exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 51 - 75 of 100 RSS Feed


CMS NetCat 3.12 SQL Injection / XSS / LFI
Posted Dec 30, 2008
Authored by s4avrd0w

CMS NetCat versions 3.12 and below suffer from local file inclusion, blind SQL injection, cross site scripting, HTTP response splitting, and CRLF injection vulnerabilities.

tags | exploit, web, local, vulnerability, xss, sql injection, file inclusion
SHA-256 | 730aeb7570a48954a80207737f1bafe5fe9d40926123fed41669691d5ed7d6f7

Related Files

Posted Aug 26, 2003

Cryptcat is an encrypted version of netcat. It uses AES encryption and a static key to encrypt all transactions. Previous versions had a flaw in which not all network traffic was encrypted so this is the patched version. Many thanks to Eric Sheesley for fixing this utility since the last version is no longer supported.

tags | tool
systems | unix
SHA-256 | 07d72ba5e5a5601b5d6b9d6c4dbf7a4339f25974ccdc61d11f6d4b78f2c489bd
Posted Aug 10, 2003
Authored by thc | Site thc.org

Grenzgaenger is a SOCKS-like hacker tool for tunneling nmap, netcat and exploits transparently through systems into protected networks.

SHA-256 | 7b46223b2239a585a065db7456ef97a3a6f6b8c152023b6ac785b4990ad42954
Posted Jul 9, 2003
Authored by Knight420

CCBill remote exploit that spawns a shell with netcat and attempts to connect into the server on port 6666 to gain access of the webserver uid.

tags | exploit, remote, shell
SHA-256 | 66f3965cf4bbf7fe122e5da69fc37f2fb3c3ffe2b7aa6836d0778511c9c29de7
Posted May 29, 2003
Authored by Floydman | Site securit.iquebec.com

This tool is a command prompt (cmd.exe) logger, useful for generating intrusion evidence that was previously unavailable. With this tool, you can log command prompt sessions be it from the console, a compromised IIS system or through a netcat tunnel. Working a bit like a wrapper, ComLog takes the place of cmd.exe and passes the commands to be executed to the real cmd.exe which is renamed cm_.exe. Version 1.05 changes include MS-DOS icon added to the executable, and better camouflage to avoid detection by the monitored.

SHA-256 | ace19f02d040949d4cffa6040cf70cc0e5f3a1f3b3e71d7dfd20cba25e0cecf8
Posted May 23, 2003
Authored by Goldie, checksum | Site checksum.org

A simply netcat utility much like the Windows version released by Atstake but smaller in file size.

systems | windows
SHA-256 | e355a8decae502578e5bb649b4336b89b13c5daa07b2b23c6737989ecc0fa851
Posted Jan 4, 2003
Authored by Knight420

Smart Search CGI remote exploit in perl which attempts to spawn netcat listening with a shell.

tags | exploit, remote, shell, cgi, perl
SHA-256 | 041548a5386dcb8a831010770b868c0816b690100bcfde2bdb33e64959bd23d6
Posted Dec 24, 2002
Site thc.org

s390 shellcode which connects back to a listening netcat on port 31337 by default.

tags | shellcode
SHA-256 | b920ec83e92bca3076d999d7ea4500ee8983d04e6148747a27b9af19517eccf1
Posted Dec 16, 2002
Authored by Rapid7 | Site rapid7.com

Denial of service exploit for SSH servers and clients from several vendors containing vulnerabilities in the greeting and key-exchange-initialization phases of the SSHv2 transport layer that allow denial of service attacks and/or arbitrary code execution. OpenSSH, SecureCRT, and LSH are not affected - vulnerable versions include F-Secure 3.1.0 and below for unix and v5.2 and below for Windows, SSH 3.2.2 and below for windows and unix, putty v0.53 and below, WinSCP 2.0.0 and below, and more. Includes binary files which can be sent to ssh servers or clients via netcat.

tags | exploit, denial of service, arbitrary, vulnerability, code execution
systems | windows, unix
SHA-256 | 6b89b3721c386cfd26123193715b84e647d2b13cbc7c5337faa63bea2c1ae80e
Posted Oct 7, 2002
Authored by Killah | Site hack.gr

80log.sh is a shell script which uses netcat to log the HTTP server versions of multiple or single web servers.

tags | web, shell
SHA-256 | 335edb395f23336e6e0ea9d7b5f0b577527bb4aaa306e4333b1dd282dd4ee0cf
Posted Sep 12, 2001
Authored by LBS

