exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 51 - 75 of 111 RSS Feed

Files Date: 2003-08-01 to 2003-08-31

xprobe2-0.2rc1.tar.gz
Posted Aug 12, 2003
Authored by Ofir Arkin, Fyodor Yarochkin | Site sys-security.com

Xprobe2 is a fuzzy remote OS fingerprinting tool with functionality that is heavily based on Xprobe, but also uses other OS fingerprinting techniques.

tags | tool, remote, scanner
systems | unix
SHA-256 | 39ae8f922b7ad534dc831806dfe878af00f52f8ad85783f7631269f2cfe573b5
dcomworm.txt
Posted Aug 12, 2003
Authored by Sylvain Descoteaux

Information regarding one variant of the Microsoft Windows DCOM worm that is circulating around the Internet.

tags | advisory, worm
systems | windows
SHA-256 | 59735ded0ae61947b297bce4cc8893aacbe08a99ba65ee013fdc60b7b6f1617c
priv8atari800.pl
Posted Aug 11, 2003
Authored by wsxz | Site priv8security.com

Atari800 Atari Emulator v1.3.0-2 local root exploit in perl which exploits the -config argument of atari800.svgalib. Tested against Debian 3.0. Exploits CVE-2003-0630. Advisory available here.

tags | exploit, local, root, perl
systems | linux, debian
SHA-256 | 95b3400dc52a644486fbaa1214978f46ceda013db0eec9a0acd387ea91b29b11
0x82-WOOoouHappy_new.c
Posted Aug 11, 2003
Authored by Xpl017Elz | Site x82.inetcop.org

wuftpd version 2.6.2 remote root exploit that makes use of the off-by-one vulnerability discussed here.

tags | exploit, remote, root
SHA-256 | 76fa131537012b1004aff58978340769dc77495dcc3679e28c335c7909cd545f
p_kon.c
Posted Aug 11, 2003
Authored by Adam Zabrocki | Site pi3.int.pl

Local root exploit for kon version 0.3.9b-16 that makes use of a buffer overflow discovered in the -Coding switch.

tags | exploit, overflow, local, root
SHA-256 | 1586b70f358e651d05f55592aa0f4e846738771a8dd29314ac025f542afa01e6
pi3_dos.c
Posted Aug 11, 2003
Authored by Adam Zabrocki | Site pi3.int.pl

Denial of service exploit for the Pi3 web server version 2.0.2 that makes use of a malformed GET request.

tags | exploit, web, denial of service
SHA-256 | a8f85d35b6797d09c4202c3b2fb8795e1815a65b2aacffdf8e99139fd252c0cd
firedoor-0.2.tar.gz
Posted Aug 11, 2003
Authored by Joker | Site olives.ath.cx

firedoor forwards any TCP connection behind a firewall using techniques similar to reverse telneting. Written in Java 1.4, so it is very small and can run on both Linux and Win32 without modifications. Source file included.

tags | tool, java, tcp, rootkit
systems | linux, windows, unix
SHA-256 | 0e1ab0a961683d87dd2a4dab9f692fd310b4aaf55c7537816f69d508ead51b21
FreeBSD Security Advisory 2003.10
Posted Aug 11, 2003
Authored by The FreeBSD Project, David Rhodus | Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-03:10.ibcs2 - The iBCS2 system call translator for statfs(2) erroneously used the user-supplied length parameter when copying a kernel data structure into userland. If the length parameter were larger than required, then instead of copying only the statfs-related data structure, additional kernel memory would also be made available to the user. If iBCS2 support were enabled, a malicious user could call the iBCS2 version of statfs(2) with an arbitrarily large length parameter, causing the kernel to return a large portion of kernel memory.

tags | advisory, kernel
systems | freebsd
SHA-256 | 2c9b5bbe17a8ffdc72ab9be9c1de622434f5b2edb34fe8252dc32db8f6d8db6d
redirector.cpp
Posted Aug 11, 2003
Authored by Hi_Tech_Assassin

A high performance C++ class that is useful for getting around firewalls and redirecting TCP traffic.

