what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 49 RSS Feed

Files

A Short Tale Of Proxy Leakage
Posted Oct 22, 2020
Authored by David Coomber

A brief write up discussing disclosure of internal IPs and hostnames from Apple bots leveraging Via and X-Forwarded-For headers.

tags | paper
systems | apple
SHA-256 | b673e03e8e1aa51151d99f5859b00763aeba232a9176600740c438ec5fb79def

Related Files

Insecure sprintf Of C
Posted Dec 20, 2021
Authored by x90c

This is a brief write up discussing insecure functions susceptible to classic buffer overflows.

tags | paper, overflow
SHA-256 | 6c56ef6f21fb5c517c4f05fbff6461b2f130d800355ad39593d8b2f06bee3943
PHP Shell Backdoors
Posted Dec 20, 2014
Authored by KnocKout

This is a brief write up noting javascript backdoors left in common PHP shells.

tags | paper, shell, php, javascript
SHA-256 | 5cfb1217e9087a15de79d56e9f05827f2a275f0a080cf8427518a3cba732ef2f
NULL Page Mitigations On Windows 8 x86
Posted May 22, 2014
Authored by Tavis Ormandy

This is a brief write up that discusses NULL page mitigations on Windows 8 and includes a piece of proof of concept code.

tags | exploit, proof of concept
systems | linux, windows
SHA-256 | a7d45dd13990e785f7ee6bbec647ae6693fc0348799ef70a34911098b0fb2da6
Exploiting Cisco EPC3925 In The Netherlands
Posted Mar 9, 2014
Authored by s3rgio

This is a brief write up discussing exploitation of the cross site request forgery vulnerability discovered in the Cisco EPC3925 router.

tags | paper, csrf
systems | cisco
SHA-256 | e0e9eb1360b28fa8b096368773821f3b01656d4faedb41fc2062ac1a7094eaff
64-bit calc.exe Stack Overflow Root Cause Analysis
Posted Dec 22, 2013
Authored by Dark-Puzzle

This is a brief write up discussing a root cause analysis of why spawning calc.exe triggered a stack overflow.

tags | paper, overflow, root
SHA-256 | df816f981278218c855742bbf91b22db7088072ca5aade2974f7d629781ce6e6
Using A Password With A Netcat Shell
Posted Jul 18, 2013
Authored by Vittorio Milazzo

This is a brief write up that provides a shell script for passwording a shell bound with netcat.

tags | paper, shell
SHA-256 | cfc1acda80ec146d9ab2c3f0450fde46f259d590816a5459a6af88bcf081612e
McAfee Web Gateway And Squid Proxy 3.1.19 Bypass
Posted Apr 13, 2012
Authored by Gabriel Menezes Nunes

McAfee Web Gateway and Squid Proxy version 3.1.19 suffers from a bypass vulnerability due to putting trust in Host headers. Proof of concept tool included. Squid is only vulnerable to the attacks if the filtered site is using SSL.

tags | exploit, web, proof of concept, bypass
systems | unix
advisories | CVE-2012-2212, CVE-2012-2213
SHA-256 | fd5a23a84846044a1ea5a10e1231aba1d4783081f27119ecd5de07b7485b6ad5
Proxy Check 02122011
Posted Mar 21, 2012
Authored by Alejandro Ramos | Site securitybydefault.com

Proxy Check is a tool that includes a website to automate testing for web proxy content filtering. It has a battery of tests that includes looking for typically malicious URLs, several PDF exploits, and more.

tags | tool, web, scanner
systems | linux, unix
SHA-256 | ac9e7fea81ae9f981e0e3a0a3524dbb37d2aefac198ef4e781a1ffbf6cab1891
Google V8 Server-Side Javascript Injection
Posted Feb 27, 2012
Authored by Felipe Daragon | Site syhunt.com

This is a brief write up discussing Google V8 server-side javascript (SSJS) injection.

tags | paper, javascript
SHA-256 | 7652f540e79f74e1eff943b389b6f7f03423371c27f0d655323015f9f003002b
Time-Based Blind NoSQL Injection
Posted Dec 19, 2011
Authored by Felipe Daragon | Site syhunt.com

This is a brief write up discussing time-based NoSQL injection attacks using javascript.

tags | paper, javascript, sql injection
SHA-256 | 38f29f6bb429406f5f75bcf44692f842d085e1f1bc2d98124da439be4d863cc3
eyeOS Shell Upload / Cross Site Scripting
Posted May 12, 2011
Authored by knull | Site leethack.info

This is a brief write up discussing how to leverage cross site scripting and shell upload vulnerabilities in eyeOS versions prior to 1.9.0.3.

tags | exploit, shell, vulnerability, xss
SHA-256 | a85cc3f9867494f8f5494efd6b0a2014c6c25a8a712b1ca45e7374338ed1221b
DNS Spoofing With Scapy
Posted Mar 23, 2011
Authored by yur4kh4

This is a brief write up with examples on how to perform DNS spoofing using Scapy. Written in Indonesian.

tags | paper, spoof
SHA-256 | fda8f6b2be4199e0eb722ba337268ab1fadf3a12c254a57601fb651642c27475
Proxyroll.com Clone PHP Script Insecure Cookie Handling
Posted Jan 4, 2010
Authored by DigitALL

Proxyroll.com Clone PHP Script suffers from an insecure cookie handling vulnerability that allows for price manipulation.

tags | exploit, php, insecure cookie handling
SHA-256 | 753cb612f700baa9a7d713c5b8ff9e1d55bcc89f7cdc147d545a2d6c8960eaf4
Proxy-Pro Professional GateKeeper 4.7 GET Request Overflow
Posted Oct 30, 2009
Authored by MC | Site metasploit.com

