exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 101 - 125 of 214 RSS Feed

Files Date: 2004-04-01 to 2004-04-30

mac.txt
Posted Apr 17, 2004
Authored by Bugghy | Site vaida.bogdan.googlepages.com

Mandatory Access Control tutorial to correctly and safely install, configure, and use MAC policies. Written for FreeBSD users. Full step by step details given with explanations.

tags | paper
systems | unix, freebsd
SHA-256 | 207406b5776a26ca845f149070406f74a77aefe86a8bb83717528be689f9754b
ettercap-NG-0.7.0_pre1.tar.gz
Posted Apr 17, 2004
Authored by Alberto Ornaghi, Marco Valleri | Site ettercap.sourceforge.net

Ettercap NG is a network sniffer/interceptor/logger for switched LANs. It uses ARP poisoning and the man-in-the-middle technique to sniff all the connections between two hosts. Features character injection in an established connection - you can inject characters to server (emulating commands) or to client (emulating replies) while maintaining an established TCP connection! Integrated into a easy-to-use and powerful ncurses interface.

tags | tool, sniffer, tcp
SHA-256 | c3a67ffc8c13d8c873c38c35c2e29748767230fd3664584f907e4da2e43a5079
billybastard.c
Posted Apr 17, 2004
Authored by Hi_Tech_Assassin

Local exploit that makes use of the flaw in lsass.exe. Binds a shell to port 31337.

tags | exploit, shell, local
SHA-256 | 5ab651d859d8f895fdbb8b2254456e49cb8e5b76f76710c0e0c66777d172abb3
Secunia Security Advisory 11396
Posted Apr 17, 2004
Authored by Secunia | Site secunia.com

Secunia Security Advisory SA11396 - The SCT Campus Pipeline attachment script has a vulnerability that allows for a cross site scripting attack.

tags | advisory, xss
SHA-256 | a04a37084472dc5e42132b2098cf642069be0c7055f61266e861f2c2a0693dcb
cfdos.txt
Posted Apr 17, 2004
Authored by K. K. Mookhey | Site nii.co.in

ColdFusion MX versions 6.0 and below suffer from a denial of service vulnerability when memory usage gets saturated due to an oversized string being returned as part of an error message.

tags | advisory, denial of service
SHA-256 | 619d02fdd2afd7d22cc8e5417214549294b00a682f1dafc88add6159e988ecf4
chpasswd.txt
Posted Apr 17, 2004
Authored by Matias Neiff

The chpasswd binary plugin version 3.x that comes with SquirrelMail is susceptible to a buffer overflow.

tags | advisory, overflow
SHA-256 | 51bed8c4cf3edfac90f26c1ed8d63cd3bf848fa26f97b3022a5c47a95bfe5974
XMicro.backdoor2.txt
Posted Apr 16, 2004
Authored by Gergely Risko

X-Micro WLAN 11b Broadband Routers versions 1.2.2, 1.2.2.3, 1.2.2.4, 1.6.0.0, and 1.6.0.1 all have a backdoor account of super with a password of super. 1.6.0.1 also has an account 1502 with a password of 1502 hardcoded.

tags | exploit
SHA-256 | 64892dc9a672cf3b949e8d313aac43042cb932445ac5b9c7a5e2041d9398be66
proxyscanner.zip
Posted Apr 16, 2004
Authored by Angelo Rosiello, rosiello | Site rosiello.org

Proxy Scanner for Windows that tells you whether or not a proxy server can bounce your connection.

systems | windows
SHA-256 | b98f049ce072acfc5b48e1d338c10c202e80c660110b64e8c5ff8782eb8a0569
0312-exploits.tgz
Posted Apr 16, 2004
Authored by Todd J. | Site packetstormsecurity.com

Packet Storm new exploits for December, 2003.

tags | exploit
SHA-256 | 15865f7e98369bdaaca9a5b962d6311b4baf52ad50a34594d74c8e4ee32ac85c
dsa-483.txt
Posted Apr 15, 2004
Authored by Debian | Site debian.org

Debian Security Advisory DSA 483-1 - The scripts mysqld_multi and mysqlbug in MySQL allow local users to overwrite arbitrary files via symlink attacks.

tags | advisory, arbitrary, local
systems | linux, debian
advisories | CVE-2004-0381, CVE-2004-0388
SHA-256 | bee19f598e2eea511dddfaacc16b600f1e9d73c78441f166dabd4562e60f75f4
SuSE-SA:2004:008.txt
Posted Apr 15, 2004
Authored by Sebastian Krahmer | Site suse.com

SuSE Security Advisory SuSE-SA:2004:008 - Two vulnerabilities have been discovered in CVS that can be exploited by malicious servers to compromise clients and by malicious users to retrieve arbitrary files from servers. Versions below 1.11.15 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, suse
SHA-256 | 634465bf9d0bf7d62e31bf17a6f6268ae520d0e80fc702c299ae1cadf2f0691f
dsa-485.txt
Posted Apr 15, 2004
Authored by Matt Zimmerman | Site debian.org

Debian Security Advisory DSA 485-1 - Max Vozeler discovered two format string vulnerabilities in ssmtp, a simple mail transport agent. Untrusted values in the functions die() and log_event() were passed to printf-like functions as format strings. These vulnerabilities could potentially be exploited by a remote mail relay to gain the privileges of the ssmtp process (including potentially root).

tags | advisory, remote, root, vulnerability
systems | linux, debian
advisories | CVE-2004-0156
SHA-256 | dbb0ababf09e05e0182a9e13cbee4381b08e05056c33cc77cc8e03612c4fa654
dsa-484.txt
Posted Apr 15, 2004
Authored by Matt Zimmerman | Site debian.org

