what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 29 RSS Feed

Files

RFP2101.txt
Posted Feb 14, 2001
Authored by rain forest puppy | Site wiretrip.net

RFP2101 - SQL hacking user logins in PHP-Nuke web portal. PHP-Nuke v4.3 contains authentication weaknesses in the SQL code which allows you to impersonate other users and retrieve their password hashes.

tags | exploit, web, php
SHA-256 | cc5049f1f163f63deea98dbb2a421e75f15ed91bb1c34e3487646b61d0d36b8d

Related Files

paralyze32.exe
Posted Jul 31, 2002

Windows port of RFParalize.c, which crashes Windows 95/98 remotely with a corrupt popup message. Ported by Cys

tags | denial of service
systems | windows
SHA-256 | 33ee27e58de8411db3d31bbdaf2063b3946217a0356bdfb82bce67321b3c9214
rfp2201.site-server.txt
Posted Jan 31, 2002
Authored by rain forest puppy | Site wiretrip.net

RFP2201 - MS Site Server Evilness. Security considerations to keep in mind when using Site Server 3.0. Includes info on a LDAP_Anonymous account w/ default password, information leakage and more via administrative pages, information leakage via _mem_bin pages, Cross-site scripting in various files, anonymous LDAP access, user publishing of files, Content publishing (cphost.dll) issues, and more.

tags | xss
SHA-256 | b2d879527af4c0745a0200f6764a9f8cc7188c198d4129e7315d2cc73fe7ec08
RFP.txt
Posted Mar 6, 2001
Authored by rain forest puppy, NightAxis

Packet Storm Contest Entry - Purgatory 101: Learning to cope with the SYNs of the Internet. (Text Format)

tags | paper
SHA-256 | 43284d288da9f2331d1bd5c0d9a900b6ffaf2f5af2659be61d5f41dde2c20fc5
SA2K01.txt
Posted Mar 2, 2001
Authored by Max | Site SecurityApex.com

A quick fix against RFP2101 - PHP-Nuke v4.4 and below allows users to steal accounts via sql hacking.

tags | exploit, php
SHA-256 | 639d6d1811b57d832ff7d2af027ae6435b390d7af484799883c2ef25deafedf7
pudding01.tar.gz
Posted Jan 13, 2001
Authored by Roelof Temmingh | Site sensepost.com

Pudding is a proxy which recodes HTTP requests using most of RFP's IDS evasion encoding methods, plus random UTF-8 encoding support. Allows any web aware program/exploit/cgi-scanner to evade IDS without modification of the original code. Encoding methods include all uppercase, hex encoding, /./ directory insertion, fake parameters, premature URL endings, windows delimiters, and random UTF8 encoding.

tags | web, cgi
systems | windows, unix
SHA-256 | c8a75f47892cf9971dfce9a19962ee940b44b6217ab7982e7299601b07617e91
rfpatch.exe
Posted Dec 8, 2000
Authored by Fides

RFPatch.exe is an unofficial fix for the windows exploit RFParalyze, which Rain Forest Puppy wrote some time ago. Keeps backups and a log of changes.

systems | windows
SHA-256 | 6f080b2ad1f23f32e46a0517b240d8905bf54ac6646465cda7f3aecf9269d250
malice5.2.pl
Posted Oct 30, 2000
Authored by Natas | Site rsh.defacements.com

Malice v.5.2 scans for over 238 cgi vulnerabilities and uses anti-IDS tactics as discussed in RFP's famous whitepaper. Written in perl. Checks for known bugs and interesting directories.

tags | cgi, perl, vulnerability
systems | unix
SHA-256 | 8ccabde6d935c50454cdfa8e08465b2c79b64c11e8c2c0ab9f579093a0a8ca3b
riven-1.0.1.tar.gz
Posted Oct 27, 2000
Authored by Zorgon

Riven is a CGI scanner which uses RFP anti-IDS tactics, flase browser / referer, and a perl/GTK interface.

tags | cgi, perl
systems | unix
SHA-256 | 019a8748eaa49d241b60bb6fe6e9a2db8eba78d1cebf024f19f604827be4eb21
rfpolicy-2.0.txt
Posted Oct 17, 2000
Authored by rain forest puppy | Site wiretrip.net

RFPolicy 2.0 - rain forest puppy's policy on notifying vendors and releasing security vulnerabilities.

