Section:  .. / 0209-exploits  /

Page 1 of 3
<< 1 2 3 >> Files 1 - 25 of 73
Currently sorted by: Last ModifiedSort By: File Name, File Size

 ///  File Name: teo-openssl-xpl.tgz
Description:
Teolupus OpenSSL Exploiter is an automated OpenSSL vulnerability scanner able to find, log and exploit a server "without human intervention". It is based on Nebunu apscan2 but has much more targets. Includes openfuckv2 and openssl-too-open both with more than 130 targets.
Author:Teolupus
File Size:146641
Last Modified:Oct 21 04:42:57 2003
MD5 Checksum:b05e333e5fa377ca6c476149ed50c8e9

 ///  File Name: SSL-scan.tar.gz
Description:
Apache + OpenSSL v0.9.6d and below exploit for FreeBSD. Tested on FreeBSD 4.4-STABLE, FreeBSD 4.4-RELEASE, FreeBSD 4.5-RELEASE, and FreeBSD 4.6-RELEASE-p1 with Apache-1.3.26 and Apache-1.3.19. Modified to brute force the offset from openssl-too-open.c. Includes scanners. WARNING: The binaries in this archive are infected with the ELF_GMON.A virus which sets up a backdoor on UDP port 3049. Updated by CrZ and Ech0. Notice: Previous versions of this .tar.gz (before 3-11-03) had several binaries infected with the linux.osf.8759 virus. This tar contains both cleaned and infected binaries, with the cleaned ones running by default.
File Size:167196
Last Modified:Mar 12 06:25:12 2003
MD5 Checksum:f210224fbf3fbc145f3e84ab7c844ed1

 ///  File Name: zyxbrut.c.orig
Description:
Unavailable.
File Size:2066
Last Modified:Dec 14 15:27:54 2002
MD5 Checksum:aa0507fb1ed8677a43d8e629ad4d5380

 ///  File Name: zyxbrut.c
Description:
Zyxbrut.c is a brute force program written for the ZyXel router telnet service.
Author:BetaFly Computer Team
File Size:2066
Last Modified:Dec 14 15:27:54 2002
MD5 Checksum:aa0507fb1ed8677a43d8e629ad4d5380

 ///  File Name: rootprobe.sh
Description:
Modprobe shell metacharacter expansion local root exploit for Red Hat 7.x and SuSE 7.x.
Author:Sebastian Krahmer
Homepage:http://www.team-teso.net
File Size:1599
Last Modified:Nov 30 21:33:45 2002
MD5 Checksum:28b219ae719f042d7c7ce6eac9ef28bd

 ///  File Name: mdklinuxconf.c
Description:
Mandrake 8.2 linuxconf local root exploit.
Author:Pokleyzz
File Size:1757
Last Modified:Nov 30 21:25:30 2002
MD5 Checksum:e617b71655e152bbee80aa2767e49ca1

 ///  File Name: scalpel.c
Description:
Local apache/PHP root exploit via libmm (apache-user -> root) temp race exploit. Spawns a root shell from the apache user.
Author:Sebastian Krahmer
Homepage:http://www.team-teso.net
File Size:7175
Last Modified:Nov 30 21:24:01 2002
MD5 Checksum:dcffeb448888592287ff24ca6be0c617

 ///  File Name: unishell.pl
Description:
Unicode IIS exploit in perl. Tries 20 ways.
Author:Pakk.
File Size:10904
Last Modified:Oct 22 08:58:42 2002
MD5 Checksum:b31f98e1ede92b439df11826c886cdd8

 ///  File Name: 0209-exploits.tgz
Description:
Packet Storm new exploits for September, 2002.
File Size:4528261
Last Modified:Oct 10 02:57:49 2002
MD5 Checksum:d61e47de2cd35e4a4c6debc4aecef9d2

 ///  File Name: idefense.smrsh.txt
Description:
DEFENSE Security Advisory 10.01.2002 - It is possible for an attacker to bypass the restrictions imposed by The Sendmail Consortium's Restricted Shell (SMRSH) and execute a binary of his choosing by inserting a special character sequence into his .forward file. Two attack methods both of which are detailed. Patch available here.
Author:David Endler, Zen-Parse, and Pedram Amini
Homepage:http://www.idefense.com
File Size:5421
Last Modified:Oct 2 08:17:32 2002
MD5 Checksum:6b1f79ee66a3ac3df14ff5df61ce1de7

 ///  File Name: gv-exploit.pdf
Description:
Buffer overflow exploit for gv v3.5.8 on linux which creates the file /tmp/itworked when gv opens the PDF. Some mail readers use GV to view pdf's. Tested on Red Hat 7.3.
Author:Zen-Parse
Homepage:http://www.idefense.com
File Size:1377
Last Modified:Oct 1 07:44:40 2002
MD5 Checksum:da9705f79a8782d078819470306ac5c0

 ///  File Name: openssl-bsd.c
Description:
Apache + OpenSSL v0.9.6d and below exploit for FreeBSD. Tested on FreeBSD 4.4-STABLE, FreeBSD 4.4-RELEASE, FreeBSD 4.5-RELEASE, and FreeBSD 4.6-RELEASE-p1 with Apache-1.3.26 and Apache-1.3.19. Modified to brute force the offset from openssl-too-open.c. Updated by CrZ, Ech0, and ysbadaddn.
File Size:29820
Last Modified:Sep 30 11:24:51 2002
MD5 Checksum:93c74bbed4fa5628590f8a08cc6a569d

