exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 16 of 16 RSS Feed

Files

Efficient Padding Oracle Attacks On Cryptographic Hardware
Posted Jun 27, 2012
Authored by Riccardo Focardi, Graham Steel, Joe-Kai Tsay, Lorenzo Simionato, Yusuke Kawamoto, Romain Bardou

This paper demonstrates how to exploit the encrypted key import functions of a variety of different cryptographic devices to reveal the imported key. The attacks are padding oracle attacks, where error messages resulting from incorrectly padded plaintexts are used as a side channel. This is the paper that made headlines regarding RSA tokens being cracked in 13 minutes.

tags | paper
SHA-256 | 2f956e99861dabc4d9e263529db1992adcbe71b48930cc4158b998b604dc42b0

Related Files

Backdooring WordPress To Get Cleartext Passwords
Posted Sep 11, 2021
Authored by Rafael Sousa

This paper demonstrates how to insert a backdoor in WordPress to get cleartext passwords anytime that a user logs in.

tags | paper
SHA-256 | 86a58a7a0e7f76d5a10b4c0f076df6f7acd2ba7b44bb9ce85aa4c428f169ff91
Roommate And Real Estate Listing Classified Response 1.0 XSS
Posted Dec 22, 2017
Authored by ShanoWeb

Roommate and Real Estate Listing Classified Response version 1.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | d54780016e5b539d90fcd5e721cc4385e43883abf2fb9de472fb98d7df5ede2c
Novell GroupWise Untrusted Pointer Dereference Exploitation
Posted Apr 4, 2013
Authored by High-Tech Bridge SA | Site htbridge.ch

In November, 2012, High-Tech Bridge Security Research Lab discovered multiple vulnerabilities in Novell GroupWise 2012. Details of the vulnerabilities were disclosed in April, 2013. This paper demonstrates vulnerability exploitation to execute arbitrary code on the vulnerable system.

tags | paper, arbitrary, vulnerability
advisories | CVE-2013-0804
SHA-256 | 247383f376ee16946d9314eb4cb430f00045438e994129e80eb43797b132b877
Intel SMEP Overview And Partial Bypass On Windows 8
Posted Sep 17, 2012
Authored by Artem Shishkin | Site ptsecurity.com

This paper provides an overview of a new hardware security feature introduced by Intel and covers its support on Windows 8. Among the other common features it complicates vulnerability exploitation on a target system. But if these features are not properly configured all of them may become useless. This paper demonstrates a security flaw on x86 version of Windows 8 leading to a bypass of the SMEP security feature.

tags | paper, x86
systems | windows
SHA-256 | 10a2d51d5bfd486134d95d8b2224eca2ab57042d0d379ba4799ab901aa84e922
RDP Exploitation Using Cain
Posted May 21, 2012
Authored by David J. Dodd

This paper demonstrates how to ARP poison a connection between Windows 7 and Windows 2008 R2 Server using Cain.

tags | paper
systems | windows
SHA-256 | a751245239f622e54ca2416bab2aef9e2485eae6f6c4782fd8b7a36a98c54142
rrdbrowse-advisory-03-2007.txt
Posted Mar 8, 2007
Authored by Sebastian Wolfgarten | Site devtarget.org

rrdbrowse versions 1.6 and below suffer from an arbitrary file disclosure vulnerability.

tags | exploit, arbitrary
SHA-256 | cca8d4336f4a7dd8d011665d3a65fb9d0b0656fdacef8ac9fe5e6dff2d1478e9
rrs-1.70.tar.gz
Posted May 30, 2004
Authored by Michel Blomgren aka Shadowinteger | Site cycom.se

rrs is a reverse (connecting) remote shell. Instead of listening for incoming connections it will connect out to a listener (rrs in listen mode). The listener will accept the connection and receive a shell from the remote host. rrs features full pseudo-tty support, full OpenSSL support (high encryption, client/server authentication, choice of cipher suites), Twofish encryption, a simple XOR cipher, plain-text (unencrypted) session, peer-side session monitoring (snooping), daemon option and reconnection features. rrs is Free Software distributed under the MIT License and is known to compile and run under Linux, FreeBSD, NetBSD, OpenBSD and QNX.