Changes: Less stringent on timeframes, more stringent on communication. Thanks to everyone who contributed. I also added some supporting notes (FAQ, etc) to help dispell some misconceptions on it.
tags | paper, vulnerability
SHA-256 | 292c943bdd96a7ec03da8dac3e27832c587f3bcc55001ecabfda4ad18b74786b
malice2.tgz
Posted Jul 13, 2000
Authored by Natas | Site kickme.to

Malice v2 scans for over 150 cgi vulnerabilities and uses anti-IDS tactics as discussed in RFP's famous whitepaper. Written in perl.

tags | cgi, perl, vulnerability
systems | unix
SHA-256 | f589f53839581a3b411cc4cf7e9490c78005c1d2451c46e022f3fd6328b68388
b0g-5.txt
Posted Jun 1, 2000
Authored by b0g | Site b0g.org

B0g Issue 5 - In this issue: Interview with rfp, how to beat credit card verifications and all about credit card algorythms, The truth about ICQ, Programming your Nokia cellphone, Coding GTK+ and GNOME, and much more.

tags | magazine
SHA-256 | 0ac488742cceb9a224cc8f6cf5ade5557185405aaa74c9379cf2688d37ea82b8
RFPickaxe2.pl
Posted May 31, 2000
Authored by Hypoclear

RFPickaxe2.pl is a windows port of RFP's RFPickaxe.pl demo exploit for the BlackICE IDS uses a management console.

tags | exploit
systems | windows
SHA-256 | 7115ec33efe3130c21b7bf3b9c61e2b5d24620f2951e8ae5fe98bbc2b6ea2f29
RFP2K05.txt
Posted May 19, 2000
Authored by rain forest puppy | Site wiretrip.net

NetProwler 3.0, a network based intrusion detection system, has a remote denial of service vulnerability. The software crashes when two fragmented IP packets are sent to an IP address that it is profiling. Netprowler must be profiling ftp in order for the exploit to work. Please note that Netprowler logs all incoming alerts to a Microsoft .mdb file. Please read RFP2K04.txt for more information.

tags | exploit, remote, denial of service
SHA-256 | 01dfbeff982172b700a96a3ad3afd0f8babfbb62d8508a80fe57958e3f4d2e87
RFP2K04.txt
Posted May 17, 2000
Authored by rain forest puppy | Site wiretrip.net

RFP2K04 - Mining BlackICE with RFPickAxe. BlackICE IDS uses a management console called ICECap to collect and monitor alerts sent by the various installed BlackICE agents. The ICECap user console sits on port 8081 and has the default login of 'iceman' with no password. The second problem is that the software uses, by default, the Microsoft Jet 3.5 engine to store alerts. If you couple that with the shell VBA problem, that means you can push alerts that contain commands to be executed on the ICECap system. Includes RFPickaxe.pl demo exploit.

tags | exploit, shell
advisories | CVE-2000-0325
SHA-256 | eb477a77f630953d91b35937b63fd59b9bc492d8898abfeed95794044c8189f8
RFParalyze.txt
Posted May 3, 2000
Authored by rain forest puppy, Evan Brewer

Through a netbios session request packet with a NULL source name, Windows 9[5,8] show a number of odd responses. Everything from lockups, reboots and "the blue screen of death", to total loss of network connectivity. Source code included. Reverse engineered from a binary exploit already in use.

tags | exploit
systems | windows
SHA-256 | f3538a492ff6e70e86c22b289cde727edd32fe6a78aeb81e4c21dbecb58b573c
RFP2K03.txt
Posted Apr 20, 2000
Authored by rain forest puppy | Site wiretrip.net

RFP2K03 - Contemplations on dvwssr.dll and how it affects life. Lots of information here. Also includes a fixed versoin of the perl exploit.

tags | exploit, perl
SHA-256 | 35d74c40a89b7e8cc70b2ff471f069a45fac739fddcdc7582bf99957b60ddc84
RFP2K02.txt
Posted Apr 14, 2000
Authored by rain forest puppy | Site wiretrip.net

RFP2K02 - "Netscape engineers are weenies!" AKA a back door in Microsoft FrontPage extensions/authoring components. Anyone with web authoring permission can use a backdoor in dvwssr.dll to read .asp (and .asa) files under the web root. As Microsoft has told me, the immediate problem is moreso the fact that any developer of one particular virtual site can download the .asp code of other virtual sites on the same system. Includes dvwssr.pl, a perl based exploit.

tags | exploit, web, root, perl, asp
SHA-256 | 0936015396bd313d2672ec14ba8f974c4fc1c50db12450334d9108faf511c37f
rfp2k01.txt
Posted Feb 3, 2000
Authored by rain forest puppy | Site wiretrip.net

"How I hacked PacketStorm Forums" - A look at hacking wwwthreads via SQL. This is more of a technical paper than an advisory, but it does explain how I used a vulnerability in the wwwthreads package to gain administrative access and some 800 passwords to PacketStorm's discussion forum.

tags | exploit
SHA-256 | 29b3228561304410fb2ef71030ea7e75376cc046c8543397a51327868ce6872e
RFPoison.exe
Posted Jan 24, 2000
Authored by rain forest puppy | Site wiretrip.net

Exploit for the new NT remote DOS and possible compromise. NT 4.0 server and workstation are vulnerable, even with SP level 1, 3, 5, or 6.

