exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 134 RSS Feed

Files Date: 2003-04-01 to 2003-04-30

xrunas11eval.zip
Posted Apr 27, 2003
Authored by Lazy Sysadmin | Site lazysysadmin.com

XRunAs is a tool that allows administrators to run commands on remote computers under the context of a specified user account without the use of the Schedule service. If XRunAs is used in conjunction with a domain account, commands that are run will be able to access network resources given that the domain account used to run the command has access to the network resource. All information that is transferred over the network while using XRunAs is encrypted using a standard encryption algorithm.

tags | remote
SHA-256 | 51938cd5cf73547c2518625847c45890d6f4d003fc9bbe10365e752f82e33a08
klgr.tgz
Posted Apr 27, 2003
Authored by LyNx | Site rootteam.void.ru

klgr is a basic keylogger for Linux that loads as a module, but will hide from lsmod.

systems | linux
SHA-256 | a78acf15db3c7c1cd70f1439dd7d6b36d63c23e525a24aed8d77ea5835763498
ie-parse.txt
Posted Apr 27, 2003

The code used in Microsoft Internet Explorer to parse web servers' HTTP

tags | advisory, web
SHA-256 | 8409c280ff9852eade3c78cd582096e5c515b89d13acd91bc6e53196eeb73d5b
ESc.c
Posted Apr 27, 2003
Authored by electronicsouls, Lunar Fault

(N)compress 4.2.4 local root exploit.

tags | local, root
SHA-256 | 8ad5fecf9ab689d4c57252919836ecd38d23f16efdaea8755879e04bdd2451c3
truegalerie.txt
Posted Apr 27, 2003
Authored by Frog Man | Site frog-man.org

A problem exists in True Galerie v1.0 that allows a remote attacker to obtain administrative access to this utility due to misuse of cookies.

tags | exploit, remote
SHA-256 | d60704ec2fd8a3caefc2462af52a5c5019ab052febae606e69424fa837d5ec1a
SRT2003-04-24-1532.txt
Posted Apr 27, 2003
Authored by Strategic Reconnaissance Team | Site secnetops.com

Secure Network Operations Advisory SRT2003-04-24-1532 - The Options Parsing Tool shared library is vulnerable to a buffer overflow. If a setuid application makes use of this shared library privilege escalation can occur.

tags | advisory, overflow
SHA-256 | 27653feb879a2466532cbf9dc02ab5adf50adeae30aed387f0723aaaaf1e7e51
ie-heap1.txt
Posted Apr 27, 2003
Authored by Mark Litchfield | Site ngssoftware.com

NGSSoftware Insight Security Research Advisory NISR24042003 - There is an exploitable heap overflow vulnerability in Microsoft's ActiveX control, Plugin.ocx. By default, plugin.ocx is marked safe for scripting, and as such, if an IE user were to visit a malicious web page, the overflow could be triggered allowing for a remote compromise of the user's machine. Systems Affected: IE 5.01 SP3, 5.5 SP2, 6.0 Gold, 6.0 SP1.

tags | advisory, remote, web, overflow, activex
SHA-256 | 09846f5747f8a68ae2082855b7b8bddf3aa795b6b67998718a647a62cd330cdc
cisco-pass.txt
Posted Apr 25, 2003

Cisco Security Advisory: Cisco Catalyst software permits unauthorized access to the enable mode in the 7.5(1) release. Once initial access is granted, access can be obtained for the higher level "enable" mode without a password. This

tags | advisory
systems | cisco
SHA-256 | d785b165ef0019a6df143d4b4bea9a49bff722284b56119f4262c51bbecfe4e9
les-exploit.c
Posted Apr 25, 2003
Authored by Angelo Rosiello, rosiello | Site dtors.net

Local root exploit for a stack overflow discovered in the linux-atm binary /usr/local/sbin/les.

tags | exploit, overflow, local, root
systems | linux
SHA-256 | f1c32981886e6334e7424c657577e8ff9d0eb02412a12110472003cb93a561e8
0x4553_dr01d.tar.gz
Posted Apr 24, 2003
Authored by electronicsouls, Ares

Flooding and sniffing robot for the IRC that attacks with spoof IGMP packets.

tags | spoof
SHA-256 | c9511dfcec990896079ce0509d8e7a92f5cf2d5ffb168064ff03db42d335fcdc
0x4553_asm_portscan.tar.gz
Posted Apr 24, 2003
Authored by electronicsouls, Area

Full low level (without libc) AT+T port scanner written for the article "Advanced AT+T asm tutorial. Part 1".

SHA-256 | b351a9da40051ae17249d3db2ddf289d051cdd7d92fc3d6c2836ab9d5b54a53d
0x4553_Permutator.tar.gz
Posted Apr 24, 2003
Authored by electronicsouls, Ares

Demo Permutate Engine for Linux that supports a few permutatable instructions: xor,sub,test,or,mov.

systems | linux
SHA-256 | be15fb2bca26a61637e15f8fde38dd123b6a33c3b416fc9a541a0d9f8ac3d003
0x4553_Executor.tar.gz
Posted Apr 24, 2003
Authored by electronicsouls, Ares

0x4553_Executor is a memory executor that allows a user to load code from file to memory and execute it.

