exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 34 RSS Feed

Files

MOAB-05-01-2007.rb.txt
Posted Jan 13, 2007
Authored by Kevin Finisterre, LMH | Site projects.info-pull.com

Month of Apple Bugs - Exploit for a vulnerability in the handling of BOM files by the DiskManagement/diskutil that allows the setting of rogue permissions on the filesystem. This can be used to execute arbitrary code and escalate privileges. One of two exploits.

tags | exploit, arbitrary
systems | apple
SHA-256 | 9ff09c4c31ae71fb68fb87e214f17eb7e955b0cbe68a242d876ba38452f4a223

Related Files

Moab Insecure Message Signing Authentication Bypass
Posted Sep 30, 2014
Authored by Luke Jennings, John Fitzpatrick

Moab suffers from an insecure message signing authentication bypass vulnerability. All versions up to 8 can be affected depending on the configuration.

tags | exploit, bypass
advisories | CVE-2014-5376
SHA-256 | 85a019a8c4de29f5f84586a14f07c354e859db1b6a19ccec9cbb5d70e45cbcea
Moab User Impersonation
Posted Sep 30, 2014
Authored by John Fitzpatrick

Moab versions prior to 7.2.9 and 8 suffer from a user impersonation vulnerability.

tags | exploit
advisories | CVE-2014-5375
SHA-256 | 06269ab2431aa1292e9d181643ace50442b15f7c22b2ca8e0be470c5e444f592
Moab Dynamic Configuration Authentication Bypass
Posted Sep 30, 2014
Authored by John Fitzpatrick

Moab versions prior to 7.2.9 and 8 suffer from a dynamic reconfiguration authentication bypass issue that allows for remote code execution.

tags | exploit, remote, code execution, bypass
advisories | CVE-2014-5300
SHA-256 | 1d947c3d312bda1ccebc5c7622d54bcdfee0aa44575fcd3b9fa4410d0c6e6878
MOAB-29-01-2007.rb.txt
Posted Jan 31, 2007
Authored by LMH | Site projects.info-pull.com

Month of Apple Bugs - Apple iChat Bonjour functionality is affected by several remotely exploitable denial of service flaws which can be triggered via advertising presence services over multicast DNS. This is the denial of service proof of concept exploit.

tags | exploit, denial of service, proof of concept
systems | apple
SHA-256 | a256f4a5ef48238266e678eab766d0cb63eb44cfd99e5782f4b5fff8e5aed773
MOAB-28-01-2007.rb.txt
Posted Jan 29, 2007
Authored by Kevin Finisterre, LMH | Site projects.info-pull.com

Month of Apple Bugs - crashdump follows symlinks within the /Library/Logs/CrashReporter/ directory, allowing admin-group users to execute arbitrary code and overwrite files with elevated privileges. In couple with a specially crafted Mach-O binary, this can be used to write a malicious crontab entry, which will run with root privileges. This ruby code demonstrates this vulnerability.

tags | exploit, arbitrary, root, ruby
systems | apple
advisories | CVE-2007-0467
SHA-256 | a2f484f050a3539545bc04527aebfb7718411d5e564498448fa7024d15700ebe
MOAB-27-01-2007.tgz
Posted Jan 29, 2007
Authored by Kevin Finisterre, LMH | Site projects.info-pull.com

Month of Apple Bugs - Flip4Mac fails to properly handle WMV files with a crafted ASF_File_Properties_Object size field, leading to an exploitable memory corruption condition, which can be abused remotely for arbitrary code execution. This tgz holds a malicious .wmv file that demonstrates this vulnerability.

tags | exploit, arbitrary, code execution
systems | apple
advisories | CVE-2007-0466
SHA-256 | 5b0f7f222237672bd530a2f1c52368b0a593f5907f49c47913ca01b2f7900a50
MOAB-25-01-2007.rb.txt
Posted Jan 27, 2007
Authored by LMH | Site projects.info-pull.com