Autowhois is an advanced whois client with more than 300 TLDs/ccTLDs stored into its built-in database (probably all), and autodetects the appropriate server for a domain name query. It can also resolve a country to its default country code top level domain or vice-versa, locating it in a brief ASCII world map and returning some other useful information. It also accepts specific server/port (ignoring auto detection) or can just use predefined settings by default. Multiple words on query are allowed, colors are customizable, etc. Intended for windows 95/98 only*, netcat required (v.1.10 NT).

systems | windows
SHA-256 | bc7602922da13041f4b1cb3f276c302fee3d8981006fa48ab5d449f951f4e75e
Posted Sep 11, 2001

Netcat v1.10 by The Hobbit, with a small fix for Slackware 8.0 by Dark Corner.

tags | tool
systems | linux, unix, slackware
SHA-256 | e382750b8e57232f6458bf9ecf84b621221266b95315c97fad547c5098fe7092
Posted May 25, 2001
Authored by Dart

Nwkill is a simple shell script which kills Netware 5.0 by using netcat to send /dev/random to tcp port 40193.

tags | denial of service, shell, tcp
SHA-256 | 97eb772389ccf50550b76c384134e7cdefed0c78d4a4144f1301a4cd0cdff19b
Posted Mar 15, 2001
Authored by Cyrax | Site pkcrew.org

Hjksuite is a collection of programs for hijacking. First of all it contains hjklib, a library for hijacking. It contains also some programs like hjkbnc which allows irc hijackinig directly with your client, hjkhttpd for hijacking HTTP sessions, and hjknetcat, for hijacking text connections.

tags | web
systems | unix
SHA-256 | 7b6ab15cef86c5f16b73f1372efc23c3e83b1f2519a626d3d96766fc5a7f1bf2
Posted Dec 21, 2000
Authored by Philip Stoev | Site phiphi.hypermart.net

The ELZA is a scripting language aimed at automating requests on web pages. Scripts written in ELZA are capable of mimicking browser behavior almost perfectly, making it extremely difficult for remote servers to distinguish their activity from the activity generated by ordinary users and browsers. This gives those scripts the opportunity to act upon servers that will not respond to requests generated using netcat, rebol, telnet or similar tool. As a result, one can hijack heavily protected HTML forms, perform dictionary attacks on login forms, and do sophisticated CGI scanning.

Changes: Beta release - Includes some new features.
tags | remote, web, cgi
SHA-256 | 368dd7c59b8d936b9255f164b4c02a0d05b0c90083e4be01c3d66ae90fdd80dc
Posted Dec 12, 2000
Authored by Mixter | Site members.tripod.com

aes-netcat is a patch with some includes for netcat 1.10 that adds an option to do password encrypted sessions using strong AES encryption. Doesn't include an AES algorithm but urls where to get them (15 candidates available).

tags | tool
systems | unix
SHA-256 | ed8bc2a6a4d5f9d88a1001545b97ad17846aaa75720ddca22d215d0a5062f8ef
Posted Oct 28, 2000
Authored by Antirez | Site kyuzz.org

Older version of the host command contains a remotely exploitable buffer overflow. The host command is used to perform the AXFR request to obtain the zone transfer information, and can be caused to execute arbitrary code when connecting to a fake DNS server, a netcat process listening on port 53.

tags | exploit, overflow, arbitrary
SHA-256 | 39951d3f589829a119033d3606128b1ac7e7273f64901d487f9e72eb6efa1de7
Posted Oct 4, 2000
Authored by anno | Site teleh0r.cjb.net

Easy Advertiser v. 2.04 Remote Exploit. The stats.cgi script used in Easy Advertiser has an insecure open() that allows this exploit to bind a shell to port 60179 running with user priviledges that the webserver is run as. Netcat is needed locally to use this.

tags | exploit, remote, shell, cgi
SHA-256 | 3039f45d2afe1dffcacaeeaa10a0cd1ac319430fdfef2be12356e97c5078f50b
Posted Sep 25, 2000

Netcat with encryption for Linux and Windows - This is the classic network utility Netcat, with Twofish encryption. Includes Windows and Linux source and binary. To make it secure you need to change the hardcoded key.

tags | tool
systems | linux, windows, unix
SHA-256 | cf11fce4287f940060b85a4699609e2f2417a7624c704d34506a3b3f1255f35e
Posted Aug 1, 2000
Authored by Matthew Franz | Site trinux.sourceforge.net

