Section:  .. / 0303-exploits  /

Page 1 of 2
<< 1 2 >> Files 1 - 25 of 40
Currently sorted by: Last ModifiedSort By: File Name, File Size

 ///  File Name: elfrape2.c
Description:
Proof of concept exploit that will patch an ELF binary to utilize the stack overflow in file 3.39 and below. If someone runs file against said binary, a suid shell is created as /tmp/.sh of that uid. New version works on both Linux and the BSDs .
File Size:4791
Last Modified:Jun 22 07:33:03 2004
MD5 Checksum:7d7f9c560785a0ae752cb43a175504ba

 ///  File Name: elfrape.c
Description:
Proof of concept exploit that will patch an ELF binary to utilize the stack overflow in file 3.39 and below. If someone runs file against said binary, a suid shell is created as /tmp/.sh of that uid.
File Size:9233
Last Modified:Jun 22 07:32:46 2004
MD5 Checksum:b1285b85abea7af08f5c4dc1bf2c4338

 ///  File Name: oC-zlib.c
Description:
Zlib gzprintf() proof-of-concept buffer overflow exploit.
Author:dcryptr
Homepage:http://crionized.net
File Size:1530
Last Modified:Nov 24 20:04:40 2003
MD5 Checksum:d5b1906d63b88374446744f7749febd4

 ///  File Name: xf42local.c
Description:
Local root exploit utilizing the overflow in XLOCALEDIR under XFree86 Version 4.2.x using xterm. Tested against Slackware 8.1 with kernel version 2.2.25.
Author:r3b00t
Homepage:http://r3b00t.tx.pl
File Size:1009
Last Modified:Nov 4 07:40:36 2003
MD5 Checksum:c6db6a549211c9f37b33706e6efd1435

 ///  File Name: 0303-exploits.tgz
Description:
Packet Storm new exploits for March, 2003.
File Size:631802
Last Modified:Sep 23 20:38:21 2003
MD5 Checksum:8de821018c3d03573538a1be238a2355

 ///  File Name: 0x333toper-local.c
Description:
Local exploit that yields gid of games for /usr/bin/toppler. Tested against RedHat 8.0.
Author:nic
Homepage:http://www.0x333.org
File Size:4039
Last Modified:Jul 18 03:27:33 2003
MD5 Checksum:3227eb42cffcb5a73535d8935e16bc6c

 ///  File Name: sphereexp.c
Description:
Exploit for the win32 Sphere Server .55i from the Ultima Online Server Emulator.
Author:sloth
Homepage:http://www.nopninjas.com
File Size:5221
Last Modified:Jul 6 21:48:53 2003
MD5 Checksum:e74b4d13c36b0b4a46576a1bf92939ff

 ///  File Name: axis1exp-13_3_0.c
Description:
Exploit for remote administrative access on the freeware Ultima Online server emulator from sphereserver.com. Tested against axissvr 0.13.3.0.
Author:sloth
Homepage:http://www.nopninjas.com
File Size:4093
Last Modified:Jul 6 21:47:07 2003
MD5 Checksum:a91fed4ea17cee3ec66f075169cff84e

 ///  File Name: rs_iis.c
Description:
Proof of concept exploit that will bind a cmd.exe shell on a given port utilizing the vulnerability in ntdll.dll described in ms03-007.
Author:RoMaNSoFt
Homepage:http://www.rs-labs.com/
File Size:20022
Last Modified:Apr 11 03:29:09 2003
MD5 Checksum:bde683df66587c96ac1fc655a0bcd706

 ///  File Name: rs_iis_xpl.pl
Description:
Rs_iis_xpl.pl is a remote exploit for rs_iis.c, a remote IIS exploit. Sets up a web server, and if rs_iis.c is used to attempt an exploit, a shell will be spawned on the attacking host. Tested against FreeBSD 4.7-RELEASE-p7.
Author:Knud Erik Højgaard
File Size:1570
Last Modified:Apr 1 09:52:06 2003
MD5 Checksum:666e7e0351c92f9cd0454a234f39b9e9

 ///  File Name: alexandria.txt
Description:
Alexandria versions 2.5 and 2.0, the open-source project management system used by Sourceforge, has multiple vulnerabilities in its PHP scripts. In the upload scripts there is a lack of input validation that allows an attacker to remotely retrieve any files off of the system, such as /etc/passwd. Other vulnerabilities including the sendmessage.php script allowing spammers to make use of it to mask real source identities and various cross site scripting problems exist as well.
Author:Ulf Harnhammar
Homepage:http://www.secunia.com/
File Size:6179
Last Modified:Mar 29 09:12:11 2003
MD5 Checksum:53ef53a2cf3fb8f1209246dfd6d1f124

 ///  File Name: core.gnome.txt
Description:
CORE Security Technologies Advisory - A vulnerability exists in GNOME's Eye of Gnome versions 2.2.0 and below that is locally exploitable. When EOG is used as a default image viewer, it takes in the image name as a command line argument and in turn can execute arbitrary commands with the privileges of the user attempting to view the image.
Homepage:http://www.coresecurity.com
File Size:5543
Last Modified:Mar 29 09:03:13 2003
MD5 Checksum:b683e87cc57b124ad78cf448c8ab8409