SHA-256 | ee6f412dcf6e5016ccb3bd30d093edd27679edf336bc268f7b36e79104c28552
secuniaXeneo.txt
Posted Apr 24, 2003
Authored by Carsten Eiram | Site secunia.com

A vulnerability in the Xeneo Web Server can be exploited by malicious attackers to cause a denial of service due to an error in the handling of requests including a malformed URL encoding representation of a character.

tags | advisory, web, denial of service
SHA-256 | 893273caaeca2a5baa326a0456742a7e0d82e24c4657dbd8a249341dabfc93f5
CiscoACS.txt
Posted Apr 24, 2003
Site cisco.com

Cisco Security Advisory - Cisco Secure ACS for Windows is vulnerable to a buffer overflow on the administration service which runs on TCP port 2002. Exploitation of this vulnerability results in a Denial of Service, and can potentially result in system administrator access. Cisco Secure ACS versions up to and including version 2.6.4 , 3.0.3, and 3.1.1 are affected by this vulnerability.

tags | advisory, denial of service, overflow, tcp
systems | cisco, windows
SHA-256 | 480f30faba4a7dc1e5a194019281b719a20ce957e96e56bdb9b229dec2c34792
p7snort191.sh
Posted Apr 24, 2003
Authored by truff | Site projet7.org

Snort 1.9.1 and below remote exploit. Related CERT Advisory is here. Tested on Slackware 8.0.

tags | exploit, remote
systems | linux, slackware
SHA-256 | 6fb5c8a0246dcb6a64973e1f4f80cc826590cb7b7f3484e6026b64722e722d57
Nmap 3.20 Statistics Patch
Posted Apr 24, 2003
Authored by Ian Vitek | Site sekure.net

The Nmap 3.20 Statistics Patch adds the -c switch which guesses how much longer the scan will take, shows how many ports have been tested, resent, and the ports per second rate. Useful for scanning firewalled hosts.

tags | tool, nmap
systems | unix
SHA-256 | 4544455af5ab0ed47cbcb4e33e29760ad56ff4235407df2e003cab38ff519257
VapidSAP.txt
Posted Apr 24, 2003
Authored by Larry W. Cashdollar | Site vapid.dhs.org

SAP DB is vulnerable to a race condition during installation. The installer creates a world writable file that gets compiled and then is setuid to root. If a local attacker can overwrite the file in the alloted time-frame they will be able to escalate their privileges.

tags | exploit, local, root
SHA-256 | 133ef0c808730e0896b10d01e7b0daaaf775415dcf0f90ca80ffebe268a51845
yabbs01.txt
Posted Apr 23, 2003
Authored by FJ Serna | Site ngsec.com

Next Generation advisory NGSEC-2003-5. YABBS, the popular BBS system for unix and Windows, has a vulnerability in the HttPush code that allows a remote attacker to inject evil code via its PHP language support.

tags | advisory, remote, php
systems | windows, unix
SHA-256 | a52311ed4ce82096496852dbff6937714db96a018f5f4bc4c0c30521de8a9711
0x4553_Crypt0r.tar.gz
Posted Apr 22, 2003
Authored by electronicsouls, Ares

0x4553_Crypt0r is a base engine for encrypting ELF binaries. Uses simple bit rotation and allows for the ability to add your own algorithm.

SHA-256 | 36f1bbb88e87fdfc2043f0e77d68dc9bb9e22057400152254667ed960fdbad93
Netric-RE-partII.pdf
Posted Apr 22, 2003
Authored by The Itch, netric, Gloomy | Site netric.org

Radical Environments part II - This paper continues where part one left off, detailing a technique in writing 0 bytes when exploiting a local buffer overflow using a non-executable stack with the heap being stored in memory at a virtual address containing a \x00 byte.

tags | overflow, local
SHA-256 | 004f5ce4295a0c7432dff945d7e66862613b1de871421317eb084f690a1eadb4
envpaper.pdf
Posted Apr 22, 2003
Authored by The Itch, netric, Gloomy | Site netric.org

Radical Environments part I - A paper that compiles various stack related tips and tricks which discusses how an exploit without nops works.

SHA-256 | edb58041e15067b25c301cea23aa6636cce03f73b92887f76abbcf3454343f12
fmtstring.txt
Posted Apr 22, 2003
Authored by The Itch, netric | Site netric.org

Detailed paper that describe format string vulnerabilities and how to exploit them.

tags | vulnerability
SHA-256 | 58ebad71f55604ab6a49305de83b658c361377f6b555c59d609be9859e0f83d1
execve2.c
Posted Apr 22, 2003
Authored by The Itch, netric | Site netric.org

Linux x86 shellcode (31 bytes) which does setuid(0); execve ("/bin/sh",0);

tags | x86, shellcode
systems | linux
SHA-256 | 5bf02bc71bb5d4648b9c13d8972996bb9aaf9e36385951be7c76068bf151afac
sp-xeneo.pl
Posted Apr 22, 2003
Authored by Badpack3t | Site security-protocols.com

The Xeneo Web Server v2.2.9.0 is vulnerable to a Denial of Service attack when a GET request with 4096 ?'s are received. Tested against Windows XP Pro SP1 and Windows 2000 SP3.

tags | exploit, web, denial of service
systems | windows
SHA-256 | da3a642b7f36b1639ffe07503652d7ffe8dcb8c31823a7b41ba1daffd75e0227
Page 1 of 6
Back12345Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close