what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 50 of 134 RSS Feed

Files Date: 2003-04-01 to 2003-04-30

ANHTTPd.txt
Posted Apr 22, 2003
Authored by Matthew Murphy

AN HTTPd versions 1.42h and prior ships with a script called count.pl which allows remote attackers to use a directory traversal attack to overwrite the contents of files on the system.

tags | exploit, remote
SHA-256 | a74b48909192b5c91b042611f88dcec0fb0d56626236be2a2851014e83d805c1
ptnews.txt
Posted Apr 22, 2003
Authored by Arnaud Jacques | Site securiteinfo.com

PT News v1.7.7 allows access to administrator functionality without authentication via news.inc which is included in the index.php file.

tags | exploit, php
SHA-256 | 19a14860edc87b027dcbf04677ec6da894af40a35495ef42885e005193b55ad5
mod_ntlm.txt
Posted Apr 21, 2003
Authored by Matthew Murphy

mod_ntlm is the Apache module for versions 1.3 and 2.0 which gives Apache the ability to authenticate users via the NTLM authentication technology that is largely specific to Microsoft IIS. The log() function contains two remotely exploitable vulnerabilities. Both a heap overflow and an incorrect call to ap_log_rerror() allow for arbitrary code execution.

tags | exploit, overflow, arbitrary, vulnerability, code execution
SHA-256 | 802cd05c619e98126a7d5192a17c55f423eeb343fb55248fd94b28417e566c3d
monkeyHTTPd.txt
Posted Apr 21, 2003
Authored by Matthew Murphy

The Monkey HTTPd v0.6.1 web server is vulnerable to a remote buffer overflow in the handling of forms submitted with the POST request method. The unchecked buffer lies in the PostMethod() procedure.

tags | exploit, remote, web, overflow
SHA-256 | 0301f75e2783269edb2b7a6fa9c640c16ea311a21771c827602cb320b112c4d0
badblue.txt
Posted Apr 21, 2003
Authored by Matthew Murphy

BadBlue web server versions 2.15 and below have a vulnerability that allows remote attackers to gain administrative control of a server. The ext.dll that allows pages parsing with the LoadPage command attempts to prevent remote users from accessing .hts pages by checking the 'referer' HTTP header of requests, and also verifying that all requests for .hts pages originate from 127.0.0.1 (the loopback). By appending certain illegal characters to the requested filename, it is possible to cause BadBlue to interpret .hts files from a remote system, thereby yielding administrative control of the server to the attacker.

tags | exploit, remote, web
SHA-256 | 7c9fcc98b57a0be0b7411ecaa6864241a66336a2bf516c6147bd84a47cdcbafb
lkl-0.0.4.tar.gz
Posted Apr 21, 2003
Authored by Carlo Comin | Site spine-group.org

LKL is a userspace keylogger that runs under linux x86/arch. LKL logs everything which passes through the hardware keyboard port (0x60). Keycode to ASCII translation is supported.

Changes: Email feature added, code clean-up, debugging added, and more comments in the source code.
tags | x86
systems | linux
SHA-256 | f0de1933b29ee87bd407eea94eb88b315ea4ad870453c8de1332242a30529327
shellcode-v2.0.zip
Posted Apr 21, 2003
Authored by Delikon | Site delikon.de

Shellcode-v2.0 is a genetic win32 shellcode generator based mainly on kungfoo. You can generate a shellcode with the help of a GUI. Source and executable included.

Changes: The shellcode will be XOR-encoded to avoid NULLS.
tags | shellcode
systems | windows
SHA-256 | bf21bbcff72608584169174404116a665444ac4b9bdc106694a2fe9770f56f35
sp-urfuqed.pl
Posted Apr 21, 2003
Authored by Badpack3t | Site security-protocols.com

Remote exploit written in Perl for the Twilight Utilities TW-WebServer that is vulnerable to a denial of service attack by a long HTTP GET request.

tags | exploit, remote, web, denial of service, perl, file upload
SHA-256 | 5b78819f77d10006a5044fc9c98d823f9fdea06bd35a18fb71f025f700d55c14
ss-dos.c
Posted Apr 21, 2003
Authored by Shashank Pandey | Site geekgroove.8m.com

Remote exploit written in C for the Twilight Utilities TW-WebServer that is vulnerable to a denial of service attack by a long HTTP GET request.

tags | exploit, remote, web, denial of service
SHA-256 | 5af8bdb45687457c4bf9c6f394b6c9c89b07f12bfa6f277f4d309a52156f5f9f
XPracecondition.txt
Posted Apr 21, 2003
Authored by Matthew Murphy

