what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 18 of 18 RSS Feed

Files Date: 2003-04-30 to 2003-04-30

ex_enq_aix4x.sh
Posted Apr 30, 2003
Authored by Watercloud | Site xfocus.org

The enq program under AIX has an overflow that exists in the command line argument parsing. This exploit successfully utilizes the vulnerability to escalate privileges to egid=printq. Tested on AIX 4.3.3.

tags | exploit, overflow
systems | aix
SHA-256 | b9aa6fde8e33084acefb4bf66b450b630fbf86049e406631ffdece9bd065b6e7
msqlfast.c
Posted Apr 30, 2003
Authored by Secret Squirrel

A high-speed brute-force password cracker for MySQL hashed passwords. It can break an 8-character password containing any printable ASCII characters in a matter of hours.

tags | cracker
SHA-256 | 124ae704ea210354bcd693361cbb0422d6c9271c715fd794d16e619576ca22b5
poptop-sane.c
Posted Apr 30, 2003

Remote root exploit for PoPToP, the PPTP server designed for Linux, versions 1.1.4-b3 and below. Fixed by blightninjas. Original code by einstein.

tags | exploit, remote, root
systems | linux
SHA-256 | 7b259fb68ba2f2394efa8a75f26c214b7561cd714f3e1726df283dfa4947ffe2
getdatang.tar.gz
Posted Apr 30, 2003
Authored by Victor Pereira

Getdata Protocol Analyzer is another sniffer made with libpcap that supports multiple protocols like TCP, UDP, ICMP, IGMP, etc.

Changes: Added experimental support for traffic statistics and various bugfixes.
tags | tool, udp, sniffer, tcp, protocol
SHA-256 | 8285a9d512c65e7274f5cba58bb8fe1ca1b585b0e3af544f58156a031e5c130a
injectso-0.2.1.tar.gz
Posted Apr 30, 2003
Authored by Shaun Clowes | Site securereality.com.au

Injectso is a tool that can be used to inject shared libraries into running processes on Linux (x86/IA32 and Sparc) and Solaris (Sparc). It also provides routines that can be used by injected libraries to easily modify the behavior of the host process by intercepting library function calls. This allows you to intercept input or output, send and receive information over open sockets in that process, read and write to files opened exclusively by that process, close a file descriptor to a socket and redirect the i/o to a file for debugging, and much more. This is similar to an article in Phrack 59, but more refined. More information available here.

Changes: Support for symbol hash table lookups, more documentation, modified intercept routines, improved signal handling, and more.
tags | x86
systems | linux, unix, solaris
SHA-256 | 25106b23436fc67af56f43cfd1460da33596d3d37d9f72f591582b65d8ed3225
shiva-0.95.tar.gz
Posted Apr 30, 2003
Authored by Shaun Clowes, Neel Mehta | Site securereality.com.au

Shiva is a tool to encrypt ELF executables under Linux. Shiva can be used to wrap an executable in such a way that though it continues to run as it did before it is very difficult to debug or reverse engineer. Shiva can be used to password protect critical programs, including setuid programs, or simply to obfuscate sensitive data stored within programs.

tags | encryption
systems | linux
SHA-256 | ab9b952d330d5b067330bad8fe8c5a78d38d920e6daffaa451428a427464cd7b
bysin2.c
Posted Apr 30, 2003
Authored by Bysin

Remote root exploit for Sendmail 8.12.8 and below that makes use of the vulnerability in prescan(). Note: This exploit is crippled and needs to be fixed.

tags | exploit, remote, root
SHA-256 | b3c08d4687af2292f82e2d9dac63e977ef8497f5afbf665b31499dbc02ad22ba
bysin.c
Posted Apr 30, 2003
Authored by Bysin

Remote root exploit for Sendmail 8.12.8 and below that uses the vulnerability in crackaddr().

tags | exploit, remote, root
SHA-256 | 939cd7761692b6a6fdd91b9b6e74d8c5e902c6f7530d6acd1c651d71efcfc833
0x82-Local.Qp0ppa55d.c
Posted Apr 30, 2003
Authored by Xpl017Elz | Site inetcop.org

Local root exploit for Qpopper v4.0.x poppassd that utilizes the ability to set the smbpasswd path.

tags | exploit, local, root
SHA-256 | ce5f5d341e016678062e1b6bd29ac00f6270e383375a46773cf0166a0247087f
0x333hate.c
Posted Apr 30, 2003
Authored by Cowboy, 0x333 | Site 0x333.org

