Date of Script
(Reverse Chronological Order) |
|
|
|
| December 20, 2004 |
cs.htm
cx.htm |
|
Additional Proofs of Concept for Microsoft Windows XP SP2 and Internet Explorer 6 SP2 Local Zone security restrictions vulnerability. |
| December 20, 2004 |
phpbbmemorydump.cpp |
|
Exploit for phpBB
multiple vulnerabilities. |
| December 20, 2004 |
DilAurDimag-Advisory-07-20-12-2004.txt |
|
Proof of Concept exploit for ChangePassword YP/Samba/Squid vulnerability. |
| December 19, 2004 |
ethereal-0.10.8.tar.gz |
|
Ethereal is a GTK+-based network protocol analyzer, or sniffer, that lets you capture and interactively browse the contents of network frames. |
| December 18, 2004 |
68-1.grx.zip
68-2.grx.zip |
|
Exploit for the Anoakie Turner GREED 'DownloadLoop()' Function vulnerability. |
| December 18, 2004 |
71-1.cal.zip
71-2.cal.zip |
|
A Proof of Concept exploit for the Andrew W. Rogers pcal Buffer Overflow vulnerabilities. |
| December 17, 2004 |
29-1.asp.zip
29-2.asp.zip
|
|
Exploit for the ASP2PHP Remote Buffer Overflow vulnerabilities. |
| December 17, 2004 |
31.emelody.zip |
|
Exploit for the Michael Kohn Ringtone Tools parse_emelody() Buffer Overflow vulnerability. |
| December 17, 2004 |
34.frm.zip |
|
Exploit for the Michael Kohn Visual Basic to C/GTK (vb2c) gettoken() Buffer Overflow vulnerability. |
| December 17, 2004 |
35.abc.zip |
|
A Proof of Concept exploit for the Jean-François Moine abcm2ps put_words() Buffer Overflow vulnerability. |
| December 17, 2004 |
36-1.abc.zip |
|
A Proof of Concept exploit for the aChristoph Dalitz abctab2ps Buffer Overflows. |
| December 17, 2004 |
36-2.abc.zip |
|
A Proof of Concept exploit for the bctab2ps Trim_Title Function ABC File Remote Buffer Overflow vulnerability. |
| December 17, 2004 |
38-1.abc.zip
38-2.abc.zip |
|
Exploits for the ABC2MIDI Multiple Stack Buffer Overflow vulnerability. |
| December 17, 2004 |
45.pgn.zip |
|
A Proof of Concept exploit for the GNU pgn2web process_moves() Buffer Overflow vulnerability. |
| December 17, 2004 |
46.mesh.zip |
|
A Proof of Concept exploit for the Helmut Cantzler Mesh Viewer dxfin() Buffer Overflow vulnerability. |
| December 17, 2004 |
53.csv.zip |
|
A Proof of Concept exploit for the BSD csv2xml get_csv_token() Buffer Overflow vulnerability. |
| December 17, 2004 |
58.xml.zip |
|
Script that exploits the o3read parse_html() Buffer Overflow vulnerability. |
| December 17, 2004 |
61.html.zip |
|
A Proof of Concept exploit script for the html2hdml remove_quote() Buffer Overflow vulnerability. |
| December 17, 2004 |
74.abc.zip |
|
A Proof of Concept exploit for the GNU jcabc2ps switch_voice() Buffer Overflow vulnerability. |
| December 17, 2004 |
79.abc.zip |
|
Exploit for the Chris Walshaw abc2mtex process_abc() Buffer Overflow vulnerability. |
| December 17, 2004 |
80.abc.zip |
|
Exploit for the Guido Gonzato abcpp handle_directive() Buffer Overflow vulnerability. |
| December 17, 2004 |
81.rtf.zip |
|
A Proof of Concept exploit for the GNU UnRTF Font Table Conversion Buffer Overflow vulnerability. |
| December 17, 2004 |
winRAR3_40BufferOverflowPOC.c |
|
Exploit for the RARLAB WinRAR File Name Remote Client-Side Buffer Overflow vulnerability. |
| December 16, 2004 |
1.xls.zip |
|
Exploit for the David Giffin xlreader book_format_sql() Buffer Overflow vulnerability. |
| December 16, 2004 |
10.list.zip |
|
Exploit for the GNU jpegtoavi get_file_list_stdin() Buffer Overflow vulnerability. |
| December 16, 2004 |
11.mail.zip |
|
Script that exploits the Bolthole Filter save_embedded
_address() Buffer Overflow vulnerability. |
| December 16, 2004 |
12.html.zip |
|
Script that exploits the Patric Müller Vilistextum get_attr() Buffer Overflow vulnerability. |
| December 16, 2004 |
13.txt.zip |
|
Exploit for the AtBas 2fax expandtabs() Buffer Overflow vulnerability. |
| December 16, 2004 |
2.dxf |
|
A Proof of Concept exploit for the GNU DXFscope dxfin() Buffer Overflow vulnerability. |
| December 16, 2004 |
20.avi |
|
Exploit for the GPL Xine open_aiff_file() Buffer Overflow vulnerability. |
| December 16, 2004 |
22.S.zip |
|
Exploit for the LGPL NASM error() Buffer Overflow vulnerability. |
| December 16, 2004 |
3.msg.zip |
|
A Proof of Concept exploit script for the Little Igloo LinPopUp strexpand() Buffer Overflow vulnerability. |
| December 16, 2004 |
5.rtf.zip |
|
A Proof of Concept exploit script for the GNU rtf2latex2e ReadFontTbl() Buffer Overflow vulnerability. |
| December 16, 2004 |
7.3ds.zip |
|
A Proof of Concept exploit script for the GNU Convex 3D readObjectChunk() Buffer Overflow vulnerability. |
| December 16, 2004 |
9.http.zip |
|
Proof of Concept exploit for the Gastón Kleiman Yanf get() Buffer Overflow vulnerability. |
| December 16, 2004 |
ability-2.34-ftp-stor.py
un-aftp.c
|
|
Exploits for the Ability Server 'APPE FTP' Command Buffer Overflow vulnerability. |
| December 16, 2004 |
firstclass_search_exploit.c
secunia.com-advisories-13415.c |
|
Script that exploits the OpenText FirstClass HTTP Daemon Search Function Remote Denial of Service vulnerability. |
| December 15, 2004 |
17-s.c |
|
Exploit for the GNU MPlayer ASF Streams Processing Buffer Overflow vulnerability. |
| December 15, 2004 |
21.hpgl.gz |
|
Exploit for the GNU CUPS HPGL ParseCommand() Buffer Overflow vulnerability. |
| December 15, 2004 |
49.list.zip |
|
Exploit for the GNU ChBg simplify_path() Buffer Overflow vulnerability. |
| December 15, 2004 |
8.list |
|
Exploit for the Michael Hipp mpg123 find_next_file() Buffer Overflow vulnerability. |
| December 15, 2004 |
napshare_srv.c
napshare_srv_2.c |
|
Scripts that exploit the GNU NapShare auto_filter_extern() Buffer Overflow vulnerability. |
| December 15, 2004 |
phpbb2memorydump.zip |
|
Exploit for the PHP Multiple Local And Remote Vulnerabilities. |
| December 15, 2004 |
rpcl_icmpdos.c |
|
Script that exploits the Ricoh Aficio 450/455 PCL Printer Remote ICMP Denial of Service vulnerability. |
| December 14, 2004 |
scm_send_dos.c |
|
Script that exploits the Multiple Vendors Linux Kernel Auxiliary Message Layer State Error vulnerability. |
| December 13, 2004 |
ceaglesock.zip
|
|
Exploit for the Codename Eagle UDP Packet Processing Remote Denial of Service vulnerability. |
| December 13, 2004 |
igmp.c
|
|
Exploit for the Multiple Vendors Linux Kernel IGMP Integer Underflow Vulnerabilities. |
| December 13, 2004 |
lithsock.zip
|
|
Exploit for the Monolith Lithtech Game Engine Remote Denial of Service vulnerability. |
| December 12, 2004 |
AdobeMac.txt |
|
Exploit for the Adobe Version Cue Start/Stop Scripts Arbitrary Script Execution vulnerability. |
| December 12, 2004 |
Absinthe-1.1.tar.gz |
|
A gui-based tool that automates the process of downloading the schema and contents of a database that is vulnerable to Blind SQL Injection. |
| December 12, 2004 |
citadel_fsexp.c |
|
Remote root exploit for Citadel/UX format string vulnerability. |
| December 12, 2004 |
mercury.c |
|
Exploit for the Mercury Mail Multiple Remote IMAP Stack Buffer Overflow vulnerabilities. |
| December 12, 2004 |
orbzbof.zip |
|
Remote Proof of Concept exploit for the 21-6 Productions Orbz Password Field Buffer Overflow vulnerability. |
| December 12, 2004 |
WebLibs10.txt |
|
Exploit for the Darryl Burgdorf WebLibs Directory Traversal vulnerability. |
| December 11, 2004 |
phpkitSQLXSS.txt |
|
Proof of Concept exploit for the PHP KIT SQL injection and Cross-Site Scripting vulnerabilities. |
| December 11, 2004 |
ipbSQL.txt |
|
Exploit for the IPB Pro Arcade SQL injection vulnerability. |
| December 11, 2004 |
ezshopper.txt |
|
Exploit for the EZshopper Directory Traversal vulnerability. |
| December 11, 2004 |
ssfakep.zip |
|
Remote Denial of Service exploit for games using the Serious engine. Generates UDP packets that have fake players enter a room |
| December 11, 2004 |
mimedefang-2.49.tar.gz |
|
A flexible MIME email scanner designed to protect Windows clients from viruses. |
| December 11, 2004 |
winfingerprint-0.5.13.zip |
|
A Win32 Host/Network Enumeration Scanner. Winfingerprint is capable of performing SMB, TCP, UDP, ICMP, RPC, and SNMP scans. |
| December 11, 2004 |
bilbo-0.11.tar.gz |
|
A wrapper for nmap that makes it easier to scan lots of machines or networks. |
| December 11, 2004 |
IPSWSFTP-exploit.c |
|
Exploit for the IpSwitch WS_FTP Buffer Overflow vulnerability. |
| December 11, 2004 |
coffeecupbof.txt |
|
Script that exploits the CoffeeCup Direct/Free FTP ActiveX Component Remote Buffer Overflow vulnerability. |
| December 11, 2004 |
OpenDcHub-poc.zip |
|
Exploit for the Open DC Hub Remote Buffer Overflow vulnerability. |
| December 11, 2004 |
winampm3u.c |
|
Script that exploits the Nullsoft Winamp 'IN_CDDA.dll' Buffer Overflow vulnerability. |
| December 11, 2004 |
atari800.txt |
|
Exploit for the Atari800 Emulator Multiple Buffer Overflows vulnerabilities. |
| December 11, 2004 |
000102advisory.txt |
|
Exploit for the MailEnable Stack Overflow & Pointer Overwrite vulnerability. |
| December 11, 2004 |
phpnolimit.c |
|
Exploit for the PHP 'memory_limit' and strip_tags() Remote Vulnerabilities |
| December 11, 2004 |
phpnews.txt |
|
Exploit for the PHPNews SQL Injection vulnerability. |
| December 11, 2004 |
wodftpcrash.txt |
|
Denial of Service exploit for the WodFtpDLX buffer overflow vulnerability. |
| December 10, 2004 |
wgetTrapPOC.pl |
|
Perl script that exploits the GNU WGet Multiple Remote Vulnerabilities. |
| December 10, 2004 |
goregsbof.zip
|
|
Exploit for the Gamespy Software Development Kit CD-Key Validation Buffer Overflow vulnerability. |
| December 9, 2004 |
ie6-file-detection.txt |
|
Exploit for the Microsoft Internet Explorer Sysimage Protocol Handler Information Disclosure vulnerability, |
| December 8, 2004 |
keriodos.txt
|
|
Exploit for the Kerio Personal Firewall Local Denial of Service vulnerability. |
| December 7, 2004 |
md5_someday.pdf |
|
Collision vulnerabilities in MD5 Checksums - It is possible to create different executables which have the same md5 hash. The attacks remain limited, for now. The attack allows blocks in the checksumm'd file to be swapped out for other blocks without changing the final hash. A tool to demonstrate these vulnerabilities is available here. |
| December 7, 2004 |
iosetup_crash.c |
|
Script that exploits the Linux Kernel AIO_Free_Ring Local Denial of Service vulnerability. |
| December 7, 2004 |
bfcboom.tar
bfcboom.zip |
|
Proof of Concept exploits for the Digital Illusions Multiple Games Remote Denial of Service vulnerability. |
| December 7, 2004 |
stripwire-1.1.tar.gz |
|
A tool which demonstrates vulnerabilities in md5 checks. |
| December 2, 2004 |
kreedexec.zip |
|
Exploit for the Burut Kreed Game Server Multiple Remote vulnerabilities. |
| December 1, 2004 |
mercury.py
ex_MERCURY.c
ex_MERCURY2.c |
|
Scripts that exploit the Mercury Mail Multiple Remote IMAP Stack Buffer Overflow vulnerabilities. |
| November 30, 2004 |
janados.zip |
|
Exploit for the JanaServer 2 Multiple Remote Denial of Service vulnerabilities. |
| November 30, 2004 |
WeBrute |
|
A Brute Forcing tool to discover hidden directories, files or parameters in the URL # of a webserver. |
| November 30, 2004 |
WS_FTP_Overflow.pl
ws_ftpOverflowExploitByNoPh0BiA.c |
|
Scripts that exploit the IpSwitch WS_FTP Buffer Overflow vulnerability. |
| November 26, 2004 |
101_mEna.c
|
|
Script that exploits the MailEnable IMAP Service Multiple Remote Pre-Authentication Buffer Overflow vulnerabilities. |
| November 26, 2004 |
atari800.c |
|
Exploit for the Atari800 Emulator Multiple Local Buffer Overflow vulnerabilities. |
| November 24, 2004 |
evil_server.pl
prozillaBufferOverflowExploitSerkanAkpolat.c
proz_ex.c |
|
Scripts that exploit the ProZilla Multiple Remote Buffer Overflow vulnerabilities. |
| November 24, 2004 |
openDCHubBufferOverflowPOC.java |
|
A Proof of Concept exploit for the Open DC Hub Remote Buffer Overflow vulnerability. |
| November 24, 2004 |
sof2boom.zip |
|
A Proof of Concept exploit for the Soldier Of Fortune 2 Buffer Overflow Remote Denial of Service vulnerability. |
| November 24, 2004 |
swbfp.zip |
|
Exploit for the LucasArts Star Wars Battlefront Game Server Remote Denials of Service vulnerabilities. |
| November 24, 2004 |
winAmpIN_CDDALibExploit.c |
|
Scripts that exploit the Nullsoft Winamp 'IN_CDDA.dll' Buffer Overflow vulnerability. |
| November 24, 2004 |
b4b0-phpbb.tgz |
|
Script that exploits the PHPBB Admin_cash.PHP Remote PHP File Include vulnerability. |
| November 24, 2004 |
efuzz01.zip |
|
An easy to use Win32 tcp/udp protocol fuzzer which finds unknown buffer overflows in local and remote services. |
| November 24, 2004 |
mailtraq-update.txt |
|
Proof of Concept exploit for the Enstar Mailtraq Windows Tray Icon Access Control vulnerability. |
| November 23, 2004 |
coffeeCupFTPBufferOverflowExpl.c |
|
Script that exploits the CoffeeCup Direct/Free FTP ActiveX Component Remote Buffer Overflow vulnerability. |
| November 23, 2004 |
haloCboom.zip
|
|
Exploit for the Gearbox Software Halo Game Client Remote Denial of Service vulnerability. |
| November 23, 2004 |
phpBBCodeExecExploitRUSH.pl |
|
Exploit for the PHPBB Remote URLDecode Input Validation vulnerability. |
| November 23, 2004 |
WodFtpDLXBufferOverflowExpl.c
|
|
Script that exploits the WeOnlyDo! wodFtpDLX ActiveX Component Remote Buffer Overflow vulnerability. |
| November 22, 2004 |
DMS_POP3_Overflow.pl
dmsPOP3BufferOverflowExpNoPh0Bia.c
dmsPOP3.txt |
|
Scripts that exploit the Digital Mappings Systems POP3 Server Remote Buffer Overflow vulnerability. |
| November 21, 2004 |
Cisco6509_Reverse.tar.bz2 |
|
Simple C tool and binutils patch with step by step description (HowTo_Reverse_engineering_ Cisco_image.html) how to convert cisco image to MIPSIV file for reverse engineering. |
| November 20, 2004 |
20041119.IESP2Unpatched.html |
|
Exploit for the Microsoft Internet Explorer File Download Restriction Bypass vulnerability. |
| November 20, 2004 |
20041119.IESP2Unpatched.php |
|
Exploit for the Microsoft IE Custom 404 Error Message & execCommand SaveAs File Download vulnerability. |
| November 20, 2004 |
aclient.txt |
|
Step by step exploit for the Altiris AClient Service Windows Tray Icon Access Control vulnerability. |
| November 20, 2004 |
atk-3.0.zip |
|
The Attack Tool Kit (ATK) is an open-source utility to perform vulnerability checks and enhance security audits. |
| November 20, 2004 |
atk-3.0src.zip |
|
The Attack Tool Kit (ATK) is an open-source utility to perform vulnerability checks and enhance security audits. |
| November 20, 2004 |
bofra_overview.txt |
|
Brief analysis of the Bofra, aka MyDoom.AG/AH, worm that was first discovered circulating in the wild November 8th. |
| November 20, 2004 |
eudora62014.txt |
|
Proof of Concept exploit for the Eudora 6.2.14 for Windows Attachment Spoofing vulnerability. |
| November 20, 2004 |
GFHost.pl
GFHostExploit.pl |
|
Perl script that exploits the Pablo Hernandez GFHost Cross-Site Scripting & Server-Side Script Execution vulnerability. |
| November 20, 2004 |
nsg-advisory-08.txt |
|
Proof of Concept exploit for the TipxD versions Format String vulnerability. |
| November 20, 2004 |
phpbb.php.txt |
|
Exploit for the PHPBB Login Form Multiple Input Validation vulnerability. |
| November 20, 2004 |
slmail5x.txt |
|
Exploit for the SLMail 5.x POP3 Remote Buffer Overflow vulnerability. |
| November 20, 2004 |
tweaky.pl |
|
Perl script that exploits the TWiki Search Shell Metacharacter Remote Arbitrary Command Execution vulnerability. |
| November 20, 2004 |
zipbrk.zip |
|
A tool that searches for the central and local headers contained in a zip file and alters the uncompressed data variable to be 0 in an attempt to trick anti-virus software into not scanning the files inside the zip file. |
| November 19, 2004 |
Opera754FontCrashApplet.java
Opera754EcmaScriptApplet.java
Opera754LauncherApplet.java
Opera754KerberosAppletPrint.java |
|
Exploits for the Opera Web Browser Java Implementation Multiple Remote Vulnerabilities. |
| November 19, 2004 |
ZipMe!.cpp |
|
Proof of Concept exploit for the Microsoft Compressed (zipped) Folders Remote Code Execution vulnerability. |
| November 18, 2004 |
apache-squ1rt.c |
|
Script that exploits the Apache Web Server Remote Denial of Service vulnerability. |
| November 17, 2004 |
ipbQPIDExploitSQLInjection.pl
|
|
Perl script that exploits the Invision Power Board 'Index.PHP' Post Action SQL Injection vulnerability. |
| November 17, 2004 |
RXcscope_proof.sh
RXcscope_proof.c
advRX181104.txt
|
|
Proof of Concept exploit scripts for the Cscope Temporary Files Elevated Privileges vulnerability. |
| November 16, 2004 |
mini-exploit.c |
|
Script that exploits the MiniShare Buffer Overflow vulnerability. |
| November 15, 2004 |
zipbrk.c |
|
Proof of Concept exploit script for the Multiple Vendor Anti-Virus Software Detection Evasion vulnerability. |
| November 15, 2004 |
NetworkMessengerDOS.pl |
|
Perl script that exploits the Secure Network Messenger Remote Denial of Service vulnerability. |
| November 13, 2004 |
101_netn.cpp |
|
Script that exploits the AlShare Software NetNote Server Remote Denial of Service vulnerability. |
| November 13, 2004 |
CCProxy_exp.c
|
|
Script that exploits the CCProxy HTTP Request Processing Buffer Overflow vulnerability. |
| November 13, 2004 |
grams.html |
|
Full analysis of the Win32.Grams trojan. |
| November 13, 2004 |
IMail-8.13-DELETE.pm
|
|
Exploit script for the Ipswitch IMail Server Delete Command Remote Buffer Overflow vulnerability. |
| November 13, 2004 |
lkbackdoor.tar.gz |
|
Paper that describes how to add a quick backdoor into the setuid code for the Linux 2.4 kernel series. |
| November 13, 2004 |
netnote_exp.c |
|
