
cb1122033c6453ca6dd2cd7f3f957f12101d952a92e4069803880036c606f53f
Linux x86 shellcode that uses execve and echo >> to create a passwordless root account.
476110f24a8fc0d9904743658a7ce6ad2d312ef90df05c1145c481107d84bbd9
Linux/x86 shell code that creates the directory 'hacked' (perm 755) using the mkdir() syscall and then does an exit().
a47f49596e69b77ee0502080bd57ac9b793baacb34f6573d5f3f9cc5492e6a0e
WaveStumbler is console based 802.11 network mapper for Linux and supports WEP, ESSID, MAC and more. This package includes a kernel patch (for the wireless nic drivers) which can be applied to the linux-2.4.17 sources and a program called wavestumbler. The program interacts with the patched network drivers to map wireless networks.
4194bbebe1197ab17393b9b111e5d57f13bd75d916018ecb3a297a88c41dc29c
Lcrzoex is a toolbox for network administrators and network hackers. Lcrzoex contains over 200 functionalities using network library lcrzo. For example, one can use it to sniff, spoof, create clients/servers, create decode and display packets, etc. The Ethernet, IP, UDP, TCP, ICMP, ARP and RARP protocols are supported. Lcrzoex and lcrzo were successfully installed under Linux, FreeBSD and Solaris. This archive contains Lcrzo and Lcrzoex. Windows binaries available here.
f443f1d9b7abac16c75c966c36d01bb92f9ec557d4f39faa05424be913b9c16c