what you don't know can hurt you
Showing 1 - 25 of 70 RSS Feed

Operating System: Windows 32

Whale Win32 Attack Surface Toolkit
Posted Dec 7, 2016
Authored by Jeremy Brown

Whale in a win32 attack surface toolkit written in C#. It's capable of monitoring many of different areas of the Windows for new and removed kernel objects, open ports, drivers, services and much more. It also allows a user to test for different bug classes and has found a few interesting issues across the sub-systems.

tags | tool, kernel
systems | windows, 32
MD5 | 7c7cd88d5b54f9d2ccbe3d190ca4c39e
Packet Storm Advisory 2013-0827-1 - Oracle Java ByteComponentRaster.verify()
Posted Aug 27, 2013
Site packetstormsecurity.com

The ByteComponentRaster.verify() method in Oracle Java versions prior to 7u25 is vulnerable to a memory corruption vulnerability that allows bypassing of "dataOffsets[]" boundary checks. This vulnerability allows for remote code execution. User interaction is required for this exploit in that the target must visit a malicious page or open a malicious file. This finding was purchased through the Packet Storm Bug Bounty program.

tags | advisory, java, remote, code execution, bug bounty, packet storm
systems | linux, windows, 2k, 9x, 32, apple, xp, 7
MD5 | 77519f9b4876e7d0d73f2f37ac46a425
Packet Storm Exploit 2013-0827-1 - Oracle Java ByteComponentRaster.verify() Memory Corruption
Posted Aug 27, 2013
Site packetstormsecurity.com

The ByteComponentRaster.verify() method in Oracle Java versions prior to 7u25 is vulnerable to a memory corruption vulnerability that allows bypassing of "dataOffsets[]" boundary checks. This exploit code demonstrates remote code execution by popping calc.exe. It was obtained through the Packet Storm Bug Bounty program.

tags | exploit, java, remote, code execution, bug bounty, packet storm
systems | linux, windows, 2k, 9x, 32, apple, xp, 7
MD5 | 0484b9b754cdc4c848b8b28389bc8aaa
Packet Storm Advisory 2013-0819-1 - Oracle Java BytePackedRaster.verify()
Posted Aug 19, 2013
Site packetstormsecurity.com

The BytePackedRaster.verify() method in Oracle Java versions prior to 7u25 is vulnerable to a signed integer overflow that allows bypassing of "dataBitOffset" boundary checks. This vulnerability allows for remote code execution. User interaction is required for this exploit in that the target must visit a malicious page or open a malicious file. This finding was purchased through the Packet Storm Bug Bounty program.

tags | advisory, java, remote, overflow, code execution, bug bounty, packet storm
systems | linux, windows, 2k, 9x, 32, apple, xp, 7
MD5 | d3b7d95ba0be7fa25a186fccfcc35995
Packet Storm Exploit 2013-0819-1 - Oracle Java BytePackedRaster.verify() Signed Integer Overflow
Posted Aug 19, 2013
Site packetstormsecurity.com

The BytePackedRaster.verify() method in Oracle Java versions prior to 7u25 is vulnerable to a signed integer overflow that allows bypassing of "dataBitOffset" boundary checks. This exploit code demonstrates remote code execution by popping calc.exe. It was obtained through the Packet Storm Bug Bounty program.

tags | exploit, java, remote, overflow, code execution, bug bounty, packet storm
systems | linux, windows, 2k, 9x, 32, apple, xp, 7
MD5 | e8c53973c75ea825b56675a356e6958a
Packet Storm Advisory 2013-0813-1 - Oracle Java IntegerInterleavedRaster.verify()
Posted Aug 14, 2013
Site packetstormsecurity.com

The IntegerInterleavedRaster.verify() method in Oracle Java versions prior to 7u25 is vulnerable to a signed integer overflow that allows bypassing of "dataOffsets[0]" boundary checks. This vulnerability allows for remote code execution. User interaction is required for this exploit in that the target must visit a malicious page or open a malicious file. This finding was purchased through the Packet Storm Bug Bounty program.

