what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 19 of 19 RSS Feed

Files

Pwn2Own 2010 Windows 7 Internet Explorer 8
Posted Mar 28, 2010
Authored by Peter Vreugdenhil

Whitepaper documenting the recent Pwn2Own 2010 Windows 7 Internet Explorer compromise.

tags | paper
systems | windows
SHA-256 | 98aa82f07d8894e65cff840e18ab39473886dee9071e52d31cb111db7f4a2fb8

Related Files

multiOTP 5.0.4.4 Remote Code Execution
Posted Apr 2, 2020
Authored by Cody Sixteen

This whitepaper documents a walk through that describes the steps taken to identify a remote code execution vulnerability in multiOTP version 5.0.4.4.

tags | exploit, remote, code execution
SHA-256 | 4732ae6117764a5cac9dd84f3d79ef6065f0a8c5a22085a25d924acb3a87756e
PHPMailer / Zend-mail / SwiftMailer Remote Code Execution
Posted Jan 3, 2017
Authored by Dawid Golunski

This proof of concept exploit aims to execute a reverse shell on the target in the context of the web server user via a vulnerable PHP email library.

tags | exploit, web, shell, php, proof of concept
advisories | CVE-2016-10033, CVE-2016-10034, CVE-2016-10045, CVE-2016-10074
SHA-256 | a6480837acf975f49749549e06ab31dc5538b6276d390b38aa0f7a89e63148d0
Evading All Web-Application Firewalls XSS Filters
Posted Sep 9, 2015
Authored by Mazin Ahmed

This whitepaper documents shortcomings in various popular web application firewalls (WAFS) and how to trigger cross site scripting attacks regardless of the protections in place. Covered are F5 Big IP, Imperva Incapsula, AQTRONIX WebKnight, PHP-IDS, Mod-Security, Sucuri, QuickDefense, and Barracuda WAF.

tags | paper, web, xss
SHA-256 | c38f62eb042bf845f286dc56c557e0a4422de464a3d9658b8fd2d013a1a708c2
Mac OS X Mavericks IOBluetoothHCIUserClient Privilege Escalation
Posted Nov 3, 2014
Authored by Roberto Paleari, Aristide Fattori

This proof of concept exploits a missing sign check in IOBluetoothHCIUserClient::SimpleDispatchWL() on Mac OS X Mavericks.

tags | exploit, proof of concept
systems | apple, osx
SHA-256 | 1dd3038cf5d241dc284516224174f72943e3ec4e439021ee7654973dc33df8a6
Owning A CA Control Access Server
Posted Feb 20, 2014
Authored by Sanehdeep Singh

This whitepaper documents how to compromise CA ControlMinder versions 12.5, 12.6, and 12.6 SP1 running JBoss version 4.2.2.GA.

tags | paper
SHA-256 | d79c4e8b7e01e49acdda05ad5eceda4f0bf7d0d76f4b960c5d9135475bebc7d6
Oracle Reports Shell Uploader
Posted Jan 28, 2014
Authored by Dana Taylor

Oracle Reports pwnacle exploit that uploads a jsp shell to the target system using the URLPARAMETER vulnerability that allows for planting files.

tags | exploit, shell
advisories | CVE-2012-3153, CVE-2012-3152
SHA-256 | 3581d647b9a2e8009d1d33ce3190ed76df5b93ae7c3bb78683ead1f423d79945
Nginx 1.3.9 / 1.4.0 Exploit Documentation
Posted Jul 23, 2013
Authored by Kingcope

This whitepaper document how the brute forcing exploit works for a buffer overflow vulnerability in nginx versions 1.3.9 and 1.4.0 on x86.

tags | paper, overflow, x86
advisories | CVE-2013-2028
SHA-256 | 83e7a76cda024bdc1720e8569cb20218c76aa3c5b8a8f5ddfad4818e03f8afe9
nginx Backdoor
Posted Jul 19, 2013
Authored by t57root | Site hackshell.net

This code is a backdoor for nginx. It provides remote shell access, SOCKS5 tunneling, and HTTP password sniffing and logging.

tags | tool, remote, web, shell, rootkit
systems | unix
SHA-256 | 8f754357b61c73fe20efc8dd28b52d222feb812bbaf36bebdfee47e30d0ddfb1
Tunnel Blick Local Root Exploit Version 2
Posted Aug 11, 2012
Authored by zx2c4

Pwnnel-Blicker is a second local root exploit for Tunnel Blick OS X OpenVPN manager.

tags | exploit, local, root
systems | apple, osx
SHA-256 | 469187a05e24af6ff54301dc1ce224c0d812f436efa24c7f9245c5385e416fb9
Pwning The BSNL Users
Posted Nov 25, 2010
Authored by Varun.V, Sathya Prakash.K