Month of Apple Bugs - Ruby exploit that demonstrates how CFNetwork fails to handle certain HTTP responses properly, causing the _CFNetConnectionWillEnqueueRequests() function to dereference a NULL pointer, leading to a denial of service condition.

tags | exploit, web, denial of service, ruby
systems | apple
advisories | CVE-2007-0464
SHA-256 | f7406daaadebb8a416333b8bedaa7f1ba60dc4e0d60fe455f34deb18ee74e296
MOAB-25-01-2007.c
Posted Jan 27, 2007
Authored by LMH | Site projects.info-pull.com

Month of Apple Bugs - C exploit that demonstrates how CFNetwork fails to handle certain HTTP responses properly, causing the _CFNetConnectionWillEnqueueRequests() function to dereference a NULL pointer, leading to a denial of service condition.

tags | exploit, web, denial of service
systems | apple
advisories | CVE-2007-0464
SHA-256 | 3199da9edd031aaa3b4b089d6910159ef30dde29e74ba47226c79241f26f3d3f
MOAB-23-01-2007.pct
Posted Jan 24, 2007
Authored by LMH | Site projects.info-pull.com

Month of Apple Bugs - A vulnerability exists in the handling of ARGB records (Alpha RGB) within PICT images, that leads to an exploitable memory corruption condition. This is the proof of concept exploit in .pct format that demonstrates this vulnerability.

tags | exploit, proof of concept
systems | apple
advisories | CVE-2007-0462
SHA-256 | cae45c1818004c6d0fa86b4df9d9713a53b3af47e14c3b7813983523855384ba
MOAB-22-01-2007.rb.txt
Posted Jan 24, 2007
Authored by Kevin Finisterre, LMH | Site projects.info-pull.com

Month of Apple Bugs - InputManager provided by the user. Code within the input manager will run under wheel privileges. In combination with diskutil and a wheel-writable setuid binary, this allows unprivileged users to gain root privileges. This is the proof of concept exploit that demonstrates this vulnerability.

tags | exploit, root, proof of concept
systems | apple
advisories | CVE-2007-0023
SHA-256 | 649846dcedfd17c9b293d5b586249ab6641f7f2f4b7077ce8728d64523c3794e
MOAB-21-01-2007.rb.txt
Posted Jan 24, 2007
Authored by Kevin Finisterre, LMH | Site projects.info-pull.com

Month of Apple Bugs - The preference panes setuid helper, writeconfig, makes use of a shell script which lacks of PATH sanitization, allowing users to execute arbitrary binaries under root privileges. This is the proof of concept exploit that demonstrates this vulnerability.

tags | exploit, arbitrary, shell, root, proof of concept
systems | apple
advisories | CVE-2007-0022
SHA-256 | bc6a6482959f9f36bea4aefc8de705de29960037c93a88c4c71f6382b1e18c26
MOAB-20-01-2007.tgz
Posted Jan 24, 2007
Authored by Kevin Finisterre, LMH | Site projects.info-pull.com

Month of Apple Bugs - Apple iChat AIM URI scheme (referred as the 'url handler') handling is affected by a classic format string vulnerability, allowing remote users to cause a denial of service condition or arbitrary code execution. This is the proof of concept exploit that demonstrates this vulnerability.

tags | exploit, remote, denial of service, arbitrary, code execution, proof of concept
systems | apple
advisories | CVE-2007-0021
SHA-256 | c72c10a4e48008dc4508828d784627e557382e0c510236900986c74a82eab3f4
MOAB-19-01-2007.tgz
Posted Jan 24, 2007
Authored by Kevin Finisterre, LMH | Site projects.info-pull.com

Month of Apple Bugs - Transmit does not allocate enough space when dealing with the string passed on via the ftps:// URL handler, leading to an exploitable heap-based buffer overflow condition. This is the proof of concept exploit.

tags | exploit, overflow, proof of concept
systems | apple
advisories | CVE-2007-0020
SHA-256 | 9080e0d951067307f9ad1fe2f1c855dcceaac4dd146e38b6c610d666ed9c242f
MOAB-18-01-2007.rb.txt
Posted Jan 20, 2007
Authored by Kevin Finisterre, LMH | Site projects.info-pull.com

