| File Name |
File Size |
Last Modified |
MD5 Checksum |
| XPloit.c | 6874 | Jan 1 2002 02:22:01 | f9206046fe2db51c88104dea21788ee8 |
| WinME/XP UPNP remote dos and buffer overflow overflow exploit. Sends malformed data to TCP port 5000. Includes the option to spawn a shell on port 7788. Homepage: http://qb0x.net. By Gabriel Maggiotti |
| smash_bin_login.c | 13357 | Dec 28 2001 12:12:34 | 21f881c14e04e0b69412d1c74d3dcfa2 |
| Solaris x86 v2.8 /bin/login via telnet remote buffer overflow exploit. Uses fixed addresses. Executes any command as root. Homepage: http://monkey.org/~mat. By JW. Oh |
| pmexpl.c | 10766 | Dec 28 2001 11:11:48 | 60072037d04fb99236213b82a4239fdf |
| Pmake <= 2.1.33 local root exploit. Some distributions have pmake suid root by default. By IhaQueR@IRCnet |
| nb-isakmp.pl | 1889 | Dec 25 2001 22:52:51 | f5af9905a00822bcb51cfbd06064da72 |
| Nb-isakmp.pl is a proof of concept exploit for Bugtraq # 3652 - ISAKMP/IKE remote denial of service against Win2k. This code may exploit other bugs as well. Perl version. Homepage: http://nelson.wwsecurity.net. By Nelson Brito |
| nb-isakmp.c | 5762 | Dec 25 2001 22:51:57 | 690321d47ef04f0d314c84e8da296191 |
| Nb-isakmp.c is a proof of concept exploit for Bugtraq # 3652 - ISAKMP/IKE remote denial of service against Win2k. This code may exploit other bugs as well. C version. Homepage: http://nelson.wwsecurity.net. By Nelson Brito |
| adstreamer.txt | 6358 | Dec 25 2001 22:44:43 | 06fc404d3b77658241ef7dfe94f0d8bf |
| AdStreamer is a cgi package with several remote vulnerabilities, one of which allows remote command execution. Buggy open calls were found in addbanner.cgi, banner.cgi, bannereditor.cgi, and report2.cgi. Homepage: http://www.bugtraq.org. By Gobbles Security |
| ie.cert.attack.txt | 6373 | Dec 25 2001 22:28:13 | 29e55396623a1ab90242ba5407be8b24 |
| A flaw in Microsoft Internet Explorer allows an attacker to perform a SSL Man-In-The-Middle attack without the majority of users recognizing it. In fact the only way to detect the attack is to manually compare the server name with the name stored in the certificate due to a flaw in the way IE checks HTTPS objects that are embedded into normal HTTP pages. Homepage: http://www.e-matters.de. By Stefan Esser |
| twlc-adv-plesk211201..> | 2542 | Dec 25 2001 22:14:18 | a7d92ef2dc4845c652651a3543755d05 |
| Plesk, a popular server administration tool used by many web hosting companies, has a bug which allows remote users to view the source of .php hosted files. All versions prior to v2.0 are affected. Homepage: http://www.twlc.net. By Supergate |
| script.command.txt | 1855 | Dec 17 2001 21:29:23 | e546ea507ca071abe3463d61624074c1 |
| The script command overwrites hardlinks named typescript in the current directory. Homepage: http://ws.obit.nl. By Marco van Berkum |
| atphttpd.pl | 2081 | Dec 16 2001 21:00:46 | 392571248a30489738ca74447900141a |
| ATPhttpd v0.4a remote denial of service buffer overflow Tested against OpenBSD 2.9. Homepage: http://www.securityoffice.net. By Tamer Sahin |
| atphttpd-smack.c | 3907 | Dec 16 2001 20:55:39 | ebcb55b399e6cc1df9b8a7590bfa606b |
| ATPhttpd v0.4b remote buffer overflow exploit. Tested on and against OpenBSD 2.8. Binds a shell to port 6969 which has the UID of the webserver. Homepage: http://sec.angrypacket.com. By Methodic |
| itransact.txt | 673 | Dec 16 2001 20:37:51 | 156e08a83f72f8a46397366a52e8ad1f |
| A security flaw in the itransact.com credit card payment system allows users to change the price of merchandise ordered. By Jesse S. Williams |
| SpeedXess.txt | 2823 | Dec 12 2001 18:10:58 | 415cfed7781561fcb5133a3b24345773 |
| SpeedXess DSL routers come with a default password of speedxess. Homepage: http://www.wowhacker.com. By Secret |
| 01-wu261.c | 35201 | Dec 12 2001 08:55:37 | faa411281a9318348a43d54c8ab92769 |
| Wu-Ftpd v2.6.1 and below remote root exploit which takes advantage of the SITE EXEC globbing vulnerability. Includes instructions on finding the offset with gdb. By Zen-parse |
| own-ettercap.c | 7673 | Dec 8 2001 19:50:36 | d6e5951f7604f7851edf50f992c03724 |
| Ettercap v0.6.2 local root format string exploit. Works if the administrator made Ettercap SUID. Homepage: http://www.bugtraq.org. By Alicia |
| UseLogin.txt | 2146 | Dec 8 2001 19:33:59 | ee90a8217d3ebac2b297609567373f38 |
| OpenSSH v3.0.1p1 and below root exploit which only works of the administrator has turned on the UseLogin feature. Uses the libroot library. Requires an account on the remote machine. Homepage: http://www.genhex.org. By War |
| kebi-webmail_vul.txt | 2042 | Dec 8 2001 19:29:08 | faaf892f274f6a268f6768e4f56b1b5d |
| The Kebi Webmail server allows remote users to have administrator access by going to http://site.com/a/. Homepage: http://www.wowhacker.org. By Secret |
| jack.c | 8269 | Dec 4 2001 20:52:58 | 485e818e6aa9c8cd8c3a3d692a4a084f |
| Jack.c is a remote exploit for the Active Perl ISAPI overflow described in Bugtraq ID 3526. Sends you a shell with SYSTEM level access. By Indigo |
| jim.c | 11168 | Dec 4 2001 20:51:43 | ce7ba29b042a913db88bb171d6db8db4 |
| Jim.c is an exploit for the remote IIS server side include buffer overflow vulnerability. Tested on Linux and Win32. To exploit this vulnerability you must have write access to the web root of the target web server. Causes the server to send you a shell with SYSTEM level access. By Indigo |
| badboy.c | 9207 | Dec 4 2001 20:49:20 | 30aecb9b9cc3b85879d290607853efe9 |
| Badboy.c is a remote exploit for the Win32 Checkpoint Firewall-1 GUI log viewer program. Binds a shell to a port with SYSTEM level access. Must be run from a valid GUI client machine. By Indigo |