Debian Security Advisory DSA 484-1 - Steve Kemp discovered a vulnerability in xonix, a game, where an external program was invoked while retaining setgid privileges. A local attacker could exploit this vulnerability to gain gid games.

tags | advisory, local
systems | linux, debian
advisories | CVE-2004-0157
SHA-256 | 95a2e6f0eb8456498067248b6ff0d47a81a32f4f950f5e93366646d58927a210
lilith-0.4c.tar.gz
Posted Apr 15, 2004
Authored by Michael Hendrickx | Site angelo.scanit.biz

LiLith is a tool written in Perl to audit web applications. This tool analyses webpages and looks for html form tags, which often refer to dynamic pages that might be subject to SQL injection or other flaws. It works much like an ordinary webspider.

tags | tool, web, scanner, perl, sql injection
systems | unix
SHA-256 | 9cb6986b797426175a1291e3b23e30adf1943f258f3fe82b539799c2a65398c9
ftgate.txt
Posted Apr 15, 2004
Authored by Dr. Insane | Site members.lycos.co.uk

FTGateOffice/FTGatePro version 1.2 suffers from path exposure, cross site scripting, and validation errors.

tags | advisory, xss
SHA-256 | eba70e4d82f4cdab0151b0d9a32d2ad8b4275d178450f866cc85fb930b059524
unmaintain.html
Posted Apr 15, 2004
Authored by Roedy Green

Hilarious write up on how to ensure a job for life. Entitled How To Write Unmaintainable Code.

systems | unix
SHA-256 | 072640834400115a882c5d33808600c3886403df3eac4bd1952275b7a1bd169b
waraxe-2004-SA016.txt
Posted Apr 15, 2004
Authored by Janek Vind aka waraxe

Cross site scripting bugs exist in PHP-Nuke versions 6.x through 7.2.

tags | advisory, php, xss
SHA-256 | 0da992c6bc892cac7f6b99a84635a87953f1c508e250c836c2ccfb9e521244ce
sslbomb.c
Posted Apr 15, 2004
Authored by David Barroso, Alfredo Andres Omella | Site s21sec.com

Remote denial of service exploit for IIS SSL vulnerability documented in MS04-011.

tags | exploit, remote, denial of service
SHA-256 | f960c76a400cb9cfcd8e6e70117716d00cd34051375ddc7429703a7e73802833
wz_ex.c
Posted Apr 15, 2004
Authored by snooq | Site angelfire.com

Proof of concept exploit for the WinZip32 MIME Parsing Overflow. Tested against WinZip 8.1 on Windows XP SP1 and Windows 2000 SP1. Instructions for use are included.

tags | exploit, overflow, proof of concept
systems | windows
SHA-256 | 8a7e5cb801e4ff9423fec6d0c994638590a6f7103e548f3888181d78cc1db3c2
iDEFENSE Security Advisory 2004-04-14.t
Posted Apr 14, 2004
Authored by iDefense Labs, Greg MacManus | Site idefense.com

iDEFENSE Security Advisory 04.14.04: The Linux kernel performs no length checking on symbolic links stored on an ISO9660 file system, allowing a malformed CD to perform an arbitrary length overflow in kernel memory. Symbolic links on ISO9660 file systems are supported by the 'Rock Ridge' extension to the standard format. The vulnerability can be triggered by performing a directory listing on a maliciously constructed ISO file system, or attempting to access a file via a malformed symlink on such a file system. Many distributions allow local users to mount CDs, which makes them potentially vulnerable to local elevation attacks. The issue affects the 2.4.x, 2.5.x and 2.6.x kernel. Other kernel implementations may also be vulnerable.

tags | advisory, overflow, arbitrary, kernel, local
systems | linux
advisories | CVE-2004-0109
SHA-256 | 37ae99b004272092f2bfb32d3b0aec033f6d0b99842d8d8cde738ec767346788
emma.c
Posted Apr 14, 2004
Authored by zorlag

IRC channel key cracking utility. It attempts to crack the key to a given channel by using words from a file.

SHA-256 | ab422cee8737ea8e5c574c2dc3cf07dd3b8bbbd6278ed4df240147fec34a9a96
DumpSIS.zip
Posted Apr 14, 2004
Authored by Jimmy Shah

Symbian SIS file dumping utility that allows for analysis of potential malware without actual installation of files. It provides information on file headers (UIDs, Version, Number of Languages, Number of files), file list (Destination name by default, Source filename and file type).

systems | unix
SHA-256 | d54ac18aa8d178115a015817d8e70d42a716e4539b7ed6ca335d959292094899
cdpexpl.tgz
Posted Apr 14, 2004
Authored by priestmaster | Site priestmaster.org

Proof of concept demonstration exploit for cdp versions 0.4 and below.

tags | exploit, proof of concept
SHA-256 | 71e8dcfd75673f8e3b2dd6868f7308fc0129309e7be74ce7e3020b9fd0c39176
gdbvuln.txt
Posted Apr 14, 2004
Authored by priestmaster | Site priestmaster.org

Brief tutorial on using gdb for developing exploits.

tags | paper
SHA-256 | dd65c2569a794f3b7b150515a3f2ed9f78bfb12095612a88d76604a4d0f3fa8d
perlvuln.txt
Posted Apr 14, 2004
Authored by priestmaster | Site priestmaster.org

Brief tutorial on using Perl for developing exploits.

tags | paper, perl
SHA-256 | e4720a44d55438b6c8443d0789e3f56d813d0b5b979efac1ac7a1e23c05e3fac
Page 5 of 9
Back34567Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close