Changes: The -C option can now include several certificate files. This release also added CRL (Certificate Revocation List) support, the ability to choose the source port when connecting out (instead of having the kernel assign a source port), setuid support, and SSLv3 and SSLv2 support (not just TLSv1 as before). openssl_scripts was added, which contains a set of scripts to easily create a root CA, subordinate CA, and client/server certificates, and sign and revoke certificates.
tags | remote, shell
systems | linux, netbsd, unix, freebsd, openbsd
SHA-256 | ffd9098cf93da5bda65150fe241ec51eb0eb0e37edca038e6a2216bc12546e85
rrs-1.50.tar.gz
Posted May 12, 2004
Authored by Michel Blomgren aka Shadowinteger | Site cycom.se

rrs is a reverse (connecting) remote shell. Instead of listening for incoming connections it will connect out to a listener (rrs in listen mode). The listener will accept the connection and receive a shell from the remote host. rrs features full pseudo-tty support, full OpenSSL support (high encryption, client/server authentication, choice of cipher suites), Twofish encryption, a simple XOR cipher, plain-text (unencrypted) session, peer-side session monitoring (snooping), daemon option and reconnection features. rrs is Free Software distributed under the MIT License and is known to compile and run under Linux, FreeBSD, NetBSD, OpenBSD and QNX.

Changes: Included string.h into farm9crypt.cc.
tags | remote, shell
systems | linux, netbsd, unix, freebsd, openbsd
SHA-256 | d88505015c16f2edd0fa08ec1d5fe659035fd768314016daf711864453c44e27
rrs-1.49.tar.gz
Posted May 9, 2004
Authored by Michel Blomgren aka Shadowinteger | Site cycom.se

rrs is a reverse (connecting) remote shell. Instead of listening for incoming connections it will connect out to a listener (rrs in listen mode). The listener will accept the connection and receive a shell from the remote host. rrs features full pseudo-tty support, full OpenSSL support (high encryption, client/server authentication, choice of cipher suites), Twofish encryption, a simple XOR cipher, plain-text (unencrypted) session, peer-side session monitoring (snooping), daemon option and reconnection features. rrs is Free Software distributed under the MIT License and is known to compile and run under Linux, FreeBSD, NetBSD, OpenBSD and QNX.

tags | remote, shell
systems | linux, netbsd, unix, freebsd, openbsd
SHA-256 | e1731f76298f2b4aca4e90cbd80cd194f4e3c066efb4079b79d2674f6b009d1d
rrc_v0.2.tar.gz
Posted Oct 30, 2003
Authored by Roland

RRC (Roland Remote Control) v0.2 can be used to control a linux box from a remote location.

tags | tool, remote, rootkit
systems | linux, unix
SHA-256 | 719c7b410df362e95b1d5cb4c66aaedd13615bac51a55b16dbb1051e92f8e72a
rrg-jcs.zip
Posted Aug 26, 2002

Hacking Jenny Craig's phone system.

tags | bbs
SHA-256 | 7bc4c448350d13e86e57c83cf45bd995d64a6c4044c614907d019efaa9942273
rrc2-2.tar.gz
Posted Dec 21, 1999

rrc2-2.tar.gz

tags | encryption
SHA-256 | 227a8965ee15e25b31a973ecbc6f10f17960ca9a366178ecffc3f80d210e6233
rrc2.tar.gz
Posted Dec 21, 1999

rrc2.tar.gz

tags | encryption
SHA-256 | 35e9e00daadecbb8e1b4f62f802ee3e966df45fcbd12fc0033fec36b8ff79c29
rrc2.zip
Posted Dec 21, 1999

rrc2.zip

tags | encryption
SHA-256 | e032a95ef33e948cec4904d6fdd5e087708d1d95601378df2adc93d5fe9da672
rr-1.0.tgz
Posted Aug 17, 1999

Rotorouter v1.0 - Log incoming traceroutes, and optionally generate false responses. Linux.

tags | system logging
systems | linux, unix
SHA-256 | 4308fe98763ad878673d6ff406d00a8fce57aec439213c8420a718af7c7b6b59
rr.c.gz
Posted Aug 17, 1999
Authored by Humble

RotoRouter v1.9b - RotoRouter (pronounced row-toe row-ter) allows you log incoming traceroutes, and optionally generate false responses, allowing you to control what appears on someones traceroute. It can then forge replies. This beta version uses libpcap; the spoofed replies are broke but logging does seem to work well on non-linux systems.

tags | spoof, system logging
systems | linux, unix
SHA-256 | 56af5048bb7a4956516409620dbc255fa2e9c40ce75a3607db7cf0f2cf53b958
Page 1 of 1
Back1Next

File Archive:

October 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    10 Files
  • 2
    Oct 2nd
    0 Files
  • 3
    Oct 3rd
    12 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    18 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    0 Files
  • 8
    Oct 8th
    0 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close