Trinux transparently converts ordinary x86 PCs into a powerful network security workstations by combining Linux Slackware 7.1 with all of the most powerful precompiled Open Source security/monitoring tools. Trinux boots from a single floppy disk and runs entirely in RAM. Trinux is useful for Port scanning, packet sniffing, vulnerability scanning, sniffer detection, packet construction, active/passive OS fingerprinting, network monitoring, session hijacking, intrusion detection, and more. Trinux 0.70 is the most stable and compact Trinux release to date and is based on Busybox/glibc2.1.3 and kernel 2.2.16. Among the included packages are nmap2.54beta1, adm-smb, nbtstat, tcp_scan, cgichk, ddos-scan, dsniff, despoof, hunt, zodiac, netcat, openssh, hping2, sing, isic, p0f, fragrouter, tcpreplay, sentinel, ethereal 0.8.10, ngrep, nstreams, tcpdump, ntop, netwatch, and more.

tags | x86, kernel
systems | linux, slackware
SHA-256 | abf720b088d97a716c3a460f3cbc9309017e66fd5df498c0b0884026f067f04e
Posted Jul 7, 2000
Site securexpert.com

SecureXpert Labs Advisory [SX-20000620-1] - Denial of Service vulnerability in Microsoft Windows 2000 Telnet Server. A remote user can cause the telnet server to stop responding to requests by sending a stream of binary zeros to the telnet server. This can easily be reproduced from a Linux system using netcat with an input of /dev/zero, with a command such as "nc target.host 23 < /dev/zero".

tags | exploit, remote, denial of service
systems | linux, windows
SHA-256 | 75c77bf0657fae44cbe5c5587fc4118b7d0679ae59041f32fa493cfc21d0f95d
Posted Jun 9, 2000
Authored by r00tabega, Bansh33 | Site r00tabega.com

ICQ Web Front DOS Exploit - guestbook.cgi, part of ICQ web front, is vulnerable to a remote denial of service attack. This shell script exploit generates a malformed POST request and uses netcat to send it to port 80 of the victim host.

tags | remote, web, denial of service, shell, cgi
SHA-256 | b8e9e0819dfa1cd572dcf565fd2d91d1830fea0eb549bcc41414b0da7e85f832
Posted Jun 9, 2000
Authored by GrAzEr1 | Site team-tss.org

TSScgi.sh is a shell script which scans for vulnerable cgi scripts with the help of netcat.

tags | shell, cgi
systems | unix
SHA-256 | 66bd2915c38a890ba8c7d2a3ab7606b858d64e2c6618d0afe8f6502f11efa8e4
Posted May 31, 2000
Authored by S

shadyshell.c is a flexible, obfuscated, and lightweight UDP portshell. Takes client input via netcat -u.

tags | tool, udp, rootkit
systems | unix
SHA-256 | 16c3e56c91fe42a99758dc394e3c954f75985e353ac20556e6c3104449fdc5f9
Posted Feb 11, 2000
Authored by teso

very fast, clean and mean, but functional banner scanner, with part of the functionality of netcat :-)

SHA-256 | 8140faf86d4dda36aae57f79ae2a8d27be823118b76e22cf890009a8f15509cc
Posted Jan 28, 2000
Authored by Missinglnk | Site tribune.intranova.net

A modified version of the original qpopper 3.0beta29 exploit by Zhodiac, added network support (no need for netcat) and allowed the user to specify which command to execute.

tags | exploit
SHA-256 | bcdd1859b2a33b6f0bdced21cd68b20e314cb4ff2fe1dafccab9dfb8f9a3be82
Page 3 of 4

File Archive:

May 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    44 Files
  • 2
    May 2nd
    5 Files
  • 3
    May 3rd
    11 Files
  • 4
    May 4th
    0 Files
  • 5
    May 5th
    0 Files
  • 6
    May 6th
    28 Files
  • 7
    May 7th
    3 Files
  • 8
    May 8th
    4 Files
  • 9
    May 9th
    54 Files
  • 10
    May 10th
    12 Files
  • 11
    May 11th
    0 Files
  • 12
    May 12th
    0 Files
  • 13
    May 13th
    17 Files
  • 14
    May 14th
    11 Files
  • 15
    May 15th
    17 Files
  • 16
    May 16th
    13 Files
  • 17
    May 17th
    22 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    17 Files
  • 21
    May 21st
    18 Files
  • 22
    May 22nd
    7 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2022 Packet Storm. All rights reserved.

Security Services
Hosting By