fang is a small proof-of-concept application to find non discoverable bluetooth devices. This is done by brute forcing the last six (6) bytes of the bluetooth address of the device and doing a read_remote_name().
945fa08d2db2da2eb13cd4bc4bf7ca8b42c3f19daac89a8d244fa205bfcd41e5This patch integrates SecurID authentication services directly into the OpenSSH daemon, allowing users to use SecurID tokens directly as their passwords instead of relying on the clunky sdshell.
1ac81f168242749009676261c22cae1a836b0a6b70111282cd3ba3d7b398cacaUnmask is a simple md5 cracking utility that will attempt to find the true IP address of a fake host using Trircd 5.0 and PTlink.
b0c51a9f11f227a13b24456b72a96c5bc6d4f45d14b1af2e5b087f11b6cdd7b3Remote format string exploit for Magic Winmail Server version 2.3. Sending a format string in the USER field during the authentication process, a remote attacker can cause the server to execute arbitrary code.
3500425cf62ca44b00af89fefa96dcebeb90a65e3253fbf1c84596b3df100aebHTML Source Code Explorer Bar 2.0 is a plug-in for Internet Explorer that allows you to view the form fields for any HTML form being served and easily repopulate the fields (even hidden fields) with the input of your choice and submit the data. This tool can be very useful for penetration testing input validation on CGI scripts, etc.
b83e6392af3df04eef20b40df66d69a189095649aaf2bff9ece7e6dec15bc584This paper goes into great detail describing how to utilize format string attacks with limited buffer space.
26e76a849776b6bb6aed421c8c8e7c19ea279402faae685b8acaa53a90afbbd9sendtcp.c v0.1 is a simple TCP packet generator for the win32 platform.
7af982f217dfe69a3c11877335907b115cd1b91f172b720b530c795af375f6b1Proof of concept remote root exploit for atftpd version 0.6. Makes use of the filename overflow found by Rick Patel. Tested against Debian 3.0.
9f6808a16e0468c6d54152cfeec1e9d9af5e7c3678ec1fac83789785f111fae5Utility to brute-force AIM screenames and passwords. In a list of about 1500 passwords, aimcrack takes about 2 hours on a cable modem connection.
8a31be4fe67114eca89d80ed2320768f4dfad6d2e8e37c1bbc41a3238e7bf9a3Secure Network Operations Advisory SRT2003-06-05-0935 - The ftpd that comes default with HPUX 11 is vulnerable to an attack that will allow an attacker to view the contents of any file on the system without first authenticating. To patch this, install HPUX patch PHNE_21936 or higher.
ca94fbeffc52d8737dabb08617866e580015a18548c6d5700a7f24fa31421685Proof of concept exploit for mnoGoSearch 3.2.10 that spawns a shell as the webserver user id by overflowing the tmplt variable.
c15d5316bdf16f81657526878c11a47b32fd6928f4c75148f179c287d6f99817Proof of concept exploit for mnoGoSearch 3.1.20 that performs remote command execution as the webserver user id.
168a6ae597d201173eb31793c1ca63cc6a43809ec5bbf130f10d5b38f5213886mnGoSearch, formerly known as UdmSearch, has buffer overflow vulnerabilities in versions 3.1.20 and 3.2.10. In 3.1.20, the ul variable can be overflowed to allow remote command execution as the webserver user id. In 3.2.10, a remote attacker can crash search.cgi by overflowing the tmplt variable.
ac17442c31b15e3413d421ae705ffc5b64ba90f58e3a9a45847804e8ab31da87Simple patch to fix the overflow found in atftpd by Rick Patel.
bbb74dfb5d52103ab35a78f731663aae5244b396ecaa1b98451767508ae1c094Mollensoft Hyperion FTP Server version 3.5.2 is vulnerable to multiple buffer overflows that affect the cwd, mkd, rmd, stat, and nlst commands. Use of the overflows allow a remote attacker to cause a denial of service and there is the possibility of arbitrary code execution.
8f2e8ae2402a5f86274866eb84ecb38d70550e59db91e4899c4661a2e0f09d85Proxychains is a command line tool for Linux and Solaris which allows TCP tunneling trough one or multiple (chained) HTTP proxies.
e919bd37f15dce9b792a32f5385ff70b84c09f6fdc10ce4f15e0b6d7aedad71eLocal root exploit for the diagrpt command on AIX 5.x and 4.x.
ea76fd0e38b7dc4fdbc4ca8ecf5110ed81045a414cff5c409777afa873f01ad8Local root exploit for the errpt command on AIX5L.
e3ea043de54e16662166f004a6421bfbc615b1dae74eb7573d3e48d6a8e56cdaLocal root exploit for the command lsmcode on AIX 4.3.3.
2fe67fa839a51b0dec7666b43d6df49f44ba93f7e2fa676f1864caf575b06a7b
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed