.:[packet storm]:. ArchivesForums
 

 
 
about | forums | assessment | defense | papers | magazines | miscellaneous | links


To change sort order, click on the category. Sorted By: Last Modified.
.: 0206-exploits
File Name File Size Last Modified MD5 Checksum
sshd.sh1388Dec 20 2002 00:00:316c609dea6804fb1f7818c3bca55210e1
Ssh client local root exploit which sets LD_PRELOAD and attempts to run /tmp/setuid. Works against old ssh clients. By Cow Dog
xwall.s10754Jul 8 2002 00:02:09efe4b59a4e682263de3745081e7014de
Remote root exploit for Solaris Sparc 6-8 rpc.walld.  Homepage: http://www.bugtraq.org. By Gobbles Security
fuck.txt9035Jul 7 2002 23:57:3391fcaace681970dd3e84f036d14d35b7
Microsoft IIS 4/5.0 remote .ida exploit. Spawns a shell on port 8008. By Nebunu
badexploit.txt9228Jul 6 2002 01:35:246611358811ea30b87156497f8bca824e
Badblue webserver v1.5 for Windows remote directory traversal exploit.  Homepage: http://www.0x4553.org. By Iceburg
0206-exploits.tgz3629269Jul 2 2002 23:54:18b6025a148ccd27c70a57000c9c72f1a0
Packet Storm new exploits for June, 2002.
telozarzo.c2561Jun 27 2002 20:48:032bb0c9af0cee81710e46b6a2bfd45d5b
Telindus router 10xx and 11xx remote exploit. By Rubik
unreal-dos.txt3414Jun 25 2002 00:09:38995373cf5c62984b0c855eb4406cfd7a
Unreal IRCD v3.1.1 to 3.1.3 denial of service exploit.  Homepage: http://www.madskill.tk. By Skyrim
apache-dos.pl873Jun 24 2002 23:42:027f97a4ab79dbd46a1bbd26947c827758
Perl portable Apache remote DoS v1.3.24/2.0.38 and below based on the recent flaw in chunked encoding. Causes a segmentation fault, does not rely on nc.  Homepage: http://www.sourceforge.net/projects/sfirewall. By Luis Wong
irx_xfsmd.c3576Jun 24 2002 22:29:25d9769aaa8cde1ae5a06b623eb7261b44
IRIX xfsmd remote root exploit. Tested against Irix v6.2, 6.3, 6.4, 6.5, and 6.5.16.  Homepage: http://lsd-pl.net/.
apache-nosejob.zip359107Jun 23 2002 00:31:528865867e7684f7440f83afd36c7140a8
Third party Cygwin port of apache-nosejob.c, an Apache v1.3.24 remote exploit for FreeBSD, NetBSD, and OpenBSD. Includes targets for FreeBSD 4.5, OpenBSD 3.0 / 3.1, NetBSD 1.5.2, and brute force mode for several versions. Attack is usually not logged unless server is patched. Exploit by GOBBLES Security
DDK-IIS.c17511Jun 22 2002 22:37:2503a1c65a246a327cf828b36ff5768131
Microsoft IIS 4(NT4) and - IIS 5(Windows 2k) .asp buffer overflow exploit. Includes targets for IIS5 Chinese SP0, SP1, and SP2 and English SP2. Binds a shell to port 7788. Includes brute force mode. By Nemes||y
apache-nosejob.c25073Jun 22 2002 22:26:3192c7901b54614a0c41949143dbfe95e2
Apache v1.3.24 remote exploit for FreeBSD, NetBSD, and OpenBSD. Includes targets for FreeBSD 4.5, OpenBSD 3.0 / 3.1, NetBSD 1.5.2, and brute force mode for several versions. Attack is usually not logged unless server is patched.  Homepage: http://www.bugtraq.org. By GOBBLES Security
apache-smash.sh.gz675Jun 22 2002 21:06:010c49030760a07bfb7af836948809ac8e
Portable Apache remote DoS v1.3.24/2.0.38 and below based on the recent flaw in chunked encoding. Causes a segmentation fault. By Pavel Georgiev
apache-scalp.c10811Jun 20 2002 01:21:53af9127271cb03ea089da73f17ce3e16a
Openbsd/x86 Apache remote exploit for the chunking vulnerability. Spawns a shell. Tested on OpenBSD 3.0 and 3.1 running Apache v1.3.20, 1.3.22, 1.3.23, and 1.3.24. Brute force mode can exploit other versions without targets, including some OpenBSD 2.8 versions.  Homepage: http://www.bugtraq.org. By GOBBLES Security
apachefun.tar.gz4136Jun 20 2002 01:13:13c8455b4e2474d49bb0701db97c11921c
Apachefun is Spike script which exploits the new apache chunked data vulnerability. Tested on Apache-AdvancedExtranetServer/1.3.23. Causes a segmentation fault.  Homepage: http://www.immunitysec.com/spike.html. By Dave Aitel
vpnKILLient.c2224Jun 20 2002 00:57:2456d428dd63d990c68cef1a0836c1a617
Cisco VPN client v3.5.1rel-k9 (Linux version) buffer overflow exploit which spawns a root shell.  Homepage: http://sec.angrypacket.com.
tracesex.pl2940Jun 19 2002 00:05:44d3dae3563121908abae9ad79bfa3ec76
TrACESroute v6.0 gold local format string exploit exploit. Tested on Red Hat Linux release 7.2 (Enigma).  Homepage: http://www.snosoft.com. By Stringz
icx2.c7655Jun 18 2002 23:47:43799379731622113ad8524afa48eb31c5
Icecast v1.3.11 and below remote root exploit for linux/x86. Binds a shell to port 30464. Tested against SuSE 7.2, Debian 2.2r2, and Slackware 8.0. Changes: Fixes some issues with the child friendliness of the original exploit. By Diz
magiccard_vuln.txt397Jun 14 2002 21:24:4039a93c552c90538718d1332d440ad5dd
Magiccard.cgi has a directory traversal bug in the page variable that allows any file on the system to be read. By Cult
morpheus.tar.gz355068Jun 12 2002 19:59:068d39fac6a150aae668e57f79e80d7722
Morpheus request share files denial of service exploit. Ported to Cygwin by Luigi Grandini  Homepage: http://qb0x.net. By Gabriel A. Maggiotti
execiis.tar.gz354709Jun 12 2002 19:58:38ca96cce18a54e7e143b579e8a7eb55a5
Execiis.c is a remote exploit for Bugtraq ID 2708 - Microsoft IIS CGI filename decode error. Ported to Cygwin by Luigi Grandini  Homepage: http://vorlon.hexyn.be. By Filip Maertens
rdC-cfingerd.tar.gz358878Jun 12 2002 19:58:1123762973b7772e35719966e9970c20f2
Cfingerd prior to v1.4.3 remote root exploit for linux/x86. Exploits a format string vulnerability in the syslog() call. Ported to Cygwin by Luigi Grandini  Homepage: http://www.rdcrew.com.ar. By Venomous
jvm-1.3.crash.txt624Jun 9 2002 23:32:47f832602e94c83b1f5af593fb621d4f03
This simple java program crashes the VM (at least 1.3.1-b24) on W2K, and is another example of Java-Frontier Bugs. By Marc Schoenefeld
count.tar.gz356579Jun 7 2002 19:08:22e86dd6bdfc704307c388cb25dac3e3c0
Linux/x86 remote exploit for Count.cgi. Ported to Cygwin by Luigi Grandini
pm-exploit.tar.gz354764Jun 7 2002 19:07:16f939b2b08eb1b8e165dc9fba69ef3a39
Plusmail remote exploit - plusmail fails to check authenticity before creating new accounts.  Homepage: http://www.synnergy.net. By Headflux Ported by Luigi Grandini
ciscokill.c4903Jun 7 2002 18:51:424d95762743f8eccb7ad4e8c4ba9b5002
Ciscokill.c sends a spoofed snmpv1 get request which causes reboots on Cisco 2600 routers with 12.0(10).  Homepage: http://dskull.tzone.it. By Kundera
mayday.tar.gz358223Jun 5 2002 09:41:208dd88f8bfe507cd651603e44fcf63950
mayday.c ported to Windows with Cygwin by Luigi Grandini - SHOUTcast v1.8.9 remote linux/x86 exploit. Included shellcode binds to port 10000. Advisory available here.  Homepage: http://www.netric.org. By eSDee
mayday-linux.c6150Jun 4 2002 20:36:460ff0df71b5284d179774cda01650a4e1
mayday.c - SHOUTcast v1.8.9 remote linux/x86 exploit. Included shellcode binds to port 10000. Advisory available here.  Homepage: http://www.netric.org. By eSDee
servletexeccrash.c2628Jun 3 2002 23:59:325ec336e63788dfa7779e9756557c3177
NewAtlanta ServletExec ISAPI 4.1 remote denial of service exploit.  Homepage: http://www.digital-root.com. By Jonas Blowfish
concept.tar.gz354310Jun 3 2002 22:42:522f07d88eacf96e05226ff57947dfda32
PHP v4.1.1 and 4.0.4 remote exploits ported to windows w/ Cygwin.  Homepage: http://www.sefin.it. By Luigi Grandini
epop.tar.gz354210Jun 3 2002 22:41:48f3de1736dcce61fd7a9d9d6ca09f04e8
This exploit hangs WiredRed e/pop v2.0.3, probably works on all 2.x versions. Ported to Windows w/ Cygwin. By Cult
d7-sqlexec-7.25.tgz30720Jun 3 2002 22:19:16a69b26eba2667be216e4d24c307a0f30
IBM x86 Informix SE-7.25 sqlexec local root exploit in perl. Overflows the INFORMIXDIR environment variable passed to the sqlexec binary.  Homepage: http://www.divisi0n7.org. By Phrail
mnews-1.22.pl1490Jun 3 2002 21:46:18af0bb3ff22ad5e1a333a167f65b448d8
Mnews v1.22 remote FreeBSD buffer overflow exploit. Included shellcode prints a message to stdout.  Homepage: http://www.safemode.org.  By Zillion
d7-ibm-x.c4376Jun 2 2002 23:10:47da2d8d7252cd7f717094f2dbefcf00a7
IBM x86 Informix SE-7.25 sqlexec local root exploit. Overflows the INFORMIXDIR environment variable passed to the sqlexec binary. Offsets for Redhat 7.0 and Mandrake 8.2 included. By Smurfy
ymxp.txt1854Jun 2 2002 23:07:046b034bb903cb803663c8e22ba5942b5b
Yahoo! Messenger v5,0,0,1061 buffer overflow exploit for Windows XP Pro. Shellcode spawns cmd.exe. Fix available here.  Homepage: http://www.scan-associates.net/. By SK
xandros-autorun.txt1570Jun 2 2002 21:03:00fab8f5982631c3c04d4ef252fb0b7b3d
A vulnerability in the Xandros Linux autorun utility can be used to disclose parts of protected files such as /etc/shadow.  Homepage: http://www.snosoft.com.  By dotslash[at]snosoft.com

 
 
Privacy Statement