what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 100 RSS Feed


Posted Mar 27, 2003
Authored by JW Oh | Site monkey.org

Wd.pl is a remote IIS exploit in perl which exploits the bug in ntdll.dll described inms03-007. Tested on Windows 2000 Advanced Server SP3 - Korean language edition.

tags | exploit, remote, perl
systems | windows
SHA-256 | 5ea1f6ba50a1127397038bd3ad1cc1ed795a67a840eab0ac0c674e81cf2d7b19

Related Files

Zero Day Initiative Advisory 12-142
Posted Aug 17, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-142 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the BasicService.showDocument Java Webstart function. This function allows additional parameters to be passed to the browser. Depending on which browser the user has set as default browser this could lead to remote code execution under the context of the current user.

tags | advisory, java, remote, arbitrary, code execution
advisories | CVE-2012-1713
SHA-256 | 4b4d0a01355713d6b9b2023bec9de5d8a94b9df2193510d724d023512bc800da
Linux x86 chmod 666 /etc/passwd And /etc/shadow Shellcode
Posted Jul 25, 2012
Authored by Jean Pascal Pereira

57 bytes small Linux x86 chmod 666 /etc/passwd and /etc/shadow shellcode.

tags | x86, shellcode
systems | linux
SHA-256 | 590e152e8000ac65c31808f69843049356045877a386919811bea3db71213bd4
Rainbowdigital SQL Injection
Posted Jun 28, 2012
Authored by Taurus Omar

Rainbowdigital suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 99d02de14a1f053395b2d6291f379842ae9851cf7644f89cd9216c54bd15763f
Western Digital TV (WD-TV) Live Remote Code Execution
Posted Jun 25, 2012
Authored by Wolf Bee

The WD TV Live Streaming Media Player suffers from two implementation flaws that together allow for remote command execution as root.

tags | exploit, remote, root
SHA-256 | 30e038aaf42732de5c7c31917ec77feb71e99f5a032ca468e8d514c9181e41c1
WD ShareSpace 2.3.02 Information Disclosure
Posted Jun 19, 2012
Authored by V. Paulikas | Site sec-consult.com

WD ShareSpace versions 2.3.02 and below suffer from a remote sensitive data disclosure vulnerability.

tags | advisory, remote
SHA-256 | 2ff30788aee07286ddd4c6f580352e236991687d8162d3125603f64f55c1b35d
Joomla hwdVideoShare Shell Upload
Posted Jun 17, 2012
Authored by Sammy FORGIT

Joomla hwdVideoShare version r805 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | bc1e6119f2ed610cbf46770b53e894f80bf571ef0fd6dd76866a7970a5544ce0
PHP 5.4.3 Null Pointer Dereference
Posted May 20, 2012
Authored by condis

PHP versions 5.4.3 and below wddx_serialize_* / stream_bucket_* variant object null pointer dereference exploit.

tags | exploit, php
SHA-256 | 186f4ea7623d98c66ebb266a599e771143dbdb3ba4aac5d564ff29b77b55d1d6
Quarks PwDump 0.1b
Posted May 20, 2012
Authored by Kaczmarek Sebastien | Site code.google.com

Quarks PwDump is a native Win32 tool to extract credentials from Windows operating systems. It currently extracts local accounts NT/LM hashes and history, domain accounts NT/LM hashes and history, cached domain password, and Bitlocker recovery information.

tags | local, cracker
systems | windows
SHA-256 | 2eacce746014f5b388071f4ac9185d0040e4e0b9d6ad96eadfdb72d65f73e252
Ubuntu Security Notice USN-1396-1
Posted Mar 10, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1396-1 - It was discovered that the GNU C Library did not properly handle integer overflows in the timezone handling code. An attacker could use this to possibly execute arbitrary code by convincing an application to load a maliciously constructed tzfile. It was discovered that the GNU C Library did not properly handle passwd.adjunct.byname map entries in the Network Information Service (NIS) code in the name service caching daemon (nscd). An attacker could use this to obtain the encrypted passwords of NIS accounts. This issue only affected Ubuntu 8.04 LTS. Various other issues were also addressed.

tags | advisory, overflow, arbitrary
systems | linux, ubuntu
advisories | CVE-2009-5029, CVE-2010-0015, CVE-2011-1071, CVE-2011-1659, CVE-2011-1089, CVE-2011-1095, CVE-2011-1658, CVE-2011-2702, CVE-2011-4609, CVE-2012-0864, CVE-2009-5029, CVE-2010-0015, CVE-2011-1071, CVE-2011-1089, CVE-2011-1095, CVE-2011-1658, CVE-2011-1659, CVE-2011-2702, CVE-2011-4609, CVE-2012-0864
SHA-256 | 6e37a6e7af6dadd5caece2f389fd20999a42067305f2184d676361f4c1b51ea0
Secunia Security Advisory 47835
Posted Feb 17, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in swDesk, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory, vulnerability
SHA-256 | b9a9624b38f1f69785758ca0381fd79a1cb0a4a279a7918cf803c22e2f55f007
Secunia Security Advisory 47950
Posted Feb 17, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in swDesk, which can be exploited by malicious users to compromise a vulnerable system.