Month of Apple Bugs - Proof of concept exploit rumpusd. rumpusd is vulnerable to different remotely exploitable heap-based buffer overflows, denial of service conditions and local privilege escalation issues.

tags | exploit, denial of service, overflow, local, proof of concept
systems | apple
advisories | CVE-2007-0019
SHA-256 | 324e1c2a699138a78ea18bf0111256c4c75fe4eedb6f2baead3e5c38d188b60e
MOAB-17-01-2007.rb.txt
Posted Jan 20, 2007
Authored by Kevin Finisterre, LMH | Site projects.info-pull.com

Month of Apple Bugs - Proof of concept exploit for slpd. slpd is vulnerable to a buffer overflow condition when processing the attr-list field of a registration request, leading to an exploitable denial of service condition and potential arbitrary execution. It would allow unprivileged local (and possibly remote) users to execute arbitrary code under root privileges.

tags | exploit, remote, denial of service, overflow, arbitrary, local, root, proof of concept
systems | apple
SHA-256 | b43cb8369fd15b26f59289ce05b054d9e9b5ee73e4ea4f070c7f378698fc6935
MOAB-16-01-2007.rb.txt
Posted Jan 20, 2007
Authored by Kevin Finisterre, LMH | Site projects.info-pull.com

Month of Apple Bugs - Proof of concept exploit for Colloquy. Colloquy is vulnerable to a format string vulnerability in the handling of INVITE requests, that can be abused by remote users and requires no interaction at all, leading to a denial of service and potential arbitrary code execution.

tags | exploit, remote, denial of service, arbitrary, code execution, proof of concept
systems | apple
SHA-256 | ecc8ca506c0501b6a06a3dce70b0267fdd8463686c38cd7f7364ee7acf7ad640
MOAB-15-01-2007.rb.txt
Posted Jan 20, 2007
Authored by LMH | Site projects.info-pull.com

Month of Apple Bugs - Proof of concept exploit for a local privilege escalation vulnerability on Mac OS X. Multiple binaries inside the /Applications directory tree are setuid root, but remain writable by users in the admin group (ex. first user by default in a non-server Mac OS X installation), allowing privilege escalation.

tags | exploit, local, root, proof of concept
systems | apple, osx
SHA-256 | 5d79f7e869386b86fb511af90c48ec4794090cc26d9550ab41fb92e9be07807c
MOAB-14-01-2007.c
Posted Jan 20, 2007
Authored by LMH | Site projects.info-pull.com

Month of Apple Bugs - Proof of concept exploit for the _ATPsndrsp function. The _ATPsndrsp function is vulnerable to a heap-based buffer overflow condition, due to insufficient checking of user input. This leads to a denial of service condition and potential arbitrary code execution by unprivileged users.

tags | exploit, denial of service, overflow, arbitrary, code execution, proof of concept
systems | apple
advisories | CVE-2007-0236
SHA-256 | ecaf4e16cc626471b59446fc33fded909708cba04efa57ef9ad8f795f1e0ead4
MOAB-13-01-2007.dmg.gz
Posted Jan 20, 2007
Authored by LMH | Site projects.info-pull.com

Month of Apple Bugs - This is a specially crafted HFS+ filesystem in a DMG image that can cause the do_hfs_truncate() function to panic the kernel (denial of service), when attempting to remove a file from the mounted filesystem. This issue can't lead to arbitrary code execution, although there's a significant risk of local HFS+ filesystems corruption.

tags | exploit, denial of service, arbitrary, kernel, local, code execution
systems | apple
advisories | CVE-2006-5482
SHA-256 | 2dad00428d7585a35288df4bbecb6e942d5b73244ab459f875cd6d71f91ea91e
MOAB-12-01-2007.dmg.gz
Posted Jan 13, 2007
Site projects.info-pull.com