Script that exploits the AlShare Software NetNote Server Remote Denial of Service vulnerability. |
| November 13, 2004 |
Shadow_Software_Attack.pdf |
|
Whitepaper written to demonstrate that a shadow software attack is still possible. |
| November 13, 2004 |
technote.pl |
|
Exploit for the Technote 'main.cgi' Input Validation vulnerability. |
| November 13, 2004 |
waraxe-2004-SA037.txt |
|
Proof of Concept exploit for the Phorum 'follow.php' Input Validation vulnerability. |
| November 12, 2004 |
101_slim.cpp |
|
Script that exploits the WhitSoft Development SlimFTPd Remote Buffer Overflow vulnerability. |
| November 12, 2004 |
binfmt_elf.txt |
|
Script that exploits the Linux Kernel BINFMT_ELF Loader vulnerability. |
| November 12, 2004 |
HOD-kerio-firewall-DoS-expl.c |
|
Script that exploits the Kerio Personal Firewall IP Options Denial of Service vulnerability. |
| November 12, 2004 |
pop_exp2.py |
|
Script that exploits the YPOPs! Buffer Overflows vulnerability. |
| November 12, 2004 |
Scan6.zip |
|
Port scanner for Windows 2k/XP that is functional for both IPv4 and IPv6 networks. Binary, source code, and more information included in the archive. |
| November 12, 2004 |
status.htm
xcellent.html |
SB04-322 |
Exploits for the Microsoft Internet Explorer Flash Content Status Bar Spoofing Weakness vulnerability |
| November 11, 2004 |
binfmt_elf_dump.c |
|
Script that exploits the Linux Kernel BINFMT_ELF Loader vulnerability. |
| November 10, 2004 |
101_mini.cpp |
|
Exploit for the MiniShare Buffer Overflow vulnerability. |
| November 10, 2004 |
slimFTPDCommandBObyclass101.c |
|
Script that exploits the WhitSoft Development SlimFTPd Remote Buffer Overflow vulnerability. |
| November 8, 2004 |
IEnumerate.txt |
|
Exploit for the Microsoft Internet Explorer 'res:' URI Handler File Identification vulnerability. |
| November 8, 2004 |
qwik_fmtstr_xpl.c |
|
Script that exploits the QwikMail Format String vulnerability. |
| November 8, 2004 |
WPA Cracker |
|
Proof of Concept exploit for the Wi-Fi Protected Access encryption algorithm weakness. |
| November 6, 2004 |
602res.zip |
|
Exploit for the Software602 602 LAN Suite Multiple Remote Denial Of Service vulnerabilities. |
| November 5, 2004 |
iptablesDoS.c |
|
Proof of Concept Denial of Service exploit for the Linux Kernel IPTables Logging Rules Remote Denial of Service vulnerability. |
| November 5, 2004 |
wX.tar.gz |
|
A kernel based rootkit for Mac OSX which is roughly based on adore. It runs as a kernel extension, similar to a LKM. Requires Xcode. |
| November 4, 2004 |
InternetExploiter.html.gz |
|
Script that exploits the Microsoft Internet Explorer Malformed IFRAME Remote Buffer Overflow vulnerability. |
| November 2, 2004 |
everscan-0.8.2.tgz |
|
A daemonized network scanner that randomly scans at a very slow pace for machines and stores the data to a database. It comes with a client to query for finds. |
| November 2, 2004 |
SecondOrderCodeInjection.pdf |
|
Whitepaper discussing how injection of data can later be used to carry out an attack at a different point in time. |
| November 1, 2004 |
authfail-1.0.0.tgz |
|
A tool for adding IP addresses to an ACL when entities from those addresses attempt to log into a system, but cause authentication failures in auth.log. It reads data from auth.log in real time and adds the IP into netfilter with a DROP/REJECT policy. |
| November 1, 2004 |
mimedefang-2.48.tar.gz |
|
A flexible MIME email scanner designed to protect Windows clients from viruses that includes the ability to do many other kinds of mail processing, such as replacing parts of messages with URLs. It can alter or delete various parts of a MIME message according to a very flexible configuration file. |
| November 1, 2004 |
nixfo-ng-1.5.tar.gz |
|
A script that scans Linux-based systems and does a complete inventory of anything installed, available, manipulated, or other wise. |
| October 30, 2004 |
ability-ftpd-exploit.tar.bz2 |
|
Exploit for the Code-Crafters Ability Server FTP STOR Argument Remote Buffer Overflow vulnerability. |
| October 30, 2004 |
mimedefang-2.47.tar.gz |
|
A flexible MIME email scanner designed to protect Windows clients from viruses that includes the ability to do many other kinds of mail processing, such as replacing parts of messages with URLs. |
| October 29, 2004 |
hydra-4.4-src.tar.gz |
|
A high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus. |
| October 28, 2004 |
bypassArticle.txt |
|
Presentation: Bypassing client application protection techniques with notepad. |
| October 28, 2004 |
moo3boom.zip |
|
Proof of Concept for the Quicksilver Master of Orion III Multiple Remote Denial of Service vulnerabilities. |
| October 28, 2004 |
wvftpd.c |
|
Script that exploits the WvTftp Processing TFTP Options Buffer Overflow vulnerability. |
| October 27, 2004 |
ability.c |
|
Exploit for the Code-Crafters Ability Server FTP STOR Argument Remote Buffer Overflow vulnerability. |
| October 27, 2004 |
aos2bof.zip |
|
Script that exploits the Akella Privateer's Bounty: Age of Sail II Remote Nickname Buffer Overflow vulnerability. |
| October 27, 2004 |
chmremote.txt |
|
Full write up and exploitation walk-thru for the Microsoft Internet Explorer ms-its scheme/CHM remote code execution vulnerability. |
| October 27, 2004 |
FakeRedhatPatchAnalysis.txt |
|
A full analysis of the fake Fedora-Redhat security alert with trojan source code. |
| October 27, 2004 |
gd-graphics.c |
|
Script that exploits the GD Graphics Library Remote Integer Overflow vulnerability. |
| October 27, 2004 |
kismet-2004-10-R1.tar.gz |
|
An 802.11 layer 2 wireless network sniffer that can sniff 802.11b, 802.11a, and 802.11g traffic. It is capable of sniffing using almost any wireless card supported in Linux, which currently divide into cards handled by libpcap and the Linux-Wireless extensions (such as Cisco Aironet), and cards supported by the Wlan-NG project which use the Prism/2 chipset (such as Linksys, Dlink, and Zoom). Besides Linux, Kismet also supports FreeBSD, OpenBSD and Mac OS X systems. |
| October 27, 2004 |
libxmlSploit.c |
|
Proof of Concept exploit for the Libxml2 Multiple Remote Stack Buffer Overflow vulnerabilities. |
| October 27, 2004 |
moo3boom.tar
|
|
Proof of Concept for the Quicksilver Master of Orion III Multiple Remote Denial of Service vulnerabilities. |
| October 27, 2004 |
wx-01.tar.gz |
|
New Macintosh OS-X rootkit that is roughly based off of adore. It hides itself from kextstat, netstat, utmp and wtmp. Further revisions to include a reverse shell triggered by ARP and DNS packets. |
| October 26, 2004 |
libxml_exp.c |
|
Proof of Concept exploit for the Libxml2 Multiple Remote Stack Buffer Overflow vulnerabilities. |
| October 26, 2004 |
mailCarrierExploit.txt |
|
Script that exploits the Tabs Laboratories MailCarrier Remote SMTP EHLO/HELO Buffer Overflow vulnerability. |
| October 26, 2004 |
wvTftpRemoteRootExploit.c |
|
Script that exploits theWvTftp Processing TFTP Options Buffer Overflow vulnerability. |
| October 26, 2004 |
85mod_include.c |
|
Proof of Concept exploit for the Apache mod_include Buffer Overflow vulnerability. |
| October 26, 2004 |
ethereal-0.10.7.tar.gz |
|
A GTK+-based network protocol analyzer, or sniffer, that lets you capture and interactively browse the contents of network frames. |
| October 26, 2004 |
javascript.txt |
|
A write-up discussion on how to use Javascript to spoof what page is actually being visited. |
| October 26, 2004 |
navRant.txt |
|
Proof of Concept regarding how easy it is to bypass Norton Antivirus. |
| October 26, 2004 |
nmap-3.75.tgz |
|
A utility for port scanning large networks, although it works fine for single hosts. |
| October 26, 2004 |
osx86_mmdfdeliver.c |
|
Script that exploits the SCO OpenServer MMDF vulnerability. |
| October 26, 2004 |
proftpdEnum.c |
|
Proof of Concept script that exploits the ProFTPd Login Timing Account Disclosure vulnerability. |
| October 26, 2004 |
rkdscan.zip |
|
A scanner designed to detect whether or not an NT based computer is infected with the Hacker Defender root kit. |
| October 25, 2004 |
socat_exp.c |
|
Script that exploits the Socat Remote Format String vulnerability. |
| October 24, 2004 |
creating_a_asp_command
_shell_using_BACKUP.txt |
|
This is a text document that describes how MS SQL can be "tricked" into creating a command.asp script under the webroot, even when you do not have access to 'sa' privs (dbo privs are probably still a must, though). The technique described uses the SQL server 'backup' command. |
| October 24, 2004 |
ksb26-2.6.9.tar.gz |
|
KSB26, Kernel Socks Bouncer for 2.6.x, is a Linux 2.6.x-kernel patch that redirects full tcp connections through a socks5 proxy. KSB26 uses a character device to pass socks5 and the target IPs the Linux kernel. |
| October 24, 2004 |
lgool.c |
|
Lgool is a program that will search Google for a given vulnerability. |
| October 24, 2004 |
SetWindowLong_Shatter_Attacks.pdf |
|
This paper gives an example of the variety of shatter attacks which should be corrected by MS04-032 (KB840987). This sort of attack can typically be used for local privilege escalation. |
| October 24, 2004 |
uml.c |
|
Userspace Logger is functioning code based on the example given in the article in Phrack 51 entitled "Shared Library Redirection". The following functions are logged: read()/recv() output and intercepts open(), open64(), close(), socket(), connect(), exit(). This is an effective keystroke logger, among other things, despite that the author says it is only at the Proof-of-Concept phase. |
| October 23, 2004 |
101_shixx.cpp |
|
Exploit for the Mavel ShixxNote 6.net Buffer Overflow in Font Field vulnerability. |
| October 23, 2004 |
amap-4.7.tar.gz |
|
Application Mapper is a next-generation scanning tool that allows you to identify the applications that are running on a specific port. It does this by connecting to the port(s) and sending trigger packets. |
| October 23, 2004 |
Camou121.exe |
|
Camouflage v1.2.1 is an incredibly weak steganography tool for Windows that uses various image files and doc files as a carrier to hide arbitrary data inside of. |
| October 23, 2004 |
CKFP.zip |
|
This is a Windows program that "unprotects" files which have been hidden using a steganography program called Camouflage. If the Camouflage'd file requires a password, the password is reset to nothing. |
| October 23, 2004 |
hitb04-shreeraj-shah.pdf |
|
"Web Services - Attacks and Defense Strategies, Methods and Tools" presentation that discusses how the web service is the new security Lego Land. The main building blocks are UDDI, SOAP and WSDL. This presentation will briefly touch upon each of these aspects. |
| October 23, 2004 |
hitb04-sk-chong.pdf |
|
"Windows Local Kernel Exploitation" presentation that discusses mechanisms to exploit the Windows Kernel for useful local privilege escalation. |
| October 23, 2004 |
hitb04-teo-sze-siong.zip |
|
"Stealth Virus Design Thru Breeding Concept (Non Polymorphic)" presentation that includes Proof of Concept code samples. |
| October 23, 2004 |
SetecAstronomy.pl |
|
This is a Perl script that can search files to identify whether data has been hidden using a weak steganography tool for Windows named Camouflage. |
| October 22, 2004 |
ability-2.34-ftp-stor.py |
|
Exploit for the Code-Crafters Ability Server FTP STOR Argument Remote Buffer Overflow vulnerability. |
| October 20, 2004 |
akellaPrivateersBountyExploit.zip |
|
Script that exploits the Akella Privateer's Bounty: Age of Sail II Remote Nickname Buffer Overflow vulnerability. |
| October 20, 2004 |
apacheModIncludeLocal
BufferOverflowExploit.c |
|
Script that exploits the Apache mod_include Buffer Overflow vulnerability. |
| October 20, 2004 |
Intro_to_Win32_Exploits.pdf |
|
An introduction to writing exploits for the Win32 platform. Walks through creation of an exploit for a real vulnerable piece of software, using OllyDbg to help isolate the fault and exploit it. |
| October 20, 2004 |
ms04-030_spl.pl |
|
Perl script that exploits the Microsoft WebDav XML Message Handler Denial of Service vulnerability. |
| October 20, 2004 |
noceegar.html |
|
Exploit for the Microsoft Internet Explorer HTML Help Control Local Zone Security Restriction Bypass & File Drag and Drop Embedded Code vulnerabilities. |
| October 20, 2004 |
windowsEMF_WMF_Exploit.c |
|
Script that exploits the Microsoft Windows WMF/EMF Remote Buffer Overflow vulnerability. |
| October 19, 2004 |
HOD-ms04032-emf-expl2.c |
|
Exploit that creates crafted metadata files to exploit Microsoft Internet Explorer 6.0. |
| October 19, 2004 |
toneboom.zip |
|
Script that exploits the Vypress Tonecast Remote Denial of Service vulnerability. |
| October 18, 2004 |
dc_ypop.c |
|
Script that exploits the YPOPs! Buffer Overflows vulnerability. |
| October 18, 2004 |
salesLogixFileUploadPoC.pl
|
|
Proof of Concept exploit for the Best Software SalesLogix File Upload vulnerability. |
| October 16, 2004 |
bmon.sh |
|
Proof of Concept exploit for theBMON Arbitrary Code Execution vulnerability. |
| October 18, 2004 |
yahoopops.c
101_ypops.cpp
dc_ypop.c
|
|
Exploits for the YPOPs! Buffer Overflows vulnerabilities. |
| October 15, 2004 |
proftpd.c |
|
Script that exploits the ProFTPd Login Timing Differences Disclose Valid User Account Names vulnerability. |
| October 13, 2004 |
sessmgr.c |
|
Script that exploits the Microsoft Windows XP Weak Default Configuration vulnerability. |
| October 13, 2004 |
shixxbof.zip |
|
Exploit for the ShixxNOTE 6.net Remote Buffer Overflow vulnerability. |
| October 13, 2004 |
101_ypops.cpp |
|
Exploit for the remote buffer overflows in both the POP3 and SMTP services of the YahooPOPs application. |
| October 13, 2004 |
AntiExploit-1.3b5.tar.gz |
|
An exploit scanner that detect local intruders. It scans for over 3900 suspicious files, has daily database updates, and will act if a file is accessed. It uses the dazuko kernel module, which is also used by clamAV, Amavis, and other virus scanners. |
| October 13, 2004 |
flashmsg.zip |
|
Proof of Concept exploit for the Jera Technology Flash Messaging Server Remote Denial of Service vulnerability. |
| October 13, 2004 |
gosmart.txt |
|
Exploit examples for the GoSmart Message Board Cross-Site Scripting vulnerabilities. |
| October 13, 2004 |
intro_to_shellcoding.pdf |
|
Introduction to Shellcode: How to exploit buffer overflows. A very thorough and well written paper on how it all works that includes step by step examples from vulnerability discovery to a finished exploit. The paper focuses on x86 Intel syntax assembly under Linux. |
| October 13, 2004 |
jc-wepcrack.tar.gz |
|
jc-wepcrack is a distributed WEP cracker that uses its own sockets-based protocol for communication. |
| October 13, 2004 |
lithsec.zip |
|
Remote Proof of Concept exploit for the Monolith Games Buffer Overflow vulnerability. |
| October 13, 2004 |
PolymorphicEvasion.txt |
|
White paper discussing ways to evade detection of polymorphic shellcode. |
| October 13, 2004 |
prismstumbler-0.7.3.tar.bz2 |
|
Prismstumbler is software that finds 802.11 (W-LAN) networks. It comes with an easy to use GTK2 frontend and is small enough to fit on a small portable system. It is designed to be a flexible tool to find as much information about wireless LAN installations as possible. |
| October 13, 2004 |
remoteActivate.txt |
|
Information on how to manipulate registry keys once a command shell is obtained to invoke the Remote Desktop functionality of XP. |
| October 13, 2004 |
shadowmac-1.0.tar.gz |
|
A kernel patch for spoofing MAC addresses under Mac OS X. |
| October 13, 2004 |
tridcomm13.txt |
|
Exploit for the TriDComm FTP Server Directory Traversal vulnerability. |
| October 13, 2004 |
turboTraffic.txt |
|
Exploit for the Turbo Traffic Trader Nitro Cross-Site Scripting & SQL Injection vulnerability. |
| October 13, 2004 |
vymesbof.zip |
|
Proof of Concept exploit for the VyPRESS Messenger Remote Buffer Overflow vulnerability. |
| October 8, 2004 |
lithsecGameEnginePoC.zip |
|
Proof of Concept exploit for the Monolith Lithtech Game Engine Remote Buffer Overflow vulnerability. |
| October 8, 2004 |
SSL_PCT_EXPLOITATION_ANALYSIS.PDF |
|
Whitepaper analysis of the THCIISLAME SSL/PCT bug, how the bug was exploited and how to use it. Included is a small introduction to generic exploit coding. |
| October 7, 2004 |
adv07-y3dips-2004.txt |
|
Exploit for the AJ-Fork Insecure Default Permissions vulnerability. |
| October 7, 2004 |
aircrack-2.1.tgz |
|
An 802.11 WEP cracking program that can recover a 40-bit or 104-bit WEP key once enough encrypted packets have been gathered. |
| October 7, 2004 |
flashmsg.tar |
|
Exploit for the Jera Technology Flash Messaging Server Remote Denial of Service vulnerability. |
| October 7, 2004 |
iceexec.rar
priv8icecast.pl
iceexec2.zip
|
|
Scripts that exploit the Icecast Server HTTP Header Buffer Overflow vulnerability. |
| October 7, 2004 |
pads-1.1.3.tar.gz |
|
Pads is a signature based detection engine used to passively detect network assets. |
| October 7, 2004 |
REALSERVER_EXPLOIT_ANALYSIS.PDF |
|
Whitepaper analysis on how to use the THCREALBAD Realserver exploit and how it works. Additionally, a real life intrusion with this exploit is shown with what to do after root privileges are achieved. |
| October 7, 2004 |
sacred_jpg.c |
|
Script that exploits the Microsoft JPEG Processing Buffer Overflow vulnerability. |
| October 2, 2004 |
ipSwitchWhatsUpGoldBufferOverflowExpl.pl
NotmuchG.pl |
|
Script that exploits the WhatsUp Gold Remote Buffer Overflow vulnerability. |
| October 7, 2004 |
tcptrack-1.1.3.tar.gz |
|