tags | advisory, java, remote, overflow, code execution, bug bounty, packet storm
systems | linux, windows, 2k, 9x, 32, apple, xp, 7
MD5 | 66b47dfda969e55a09e7ac25861c8486
Packet Storm Exploit 2013-0813-1 - Oracle Java IntegerInterleavedRaster.verify() Signed Integer Overflow
Posted Aug 14, 2013
Site packetstormsecurity.com

The IntegerInterleavedRaster.verify() method in Oracle Java versions prior to 7u25 is vulnerable to a signed integer overflow that allows bypassing of "dataOffsets[0]" boundary checks. This exploit code demonstrates remote code execution by popping calc.exe. It was obtained through the Packet Storm Bug Bounty program.

tags | exploit, java, remote, overflow, code execution, bug bounty, packet storm
systems | linux, windows, 2k, 9x, 32, apple, xp, 7
MD5 | 0dbe90f085f956db88aac3e897a70289
Packet Storm Advisory 2013-0811-1 - Oracle Java storeImageArray()
Posted Aug 12, 2013
Site packetstormsecurity.com

Oracle Java versions prior to 7u25 suffer from an invalid array indexing vulnerability that exists within the native storeImageArray() function inside jre/bin/awt.dll. This vulnerability allows for remote code execution. User interaction is required for this exploit in that the target must visit a malicious page or open a malicious file. This finding was obtained through the Packet Storm Bug Bounty program.

tags | advisory, java, remote, code execution, bug bounty, packet storm
systems | linux, windows, 2k, 9x, 32, apple, xp, 7
advisories | CVE-2013-2465, OSVDB-96269
MD5 | db785e46bf5c2d592d198749b74d7acd
Packet Storm Exploit 2013-0811-1 - Oracle Java storeImageArray() Invalid Array Indexing Code Execution
Posted Aug 12, 2013
Site packetstormsecurity.com

Oracle Java versions prior to 7u25 suffer from an invalid array indexing vulnerability that exists within the native storeImageArray() function inside jre/bin/awt.dll. This exploit code demonstrates remote code execution by popping calc.exe. It was obtained through the Packet Storm Bug Bounty program.

tags | exploit, java, remote, code execution, bug bounty, packet storm
systems | linux, windows, 2k, 9x, 32, apple, xp, 7
advisories | CVE-2013-2465, OSVDB-96269
MD5 | 75f487c61517e74a3d453dff5eab12d5
SetNamedSecurityInfo() Ignores / Destroys Protected DACLs / SACLs
Posted Jun 19, 2012
Authored by Stefan Kanthak

With Windows 2000 Microsoft introduced the inheritance of access rights and new Win32-API functions like SetNamedSecurityInfo() which handle the inheritance. SetNamedSecurityInfo() but has a serious bug: it applies inheritable ACEs from a PARENT object to a target object even if it must not do so, indicated by the flags SE_DACL_PROTECTED and/or SE_SACL_PROTECTED in the security descriptor of the target object.

tags | advisory
systems | windows, 2k, 32
MD5 | 0ed4f85fb35e5a60a55c2633b90b012d
Quarks PwDump 0.1b
Posted May 20, 2012
Authored by Kaczmarek Sebastien | Site code.google.com

Quarks PwDump is a native Win32 tool to extract credentials from Windows operating systems. It currently extracts local accounts NT/LM hashes and history, domain accounts NT/LM hashes and history, cached domain password, and Bitlocker recovery information.

tags | local, cracker
systems | windows, 32
MD5 | 8f2cf3805445690010dece3116715100
Win32/XP SP3 Shutdown Shellcode
Posted May 2, 2011
Authored by Xecuti0N3r

56 bytes small Win32/XP SP3 shutdown windows shellcode with a 30 second timer.