This Metasploit module exploits a stack overflow in Proxy-Pro Professional GateKeeper 4.7. By sending a long HTTP GET to the default port of 3128, a remote attacker could overflow a buffer and execute arbitrary code.

tags | exploit, remote, web, overflow, arbitrary
advisories | CVE-2004-0326
SHA-256 | f263e459a51ce3b19e265dbc0a01b7a3c3ab6600a69d08d3754887972c12e298
Whitepaper About Blind SQL Injection
Posted Aug 6, 2009
Authored by MizoZ

This is a brief write up discussing blind SQL injection attacks. Written in French.

tags | paper, sql injection
SHA-256 | 850e44ffacd06e23d7caec378232e76af6b7f4ef2eb9209c89c61b21dba24190
Proxy List Script Cross Site Scripting
Posted Jul 21, 2009
Authored by Moudi

Proxy List Script suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 78c1633de2d11ecee72b11335cee10a951478454867363eebb7ba913fa8f825a
Proxy Harvesting Tool
Posted May 19, 2009
Authored by low1z | Site darkc0de.com

Proxy Harvesting tool that uses google and evaluates the sites.

tags | tool, scanner
systems | unix
SHA-256 | 517e1265f9e5f9aae9917f456036e6e736b6c8cd4018adce8f4760ccafdb26cf
proxyScan-0.3.tgz
Posted Sep 9, 2008
Authored by Ed Blanchfield | Site e-things.org

proxyScan.pl is a security penetration testing tool to scan for hosts and ports through a Web proxy server. Features include various HTTP methods such as GET, CONNECT, HEAD as well as host and port ranges.

tags | tool, web, scanner
systems | unix
SHA-256 | 6eced49949c30e88205a4cd63d797c5592dcfaa4de30d29dbe99df9e6b80fa9a
proxystrike-v1.0.zip
Posted Apr 1, 2008
Authored by Carlos del Ojo Elias | Site edge-security.com

ProxyStrike is an active Web Application Proxy and is a tool designed to find vulnerabilities while browsing an application. It current has SQL injection and cross site scripting modules. This is the Windows version. Written in Python.

tags | tool, web, scanner, vulnerability, xss, sql injection, python
systems | windows, unix
SHA-256 | da770b4014ebd251157864ec374ad5b81d1ca7e37682b8813de1fb246c9ae242
proxystrike-v1.0.tar.gz
Posted Apr 1, 2008
Authored by Carlos del Ojo Elias | Site edge-security.com

ProxyStrike is an active Web Application Proxy and is a tool designed to find vulnerabilities while browsing an application. It current has SQL injection and cross site scripting modules. This is the Linux / Mac OSX version. Written in Python.

tags | tool, web, scanner, vulnerability, xss, sql injection, python
systems | linux, unix, apple
SHA-256 | 6911c85050d2dd1521c1b8f2b5f0a8a6bbc3fe11c7e60d55551550068026cde6
proxycheck.pl.txt
Posted Dec 18, 2007
Authored by Tom Van de Wiele

This is a simple proxy tool that checks for the HTTP CONNECT method and grabs verbose output from a webserver. It is primarily useful when verifying false positives from automated vulnerability assessment tools.

tags | tool, web, scanner
systems | unix
SHA-256 | 203ad5690055cb97040a956a45aea7128a31b0d77823f608d16c161a7e50eecc
proxyanket-sql.txt
Posted Sep 10, 2007
Authored by Yollubunlar | Site yollubunlar.org

Proxy Anket version 3.0.1 suffers from a SQL injection vulnerability.

tags | exploit, sql injection
SHA-256 | 9957895b7afb2c01268af97b5c9c0a9bc02e84621a5e8f6aa1af238f62527ece
proxyScan-0.2.tgz
Posted Jul 12, 2007
Authored by Ed Blanchfield | Site e-things.org

proxyScan.pl is a security penetration testing tool to scan for hosts and ports through a Web proxy server. Features include various HTTP methods such as GET, CONNECT, HEAD as well as host and port ranges.

tags | tool, web, scanner
systems | unix
SHA-256 | 225317c491c73020a70f12fc88eb850b91684e2c7440b063846fe4562d4fab69
proxyScan-0.1.txt
Posted Jul 7, 2007
Authored by Ed Blanchfield | Site e-things.org

proxyScan.pl is a security penetration testing tool to scan for hosts and ports through a Web proxy server. Features include various HTTP methods such as GET, CONNECT, HEAD as well as host and port ranges.

tags | tool, web, scanner
systems | unix
SHA-256 | 1c2fa744beb99f46844eb518721c9c32d048bf7b15541d6acbef6457faedf066
proxyfuzz.py.txt
Posted Apr 5, 2007
Authored by Rodrigo Marcos | Site theartoffuzzing.com

ProxyFuzz is a man-in-the-middle non-deterministic network fuzzer written in Python. ProxyFuzz randomly changes (fuzzes) contents on the network traffic. It supports TCP and UDP protocols and can also be configured to fuzz only one side of the communication. ProxyFuzz is protocol agnostic so it can randomly fuzz any network communication.

tags | udp, tcp, protocol, python, fuzzer
SHA-256 | 83cb422e91d20d05afbe49119a394fe82ea883046f73d3a4484f08440e667307
Page 1 of 2
Back12Next

File Archive:

December 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    2 Files
  • 2
    Dec 2nd
    12 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    14 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    11 Files
  • 8
    Dec 8th
    45 Files
  • 9
    Dec 9th
    9 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close