A packet sniffer that passively watches for connections on a specified network interface, tracking their states and listing them in a manner similar to the top command. It displays source and destination addresses and ports, connection state, idle time, and bandwidth usage. |
| October 4, 2004 |
6A00615BFM.html
MS_SQLDenialOfServicePOC.c
MSsqlDenialOfServicePOC.c |
|
Proofs of Concept exploit scripts for the Microsoft SQL Server Remote Denial of Service vulnerability. |
| October 4, 2004 |
iceexec.zip |
|
A Proof of Concept exploit for the Icecast Server HTTP Header Buffer Overflow vulnerability. |
| October 1, 2004 |
serendipityPoC.txt |
|
Proof of Concept exploit for Serendipity 0.7-beta1 and below SQL injection exploit. |
| October 1, 2004 |
cutter-1.02.tgz |
|
Cutter allows network administrators to close TCP/IP connections running over a Linux/IPtables firewall. |
| October 1, 2004 |
hotspotter-0.4.tar.gz |
|
Hotspotter is a utility that passively monitors the network for probe request frames to identify the preferred networks of Windows XP clients, and will compare it to a supplied list of common hotspot network names. |
| October 1, 2004 |
yahooPOPS.txt |
|
Exploit for the remote buffer overflows in both the POP3 and SMTP services of the YahooPOPs application. |
| October 1, 2004 |
mssql.7.0.dos.c |
|
Exploit for the Mssql 7.0 remote Denial of Service buffer vulnerability. Affects Mssql 7.0 Service Pack sp0, sp1, sp2, and sp3. |
| October 1, 2004 |
chatmanx.zip
chatmanxMutlipleDoSPOC.zip |
|
Remote Denial of Service exploit for the memory allocation flaw in Chatman versions 1.5.1 RC1 and below. |
| October 1, 2004 |
phpPOC.txt |
|
PHP Proof of Concept exploit that makes use of an arbitrary file upload flaw in PHP versions below 4.3.9 and 5.0.2. |
| October 1, 2004 |
alexPHP.txt |
|
Proof of Concept exploit for the Alex PHP Guestbook remote file inclusion vulnerability. |
| October 1, 2004 |
VypressMessenger_BO_POC.zip |
|
A Proof of Concept exploit for the VyPRESS Messenger Remote Buffer Overflow vulnerability. |
| September 30, 2004 |
Proof of Concept |
|
Proof of Concept example for multiple vulnerabilities in Silent-Storm Portal. The issues result from insufficient sanitization of user-supplied data. |
| September 30, 2004 |
Proof of Concept |
|
Proof of Concept exploits for multiple vulnerabilities in W-Agora 4.1.6a. |
| September 30, 2004 |
n-du.tgz |
|
A Unix backdoor which does not have any open ports. It waits for a special UDP or TCP packet, then opens a tcp port backdoor. |
| September 30, 2004 |
flc_exp.c |
|
Proof of Concept local exploit for elevated privilege vulnerability in flc versions 1.0.4 and below. |
| September 30, 2004 |
mdaemon_rcpt.c |
|
Proof of Concept remote exploit for the Denial of Service vulnerability in Mdaemon SMTP server version 6.5.1. |
| September 30, 2004 |
mdaemon_imap.c |
|
Proof of Concept remote exploit for the buffer overflow vulnerability in MDaemon IMAP server version 6.5.1. |
| September 29, 2004 |
x_hpux_11_swinstall.c |
|
Local root exploit that makes use of a buffer overflow in the Software Distributor utilities for HP-UX. |
| September 29, 2004 |
actpboom.zip |
|
Proof of Concept exploit for ActivePost Standard versions 3.1 and below that makes use of a Denial of Service flaw. |
| September 29, 2004 |
x_hpux_11i_nls_ping.c |
|
Local format string exploit for /user/sbin/ping under HP-UX. |
| September 29, 2004 |
x_hpux_11i_nls_cu.c |
|
Local format string exploit for /usr/bin/cu under HP-UX. |
| September 29, 2004 |
ms04-028-cmd.c
JpgDownloader.c
JpegOfDeathAll.c |
|
Exploits for the Microsoft Windows (Graphics Device Interface) GDI+ JPEG handler integer underflow vulnerability. |
| September 29, 2004 |
and_more_sql_injection.pdf |
|
White paper discussing SQL injection attacks from different angles. |
| September 29, 2004 |
sharexploit.c |
|
Proof of Concept exploit for GNU sharutils versions 4.2.1 and below local format string vulnerability. |
| September 29, 2004 |
popmsgboom.zip |
|
Denial of Service exploit for PopMessenger versions 1.60 that makes use of a flaw when handling dialog boxes in relation to illegal characters. |
| September 29, 2004 |
aspWebCalendar.txt |
|
Proof of Concept exploit for aspWebCalendar and aspWebAlbum SQL injection attack vulnerability. |
| September 29, 2004 |
abzboom.zip |
|
A Proof of Concept exploit for the Playlogic Alpha Black Zero Remote Denial of Service vulnerability. |
| September 28, 2004 |
Proof of Concept |
|
Proof of Concept exploit for Serendipity Cross-Site Scripting and SQL injection vulnerabilities. |
| September 28, 2004 |
Proof of Concept |
|
Proof of Concept exploit for various Wordpress Cross-Site Scripting vulnerabilities. |
| September 28, 2004 |
Proof of Concept |
|
Proof of Concept exploit for the dBpowerAMP Music Converter and Audio Player remote buffer overflow vulnerabilities when processing malformed audio and playlist files. |
| September 27, 2004 |
Proof of Concept |
|
Proof of Concept exploit for multiple vulnerabilities in MegaBBS. These issues exist due to insufficient sanitization of user-supplied data and may allow an attacker to carry out HTTP response splitting and SQL injection attacks. |
| September 27, 2004 |
NewDawn4.c
NewDawn3.c
NewDawn2.c
NewDawn.c
|
|
Exploit scripts for the Multiple Vendor TCP Packet Fragmentation Handling Denial of Service vulnerability. |
| September 27, 2004 |
zinfMediaWindowsExploitDelikon.c
zinfexploit.c |
|
Exploit for the remote buffer overflow vulnerability in Zinf when processing malformed playlist files. Reportedly, this issue affects Zinf version 2.2.1 for Windows. |
| September 27, 2004 |
Proof of Concept |
|
Proof of Concept exploit for the BroadBoard Message Board multiple SQL injection vulnerabilities. These issues are due to a failure of the application to properly sanitize user supplied URI input prior to using it in an SQL query. |
| September 28, 2004 |
MSjpegExploitByFoToZ.c
jfif-expII.sh
msJPEGParsingVulnHighT1mes.c
J pegOfDeath.c
jpegOfDeathv0_6_a.c
JPGDownloaderATmaCA.c
sacred_jpg.c |
|
Proofs of Concept exploit scripts for the Microsoft (Graphics Device Interface) GDI+ JPEG handler integer underflow vulnerability. |
| September 23, 2004 |
activePostFileUploadPOC.zip
activePostDoSPOC.zip
|
|
Proof of Concept exploits for the multiple remote vulnerabilities in ActivePost Messenger. These issues are due to a failure of the application to validate user-supplied input, a failure of the application to handle exceptional conditions, and a design error that fails to properly secure forum passwords. |
| September 23, 2004 |
5NP0L0UE0M.html |
|
Exploit code for a format string vulnerability found in the 'shar' utility. The exploit was tested on Slackware 9.0. |
| September 23, 2004 |
scratch.rar |
|
Scratch is an advanced protocol destroyer which can find a wide variety of vulnerabilities from a simple packet. |
| September 23, 2004 |
weplab-0.1.2-beta.tar.gz |
|
Weplab is a tool to review the security of WEP encryption in wireless networks. |
| September 23, 2004 |
xmpg123.c |
|
Exploit code for the vulnerability in mpg123 that could permit a remote attacker to execute arbitrary code with the privileges of the mpg123 user. |
| September 22, 2004 |
arping-2.04.tar.gz |
|
Arping is an arp level ping utility which broadcasts a who-has ARP packet on the network and prints answers. |
| September 22, 2004 |
raddump-0.2.tar.gz |
|
raddump interprets captured RADIUS packets to print a timestamp, packet length, and other packet information for each packet. |
| September 22, 2004 |
EmuliveVuln.txt |
|
Proof of Concept exploit for the Emulive Server4 Commerce Edition Build 7560 denial of service vulnerability and unauthorized administrative access due to insufficient input verification. |
| September 22, 2004 |
ms04-028.sh |
|
Proof of Concept local exploit that creates a JPEG image to test for the buffer overrun vulnerability discovered under Microsoft Windows. |
| September 22, 2004 |
mdaemon_imap.c
mdaemon_rcpt.c |
|
Exploit code for the Alt-N MDaemon multiple remote buffer overflow vulnerabilities. The vulnerabilities are likely due to input validation error. |
| September 21, 2004 |
lotr3boom.zip |
|
Remote denial of service exploit for Lords of the Realm III versions 1.01 and below. |
| September 21, 2004 |
lotr3boom.c
|
|
Script that exploits the Lords of the Realm III Nickname Remote Denial of Service vulnerability. |
| September 21, 2004 |
latex2rtf.c |
|
Exploit code for the LaTeX2rtf version 1.9.15 remote buffer overflow vulnerability when handling malformed files. This vulnerability may allow a remote attacker to execute arbitrary code on a vulnerable computer to gain unauthorized access. |
| September 21, 2004 |
Proof of Concept |
|
Proof of Concept exploit for the Pinnacle Systems ShowCenter web-based interface remote denial of service vulnerability. The issue exists due to a lack of sanity checks performed on the Skin parameter of a ShowCenter script. |
| September 21, 2004 |
popmsgboom.c |
|
Exploit for the LeadMind Pop Messenger remote denial of service vulnerability. |
| September 20, 2004 |
cvs_argumentx_exp.c |
|
Exploit code for the double free heap corruption vulnerability in CVS. |
| September 20, 2004 |
Proof of Concept |
|
Proof of Concept exploit for the ReMOSitory module for Mambo SQL injection vulnerability. |
| September 20, 2004 |
zp-exp-telnetd.c |
|
Exploit code for the boundary condition error in telnet daemons derived from the BSD telnet daemon. |
| September 20, 2004 |
Proof of Concept |
|
Proof of Concept exploit for the vulnerability in the Mozilla 'enablePrivilege' method. It is possible to manipulate dialog contents. |
| September 20, 2004 |
Proof of Concept |
|
Proof of Concept exploit for the vulnerability in Mozilla and Firefox browsers that could allow a remote site to gain access to contents of the client user's clipboard. |
| September 21, 2004 |
advisory-05-glFTPd.txt |
|
Proof of concept exploit for the local stack overflow vulnerability in the dupescan binary from glFTPd versions 2.00RC3 and below. |
| September 21, 2004 |
ettercap-NG-0.7.1.tar.gz |
|
Ettercap NG is a network sniffer/interceptor/logger for switched LANs. It uses ARP poisoning and the man-in-the-middle technique to sniff all the connections between two hosts. |
| September 21, 2004 |
mambo45.jose.txt |
|
Mambo versions 4.5 and below are susceptible to cross site scripting and remote command execution flaws. |
| September 21, 2004 |
mambo451.txt |
|
Proof of concept exploit for Mambo versions 4.5.1 and below SQL injection vulnerability. |
| September 21, 2004 |
pigeonx.zip |
|
Remote denial of service exploit for Pigeon versions 3.02.0143 and below. |
| September 21, 2004 |
rsynxOSX.txt |
|
Proof of concept exploit for RsyncX version 2.1, the frontend for rsync on OS X, arbitrary program execution vulnerability. |
| September 21, 2004 |
sudoedit.txt |
|
Proof of concept exploit for sudo version 1.6.8p1 that makes use of a flaw in sudoedit. |
| September 18, 2004 |
sudo-exploit.c
|
|
Proof of Concept exploit for the Sudo Information Disclosure vulnerability. |
| September 17, 2004 |
CRASH-TEST.zip
crash-netscape.jpg
jpegcompoc.zip |
|
Proof of concept exploit for the Microsoft (Graphics Device Interface) GDI+ JPEG handler integer underflow vulnerability. |
| September 17, 2004 |
jpegcompoc.zip |
|
Proof of concept exploit for the JPEG buffer overrun vulnerability in Windows XP. |
| September 17, 2004 |
lovethisgame.html |
|
Proof of concept exploit for a file inclusion vulnerability in PerlDesk 1.x due to insufficient input validation. |
| September 17, 2004 |
None |
|
Example exploit for the DNS4Me denial of service and cross-site scripting vulnerabilities. |
| September 17, 2004 |
None |
|
Example exploit for the cross-site scripting vulnerability in the YaBB forum 'YaBB.pl' script. |
| September 17, 2004 |
None |
|
Proof of concept exploit for the Google Toolbar HTML injection vulnerability. It is reported that the Google Toolbar 'ABOUT.HTML' page allows the injection of HTML and JavaScript code. |
| September 17, 2004 |
None |
|
Example exploit for the YaBB administrator command execution vulnerability. |
| September 17, 2004 |
None |
|
Proof of concept exploit for the Mozilla and Firefox cross-domain scripting vulnerability. |
| September 17, 2004 |
None |
|
Proof of concept exploit for the SnipSnap HTTP response splitting vulnerability. |
| September 16, 2004 |
None |
|
Proof of concept exploit for the Snitz Forums HTTP response splitting vulnerability. |
| September 16, 2004 |
Tx.exe |
|
A small universal Windows backdoor for all versions of Windows NT/2K/XP/2003 with any service pack. |
| September 15, 2004 |
bbsEMarket.txt |
|
Proof of concept exploit for BBS E-Market Professional path disclosure, file download, file disclosure, user authentication bypass, and php source injection vulnerabilities. BBS E-Market patch level bf_130, version 1.3.0, and below is affected. |
| September 15, 2004 |
cdr-exp.sh
cdrecord-suidshell.sh
readcd-exp.sh |
|
CDRTools is reportedly vulnerable to an RSH environment variable privilege escalation vulnerability. This issue is due to a failure of the application to properly implement security controls when executing an application specified by the RSH environment variable. |
| September 15, 2004 |
challenges.tgz |
|
This package contains example vulnerable C programs. There are examples of buffer overflows (stack and heap) and format string vulnerabilities. All examples are exploitable with a standard linux/x86 environment. |
| September 15, 2004 |
fwknop-0.4.1.tar.gz |
|
fwknop is a flexible port knocking implementation that is based around iptables. Both shared knock sequences and encrypted knock sequences are supported. |
| September 15, 2004 |
myServer07.txt |
|
myServer version 0.7 is susceptible to a simple directory traversal attack. |
| September 15, 2004 |
netw-ib-ox-ag-5.24.0.tgz |
|
Netwox is a utility that supports various protocols (DNS, FTP, HTTP, NNTP, SMTP, SNMP) and performs low level functions like sniffing, spoofing traffic, and playing client/server roles. Both Windows and Unix versions are included. |
| September 15, 2004 |
None |
|
Proof of concept vulnerability for the vulnerability in the Mozilla 'enablePrivilege' method. |
| September 15, 2004 |
None |
|
Proof of concept exploit for the vulnerability in Mozilla and Firefox browsers that could permit a remote site to gain access to contents of the client user's clipboard. |
| September 15, 2004 |
pizzaicmp.c |
|
ICMP-based triggered Linux kernel module that executes a local binary upon successful use. |
| September 15, 2004 |
Rx.exe |
|
A small universal Windows reverse shell for all versions of Windows NT/2K/XP/2003 with any service pack. |
| September 14, 2004 |
getinternet.txt |
|
Proof of concept exploit for getInternet SQL injection and remote command execution vulnerabilities |
| September 14, 2004 |
getintranet.txt |
|
Proof of concept exploit for getIntranet 2.x cross site scripting, SQL injection, script insertion, and multiple other attacks vulnerabilities. |
| September 14, 2004 |
LSS-2004-09-01.html |
|
Proof of concept exploit for the format string vulnerability in SuS logging function. |
| September 14, 2004 |
regulus.htm |
|
Proof of concept exploit for various vulnerabilities exist in Regulus 2.x that allow for an attacker to gain access to sensitive information and to bypass certain security restrictions. |
| September 13, 2004 |
None |
|
Proof of concept exploit for Webmin / Usermin command execution vulnerability when rendering HTML email messages. This issue is reported to affect Usermin versions 1.080 and prior. |
| September 13, 2004 |
None |
|
Proof of concept exploit for the Pingtel Xpressa handset remote denial of service vulnerability. |
| September 13, 2004 |
None |
|
Proof of concept exploit for the QNX Photon MicroGUI buffer overflow vulnerabilities in MicroGUI utilities. |
| September 11, 2004 |
None |
|
Proof of concept vulnerability for the Serv-U FTP Server denial of service vulnerability. |
| September 14, 2004 |
5YP0B15E0S.html |
|
Proof of concept exploit for the cdrecord configuration vulnerability that a local user can exploit to obtain root privileges. |
| September 14, 2004 |
adv17.txt |
|
Proof of concept exploit for Turbo Seek 1.x vulnerability that allows an attacker the ability to access the contents of any file in the file system. |
| September 14, 2004 |
rkhunter-1.1.8.tar.gz |
|
Rootkit Hunter scans files and systems for known and unknown rootkits, backdoors, and sniffers. |
| September 13, 2004 |
portknock-sshd_lkm.c |
|
Kernel module using portknocking to get sshd spawned after challenging a list of specified daemons. Designed for 2.4 kernels. |
| September 13, 2004 |
readcd_exp.sh |
|
Local root exploit for readcd that comes setuid default on some Linux distributions. |
| September 13, 2004 |
sm00ny-courier_imap_fsx.c |
|
Exploit for courier-imap 3.0.2-r1 and below remote format string vulnerability. |
| September 10, 2004 |
adv06-y3dips-2004.txt |
|
Proof of concept exploit for the 1n BBS E-Market Professional remote command execution vulnerabilities via remote file inclusion and full path disclosure flaw. |
| September 10, 2004 |
BJDExploit.rar |
|
Buffer overflow exploit for BlackJumboDog FTP server version 3.6.1 that opens up port 7777 allowing for an executable upload. |
| September 10, 2004 |
BlackJumboDog_ftp_exp.c |
|
Proof of concept exploit for the buffer overflow vulnerability in SapporoWorks Black JumboDog FTP Server 3.6.1 |
| September 10, 2004 |
cdr_exp.sh |
|
Local root exploit for cdrecord, which fails to drop euid=0 when it exec()s a program specified by the user through the RSH environment variable. |
| September 10, 2004 |