A race condition exists in Windows XP Service Control Manager Service Shutdown Mechanism when a service shutdown is not correctly completed in a desired time period. Normal users can access open files which may end up with randomly cached data that could contain restricted data. Microsoft has not announce any plans to backport a patch but has announced that this issue will be addressed in Windows Server 2003.

tags | advisory
systems | windows
SHA-256 | 41a02ad828c3ebc0dc61cce406afdab9e7375f885ee18abb77135abf5f1365c2
arb-scan-0.5.0.tar.gz
Posted Apr 21, 2003
Site arbon.elxsi.de

Arb-Scan is a remote banner scanner, written in Bash and Perl. It currently supports ftpd, sshd, smtpd, domain, finger, httpd, pop2, pop3 and imapd banner checks. It features IP file reading and logging.

Changes: Added imapv3(port 220) banner check, renamed imap to imapv2.
tags | tool, remote, scanner, perl, bash
systems | unix
SHA-256 | d2ea910de9e48b78e8e7be942da2788ce6384cd15cf3f074f7246d83d61aa991
kripp-0.2.tar.gz
Posted Apr 21, 2003
Authored by Konstantin Klyagin | Site konst.org.ua

KRIPP is a simple and light-weight network passwords sniffer written in Perl, which uses tcpdump to intercept traffic. Can sniff and display ICQ, FTP and POP3 passwords.

Changes: New version includes HTTP support and a few bug fixes. Added support for more flavors of Unix.
tags | tool, perl, sniffer
SHA-256 | 3b877edc721b0e5395e90511a6d07a84aca22494cb6655b65de8d99e75353306
nessus-2.0.4.tar.gz
Posted Apr 18, 2003
Authored by Renaud Deraison | Site nessus.org

Nessus is a free, up-to-date, and full featured remote security scanner for Linux, BSD, Solaris and other systems. It is multithreaded, plugin-based, has a nice GTK interface, and currently performs over a thousand remote security checks. It has powerful reporting capabilities (HTML, LaTeX, ASCII text) and not only points out problems, but suggests a solution for each of them. Windows version available here.

Changes: Fixed the SIGCHLD handler which would leave zombies on the system, fixed a race condition when testing a great number of hosts which would cause a testing process to slow down a whole audit or even hang it totally, When a large number of host names is passed to nessusd as a target, they are resolved by chunks of 64 instead of trying to resolve everything before starting the test, and includes RedHat 9 support.
tags | tool, remote, scanner
systems | linux, windows, unix, solaris, bsd
SHA-256 | 8ef4e4953c3069a87bdcf639fae6f3c68322d76de42c723d2f50712db53b8946
0x82-Remote.54AAb4.xpl.c
Posted Apr 18, 2003
Authored by Xpl017Elz | Site x82.inetcop.org

FreeBSD and OpenBSD remote Samba v2.2.x call_trans2open i386 buffer overflow exploit. Tested against OpenBSD 3.0 and FreeBSD 4.6.2-RELEASE with Samba v2.2.x. Includes support for target brute forcing. Information about the vulnerability is available here.

tags | exploit, remote, overflow
systems | freebsd, openbsd
SHA-256 | f677c9d6fb78104c365cb38722fea0540f263fc2adf56d38ded0fbb35c2f2573
lkl-0.0.2.tar.gz
Posted Apr 18, 2003
Authored by Carlo Comin | Site spine-group.org

LKL is a userspace keylogger that runs under linux x86/arch. LKL logs everything which passes through the hardware keyboard port (0x60). Keycode to ASCII translation is supported.

tags | x86
systems | linux
SHA-256 | 679352f1e08ffc5cfe6292171c0f108c101f5a74762075a23257f7e477f502fe
CA-2003-13.snort
Posted Apr 18, 2003
Site cert.org

CERT Advisory CA-2003-13 - Two remote vulnerabilities in the Snort IDS, versions 1.8 through 2.0 RC allow remote execution of code as root. It is not necessary for the attacker to know the IP address of the Snort device they wish to attack; merely sending malicious traffic where it can be observed by an affected Snort sensor is sufficient to exploit these vulnerabilities. Fix available here.

tags | remote, root, vulnerability
SHA-256 | 5a3ec3a941e459dab6ee1434d872c4142fa7d76c874532b7b896c46b440d6bbe
Core Security Technologies Advisory 2003.0307
Posted Apr 18, 2003
Authored by Core Security Technologies | Site corest.com

