exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 50 of 94 RSS Feed

Files Date: 2003-05-01 to 2003-05-31

analogX.txt
Posted May 28, 2003
Site nii.co.in

The AnalogX Proxy server suffers from a buffer overflow when handed a URL that is greater than 340 bytes in size. A specially crafted URL allows for remote execution of arbitrary code.

tags | advisory, remote, overflow, arbitrary
SHA-256 | 00acd9a86b5f532bc3c62df4b34c0948e2eab07919c6eb2747879cb3facc445d
Komahayown-0.2b.tgz
Posted May 28, 2003
Authored by Matias Sedalo | Site shellcode.com.ar

Komahayown is a utility that makes use of the Syscall proxying idea using shellcodes. Instructions are in Spanish.

tags | shellcode
systems | linux
SHA-256 | 80398036a919ac30359581816ab62f59038ccbbc2ff56523db464c1d9f873c57
pnews.txt
Posted May 28, 2003
Authored by Peter Winter-Smith

P-News versions 1.6 is vulnerable to a privilege escalation attack by allowing a remote attacker to populate strings with the | used for delimiting data stored about the account.

tags | exploit, remote
SHA-256 | 03e639c42ea8d778ec18f23eea9b43452efd029c4da46aeeeead26e57884221b
WebServerFP-Source.zip
Posted May 23, 2003
Authored by Ante Kotarac

A simple web server fingerprinting tool that has a large database of fingerprints. The author welcomes all user feedback for improvements.

tags | tool, web
systems | unix
SHA-256 | c7ad40e4908ea23ddc3e11942886918d1a5949c57f566a479db28a8a8f7cc9e1
wnet.tgz
Posted May 23, 2003
Authored by h1kari | Site dachb0den.com

libwnet is a packet creation and injection framework for building raw 802.11b frames and injecting them on BSD based systems. Included in this base package are dinject v0.1, a command line 802.11b packet injection package based on nemesis, and reinj v0.1, a proof-of-concept utility for the tcp/arp re-injection attack to generate traffic on a weped network. This tool will allow an end-user to crack WEP on a low-traffic network in less than 60 minutes. It is for OPENBSD 3.2 only.

tags | tool, tcp, wireless
systems | bsd, openbsd
SHA-256 | 83fb5b9c48098c69a352cefb9f8a20f97622260a6f71dc8183a388e8c594acc5
bsd-airtools-v0.2.tgz
Posted May 23, 2003
Authored by h1kari | Site dachb0den.com

bsd-airtools is a package that provides a complete tool set for wireless 802.11b auditing. Namely, it currently contains a bsd-based wep cracking application, called dweputils (as well as kernel patches for NetBSD, OpenBSD, and FreeBSD). It also contains a curses based ap detection application similar to netstumbler (dstumbler) that can be used to detect wireless access points and connected nodes, view signal to noise graphs, and interactively scroll through scanned ap's and view statistics for each. It also includes a couple other tools to provide a complete tool set for making use of all 14 of the prism2 debug modes as well as do basic analysis of the hardware-based link-layer protocols provided by prism2's monitor debug mode.

tags | tool, kernel, protocol, wireless
systems | netbsd, freebsd, bsd, openbsd
SHA-256 | f61db60cd3fcb1273e22d688348fa72cdcc0f5b1a3efef5afb3e941dfa242a23
maelx.pl
Posted May 23, 2003
Authored by akcess

Maelstrom local exploit that gives gid of user games which makes use of an overflow in the -player switch.

tags | exploit, overflow, local
SHA-256 | 67470dae44d553ff5bdfdb06c34df89c6957f89e17b1a050a444bc48dbc1bcf4
badblue052003.txt
Posted May 23, 2003
Authored by Matthew Murphy

BadBlue web server versions 2.2 and below have a vulnerability that allows remote attackers to gain administrative control of a server. The engine attempts to restrict access to non-html files by requiring that 'ht' be the first letters of the target file's extension, and also requiring that requests to access '.hts' files are submitted by 127.0.0.1 and contain a proper 'Referer' header. This security feature is accomplished with a simple binary replace of the first two characters of the file extension. The two security checks are performed in an incorrect order, meaning that the first security check can inadvertently bypass the latter.

tags | exploit, remote, web
SHA-256 | f852c3fef86aa05736d86e2685e0f3081337c1845300cb0286f034f7f66f44f0
maelst0x00.c.gz
Posted May 23, 2003
Authored by r-code

Local root exploit for the game Maelstrom with is sometimes setuid to root for the purpose of faster frame rates.

tags | exploit, local, root
SHA-256 | e07645aeabbaf038cafeecdfb6fbf60ab0e0be505d4f223387bcc0c96bfa3486
b-WsMP3dvuln.txt
Posted May 23, 2003
Authored by Xpl017Elz | Site inetcop.org

INetCop Security Advisory #2003-0x82-017.b - New versions of WsMP3d are not patched against an old remote heap corruption overflow vulnerability. Remote exploit and advisory included.

tags | exploit, remote, overflow
SHA-256 | bea05768421c2354342197437d34277cb5984897a68518e4181beeb625f26463
a-WsMPdvuln.txt
Posted May 23, 2003
Authored by Xpl017Elz | Site inetcop.org

INetCop Security Advisory #2003-0x82-017.a - WsMP3d, a web server that streams MP3s much like shoutcast but is GPL, suffers from a directory traversal vulnerability that not only allows viewing of files outside of the webroot, but allows for remote command execution as well.

tags | exploit, remote, web
SHA-256 | bc72d07b2004ab7e987341e534050ec07ea4699fd37effc980c5656ccf6a0bd6
ethersniff.c
Posted May 23, 2003
Authored by Michael Komm