fed.ipSpace.txt |
|
A list of IP space for various Federal agencies. |
| September 10, 2004 |
haloboom.zip |
|
Proof of concept Denial of Service exploit for Halo: Combat Evolved versions 1.4 and below which suffer from an off-by-one vulnerability. |
| September 10, 2004 |
None |
|
Proof of concept exploit for GetSolutions GetIntranet SQL injection vulnerabilities. |
| September 10, 2004 |
None |
|
Proof of concept exploit for GetSolutions GetInternet SQL injection vulnerabilities. |
| September 10, 2004 |
osxrk-0.2.1.tbz |
|
MAC OS-X rootkit that has a lot of standard tools included, adds a TCP backdoor via inetd, does data recon, and more. |
| September 10, 2004 |
phpSQLnuke.pl |
|
Perl exploit that makes use of a flaw in PHP-Nuke 7.4 where an attacker can post to global home-page messages. |
| September 10, 2004 |
subjects2.txt |
|
Proof of concept exploit for the PostNuke Subjects module 2.x SQL injection attack vulnerability. |
| September 10, 2004 |
trillian074i.txt |
|
Proof of concept exploit for the buffer overflow vulnerability in the Trillian basic edition version 0.74i. This vulnerability is remotely exploitable but requires the use of a man-in-the-middle attack. |
| September 10, 2004 |
weplab-0.1.1-beta.tar.gz |
|
Weplab is a tool to review the security of WEP encryption in wireless networks from an educational point of view. |
| September 9, 2004 |
aircrack-2.0.tgz |
|
Aircrack is an 802.11 WEP cracking program that can recover a 40-bit or 104-bit WEP key once enough encrypted packets have been gathered. |
| September 9, 2004 |
codboom.zip |
|
Proof of concept exploit for Call of Duty versions 1.4 and below Denial of Service vulnerability. |
| September 9, 2004 |
drizzit.c |
|
Proof of concept exploit for the AIM Away Message buffer overflow vulnerability. Affects AIM versions 5.5.3588, 5.5.3590 Beta, 5.5.3591, 5.5.3595 and others. |
| September 9, 2004 |
dynalink.Backdoor.txt |
|
Proof of concept exploit for the Dynalink RTA 230 ADSL router backdoor account vulnerability. |
| September 9, 2004 |
elf-0.5.4p1.tar.gz |
|
A command-line tool that allows a user to analyze the contents of an ELF object file header. This header contains various integral values such as the virtual entry point of the object file, the machine architecture it was compiled for and more. |
| September 9, 2004 |
exploits-1.tbz |
|
A collection of tutorials regarding exploit programming. |
| September 9, 2004 |
MailWorks.txt |
|
Proof of concept exploit for the MailWorks Pro session check bypass vulnerability. The exploit allows an attacker to have full control over the administration section. |
| September 9, 2004 |
neb-private.c |
|
Proof of concept exploit for the Citadel/UX versions 6.23 and below USER directive overflow vulnerability. |
| September 9, 2004 |
qnx-pppoed-multiple-flaws.txt |
|
Proof of concept for the QNX PPPoEd multiple local root vulnerabilities. QNX RTP 6.1 is affected. |
| September 9, 2004 |
sitenewsAuth.txt |
|
Proof of concept exploit for the Site News 1.1 authentication vulnerability. |
| September 9, 2004 |
torrent_exp.php.txt |
|
Proof of concept PHP exploit that makes use of a SQL injection vulnerability in TorrentTrader version 1.0 RC2. |
| September 8, 2004 |
Trillian_bof.c |
|
Script that exploits the Trillian Remote Buffer Overflow MSN Module vulnerability. |
| September 7, 2004 |
cdrdaohack.sh
cdrdao_show_file.sh
cdrdao-exp.sh |
|
Exploits for the CDRDAO configuration vulnerability which could result in the overwriting of root-owned files, or potentially allow the user execute commands as root. |
| September 7, 2004 |
None |
|
Proof of concept exploit for UtilMind Solutions Site News authentication bypass vulnerability. |
| September 7, 2004 |
None |
|
Proof of concept exploit for the input verification vulnerability in PSnews. |
| September 7, 2004 |
typsoft_ftpd_dos.bat |
|
Proof of Concept exploit script for the TYPSoft FTP Server Remote 'RETR' Command Denial of Service vulnerability. |
| September 6, 2004 |
codboom.zip |
|
Proof of concept exploit for Call of Duty input validation vulnerability. |
| September 4, 2004 |
wottapoop.html |
|
Proof of concept exploit for the Microsoft Internet Explorer drag and drop installation vulnerability. |
| September 3, 2004 |
installer.htm |
|
Proof of concept exploit for Microsoft Internet Explorer vulnerability that may permit cross-zone access, allowing an attacker to execute malicious script code in the context of the Local Zone. |
| September 3, 2004 |
None |
|
Proof of concept exploit has been published for the Nullsoft Winamp ActiveX Control remote buffer overflow vulnerability. |
| September 3, 2004 |
None |
|
Proof of concept exploit has been published for the Altnet remote buffer overflow vulnerability. |
| September 3, 2004 |
SelenaTeamTrackLoginPagePOC.pl |
|
Proof of concept exploit for the Serena TeamTrack remote authentication bypass vulnerability. |
| September 3, 2004 |
xv_bmpslap.c |
|
Proof of concept exploit for the xv buffer overflow and integer overflow vulnerabilities. |
| September 2, 2004 |
00047-8302004.txt |
|
Proof of concept exploit for the Xedus version 1.0 denial of service, cross site scripting, and directory traversal vulnerabilities. |
| September 2, 2004 |
courier_fstr.c |
|
Script that exploits the Courier-IMAP Remote Format String vulnerability. |
| September 2, 2004 |
galfakeimg.php |
|
Proof of concept exploit for the Gallery vulnerability that may allow a remote attacker to execute malicious scripts on a vulnerable system. |
| September 2, 2004 |
mandragore-aolim.c
aolInstantMessengerMessageBOExp2.c |
|
Proof of concept exploits for the AOL Instant Messenger remote buffer overflow vulnerability. |
| September 2, 2004 |
passprotect.txt |
|
Proof of concept exploit for the Password Protect cross site scripting and SQL injection attack vulnerabilities. |
| September 2, 2004 |
titanftp.c |
|
Proof of concept exploit for the heap overflow in Titan FTP server versions 3.21 and below. |
| September 2, 2004 |
wftpdDoS.c |
|
Proof of concept exploit for the denial of service vulnerability in WFTPD Pro Server 3.21. |
| September 1, 2004 |
Courier IMAP exploit script |
|
Proof of concept exploit for the Courier-IMAP remote format string vulnerability in versions prior to 3.0.7. |
| September 1, 2004 |
torrentTraderDownloadSQLPOC.php |
|
Proof of Concept for the TorrentTrader 'id' SQL Injection vulnerability. |
| August 31, 2004 |
dLinkNetCamIPAddressSetExploit.c |
|
Proof of concept exploit for the D-Link Securicam Network DCS-900 Internet Camera remote configuration vulnerability. An attacker trigger a denial of service condition. |
| August 30, 2004 |
cesarftp_dos.c |
|
Proof of Concept exploit Denial of Service script for the CesarFTP Buffer Overflow vulnerability. |
| August 30, 2004 |
titan_hof.c |
|
Proof of Concept exploit script that exploits the Titan FTP Server Remote Heap Overflow vulnerability. |
| August 30, 2004 |
wftpd.c
|
|
Script that exploits the WFTPD Server Remote Denial of Service vulnerability. |
| August 31, 2004 |
dlinkdown.c |
|
Remote exploit that will change an IP address for the D-Link DCS-900 IP camera, due to the fact that it listens for a 62976/udp broadcast packet telling it what IP address to use without any authentication. |
| August 31, 2004 |
gc2boom.zip |
|
Proof of concept exploit for the denial of service vulnerability in Ground Control II: Operation Exodus versions 1.0.0.7 and below. |
| August 31, 2004 |
gwee-1.36.tar.gz |
|
Generic Web Exploitation Engine (gwee), is a small program designed to exploit input validation vulnerabilities in web scripts, such as Perl CGIs, PHP, etc. gwee is much like an exploit, except more general-purpose. |
| August 31, 2004 |
keeneTraversal102.txt |
|
Proof of concept exploit for Keene Digital Media Server version 1.0.2 which is susceptible to a directory traversal attack due an input validation vulnerability |
| August 31, 2004 |
neb-citadel.c |
|
Remote exploit for Citadel/UX versions 6.23 and below that makes use of the USER directive overflow vulnerability. |
| August 31, 2004 |
skl0g_v1.14.zip |
|
skl0g is a keylogger for Windows. It runs invisibly, logs everything that is typed at the computer and saves them in log files according to the date. |
| August 31, 2004 |
tcpick-0.1.24.tar.gz |
|
tcpick is a textmode sniffer that can track TCP streams and saves the data captured in files or displays them in the terminal. |
| August 31, 2004 |
weplab-0.1.0-beta.tar.gz
weplab-0.1.0-beta-win32_01.zip |
|
Weplab is a tool to review the security of WEP encryption in wireless networks. Several attacks are available to help measure the effectiveness and minimum requirements for the network. |
| August 27, 2004 |
aircrack-1.3.tgz
|
|
Aircrack is an 802.11 WEP cracking program that can recover a 40-bit or 104-bit WEP key once enough encrypted packets have been gathered. It implements the standard FMS attack along with some optimizations, thus making the attack much faster compared to other WEP cracking tools. |
| August 27, 2004 |
Codebase.gen |
|
Code that exploits the Winamp skin remote code execution vulnerability. |
| August 27, 2004 |
gaucho140poc.cpp.txt |
|
Proof of concept exploit that simulates a POP3 server which sends a specially crafted email to a vulnerable Gaucho email client, triggering an overflow and binding a shell on port 2001. Version 1.4 build 145 is susceptible. |
| August 27, 2004 |
winampExploit.txt |
|
Proof of concept exploit that was found in the wild by k-otik.com that makes use of the Winamp vulnerability where insufficient restrictions on Winamp skin zip files (.wsz) allow a malicious attacker to place and execute arbitrary programs on a victim's system. |
| August 26, 2004 |
00045-08242004.txt |
|
Proof of concept exploit for the denial of service and unauthorized system access vulnerabilities in Easy File Sharing webserver version 1.25. |
| August 26, 2004 |
efswsdos.pl |
|
Proof of concept exploit for the denial of service vulnerability in Easy File Sharing webserver version 1.25. |
| August 26, 2004 |
gallery-php.txt |
|
PHP based exploit for Gallery versions 1.4.4 and below that makes use of an arbitrary file upload flaw. |
| August 26, 2004 |
gc2.tar |
|
Proof of Concept exploit for the Ground Control II Remote Denial of Service vulnerability. |
| August 26, 2004 |
gmailSurf.txt |
|
Proof of concept exploit for input validation vulnerability in Google's GMail system which allows users to surf anonymously. |
| August 26, 2004 |
md-xplv2.c |
|
Script that exploits the Music Daemon Information Disclosure vulnerability. |
| August 26, 2004 |
networkEverywhere.txt |
|
Proof of concept exploit for the script injection over DHCP vulnerability in NetworkEverywhere router Model NR041. |
| August 26, 2004 |
painkex.zip |
|
Proof of concept exploit for Painkiller versions 1.3.1 and below that makes use of a memory corruption flaw. |
| August 26, 2004 |
PST_chpasswd_exp-v_b.c |
|
Squirrelmail chpasswd local root bruteforce exploit. |
| August 26, 2004 |
RealVNC_dos.c |
|
Proof of Concept exploit for the RealVNC Server Remote Denial of Service vulnerability. |
| August 26, 2004 |
webapp.traversal.txt |
|
Proof of concept exploit the WebAPP vulnerabilities that could permit a directory traversal attack and the ability to retrieve the DES encrypted password hash of the administrator. |
| August 25, 2004 |
find_shell code |
|
This shellcode scans the address space of the vulnerable process for a certain pattern. Once found it jumps into it. This assumes that a remote buffer overflow target has limited buffer space and storing the bind shellcode in the buffer is difficult but storing it "somewhere" is possible. |
| August 24, 2004 |
00042-08202004.txt |
|
Proof of concept exploit for the BadBlue Webserver version 2.5 Denial of Service vulnerability. |
| August 24, 2004 |
AntiExploit-1.3b2.tar.gz |
|
AntiExploit is an exploit scanner to detect local intruders. It scans for over 3900 suspicious files, has daily database updates, and will act if a file is accessed. It uses the dazuko kernel module, which is also used by clamAV, Amavis, and other virus scanners. |
| August 24, 2004 |
axisFlaws.txt |
|
Proof of concept exploit for multiple vulnerabilities in Axis versions 2100, 2110, 2120, 2420, and 2130 Network Camera along with the 2400 and 2401 Video Servers. |
| August 24, 2004 |
hafiye.txt |
|
Proof of concept exploit for Hafiye 1.0 terminal escape sequence injection vulnerability that can result in a denial of service and remote root compromise. |
| August 24, 2004 |
musicDaemon.txt |
|
Proof of concept exploit for the MusicDaemon versions 0.0.3 and prior remote Denial of Service and other vulnerabilities. |
| August 24, 2004 |
MyDMS.txt |
|
Proof of concept exploit for the MyDNS SQL injection and directory traversal vulnerabilities. |
| August 24, 2004 |
qt_bmp_heap_overflow.c |
|
Proof of concept exploit for the qt BMP parsing vulnerability in version 3.3.2. |
| August 24, 2004 |
qt_bmpslap.c |
|
Heap overflow exploit for the qt BMP parsing vulnerability in version 3.3.2. |
| August 24, 2004 |
regmon_dos.c |
|
A Proof of Concept exploit script for the Regmon Local Denial of Service vulnerability. |
| August 24, 2004 |
txt-rant.txt
|
|
Information about how Microsoft and Virus scanners fail to properly pay attention to .txt file extensions and how they can be used by attackers to fall into the background. |
| August 23, 2004 |
birdCahtDOSExploit.java
|
|
Exploit for the Bird Chat Remote Denial of Service vulnerability. |
| August 20, 2004 |
badblue_webserver_dos.pl |
|
Proof of Concept exploit for the BadBlue Webserver Denial Of Service vulnerability. |
| August 20, 2004 |
xv_bmpslap.c |
|
Script that exploits the xv vbmp.c Buffer Overflow vulnerability |
| August 19, 2004 |
malware.sp2.zip |
|
Exploit for the Internet Explorer MHTML Content-Location Cross Security Domain Scripting vulnerability. |
| August 19, 2004 |
malware.sp2.zip |
|
Exploit for the Internet Explorer MHTML Content-Location Cross Security Domain Scripting vulnerability. |
| August 19, 2004 |
merak527.txt |
|
Script that exploits various vulnerabilities in the Merak Webmail server version 5.2.7. |
| August 19, 2004 |
rkhunter-1.1.6.tar.gz
|
|
Rootkit Hunter scans files and systems for known and unknown rootkits, backdoors, and sniffers. The package contains one shell script, a few text-based databases, and optional Perl modules. It should run on almost every Unix variety except Solaris and NetBSD. |
| August 19, 2004 |
yapig-php.txt |
|
PHP based exploit script for YaPiG 0.x. |
| August 18, 2004 |
gv-exploitv2.c |
|
Script that exploits the local buffer overflow vulnerability in the gv postscript viewer. |
| August 18, 2004 |
Imailpwdump.cpp |
|
Password decryption utility for the IpSwitch IMail Server versions 8.1 and prior. |
| August 18, 2004 |
ipd-dos.c |
|
Proof of concept exploit for the IPD (Integrity Protection Driver) Denial of Service vulnerability. |
| August 18, 2004 |
playsms_sql.pl |
|
Proof of Concept exploit for the PlaySMS SQL Input Validation vulnerability. |
| August 17, 2004 |
dnsspoof.zip |
|
Utility that automates the DNS spoofing vulnerability in Microsoft Windows XP SP1. It generates a script file that launches the netwox application with correct parameters. It works with Windows and Linux. |
| August 17, 2004 |
xine_bof.c |
|
Script that exploits the xine Buffer Overflow in Processing 'vcd' Identifiers Lets Remote Users Execute Arbitrary Code vulnerability. |
| August 17, 2004 |
SpecificMAIL.theft.txt |
|
A freeware spam filter for Outlook and Outlook Express that is extremely intrusive and acts more as spyware than a useful utility to users. |
| August 16, 2004 |
proc_kmem_dump.c |
|
Script that exploits the Linux Kernel Proc_kmem_dump vulnerability. |
| August 14, 2004 |
aimAway.c |
|
Proof of concept exploit for AOL Instant Messenger aim:goaway URI Handler Buffer Overflow Vulnerability. |
| August 13, 2004 |
ethereal-0.10.6.tar.gz |
|
A GTK+-based network protocol analyzer, or sniffer, that lets you capture and interactively browse the contents of network frames. |
| August 13, 2004 |
gv-exploit.c |
|
Script that exploits the gv Local Buffer Overflow vulnerability. |
| August 13, 2004 |
netgearDG834G.txt |
|
The Netgear DG834G has a hardcoded root password of zebra and a debug mode that allows for an immediately available rootshell. |
| August 13, 2004 |
priv8afp.pl |
|
Remote root exploit for Mac OS X Apple Filing Protocol Buffer Overflow vulnerability. |
August 12, 2004 |
aircrack-1.1.tgz |
|
An 802.11 WEP cracking program that can recover a 40-bit or 104-bit WEP key once enough encrypted packets have been gathered. It implements the standard FMS attack along with some optimizations, thus making the attack much faster compared to other WEP cracking tools. |
August 12, 2004 |
freedom.c |
|
Remote CVS exploit for the Double free() Heap Overflow vulnerability. |
| August 12, 2004 |
mercantec_softcart.pm |
|
Exploit for the Mercantec Softcart CGI Buffer Overflow vulnerability. |
August 12, 2004 |
pngslap.c |
|
Script that exploits the Libpng Buffer Offset Calculation Overflow vulnerability. |
August 12, 2004 |
rkhunter-1.1.5.tar.gz |
|
Rootkit Hunter scans files and systems for known and unknown rootkits, backdoors, and sniffers. |
August 11, 2004 |
0x4553_Exorcist.tar.gz |
|
A tool that can be considered an anti-anti-ptrace utility that unlocks the ptrace_traceme guard of a binary. |
August 11, 2004 |
0x4553_Scorpion.tar.gz |
|
Tool for infecting statically linked ELF binaries. |
August 11, 2004 |
0x4553-Static_Infecting.html |
|
White paper that discusses a method of infecting statically linked ELF binaries.
|
| August 11, 2004 |
c030224-001.txt |
|
Detailed exploit details for the ServerMask Header Identification vulnerability. |
| August 11, 2004 |
framework-2.2.tar.gz |
|
The Metasploit Framework is an advanced open-source platform for developing, testing, and using exploit code. This release includes 18 exploits and 27 payloads. |
| August 11, 2004 |
OllyExp.c |
|
Script that exploits the OllyDbg Debugger Messages Format String vulnerability. |
| August 10, 2004 |
linuxKernelFileOffsetPointerHandlingExploit.c |
|
Exploit for the Linux Kernel File 64-Bit Offset Pointer Handling Kernel Memory Disclosure vulnerability. |
| August 9, 2004 |
Xines_Mine.c |
|
Script that exploits the Xine Buffer Overflow vulnerability. |
August 9, 2004 |
yapig_script_injection.php |
|
Exploit for the YaPiG Remote Server-Side Script Execution vulnerability. |
August 8, 2004 |
servulocal.c |
|
Script that exploist the RhinoSoft Serv-U FTP Server Default Administration Account vulnerability. |
August 7, 2004 |
pavuk.c |
|
Script that exploits the Pavuk Digest Authentication Buffer Overflow Vulnerabilities. |
| August 7, 2004 |
pavukWebSpider.c |
|
Script that exploits the Pavuk Digest Authentication Buffer Overflow Vulnerabilities. |
August 6, 2004 |
apache-dos.pl |
|
Perl script that exploits the Apache ap_escape_html Remote
Denial of Service vulnerability.
|
August 6, 2004 |
apacheEscapeHeaderD0SExploit.c
|
|
Script that exploits the Apache ap_escape_html Remote
Denial of Service vulnerability. |
| August 5, 2004 |
aircrack-1.0.tgz |
|
An 802.11 WEP cracking program that can recover a 40-bit or 104-bit WEP key once enough encrypted packets have been gathered. |
| August 5, 2004 |
bjd361exp.cpp |
|
Proof of Concept exploit for the BlackJumboDog FTP Buffer Overflow vulnerability. |
| August 5, 2004 |
C-MD5.tar.bz2 |
|
MD5 Brute Force Tool that tests the security of MD5 passwords by attempting to brute force them. |
| August 5, 2004 |
evil_song.py |
|
Exploit for the SoX ".WAV" File Processing Buffer Overflow Vulnerability. |
| August 5, 2004 |
hoagie_openftpd.c |
|
Remote root exploit for OpenFTPD Format String vulnerability. |
| August 5, 2004 |
HOD-ms04022-task-expl.c |
|
Exploit for the Microsoft Windows Task Scheduler Remote Buffer Overflow vulnerability. |
| August 5, 2004 |
hydra-4.2-src.tar.gz |
|
A high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. |
| August 5, 2004 |
isec-0016-procleaks.txt |
|
Exploit for the Linux Kernel 64-bit to 32-bit File Offset Conversion vulnerability. |
August 5, 2004 |
mailEnable.txt |
|
Exploit for the MailEnable Content-Length Denial Of Service vulnerability. |
| August 5, 2004 |
openf.c |
|
Remote root exploit for OpenFTPD Format String vulnerability. |
August 5, 2004 |
pocExploitEtherealiSNSProtocolVuln.c |
|
Proof of Concept exploit for the Ethereal iSNS Protocol Denial of Service vulnerability. |
| August 4, 2004 |
drop-root.c |
|
Script that exploits the Dropbear SSH Server DSS Verification Vulnerability. |
August 4, 2004 |
FreeWebChat[Mir]DoS-po.cc |
|
Script that exploits the Free Web Chat Denial Of Service Vulnerabilities. |
August 4, 2004 |
FreeWebChat_ir_RC_poc.java |
|
Exploit for the Free Web Chat Denial Of Service Vulnerabilities. |
August 4, 2004 |
libpn.gc |
|
Script that exploits the LibPNG Graphics Library Denial of Service vulnerability. |
August 4, 2004 |
linuxKernelFileOffsetPointerHandlingExploit.c |
|
Script that exploits the Linux Kernel File 64-Bit Offset Pointer Handling Kernel Memory Disclosure Vulnerability. |
| August 4, 2004 |
soxWAVfilebufferoverflowexploi.tc |
|
Exploit for the SoX ".WAV" File Processing Buffer Overflow Vulnerability. |
| July 31, 2004 |
fusionphp.net |
|
A specially crafted URL that, when loaded by a target administrator, will cause a user account to be added. The malicious URL can be placed in a BBCode image tag within a comment and then executed when the target administrator views the comment. |
| July 30, 2004 |
controlpanel.php |
|
An SQL injection vulnerability allowing a remote user administrative access. |
| July 29, 2004 |
antiboard072txt |
|
SQL Injection and cross site scripting vulnerabilities exist in AntiBoard versions 0.7.2 and below due to a lack of input validation of various variables. |
| July 29, 2004 |
citadel-advisory-04.txt |
|
Citadel/UX versions 6.23 and below are vulnerable to a buffer overflow that occurs when more than 97 bytes are sent with the USER directive to port 504. |
| July 29, 2004 |
IRM-009.txt |
|
IRM Security Advisory 009 - RiSearch version 1.0.01 and RiSearch Pro 3.2.06 are susceptible to open FTP/HTTP proxying, directory listings, and file disclosure vulnerabilities. |
| July 28,2004 |
bitlanceOpera.txt |
|
A vulnerability in the Opera 7.x series allows phishing attacks due to not updating the address bar if a web page is opened using the window.open function and then replaced using the location.replace function. |
| July 27, 2004 |
taskShed.C |
|
Microsoft Windows 2K/XP Task Scheduler local exploit that will spawn notepad.exe. |
| July 27, 2004 |
nucleusCMSSQL.txt |
|
Nucleus CMS version 3.01 addcoment/itemid SQL Injection Proof of Concept PHP exploit that dumps the username and md5 hash of the password for the administrator user. |
| July 26, 2004 |
eSeSix.txt |
|
eSeSIX Thintune with a firmware equal to or below 2.4.38 is susceptible to multiple vulnerabilities. These include having a backdoored service on a high port with an embedded password giving a remote root shell, various other passwords being stored locally in clear text, and a local root shell vulnerability. |
| July 26, 2004 |
ew_file_manager.txt |
|
The EasyWeb FileManager Module for PostNuke is vulnerable to a directory traversal problem which allows retrieval of arbitrary files from the remote system. Versions affected: EasyWeb FileManager 1.0 RC-1. |
| July 26, 2004 |
Mozilla_Firefox_25-07-2004.txt |
|
Mozilla FireFox versions 0.9.1 and 0.9.2 has a flaw where it is possible to make a browser load a valid certificate from a trusted website by using a specially crafted onunload event |
| July 25, 2004 |
applePanther.txt |
|
Apple OSX Panther 10.3.4 with Internet Connect version 1.3 by default appends to ppp.log in /tmp if the file already exists. If a symbolic link is made to any file on the system, it automatically writes to it as root allowing for an easy local compromise. Detailed exploitation given. |
| July 24, 2004 |
wgetusr.c |
|
Exploit that makes use of the mod_userdir vulnerability in various Apache 1.3 and 2.x servers. |
| July 24, 2004 |
sambaPoC.txt |
|
Proof of concept exploit code for the Samba 3.x swat preauthentication buffer overflow vulnerability. |
| July 24, 2004 |
httpdDoS.pl |
|
Denial of service test exploit for the flaw in Apache httpd 2.0.49. |
| July 23, 2004 |
OpteronMicrocode.txt |
|
This document details the procedure for performing microcode updates on the AMD K8 processors. It also gives background information on the K8 microcode design and provides information on altering the microcode and loading the altered update for those who are interested in microcode hacking. Source code is included for a simple Linux microcode update driver for those who want to update their K8's microcode without waiting for the motherboard vendor to add it to the BIOS. The latest microcode update blocks are included in the driver. |
| July 23, 2004 |
FlashFTPtraverse.txt |
|
Flash FTP Server version 1.0 (and possibly 2.1) for Windows is susceptible to a directory traversal attack. |
| July 20, 2004 |
unrealdecloak.tar.gz |
|
Unreal Decloak Toolkit version 0.1 illustrates the weak hashing system vulnerability in Unreal ircd 3.2 and previous versions. |
July 17, 2004 |
W32.Beagle.AC@mm |
|
Mass-mailing worm that uses its own SMTP engine to spread through e-mail, and opens a backdoor on TCP Port 1080. Uses PeX as an executable packer. |
July 17, 2004 |
W32.Beagle.AC@mm |
|
Mass-mailing worm that uses its own SMTP engine to spread through e-mail, and opens a backdoor on TCP Port 1080. Uses PeX as an executable packer. |
July 17, 2004. |
WinCE.Duts.A |
|
First virus that infects the Windows CE (Pocket PC) platform. The virus will only infect ARM-based devices. |
July 17, 2004 |
Cross-Site Scripting Attack |
|
Allows a remote user to send specially crafted e-mail, when viewed will cause arbitrary scripting code to be executed by the target user’s browser. |
July 16, 2004 |
W32.Spybot.Worm |
|
Worm that spreads using KaZaA file-sharing and mIRC. Can also be spread to computers that are infected with common Backdoor Trojan horses. |
July 15, 2004 |
W32.Beagle.AB@mm |
|
Mass-mailing worm that uses its own SMTP engine to spread through e-mail, and opens a backdoor on TCP Port 1080. Uses UPX as an executable packer |
July 13, 2004 |
Remote Buffer Overflow Vulnerability |
|
Script that perpetuates a lack of sufficient validation performed on user-supplied data before the data is copied into an allocated buffer. |
July 9, 2004 |
DHCPing-0.90.tar.gz |
|
DHCPing 0.90 is a tool that can be used for various security audits allowing an engineer the ability to create valid and invalid DHCP/BOOTP traffic via hping. It also features several exploits for the latest ISC Infoblox and DLink vulnerabilities. |
July 8, 2004 |
Mysql.authentication.bypass_client.c.diff |
|
A .diff file, applied to the MySQL 5.0.0-alpha source distribution will allow building a MySQL client that can be used to connect to a remote MySQL server with no password. |
July 8, 2004 |
getusr.c |
|
Exploit that makes use of the mod-userdir vulnerability in various Apache 1.3 and 2.x servers. |
July 7, 2004 |
Backdoor.Berbew.H |
|
Script that attempts to steal cached passwords and may display fake windows to gather confidential information. A minor variant of Backdoor.Berbew.H |
July 6, 2004 |
Weplab-0.0.7-beta.tar.gz |
|
Weplab is a tool to review the security of WEP encryption in wireless networks from an educational point of view. Several attacks are available to help measure the effectiveness and minimum requirements necessary to succeed. |
| June 29, 2004 |
IMall.pl |
|
Perl script that exploits the I-Mall Input Validation vulnerability. |
| June 29, 2004 |
phpmy-explt.c |
|
Script that exploits the phpMyAdmin Multiple Input Validation vulnerabilities. |
| June 25, 2004 |
JREFontObjectAssertionExploit.java |
|
Proof of Concept script that exploits the Sun Java Runtime Environment Font Object Denial of Service vulnerability. |
| June 25, 2004 |
Weplab-0.0.6-alpha.tar.gz |
|
A tool to review the security of WEP encryption in wireless networks from an educational point of view. Several attacks are available to help measure the effectiveness and minimum requirements necessary to succeed. |
| June 24, 2004 |
rlprd.py |
|
Exploit for the Rlpr Multiple Vulnerabilities. |
| June 23, 2004 |
freebsd-alpha-dos.c |
|
Script that exploits the FreeBSD execve()
Denial of Service vulnerability. |
| June 23, 2004 |
Hping3-alpha-2.tar.gz |
|
A network tool designed to send custom ICMP/UDP/TCP packets and to display target replies like ping. It handles fragmentation and arbitrary packet body and size, and can be used to transfer files under all supported protocols. Using hping, you can test firewall rules, perform spoofed port scanning, etc. |
| June 23, 2004 |
Mod_rootme.0.2.tgz |
|
A module that sets up a backdoor inside of Apache where a simple GET request will allow a remote administrator the ability to grab a root shell on the system without any logging. |
| June 23. 2004 |
Nmbscan-1.2.3.tar.gz |
|
NMB Scanner scans the shares of a SMB network, using the NMB and SMB protocols. |
| June 23, 2004 |
Rkhunter-1.1.1.tar.gz |
|
Rootkit Hunter scans files and systems for known and unknown rootkits, backdoors, and sniffers. |
| June 23, 2004 |
Unsecure.zip |
|
Remote Proof of Concept Denial of Service exploit for the Epic Games Unreal Engine ‘Secure” Query Buffer Overflow vulnerability. |
| June 21, 2004 |
code2.zip |
|
Proof of Concept exploit for the Internet Explorer Non-FQDN URI Address Zone Bypass Vulnerability. |
| June 21, 2004 |
monitUsernameBufferOverflowExpl.c |
|
Script that exploits the TildeSlash Monit Authentication Buffer Overflow vulnerability. |
| June 22, 2004 |
Code.zip |
|
Some bits of code that show how modified URL encoding can easily bypass restricted zones via Microsoft Internet Explorer. |
| June 19, 2004 |
H7kill.c |
|
Script that exploits the Multiple IRCD Socket Dequeuing Denial of Service vulnerability. |
| June 18, 2004 |
Cifspwscan-1_0_3.tar.gz |
|
A CIFS/SMB password scanner based on the jcifs implementation. |
| June 18, 2004 |
dnsPoison.cpp.txt |
|
Proof of Concept exploit for the Symantec Enterprise Firewall DNSD DNS Cache Poisoning vulnerability. |
| June 18, 2004 |
Ettercap-NG-0.7.0_rc1.tar.ga |
|
A network sniffer/interceptor/logger for switched LANs that uses ARP poisoning and the man-in-the-middle technique to sniff all the connections between two hosts. |
| June 18, 2004 |
Flawfinder-1.26.tar.gz |
|
Flawfinder searches through source code for potential security flaws, listing potential security flaws sorted by risk, with the most potentially dangerous flaws shown first. |
| June 18, 2004 |
Sqlat-src-1.1.0.tar.gz |
|
A suite of tools that does dictionary attacks, upload files, read registry and dump the SAM.A suite of tools that does dictionary attacks, upload files, read registry and dump the SAM. |
| June 17, 2004 |
Whopper.pl |
|
A simple yet powerful tool used to connect to remote services through a chain of HTTP (CONNECT) proxy servers for the sole purpose of gaining a higher level of anonymity. |
| June 15, 2004 |
Symantec_enterprise_fw_dnsd_
poison.cpp
|
|
Proof of Concept exploit script for the Symantec Enterprise Firewall DNSD DNS Cache Poisoning vulnerability. |
| June 15, 2004 |
X_hpux_xfs.pl |
|
Perl script that exploits the HP-UX Local X Font Server Buffer Overflow vulnerability. |
| June 14, 2004 |
blackboardLS.txt |
|
Exploit for the Blackboard Learning System ‘Digital Dropbox’ Information Disclosure vulnerability. |
| June 14, 2004 |
Freeips-dos.c |
|
Proof of Concept exploit for the FreeIPS Protected Service Remote Denial of Service vulnerability. |
| June 14, 2004 |
Hping3-alpha-1.tar.gz |
|
A network tool designed to send custom ICMP/UDP/TCP packets and to display target replies like ping. It handles fragmentation and arbitrary packet body and size, and can be used to transfer files under all supported protocols. Using hping, you can test firewall rules and perform spoofed port scanning. |
| June 14, 2004 |
kernelInlineASMDoS.c |
|
Script that exploits the Linux Kernel Assembler Inline Function Local Denial Of Service vulnerability. |
| June 14, 2004 |
kernelInlineASMDoSDetail.c |
|
Script that exploits the Linux Kernel Assembler Inline Function Local Denial Of Service vulnerability. |
| June 14, 2004 |
sygateFW.txt |
|
Proof of Concept script that exploits the Sygate Personal Firewall Pro Local Fail-Close Bypass vulnerability. |
| June 14, 2004 |
Weplab-0.0.2b-alpha.tar.gz |
|
A tool to review the security of WEP encryption in wireless networks that includes several attacks to help measure the effectiveness and minimum requirements necessary to succeed. |
| June 14, 2004 |
WinAgentsTFTP.txt |
|
Exploit for the WinAgents TFTP Server Remote Buffer Overflow vulnerability. |
| June 11, 2004 |
WinagentDos.pl |
|
Perl script that exploits the Remote Denial of Service |
| June 12, 2004 |
priv8ibserverb.pl |
|
Perl script that exploits the Firebird
Remote Database Name Buffer Overflow vulnerability.