tags | tcp
systems | unix
SHA-256 | 9905ad8673701946518e32705fb73f51638d79e4fae7d764c5f875eaf260f415
objobf-0.5.0.tar.bz2
Posted Aug 10, 2003
Authored by teso, scut | Site team-teso.net

objobf is an obfuscater for x86/Linux ELF relocatable object files (.o files) that can produce fancy graphs to visualize function structures. Released at CCCAMP 2k3.

tags | x86
systems | linux
SHA-256 | 3afd6cb33f2bc2f444e4ae31ac730f84c53f71705207242063224711f8832449
asg.c
Posted Aug 10, 2003
Authored by R[]l4nD

Advanced Shellcode Generator 1.1-1. - Very compact and simple to use. All notation written in Italian.

tags | shellcode
SHA-256 | d4c742228d707e23668817a999341be91f460d02ae77919fd026d785294d6c77
Atstake Security Advisory 03-08-07.2
Posted Aug 10, 2003
Authored by David Goldsmith, Atstake | Site atstake.com

Atstake Security Advisory A080703-2 - tcpflow, the network monitoring tool that records TCP sessions in an easy to use and view manner, contains a format string vulnerability that is typically unexploitable.

tags | advisory, tcp
SHA-256 | b4f0c4f5a717ad038f3eb39e9c687e11d5766b61d2e3b9b83c77992f43bb0bcf
Atstake Security Advisory 03-08-07.1
Posted Aug 10, 2003
Authored by David Goldsmith, Atstake | Site atstake.com

Atstake Security Advisory A080703-1 - Both IPNetSentryX and IPNetMonitorX come with three helper tools that each have security issues associated with them. The first two tools: RunTCPDump and RunTCPFlow allow arbitrary users to monitor the network without requiring any form of authentication or privilege. The third tool, tcpflow (executed by RunTCPFlow), contains a format string vulnerability, allowing arbitrary commands to be run as the user calling the program. Since RunTCPFlow is setuid root and will pass arguments to tcpflow, we can execute arbitrary commands as root.

tags | advisory, arbitrary, root
SHA-256 | e9e60f02bd40ae6f22a3de8966d31b5d80e4df271203a7ad9f1e8286a57adf29
lotus.txt
Posted Aug 10, 2003
Authored by mycelium

Normal Lotus SameTime login credential encryption with 1.5 and 3.0 Windows clients use RC2 to encrypt the password, and even sends the key along with the login packet allowing an attacker to decrypt the credentials and steal a user's IM identity.

tags | advisory
systems | windows
SHA-256 | ad64a9fe4bbbde50b0d5f0cba5697b9b0bcecf4a3a60751b3d67d01c9cd0fa10
ciscodos.pl
Posted Aug 10, 2003
Authored by deadbeat

Remote denial of service exploit for the Cisco CSS 11000 Series.

tags | exploit, remote, denial of service
systems | cisco
SHA-256 | c5ef0113e39d3c73ba4df7113af56372b1444b5439d9cdf3ae4f662aee1524da
s21sec-025-en.txt
Posted Aug 10, 2003
Authored by Eduardo Cruz, Emilin Garcia, Jordi Andre | Site s21sec.com

The Cisco CSS 11000 Series is vulnerable to a denial of service when there is a heavy storm of TCP SYN packets directed to the circuit address. It may also cause a high CPU load or sudden reboots.

tags | advisory, denial of service, tcp
systems | cisco
SHA-256 | f428cbfd82405bf502ceb2aa293ef7892c0d9d5b82c9b6b3f2bc160a5ec34590
zonealarmDriver2.txt
Posted Aug 10, 2003
Authored by Corey Bridges | Site zonelabs.com

Response from Corey Bridges of ZoneAlarm in regards to the vulnerability originally discovered by Lord YuP in their device driver VSDATANT and the exploit that is circulating for it.

tags | advisory
SHA-256 | 4512058aba60fcf0849c6965870ff987198adc999b4c1041329bc6c2fa605f69
wam1040.txt
Posted Aug 10, 2003
Authored by Peter Winter-Smith

WAM! FTP Server version 1.0.4.0 for Windows is susceptible to a directory traversal that allows a remote attacker to break out of the restricted root and download any file on the system.