CORE Security Advisory CORE-2003-0307 - A remotely exploitable heap overflow vulnerability has been found in the Snort stream4 preprocessor module which allows remote code execution if a snort sensor picks up an exploit packet. Vulnerable versions include Snort 2.0 versions prior to RC1, Snort 1.9.x, 1.8.x, and IDS's with snort embedded. Includes information on exploitation using hping.

tags | remote, overflow, code execution
SHA-256 | dfed14afc923672fedae803a8b7cc07e21bc0d52931be34ba0d08d9c33e81c92
Wellenreiter-v1.8.tar.gz
Posted Apr 18, 2003
Authored by Team Remote-exploit.org | Site remote-exploit.org

Wellenreiter is a GTK/Perl wireless network discovery and auditing tool. its scanner window can be used to discover access-points, networks, and ad-hoc cards. It detects essid broadcasting or non-broadcasting networks and detects WEP capabilities and the manufacturer automatically. Dhcp and arp traffic will be decoded and displayed to give you further informations about the networks. A flexible sound event configuration lets it work in unattended. An ethereal / tcpdump-compatible dumpfile can be created. GPS is used to track the location of the discovered networks immediately. Automatic associating is possible with randomly generated MAC address. Wellenreiter runs also on low-resolution devices that can run GTK/Perl and Linux/BSD (such as iPaqs). An unique Essod-bruteforcer is now included too. prism2, Lucent, and Cisco based cards are supported.

Changes: Complete new GUI. Statistics are removed now. Scanner window is now the main window and the control point for everything. New tree/click split window makes this the easiest to use wireless scanner. Auto detection engine has been added, so no card configurations are needed anymore. Wireless-scanning for dummies :-). Speedup in the packet decoding due to a rewrite. New detail window. Partial rewrite.
tags | tool, perl, wireless
systems | cisco, linux, bsd
SHA-256 | 5951e08289e6312bb1903b8db9375afa29fd3d4a3780d451be50975d1629d648
blowdoor30.c
Posted Apr 18, 2003
Authored by Bl0w | Site secworld.org

Blowdoor v3.0 is a backdoor for Unix systems and uses md5sum passwords for authentication.

Changes: Fixed bugs.
tags | tool, rootkit
systems | unix
SHA-256 | d0efcb0d097e945cd6f9af81c4f3ccc3b2a09fd3782a8723520953441cad5ff3
sormail.c
Posted Apr 18, 2003
Authored by Sorbo | Site darkircop.org

Local exploit for sendmail 8.11.6 which takes advantage of the vulnerable prescan() function which allows users to input 0xff to skip the length check of the buffer. Includes targets for Slackware 8.0, Redhat 7.2, and Redhat 7.3.

tags | exploit, local
systems | linux, redhat, slackware
SHA-256 | 6c7b5fd249e10c235502380844b5482f60d098427bce8782f3b77db91c26779f
SFAD03-001.txt
Posted Apr 16, 2003
Authored by subversive

The iWeb Mini Web Server for Microsoft Windows NT/XP/9x fails to properly filter GET requests for ../ which inadvertently allows for directory traversal attacks.

tags | exploit, web
systems | windows
SHA-256 | 6ce10e43f843cb8ad2a3305c6266bc89425c7dd960f8c920082e65b225e2d75d
anti-ptrace.txt
Posted Apr 16, 2003
Authored by netric, Sacrine | Site netric.org

Linux LKM that disables ptrace abilities in the 2.4.x kernels.

tags | kernel
systems | linux
SHA-256 | 1d8cb9eedc847c0da5391b758eba2303658fc96887860ddadb104e0b904b66df
0x333xes.c
Posted Apr 16, 2003
Authored by Cowboy, 0x333 | Site 0x333.org

Simple utility that generates source code for stack overflow exploits.

tags | tool, overflow, rootkit
systems | unix
SHA-256 | a5f2e142677644b4e70103de86c6fd4a09cd604b95e5c51b8473cc67eb7ed715
clickTAG.txt
Posted Apr 16, 2003
Site securiteam.com

A vulnerability discovered in Macromedia Flash in the advertisement user tracking field allows a remote user to perform Cross Site Scripting attacks and retrieve session information.

tags | advisory, remote, xss
SHA-256 | 34cb76eaf3582ec18e4bc5d34fcd6e9901f19799e986a3588f9d2598636673d3
core-locate.c
Posted Apr 16, 2003
Authored by electronicsouls

This utility will search in a binary or core dump for a user supplied string and return the exact location in memory.

SHA-256 | 04004d4e5e5743978d087451e5eb2c0f3d8e7662be4e402f57cebb2c01305e4d
Page 2 of 6
Back12345Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close