exploit the possibilities
Showing 1 - 25 of 100 RSS Feed

Files

PCMAN FTP Server 2.0.7 MKD Buffer Overflow
Posted Apr 13, 2017
Authored by R-73eN, Ye Yint Min Thu Htut | Site metasploit.com

This Metasploit module exploits a buffer overflow vulnerability found in the MKD command of the PCMAN FTP version 2.0.7 Server. This requires authentication but by default anonymous credentials are enabled.

tags | exploit, overflow
MD5 | f51eee60f4b6d506307ef2bb13158e90

Related Files

Pure-FTPd 1.0.21 Denial Of Service
Posted Aug 14, 2012
Authored by Kingcope

Pure-FTPd version 1.0.21 crash proof of concept exploit that leverages a NULL pointer dereference.

tags | exploit, proof of concept
MD5 | 92e10f766d544df6057bc6a709f00f5e
NetDecision 4.2 TFTP Writable Directory Traversal Execution
Posted Aug 9, 2012
Authored by Rob Kraus, juan vazquez | Site metasploit.com

This Metasploit module exploits a vulnerability found in NetDecision 4.2 TFTP server. The software contains a directory traversal vulnerability that allows a remote attacker to write arbitrary file to the file system, which results in code execution under the context of user executing the TFTP Server.

tags | exploit, remote, arbitrary, code execution
advisories | CVE-2009-1730, OSVDB-54607
MD5 | 50854cb971dc87b2cb4c48dcf38444d5
Secunia Security Advisory 50138
Posted Aug 7, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for globus-gridftp-server. This fixes a security issue, which can be exploited by malicious users to bypass certain security restrictions.

tags | advisory
systems | linux, debian
MD5 | b7033271f917f74e4e1c3b75c9f2f577
Debian Security Advisory 2523-1
Posted Aug 6, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2523-1 - It was discovered that the GridFTP component from the Globus Toolkit, a toolkit used for building Grid systems and applications performed insufficient validation of a name lookup, which could lead to privilege escalation.

tags | advisory
systems | linux, debian
advisories | CVE-2012-3292
MD5 | 25b65d162abb514141c1ba7195d4d1f5
Novell ZENworks Configuration Management Preboot Service 0x21 Buffer Overflow
Posted Jul 19, 2012
Authored by Stephen Fewer, juan | Site metasploit.com

This Metasploit module exploits a remote buffer overflow in the ZENworks Configuration Management 10 SP2. The vulnerability exists in the Preboot service and can be triggered by sending a specially crafted packet with the opcode 0x21 (PROXY_CMD_FTP_FILE) to port 998/TCP. The module has been successfully tested on Novell ZENworks Configuration Management 10 SP2 and Windows Server 2003 SP2 (DEP bypass).

tags | exploit, remote, overflow, tcp
systems | windows
advisories | OSVDB-65361
MD5 | 152908928a9c6adae51d63c01d75b875
Zero Day Initiative Advisory 12-127
Posted Jul 19, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-127 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP StorageWorks File Migration Agent. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HsmCfgSvc.exe service which listens by default on TCP port 9111. When processing FTP archives the process does not properly validate the size of the root path specified and proceeds to copy the string into a fixed-length buffer on the stack. This can be exploited to execute arbitrary remote code under the context of the running service.

tags | advisory, remote, arbitrary, root, tcp
MD5 | 3bd1527f37b4a47ba8810e2a866dc506
PHP Secure Communications Library 0.3.0
Posted Jul 10, 2012
Authored by Jim Wigginton | Site phpseclib.sourceforge.net

PHP Secure Communications Library is a set of pure PHP implementations of DES, 3DES, RC4, Rijndael, AES, RSA (PKCS#1 compliant [v2.1]), SSH-1, SSH-2, and SFTP.

Changes: This release adds support for resuming Net_SFTP::put(), support for recursive deletes and recursive chmods to Net_SFTP, setTimeout() to Net_SSH2, support for PBKDF2 to the various Crypt_* classes via setPassword(), File_X509 and File_ASN1, and the ability to decode ANSI escape codes via File_ANSI. Private keys can now be saved in various formats in Crypt_RSA. Net_SSH2::getServerPublicHostKey() returns a printer-friendly version of the public key.
tags | encryption, crypto, php, library
MD5 | e2efcbd7e09717dcb7e2018e8f56a08f
Hydra Network Logon Cracker 7.3
Posted Jul 5, 2012
Authored by van Hauser, thc | Site thc.org

THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.

Changes: Multiple enhancements and fixed to Hydra main, the SNMP module, the HTTP module, and more. Added IDN and PCRE support for Cygwin.
tags | tool, web, imap
systems | cisco, unix
MD5 | 34f9c21eae24fdc542ba21abc61b05d1
Secunia Security Advisory 49685
Posted Jun 26, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gitsnik has discovered a vulnerability in SoftPerfect Bandwidth Manager, which can be exploited by malicious people to disclose potentially sensitive information.

tags | advisory
MD5 | e38580cd4a9bbe0ac766dd11974cc048
Nmap Port Scanner 6.01
Posted Jun 24, 2012
Authored by Fyodor | Site insecure.org

Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings.

