exploit the possibilities
Showing 1 - 7 of 7 RSS Feed

Files

epta.tgz
Posted Dec 3, 2002
Authored by teso, Sebastian Krahmer | Site team-teso.net

Execution Path Timing Analysis of Unix Daemons - White paper on how to determine if a username is valid remotely by timing remote responses of login programs. OpenSSH diff against v2.99p2 which determines if a username exists even on the newest versions of OpenSSH included.

tags | remote
systems | unix
MD5 | 3652eb952d213483c1e22f10b941883d

Related Files

Fuzzgrind Automatic Fuzzing Tool
Posted Jul 8, 2009
Authored by Gabriel Campana | Site security-labs.org

Fuzzgrind is a fully automatic fuzzing tool, generating test files with the purpose of discovering new execution paths likely to trigger bugs and potentially vulnerabilities. It is based on the concept of symbolic execution. Thus, the tool starts from a file considered valid by the software under test, and analyses the execution path to extract any constraints tied to branch instructions followed by this software. By resolving constraints one by one, Fuzzgrind will alter the valid file to explore possible new branches of the software under test, in order to discover new vulnerabilities.

tags | vulnerability, fuzzer
MD5 | d7562677b43cb10b288830b22bf9c423
LiveUpdate-mac.txt
Posted Apr 29, 2006
Site symantec.com

Some components of Symantecs LiveUpdate for Macintosh do not set their execution path environment. A non-privileged user can change their execution path environment. If the user then executes one of these components, it will inherit the changed environment and use it to locate system commands. These components are configured to run with System Administrative privileges (SUID) and are vulnerable to a potential Trojan horse attack.

tags | advisory, trojan
MD5 | 1bffdabb2b2b733a2aa7f350cdcbd684
FreeBSD-SA-06-14.fpu.txt
Posted Apr 26, 2006
Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-06:14.fpu - FPU information disclosure: On affected processors, a local attacker can monitor the execution path of a process which uses floating-point operations. This may allow an attacker to steal cryptographic keys or other sensitive information.

tags | local, info disclosure
systems | freebsd
MD5 | d416397c0cde6ec1455f60ec239ed5c6
proftpd12x.txt
Posted Oct 26, 2004
Site security.lss.hr

ProFTPD 1.2.x suffers from a vulnerability that allow for remote user enumeration. It is possible to determine which user names are valid, which are special, and which ones do not exist on the remote system. This can be accomplished by code execution path timing analysis attack at the ProFTPD login procedure.

tags | advisory, remote, code execution
MD5 | 1aeaa1eb452e6441593f2ccfbff5242d
bypassEPA.pdf
Posted Feb 16, 2004
Authored by Edgar Barbosa

Article discussing how to bypass the Execution Path Analysis used by the PatchFinder utility, avoiding Windows 2k/XP rootkit detection.

tags | paper
systems | windows, 2k
MD5 | 1b7c12d5a2c92ff9de2469db1560d07a
phrack59.tar.gz
Posted Jul 24, 2002
Authored by phrack | Site phrack.org

Phrack Magazine Issue 59 Release Candidate 1 - In this issue: Handling the Interrupt Descriptor Table, Advances in kernel hacking II, Defeating Forensic Analysis on Unix, Advances in format string exploitation, Runtime process infection, Bypassing PaX ASLR protection, Execution path analysis: finding kernel rootkits, Cuts like a knife, SSHarp, Building ptrace injecting shellcodes, Linux/390 shellcode development, Writing linux kernel keyloggers, Cryptographic random number generators, Playing with windows /dev/(k)mem, Phrack World News, Loopback, and Linenoise.

tags | kernel, shellcode, magazine
systems | linux, windows, unix
MD5 | fa1d072634c3b9d837e4acb74b7041ab
exectrace-v0.1.tar.gz
Posted Apr 2, 2000

ExecTrace is a linux only debugging tool that logs to a file the execution path of a child process using ptrace. This is good when you have a program that continually segfaults and you want to know where and why.

systems | linux
MD5 | f6a5338e4cad46857cdb3725686c98cf
Page 1 of 1
Back1Next

File Archive:

December 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    1 Files
  • 2
    Dec 2nd
    16 Files
  • 3
    Dec 3rd
    17 Files
  • 4
    Dec 4th
    23 Files
  • 5
    Dec 5th
    11 Files
  • 6
    Dec 6th
    10 Files
  • 7
    Dec 7th
    1 Files
  • 8
    Dec 8th
    1 Files
  • 9
    Dec 9th
    15 Files
  • 10
    Dec 10th
    30 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close