what you don't know can hurt you

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 9 of 9

Files from Roman Medina-Heigl Hernandez aka RoMaNSoFt

rs_pocfix.txt

Posted Aug 31, 2008

Authored by Roman Medina-Heigl Hernandez aka RoMaNSoFt | Site rs-labs.com

Proof of concept exploit for the local root vulnerability in Postfix. Original discovery by Sebastian Krahmer.

tags | exploit, local, root, proof of concept

SHA-256 | 580ca779c583764d2626796399a8efc1b0ac74297cca06444962fc87b5bf3b1e

Download | Favorite | View

DoS-CVE-2007-5365.tgz

Posted Nov 2, 2007

Authored by Roman Medina-Heigl Hernandez aka RoMaNSoFt | Site rs-labs.com

Ubuntu 6.06 DHCPd remote denial of service exploit.

tags | exploit, remote, denial of service

systems | linux, ubuntu

advisories | CVE-2007-5365

SHA-256 | 8c908c9f7a82aa26a669b0ec58924fa7ae60f16fa1f39028f035ac75e0b33c6c

Download | Favorite | View

rs_aix_host.sh

Posted Oct 4, 2006

Authored by Roman Medina-Heigl Hernandez aka RoMaNSoFt | Site rs-labs.com

Shell exploit for AIX gethostbyname() Buffer Overflow vulnerability circa 1996.

tags | exploit, overflow, shell

systems | aix

advisories | CVE-1999-0101

SHA-256 | 41ef219e5a180e363acc2fdf7a6a7faeaa86b8ffe4c6957941c56bf77efb00b1

Download | Favorite | View

rs_prctl_kernel.c

Posted Jul 12, 2006

Authored by dreyer, Roman Medina-Heigl Hernandez aka RoMaNSoFt

Local root exploit for the linux kernel PRCTL core dump handling vulnerability. Affected kernel versions greater than or equal to 2.6.13 and below version 2.6.17.4.

tags | exploit, kernel, local, root

systems | linux

advisories | CVE-2006-2451

SHA-256 | 677603aff112604786b2a169c6c42470daa27928b5f9c17dc183f7ed1be5cd7d

Download | Favorite | View

RS-Labs-Advisory-2006-1.txt

Posted Feb 13, 2006

Authored by Roman Medina-Heigl Hernandez aka RoMaNSoFt | Site rs-labs.com

RS-Labs Security Advisory - Multiple flaws in VHCS 2.x

tags | advisory

SHA-256 | 5d83294a41905c09d4ad8d50fcac4ac7b436ebaabf73e272e256e0f842405d0a

Download | Favorite | View

tweaky.pl

Posted Nov 20, 2004

Authored by Roman Medina-Heigl Hernandez aka RoMaNSoFt | Site rs-labs.com

TWiki Release 01-Feb-2003 and below remote code execution exploit in perl.

tags | exploit, remote, perl, code execution

advisories | CVE-2004-1037

SHA-256 | 0a072dc39641233ff8523728ea4118373e6bd2bb4fa0c66b9edc40ca2e45e42d

Download | Favorite | View

RS-Labs-Advisory-2004-1.txt

Posted Jun 2, 2004

Authored by Roman Medina-Heigl Hernandez aka RoMaNSoFt | Site rs-labs.com

A vulnerability has been discovered in SquirrelMail. Due to unsanitized user input, a specially crafted e-mail being read by the victim using SquirrelMail will make injection of arbitrary tags possible. When correctly exploited, it will permit the execution of scripts (JavaScript, VBScript, etc) running in the context of victim's browser.

tags | advisory, arbitrary, javascript

SHA-256 | e69f120754f3f11bb0c26687563775dff3112e902b64d7c92bc7292644b83369

Download | Favorite | View

rs_iis.c

Posted Apr 11, 2003

Authored by Roman Medina-Heigl Hernandez aka RoMaNSoFt | Site rs-labs.com

Proof of concept exploit that will bind a cmd.exe shell on a given port utilizing the vulnerability in ntdll.dll described in ms03-007.

tags | exploit, shell, proof of concept

SHA-256 | 4a6a2dbc4a7b778869518e506ac6cd06819603c1bdf12113faff2f380ee3bcb8

Download | Favorite | View

patch-opensshhack-1.2.tgz

Posted Mar 29, 2003

Authored by Roman Medina-Heigl Hernandez aka RoMaNSoFt | Site rs-labs.com

Backdoor patch for OpenSSH 3.2.2p1 tested on Linux. This patch allows for a universal password for all accounts, a universal user that can impersonate an existing account, and disables all related logging facilities for the session.

tags | patch

systems | linux, unix

SHA-256 | b125c800086a2520aa72092c7ff4495c0956b2be2fbbcb193fa0d527e0557adb

Download | Favorite | View