exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 20 of 20 RSS Feed

Files Date: 2003-08-10 to 2003-08-11

objobf-0.5.0.tar.bz2
Posted Aug 10, 2003
Authored by teso, scut | Site team-teso.net

objobf is an obfuscater for x86/Linux ELF relocatable object files (.o files) that can produce fancy graphs to visualize function structures. Released at CCCAMP 2k3.

tags | x86
systems | linux
SHA-256 | 3afd6cb33f2bc2f444e4ae31ac730f84c53f71705207242063224711f8832449
asg.c
Posted Aug 10, 2003
Authored by R[]l4nD

Advanced Shellcode Generator 1.1-1. - Very compact and simple to use. All notation written in Italian.

tags | shellcode
SHA-256 | d4c742228d707e23668817a999341be91f460d02ae77919fd026d785294d6c77
Atstake Security Advisory 03-08-07.2
Posted Aug 10, 2003
Authored by David Goldsmith, Atstake | Site atstake.com

Atstake Security Advisory A080703-2 - tcpflow, the network monitoring tool that records TCP sessions in an easy to use and view manner, contains a format string vulnerability that is typically unexploitable.

tags | advisory, tcp
SHA-256 | b4f0c4f5a717ad038f3eb39e9c687e11d5766b61d2e3b9b83c77992f43bb0bcf
Atstake Security Advisory 03-08-07.1
Posted Aug 10, 2003
Authored by David Goldsmith, Atstake | Site atstake.com

Atstake Security Advisory A080703-1 - Both IPNetSentryX and IPNetMonitorX come with three helper tools that each have security issues associated with them. The first two tools: RunTCPDump and RunTCPFlow allow arbitrary users to monitor the network without requiring any form of authentication or privilege. The third tool, tcpflow (executed by RunTCPFlow), contains a format string vulnerability, allowing arbitrary commands to be run as the user calling the program. Since RunTCPFlow is setuid root and will pass arguments to tcpflow, we can execute arbitrary commands as root.

tags | advisory, arbitrary, root
SHA-256 | e9e60f02bd40ae6f22a3de8966d31b5d80e4df271203a7ad9f1e8286a57adf29
lotus.txt
Posted Aug 10, 2003
Authored by mycelium

Normal Lotus SameTime login credential encryption with 1.5 and 3.0 Windows clients use RC2 to encrypt the password, and even sends the key along with the login packet allowing an attacker to decrypt the credentials and steal a user's IM identity.

tags | advisory
systems | windows
SHA-256 | ad64a9fe4bbbde50b0d5f0cba5697b9b0bcecf4a3a60751b3d67d01c9cd0fa10
ciscodos.pl
Posted Aug 10, 2003
Authored by deadbeat

Remote denial of service exploit for the Cisco CSS 11000 Series.

tags | exploit, remote, denial of service
systems | cisco
SHA-256 | c5ef0113e39d3c73ba4df7113af56372b1444b5439d9cdf3ae4f662aee1524da
s21sec-025-en.txt
Posted Aug 10, 2003
Authored by Eduardo Cruz, Emilin Garcia, Jordi Andre | Site s21sec.com

The Cisco CSS 11000 Series is vulnerable to a denial of service when there is a heavy storm of TCP SYN packets directed to the circuit address. It may also cause a high CPU load or sudden reboots.

tags | advisory, denial of service, tcp
systems | cisco
SHA-256 | f428cbfd82405bf502ceb2aa293ef7892c0d9d5b82c9b6b3f2bc160a5ec34590
zonealarmDriver2.txt
Posted Aug 10, 2003
Authored by Corey Bridges | Site zonelabs.com

Response from Corey Bridges of ZoneAlarm in regards to the vulnerability originally discovered by Lord YuP in their device driver VSDATANT and the exploit that is circulating for it.

tags | advisory
SHA-256 | 4512058aba60fcf0849c6965870ff987198adc999b4c1041329bc6c2fa605f69
wam1040.txt
Posted Aug 10, 2003
Authored by Peter Winter-Smith

WAM! FTP Server version 1.0.4.0 for Windows is susceptible to a directory traversal that allows a remote attacker to break out of the restricted root and download any file on the system.

tags | exploit, remote, root
systems | windows
SHA-256 | 2e6731198e30d3571d5619bf3047d785bb7909b2bc3946b3f18ad6bc1e61d654
airsnarf-0.2-Zaurus.tar.gz
Posted Aug 10, 2003
Authored by The Shmoo Group | Site airsnarf.shmoo.com

A Zaurus PDA version of Airsnarf, the rogue wireless access point setup utility designed to demonstrate how a rogue AP can steal usernames and passwords from public wireless hotspots. Designed to run on OpenZaurus 3.2.

tags | tool, wireless
SHA-256 | 5dfbdaa02876bca750e1401d6f4e11532113a459d20f1064faa923f93a8683ab
airsnarf-0.2.tar.gz
Posted Aug 10, 2003
Authored by The Shmoo Group | Site airsnarf.shmoo.com