|
| June 10, 2004 |
Blackboard_exploit.pl |
|
Proof of Concept exploit for the Blackboard Learning System ‘Digital Dropbox’ Information Disclosure vulnerability. |
| June 10, 2004 |
Framework-2.1.tar.gz |
|
An advanced open-source platform for developing, testing, and using exploit code. This release includes 18 exploits and 27 payloads. |
| June 10, 2004 |
Isakmpd-piggyback-delete-payload.sh |
|
Exploit for the OpenBSD ISAKMPD Daemon
Remote Denial of Service vulnerability.
|
| June 10, 2004 |
Isakmpd-piggyback-delete-payload-v2.sh |
|
Exploit for the OpenBSD ISAKMPD Daemon
Remote Denial of Service vulnerability.
|
| June 10, 2004 |
Modproxy1.html |
|
Proof of Concept exploit script for the Apache Mod_Proxy Remote Negative Content-Length Buffer Overflow Vulnerability. |
| June 10, 2004 |
Squid_ntlm_authenticate.pm |
|
Exploit for the quid Proxy NTLM Authentication Buffer Overflow vulnerability. |
| June 9, 2004 |
Imperva.crystal2.tx |
|
Exploit for the Crystal Reports Web Viewer Directory Traversal vulnerability. |
| June 9, 2004 |
Priv8ibserver.pl |
|
Perl script that exploits the Firebird
Remote Database Name Buffer Overflow vulnerability. |
| June 9, 2004 |
Rdboom.zip |
|
Remote Denial of Service proof of concept exploit that makes use of a flaw in the Race Driver. |
| June 8, 2004 |
tocaRaceDriverDOSexp.zip |
|
Exploit for the TocToCA Race Driver Multiple Remote Denial of Service vulnerabilities. |
| June 8, 2004 |
analysis.tgz |
|
Complete analysis of the 180 Solutions Trojan along with exploitation tools that demonstrate at least two new unpublished vulnerabilities in Microsoft Internet Explorer 6 that allow for arbitrary code execution. |
| June 8, 2004 |
tcpick-0.1.23.tar.gz |
|
A textmode sniffer that can track TCP streams and saves the data captured in files or displays them in the terminal. |
| June 7, 2004 |
x1bpackV1.tar.gz |
|
A series of scripts written by the author as an exercise into socket programming with Perl. Included are a port scanner with banner grabbing capabilities, a DNS service enumeration script with zone transfer, some brute forcing utilities, a CGI web scanner, and a couple of other utilities. |
| June 7, 2004 |
subexp.c |
|
Subversion 1.0.2 remote exploit that makes use of a stack overflow in the svn_time_from_cstring() function. |
| June 5, 2004 |
foolpw.c |
|
Script that exploits the FoolProof Security Program Administrative Password Recovery vulnerability. |
| June 4, 2004 |
colin_mcrae_rally_04_dos.zip |
|
Exploit for the Colin McRae Rally 2004 Multiplayer Remote Denial of Service vulnerability. |
| June 3, 2004 |
pdp11mkdir.c |
|
Script that exploits the Mkdir Buffer Overflow vulnerability. |
| June 3, 2004 |
unix-v7-mkdir.c |
|
Script that exploits the Mkdir Buffer Overflow vulnerability. |
| June 3, 2004 |
scanlogd-2.2.4.tar.gz |
|
A TCP port scan detection tool originally designed to illustrate various attacks an IDS developer has to deal with. |
| June 2, 2004 |
kenny.c |
|
An IRC bot that executes shell commands and reports back any further information. Single host allowance for command execution is possible. |
| June 2, 2004 |
mollensoftLightweight.txt |
|
A Proof of Concept exploit for the Lightweight FTP Server Remote Buffer Overflow vulnerability. |
| May 30, 2004 |
rrs-1.70.tar.gz |
|
A reverse (connecting) remote shell that listens for incoming connections and connects out to a listener (rrs in listen mode). The listener will accept the connection and receive a shell from the remote host. |
| May 28, 2004 |
csr-exploitation.pdf |
|
A tutorial that defines several of the common types of vulnerabilities together with their counterpart command line exploit sequences. The descriptions of these types of vulnerabilities range from stack to heap, function pointer and format string weaknesses. |
| May 28, 2004 |
Lightweight_BoF.pl |
|
Proof of Concept exploit script for the Lightweight FTP Server Remote Buffer Overflow vulnerability. |
| May 28, 2004 |
WifiScanner-0.9.4.tar.gz |
|
An analyzer and detector of 802.11b stations and access points that listens alternatively on all the 14 channels, write packet information in real time, search access points and associated client stations, and can generate a graphic of the architecture using GraphViz. |
| May 27, 2004 |
metaexpl.tgz |
|
Remote exploit script for the Metamail buffer overflow vulnerability. |
| May 27, 2004 |
phpInputWrapperIncludeExploit.php |
|
Script that exploits the PHP ‘include()’ function Remote Command Execution vulnerability. |
| May 26, 2004 |
bash-perassi.patch |
|
A patch for bash that modifies the shell to send all user keystrokes via UDP over the network for collection by a sniffer or a syslogd server. |
| May 26, 2004 |
publimark-0.1.1.tgz |
|
A command line tool that secretly embeds text in an audio file. |
| May 26, 2004 |
rkhunter-1.0.9.tar.gz |
|
Rootkit Hunter scans files and systems for known and unknown rootkits, backdoors, and sniffers. |
| May 25, 2004 |
Orenosv-Dos.c |
|
Script that exploits the Orenosv HTTP/FTP Server Remote Denial of Service vulnerability. |
| May 24, 2004 |
cvs_solaris_HEAP.c |
|
Script that exploits the CVS Buffer Overflow vulnerability. |
| May 24, 2004 |
killvoc-small.c |
|
Script that exploits the VGW120/ VGW480 Telephony Gateway Remote H.225 Denial Of Service vulnerability. |
| May 24, 2004 |
sp-x12-advisory.txt |
|
Write up that details a specifically crafted request which will cause the BNBT server to crash. |
| May 24, 2004 |
allegrodos.txt |
|
Write up that details a simple one-liner that shows that 3COM 812 ADSL modems are susceptible to 4 year old denial of service attacks. |
| May 24, 2004 |
021829.html |
|
Vulnerabilities disclosed regarding the flaw in Mac OS X where code can be silently delivered via the disk URI handler vulnerability. |
| May 23, 2004 |
hydra-4.1-src.tar.gz |
|
Script is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. |
| May 22, 2004 |
The_Bascis_of_Shellcoding.pdf |
|
White paper that discusses the basics of shellcoding, a quick overview of assembly, and usage of shellcodes. |
| May 21, 2004 |
sa11678.txt |
|
Write up that details a vulnerability discovered in Exceed versions 9.x. that allows local users to bypass certain restrictions. |
| May 21, 2004 |
zm-1.19.4.tar.gz |
|
Script that supports capture, analysis, recording, and monitoring of video data coming from one or more cameras attached to a Linux system |
| May 21, 2004 |
boclient-1.3.1.tag.gz |
|
A remote windows administration tool which uses servers on Windows. Most recent versions have GNU readline support, NetBus commands, portability to other platforms (BeOS, QNX and 64bit architectures like Alpha) and async network I/O. |
| May 21, 2004 |
jailutils-0.6.tar.gz |
|
A collection of utilities for facilitating the orderly startup and shutdown of jails, list processes in jails, and do various other things. |
| May 21, 2004 |
nkvir-rc.gz |
|
A script that helps filter out many of the common e-mail worms and viruses. |
| May 21, 2004 |
snsadv72.txt |
|
Write up that details a remotely exploitable DoS condition. In order to trigger this vulnerability, malicious website administrators must induce users of a specific Operating System to view a specially crafted web site, which will consequently consume a lot of system resources. |
| May 21, 2004 |
snmpdadv.txt |
|
Write up that details how ucd-snmp versions 4.2.6 and below suffer from a buffer overflow on the command line. |
| May 21, 2004 |
e107flaw.txt |
|
Write up that deatails a vulnerability allowing an attacker to put any site link or code they want on a list of Referers. |
| May 21, 2004 |
cisid.txt |
|
Write up that details a vulnerability allowing a specific Operating System to execute underlying files when they are linked in html pages. |
| May 20, 2004 |
cvs-soloaris_HEAp.c |
|
A remote root exploit for CVS releases and CVS feature releases. |
| May 20, 2004 |
cvs_linux_freebsd_HEAP.c |
|
A remote root exploit for CVS releases and CVS feature releases. |
| May 20, 2004 |
openaanval-1.48-stable.tar.gz |
|
Script provides dynamic monitoring, comprehensive reporting and powerful alerting capabilities while supporting multiple sensors of multiple intrusion detection system types. |
| May 20, 2004 |
SecureDevelopmentv06.pdf |
|
A document addressing the need for an infrastructure to exist in which things are securely developed to help mitigate the high costs incurred when vulnerable software is released into the “wild”. |
| May 20, 2004 |
ApplicationLevelDoSAttacksv06.pdf |
|
In reference to Denial of Service Attacks, a document that discusses root causes, attack vectors, classes, and more. |
| May 20, 2004 |
Blind_XPath_Injection_20040518.pdf |
|
A document discussing an attack that enables an attacker to extract a complete XML document used for XPath querying, without prior knowledge of the XPath query. |
| May 19, 2004 |
advisory13.txt |
|
Script that creates a directory traversal attack allowing for access to directories outside of the webroot. |
| May 19, 2004 |
EXP_OmniHTTPd.BAT |
|
A remote exploit script for OmniHTTPd versions 3.0a and below. |
| May 19, 2004 |
062004.txt |
|
Write up that details a date parsing vulnerability that can cause a heap overflow leading to remote code execution. |
| May 19, 2004 |
082004.txt |
|
Write up that details a date parsing vulnerability that can be abused to allow remote code execution, server-side. |
| May 19, 2004 |
57560.txt |
|
Write up that details a vulnerability allowing malicious web sites to impersonate trusted web sites. |
| May 19, 2004 |
zencart112d.txt |
|
Write up that details an inability to properly validate user-supplied input and in turn allows remote attackers the ability to perform SQL injection attacks. |
| May 19, 2004 |
052004.txt |
|
Write up that details an input validation problem which allows an attacker to include arbitrary local files. With known tricks to inject PHP code into log or session files this could lead to remote PHP code execution. |
| May 19, 2004 |
adv.desktopini.txt |
|
Write up that details certain Operating System system folders ability to reference the shellclassinfo in desktop.ini, allowing for executables to be masked as elsewise. |
| May 19, 2004 |
publimark-0.1.tgz |
|
A command line tool to secretly embed text in an audio file. |
| May 19, 2004 |
072004.txt |
|
Write up that details a heap overflow which can be exploited to execute arbitrary code on a server. This could allow a repository compromise. |
| May 19, 2004 |
echoart.tgz |
|
A script that could be used to return crude ASCII art in response to pings from a router. |
| May 19, 2004 |
lids-2.2.Opre4-2.6.6.tar.gz |
|
Script used as a patch which enhances kernel security by implementing a reference monitor and Mandatory Access Control (MAC). |
| May 19, 2004 |
Advisory_private_key_compromise.html |
|
A private key disclosure vulnerability, where the key and passphrase are stored in clear text when being imported via the web-based management console. |
| May 19, 2004 |
outlooksilent.txt |
|
Write up that details a security zone bypass when an embedded OLE object with a reference to a Windows media file in a Rich Text Format (RTF) message is received. |
| May 19, 2004 |
sa11632.txt |
|
Write up that details reported multiple denial of service vulnerabilities in the Sidewinder G2 firewall. |
| May 19, 2004 |
20040503-01-P.asc |
|
Exploit that creates an infinite loop cycle while processing some requests, causing a denial of service. |
| May 18, 2004 |
wgetuhoh.txt |
|
Write up that details a symlink attack during a phase where it downloads the file to a temporary filename but does not actually lock the file. |
| May 18, 2004 |
ielmageMap.txt |
|
Write up that details a vulnerability found in a web browser that allows an attacker to spoof the URL displayed in the lower, left hand corner of the browser. |
| May 18, 2004 |
kernsh-0.2b-p1.tgz |
|
Script written to allow for easy access to the kernelspace for testing insertion of modules, and accessing miscellaneous information. |
| May 18, 2004 |
oinkmaster-1.0.tar.gz |
|
Script written to help update and manage rules of a specific IDS, and to comment out the unwanted ones after each update. |
| May 18, 2004 |
802.11vuln.txt |
|
Write up that details a vulnerability existing in hardware implementations of wireless protocol that allow for a trivial but effective attack against the availability of wireless local area network devices. |
| May 17, 2004 |
tcpreplay-2.2.1.tar.gz |
|
Script used to assemble a variety of features for replaying traffic for both passive sniffer devices as well as inline devices such as routers, firewalls, and the new class of inline IDS's. |
| May 15, 2004 |
HOD-symantec-firewall-DoS-expl. |
|
A remote denial of service exploit that makes use of the flaw eEye found in Symantec Norton Personal Firewall and other related products. |
| May 13, 2004 |
linksys-dhcp-exploit.c |
|
A remote proof of concept exploit for various Linksys routers that have flaws in the way they return BOOTP packets. |
| May 11, 2004 |
monit41.pl |
|
Perl Script that makes use of a buffer overrun when an overly long username is passed to the server. |
| May 11, 2004 |
sasserftpd.c |
|
A remote exploit for the Sasser worm ftpd server that spawns on port 5554. |
| May 11, 2004 |
paxdos.c |
|
Exploit that causes a denial of service by sending the kernel into an infinite loop. |
| May 11, 2004 |
getlvcb.c |
|
Exploit that causes a buffer overflow by improper bounds checking via the getlvcb and putlvcb utilities. |
| May 11, 2004 |
emule042e.pl |
|
Perl Script that causes a Remote denial of service exploit. |
| May 11, 2004 |
autoRST.c |
|
Script that exploits the Multiple Vendor TCP Sequence Number Approximation vulnerability. |
| May 10, 2004 |
xphack.c |
|
Remote exploit for the Windows LSSARV.DLL RPC Buffer Overflow vulnerability. |
| May 9, 2004 |
305-pound.c |
|
Script that exploits the Pound Remote Format String vulnerability. |
| May 9, 2004 |
auxploit-1.0.tgz |
|
A remote exploitation tool for the c:\aux vulnerability that is able to completely lock a user mail client. |
| May 9, 2004 |
eudoraURL.txt |
|
Exploit for the Eudora Embedded Hyperlink Buffer Overflow vulnerability. |
| May 9, 2004 |
gwee-1.21.tar.gz |
|
C designed to exploit input validation vulnerabilities in web scripts, such as Perl CGIs, PHP, etc. that features several reverse connecting shellcodes, 4 methods of injection, and a built-in HTTP/HTTPS client and server. |
| May 9, 2004 |
knock-0.3.tar.gz |
|
A server/client set of tools that implements the idea known as port-knocking. Port-knocking is a method of accessing a backdoor to your firewall through a special sequence of port hits. |
| May 9, 2004 |
msIPSec.txt |
|
Write up that notes how Microsoft's Windows IPSec implementation fails to properly authenticate an IPSec gateway and in return will accept client certificates as gateway certificates. |
| May 9, 2004 |
rrs-1.49.tar.gz |
|
A reverse (connecting) remote shell. Instead of listening for incoming connections it will connect out to a listener (rrs in listen mode). |
| May 9, 2004 |