Changes: AVP no loger thinks this is a trojan, and it no longer reboots the machine it is running on.
tags | exploit, remote
SHA-256 | 2b98566441d44ba149fafd2b74a9bf4293af462f1fe5b8657c87530b1278ec22
RFPoison.c
Posted Jan 22, 2000
Authored by rain forest puppy | Site wiretrip.net

Source for the RFPoison, a NT remote DOS. NT 4.0 server and workstation are vulnerable, even with SP level 1, 3, 5, or 6.

Changes: AVP no loger thinks this is a trojan, and it no longer reboots the machine it is running on.
tags | remote
SHA-256 | 97b128e117f9dab3ea840c5462d01811717f598125ea7c7d49bde330c80268b9
RFP.doc
Posted Jan 21, 2000
Authored by rain forest puppy, NightAxis

Packet Storm Contest Entry - Purgatory 101: Learning to cope with the SYNs of the Internet.

tags | paper
SHA-256 | acbfe437758ef4ccfb79fde7993aac9a5d2d865fa6ba4948cd195b2923ef09cf
RFP9906-2.txt
Posted Nov 5, 1999
Authored by rain forest puppy

Antidote for RFPoison (Followup to RFP9906) Recently I released RFP9906: NT denial of service in services.exe (RFPoison). I included a limited sample exploit that would demonstrate the problem. Since then, I've worked with a few individuals and confirmed some configurations what will protect your system.

tags | paper, denial of service
SHA-256 | 7d04c58afabcfae0c9ad8108d86888643b7d5e722aed854e013a8a8b7ccdde5e
rfpoison.py
Posted Nov 4, 1999
Authored by rain forest puppy

Services.exe DoS ported to python. This only seems to work on NT. Also, it may have to be run multiple times before SERVICES.EXE will die. Ported by nas.

tags | denial of service, python
SHA-256 | 3b9d830eb936de7fad335758f8b37d44a5c53ec539339d1bcac9874a2ef814f6
RFP9907.txt
Posted Nov 3, 1999
Authored by rain forest puppy | Site wiretrip.net

Advisory RFP9907 - You, your servers, RDS, and thousands of script kiddies. .gov, .mil, and even microsoft.com haven fallen lately to the hands of website defacers. Turns out, it's all been because of RDS. This paper is the straight story on fixing the RDS hole.

tags | paper
SHA-256 | a1562ec8e6c3de504d8609d33290529e67aa77bd45c35abf8a3f834df5775bd8
RFP9906.txt
Posted Nov 1, 1999
Authored by rain forest puppy | Site wiretrip.net

Windows NT remote denial of service and compromise (RFPoison). When sent a specific packet, it's possible to get srvsvc.dll to choke, and cause services.exe to reference a bad memory location. The impact is pretty severe. Services.exe handles named pipes for the system. Once this crashes, everything named-pipe-based goes with it. Combined with the AEDebug vulnerability, remote compromise is possible.

tags | exploit, remote, denial of service
systems | windows
SHA-256 | 30fdab853650e808fbeaf377b9dc6694e8c922c4a560d2c7c3d2c1b33d0ec56a
Page 1 of 2
Back12Next

File Archive:

February 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    16 Files
  • 2
    Feb 2nd
    19 Files
  • 3
    Feb 3rd
    0 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    24 Files
  • 6
    Feb 6th
    2 Files
  • 7
    Feb 7th
    10 Files
  • 8
    Feb 8th
    25 Files
  • 9
    Feb 9th
    37 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    17 Files
  • 13
    Feb 13th
    20 Files
  • 14
    Feb 14th
    25 Files
  • 15
    Feb 15th
    15 Files
  • 16
    Feb 16th
    6 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    35 Files
  • 20
    Feb 20th
    25 Files
  • 21
    Feb 21st
    18 Files
  • 22
    Feb 22nd
    15 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    10 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    37 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files
  • 29
    Feb 29th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close