tags | advisory
SHA-256 | c2e79e95c3e58e62d7118576d34273047a4e43ad4ce48f52a8ad48f3b070115f
swDesk Shell Upload / Code Injection / XSS
Posted Feb 2, 2012
Authored by Red Security TEAM

swDesk suffers from cross site scripting, PHP code injection and shell upload vulnerabilities.

tags | exploit, shell, php, vulnerability, xss
SHA-256 | fa983a2d4a4eed5643f7d022b1403ee7611d425e992bcc6fd99fcde12cf183dd
EWD SQL Injection
Posted Jan 21, 2012
Authored by Skote Vahshat

EWD suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | ea57cef0ab209a73369190db945069363f3291088f40c67fe0dc9c409ee9b4cb
BSD/x86 execve ('/bin/sh -c "/etc/master.passwd"') setreuid(0,0) Shellcode
Posted Jan 16, 2012
Authored by KedAns-Dz

94 bytes small BSD/x86 execve ('/bin/sh -c "/etc/master.passwd"') setreuid(0,0) shellcode.

tags | x86, shellcode
systems | bsd
SHA-256 | fa8695efffe51e32d85a7add93904eb75c24cf151a45133bc12107cd8d25c95f
Polymorphic Add User Shellcode
Posted Jan 1, 2012
Authored by Pentesters.ir

Linux/x86 polymorphic shellcode that escalates uid/gid and adds user iph to /etc/passwd without a password.

tags | x86, shellcode
systems | linux
SHA-256 | c76ec179be82bd66c6ce5163485d57eea3d44050cf6f706dcc2af9eaea0200dd
Calibre E-Book Reader Local Root
Posted Nov 3, 2011
Authored by zx2c4

Calibre E-Book Reader local root exploit that uses the mount helper to mount a vfat filesystem over /etc and then tinkers with /etc/passwd to make the root password toor temporarily.

tags | exploit, local, root
SHA-256 | 803cea9af662f56f8c5d24c4e88e0d59ba6548ac865fb65d1a853fca08aef00c
zFTP Server Remote Denial Of Service
Posted Oct 25, 2011
Authored by Myo Soe

The zFTP server suffers from a remote denial of service condition when handling multiple STAT and CWD command requests.

tags | exploit, remote, denial of service
systems | linux
SHA-256 | 8407a8948f7a9148808d25756720686181651afab0fbe2eb264d023cb76c64bb
Novell GroupWise Calendar RRULE Remote Buffer Overflow
Posted Sep 28, 2011
Authored by Sebastien Renaud, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Novell GroupWise. The vulnerability is caused by a buffer overflow error in the "NgwIRecurByWeekdayParam::bywdaylist()" function within the "gwwww1.dll" component when processing a malformed "RRULE" property in a Calendar, which could be exploited by remote unauthenticated attackers to compromise a vulnerable server via a specially crafted email message. Versions 8.0.2 SP2 Hot Patch 2 and below are affected.

tags | advisory, remote, overflow
SHA-256 | e9739b7f115e53c739cde3bd056999eafde0be533a0e278ee536f5712c2718be
Check Point Security Management Symlink Vulnerabilities
Posted Aug 16, 2011
Authored by Matthew Flanagan

Check Point Security Management Products suffer from multiple symlink vulnerabilities. Due to the combination of inadequate file checks, predictable file names and writing of temporary configuration files to /tmp it is possible for a unprivileged local user to exploit the post-installation script to overwrite arbitrary files on the security management system through symlink following. The script also contains a second-order symlink vulnerability which makes it possible for an attacker to gain control of the SMS configuration file: $FWDIR/conf/sofaware/SWManagementServer.ini.

tags | advisory, arbitrary, local, vulnerability
advisories | CVE-2011-2664
SHA-256 | 9c9530656dc7486ce3d99175a4a77905ed90e3d797246e746914fe8311174a28
MS10-026 Microsoft MPEG Layer-3 Audio Stack Based Overflow
Posted Aug 13, 2011
Authored by Javier G. Sanchez, Shahin, juan vazquez, Yamata Li | Site metasploit.com

