exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 30 RSS Feed

Files

RFP.txt
Posted Mar 6, 2001
Authored by rain forest puppy, NightAxis

Packet Storm Contest Entry - Purgatory 101: Learning to cope with the SYNs of the Internet. (Text Format)

tags | paper
SHA-256 | 43284d288da9f2331d1bd5c0d9a900b6ffaf2f5af2659be61d5f41dde2c20fc5

Related Files

SourceForge Local File Inclusion
Posted Jan 5, 2012
Authored by 3spi0n

Lgames.sourceforge.net suffers from a local file inclusion vulnerability. Packet Storm contacted SourceForge about this issue and they told us that they are aware of the issue but that the files exposed do not pose a security threat. An additional request asking for clarification on whether or not they are going to fix this fell on deaf ears. Packet Storm suggests using an alternative such as Google Code to host your project.

tags | exploit, local, file inclusion
SHA-256 | f89e74ed8e62040c8eea0f61df5f2b4d5a8882bbe6124d928c23adc425bf3a7e
rfp2201.site-server.txt
Posted Jan 31, 2002
Authored by rain forest puppy | Site wiretrip.net

RFP2201 - MS Site Server Evilness. Security considerations to keep in mind when using Site Server 3.0. Includes info on a LDAP_Anonymous account w/ default password, information leakage and more via administrative pages, information leakage via _mem_bin pages, Cross-site scripting in various files, anonymous LDAP access, user publishing of files, Content publishing (cphost.dll) issues, and more.

tags | xss
SHA-256 | b2d879527af4c0745a0200f6764a9f8cc7188c198d4129e7315d2cc73fe7ec08
Tim_Yardley.txt
Posted Mar 6, 2001
Authored by Tim Yardley

Packet Storm Contest Entry - Distributed Attacks and the Way To Deal With Them. (Text Format)

tags | paper
SHA-256 | 10f94ff136a258319f2596a4abbb50bd63aafa790390f4c9ca45547be86c774d
Simple_Nomad.txt
Posted Mar 6, 2001
Authored by Simple Nomad

Packet Storm Contest Entry - Strategies for Defeating Distributed Attacks. (Text Format)

tags | paper
SHA-256 | 7427476b12ea10eea15d1f28e11df64258077c0934a93532d27af5558cb06ff1
Richard_Kay.txt
Posted Mar 6, 2001
Authored by Richard Kay

Packet Storm Contest Entry - What pure or applied technical measures can be taken to protect the Internet against future forms of attack? (Text Format)

tags | paper
SHA-256 | cad93a87d641bb7572f4f98b4b119acd52892e3424d315d828101dbd55ca07cc
Mixter.txt
Posted Mar 6, 2001
Authored by Mixter, 000 Prize Winner!

Winning Packet Storm Contest Entry - Protecting Against the Unknown - A guide to improving network security to protect the Internet against future forms of security hazards. (Text Format)

tags | paper
SHA-256 | 15f4e5704be7d69962a1a4a2d64b19373699e3374703fdf9c33bd2868743dfde
Jon_Squire.txt
Posted Mar 6, 2001
Authored by Jon Squire

Packet Storm Contest Entry - GNIDS - Early Detection of Unknown Threats. (Text Format)

tags | paper
SHA-256 | c9ff2af6c6f75f172a7c93d0b12d052d47a42146f239fb064a9e2256292fab1e
RFP2101.txt
Posted Feb 14, 2001
Authored by rain forest puppy | Site wiretrip.net

RFP2101 - SQL hacking user logins in PHP-Nuke web portal. PHP-Nuke v4.3 contains authentication weaknesses in the SQL code which allows you to impersonate other users and retrieve their password hashes.

tags | exploit, web, php
SHA-256 | cc5049f1f163f63deea98dbb2a421e75f15ed91bb1c34e3487646b61d0d36b8d
rfpatch.exe
Posted Dec 8, 2000
Authored by Fides

RFPatch.exe is an unofficial fix for the windows exploit RFParalyze, which Rain Forest Puppy wrote some time ago. Keeps backups and a log of changes.

systems | windows
SHA-256 | 6f080b2ad1f23f32e46a0517b240d8905bf54ac6646465cda7f3aecf9269d250
rfpolicy-2.0.txt
Posted Oct 17, 2000
Authored by rain forest puppy | Site wiretrip.net

RFPolicy 2.0 - rain forest puppy's policy on notifying vendors and releasing security vulnerabilities.