 ///  File Name: gespuis.c
Description:
Gespuis acts as an irc bouncer and exploits BitchX/Epic clients spawning a bindshell.
Author:eSDee
Homepage:http://www.netric.org
File Size:38855
Last Modified:Mar 29 06:21:14 2003
MD5 Checksum:3ca5ef2ff1acf701252d9a1695323968

 ///  File Name: SCSA012.txt
Description:
Security Corporation Security Advisory [SCSA-012]: The Sambar server default installation has a cgi-bin directory which contains executables that allow remote users to view information regarding the operating system and web server's directory. It also path disclosure and tons of cross site scripting vulnerabilities.
Author:Gregory Le Bras
Homepage:http://www.Security-Corp.org
File Size:6759
Last Modified:Mar 29 06:17:16 2003
MD5 Checksum:2c0035655e239bc15b151194d7f7a88d

 ///  File Name: sa2003-01.txt
Description:
NSFOCUS Security Advisory SA2003-01 - The NSFOCUS Security Team has found a buffer overflow vulnerability in Microsoft Windows XP Redirector that can be exploited locally and can allow attackers to crash the system or gain local system privilege by carefully crafted code.
Author:NSFOCUS Security Team
Homepage:http://www.nsfocus.com
File Size:3607
Last Modified:Mar 29 05:58:33 2003
MD5 Checksum:32f822ed02f74b915809f044498b5f9f

 ///  File Name: ftpd.pl
Description:
The CuteFTP 5.0 client is vulnerable to an overflow in the LIST response. This exploit spawns a fake FTP daemon that will take advantage of an inbound vulnerable client.
Author:snooq
Homepage:http://www.angelfire.com/linux/snooq/
File Size:2836
Last Modified:Mar 29 05:44:14 2003
MD5 Checksum:2ec2f7ed3b9660b30d8669fe95b5e839

 ///  File Name: wd.pl
Description:
Wd.pl is a remote IIS exploit in perl which exploits the bug in ntdll.dll described inms03-007. Tested on Windows 2000 Advanced Server SP3 - Korean language edition.
Author:JW Oh
Homepage:http://monkey.org/~mat/
File Size:20857
Last Modified:Mar 27 09:34:39 2003
MD5 Checksum:bc7a10f11c570c05c9270352b83bc6cb

 ///  File Name: wb.c
Description:
Ntdll.dll remote IIS exploit which exploits the bug described inms03-007. Attempts to spawn a remote shell.
Author:Kralor
Homepage:http://www.coromputer.net
File Size:9412
Last Modified:Mar 25 06:41:29 2003
MD5 Checksum:ad7e1825587e07dd7be6c3a99a53089b

 ///  File Name: outblaze.txt
Description:
Outblaze web based email is vulnerable to user cookie spoofing that will allow an attacker to retrieve a user's password.
Author:Xpl017Elz
File Size:8514
Last Modified:Mar 17 20:12:15 2003
MD5 Checksum:e5b6b1ace59084e8b7a607d370416569

 ///  File Name: kebi.txt
Description:
INetCop Security Advisory #2002-0x82-013 - The Kebi Academy 2001 Web Solution suffers from a basic directory traversal vulnerability which may allow remote attackers to execute code on the server.
Author:dong-houn yoU
File Size:2012
Last Modified:Mar 17 20:06:18 2003
MD5 Checksum:170b01b195b33ebb9f6ea136257d9c6b

 ///  File Name: 85pxe.c
Description:
Remote exploit for Intel's PXE (Pre-boot eXecution Environment) daemon on RedHat Linux 8.0.
Author:CrZ, LByte
Homepage:http://lbyte.void.ru
File Size:5696
Last Modified:Mar 17 07:35:29 2003
MD5 Checksum:2f512e5088c11ba8c64b2bfd733a7f06

 ///  File Name: hoagie_solarisldap.c
Description:
Local exploit for the SUNWlldap library buffer overflow vulnerability on Sun Solaris x86.
Author:Andi
File Size:4272
Last Modified:Mar 14 20:48:09 2003
MD5 Checksum:61e4ea12099a43481c81da63481e4cc7

 ///  File Name: OpenFuck.c
Description:
Remote exploit for Apache + OpenSSL v0.9.6d and below. This exploit is based upon the openssl-too-open exploit by Solar Eclipse and offers more than 130 targets including various flavors of Linux.
Author:Spabam
Homepage:http://spabam.tk
File Size:33244
Last Modified:Mar 14 17:41:29 2003
MD5 Checksum:b6a3b4dc6f8899a7d85a1f7318d8bce4

 ///  File Name: cpanel.pl
Description:
Remote CGI exploit written in Perl for Cpanel 5 Guestbook. Spawns a bash shell with the uid of the webserver.
Author:Spabam
Homepage:http://spabam.tk
File Size:3611
Last Modified:Mar 14 16:49:18 2003
MD5 Checksum:b74b98833c694b43c9004d61d7c35c97

 ///  File Name: USG-ipp.c
Description:
IS 5.0 / Windows 2000 mass scanner / rooter which spawns a shell from a vulnerable system back over to the machine from where the attack is launched.
Author:USG
Homepage:http://www.usg.org.uk
File Size:13553
Last Modified:Mar 13 04:05:22 2003
MD5 Checksum:f2661e8b34090be5c1ebafa036fe7f79