Windows Media Services Remote Command Execution - There is a flaw in the way nsiislog.dll processes incoming client requests. A vulnerability exists because an attacker could send specially formed HTTP request to the server that could cause IIS to fail or execute code on the system.
8f2e5764c182b67bd6e0097fd3e00391b5ccda2203e5742a4792b474ff7bf79c
Secunia Security Advisory - The FTPServer/X FTP Server Control and COM Object v1.00.045 and v1.00.046 are vulnerable to buffer overflow that results in a denial of service and potentially can enable a remote attacker to gain access to the machine.
0894d97443bbd9d1990dddc0a475b12dff29aa463f6dba9d9b9afdabb6b001cc
Domino Hunter is a Lotus Domino web server scanner, written in Perl. It attempts to access default NSF databases, as well as crawl user-defined bases. It tries to enumerate the database structure, enumerate available views, available documents, and ACLs set on documents. It also tries to retrieve documents from available views in order to check if ACLs are correctly set to restrict documents and not views. The scanner works in both anonymous mode or privileged mode if user supplied credentials are supplied to then be passed to the default names.nsf/?Login form.
a0dfd46a268e0ea58831d6951b8066279b3994e491c0e59ca18d96facd2a8f2d
Linux x86 UDP shellcode. Reads from UDP port 13330 to retrieve other shellcode then executes it.
a19f2e0f5e3ed7c024fa5903d3b63b3001cc6d694f0a752097064021a0cea265
By using the OpenBSD packet filter pf, one can utilize the NAT address pools added into OpenBSD 3.3 to aid in distributed port scanning.
8a31bcc028af2e38e08d090044b50741b4a83069781ec6191a41a5c751b115ab
Paper written about the art of brute force cracking that comes with example code.
45d8ad1042d40237b9961db4391407e13922af227ab3c00955c625e2a4c5e4fe
Dirtybrute is an advanced multi threaded program that demonstrates the use of a brute force engine which has many options such as the ability to resume cracking sessions for both brute force mode and dictionary attacks. Currently supports remote MSN messenger cracking sessions.
1b5eceb2e1ded79867017fb83a6a76c1bc79c59c0d801c3e6d36725f611ed767
Microsoft Windows RPC Denial of Service utility.
ae0ee9bbf31e25b6679761ba4234641251fc289657530f1fce259256e3665fdc
Gkrellmd 2.1.10 remote exploit with shellcode that does kill(-1,9) then an exit. Written for Linux and tested on Slackware 9.
b973bd4af33c09c485c0b63186d2856b6559db115187b42032801bdb8afede57
THC Modem Login Hacker - A tool that will attempt to break into modem dialups using scripts written for minicom. Extremely configurable and a must have for any penetration test.
828570b792839f01260c13d3a4c84290f8ec66299dfceef31ab46fc2941ec452
gkrellmd < 2.1.12 remote exploit for Linux. Tested against Debian 3.0 with version 2.1.4.
aa8ce6fe14ecc2b660ceedf693cf2c3029daf366800f5723d6ca812b4e943aac
Local root exploit that makes use of a race condition vulnerability found in the Linux execve() system call that affects the 2.4 kernel tree.
c02c2f58cf3b035c346097edc9de2f0459979689331100ce6b90e71e1f58d4b2
A short paper discussing exploitation of vulnerabilities consisting of a null byte written passed the end of a dynamically allocated buffer.
0e1f36dccb0e9ef58428ac810760e9e766e92f7934ec298303105f871f0ca1b2
NGSSoftware Insight Security Research Advisory #NISR2406-03 - WebAdmin.exe, a utility that allows remote administrators to control MDaemon, RelayFax, and WorldClient, has a remotely exploitable buffer overrun in the USER parameter that would allow a remote attacker to execute arbitrary code on the server.
6792c533a2cd9f5fcacddb71b75e2176618d3457d31728ba0246ae3dfa98eb02
SGI Security Advisory 20030607-01-P - Several bugs in the IRIX 6.5.19 implementation of IPv6 result in inetd becoming hung when port scanned, snoop unable to handle packets as root, and other non-security related issues.
0fdaa24f936f93dd53593bf93d40a3969220454aeead17be748bfea6c4c28e2d
Kerio Mail Server 5.6.3 remote buffer overflow exploit. Adds wide open root account to /etc/passwd. Written based upon the vulnerability discussed here.
9b6caaf215dc0b765ded6013c36c55a7897e80b242d716bc226a4ac4ccb0eef0
This utility provides a datalink bridge working in userspace that allows captured packets from one ethernet interface to be retransmitted over a non-ethernet interface.
355b995aacd7f973a646ba0ca1367d3513bf89b8f6e5d75ad0b770fab636891b
Gkrellmd 2.1.10 remote exploit with connect back shellcode. Tested on FreeBSD 4.8.
0484a62c7b78dd555a7a6f5e4945f1aa3126597a6351fbe10cbc505dfc097213
Honeyd is a small daemon that creates virtual honey pot hosts on a network. The hosts can be configured to run arbitrary services, and their TCP personality can be adapted so that they appear to be running certain versions of operating systems. Any type of service on the virtual machine can be simulated according to a simple configuration file. Instead of simulating a service, it is also possible to proxy it to another machine.
a4283aa083febb3f02e3df99d29842a8d03014ddc9e4831fde0b5d9756b51852
Secure Network Operations, Inc. Advisory SRT2003-06-20-123 - The Progress 4GL Compiler version 9.1D06 and below has a datatype buffer overflow that can be exploited if a malicious .p file is compiled. Both the Win32 and Unix variants are affected by this.
22d12cc34b522d69526bd9f24df1b3f06220ba1e69d4b24bfbecb9b39aa132ba
Kereval Security Advisory KSA-001 - Cross Site Scripting vulnerabilities exist in Tutos 1.1 allow for hostile code execution.
e7b4573c8bb5f2819b9bdd4a50ae12f65f581d9ffbff39d67207d7b923bf4d76
Exploit for Elm version ko-elm-2.4h4.1, the Korean release, that yields gid of bin. Old vulnerability related to this is here. Tested against FreeBSD 4.7.
bdb62d798a58f673dc7a74bf9554a3a89281cc32e003b0963dceb3f6d801b45a
wIDSard is a host-based Intrusion Detection System for i386 Linux platform. It intercepts, at user level, system calls specified in a configuration file written by the user. A finite-state automater is used to trace the monitored process. The language used for the configuration file is regular expression based. If a particular sequence of system calls is intercepted than an appropriate action could be executed.
0cf3f6b335746b3adfb3ac04a614f5cce00de12cd079dba7fdab54432d3b6bc5
The APSR project is a network testing suite, designed to send, receive and analyze arbitrary network packets on different kinds of networks. It can be used to test firewalls, routing, security and many other networking functionalities. The main goal of the APSR project is to develop a high quality network testing suite.
78d668adfaebfd7ef51ec22c5960441fe48ccc804d4c5fa56d78186bf8de0e20
Remote OS fingerprinting tool written in Perl that analyzes the retransmission timeout lengths of a TCP handshake to detect remote operating systems.
dc7fea5649186770394de79bc8fc28fa6fed9514e07f2a48476faa5d4e2dd950