Exploit the possiblities
Showing 1 - 25 of 85 RSS Feed

Shadow Penguin Security

Shadow Penguin Security
gdd23.tar.gz
Posted Jul 8, 2002
Authored by shadowpenguin, Shadow Penguin Security | Site shadowpenguin.org

GreedyDog v2.3 is an ethernet packet sniffer for Linux, FreeBSD, OpenBSD, NetBSD, Solaris, IRIX, SunOS4, AIX, MacOSX, and Windows2000/Xp. GreedyDog keeps stream of each TCP session and writes to logfile. Very portable. Manual is here.

tags | tcp
systems | linux, netbsd, solaris, freebsd, irix, openbsd, aix
MD5 | 7f63d4455486e59b4f4b6f788617867f
sps39.acrobat.txt
Posted Jul 27, 2000
Authored by Unyun, shadowpenguin | Site shadowpenguin.backsection.net

Shadowpenguin Security Advisory #39 - Adobe Acrobat Series PDF File buffer overflow. Many versions of Acrobat for Windows95/98/NT/2000 overflows when reading the PDF file which has long Registry or Ordering. The EIP can be controled and arbitrary code can be executed on the machine which views the PDF file. Patches available here.

tags | overflow, arbitrary, registry
MD5 | 4d24ea755d6dc347ec13d981db9ba98c
getcode010.lzh
Posted Dec 9, 1999
Authored by Unyun, shadowpenguin | Site shadowpenguin.backsection.net

Getcode assists you in coding windows exploits by getting the codes for jmp reg,call reg,push reg;ret from some loaded dlls.

systems | windows
MD5 | 210e177dc620f8156becafff0ce8bd90
ex_inc.c
Posted Nov 25, 1999
Authored by Unyun, shadowpenguin | Site shadowpenguin.backsection.net

ex_inc.c exploits a bounds checking error in /usr/jp/bin/mh/inc which was distributed with the mh-6.8.3 package. Local root compromise.

tags | exploit, local, root
systems | unix
MD5 | 72428b901f7f45c05e3c1b5048f8275e
ex_bbc.c
Posted Nov 25, 1999
Authored by Unyun, shadowpenguin | Site shadowpenguin.backsection.net

ex_bbc.c exploits a bounds checking error in /usr/jp/bin/mh/bbc which was distributed with the mh-6.8.3 package. Local root compromise.

tags | exploit, local, root
systems | unix
MD5 | a5b2d66a75247c7d8c9cb5c5bceb2ce4
ex_kcms_configure86.c
Posted Nov 25, 1999
Authored by Unyun, shadowpenguin | Site shadowpenguin.backsection.net

kcms_configure has a overflow bug with "-P" option and it has been reported(107339-01). But this program has another hole. This hole has not been not reported, and the paches are not published at this time. kcms_configure overflows if long string is specified in NETPATH environment, and it is exploitable. I have included an exploit for Solaris7 intel edition to obtain root privilege.

tags | exploit, overflow, root
systems | unix
MD5 | 96891067efbb4ca666ca294943ae33b0
ex_kcms_configuresp.c
Posted Nov 25, 1999
Authored by Unyun, shadowpenguin | Site shadowpenguin.backsection.net

The vulnerability in kcms_configure also exists in Solaris 2.6 and 2.7 sparc edition. Exploit included.

tags | exploit
systems | unix, solaris
MD5 | e2e854ae8bed8bd41d390b8b8c6423e1
ex_mailtool.c
Posted Nov 25, 1999
Authored by Unyun, shadowpenguin | Site shadowpenguin.backsection.net

The mailer programs (mailtool and dtmail) and mail message print filter (dtmailpr) which are installed on Solaris7 have exploitable buffer overflow bugs. These programs are sgid (mail group) programs, local user can obtain mail group. The mail files are generated with 660 permission, so any user can read/write other user's mail files. I coded the exploits to get mail gid(egid=6). There are for Intel Solaris7. There are same kind of problems on Sparc Solaris7 and Solaris2.6 (Intel,Sparc).

tags | exploit, overflow, local
systems | unix
MD5 | 68399227ff709fd06cd83d967dcf842a
amloger.c
Posted Nov 5, 1999
Authored by shadowpenguin