tags | exploit, remote, root
systems | windows
SHA-256 | 2e6731198e30d3571d5619bf3047d785bb7909b2bc3946b3f18ad6bc1e61d654
airsnarf-0.2-Zaurus.tar.gz
Posted Aug 10, 2003
Authored by The Shmoo Group | Site airsnarf.shmoo.com

A Zaurus PDA version of Airsnarf, the rogue wireless access point setup utility designed to demonstrate how a rogue AP can steal usernames and passwords from public wireless hotspots. Designed to run on OpenZaurus 3.2.

tags | tool, wireless
SHA-256 | 5dfbdaa02876bca750e1401d6f4e11532113a459d20f1064faa923f93a8683ab
airsnarf-0.2.tar.gz
Posted Aug 10, 2003
Authored by The Shmoo Group | Site airsnarf.shmoo.com

Airsnarf is a simple, rogue wireless access point setup utility designed to demonstrate how a rogue AP can steal usernames and passwords from public wireless hotspots. Airsnarf was developed and released to demonstrate an inherent vulnerability of public 802.11b hotspots: snarfing usernames and passwords by confusing users with DNS and HTTP redirects from a competing AP.

tags | tool, web, wireless
SHA-256 | 8774437be771fac3538896a3028b363aa6352973bef24564a5ec915079094874
Kfence.c
Posted Aug 10, 2003
Authored by ins1der

Kfence provides kernel protection against basic exploitation techniques, including stack and heap overflows and format string exploits, by patching /dev/kmem and redirecting system_call to test if the eip of the caller is in the wrong memory region. Tested on Linux kernels 2.4.18-14 and 2.4.7-10.

tags | overflow, kernel
systems | linux
SHA-256 | 4882a25fff4d193104f36ac6ccd74b5873f768ed53c3edac2856689c60eaf87d
meteordos.pl
Posted Aug 10, 2003
Authored by Zerash | Site evicted.org

Meteor FTP server version 1.5 remote exploit that causes a denial of service when large amounts of data are fed to the USER directive.

tags | exploit, remote, denial of service
SHA-256 | 299a2dc142ced8f9ce1a0c1919e8e67e0ee89dc256aa83c9e56352763ff3d9e0
mftpadvisory.txt
Posted Aug 10, 2003
Authored by Zerash | Site evicted.org

Meteor FTP server version 1.5 is vulnerable to a remote denial of service when large amounts of data are fed to the USER directive.

tags | advisory, remote, denial of service
SHA-256 | b4cfe181724c3b90ba0d60d8c3bf0e202529e26d7c55a47cade63e2e544e570c
exitwound.tgz
Posted Aug 10, 2003
Authored by salvia twist | Site hack.batcave.net

exitwound is a ptrace shared library redirection backdoor that is based on the technique described in Phrack 59-8. It attempts to redirect certain string handling routines commonly used in Internet services to trapdoored functions which yield a connect back shell on a specifically constructed passphrase. The benefits of this lie in the fact that no extra malicious processes or listening ports are needed, avoiding crude forms of forensic analysis.

tags | shell
systems | linux
SHA-256 | 1fb78b1c33c0f156067d5cf7ef5bba6b8cf5f205cfc830717cbddb3db6de3b95
amap-4.2.tar.gz
Posted Aug 10, 2003
Authored by van Hauser, thc, DJ Revmoon | Site thc.org

Application Mapper is a next-generation scanning tool that allows you to identify the applications that are running on a specific port. It does this by connecting to the port(s) and sending trigger packets. These trigger packets will typically be an application protocol handshake (i.e. SSL). Amap then looks up the response in a list and prints out any match it finds. Adding new response identifications can be done just by adding them to an easy-to-read text file. With amap, you will be able to identify that SSL server running on port 3445 and some oracle listener on port 233!

Changes: Various bug fixes, added 28 new response ids and triggers, and more.
tags | tool, protocol
SHA-256 | a2826954e3dafa6ed8b2e3866603be894a0363d4ef2157de174bb9e5e407d089
Page 3 of 5
Back12345Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close