This Metasploit module exploits a buffer overflow in l3codecx.ax while processing a AVI files with MPEG Layer-3 audio contents. The overflow only allows to overwrite with 0's so the three least significant bytes of EIP saved on stack are overwritten and shellcode is mapped using the .NET DLL memory technique pioneered by Alexander Sotirov and Mark Dowd. Please note on IE 8 targets, your malicious URL must be a trusted site in order to load the .Net control.

tags | exploit, overflow, shellcode
advisories | CVE-2010-0480, OSVDB-63749
SHA-256 | bf8b665e00a66d83f342244fe6468d8bae22e7105c7353d9ceb3aa7194057854
Matrix Media WD Plymouth SQL Injection
Posted Aug 9, 2011
Authored by Kalashinkov3

Matrix Media WD Plymouth suffers from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
SHA-256 | 716efaa9caaddd826dff5a3fd5fa9a3c7f2bf4d778926e76d36db5680efd23dd
Openwall tcb Suite 1.1
Posted Jul 17, 2011
Site openwall.com

The tcb suite implements the alternative password shadowing scheme on Openwall GNU/*/Linux (Owl) which allows many core system utilities (passwd(1) being the primary example) to operate with little privilege. It is being made available separately from Owl primarily for use by other distributions. This package contains three core components of the tcb suite: pam_tcb (a PAM module which supersedes pam_unix), libnss_tcb (the accompanying NSS module), and libtcb (a library for accessing tcb shadow files, used by the PAM and NSS modules as well as by user management tools on Owl).

Changes: The default hash encoding prefix has been changed from "$2a$" to "$2y$" (which requires crypt_blowfish 1.2 or newer).
systems | linux, unix
SHA-256 | 63ab4191e6a01dfd4d9e71eb1a2b714a49c9ce0a01416a2d40ebffcbf486eb65
iPhone4 FTP Server 1.0 Remote Crash
Posted May 31, 2011
Authored by offsetIntruder

iPhone4 FTP Server 1.0 empty CWD-RETR remote crash denial of service exploit.

tags | exploit, remote, denial of service
SHA-256 | 475b9126b494053efc37cc13c7a6fa63dedf0a3b5b6cfad131b1b11adc82d7a6
PresseTool /etc/passwd Disclosure
Posted May 1, 2011
Authored by KnocKout

PresseTool suffers from a remote /etc/passwd file disclosure vulnerability.

tags | exploit, remote, info disclosure
SHA-256 | 542a9ff9cd2f460897a859eb02232dafb6fb4f267d8bcecdf0eedaa8edc3e22a
HP OpenView Network Node Manager ovwebsnmpsrv.exe ovutil Buffer Overflow
Posted Mar 24, 2011
Authored by jduck | Site metasploit.com

This Metasploit module exploits a stack buffer overflow in HP OpenView Network Node Manager 7.53 prior to NNM_01203. By specifying a long 'arg' parameter when executing the 'jovgraph.exe' CGI program, an attacker can cause a stack-based buffer overflow and execute arbitrary code. This vulnerability is triggerable via either a GET or POST request. It is interesting to note that this vulnerability cannot be exploited by overwriting SEH, since attempting to would trigger CVE-2010-1964. The vulnerable code is within a sub-function called from "main" within "ovwebsnmpsrv.exe" with a timestamp prior to April 7th, 2010. This function contains a 256 byte stack buffer which is passed to the "getProxiedStorageAddress" function within ovutil.dll. When processing the address results in an error, the buffer is overflowed in a call to sprintf_new. There are no stack cookies present, so exploitation is easily achieved by overwriting the saved return address. There exists some unreliability when running this exploit. It is not completely clear why at this time, but may be related to OVWDB or session management. Also, on some attempts OV NNM may report invalid characters in the URL. It is not clear what is causing this either.

tags | exploit, overflow, arbitrary, cgi
advisories | CVE-2010-1961, OSVDB-65428
SHA-256 | 5582013e7dde303149edfe7da48c08313b51ded046619d9bfba33ef02981baa8
Page 1 of 4

File Archive:

November 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    1 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    0 Files
  • 5
    Nov 5th
    0 Files
  • 6
    Nov 6th
    0 Files
  • 7
    Nov 7th
    0 Files
  • 8
    Nov 8th
    0 Files
  • 9
    Nov 9th
    0 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    0 Files
  • 12
    Nov 12th
    0 Files
  • 13
    Nov 13th
    219 Files
  • 14
    Nov 14th
    19 Files
  • 15
    Nov 15th
    66 Files
  • 16
    Nov 16th
    38 Files
  • 17
    Nov 17th
    9 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    11 Files
  • 22
    Nov 22nd
    56 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    36 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    14 Files
  • 28
    Nov 28th
    30 Files
  • 29
    Nov 29th
    35 Files
  • 30
    Nov 30th
    25 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2022 Packet Storm. All rights reserved.

Security Services
Hosting By