sishell-0.1.tar.gz |
|
A reverse (connecting) shellcode kit for x86 Linux, FreeBSD, NetBSD and OpenBSD that generates both regular shellcode without NULLs and stand-alone ELF executables. |
| May 9, 2004 |
webrampscan-0.2.tar.gz |
|
The WebRamp scanner is program that scans for open webramp administration webpages, rips the usernames and passwords out, and dumps them into a text file. |
| May 9, 2004 |
WFBE.txt |
|
Write up that details how to defeat file browsing restrictions on Windows 98 running Novell 3.2.0.0. |
| May 9, 2004 |
win_msrpc_lsass_ms04-11_Ex.c |
|
Remote exploit for the Windows LSSARV.DLL RPC Buffer Overflow vulnerability. |
| May 9, 2004 |
x25bru.c |
|
Multithreaded multi-link X.25 Pad password brute-forcing utility. |
| May 8, 2004 |
sp-myweb3.3.c |
|
Proof of Concept exploit for the MyWeb HTTP Server GET Request Buffer Overflow vulnerability. |
| May 7, 2004 |
eudora_url_dos.pl |
|
Perl Denial of Service exploit for the Eudora Embedded Hyperlink Buffer Overflow vulnerability. |
| May 7, 2004 |
exim1.html |
|
Proof of Concept exploit for the Exim Remote Buffer Overflow vulnerabilities. |
| May 7, 2004 |
gyan_sendmail.c |
|
Local root exploit for Sendmail Prescan Function vulnerability. |
| May 7, 2004 |
phpx326.txt |
|
Proof of Concept exploit for the PHPX Multiple Cross-Site Scripting vulnerabilities. |
| May 5, 2004 |
4nalb.pl |
|
Remote exploit that makes use of a file inclusion vulnerability in 4nalbum module. |
| May 5, 2004 |
bpexploit.pl |
|
Overflows & Format String vulnerabilities. |
| May 5, 2004 |
netbkup.pl |
|
Perl script that exploits the NetBackup Multiple Buffer Overflows & Format String vulnerabilities. |
| May 5, 2004 |
Veritas_multi.pl |
|
Perl script that exploits the NetBackup Multiple Buffer Overflows & Format String vulnerabilities. |
| May 4, 2004 |
autoRST.c |
|
An automated TCP RST exploit that uses the Winpcap libraries to sniff for TCP packets on a network and then sends out a forged RST packet after calculating the appropriate sequence number and forging the MAC address. |
| May 4, 2004 |
dwgenkey.c |
|
Exploit for the Dameware's Mini Remote Control System Weak Key Agreement Scheme vulnerability. |
| May 4, 2004 |
sq-chpass-exp.c |
|
Script that exploits the SquirrelMail Change_ Passwd Plug-in Buffer Overflow vulnerability. |
| May 4, 2004 |
SSLPCT.txt |
|
White paper analysis of the SSL PCT vulnerability that gives full details on how exploitation has been performed and what it took for working exploits to be created. |
| May 4, 2004 |
titan_ftp_dos.pl |
|
Perl exploit for the Titan FTP Server LIST Denial of Service vulnerably. |
| May 4, 2004 |
xxchat-socks5.c |
|
Script that exploits the XChat SOCKS 5 Remote Buffer Overflow vulnerability. |
| May 2, 2004 |
lha.c |
|
Proof of Concept exploit for the LHA Buffer Overflow/ Directory Traversal Vulnerabilities. |
| May 2, 2004 |
overflow.lha.uuc.gz |
|
Proof of Concept exploit for the LHA Buffer Overflow/ Directory Traversal Vulnerabilities. |
| May 1, 2004 |
04252004.ms04011lsass.c |
|
Remote exploit for the Windows LSSARV.DLL RPC Buffer Overflow vulnerability. |
| May 1, 2004 |
aexpl-1.0.tar.gz |
|
AntiExploit is a small Perl script that scans for well known exploit files. It currently recognizes over 1400 suspicious files, and the database is updated weekly. |
| May 1, 2004 |
cge-13.tar.gz |
|
Cisco Global Exploiter is a tool that demonstrates exploitation of the multiple Cisco vulnerabilities. |
| May 1, 2004 |
HOD-ms04011-lsasrv-expl.c |
|
Remote exploit for the Windows LSSARV.DLL RPC Buffer Overflow vulnerability. |
| May 1, 2004 |
hsftpexpl.tgz |
|
Exploit for the HSFTP Format String Vulnerability. |
| May 1, 2004 |
hydra-4.0-palm.zip |
|
A high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. |
| May 1, 2004 |
lboeg.pl.txt |
|
Local buffer overflow exploit generator for Linux, BSD, BSDi, HP-UX, UnixWare, IRIX and SCO. |
| May 1, 2004 |
plem.tar.gz |
|
Perl Loadable Exploiting Module (PLEM) is an advanced module for Perl programming that provides a list of common functions for local and remote exploit coding. |
| April 28, 2004 |
Rose_Frag_Attack_Explained.txt |
|
Updated version of the white-paper discussing the Rose Attack method and how sending two parts of a fragmented packet can cause various outcomes to network devices, including Denial of Service problems. |
| April 28, 2004 |
RoseAttackv1.txt |
|
A program that demonstrates the Rose Attack eating up CPU processing time on a Windows 2000 box. |
| April 28, 2004 |
RoseAttackv2.txt |
|
A program that demonstrates the Rose Attack eating up CPU processing time on a Windows 2000 box. |
| April 28, 2004 |
ssdt-0.1.tar.gz |
|
The SSDT utility makes use of sending spoofed ICMP and UDP traffic to send RSA encrypted files. Both client and server side programs are included. |
| April 27, 2004 |
jetadmin_exp.pl |
|
Perl script that exploits the Jetadmin Root Access vulnerability. |
| April 27, 2004 |
priv8lcd.pl |
|
Perl script that exploits the LCDd Multiple Remote Vulnerabilities. |
| April 27, 2004 |
siemensS55JavaSMSExploit.java |
|
Exploit for the S55 Cellular Telephone SMS Confirmation Message Bypass vulnerability. |
| April 28, 2004 |
disconn.py |
|
Proof of Concept exploit for the Multiple Vendor TCP Sequence Number Approximation vulnerability. |
| April 28, 2004 |
hydra-4.0-src.tar.gz |
|
THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus. |
| April 28, 2004 |
Rkhunter-1.0.7.tar.gz |
|
Rootkit Hunter scans files and systems for known and unknown rootkits, backdoors, and sniffers. |
| April 28, 2004 |
Tcp_reset.c |
|
Proof of Concept exploit for the Multiple Vendor TCP Sequence Number Approximation vulnerability. |
| April 25, 2004 |
Kreset.pl |
|
Proof of Concept exploit for the Multiple Vendor TCP Sequence Number Approximation vulnerability. |
| April 24, 2004 |
bgp-dosv2.pl |
|
BGP proof of concept denial of service utility that sends out a RST flood to BGP connection providing the malicious user has already gained knowledge of the source port and sequence number. |
| April 24, 2004 |
reset-tcp.c |
|
Proof of concept exploit for the Multiple Vendor TCP Sequence Number Approximation vulnerability. |
| April 24, 2004 |
reset-tcp_rfc31337-compliant.c |
|
Proof of concept exploit for the Multiple Vendor TCP Sequence Number Approximation vulnerability. |
| April 24, 2004 |
SlippingInTheWindow_v1.0.doc |
|
A whitepaper titled ‘Slipping in the Window: TCP Reset Attacks’ that explains TCP exploits. |
| April 24, 2004 |
SlippingInTheWindow_v1.0.ppt |
|
A PowerPoint briefing titled ‘Slipping in the Window: TCP Reset Attacks’ that explains TCP exploits. |
| April 23, 2004 |
YahooMPOCs.txt |
|
Exploit for the Yahoo! Messenger YInsthelper. DLL Multiple Buffer Overflow vulnerabilities. |
| April 22, 2004 |
reset.zip |
|
This program will reset a TCP connection by guessing a valid sequence number. |
| April 22, 2004 |
setsockopt_poc.c |
|
Proof of Concept Denial of Service for the Linux Kernel Setsockopt MCAST_MSFILTER Integer Overflow vulnerability. |
| April 22, 2004 |
thc_ssh_crack.c |
|
THC SSH Cracker is a simple utility that attempts to crack SSH private keys via brute force. |
| April 22, 2004 |
THCIISSLame.c04222004.reset.dpr.php |
|
Exploit for the THCIISSLame IIS 5 SSL remote root vulnerability. |
| April 22, 2004 |
TournamentFileWritePOC.c |
|
Proof of Concept exploit for the Unreal Game Engine
UMOD Input Validation vulnerability.
|
| April 22, 2004 |
umodpoc.zip |
|
Proof of concept exploit for the Unreal Game Engine UMOD
Input Validation vulnerability.
|
| April 20, 2004 |
04222004.reset.dpr.php |
|
Exploit for the Multiple Vendor TCP Sequence Number Approximation vulnerability. |
| April 20, 2004 |
0x3142-sq-chpasswd.c |
|
Script that exploits the SquirrelMail Change_ Passwd Plug-in Buffer Overflow vulnerability. |
| April 20, 2004 |
bgp-dosv2.pl |
|
Exploit for the Multiple Vendor TCP Sequence Number Approximation vulnerability. |
| April 20, 2004 |
eudora61.pl |
|
Perl script that exploits the Eudora Nested MIME Content
Remote Denial of Service vulnerability. |
| April 20, 2004 |
eXchangePOP3_exp.pl |
|
Proof of Concept exploit for the Exchange POP3 Remote Buffer Overflow vulnerability. |
| April 20, 2004 |
p_xfree.c |
|
Script that exploits the CopyISOLatin1Lowered() function buffer overflow vulnerability. |
| April 20, 2004 |
rhinoSoftServULISTovflwExpl.pl |
|
Proof of Concept exploit for the Serv-U FTP Server LIST '-l:' Buffer Overflow vulnerability. |
| April 20, 2004 |
SlippingInTheWindow.tgz |
|
Exploit for the Multiple Vendor TCP Sequence Number Approximation vulnerability. |
| April 20, 2004 |
THCbindinfo.c |
|
Quick and dirty hack to grab the versions from ISC bind 8 and 9 nameservers. |
| April 19, 2004 |
chpasswd-exploit.c |
|
Script that exploits the SquirrelMail Change_ Passwd Plug-in Buffer Overflow vulnerability. |
| April 19, 2004 |
eudora_mime.pl |
|
Perl script that exploits the Eudora MIME Message Nesting Denial of Service vulnerability. |
| April 19, 2004 |
Exch.pl |
|
Perl script that exploits the Kinesphere Corporation Exchange POP3 buffer overflow vulnerability. |
| April 19, 2004 |
knock-0.2.tar.gz |
|
A server/client set of tools that implements the idea known as port-knocking. Port-knocking is a method of accessing a backdoor to your firewall through a special sequence of port hits. |
| April 19, 2004 |
kphone.stun.txt |
|
Exploit for the KPhone Malformed STUN Packet Remote
Denial of Service vulnerability.
|
| April 19, 2004 |
moron.pl |
|
Script that exploits the SquirrelMail Change_ Passwd Plug-in Buffer Overflow vulnerability. |
| April 19, 2004 |
nestedMIMEEudora603expl.pl |
|
Perl script that exploits the Eudora MIME Message Nesting Denial of Service vulnerability. |
| April 19, 2004 |
reverse_backdoored_binaries.txt |
|
A whitepaper about reverse engineering backdoored binaries. |
| April 19, 2004 |
setegg.c |
|
Script that exploits the SquirrelMail Change_ Passwd Plug-in Buffer Overflow vulnerability. |
| April 19, 2004 |
SPK-chpasswd.c |
|
Script that exploits the SquirrelMail Change_ Passwd Plug-in Buffer Overflow vulnerability. |
| April 18, 2004 |
gvexpl.tgz |
|
Remote root Proof of Concept exploit for gv versions 3.5.8 and below vulnerability. |
| April 18, 2004 |
Phorum347SQL.pl |
|
Perl script that exploits the Phorum_URIAuth SQL Injection vulnerability. |
| April 18, 2004 |
SPK-chpasswd.tgz |
|
Exploit for the SquirrelMail Change_ Passwd Plug-in Buffer Overflow vulnerability. |
| April 17, 2004 |
billybastard.c |
|
Script that exploits the Windows LSASS vulnerability. |
| April 17, 2004 |
ettercap-NG-0.7.0_pre1.tar.gz |
|
A network sniffer/interceptor/logger for switched LANs that uses ARP poisoning and the man-in-the-middle technique to sniff all the connections between two hosts. |
| April 17, 2004 |
gemitelv3.txt |
|
Exploit for the Gemitel 'html/affich. php' file Arbitrary Code Execution vulnerability. |
| April 17, 2004 |
mille.c |
|
Script that exploits the BSD-Games Mille Local Save Game File Name Buffer Overflow vulnerability. |
| April 16, 2004 |
mamboConfigurationInfoDiscExpl. php |
|
Exploit for the Mambo Open Source mosConfig_absolute_path vulnerability. |
| April 16, 2004 |
proxyscanner.zip |
|
Proxy Scanner for Windows that tells you whether or not a proxy server can bounce your connection. |
| April 16, 2004 |
XMicro.backdoor2.txt |
|
Exploit for the WLAN 11b Broadband Router Built-in Backdoor Administrator Account vulnerability. |
| April 15, 2004 |
kphone-dos.pl |
|
Perl script that exploits the KPhone Malformed STUN Packet Denial of Service vulnerability. |
| April 15, 2004 |
sslbomb.c |
|
Remote denial of service exploit for Windows IIS SSL vulnerability. |
| April 15, 2004 |
winscp_dos.txt |
|
Proof of Concept exploit for the WinSCP Remote Denial of Service vulnerability. |
| April 15, 2004 |
wz_ex.c |
|
Proof of concept exploit for the UUDeview MIME Archive Buffer Overflow vulnerability. |
| April 14, 2004 |
cdpexpl.tgz |
|
Exploit for the CDP PrintTOC Function Buffer Overflow vulnerability. |
| April 14, 2004 |
gdbvuln.txt |
|
Brief tutorial on using gdb for developing exploits. |
| April 14, 2004 |
tutorial.txt |
|
A tutorial discussing common types of exploitation methods that cites examples and points to other papers that can provide more information.
|
| April 13, 2004 |
eMuleBufferOverflowExp10039.pl |
|
Proof of Concept exploit for the eMule Remote Buffer Overflow vulnerability. |
| April 13, 2004 |
knock-0.1.tar.gz |
|
A server/client set of tools that implements the idea known as port-knocking. Port-knocking is a method of accessing a backdoor to your firewall through a special sequence of port hits. |
| April 13, 2004 |
rkhunter-1.0.6.tar.gz |
|
Rootkit Hunter scans files and systems for known and unknown rootkits, backdoors, and sniffers. |
| April 13, 2004 |
tinybmp.htm |
|
Proof of Concept exploit for the Konqueror Bitmap File Processing Denial of Service vulnerability. |
| April 12, 2004 |
305monit.c |
|
Script that exploits the Monit Buffer Overflow vulnerability. |
| April 12, 2004 |
sigqueue-dos.c |
|
Script that exploits the Linux Kernel Sigqueue Blocking Denial of Service vulnerability. |
| April 12, 2004 |
tinybmp.htm |
|
Proof of Concept exploit for the Internet Explorer Bitmap File Processing Denial of Service vulnerability. |
| April 12, 2004 |
whosendthis.zip |
|
Proof of Concept exploit for the Outlook Express Malformed EML File Denial of Service vulnerability. |
| April 11, 2004 |
emule4x.pl |
|
Perl script that exploits the eMule Remote Buffer Overflow vulnerability. |
| April 11, 2004 |
tikiwiki181.txt |
|
Exploit for the TikiWiki Project Multiple Input Validation Vulnerabilities. |
| April 10, 2004 |
Xmicro.backdoor.txt |
|
Exploit for the WLAN 11b Broadband Router Built-in Backdoor Administrator Account vulnerability. |
| April 9, 2004 |
cobain-monit.pl |
|
Script that exploits the Monit Denial of Service vulnerability. |
| April 9, 2004 |
Emptyconn.zip |
|
Exploit for the RSniff Remote Denial of Service vulnerability. |
| April 9, 2004 |
priv8lcd44.pl |
|
Perl script that exploits the LCDd Multiple Remote Vulnerabilities. |
| April 7, 2004 |
rootme.tar |
SB04-119 | Exploit for the Solaris ‘vfs_getvfssw’ function Root Access vulnerability. |
| April 8, 2004 |
symantecVBScriptExploit.txt |
|
Exploit for the Symantec Security Check Virus Detection COM Object Remote Denial of Service vulnerability. |
| April 7, 2004 |
firstclass_desktop_exp.c |
|
Script that exploits the FirstClass Desktop Client Local Buffer Overflow vulnerability. |
| April 7, 2004 |
mcafeeInfDisclosurePOC.txt |
|
Proof of Concept exploit for the FreeScan CoMcFreeScan Browser Information Disclosure vulnerability. |
| April 6, 2004 |
Blaxxun.POC.txt |
|
Proof of concept exploit for the Contact 3D Remote Buffer Overflow vulnerability. |
| April 5, 2004 |
igi2fs.zip |
|
Exploit for the Pan Vision IGI-2 Covert Strike Remote Format String vulnerability. |
| April 5, 2004 |
monit4.2_exp.c |
|
Script that exploits the Monit basic authentication buffer overflow vulnerability. |
| April 3, 2004 |
aboriorEncoreWebForumExploit.