This is a auto logger for Amuser-net BBS which is used in the many Japanese underground sites

systems | unix
MD5 | 3c6e56c55f2e9063aaf349c9872da680
cgiexp.c
Posted Nov 5, 1999
Authored by shadowpenguin

This utility lists the servers which have the security vulnerabilities of CGI program. This utility supports the pht, test-cgi, nph-test-cgi, campas, htmlscritp, servce, pwd. The addition of new vulnerabilities is very easy.

tags | cgi, vulnerability
systems | unix
MD5 | 3b0def202f08648fc9881d638df01085
easyscan.c
Posted Nov 5, 1999
Authored by shadowpenguin

The simple full-connection TCP port scanner. This utility lists the servers that open the specified port.

tags | tcp
systems | unix
MD5 | 1434dbaba3484bca0063b32ae1df9b67
ex_admintool.c
Posted Nov 5, 1999
Authored by shadowpenguin

Admintool local root exploit for Solaris2.6/7 Sparc machines.

tags | exploit, local, root
systems | unix
MD5 | 68f7d2c4497e4f6766f8db1c517c1ac3
ex_almail.c
Posted Nov 5, 1999
Authored by shadowpenguin

We found the overflow bug of AL-Mail32 Ver1.10. It overflows when that receives the long message of From: or Reply-To:. If the POP3 server send the long reply message that contains the exploit code, client executes any code. This exploit code execute any command on the target windows.

tags | exploit, overflow
systems | windows
MD5 | bbb93b32d0fbcc24ab0bd8704e8d3ed6
ex_anhttpd.txt
Posted Nov 5, 1999
Authored by shadowpenguin

The test CGIs which are distributed with AN-HTTPd 1.20b contain the remote command execution problem.

tags | exploit, remote, cgi
systems | windows
MD5 | ee1ef9dca35316c2d83174c399085960
ex_canuum.c
Posted Nov 5, 1999
Authored by shadowpenguin

Local root exploit code for buffer overflow in canuum for Japanese Linux.

tags | exploit, overflow, local, root
systems | linux, unix
MD5 | 08d584cfaedebba6322e15ff0bc6ae6e
ex_chocoa.c
Posted Nov 5, 1999
Authored by shadowpenguin

We found the overflow bug of CHOCOA 1.0beta7R. It overflows when that receives the long TOPIC. If the server send the long TOPIC that contains the exploit code, client executes any code. This exploit code execute any command on the target windows.

tags | exploit, overflow
systems | windows
MD5 | 6d894b1c72bd7f83bb486b38132a9c97
ex_cmail.c
Posted Nov 5, 1999
Authored by shadowpenguin

We found the overflow bug of CMail Server 2.3 SP2. It overflows when that receives the long MAIL FROM: in SMTP handling. If the host recives the packet which contains the exploit code, the host has been cracked by any instructions which are coded in the exploit code. This example sends the exploit code that executes any command on the host which is running the CMail Server 2.3 SP2.

tags | exploit, overflow
systems | windows
MD5 | 4639d4625068233955e1ce9df9281ac7
ex_emc.c
Posted Nov 5, 1999
Authored by Unyun, shadowpenguin | Site shadowpenguin.backsection.net

Buffer overflow in E-MailClub Ver1.0.0.5. It overflows when that receives the long From: in POP3 handling. If the host recives the mail which contains the exploit code, the host has been cracked by any instructions which are coded in the exploit code. This example generates the e-mail which contains the exploit code that reboot the target host. This exploit is coded for Windows98 Japanese edition, but if you change some parameters written in the sample exploit program, it will may works on Windows95 and WindowsNT.

tags | exploit, overflow
systems | windows
MD5 | f1fa3e703ec2bd44f3d36fa744003039
ex_fuse.c
Posted Nov 5, 1999
Authored by shadowpenguin

We found the overflow bug of FuseMail 2.7. It overflows when that receives the long USER or PASS in POP3 handling. If the host recives the packet which contains the exploit code, the host has been cracked by any instructions which are coded in the exploit code. This example sends the exploit code that executes any command on the host which is running the CMail FuseMail 2.7.