Changes: Less stringent on timeframes, more stringent on communication. Thanks to everyone who contributed. I also added some supporting notes (FAQ, etc) to help dispell some misconceptions on it.
tags | paper, vulnerability
SHA-256 | 292c943bdd96a7ec03da8dac3e27832c587f3bcc55001ecabfda4ad18b74786b
RFPickaxe2.pl
Posted May 31, 2000
Authored by Hypoclear

RFPickaxe2.pl is a windows port of RFP's RFPickaxe.pl demo exploit for the BlackICE IDS uses a management console.

tags | exploit
systems | windows
SHA-256 | 7115ec33efe3130c21b7bf3b9c61e2b5d24620f2951e8ae5fe98bbc2b6ea2f29
RFP2K05.txt
Posted May 19, 2000
Authored by rain forest puppy | Site wiretrip.net

NetProwler 3.0, a network based intrusion detection system, has a remote denial of service vulnerability. The software crashes when two fragmented IP packets are sent to an IP address that it is profiling. Netprowler must be profiling ftp in order for the exploit to work. Please note that Netprowler logs all incoming alerts to a Microsoft .mdb file. Please read RFP2K04.txt for more information.

tags | exploit, remote, denial of service
SHA-256 | 01dfbeff982172b700a96a3ad3afd0f8babfbb62d8508a80fe57958e3f4d2e87
RFP2K04.txt
Posted May 17, 2000
Authored by rain forest puppy | Site wiretrip.net

RFP2K04 - Mining BlackICE with RFPickAxe. BlackICE IDS uses a management console called ICECap to collect and monitor alerts sent by the various installed BlackICE agents. The ICECap user console sits on port 8081 and has the default login of 'iceman' with no password. The second problem is that the software uses, by default, the Microsoft Jet 3.5 engine to store alerts. If you couple that with the shell VBA problem, that means you can push alerts that contain commands to be executed on the ICECap system. Includes RFPickaxe.pl demo exploit.

tags | exploit, shell
advisories | CVE-2000-0325
SHA-256 | eb477a77f630953d91b35937b63fd59b9bc492d8898abfeed95794044c8189f8
RFParalyze.txt
Posted May 3, 2000
Authored by rain forest puppy, Evan Brewer

Through a netbios session request packet with a NULL source name, Windows 9[5,8] show a number of odd responses. Everything from lockups, reboots and "the blue screen of death", to total loss of network connectivity. Source code included. Reverse engineered from a binary exploit already in use.

tags | exploit
systems | windows
SHA-256 | f3538a492ff6e70e86c22b289cde727edd32fe6a78aeb81e4c21dbecb58b573c
RFP2K03.txt
Posted Apr 20, 2000
Authored by rain forest puppy | Site wiretrip.net

RFP2K03 - Contemplations on dvwssr.dll and how it affects life. Lots of information here. Also includes a fixed versoin of the perl exploit.

tags | exploit, perl
SHA-256 | 35d74c40a89b7e8cc70b2ff471f069a45fac739fddcdc7582bf99957b60ddc84
RFP2K02.txt
Posted Apr 14, 2000
Authored by rain forest puppy | Site wiretrip.net

RFP2K02 - "Netscape engineers are weenies!" AKA a back door in Microsoft FrontPage extensions/authoring components. Anyone with web authoring permission can use a backdoor in dvwssr.dll to read .asp (and .asa) files under the web root. As Microsoft has told me, the immediate problem is moreso the fact that any developer of one particular virtual site can download the .asp code of other virtual sites on the same system. Includes dvwssr.pl, a perl based exploit.

tags | exploit, web, root, perl, asp
SHA-256 | 0936015396bd313d2672ec14ba8f974c4fc1c50db12450334d9108faf511c37f
rfp2k01.txt
Posted Feb 3, 2000
Authored by rain forest puppy | Site wiretrip.net

