monop local exploit that achieves privilege escalation to the second player's uid.
cf992dfea23b0560132cbee0d12b1b8ce15c6fc35a58e26d678e31f2cf9e5077Helix Universal Server aka Real Server versions 7, 8, and 9 remote root exploit for both Windows and Linux. Google flags this as malware so only use this if you know what you are doing. The password to unarchive this zip is the word "infected".
15c91505e6cbf8608eb58beff61b02cf4d5a2601de86f3c901a8f1d588027c3aLKL is a userspace keylogger that runs under linux x86/arch. LKL logs everything which passes through the hardware keyboard port (0x60). Keycode to ASCII translation is supported.
044171738ef8d204530208c5e41d2ef4908d2386129b3558059e68eea2648923SGI Security Advisory 20030803-01-P - A vulnerability has been reported by sendmail.org that the 8.12.8 and earlier releases shipped with a potential problem in DNS mapping that could lead to a remote denial or service or root compromise. Relatedd CVE Number: CVE-2003-0688.
f599f483c03b2a7dbaa048e9abd60ad17327c2a14fc6add6523e23542a45abb1Helix Universal Server 9 and earlier versions (RealSystem Server 8, 7 and RealServer G2) are vulnerable to a root exploit when certain types of character strings appear in large numbers within URLs destined for the Server's protocol parsers.
2dbb8dceb018ef54a3e9f64fe191da489067b6b3aa66be81d8e731a9d1ec9d48Secure Network Operations, Inc. Advisory SRT2003-08-22-104 - widz, the 802.11 wireless IDS system version 1.5 and below, makes use of untrusted input with a system call. If this utility were to be used in a production environment with any non-root users on the system, they would be able to easily escalate their privileges to root.
0a5bd8db53063144a11c8d343d4ad593cd07df746dc5dac63023d1b8f5b20b2beEye Advisory - There is a flaw in Microsoft's primary contribution to HTML, the Object tag, which is used to embed almost all ActiveX into HTML pages. The parameter that specifies the remote location of data for objects is not checked to validate the nature of the file being loaded, and therefore trojan executables may be run from within a web page as silently and as easily as Internet Explorer parses image files or any other safe HTML content. Version affected: Microsoft Internet Explorer 5.01, 5.5, 6.0, and 6.0 for Windows Server 2003.
dd79f9814eb5b13d2de07d11deb7d6f23493a7bf6e0bf540ffc5293f0568e45cLocal exploit for ViRobot 2.0 that works against the FreeBSD edition. Tested against FreeBSD 4.8.
41059e552df59b7c97ce59335d8a8059d66eb278653f384fb513f884278d70fdSecure Network Operations, Inc. Advisory SRT2003-08-11-072 - ViRobot 2.0, the Linux-based antivirus solution, has multitudes of suids that are vulnerable to abuse.
b0f7f0118ddf986cbff764a044a771d9d65a93d009a0b5c98382c9be43058a9bKfence version 1.2 provides kernel protection against basic exploitation techniques, including stack and heap overflows and format string exploits, by patching /dev/kmem and redirecting system_call to test if the eip of the caller is in the wrong memory region.
86b7ef83422d92d95d9b4292f22b474924bcfbca4cce50f51c33a6f418dbed1cCryptcat is an encrypted version of netcat. It uses AES encryption and a static key to encrypt all transactions. Previous versions had a flaw in which not all network traffic was encrypted so this is the patched version. Many thanks to Eric Sheesley for fixing this utility since the last version is no longer supported.
07d72ba5e5a5601b5d6b9d6c4dbf7a4339f25974ccdc61d11f6d4b78f2c489bdRemote administration kernel module designed for the 2.4 series. It replaces system calls by inserting a push ret at the beginning of system_call, making the program jump to specified code. It provides a remote terminal backdoor through SYS_read hooking which means you can enter the box through any open tcp port. The connection is XOR encrypted and the module hides ports and pids. It also hides itself from vmalloc structure scanning and lsmod. Tested on Redhat 7.2 and 8.0. Currently lacks SMP support and is not considered stable so please exercise caution when utilizing this.
6b9d7bae3d68b1249acacb7222865ed7c41cc99ea8d9bdfa1e45104e265d2741Further information and research in regards to the InterSystems Cache vulnerabilities discussed here. Two new vulnerabilities have been discovered and exploits are included.
728fbb24e98602c5fe921cab33d49eb861a834a80b0d955bc059096191267f54This utility makes use of google.com to figure out what domains are running vulnerable PHP servers. Instructions are written in French.
b3f19d886ee5ea1afc45226f178523ffac8207bfec016dd3e0b692e675b132efA Perl script that enumerates DNS information from a domain, attempts zone transfers, performs a brute force dictionary style attack, and then performs reverse look-ups on the results.
f4978177d240a78a9f740f6802aff5a4a303543634e143d074128e57b587ef0dBanner scanning utility that generates random IP addresses, can search for specified strings, and has a default list of ports to scan if not given a list. Works extremely streamlined as it spawns sixteen children processes.
a29ff2cdc75b2c2460cc3322135bcc6d64cc8afd02c881149655284e653d8275White paper discussing methodologies for accessing internal networks using HTTP tunneling and tricking end users.
8dce9784b0590af718a606fd4452e9c8d12319c1f0f6545582ff6576e80b13f2
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed