what you don't know can hurt you
Showing 1 - 25 of 25 RSS Feed

Files

prdelka-vs-SGI-xrunpriv
Posted Oct 27, 2006
Authored by prdelka | Site prdelka.blackart.org.uk

SGI IRIX 6.5 /usr/sysadm/bin/runpriv local root exploit.

tags | exploit, local, root
systems | irix
MD5 | 4b1c2d6a99b7463829ce9ccb4d234784

Related Files

Apple 10.6.3 chpass BSD Insecure Temp File Creating In /etc
Posted May 19, 2010
Authored by prdelka | Site prdelka.blackart.org.uk

Apple Mac OS X versions 10.6.3 and below suffer from a chpass BSD insecure temp file creation in /etc vulnerability. A user can create a file with rw perms in /etc as owner and populate it with arbitrary data. This could be utilized to fill the disk or write configuration file information that could be combined with another flaw to elevate local privileges.

tags | exploit, arbitrary, local
systems | bsd, apple, osx
MD5 | 65bf96fd0c7c09a26da670a07518646e
Mac OS X 10.5.6/10.5.7 ptrace() Mutex Handling Denial Of Service
Posted Nov 5, 2009
Authored by prdelka | Site prdelka.blackart.org.uk

Mac OS X versions 10.5.6 and 10.5.7 ptrace() mutex handling denial of service exploit. This code should be run in a loop and due to problems with mutex handling in ptrace a denial of service can occur when a destroyed mutex is attempted to be interlocked by the OSX kernel giving rise to a race condition. You may need to run this code multiple times.

tags | exploit, denial of service, kernel
systems | apple, osx
MD5 | 26dcc6d967acfaa58df417503ccb75ed
Sun VirtualBox 3.0.6 Local Root
Posted Oct 17, 2009
Authored by prdelka | Site prdelka.blackart.org.uk

Sun VirtualBox versions 3.0.6 and below local root exploit that takes advantage of a popen() meta char shell injection vulnerability.

tags | exploit, shell, local, root
advisories | CVE-2009-3692
MD5 | c406efbe8e998f36edbb0aa6652790fe
Secunia Security Advisory 28590
Posted Jan 22, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - prdelka has discovered a vulnerability in Citadel, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
MD5 | b2269c2209b4fca5f42130866842f6da
prdelka-vs-GNU-citadel.tar.gz
Posted Jan 22, 2008
Authored by prdelka | Site prdelka.blackart.org.uk

Citadel SMTP versions 7.10 and below remote overflow exploit.

tags | exploit, remote, overflow
MD5 | fa27394dcf10b6b59b508ceb07097bd3
prdelka-vs-MS-rshd.tar.gz
Posted Jan 22, 2008
Authored by prdelka | Site prdelka.blackart.org.uk

Windows RSH daemon versions 1.8 and below remote buffer overflow exploit.

tags | exploit, remote, overflow
systems | windows
MD5 | 2df046b9b1e8f48d5cd5f4aec6ec05a8
prdelka-vs-GNU-mbsebbs.c
Posted Jan 20, 2007
Authored by prdelka | Site prdelka.blackart.org.uk

GNU/Linux mbse-bbs versions 0.70.0 and below local root exploit that makes use of a stack overflow.

tags | exploit, overflow, local, root
systems | linux
MD5 | ceb4aa8738a2e9e9172391ee528ad4f4
prdelka-vs-SUN-telnetd.c
Posted Oct 27, 2006
Authored by prdelka | Site prdelka.blackart.org.uk

Solaris in.telnetd 8.0 and prior remote exploit. A boundary condition error exists in telnet daemons derived from the BSD telnet daemon. Under certain circumstances, the buffer overflow can occur when a combination of telnet protocol options are received by the daemon. The function responsible for processing the options prepares a response within a fixed sized buffer, without performing any bounds checking. This exploit has been tested against Solaris 7 & Solaris 8 (sparc).

tags | exploit, remote, overflow, protocol
systems | solaris, bsd
MD5 | 113abf242f87ad50cf0bf00692925a89
prdelka-vs-SCO-termshx.c
Posted Oct 27, 2006
Authored by prdelka | Site prdelka.blackart.org.uk