Month of Apple Bugs - Exploit that demonstrates a denial of service in the UFS filesystem. A specially crafted UFS filesystem in a DMG image can cause the ufs_lookup() function to call ufs_dirbad() when a corrupted directory entry is being read, leading to a kernel panic (denial of service). This issue cannot be abused for remote code execution.

tags | exploit, remote, denial of service, kernel, code execution
systems | apple
SHA-256 | dec331376b73f489db107e8f7ee4bf1f2328d765af037288c196140b777ea5c1
MOAB-11-01-2007.dmg.gz
Posted Jan 13, 2007
Site projects.info-pull.com

Month of Apple Bugs - Exploit for the byte_swap_sbin() function. The byte_swap_sbin() function, one of the UFS byte swapping routines (this code is not present in FreeBSD and it's Mac OS X XNU-specific; used for compatibility of filesystem streams between little and big-endian systems) is affected by a integer overflow vulnerability, leading to an exploitable denial of service condition.

tags | exploit, denial of service, overflow
systems | freebsd, apple, osx
SHA-256 | d7aac98581374e4ca26eb3859335af304a16c4df81db9bb0f90e811cc2b46fd6
MOAB-10-01-2007.dmg.gz
Posted Jan 13, 2007
Site projects.info-pull.com

Month of Apple Bugs - Exploit for the ffs_mountfs() function. The ffs_mountfs() function, part of the UFS filesystem handling code (shared between FreeBSD and Mac OS X XNU) is affected by an integer overflow vulnerability, leading to an exploitable denial of service condition and potential arbitrary code execution.

tags | exploit, denial of service, overflow, arbitrary, code execution
systems | freebsd, apple, osx
SHA-256 | 746e0bd8150cb61f86f671fe9e5f7939e7b56820033c9e5353bacadbe0247ca3
MOAB-09-01-2007.dmg
Posted Jan 13, 2007
Authored by LMH | Site projects.info-pull.com

Month of Apple Bugs - Exploit for a vulnerability in Finder. Finder is affected by a memory corruption vulnerability, which leads to an exploitable denial of service condition and potential arbitrary code execution, that can be triggered by DMG images. One of two exploits.

tags | exploit, denial of service, arbitrary, code execution
systems | apple
SHA-256 | 641c56a3c3546d6881d7d441e3203e4a9130560679f14bc12df8f0bb36e7d662
MOAB-09-01-2007.rb.txt
Posted Jan 13, 2007
Authored by LMH | Site projects.info-pull.com

Month of Apple Bugs - Exploit for a vulnerability in Finder. Finder is affected by a memory corruption vulnerability, which leads to an exploitable denial of service condition and potential arbitrary code execution, that can be triggered by DMG images. One of two exploits.

tags | exploit, denial of service, arbitrary, code execution
systems | apple
SHA-256 | b981e4326e87927ea14c54f445d1d8c91ca8bad5b3c606732b39860b492a641a
exploit-of-the-apes.rb.txt
Posted Jan 13, 2007
Authored by LMH, Johnny Pwnerseed | Site projects.info-pull.com

Month of Apple Bugs - Exploit for the Application Enhancer (APE), which is affected by a local privilege escalation vulnerability that allows local users to gain root privileges.

tags | exploit, local, root
systems | apple
SHA-256 | 022ab59da53042f4ad0dadf5efb09eb65b8d7f1c45cfc3279afa1c3afbd66fbf
Page 1 of 2
Back12Next

File Archive:

February 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    16 Files
  • 2
    Feb 2nd
    19 Files
  • 3
    Feb 3rd
    0 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    24 Files
  • 6
    Feb 6th
    2 Files
  • 7
    Feb 7th
    10 Files
  • 8
    Feb 8th
    25 Files
  • 9
    Feb 9th
    37 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    17 Files
  • 13
    Feb 13th
    20 Files
  • 14
    Feb 14th
    25 Files
  • 15
    Feb 15th
    15 Files
  • 16
    Feb 16th
    6 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    35 Files
  • 20
    Feb 20th
    25 Files
  • 21
    Feb 21st
    18 Files
  • 22
    Feb 22nd
    15 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files
  • 29
    Feb 29th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close