Changes: Multiple bug fixes.
tags | tool, remote, udp, tcp, protocol, nmap
systems | linux, unix
MD5 | bf87f6cabb1b65576f73140a1feb207c
Tor-ramdisk i686 UClibc-based Linux Distribution x86 20120622
Posted Jun 23, 2012
Authored by Anthony G. Basile | Site opensource.dyc.edu

Tor-ramdisk is an i686 uClibc-based micro Linux distribution whose only purpose is to host a Tor server in an environment that maximizes security and privacy. Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. Security is enhanced by employing a monolithically compiled GRSEC/PAX patched kernel and hardened system tools. Privacy is enhanced by turning off logging at all levels so that even the Tor operator only has access to minimal information. Finally, since everything runs in ephemeral memory, no information survives a reboot, except for the Tor configuration file and the private RSA key which may be exported/imported by FTP. x86 version.

Changes: Tor was updated to 0.2.2.37, BusyBox to 1.20.1, and the kernel to 3.4.2 plus Gentoo's hardened-patches-3.4.2-2.extras. The MIPS port also incorporated these changes, but for this architecture the kernel was kept at vanilla 3.2.5.
tags | tool, x86, kernel, peer2peer
systems | linux
MD5 | 8bca855c501194fb025858c5c786fa1a
Gentoo Linux Security Advisory 201206-12
Posted Jun 22, 2012
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201206-12 - A vulnerability was found in tftp-hpa, which leads to remote execution of arbitrary code. Versions less than 5.1 are affected.

tags | advisory, remote, arbitrary
systems | linux, gentoo
advisories | CVE-2011-2199
MD5 | b05f934d4752b8fbbea52f0668f520cd
Red Hat Security Advisory 2012-0841-04
Posted Jun 20, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0841-04 - ABRT is a tool to help users to detect defects in applications and to create a bug report with all the information needed by a maintainer to fix it. It uses a plug-in system to extend its functionality. libreport provides an API for reporting different problems in applications to different bug targets, such as Bugzilla, FTP, and Trac. The btparser utility is a backtrace parser and analyzer library, which works with backtraces produced by the GNU Project Debugger. It can parse a text file with a backtrace to a tree of C structures, allowing to analyze the threads and frames of the backtrace and process them.

tags | advisory
systems | linux, redhat
advisories | CVE-2011-4088, CVE-2012-1106
MD5 | a3c74440d181554b485de7a62e6a62f3
Anonymous FTP Scanning Scripts
Posted Jun 15, 2012
Authored by Ajith KP

This is a set of python script that will scan a set of FTP servers to see if they allow anonymous access.

tags | tool, scanner, python
systems | unix
MD5 | a168b782fa571c886b012d9a63b2063a
XM Easy Personal FTP Server 5.30 Format String
Posted Jun 14, 2012
Authored by mr_me

XM Easy Personal FTP Server version 5.30 and below remote format string write4 exploit with a connect back shell.

tags | exploit, remote, shell
MD5 | de40f1aebfa099874bff66f190c0a7be
ComSndFTP 1.3.7 Beta USER Format String (Write4)
Posted Jun 14, 2012
Authored by Rick, corelanc0d3r, mr_me, ChaoYi Huang | Site metasploit.com

This Metasploit module exploits the ComSndFTP FTP Server version 1.3.7 beta by sending a specially crafted format string specifier as a username. The crafted username is sent to to the server to overwrite the hardcoded function pointer from Ws2_32.dll!WSACleanup. Once this function pointer is triggered, the code bypasses dep and then repairs the pointer to execute arbitrary code. The SEH exit function is preferred so that the administrators are not left with an unhandled exception message. When using the meterpreter payload, the process will never die, allowing for continuous exploitation.

tags | exploit, arbitrary
MD5 | ad58b74e16513fde63bd760903b78714
ComSndFTP 1.3.7 Beta Format String Overflow
Posted Jun 8, 2012
Authored by demonalex

ComSndFTP server version 1.3.7 Beta suffers from a format string denial of service vulnerability.

tags | exploit, denial of service, overflow
MD5 | 9537fb0ce2655728f1cd7748fbc0606a
Intercepter Sniffer 0.9.3
Posted Jun 3, 2012
Authored by Ares | Site sniff.su

Intercepter is a sniffer that offers various capabilities including sniffing for password hashes related to ICQ/IRC/AIM/FTP/IMAP/POP3/SMTP/LDAP/BNC/SOCKS/HTTP/WWW/NNTP/CVS/TELNET/MRA/DC++/VNC/MYSQL and ORACLE. It also sniffs ICQ/AIM/JABBER/YAHOO/MSN/GADU-GADU/IRC and MRA protocols. It has a built-in arp poisoning module, can change MAC addresses of LAN adapters, and has various other interesting functionality.

