The FlexWATCH surveillance camera server is used by many banks and "secure" places and contains remotely exploitable vulnerabilities which allow remote attackers to view camera footage, add users, remove users, change the configuration, disable camera surveillance, and more.
4dfc8429dbb28abe088145db865dc9a76237fec3689cc388ec2968f37e7ed819DNS Auditor is a tool which checks for DNS security. Looks for DNS cache poisoning (using additional RR), DNS ID Spoofing, and more. More information in a related paper is available here.
832c63102968839f32aa3a17a7cc29f67bb699940862db19e43e1130efd01dc4CUPASS uses techniques to guess the password of ANY user on a WindowsNT/W2K server or domain. CUPASS uses a flaw in the implementation of Microsofts NetUserChangePassword API to guess/change the users password. This release is the proof of concept code for the THC paper "CUPASS and the NetUserChangePassword Problem"
32d02d7418f4b853a4a32ea1b03f44daf08ae3e5dd3ef0452f45e0e5bcaa4f17IPF is the first command line tool for configuring the packet filter of Windows NT4 and Window 2000 systems. It replaces the annoying GUI alternatives and can be used as an elegant entry for writing advanced firewall scripts under the Windows system.
c46f4f02954aa5e7db1c4c29cdde1a7774c2112b79cd65edb7097fa134fe9cd1THC-Secure Deletion v3.0 for UNIX is the latest release of van Hauser's suite of secure deletion and overwriting utilities. Included are 'srm' - secure deletion of files
b218d13f203672b1361f8387242d89fdf58135875e60dd7def28e581a5ac1d23THC-RUT (aRe yoU There) is a local network discovery tool developed to brute force its way into wvlan access points. It offers arp-request on ip-ranges and identifies the vendor of the NIC, spoofed DHCP, BOOTP and RARP requests, icmp-address mask request and router discovery techniques. This tool should be 'your first knife' on a foreign network.
b32f3d71ac540248b7643baa39d8ecfb75af493228caaeb64608e49f2f092473THC-Hydra is a high quality parallized login hacker for Samba, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support and is part of Nessus.
693645829a78ed3b1dcdc74f3741819dbe8eaf67b14b72b0ec6a4223ceeaa0b1THC-FuzzyFingerprint is a tool that generates fuzzy fingerprints as described in the corresponding paper, available here.. It generates very similar-looking fingerprints, an ideal extension to man-in-the-middle attacks against the SSH service. The current version supports RSA and DSA key generation and MD5 and SHA1 fingerprints. Due to the fact that fuzzy fingerprinting doesn't try to collide the fingerprints, good results can be achieved in reasonable time.
007e83348f95c354a45ebeda85f22b266151643fc53f80ccaa3bc7585009ce4aPHP Advanced Poll v2.0.2 contains remotely exploitable PHP code injection, file include, and phpinfo vulnerabilities. Exploit URLs and vulnerable code snippets included. Patch and vulnerability details available here.
6008eb83abb995f5d86ca8e6da5d1c3d4e7dd8f7e12ece0b469a3c5301799f86One Byte Frame Pointer Overwrite Hardcoded Exploits - This paper describes how to exploit overflows which are off by only one byte. Includes sample code.
003c664e2339c4874046201145c181f17ebdd3ea4be562a3990168bb8426da4eNinja.c is a tool which encodes x86 shellcode using only the characters [0-9,A-Z,a-z,@]. Includes a test program.
539de5c4cb66695fd11579eba945ff3a48d18eae357ed1b0cbda5f3f0ef39d55Sexy-SOCKET v0.1 is a Linux LKM which restricts creation of AF_INET sockets to the root account only. Works on kernels v2.2.x and 2.4.x.
a3c145dd51bd805728f98d8a91e71034354796aadf906e473ed5780486e2c771Shellcode for x86 linux which blinks the keyboards LEDs in morse code.
d1bf8499aa8b79f00c872108684099ef3be7b70098fc57336034001fce59543eApache v2.0.45 - Apache is the most popular webserver on the Internet, and ranks well in terms of security, functionality, efficiency, and speed. Changelog available here.
b1a08d096ae4c641fe878d1f4129d4e6ee264bc53e3858b8080f8365991e0162Apache is the most popular webserver on the Internet, quite possibly the best in terms of security, functionality, efficiency, and speed. Changelog available here.
a6cb1cd0701f2d9008c336e6ea3c24bf5b14f7144a47a3b03f95f567d8950944Mod_security v1.7RC1 to 1.7.1 (Apache 2 version) contains a remotely exploitable buffer overflow. Fix available <a href="http://www.modsecurity.org"here.</a>
003069cb86b78286889e651e8a8ad4e60ff0d92b3ab2ea794aad4c87d8b011edSolaris runtime linker (ld.so.1) local root buffer overflow exploit. Bug discovered by Jouko Pynnonen.
02f60b241dd919d6d735402393ba7bf40d3244805b413d1b9dcbc275b2dd3a98Mod_security is an Apache module whose purpose is to protect vulnerable applications and reject human or automated attacks. In addition to filtering requests, it also can create Web application audit logs. Understands regular expressions and POST payloads and runs on both branches of Apache.
b9ad12dc385889e64cc4b38ca8bd26b98ea15bf00b39d4f1cd8d212dc434dec1Directory traversal attacks against the iWeb mini http server. Exploit URLs included. Vendor URL here.
2b782c3d3ced2d812d2176f016730c360d3e63673b1bd7984740c4dae9d99983Xchat script which uses the DCC SEND overflow to kill mIRC clients v6.11 and below.
63d38d58a1234858cf30c84b453361fc91f45e8b2171b2aff2bafd7cbbdaddd8Exploit for ms03-046 - Microsoft Exchange Server 5.5 and Exchange 2000 buffer overflow, in perl. Denial of service only.
dc02a00c9d484f730cae974d17f5aa3a118aa3df6f5a4b2305b54e7b02c2a0e4Reverse telnet redirector / port redirector and front end console for Windows. Perfect for firewall bypassing from inside out. Can be used for bouncing connections, piping or relaying data, or as a quick MIM chat server. Windows executable form only.
47cf1f05ee4afcf1a9fffb776e893755bec1ac2504b8441ae53b46ed1f1ea43bcpCommerce v0.5f and below contains an input validation error in _functions.php which allows remote arbitrary code execution. Exploit URL included. Fix available here.
82a27c83f94222dae3692667195106e99a8da26568c8204f9da7e758dc5513adRRC (Roland Remote Control) v0.2 can be used to control a linux box from a remote location.
719c7b410df362e95b1d5cb4c66aaedd13615bac51a55b16dbb1051e92f8e72a
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed