Exploit the possiblities
Showing 1 - 11 of 11 RSS Feed

Files

ex_inc.c
Posted Nov 25, 1999
Authored by Unyun, shadowpenguin | Site shadowpenguin.backsection.net

ex_inc.c exploits a bounds checking error in /usr/jp/bin/mh/inc which was distributed with the mh-6.8.3 package. Local root compromise.

tags | exploit, local, root
systems | unix
MD5 | 72428b901f7f45c05e3c1b5048f8275e
ex_bbc.c
Posted Nov 25, 1999
Authored by Unyun, shadowpenguin | Site shadowpenguin.backsection.net

ex_bbc.c exploits a bounds checking error in /usr/jp/bin/mh/bbc which was distributed with the mh-6.8.3 package. Local root compromise.

tags | exploit, local, root
systems | unix
MD5 | a5b2d66a75247c7d8c9cb5c5bceb2ce4
ex_kcms_configure86.c
Posted Nov 25, 1999
Authored by Unyun, shadowpenguin | Site shadowpenguin.backsection.net

kcms_configure has a overflow bug with "-P" option and it has been reported(107339-01). But this program has another hole. This hole has not been not reported, and the paches are not published at this time. kcms_configure overflows if long string is specified in NETPATH environment, and it is exploitable. I have included an exploit for Solaris7 intel edition to obtain root privilege.

tags | exploit, overflow, root
systems | unix
MD5 | 96891067efbb4ca666ca294943ae33b0
ex_kcms_configuresp.c
Posted Nov 25, 1999
Authored by Unyun, shadowpenguin | Site shadowpenguin.backsection.net

The vulnerability in kcms_configure also exists in Solaris 2.6 and 2.7 sparc edition. Exploit included.

tags | exploit
systems | unix, solaris
MD5 | e2e854ae8bed8bd41d390b8b8c6423e1
ex_mailtool.c
Posted Nov 25, 1999
Authored by Unyun, shadowpenguin | Site shadowpenguin.backsection.net

The mailer programs (mailtool and dtmail) and mail message print filter (dtmailpr) which are installed on Solaris7 have exploitable buffer overflow bugs. These programs are sgid (mail group) programs, local user can obtain mail group. The mail files are generated with 660 permission, so any user can read/write other user's mail files. I coded the exploits to get mail gid(egid=6). There are for Intel Solaris7. There are same kind of problems on Sparc Solaris7 and Solaris2.6 (Intel,Sparc).

tags | exploit, overflow, local
systems | unix
MD5 | 68399227ff709fd06cd83d967dcf842a
ex_admintool.c
Posted Nov 5, 1999
Authored by shadowpenguin

Admintool local root exploit for Solaris2.6/7 Sparc machines.

tags | exploit, local, root
systems | unix
MD5 | 68f7d2c4497e4f6766f8db1c517c1ac3
ex_canuum.c
Posted Nov 5, 1999
Authored by shadowpenguin

Local root exploit code for buffer overflow in canuum for Japanese Linux.

tags | exploit, overflow, local, root
systems | linux, unix
MD5 | 08d584cfaedebba6322e15ff0bc6ae6e
ex_libc.c
Posted Nov 5, 1999
Authored by shadowpenguin

Exploit code for Solaris 2.6, 2.7 (sparc) libc/LC_MESSAGES buffer overflow that results in root compromise.

tags | exploit, overflow, root
systems | unix, solaris
MD5 | e1ab7379ca0d6ddacf82ca872b94caa4
ex_sdtcm_convert.c
Posted Nov 5, 1999
Authored by shadowpenguin

Local root exploit for buffer overflow condition in sdtcm_convert, for Solaris Sparc machines.

tags | exploit, overflow, local, root
systems | unix, solaris
MD5 | 87ad1fbf6788465fdf86d444b37bf205
ex_sdtcm_convert86.c
Posted Nov 5, 1999
Authored by shadowpenguin

Local root exploit for buffer overflow condition in sdtcm_convert, for Solaris x86 machines.

tags | exploit, overflow, x86, local, root
systems | unix, solaris
MD5 | d955ef3f946bcdff24e790deb5daf06a
ex_uum.c
Posted Nov 5, 1999
Authored by shadowpenguin

Local root exploit code for buffer overflow in uum for Japanese Linux.

tags | exploit, overflow, local, root
systems | linux, unix
MD5 | 863a7d14785073101a7d49dd62001678
Page 1 of 1
Back1Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
NYPD Cops Need A Warrant To Snoop On Your Phone
Posted Nov 17, 2017

tags | headline, government, privacy, usa, phone
Oracle Scrambles To Fix Security Flaws In Tuxedo
Posted Nov 17, 2017

tags | headline, database, flaw, oracle
Github To Devs: Now You'll Get Security Alerts On Flaws In Popular Software Libraries
Posted Nov 17, 2017

tags | headline, flaw
Keystone Pipeline Leaked 210,000 Gallons Of Oil In South Dakota
Posted Nov 17, 2017

tags | headline, flaw
Cash Converters Reveals Data Breach
Posted Nov 16, 2017

tags | headline, hacker, cybercrime, data loss, fraud, identity theft
Kaspersky Defends Its Role In NSA Breach
Posted Nov 16, 2017

tags | headline, government, malware, usa, russia, data loss, spyware, nsa
McAfee Anti-Hacking Service Exposed Users To Banking Malware
Posted Nov 16, 2017

tags | headline, malware, bank, cybercrime, fraud, flaw, identity theft, mcafee
DJI Bug Bounty NDA Is 'Not Signable', Say Irate Infosec Researchers
Posted Nov 16, 2017

tags | headline, hacker, flaw
Government Just Figures Out You Can Hack Planes Remotely Due To Poor Design
Posted Nov 15, 2017

tags | headline, government, usa, flaw, terror
UK Security Chief Blames Russia For Hacks
Posted Nov 15, 2017

tags | headline, hacker, government, britain, russia, cyberwar
View More News →
packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close