tags | exploit, overflow
systems | windows
MD5 | 84fd9aa0fb63734015ecee0164137530
ex_hpprint.c
Posted Nov 5, 1999
Authored by shadowpenguin

We found the overflow bug of IBM HomePagePrint 1.0.7. If the visitors "print" or "preview" the web page which contains the long IMG SRC tags, the buffer overflow occurs. If this application reads the IMG SRC tag which is contained the exploit code, the host will be cracked. This sample generates a HTML file which is contained the exploit code that executes any command on the users' host.

tags | exploit, web, overflow
systems | windows
MD5 | 2a77280e95e84112cb74a84234c723a8
ex_ie4.c
Posted Nov 5, 1999
Authored by shadowpenguin

Microsoft Internet Explorer 4/5 overflows when the handling of "file://" specification. We coded the following sample codes. This codes generates the HTML file that reboots the client PC if the visitor uses IE4 for Windows98.

tags | exploit, overflow
systems | windows
MD5 | 706d99f197cfd8f922486be4a951d4e1
ex_ie5.c
Posted Nov 5, 1999
Authored by shadowpenguin

This is overflow exploit for IE5.

tags | exploit, overflow
systems | windows
MD5 | 6ac8ac08d5a0b80ab44588d211625499
ex_imagemap.c
Posted Nov 5, 1999
Authored by shadowpenguin

Imagemap CGI which is written by C language is distributed with OmniHTTPd Pro2.04(shareware) and Ver1.01 (freeware), it has a security hole by the buffer overflow. Any instructions can be executed on the victim host by using this buffer overflow bug.

tags | exploit, overflow, cgi
systems | windows
MD5 | b85e476f7a4a74c9fae25a19f31a3f46
ex_irfan.c
Posted Nov 5, 1999
Authored by shadowpenguin

The popular Image viewer "Irfan View32" contains the buffer overflow problem, this problem exists in the handling of Adobe Photoshop image file. This code generates the jpg file which contains the exploit code that generates "exp.com" in "c:\" and executes it. "exp.com" is a simple demo program, there is no danger.

tags | exploit, overflow
systems | windows
MD5 | 21678e1095ed9bf229ab8c6803678bfc
ex_libc.c
Posted Nov 5, 1999
Authored by shadowpenguin

Exploit code for Solaris 2.6, 2.7 (sparc) libc/LC_MESSAGES buffer overflow that results in root compromise.

tags | exploit, overflow, root
systems | unix, solaris
MD5 | e1ab7379ca0d6ddacf82ca872b94caa4
Page 1 of 4
Back1234Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
Cash Converters Reveals Data Breach
Posted Nov 16, 2017

tags | headline, hacker, cybercrime, data loss, fraud, identity theft
Kaspersky Defends Its Role In NSA Breach
Posted Nov 16, 2017

tags | headline, government, malware, usa, russia, data loss, spyware, nsa
McAfee Anti-Hacking Service Exposed Users To Banking Malware
Posted Nov 16, 2017

tags | headline, malware, bank, cybercrime, fraud, flaw, identity theft, mcafee
DJI Bug Bounty NDA Is 'Not Signable', Say Irate Infosec Researchers
Posted Nov 16, 2017

tags | headline, hacker, flaw
Government Just Figures Out You Can Hack Planes Remotely Due To Poor Design
Posted Nov 15, 2017

tags | headline, government, usa, flaw, terror
UK Security Chief Blames Russia For Hacks
Posted Nov 15, 2017

tags | headline, hacker, government, britain, russia, cyberwar
Forbes 30 Under 30 Conference Site Exposed Attendee Details
Posted Nov 15, 2017

tags | headline, privacy, data loss, flaw, conference
The Motherboard Guide To Not Getting Hacked
Posted Nov 15, 2017

tags | headline, hacker, privacy, data loss, fraud, identity theft
Votes In 18 Nations 'Hacked' In Last Year
Posted Nov 14, 2017

tags | headline, government, usa, russia, fraud, cyberwar, social
Shut The Front Door: Jewson Admits To Data Breach
Posted Nov 14, 2017

tags | headline, hacker, privacy, data loss
View More News →
packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close