 ///  File Name: apscan2.tgz
Description:
Apache OpenSSL v0.9.6d mass scanner. When a vulnerable server is found code is launched. Includes targets for Apache 1.3.6, 1.3.9, 1.3.12, 1.3.19, 1.3.20, 1.3.26, 1.3.23, and 1.3.14. Includes openssl-too-open binary.
Author:Nebunu
File Size:94609
Last Modified:Sep 30 08:37:40 2002
MD5 Checksum:f56c7c14685cd643a637f60e42497615

 ///  File Name: nslconf.c
Description:
Linuxconf v1.28r3 and below local exploit which uses the ptrace method to find the offset. Tested on Mandrake 8.0 and 8.2, and Redhat 7.2 and 7.3.
Author:Raise
Homepage:http://www.netsearch-ezine.com
File Size:3381
Last Modified:Sep 30 06:53:41 2002
MD5 Checksum:d7351358fc20587891f1f8c16b558242

 ///  File Name: openbsd-select-bug.txt
Description:
Research on the recent OpenBSD select() bug and its possible exploitation. Includes a local denial of service exploit which was tested on OpenBSD v2.6 - 3.1.
Author:Sec
Homepage:http://www.drugphish.ch
File Size:3560
Last Modified:Sep 29 12:11:35 2002
MD5 Checksum:11b34ff9c52e9241262598028265afec

 ///  File Name: interbase-gds-exploit.c
Description:
This exploit uses a symbolic link vulnerability in the Borland Interbase gds_lock_mgr binary to overwrite /etc/xinetd.d/xinetdbd with code that spawns a root shell on port 666 TCP.
Author:grazer
Homepage:http://www.i-security.nl
File Size:1777
Last Modified:Sep 26 13:49:32 2002
MD5 Checksum:0ecb679470d57b48ec01e63e5ca67c13

 ///  File Name: apache-ssl-bug.c
Description:
This exploit abuses the KEY_ARG buffer overflow that exists in SSL enabled Apache web servers that are compiled with OpenSSL versions prior to 0.9.6e. The apache-ssl-bug.c exploit is based on the Slapper worm (bugtraq.c), which is based on a early version of the apache-open-ssl exploit.
Author:Andy.
File Size:19418
Last Modified:Sep 25 23:58:21 2002
MD5 Checksum:1be047c32ae0e2d1d8930d2ce4c4f7cc

 ///  File Name: vbull.c
Description:
Vbulletin/calender.php remote command execution exploit.
Author:Gosper
File Size:4075
Last Modified:Sep 25 07:53:47 2002
MD5 Checksum:0569a0851a81caa5f67a940a3af6fe2d

 ///  File Name: qute.pl
Description:
Qute.pl is a perl script which exploits a buffer overflow in Qstat 2.5b. Since Qstat is not SUID by default this script is useless.
Author:Arne Schwerdtfegger.
File Size:1786
Last Modified:Sep 24 09:13:22 2002
MD5 Checksum:6182325164cd3e63f9c2688fa96bcc6f

 ///  File Name: idefense.dinoweb.txt
Description:
iDEFENSE Security Advisory 09.23.2002 - A vulnerability exists in the latest version of the Dino Webserver that can allow an attacker to view and retrieve any file on the system.
Author:David Endler
Homepage:http://www.idefense.com
File Size:2429
Last Modified:Sep 24 06:27:17 2002
MD5 Checksum:c2e5dd5d49683b918059438a2f7d405a

 ///  File Name: alsaplayer-suid.c
Description:
AlsaPlayer contains a buffer overflow that can be used for privileges elevation when this program is setuid. Tested on Red Hat 7.3 linux with alsaplayer-devel-0.99.71-1 . The overflow has been fixed in AlsaPlayer 0.99.71.
Author:zillion
File Size:2104
Last Modified:Sep 23 16:49:29 2002
MD5 Checksum:d3864c1d3454e61a8246fa4e1966ac8f

 ///  File Name: bakkum.c
Description:
Remote root exploit for Linux systems running Null httpd 0.5.0. Tested to work against Red Hat Linux 7.3.
Author:eSDee
Homepage:http://www.netric.org
File Size:8137
Last Modified:Sep 23 16:24:48 2002
MD5 Checksum:88f53e3ca0b89baf95643a18cb9584bb

 ///  File Name: gawk_expl.c
Description:
Linux proof of concept exploit for a local buffer overflow in GNU Awk 3.1.0-x.
Homepage:http://www.netric.org
File Size:1047
Last Modified:Sep 21 11:37:51 2002
MD5 Checksum:9e653a0462e3f7ef60c123e9ca381c63

 ///  File Name: compress_expl.c
Description:
Compress v4.2.4 local test exploit for Linux systems.
Homepage:http://www.netric.org
File Size:1799
Last Modified:Sep 21 11:34:25 2002
MD5 Checksum:599d99a8e14ed34f83f118d3d2d84799

 ///  File Name: qspl.c
Description:
Qstat 2.5b local root exploit for Linux. Tested on Debian GNU/Linux (Woody). Since Qstat is not SUID by default this script is not useful for gaining more access to a linux system.
Author:Oscar Linderholm
File Size:1100
Last Modified:Sep 21 10:32:15 2002
MD5 Checksum:5bd205acc310c5c0a4a244f24352737d