what you don't know can hurt you
Showing 1 - 25 of 27 RSS Feed

Favorites from josh

All Favorites

Whitepaper called Linux Exploit Development Part 2 (rev 2) - Real app demo. It demonstrates the techniques discussed in part two of the Linux Exploit Writing Tutorial Part 2.

2011-04-12 23:00:30 UTC | Permalink

This whitepaper is the Linux Exploit Writing Tutorial Part 3 - ret2libc.

2011-04-12 22:56:54 UTC | Permalink

An ICMPv6 router announcement flooding denial of service vulnerability affects multiple systems including Cisco, Juniper, Microsoft, and FreeBSD. Cisco has addressed the issue but Microsoft has decided to ignore it.

2011-04-06 16:29:18 UTC | Permalink

Google Hack DB Tool is a database tool with almost 8,000 entries. It allows administrators the ability to check their site for vulnerabilities based on data stored in Google.

2011-04-06 01:38:34 UTC | Permalink

Adobe Omniture suffers from a vulnerability where a malicious cookie can hijack secure connections to the domain by injecting malicious javascript into the page via the cookie.

2011-03-29 21:36:00 UTC | Permalink

This python script attempts to check a given domain for various subdomains.

2011-03-14 23:23:57 UTC | Permalink

A buffer overflow vulnerability in the caiaq USB drivers in Linux has been identified. These drivers are in the kernel tree and installed by default in most Linux distributions. This vulnerability could be exploited in order to execute arbitrary code by an attacker with physical access to the system.

2011-03-08 22:17:13 UTC | Permalink

Multiple SMTP implementations suffer from a plaintext injection vulnerability with STARTTLS.

2011-03-07 19:44:44 UTC | Permalink

Mandriva Linux Security Advisory 2011-024 - The MIT krb5 Key Distribution Center daemon is vulnerable to denial of service attacks from unauthenticated remote attackers.

2011-02-09 15:17:00 UTC | Permalink

Apache CouchDB versions 0.8.0 through 1.0.1 suffer from a cross site scripting vulnerability.

2011-01-31 12:12:12 UTC | Permalink

Whitepaper called Bypassing Browser Memory Protections.

2011-01-06 12:12:12 UTC | Permalink

This Linux kernel CAP_SYS_ADMIN exploit leverages a signedness error in the Phonet protocol. By specifying a negative protocol index, it crafts a series of fake structures in userspace and causes the incrementing of an arbitrary kernel address, which then gets leveraged to execute arbitrary kernel code.

2011-01-05 19:13:11 UTC | Permalink

THC-IPV6 is a toolkit that attacks the inherent protocol weaknesses of IPv6 and ICMP6 and it includes an easy to use packet factory library.

2010-12-28 16:33:33 UTC | Permalink

IBM Tivoli Storage Manager version 6.1 local root in DSMTCA GeneratePassword exploit.

2010-12-15 18:58:22 UTC | Permalink

USBsploit is a proof of concept that will generate Reverse TCP backdoors (x86, x64, all ports) and malicious LNK files. USBsploit works through Meterpreter sessions with a light (27MB) modified version of Metasploit. The interface is a mod of SET. The Meterscript script usbsploit.rb of the USBsploit Framework can otherwise be used with the original Metasploit Framework.

2010-12-14 17:11:10 UTC | Permalink

Whitepaper called AEG: Automatic Exploit Generation.

2010-12-13 19:11:11 UTC | Permalink

Anonip replaces all IP addresses in a text file with a seemingly random one in a intelligent way. It is intended to anonymize the sensitive IP data in a file so that this file can be distributed without exposing one to security or privacy risks.

2010-12-04 01:34:04 UTC | Permalink

Whitepaper called How To Create a Shellcode on ARM Architecture.

2010-12-02 05:55:20 UTC | Permalink

NoScript versions prior to suffer from a reflective cross site scripting vulnerability via SQL injection.

2010-11-27 19:04:20 UTC | Permalink

ImageShack Toolbar version remote code execution exploit.

2010-11-23 16:59:13 UTC | Permalink

Apple Safari versions 4.02 through 4.05 and Windows versions 5.0 through 5.0.2 suffer from cross-domain information leakage and temporary user tracking vulnerabilities.

2010-11-23 16:45:01 UTC | Permalink

Whitepaper called Oracle Penetration Testing Using the Metasploit Framework.

2010-11-02 03:15:32 UTC | Permalink
Page 1 of 2

Top Authors In Last 30 Days

packet storm

© 2020 Packet Storm. All rights reserved.

Security Services
Hosting By