SCO Openserver 5.0.7 termsh exploit. 'termsh' is a program to view or modify an existing terminal entry on SCO Openserver. A stack based overflow exists in the handling of command line arguments, namely the [-o oadir] argument. It is installed setgid auth in a default SCO Openserver 5.0.7 install. An attacker may use this flaw to gain write access to /etc/passwd or /etc/shadow allowing for local root compromise.

tags | exploit, overflow, local, root
MD5 | 54d689a2345b1a2e628537500f0f9df8
prdelka-vs-SCO-ptrace.c
Posted Oct 27, 2006
Authored by prdelka | Site prdelka.blackart.org.uk

SCO Unixware 7.1.3 ptrace local root exploit. SCO Unixware 7.1.3 kernel allows unprivileged users to debug binaries. The condition can be exploited by an attacker when he has execute permissions to a file which has the suid bit set.

tags | exploit, kernel, local, root
systems | unixware
MD5 | edb031037242ffd4e2ec330bdb0667ef
prdelka-vs-SCO-netwarex.c
Posted Oct 27, 2006
Authored by prdelka | Site prdelka.blackart.org.uk

SCO Openserver 5.0.7 Netware Printing utilities exploit. Multiple buffer overflows exist in the handling of command line arguments in SCO Openserver Netware printing utils. EIP is overwritten after 997 bytes are supplied on the command line. The following binaries are installed setgid 'lp' as default and are vulnerable to this attack.

tags | exploit, overflow
MD5 | a00a79408765a3639253b63aded49b6c
prdelka-vs-SCO-enable
Posted Oct 27, 2006
Authored by prdelka | Site prdelka.blackart.org.uk

SCO Openserver 5.0.7 enable exploit. A standard stack-overflow exists in the handling of command line arguments in the 'enable' binary. A user must be configured with the correct permissions to use the "enable" binary. SCO user documentation suggests "You can use the asroot(ADM) command. In order to grant a user the right to enable and disable tty devices". This exploit assumes you have those permissions.

tags | exploit, overflow
MD5 | 9caf6cd28ee59e5cbf860948ad762476
prdelka-vs-GNU-exim.c
Posted Oct 27, 2006
Authored by prdelka | Site prdelka.blackart.org.uk

Exim versions 4.43-r2 and prior host_aton() local root exploit.

tags | exploit, local, root
MD5 | e0c24b80bc25ed7a2678485cc3da07d2
prdelka-vs-GNU-adabas2.txt
Posted Oct 27, 2006
Authored by prdelka | Site prdelka.blackart.org.uk

Adabas D 13.01 (GNU/Linux & Win32) Multiple Vulns in WebApps including directory traversal and SQL injection.

tags | exploit, sql injection
systems | linux, windows
MD5 | 1dfeddc20a6114ba456968291a7d59a7
prdelka-vs-GNU-adabas.c
Posted Oct 27, 2006
Authored by prdelka | Site prdelka.blackart.org.uk

GNU/Linux adabas v1301 universal local root exploit. Standard stack overflow in the command line arguments of SUID root(default) clr_kernel & stop bins. The exploit calculates the value to use for return address.

tags | exploit, overflow, local, root
systems | linux
MD5 | 1f97be5807b9efc48b2e826fd3d99a62
prdelka-vs-CISCO-vpnftp.c
Posted Oct 27, 2006
Authored by prdelka | Site prdelka.blackart.org.uk

Cisco VPN Concentrator 3000 FTP remote exploit. A vulnerability exists in the Cisco VPN Concentrator 3000, an unauthenticated user may access the file system through manipulation of FTP service commands.

tags | exploit, remote
systems | cisco
MD5 | e747d898f1bdf6d1e870ae52339704be
prdelka-vs-AEP-smartgate.c
Posted Oct 27, 2006
Authored by prdelka | Site prdelka.blackart.org.uk

AEP/Smartgate arbitrary file download exploit. A vulnerability exists in the smartgate SSL server (listens on port 443 by default) which may allow a malicious user to download arbitrary files with the privileges of the smartgate server.

tags | exploit, arbitrary
MD5 | 6ce28a7a194f641cb2d4513191ed2f37
prdelka-vs-HPUX-swmodify.c
Posted Oct 27, 2006
Authored by prdelka | Site prdelka.blackart.org.uk

HP-UX swmodify buffer overflow exploit. HP-UX 'swmodify' contains an exploitable stack overflow in the handling of command line arguements. Specifically the problem occurs due to insufficient bounds checking in the "-S" optional argument. 'swmodify' is installed setuid root by default in HP-UX and allows for local root compromise when exploiting this issue.