Whitepaper called Pwning the BSNL Users.

tags | paper
SHA-256 | 4b22e4e33ddefc12559ed84d9659f1017723993f24e80a133e95b05bdb4ed88f
Pwanat NAT To NAT Tool 0.2
Posted Apr 6, 2010
Authored by Samy | Site samy.pl

pwnat, pronounced "poe-nat", is a tool that allows any number of clients behind NATs to communicate with a server behind a separate NAT with no port forwarding and no DMZ setup on any routers in order to directly communicate with each other. The server does not need to know anything about the clients trying to connect.

systems | unix
SHA-256 | 709e1288e05bcae5f1221f2904de2ef64b9d8b81d5fbee6c3b69ef49a807aa1f
Apache 2.2.14 mod_isapi Remote SYSTEM Exploit
Posted Mar 6, 2010
Authored by Brett Gervasoni | Site senseofsecurity.com.au

Apache version 2.2.14 mod_isapi remote SYSTEM exploit. Due to the nature of the vulnerability, and exploitation method, DEP should be limited to essential Windows programs and services. At worst, if DEP is enabled for the Apache process, you could cause a constant DoS by looping this (since apache will automatically restart).

tags | exploit, remote
systems | windows
advisories | CVE-2010-0425
SHA-256 | c783414f79f43dcae00ce4cd44e85c324652565b650c7c405e711ebdd5c30075
Anti-Virus PWN2RM Challenge Results
Posted Oct 26, 2009
Authored by Christophe, Samir

This pdf has the Anti-virus PWN2RM Challenge results. An amusing read discussing how to disable McAfee, Norton, and various other AV software.

tags | paper, virus
SHA-256 | 232bf4211083bfc95c523a4af38a1e65423009125b74c66afdafd26c6bd3968a
Pwnie Awards Ceremony
Posted Jul 9, 2009
Site pwnie-awards.org

The Pwnie Awards ceremony will return for the third consecutive year to the BlackHat USA conference in Las Vegas. The award ceremony will take place during the BlackHat reception on Wed, July 29. The deadline for nominations is Wednesday, July 15.

tags | paper, conference
SHA-256 | d41345c93e4e6fbcbec9cc12b2810b67756a26764da817df33d9d5f20cdbf800
Whitepaper Called From 0 To 0 Day On Symbian
Posted Jul 6, 2009
Authored by Bernhard Mueller | Site sec-consult.com

Whitepaper called From 0 To 0 Day On Symbian - Finding Low Level Vulnerabilities On Symbian Smartphones.

tags | paper, vulnerability
SHA-256 | 9f84cc111e30835b5b7e8fbc5e38e756d4e282500b242481eca7fe284fc5a2df
pwntego.tar.gz
Posted Nov 9, 2006
Authored by Kevin Finisterre | Site digitalmunition.com

Race condition exploit that takes advantage of a flaw in Intego VirusBarrier X4.

tags | exploit
SHA-256 | 8fbc3bac0aef7c91710230a3e7449dcef6d21741f4c4c879f4899e657a426416
pwned-vpasp.txt
Posted Jan 29, 2006
Authored by tracewar

VP-ASP Shopping Cart version 5.50 is susceptible to SQL injection attacks.

tags | exploit, sql injection, asp
SHA-256 | 332f445af6a6c5c47f068cb8d8c03ed007441924b9c1604249e696ad8d996b1f
pwnzilla.txt
Posted Sep 23, 2005
Authored by SkyLined

PwnZilla 5 - Exploit for the IDN host name heap buffer overrun in Mozilla browsers such as Firefox, Mozilla, and Netscape.

tags | exploit, overflow
advisories | CVE-2005-2871
SHA-256 | 5fd84b75e862d1b3f6cac437ba7e571a8da0bd7fe4f45638c172f865b261d320
pwned.c
Posted Mar 22, 2005
Authored by sd

Local sys_uselib root exploit for the Linux 2.4 and 2.6 kernel series.

tags | exploit, kernel, local, root
systems | linux
SHA-256 | e95832127ef41cadddcf73aab42cbb0168d07344395d3aa6b43c4b4a5ffb0fdc
Page 1 of 1
Back1Next

File Archive:

December 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    11 Files
  • 2
    Dec 2nd
    0 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    32 Files
  • 5
    Dec 5th
    10 Files
  • 6
    Dec 6th
    13 Files
  • 7
    Dec 7th
    23 Files
  • 8
    Dec 8th
    19 Files
  • 9
    Dec 9th
    1 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close