"How I hacked PacketStorm Forums" - A look at hacking wwwthreads via SQL. This is more of a technical paper than an advisory, but it does explain how I used a vulnerability in the wwwthreads package to gain administrative access and some 800 passwords to PacketStorm's discussion forum.

tags | exploit
SHA-256 | 29b3228561304410fb2ef71030ea7e75376cc046c8543397a51327868ce6872e
RFPoison.exe
Posted Jan 24, 2000
Authored by rain forest puppy | Site wiretrip.net

Exploit for the new NT remote DOS and possible compromise. NT 4.0 server and workstation are vulnerable, even with SP level 1, 3, 5, or 6.

Changes: AVP no loger thinks this is a trojan, and it no longer reboots the machine it is running on.
tags | exploit, remote
SHA-256 | 2b98566441d44ba149fafd2b74a9bf4293af462f1fe5b8657c87530b1278ec22
RFPoison.c
Posted Jan 22, 2000
Authored by rain forest puppy | Site wiretrip.net

Source for the RFPoison, a NT remote DOS. NT 4.0 server and workstation are vulnerable, even with SP level 1, 3, 5, or 6.

Changes: AVP no loger thinks this is a trojan, and it no longer reboots the machine it is running on.
tags | remote
SHA-256 | 97b128e117f9dab3ea840c5462d01811717f598125ea7c7d49bde330c80268b9
Jon_Squire.doc
Posted Jan 21, 2000
Authored by Jon Squire

Packet Storm Contest Entry - GNIDS - Early Detection of Unknown Threats.

tags | paper
SHA-256 | 27506f2302d5ac51fe2ff3d94a76ad42b306262c323ecb385ae8749bb1bd76ae
Mixter.doc
Posted Jan 21, 2000
Authored by Mixter, 000 Prize Winner!

Winning Packet Storm Contest Entry - Protecting Against the Unknown - A guide to improving network security to protect the Internet against future forms of security hazards.

tags | paper
SHA-256 | 0e6222b8be5665deed5eefcf97e95600e15395e70fc048b75e1a1963cb6c8da9
RFP.doc
Posted Jan 21, 2000
Authored by rain forest puppy, NightAxis

Packet Storm Contest Entry - Purgatory 101: Learning to cope with the SYNs of the Internet.

tags | paper
SHA-256 | acbfe437758ef4ccfb79fde7993aac9a5d2d865fa6ba4948cd195b2923ef09cf
Richard_Kay.doc
Posted Jan 21, 2000
Authored by Richard Kay

Packet Storm Contest Entry - What pure or applied technical measures can be taken to protect the Internet against future forms of attack?

tags | paper
SHA-256 | b0be1a071bb2e0cd451041db46a6141f23ffb470c2a62f0f376fd69b529fbbf4
Simple_Nomad.doc
Posted Jan 21, 2000
Authored by Simple Nomad

Packet Storm Contest Entry - Strategies for Defeating Distributed Attacks.

tags | paper
SHA-256 | adbb93cf6584385ff3b5f74b554128ad787340889c56f79cd9fcd7d9e7965277
Tim_Yardley.doc
Posted Jan 21, 2000
Authored by Tim Yardley

Packet Storm Contest Entry - Distributed Attacks and the Way To Deal With Them.

tags | paper
SHA-256 | 1a42adf4a368ec5cf3cb42e9d92d3461129fdbe6b553d0b6eeedf486e1da348e
Page 1 of 2
Back12Next

File Archive:

May 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    44 Files
  • 2
    May 2nd
    5 Files
  • 3
    May 3rd
    11 Files
  • 4
    May 4th
    0 Files
  • 5
    May 5th
    0 Files
  • 6
    May 6th
    28 Files
  • 7
    May 7th
    3 Files
  • 8
    May 8th
    4 Files
  • 9
    May 9th
    54 Files
  • 10
    May 10th
    12 Files
  • 11
    May 11th
    0 Files
  • 12
    May 12th
    0 Files
  • 13
    May 13th
    17 Files
  • 14
    May 14th
    11 Files
  • 15
    May 15th
    17 Files
  • 16
    May 16th
    13 Files
  • 17
    May 17th
    22 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    17 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close