tags | exploit, overflow, local, root
systems | hpux
MD5 | 84198c0996115cbd40ac0e55a1d641fb
prdelka-vs-HPUX-swask.c
Posted Oct 27, 2006
Authored by prdelka | Site prdelka.blackart.org.uk

HP-UX swask format string local root exploit. HP-UX 'swask' contains an exploitable format string vulnerability. The 'swask' utility is installed setuid root by default. Specifically the vulnerability is in the handling of the "-s" optional argument which is passed to a format function as verbatim.

tags | exploit, local, root
systems | hpux
MD5 | 1e6de8951928f8e64f891b9fc9c3bb7e
prdelka-vs-HPUX-libc.c
Posted Oct 27, 2006
Authored by prdelka | Site prdelka.blackart.org.uk

HP-UX libc timezone environment overflow exploit. HP-UX libc contains an exploitable stack overflow in the handling of "TZ" environment variable. The problem occurs due to insufficient bounds checking in the localtime_r() and related functions. Any suid or sgid program which uses the timezone functions can be used as an attack vector. This exploit uses "su" to obtain root privileges.

tags | exploit, overflow, root
systems | hpux
MD5 | b982c3df898d3bb448870e0bb0bda5a3
prdelka-vs-HPUX-swpackage.c
Posted Oct 27, 2006
Authored by prdelka | Site prdelka.blackart.org.uk

HP-UX swpackage buffer overflow exploit. HP-UX 'swpackage' contains an exploitable stack overflow in the handling of command line arguments. Specifically the problem occurs due to insufficient bounds checking in the "-S" optional argument. 'swpackage' is installed setuid root by default in HP-UX and allows for local root compromise when exploiting this issue.

tags | exploit, overflow, local, root
systems | hpux
MD5 | 90516b5dc1e5ad786ae98a9baacf76ce
Secunia Security Advisory 22550
Posted Oct 27, 2006
Authored by Secunia | Site secunia.com

Secunia Security Advisory - prdelka has reported a vulnerability in SmartGate, which can be exploited by malicious people to disclose sensitive information.

tags | advisory
MD5 | c8fed17e90701c191ca2f4718dd341a7
prdelka-vs-GNU-peercast.c
Posted Mar 13, 2006
Authored by Micheal Turner, prdelka | Site prdelka.blackart.org.uk

GNU PeerCast versions less than or equal to v0.1216 Remote Exploit.

tags | exploit, remote
MD5 | e3d5b5c0ca3f3103b11186a7554d5938
prdelka-vs-LINUX-shellcode.tgz
Posted Jan 29, 2006
Authored by prdelka | Site prdelka.blackart.org.uk

Score is an interactive shellcode that allows a user to work further with an exploited process. Designed for exploitation of Linux systems on x86.

tags | x86, shellcode
systems | linux
MD5 | 9aa0ec429170fa39850e110e79811180
prdelka-vs-BSD-ptrace.tar.gz
Posted Nov 8, 2005
Authored by prdelka | Site prdelka.blackart.org.uk

NetBSD versions 2.1 and below ptrace() local root exploit.

tags | exploit, local, root
systems | netbsd
MD5 | 58fd50723dee56fbe36eb241e3a24a3e
Page 1 of 1
Back1Next

File Archive:

August 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    10 Files
  • 2
    Aug 2nd
    8 Files
  • 3
    Aug 3rd
    2 Files
  • 4
    Aug 4th
    1 Files
  • 5
    Aug 5th
    15 Files
  • 6
    Aug 6th
    79 Files
  • 7
    Aug 7th
    16 Files
  • 8
    Aug 8th
    11 Files
  • 9
    Aug 9th
    10 Files
  • 10
    Aug 10th
    0 Files
  • 11
    Aug 11th
    6 Files
  • 12
    Aug 12th
    26 Files
  • 13
    Aug 13th
    15 Files
  • 14
    Aug 14th
    19 Files
  • 15
    Aug 15th
    52 Files
  • 16
    Aug 16th
    11 Files
  • 17
    Aug 17th
    1 Files
  • 18
    Aug 18th
    2 Files
  • 19
    Aug 19th
    18 Files
  • 20
    Aug 20th
    19 Files
  • 21
    Aug 21st
    17 Files
  • 22
    Aug 22nd
    5 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close