A simple utility to probe for the etherleak vulnerability discussed in the Atstake paper where multiple platforms have ethernet Network Interface Card (NIC) device drivers that incorrectly handle frame padding, allowing an attacker to view slices of previously transmitted packets or portions of kernel memory due to poor programming practices.

tags | tool, kernel, sniffer
SHA-256 | 9b38eed6a90cbaeff291ef0210cff9d02cc4611556b55e9c0a6a03af70b6e037
write_shellcode.tgz
Posted May 23, 2003
Authored by Ni0S | Site datarise.org

Two papers that focus on writing basic and generic shell code on the Linux and FreeBSD platforms.

tags | shell, shellcode
systems | linux, freebsd
SHA-256 | 36dd91020106a10631362d85923743289e1f0641ee58b4164b72d6603153fb36
RE_papers.tgz
Posted May 23, 2003
Authored by dsr, mercy | Site dtors.net

Two articles that present an introduction to reverse engineering a disassembly dump from gdb into an accurate C program. Armed with this knowledge, it will allow a researcher to depict potentially vulnerable functions and gather further information as to the inner workings of the program.

SHA-256 | bf1e8cddd02f2b9a3596e09d9b6339416a963224a6f82253a05b301170ac8ff9
iDEFENSE Security Advisory 2003-05-22.t
Posted May 23, 2003
Authored by iDefense Labs | Site idefense.com

iDEFENSE Security Advisory 05.22.03 - iisPROTECT is a utility designed to provide password protection to web directories similar to the htaccess method utilized by Apache. When protected files are referenced through different URL-encoded representations, this authentication can be completely bypassed.

tags | exploit, web
SHA-256 | f460e1b02669bdb9fe3b25b9e246fb9c7a395b68df3500dac06e8767db51041b
unmaskv1.1.tar.gz
Posted May 23, 2003
Authored by Serkan Akpolat

Unmask is a simple md5 cracking utility that will attempt to find the true IP address of a fake host using Trircd 5.0.

SHA-256 | c09d569ac05aab022487053282c903661ec3635b53ba6cf08d7cd21266311645
Pi3web-DoS.c
Posted May 23, 2003
Authored by Angelo Rosiello, rosiello | Site rosiello.org

A simple denial of service exists in the Pi3 webserver that allows a remote attacker to crash the daemon by feeding it a GET request with 354+ forward slashes after it.

tags | exploit, remote, denial of service
SHA-256 | d0d216a28eaf4658a4d2b9ad6dbe5182010977d617055973a17d6620ae03dea4
xrunas12eval.zip
Posted May 23, 2003
Authored by Lazy Sysadmin | Site lazysysadmin.com

XRunAs is a tool that allows administrators to run commands on remote computers under the context of a specified user account without the use of the Schedule service. If XRunAs is used in conjunction with a domain account, commands that are run will be able to access network resources given that the domain account used to run the command has access to the network resource. All information that is transferred over the network while using XRunAs is encrypted using a standard encryption algorithm.

Changes: Removed dependency on srvany.exe, enhanced speed.
tags | remote
SHA-256 | 42179d2850178e26d5697d6b192cabde3db9cfc16344ffeb6bf0abd7104b482a
Libnids-1.17-Win32.zip
Posted May 23, 2003
Authored by Goldie, checksum | Site checksum.org

Win32 port of Libnids version 1.17 RC1. This library provides the functionality of E-component, one of the NIDS (Network Intrusion Detection System) components.

systems | windows
SHA-256 | 926ac4f23747f4df76591f247e7d0df0a98f262690ea7600a7a20e85979d6354
nc.exe
Posted May 23, 2003
Authored by Goldie, checksum | Site checksum.org

A simply netcat utility much like the Windows version released by Atstake but smaller in file size.

systems | windows
SHA-256 | e355a8decae502578e5bb649b4336b89b13c5daa07b2b23c6737989ecc0fa851
linuxrouting.txt
Posted May 23, 2003
Authored by Florian Weimer

The Linux networking code makes extensive use of hash tables to implement caches to support packet classification. One of these caches, the routing cache, can be used to mount effective denial of service attacks, using an algorithmic complexity attack.

tags | denial of service
systems | linux
SHA-256 | 2232e1d6ae76ccd63cea548cdd83eb57b45777bd4164b311315385eeb1c8df58
0x36.smartmax
Posted May 23, 2003
Authored by Mark Litchfield, Matrix

Mailmax Version 5 has a buffer overflow condition in its IMAP4 server that can cause the service to stop responding and allows a remote attacker to overwrite the exception handler on the stack. Doing this could allow arbitrary code execution as the SYSTEM user.

tags | advisory, remote, overflow, arbitrary, code execution
SHA-256 | 77a4c3f55a95ea74b2243674c8580202f49806febff62a751e26591ada15dac5
aimhol.zip
Posted May 23, 2003
Authored by Vengy

Aimhol is a simply utility that will allow an end user to query OSCAR/BOS servers on a large scale to retrieve multitudes of screen names. MASM32 source included.

SHA-256 | 135c7a2cc51e6f413cabf71800966b05bfd70bcd81b584feb1ead7c6aff8c34a
nmap-matrix2log.jpg
Posted May 16, 2003

Amusing picture of Hollywood using Nmap and an exploit for the SSH CRC-32 vulnerability in the new movie Matrix Reloaded.

systems | unix
SHA-256 | a28367a3537f949299c8c04cfa421c6e1831f031f06590cbb25ad92f146ef142
happymall-adv.txt
Posted May 15, 2003
Authored by e2fsck

Happymall versions 4.3 and 4.4 are still susceptible to well-known directory traversal and cross-site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 2160d0ca9967b7f3be732542f6b644d9b3909f0a8887c019ce26db04d69ab92d
Page 2 of 4
Back1234Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close