Samba 2.2.x Remote root exploit. Tested against RedHat 8.0.

tags | exploit, remote, root
systems | linux, redhat
SHA-256 | 13c39033253a9725ddb7ac8cf13eb639cca2208e1d16c19ff60bf316d0a4fbee
nagini.c
Posted Apr 30, 2003
Authored by netric, Sacrine | Site netric.org

A simple TCP packetlogger/sniffer for Linux which includes background logging.

tags | tcp
systems | linux
SHA-256 | 35c08a7777d1b751a168478dad9d3126b0d7fa46d8d372c1035af3c21843f383
ngs-2904.txt
Posted Apr 30, 2003
Authored by David Litchfield | Site ngssoftware.com

Software Insight Security Research Advisory #NISR29042003 - A classic stack based buffer overflow vulnerability exists in the Oracle database server that can be set up for exploitation by providing an overly long parameter for a connect string with the 'CREATE DATABASE LINK' query.

tags | advisory, overflow
SHA-256 | c3f8b0302120eee28deb89f9e37d6fc46825608d07e31b5127eebc4b72b60651
bug-exploit.tar.bz2
Posted Apr 30, 2003
Authored by Bugghy | Site vaida.bogdan.googlepages.com

bug-exploit is a utility designed to go through a list of setuid and setgid files and will assist a coder in figuring out whether or not a buffer overflow exists in the command line arguments fed to the binary.

tags | overflow
systems | unix
SHA-256 | 2e38a2ca5690f924d27eedd76b77db17c972e891c972352e2e474555002f1fe4
snmpenum.zip
Posted Apr 30, 2003
Authored by Filip Waeytens | Site scanit.be

Simple Perl script to enumerate information on Machines that are running SNMP

tags | tool, scanner, perl
systems | unix
SHA-256 | 4f4f920f8b8d8bb5b11f535163c3bba075a441377d423b39895918db914bc1b4
core-kerio.txt
Posted Apr 30, 2003
Authored by Emiliano Kargieman, Hernan Gips, Javier Burroni | Site coresecurity.com

Kerio Personal Firewall version 2.1.4 and below is vulnerable to a replay attack against the authenticated/encrypted channel for remote administration. A remotely exploitable buffer overflow also exists in the authentication process.

tags | advisory, remote, overflow
SHA-256 | 51f426c01a5ad688ec33c74da88fe1f7fc33549a9d8404fc4084179856d88505
FendIIS.pl
Posted Apr 30, 2003
Authored by Matt 'Zola' Stevens | Site zola.org.uk

This utility scans a class C or B network for hosts infected with the Code Red II worm. It does this by checking for the presence of /scripts/root.exe which is the backdoor Code Red II leaves behind.

tags | tool, worm, root, scanner
systems | unix
SHA-256 | 9d7ac64116e321ee9ad184ad22c7d68ea6e8821fb7ce10daf672883ea8effbea
qpoppassd.txt
Posted Apr 30, 2003
Authored by Xpl017Elz | Site inetcop.org

INetCop Security Advisory #2003-0x82-016 - Qpopper v4.0.x poppassd, the utility that allows users to change their mail passwords, is setuid root and allows for a definable path to smbpasswd. In doing so, a local attacker can easily escalate to root privileges.

tags | advisory, local, root
SHA-256 | 20cb7ad78ee34a4462fc2669a4d2d11d3fe2de2037bd5095118d7d9b3abee361
THCunREAL_V0.2.ZIP
Posted Apr 30, 2003
Authored by thc, Johnny Cyberpunk | Site thc.org

Updated version of the remote root exploit for Realserver 8 on several Windows platforms.

Changes: New shellcode added and the code has been condensed.
tags | exploit, remote, root
systems | windows
SHA-256 | faac60e3244b42b5c4ede35ae529a0d44f8df9e59b986f1e0455c38db816a155
Page 1 of 1
Back1Next

File Archive:

August 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    20 Files
  • 2
    Aug 2nd
    4 Files
  • 3
    Aug 3rd
    6 Files
  • 4
    Aug 4th
    55 Files
  • 5
    Aug 5th
    16 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    13 Files
  • 9
    Aug 9th
    13 Files
  • 10
    Aug 10th
    0 Files
  • 11
    Aug 11th
    0 Files
  • 12
    Aug 12th
    0 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close