Changes: Major update of sslstripping code. RAW mode updated. Updated wifi mode and improve mitm code. Various other updates.
tags | tool, web, sniffer, imap, protocol
MD5 | 0a04342b822ec633383c05ccdd37df02
Intercepter-NG Console Edition 0.1
Posted Jun 3, 2012
Authored by Ares | Site sniff.su

Intercepter-NG [Console Edition] is a sniffer that offers various capabilities including sniffing for password hashes related to ORACLE/MYSQL/VNC/NNTP/CVS/WWW/HTTP/SOCKS/MRA/FTP/POP3/SMTP/IMAP/LDAP/AIM. It works on NT/Linux/BSD/IOS/Android and is optimized for screen size 80x30 or higher.

tags | tool, web, sniffer, imap
systems | linux, bsd, apple
MD5 | 59d425358d2c05263fbf2efed0ceca04
Tor-ramdisk i686 UClibc-based Linux Distribution x86 20120601
Posted Jun 2, 2012
Authored by Anthony G. Basile | Site opensource.dyc.edu

Tor-ramdisk is an i686 uClibc-based micro Linux distribution whose only purpose is to host a Tor server in an environment that maximizes security and privacy. Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. Security is enhanced by employing a monolithically compiled GRSEC/PAX patched kernel and hardened system tools. Privacy is enhanced by turning off logging at all levels so that even the Tor operator only has access to minimal information. Finally, since everything runs in ephemeral memory, no information survives a reboot, except for the Tor configuration file and the private RSA key which may be exported/imported by FTP. x86 version.

Changes: This release incorporates major changes from upstream to all components of tor-ramdisk. Tor was updated to 0.2.2.36, libevent to 2.0.18, OpenSSH to 6.0p1, BusyBox to 1.20.0, and uclibc to 0.9.33.2, and the kernel was updated to 3.2.11 plus Gentoo's hardened-patches-3.2.11-1.extras. The MIPS port also incorporated these changes, but for this architecture libevent was updated to 2.0.19 and the kernel to 3.2.5.
tags | tool, x86, kernel, peer2peer
systems | linux
MD5 | b51c8a09cfd83dfb8bf78f9d2819cec7
Secunia Security Advisory 49301
Posted May 29, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in TFTPD32, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
MD5 | 76e0f39ac74ba25b5a7d3699d39b296f
Tftpd32 DNS 4.00 Denial Of Service
Posted May 28, 2012
Authored by demonalex

Tftpd32 DNS server version 4.00 suffers from a denial of service vulnerability.

tags | exploit, denial of service
MD5 | bc2fcb4c55b29ea49177772276cf3a8f
QuickShare File Share 1.2.1 Directory Traversal
Posted May 27, 2012
Authored by sinn3r, modpr0be | Site metasploit.com

This Metasploit module exploits a vulnerability found in QuickShare File Share's FTP service. By supplying "../" in the file path, it is possible to trigger a directory traversal flaw, allowing the attacker to read a file outside the virtual directory. By default, the "Writable" option is enabled during account creation, therefore this makes it possible to create a file at an arbitrary location, which leads to remote code execution.

tags | exploit, remote, arbitrary, code execution
advisories | OSVDB-70776
MD5 | f232667933a9b74318156ffe27e5e96c
Tftpd32 DHCP Serve 4.00 Denial Of Service
Posted May 23, 2012
Authored by demonalex

Tftpd32 DHCP server version 4.00 suffers from a denial of service vulnerability.

tags | exploit, denial of service
MD5 | 14c81609053a39ca524e34835259abdf
Nmap Port Scanner 6.00
Posted May 22, 2012
Authored by Fyodor | Site insecure.org

Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings.

Changes: NSE has been enhanced, there is better web scanning, full IPv6 support added, a new nping tool, better zenmap gui, and faster scans. First major release since 2009.
tags | tool, remote, udp, tcp, protocol, nmap
systems | linux, unix
MD5 | d51565cbed63a648275890cfa8415dc6
Page 1 of 4
Back1234Next

File Archive:

April 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    21 Files
  • 2
    Apr 2nd
    35 Files
  • 3
    Apr 3rd
    21 Files
  • 4
    Apr 4th
    16 Files
  • 5
    Apr 5th
    15 Files
  • 6
    Apr 6th
    1 Files
  • 7
    Apr 7th
    2 Files
  • 8
    Apr 8th
    23 Files
  • 9
    Apr 9th
    19 Files
  • 10
    Apr 10th
    15 Files
  • 11
    Apr 11th
    14 Files
  • 12
    Apr 12th
    11 Files
  • 13
    Apr 13th
    2 Files
  • 14
    Apr 14th
    5 Files
  • 15
    Apr 15th
    14 Files
  • 16
    Apr 16th
    19 Files
  • 17
    Apr 17th
    19 Files
  • 18
    Apr 18th
    3 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close