This paper goes into great detail describing how to utilize format string attacks with limited buffer space.
26e76a849776b6bb6aed421c8c8e7c19ea279402faae685b8acaa53a90afbbd9sendtcp.c v0.1 is a simple TCP packet generator for the win32 platform.
7af982f217dfe69a3c11877335907b115cd1b91f172b720b530c795af375f6b1Proof of concept remote root exploit for atftpd version 0.6. Makes use of the filename overflow found by Rick Patel. Tested against Debian 3.0.
9f6808a16e0468c6d54152cfeec1e9d9af5e7c3678ec1fac83789785f111fae5Utility to brute-force AIM screenames and passwords. In a list of about 1500 passwords, aimcrack takes about 2 hours on a cable modem connection.
8a31be4fe67114eca89d80ed2320768f4dfad6d2e8e37c1bbc41a3238e7bf9a3Secure Network Operations Advisory SRT2003-06-05-0935 - The ftpd that comes default with HPUX 11 is vulnerable to an attack that will allow an attacker to view the contents of any file on the system without first authenticating. To patch this, install HPUX patch PHNE_21936 or higher.
ca94fbeffc52d8737dabb08617866e580015a18548c6d5700a7f24fa31421685Proof of concept exploit for mnoGoSearch 3.2.10 that spawns a shell as the webserver user id by overflowing the tmplt variable.
c15d5316bdf16f81657526878c11a47b32fd6928f4c75148f179c287d6f99817Proof of concept exploit for mnoGoSearch 3.1.20 that performs remote command execution as the webserver user id.
168a6ae597d201173eb31793c1ca63cc6a43809ec5bbf130f10d5b38f5213886mnGoSearch, formerly known as UdmSearch, has buffer overflow vulnerabilities in versions 3.1.20 and 3.2.10. In 3.1.20, the ul variable can be overflowed to allow remote command execution as the webserver user id. In 3.2.10, a remote attacker can crash search.cgi by overflowing the tmplt variable.
ac17442c31b15e3413d421ae705ffc5b64ba90f58e3a9a45847804e8ab31da87Simple patch to fix the overflow found in atftpd by Rick Patel.
bbb74dfb5d52103ab35a78f731663aae5244b396ecaa1b98451767508ae1c094Mollensoft Hyperion FTP Server version 3.5.2 is vulnerable to multiple buffer overflows that affect the cwd, mkd, rmd, stat, and nlst commands. Use of the overflows allow a remote attacker to cause a denial of service and there is the possibility of arbitrary code execution.
8f2e8ae2402a5f86274866eb84ecb38d70550e59db91e4899c4661a2e0f09d85Proxychains is a command line tool for Linux and Solaris which allows TCP tunneling trough one or multiple (chained) HTTP proxies.
e919bd37f15dce9b792a32f5385ff70b84c09f6fdc10ce4f15e0b6d7aedad71eLocal root exploit for the diagrpt command on AIX 5.x and 4.x.
ea76fd0e38b7dc4fdbc4ca8ecf5110ed81045a414cff5c409777afa873f01ad8Local root exploit for the errpt command on AIX5L.
e3ea043de54e16662166f004a6421bfbc615b1dae74eb7573d3e48d6a8e56cdaLocal root exploit for the command lsmcode on AIX 4.3.3.
2fe67fa839a51b0dec7666b43d6df49f44ba93f7e2fa676f1864caf575b06a7bRPM Finder Project version 1.0 is a utility that works much like the rpmfind.net site. It currently only supports RedHat but will support Mandrake and Suse in its future releases.
d9c5fb359c7e6f5c54e12b8ab53f4c8ef840ca39788e0fc250de49320730453bTHCsql exploits the vulnerability in MSSQL OpenDataSource function found by David Litchfield in June of 2002. Tested on Windows 2000 Server SP2 with SQLservers SP0 and SP2.
8ec23baef348542a74bd1eb310301df8044857c91c1e8d7544218a18b67a034aD-Link routers with a firmware of 2.70 and below are vulnerable to a denial of service vulnerability providing the attacker has the ability to see the internal interface on the router. Sending a malformed URL to the syslog script will caused a DNS query. Multitudes of this query can result in a DoS and other odd forms of behavior.
802c81b31a6ec34d42defd9d16029f1790493faf92d67f06228dcf953950b333Boss 3.2.1 with Jetty is vulnerable to full JSP source code disclosure when using a null byte.
5fa351f9ce58e57f2eea703a4be52cd1c81ec605244c7ecb9a5c8efb1cfdf9cfApache Tomcat versions prior to tomcat-4.1.24 create /opt/tomcat with a directory mode which allowed users to access files containing passwords.
cde571310caa333d67c4be137c14773e0f74daef1c8995e8560ef274ee015dffThis simple utility will connect to a webserver of your choosing and verify whether or not it is compliant to RFC 2616. Designed to verify Microsoft IIS servers.
5b11c0bdc25366a8b34ef23012f5c5ecbc7af057a245736c18f21d6c0f7efddbSnort is giving away free t-shirts for writing rules. Gets yours today.
f8789fd7432e8330b4af0cc468f682831b8f4a00d5b5f64cbae23771e0386080Windows XP SP1 shellcode (19 bytes).
899f2c53b410dc0da0d2f31d29ce2c89f7b9071b13a561c87063be6e5dd4b27d
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed