XRunAs is a tool that allows administrators to run commands on remote computers under the context of a specified user account without the use of the Schedule service. If XRunAs is used in conjunction with a domain account, commands that are run will be able to access network resources given that the domain account used to run the command has access to the network resource. All information that is transferred over the network while using XRunAs is encrypted using a standard encryption algorithm.
51938cd5cf73547c2518625847c45890d6f4d003fc9bbe10365e752f82e33a08
klgr is a basic keylogger for Linux that loads as a module, but will hide from lsmod.
a78acf15db3c7c1cd70f1439dd7d6b36d63c23e525a24aed8d77ea5835763498
The code used in Microsoft Internet Explorer to parse web servers' HTTP
8409c280ff9852eade3c78cd582096e5c515b89d13acd91bc6e53196eeb73d5b
(N)compress 4.2.4 local root exploit.
8ad5fecf9ab689d4c57252919836ecd38d23f16efdaea8755879e04bdd2451c3
A problem exists in True Galerie v1.0 that allows a remote attacker to obtain administrative access to this utility due to misuse of cookies.
d60704ec2fd8a3caefc2462af52a5c5019ab052febae606e69424fa837d5ec1a
Secure Network Operations Advisory SRT2003-04-24-1532 - The Options Parsing Tool shared library is vulnerable to a buffer overflow. If a setuid application makes use of this shared library privilege escalation can occur.
27653feb879a2466532cbf9dc02ab5adf50adeae30aed387f0723aaaaf1e7e51
NGSSoftware Insight Security Research Advisory NISR24042003 - There is an exploitable heap overflow vulnerability in Microsoft's ActiveX control, Plugin.ocx. By default, plugin.ocx is marked safe for scripting, and as such, if an IE user were to visit a malicious web page, the overflow could be triggered allowing for a remote compromise of the user's machine. Systems Affected: IE 5.01 SP3, 5.5 SP2, 6.0 Gold, 6.0 SP1.
09846f5747f8a68ae2082855b7b8bddf3aa795b6b67998718a647a62cd330cdc
Cisco Security Advisory: Cisco Catalyst software permits unauthorized access to the enable mode in the 7.5(1) release. Once initial access is granted, access can be obtained for the higher level "enable" mode without a password. This
d785b165ef0019a6df143d4b4bea9a49bff722284b56119f4262c51bbecfe4e9
Local root exploit for a stack overflow discovered in the linux-atm binary /usr/local/sbin/les.
f1c32981886e6334e7424c657577e8ff9d0eb02412a12110472003cb93a561e8
Flooding and sniffing robot for the IRC that attacks with spoof IGMP packets.
c9511dfcec990896079ce0509d8e7a92f5cf2d5ffb168064ff03db42d335fcdc
Full low level (without libc) AT+T port scanner written for the article "Advanced AT+T asm tutorial. Part 1".
b351a9da40051ae17249d3db2ddf289d051cdd7d92fc3d6c2836ab9d5b54a53d
Demo Permutate Engine for Linux that supports a few permutatable instructions: xor,sub,test,or,mov.
be15fb2bca26a61637e15f8fde38dd123b6a33c3b416fc9a541a0d9f8ac3d003
0x4553_Executor is a memory executor that allows a user to load code from file to memory and execute it.
ee6f412dcf6e5016ccb3bd30d093edd27679edf336bc268f7b36e79104c28552
A vulnerability in the Xeneo Web Server can be exploited by malicious attackers to cause a denial of service due to an error in the handling of requests including a malformed URL encoding representation of a character.
893273caaeca2a5baa326a0456742a7e0d82e24c4657dbd8a249341dabfc93f5
Cisco Security Advisory - Cisco Secure ACS for Windows is vulnerable to a buffer overflow on the administration service which runs on TCP port 2002. Exploitation of this vulnerability results in a Denial of Service, and can potentially result in system administrator access. Cisco Secure ACS versions up to and including version 2.6.4 , 3.0.3, and 3.1.1 are affected by this vulnerability.
480f30faba4a7dc1e5a194019281b719a20ce957e96e56bdb9b229dec2c34792
Snort 1.9.1 and below remote exploit. Related CERT Advisory is here. Tested on Slackware 8.0.
6fb5c8a0246dcb6a64973e1f4f80cc826590cb7b7f3484e6026b64722e722d57
The Nmap 3.20 Statistics Patch adds the -c switch which guesses how much longer the scan will take, shows how many ports have been tested, resent, and the ports per second rate. Useful for scanning firewalled hosts.
4544455af5ab0ed47cbcb4e33e29760ad56ff4235407df2e003cab38ff519257
SAP DB is vulnerable to a race condition during installation. The installer creates a world writable file that gets compiled and then is setuid to root. If a local attacker can overwrite the file in the alloted time-frame they will be able to escalate their privileges.
133ef0c808730e0896b10d01e7b0daaaf775415dcf0f90ca80ffebe268a51845
Next Generation advisory NGSEC-2003-5. YABBS, the popular BBS system for unix and Windows, has a vulnerability in the HttPush code that allows a remote attacker to inject evil code via its PHP language support.
a52311ed4ce82096496852dbff6937714db96a018f5f4bc4c0c30521de8a9711
0x4553_Crypt0r is a base engine for encrypting ELF binaries. Uses simple bit rotation and allows for the ability to add your own algorithm.
36f1bbb88e87fdfc2043f0e77d68dc9bb9e22057400152254667ed960fdbad93
Radical Environments part II - This paper continues where part one left off, detailing a technique in writing 0 bytes when exploiting a local buffer overflow using a non-executable stack with the heap being stored in memory at a virtual address containing a \x00 byte.
004f5ce4295a0c7432dff945d7e66862613b1de871421317eb084f690a1eadb4
Radical Environments part I - A paper that compiles various stack related tips and tricks which discusses how an exploit without nops works.
edb58041e15067b25c301cea23aa6636cce03f73b92887f76abbcf3454343f12
Detailed paper that describe format string vulnerabilities and how to exploit them.
58ebad71f55604ab6a49305de83b658c361377f6b555c59d609be9859e0f83d1
Linux x86 shellcode (31 bytes) which does setuid(0); execve ("/bin/sh",0);
5bf02bc71bb5d4648b9c13d8972996bb9aaf9e36385951be7c76068bf151afac
The Xeneo Web Server v2.2.9.0 is vulnerable to a Denial of Service attack when a GET request with 4096 ?'s are received. Tested against Windows XP Pro SP1 and Windows 2000 SP3.
da3a642b7f36b1639ffe07503652d7ffe8dcb8c31823a7b41ba1daffd75e0227