Airsnarf is a simple, rogue wireless access point setup utility designed to demonstrate how a rogue AP can steal usernames and passwords from public wireless hotspots. Airsnarf was developed and released to demonstrate an inherent vulnerability of public 802.11b hotspots: snarfing usernames and passwords by confusing users with DNS and HTTP redirects from a competing AP.

tags | tool, web, wireless
SHA-256 | 8774437be771fac3538896a3028b363aa6352973bef24564a5ec915079094874
Kfence.c
Posted Aug 10, 2003
Authored by ins1der

Kfence provides kernel protection against basic exploitation techniques, including stack and heap overflows and format string exploits, by patching /dev/kmem and redirecting system_call to test if the eip of the caller is in the wrong memory region. Tested on Linux kernels 2.4.18-14 and 2.4.7-10.

tags | overflow, kernel
systems | linux
SHA-256 | 4882a25fff4d193104f36ac6ccd74b5873f768ed53c3edac2856689c60eaf87d
meteordos.pl
Posted Aug 10, 2003
Authored by Zerash | Site evicted.org

Meteor FTP server version 1.5 remote exploit that causes a denial of service when large amounts of data are fed to the USER directive.

tags | exploit, remote, denial of service
SHA-256 | 299a2dc142ced8f9ce1a0c1919e8e67e0ee89dc256aa83c9e56352763ff3d9e0
mftpadvisory.txt
Posted Aug 10, 2003
Authored by Zerash | Site evicted.org

Meteor FTP server version 1.5 is vulnerable to a remote denial of service when large amounts of data are fed to the USER directive.

tags | advisory, remote, denial of service
SHA-256 | b4cfe181724c3b90ba0d60d8c3bf0e202529e26d7c55a47cade63e2e544e570c
exitwound.tgz
Posted Aug 10, 2003
Authored by salvia twist | Site hack.batcave.net

exitwound is a ptrace shared library redirection backdoor that is based on the technique described in Phrack 59-8. It attempts to redirect certain string handling routines commonly used in Internet services to trapdoored functions which yield a connect back shell on a specifically constructed passphrase. The benefits of this lie in the fact that no extra malicious processes or listening ports are needed, avoiding crude forms of forensic analysis.

tags | shell
systems | linux
SHA-256 | 1fb78b1c33c0f156067d5cf7ef5bba6b8cf5f205cfc830717cbddb3db6de3b95
amap-4.2.tar.gz
Posted Aug 10, 2003
Authored by van Hauser, thc, DJ Revmoon | Site thc.org

Application Mapper is a next-generation scanning tool that allows you to identify the applications that are running on a specific port. It does this by connecting to the port(s) and sending trigger packets. These trigger packets will typically be an application protocol handshake (i.e. SSL). Amap then looks up the response in a list and prints out any match it finds. Adding new response identifications can be done just by adding them to an easy-to-read text file. With amap, you will be able to identify that SSL server running on port 3445 and some oracle listener on port 233!

Changes: Various bug fixes, added 28 new response ids and triggers, and more.
tags | tool, protocol
SHA-256 | a2826954e3dafa6ed8b2e3866603be894a0363d4ef2157de174bb9e5e407d089
grenzgaenger-alpha.tar.gz
Posted Aug 10, 2003
Authored by thc | Site thc.org

Grenzgaenger is a SOCKS-like hacker tool for tunneling nmap, netcat and exploits transparently through systems into protected networks.

SHA-256 | 7b46223b2239a585a065db7456ef97a3a6f6b8c152023b6ac785b4990ad42954
vmap-0.6.tar.gz
Posted Aug 10, 2003
Authored by van Hauser, thc, Whyking | Site thc.org

Version mapper 0.5.2 is a utility for fingerprinting services by checking features and replies of bogus commands being fed to the daemon. Currently supports FTP, SMTP, POP3, IMAP, and HTTP.

tags | web, imap
SHA-256 | 315d3d9e5cf65be910fc47d159fe64a09effc31240e987426e119ac6e5524275
iosniff.tgz
Posted Aug 10, 2003
Authored by FX | Site phenoelit.de

Cisco Systems IOS 11.x UDP echo memory leak remote sniffer. The UDP echo service (UDP port 7) has to be enabled on the device. The bug will cause the Cisco router to send about 20 kilobytes of data from the interface buffer pools containing packets in the send/recv/forward queues. This tool will identify IOS memory blocks, find the router specific offset for packets in the block and decode the packet to the screen. Note that this is not a full dump of the traffic through the remote router but rather a subset of received data. Features include a packet checksum cache to prevent repeated output of the same packet, auto identification of packets and buffer offsets, and IPv4 decoding.

tags | remote, udp, memory leak
systems | cisco
SHA-256 | 88c96f5f35ee8e8f230938a70d6e512ac19d921be8f468c01cdb28507adc9a83
CiscoCasumEst.tgz
Posted Aug 10, 2003
Authored by FX | Site phenoelit.de

Cisco IOS 12.x/11.x remote exploit for the HTTP integer overflow using a malformed HTTP GET request and two gigabytes of data.

tags | exploit, remote, web, overflow
systems | cisco
SHA-256 | 7f4a101d2a92a428372a4b1a01844cc8f4d4614537c428b116c224be6b8b346c
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    0 Files
  • 12
    Nov 12th
    0 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close