tags | shellcode
systems | windows, 32
MD5 | 182664fc2d212409720fbfded5bfc869
Win32/XP SP3 Windows Magnifier Shellcode
Posted May 2, 2011
Authored by Xecuti0N3r

52 bytes small Win32/XP SP3 windows magnifier shellcode.

tags | shellcode
systems | windows, 32
MD5 | bac8355339141caa3a39f93d72f49b86
Win32 Eggsearch Shellcode
Posted Mar 6, 2011
Authored by Georg Wicherski

33 bytes small Win32 egg searching shellcode that should work on all service packs of Microsoft Windows XP, 2k, and 2k3.

tags | exploit, shellcode
systems | windows, 32, xp
MD5 | a9524dd50a13031010fe4e9dca0ee7f8
VideoLAN Client (VLC) Win32 smb:// URI Buffer Overflow
Posted Feb 15, 2010
Authored by jduck | Site metasploit.com

This Metasploit module exploits a stack-based buffer overflow in the Win32AddConnection function of the VideoLAN VLC media player. Versions 0.9.9 throught 1.0.1 are reportedly affected. This vulnerability is only present in Win32 builds of VLC. This payload was found to work with the windows/exec and windows/meterpreter/reverse_tcp payloads. However, the windows/meterpreter/reverse_ord_tcp was found not to work.

tags | exploit, overflow
systems | windows, 32
advisories | CVE-2009-2494
MD5 | 02c364203a4d1094c2b1e9c21f293ef3
MSF-XB11.rar
Posted Oct 27, 2008
Authored by Jerome Athias | Site securinfos.info

MSF eXploit Builder is a Windows GUI to build Metasploit Framework exploit modules. It will help you to edit/modify/create/test exploit modules for the Metasploit Framework. Full source release. It includes a built-in fuzzer, a win32 debugger, and a lot of tools used in the process of exploit development.

tags | tool, fuzzer
systems | windows, unix, 32
MD5 | 20e658f3ba78549a9343941bc64f2a7c
vinetto-beta-0.07.tar.gz
Posted Jun 20, 2007
Authored by rukin | Site vinetto.sourceforge.net

Vinetto is a tool intended for forensics examinations. It is a console program to extract thumbnail images and their metadata from those thumbs.db files generated under Microsoft Windows. Vinetto works under Linux, Cygwin(win32) and Mac OS X.

tags | tool, forensics
systems | linux, windows, 32, apple, osx
MD5 | 3bfab4eaacde52a66a6829dddc7511cc
Technical Cyber Security Alert 2007-163A
Posted Jun 13, 2007
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert TA07-163A - Microsoft has released updates that address critical vulnerabilities in Microsoft Windows, Windows Secure Channel, Internet Explorer, Win32 API, Windows Mail and Outlook Express. Exploitation of these vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service on a vulnerable system.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | windows, 32
MD5 | e1b9b39be2763f6b1f9ee8392e97d7be
02062007-raptor_winudf.tgz
Posted Feb 8, 2007
Authored by Marco Ivaldi

This is a MySQL backdoor kit for Windows based on the UDFs (User Defined Functions) mechanism. It can be used to spawn a reverse shell (netcat UDF on port 80/tcp) or to execute single OS commands (exec UDF). Tested on MySQL 4.0.18-win32 (running on Windows XP SP2), MySQL 4.1.22-win32 (running on Windows XP SP2), MySQL 5.0.27-win32 (running on Windows XP SP2).

tags | exploit, shell, tcp
systems | windows, 32, xp
MD5 | 7c61df06ad51543872d66efc84c7858c
vinetto-alpha-0.06.tar.gz
Posted May 9, 2006
Authored by rukin | Site vinetto.sourceforge.net

Vinetto is a tool intended for forensics examinations. It is a console program to extract thumbnail images and their metadata from those thumbs.db files generated under Microsoft Windows. Vinetto works under Linux, Cygwin(win32) and Mac OS X.

tags | tool, forensics
systems | linux, windows, 32, apple, osx
MD5 | 6c7fcb1a5111d8517f0b6ae877eab5ff
vinetto-alpha-0.05.tar.gz
Posted Apr 29, 2006
Authored by rukin | Site vinetto.sourceforge.net

Vinetto is a tool intended for forensics examinations. It is a console program to extract thumbnail images and their metadata from those thumbs.db files generated under Microsoft Windows. Vinetto works under Linux, Cygwin(win32) and Mac OS X.

tags | tool, forensics
systems | linux, windows, 32, apple, osx
MD5 | f3e8be62feb4a37b3ad3d64d2fdbf650
snort_bo_overflow_win32.pm.txt
Posted Nov 2, 2005
Authored by Trirat Puttaraksa

Remote Snort Back Orifice preprocessor overflow Metasploit exploit for Win32 targets. Exploits Snort versions 2.4.0 through 2.4.2. Tested against Snort 2.4.2 Binary with Windows XP Professional SP1/SP2, Windows Server 2003 SP1, Windows Server 2000 SP0, and Windows 2000 Professional SP0.

tags | exploit, remote, overflow
systems | windows, 2k, 32, xp
MD5 | 64e0a9ba3164254f4a2ed9132d75616b
cabrightstor_disco_servicepc.pm
Posted Feb 18, 2005
Authored by H D Moore | Site metasploit.com

CA BrightStor Discovery Service SERVICEPC Overflow for Win32, win2000, winxp, and win2003 which exploits a vulnerability in the TCP listener on port 45123. Affects all known versions of the BrightStor product. More information available here.

tags | exploit, overflow, tcp
systems | windows, 2k, 32
MD5 | 24691076d35d4bb512eadbea343374f2
cabrightstor_disco.pm
Posted Feb 18, 2005
Authored by Thor Doomen

The CA BrightStor Discovery Service overflow exploit is a perl module exploits a vulnerability in the CA BrightStor Discovery Service which occurs when a large request is sent to UDP port 41524, triggering a stack overflow. Targets include Win32, win2000, winxp, and win2003. More information available here.

tags | exploit, overflow, udp, perl
systems | windows, 2k, 32
advisories | CVE-2005-0260
MD5 | b2bd9b3e6cf0a59af941b2e26e28e90a
weplab-0.1.3.tar.gz
Posted Dec 10, 2004
Authored by topolb | Site sourceforge.net

Weplab Win32 is a windows tool to review the security of WEP encryption in wireless networks from an educational point of view. Several attacks are available to help measure the effectiveness and minimum requirements necessary to succeed.

Changes: Fixed some bugs and added a man page.
tags | tool, wireless
systems | windows, 32
MD5 | a3c142ed28836c452d4378b3636012a3
Page 1 of 3
Back123Next

File Archive:

September 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    5 Files
  • 2
    Sep 2nd
    5 Files
  • 3
    Sep 3rd
    3 Files
  • 4
    Sep 4th
    13 Files
  • 5
    Sep 5th
    16 Files
  • 6
    Sep 6th
    15 Files
  • 7
    Sep 7th
    20 Files
  • 8
    Sep 8th
    16 Files
  • 9
    Sep 9th
    4 Files
  • 10
    Sep 10th
    2 Files
  • 11
    Sep 11th
    15 Files
  • 12
    Sep 12th
    19 Files
  • 13
    Sep 13th
    20 Files
  • 14
    Sep 14th
    38 Files
  • 15
    Sep 15th
    31 Files
  • 16
    Sep 16th
    1 Files
  • 17
    Sep 17th
    7 Files
  • 18
    Sep 18th
    15 Files
  • 19
    Sep 19th
    40 Files
  • 20
    Sep 20th
    8 Files
  • 21
    Sep 21st
    1 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close