pl
|
|
Proof of Concept exploit for the Encore Web Forum Remote Arbitrary Command Execution vulnerability. |
| April 1, 2004 |
ethereal_igap_exp.c |
|
Script that exploits the Ethereal Buffer Overflow vulnerabilities. |
| March 31, 2004 |
wilco2.zip |
|
Proof of Concept exploit script for the Roger Wilco Server UDP Datagram Handling Denial Of Service vulnerability. |
| March 30, 2004 |
ciscoMultipleVulnsExploit.pl |
|
Perl script that exploits the Cisco Broadband Operating System Remote Denial of Service Vulnerabilities, Cisco IOS “?/” HTTP Request Denial of Service, Cisco Catalyst Remote Arbitrary Command Execution, Cisco Catalyst Memory Leak Denial of Service, Cisco IOS HTTP Denial of Service, Cisco IOS HTTP Configuration Arbitrary Administrative Access, and IOS UDP Denial of Service vulnerabilities. |
| March 30, 2004 |
tcpdump-isakmp-id-uflow.c |
|
Script that exploits the TCPDump ISAKMP Identification Payload Integer Underflow Vulnerability. |
| March 29, 2004 |
557iss_pam_exp.c |
|
Script that exploits the Internet Security Systems Protocol Analysis Module Remote Buffer Overflow vulnerability. |
| March 29, 2004 |
systrace_exp.c |
|
Script that exploits the Systrace Local Policy Bypass vulnerability. |
| March 27, 2004 |
Systrace.txt |
|
Exploit for the Systrace Local Policy Bypass vulnerability. |
| March 30, 2004 |
mystic2.c |
|
Script that exploits the Mythic Entertainment Dark Age of Camelot Encryption Key Signing vulnerability. |
| March 29, 2004 |
557iss_pam_exp.c |
|
Script that exploits the Internet Security Systems Protocol Analysis Module Remote Buffer Overflow vulnerability. |
| March 26, 2004. |
etherealEIGRPTLV_IP_INTDoS.c |
|
Script that exploits the Ethereal Buffer Overflow vulnerabilities. |
| March 26, 2004 |
invscoutdAIX5l_4xSymLinkExploit.pl |
|
Script that exploits the AIX ‘invscoutd’ Insecure Logfile Handling vulnerability. |
| March 26, 2004 |
netsupport.txt |
|
Exploit for the NetSupport School Weak Password Encryption vulnerability. |
| March 26, 2004 |
netSupportSchoolWeakPassExpl. pas |
|
Exploit for the NetSupport School Weak Password Encryption vulnerability. |
| March 26, 2004 |
waraxe-2004-SA#012.txt |
|
Exploitation information for the XMB Forum Multiple Vulnerabilities. |
| March 25, 2004 |
emil-poc.tar.gz |
|
Proof of Concept exploit for the Emil Multiple Buffer Overflow & Format String vulnerability. |
| March 25, 2004 |
ethboom.zip |
|
Proof of Concept exploit for the Etherlords Remote
Denial of Service vulnerability. |
| March 25, 2004 |
etherlords.txt |
|
Remote Proof of Concept exploit for Etherlords I & II Denial of Service vulnerability. |
| March 25, 2004 |
MSWordPW.txt |
|
Information on how to bypass Password protection on Microsoft Word documents with step by step instructions given. |
| March 25, 2004 |
rkhunter-1.0.1.tar.gz |
|
Rootkit Hunter scans files and systems for known and unknown rootkits, backdoors, and sniffers. |
| March 25, 2004 |
vz012004-esignal7.txt |
|
Exploit for the ESignal Remote Buffer Overflow vulnerability. |
| March 25, 2004 |
vz-eSignal76.pl |
|
Perl script that exploits the ESignal Remote Buffer Overflow vulnerability. |
| March 24, 2004 |
picobof.zip |
|
Proof of Concept exploit for PicoPhone Buffer Overflow Logging Function vulnerability. |
| March 24, 2004 |
picophone163.txt |
|
Exploit for PicoPhone Buffer Overflow Logging Function vulnerability. |
| March 24, 2004 |
picophoneExploit.zip |
|
Exploit for the PicoPhone Internet Phone Remote Buffer Overflow vulnerability. |
| March 23, 2004 |
darkAgeOfCamelotMITMexploit.c |
|
Script that exploits the Mythic Entertainment Dark Age of Camelot Encryption Key Signing vulnerability. |
| March 23, 2004 |
FromEmailHeaderExpl.c |
|
Script that exploits the Foxmail Remote Buffer Overflow vulnerability. |
| March 23, 2004 |
ragefreeze.zip |
|
Exploit for The Rage Game Server Remote Denial of Service vulnerability. |
| March 23, 2004 |
terminator3.txt |
|
Exploit for the Clever's Games Terminator 3: War of the Machines Remote Client Buffer Overflow vulnerability. |
| March 23, 2004 |
therage101.txt |
|
Exploit for The Rage Game Server Remote Denial of Service vulnerability. |
| March 23, 2004 |
wsftp_allo.cpp |
|
Script that exploits the WS_FTP ‘Allo’ Buffer Overflow Vulnerability. |
| March 23, 2004 |
wsftp_stat.cpp |
|
Script that exploits the WS_FTP ‘STAT’ Buffer Overflow Vulnerability. |
| March 23, 2004 |
wsftp402eval.txt |
|
Exploit for the IpSwitch WS_FTP Buffer Overflow vulnerability. |
| March 23, 2004 |
wsftp402eval3.txt |
|
Exploit for the IpSwitch WS_FTP Buffer Overflow vulnerability. |
| March 23, 2004 |
wsftp402eval4.txt |
|
Exploit for the IpSwitch WS_FTP Buffer Overflow vulnerability. |
| March 23, 2004 |
xp_ws_ftp_server.zip |
|
Exploit for the IpSwitch WS_FTP Buffer Overflow vulnerability. |
| March 23, 2004 |
xp_ws_ftp_server2.zip |
|
Exploit for the IpSwitch WS_FTP Buffer Overflow vulnerability. |
| March 19, 2004 |
chrome1200.txt |
|
Exploit for the Techland Chrome Remote Denial of Service vulnerability. |
| March 19, 2004 |
eudora603.pl |
|
Exploit that performs an attachment spoofing demo for Eudora. |
| March 19, 2004 |
smbprintsymlink.txt |
|
Exploit for the smbprint vulnerability. |
| March 19, 2004 |
t3cbof.zip |
|
Script that exploits the Clever's Games Terminator 3: War of the Machines Remote Client Buffer Overflow vulnerability. |
| March 18, 2004 |
chromeboom.zip |
|
Proof of Concept exploit for the Techland Chrome Remote Denial of Service vulnerability. |
| March 18, 2004 |
eckbox-v0.9.3.tar.gz |
|
Eckbox is van Eck phreaking software that interprets a radio signal emanating from a computer's monitor to recreate the image (in black and white) that is displayed on it. |
| March 18, 2004 |
mimedefang-2.41.tar.gz |
|
A flexible MIME e-mail scanner. |
| March 17, 2004 |
ex_getlvcb_aix433_limited.pl |
|
Proof of Concept exploit for the AIX Getlvcb Command Line Argument Buffer Overflow vulnerability. |
| March 17, 2004 |
ex_putlvcb_aix433_limited.pl |
|
Proof of Concept exploit for the AIX ‘Putlvcb’ Utility
Buffer Overflow vulnerability. |
| March 17, 2004 |
secureftp_poc.pl |
|
Proof of Concept exploit for the GlobalSCAPE Secure FTP Server SITE Command Remote Buffer Overflow vulnerability. |
| March 17, 2004 |
WFTPD-GuiDoS.pl |
|
Proof of Concept exploit for the WFTPD Server GUI Remote Denial Of Service vulnerability. |
| March 17, 2004 |
x_make_aix433_limited.pl |
|
Proof of Concept exploit for the GNU Make For IBM AIX CC Path Local Buffer Overflow vulnerability. |
| March 16, 2004 |
crafty.zip |
|
Exploit for the Crafty 'crafty.bin' Buffer Overflow vulnerability. |
| March 16, 2004 |
phpx324.txt |
|
Exploit for the PHPX Insecure Management Session vulnerability. |
| March 16, 2004 |
phpxSessHijackPOC.php |
|
Exploit for the PHPX Session Hijack vulnerability. |
| March 15, 2004 |
firew0rker.c |
|
Script that exploits the Media Services MX_STATS_\LogLine NSIISlog.DLL Remote Buffer Overflow vulnerability. |
| March 15, 2004 |
gemuruh-v2.php.txt |
|
Proof of Concept exploit for the PHPBB Search.PHP Search_Results Parameter SQL Injection vulnerability. |
| March 15, 2004 |
mathopdExploit.c |
|
Script that exploits the MathoPD Remote Buffer Overflow vulnerability. |
| March 15, 2004 |
mdaemon-exploit.c |
|
Script that exploits the MDaemon/ WorldClient ‘Form2Raw’ Remote Buffer Overflow vulnerability. |
| March 15, 2004 |
phpBB206a.txt |
|
Exploit for the PHPBB ‘Search.PHP’ SQL Command Injection vulnerability. |
| March 13, 2002 |
hydra-3.1.tar.gz |
|
A high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus. |
| March 11, 2004 |
adore-ng-0.41.tgz |
|
A Linux LKM based rootkit that features smart PROMISC flag hiding, persistent file and directory hiding (still hidden after reboot), process-hiding, netstat hiding, rootshell-backdoor, and an uninstall routine.
|
| March 11, 2004 |
battlemages-adv.txt |
|
Exploit for the Targem Games Battle Mages Remote
Denial of Service vulnerability. |
| March 11, 2004 |
battlemagx.rar |
|
Exploit for the Targem Games Battle Mages Remote
Denial of Service vulnerability. |
| March 11, 2004 |
battlemagx.rar |
|
Exploit for the Targem Games Battle Mages Remote
Denial of Service vulnerability. |
| March 11, 2004 |
battlemagy.zip |
|
Exploit for the Targem Games Battle Mages Remote
Denial of Service vulnerability. |
| March 11, 2004 |
cpanelroot.txt |
|
Exploit for the user password in cPanel User Password Root Commands vulnerability.
|
| March 11, 2004 |
eckbox-v0.9b2.tar.bz2 |
|
Eckbox is van Eck phreaking software that interprets a radio signal emanating from a computer's monitor to recreate the image (in black and white) that is displayed on it. |
| March 11, 2004 |
prismstumbler-0.7.1.tar.bz2 |
|
Software that finds 802.11 (W-LAN) networks. It comes with an easy to use GTK2 frontend and is small enough to fit on a small portable system. It is designed to be a flexible tool to find as much information about wireless LAN installations as possible. |
| March 10, 2004 |
anubis.pl |
|
Script that exploits the Anubis Multiple Vulnerabilities.
|
| March 10, 2004 |
anubisexp.c |
|
Script that exploits the Anubis Remote Root vulnerability. |
| March 10, 2004 |
anubisRootExploit.c |
|
Script that exploits the Anubis Multiple Vulnerabilities. |
| March 10, 2004 |
outlooksploit.html |
|
Exploit for the Outlook ‘Mailto’ Parameter Arbitrary Code Execution vulnerability. |
| March 10, 2004 |
unrealEngine.txt |
|
Exploit for the Epic Games Unreal Tournament Server Engine Remote Format String vulnerability. |
| March 10, 2004 |
unrfs-poc.zip |
|
Proof of Concept exploit for the Epic Games Unreal Tournament Server Engine Remote Format String vulnerability. |
| March 9, 2004 |
dreamftp-DoS.c |
|
Script that exploits the BolinTech Dream FTP Server User Name Format String vulnerability. |
| March 9, 2004 |
servu-mdtm.pl |
|
Script that exploits the Serv-U FTP Server ‘MDTM’ Command Buffer Overflow vulnerability. |
| March 5, 2004 |
hgmcrash.zip |
|
Exploit for the Haegemonia Remote Denial of Service vulnerability. |
| March 5, 2004 |
mimedefang-2.40.tar.gz |
|
A flexible MIME e-mail scanner. |
| March 4, 2004 |
anubisAdv.txt |
|
Script that exploits the Anubis Buffer Overflow Vulnerabilities |
| March 4, 2004 |
oseen_shoutcast.c |
|
SHOUTcast version 1.9.2 remote exploit with connect back code |
| March 4, 2004 |
prismstumbler-0.7.0.tar.gz |
|
Software that finds 802.11 (W-LAN) networks. It comes with an easy to use GTK2 frontend and is small enough to fit on a small portable system and is designed to be a flexible tool to find as much information about wireless LAN installations as possible |
| March 4, 2004 |
whitepaper_httpresponse.pdf |
|
A whitepaper that discusses new application attack techniques: Divide and Conquer, HTTP Response Splitting, Web Cache Poisoning Attacks, and Related Topics. |
| March 3, 2004 |
gshinfo.zip |
|
Exploit for the GWeb HTTP Server Directory Traversal vulnerability. |
| March 3, 2004 |
wftpd.c |
|
Exploit for the Multiple WFTPD Remote Vulnerabilities. |
| March 2, 2004 |
argosoft-poc.pl |
|
Exploit for the ArGoSoft FTP Server Multiple Remote Vulnerabilities. |
| March 2, 2004 |
fs2cbof.zip |
|
Exploit for the Freespace 2 Game Client Remote Buffer Overflow vulnerability. |
| March 2, 2004 |
surecomkill.c |
|
Proof of Concept exploit for the SureCom Network Device Malformed Web Authorization Request Denial of Service vulnerability. |
| March 2, 2004 |
surecom-tester.pl |
|
Proof of Concept exploit script for the SureCom Network Device Remote Denial of Service vulnerability. |
| March 2, 2004 |
WLAN-DoS.c |
|
Proof of Concept exploit script for the SureCom Network Device Remote Denial of Service vulnerability. |
| March 1, 2004 |
isec-0014-mremap-unmap.v2.txt |
|
Exploit for the Linux Kernel do_mremap Function vulnerability. |
| March 1, 2004 |
motorolakill.c |
|
Script that exploits the Motorola T720 Phone Remote Denial of Service vulnerability. |
| March 1, 2004 |
rfcbof.zip |
|
Exploit for the Volition Red Faction Game Client Remote Buffer Overflow vulnerability. |
| February 28, 2004 |
tcpick-0.1.21.tar.gz |
|
A textmode sniffer that can track TCP streams and saves the data captured in files or displays them in the terminal. |
| February 27, 2004 |
ex_servu.c |
|
Script that exploits the Serv-U FTP Server ‘MDTM’ Command Buffer Overflow vulnerability. |
| February 27, 2004 |
exp_servu_site_chmod.c |
|
Script that exploits the Serv-U FTP Server SITE CHMOD Buffer Overflow vulnerability. |
| February 27, 2004 |
servu_ftpd_mdtm.c |
|
Script that exploits the Serv-U FTP Server ‘MDTM’ Command Buffer Overflow vulnerability. |
| February 27, 2004 |
Servu2.c |
|
Script that exploits the Serv-U FTP Server ‘MDTM’ Command Buffer Overflow vulnerability. |
| February 27, 2004 |
serv-u-mdtm-expl.c |
|
Script that exploits the Serv-U FTP Server ‘MDTM’ Command
Buffer Overflow vulnerability. |
| February 27, 2004 |
thcservu.c |
|
Script that exploits the Serv-U FTP Server SITE CHMOD Buffer Overflow vulnerability. |
| February 27, 2004 |
wftpd_exp.c |
|
Exploit for the Multiple WFTPD Remote Vulnerabilities. |
| February 27, 2004 |
wftpd_STAT_exp.py |
|
Exploit for the Multiple WFTPD Remote Vulnerabilities. |
| February 27, 2004 |
xp_wftpd.zip |
|
Exploit for the Multiple WFTPD Remote Vulnerabilities. |
| February 26, 2004 |
mtools-exp.pl |
|
Proof of Concept exploit for the MTools MFormat Root Privileges vulnerability. |
| February 25, 2004 |
GateKeeper.c |
|
Script that exploits the Proxy-Pro Professional GateKeeper Web Proxy Remote Buffer Overflow vulnerability. |
| February 25, 2004 |
pso-exploit.c |
|
Script that exploits the PSOProxy Remote Buffer Overflow vulnerability. |
| February 25, 2004 |
PSOProxy-exp.c |
|
Script that exploits the PSOProxy Remote Buffer Overflow vulnerability. |
| February 25, 2004 |
PSOproxyExploit.c |
|
Script that exploits the PSOProxy Remote Buffer Overflow vulnerability. |
| February 25, 2004 |
psoproxy-exploit.c |
|
Script that exploits the PSOProxy Remote Buffer Overflow vulnerability. |
| February 24, 2004 |
grboom.rar |
|
Exploit for the Ghost Recon Game Engine Remote Denial of Service vulnerability. |
| February 24, 2004 |
gshboom.zip |
|
Exploit for the Gamespy Software Development Kit Remote Denial of Service vulnerability. |
| February 24, 2004 |
hgmcrash.c |
|
Script that exploits the Haegemonia Remote Denial of Service vulnerability. |
| February 23, 2004 |
gatekeeper_exploit.c |
|
Script that exploits the Proxy-Pro Professional GateKeeper Web Proxy Remote Buffer Overflow vulnerability. |
| February 23, 2004 |
gatekeeper_exploit_linux.c |
|
Script that exploits the Proxy-Pro Professional GateKeeper Web Proxy Remote Buffer Overflow vulnerability. |
| February 22, 2004 |
3com-DoS.c |
|
Proof of concept DoS exploit for 3Com Office Connect DSL Routers vulnerability. |
| February 22, 2004 |
breakout2-exp.c |
|
Script that exploits the LBreakout2 Buffer Overflow vulnerability. |
| February 20, 2004 |
Ftboom.c |
|
Proof of Concept exploit for the Team Factor Integer Overflow vulnerability. |
| February 20, 2004 |
PSOProxy.c |
|
Script that exploits the PSOProxy Remote Buffer Overflow vulnerability. |
| February 20, 2004 |
PSOProxy091.txt |
|
Exploit for the PSOProxy Remote Buffer Overflow vulnerability. |
| February 20, 2004 |
robotFtpDoSExploit.c |
|
Script that exploits the RobotFTP Server Remote Buffer Overflow vulnerability. |
| February 19, 2004 |
ldaped.c |
|
Script that exploits the IMail Server Remote LDAP Daemon Buffer Overflow vulnerability. |
| February 18, 2004 |
mremap_poc_2.c |
|
Script that exploits the Linux Kernel do_mremap Function Elevated Privileges vulnerability. |
| February 18, 2004 |
purge-cbof.rar |
|
Script that exploits the Interactive Purge/Purge Jihad Game Client Remote Denial of Service vulnerability. |
| February 18, 2004 |
testmail1 |
|
Proof of Concept exploit for the Metamail Multiple Buffer Overflow & Format String Vulnerabilities. |
| February 18, 2004 |
testmail2 |
|
Proof of Concept exploit for the Metamail Multiple Buffer Overflow & Format String Vulnerabilities. |
| February 18, 2004 |
testmail3 |
|
Proof of Concept exploit for the Metamail Multiple Buffer Overflow & Format String Vulnerabilities. |
| February 18, 2004 |
testmail4.splitmail |
|
Proof of Concept exploit for the Metamail Multiple Buffer Overflow & Format String Vulnerabilities. |
| February 18, 2004 |
xploit_dbg.cpp |
|
Exploit for the Windows ‘NtSystem DebugCon-trol()’ Kernel API Function Vulnerabilities. |
| February 17, 2004 |
imailRemoteExploit.c |
|
Script that exploits the IMail Server Remote LDAP Daemon Buffer Overflow vulnerability. |
| February 17, 2004 |
RobotFTP-dos.c |
|
Script that exploits the RobotFTP Server Remote Denial of Service vulnerability. |
| February 17, 2004 |
sp-samihttpddos.c |
|
Script that exploits the Sami HTTP Server GET Request Denial of Service vulnerability. |
| February 16, 2004 |
bypassEPA.pdf |
|
Article that discusses how to bypass the Execution Path Analysis used by the PatchFinder utility, avoiding Windows 2k/XP rootkit detection. |
| February 16, 2004 |
Monkeydos.rar |
|
Exploit for the Monkey HTTP Daemon Remote Denial of Service vulnerability. |
| February 16, 2004 |
nast-0.2.0.tgz |
|
A packet sniffer and a LAN analyzer based on Libnet and Libpcap that can sniff the packets on a network interface in normal mode or in promiscuous mode. |
| February 16, 2004 |
Tcpick |
|
A textmode sniffer that can track TCP streams and can store all connections in different files or it can display all the stream on the terminal. A useful tool for picking files in a passive way. |
| February 14, 2004 |
Asp-POC.pl |
|
Perl script that exploits the ASP Portal Cookie Account Hijack vulnerability. |
| February 14, 2004 |
promisc20030313.tar.gz |
|
A sniffer that is based on the AF_PACKET domain socket. It parses the IP, TCP, UDP, ICMP, and ARP protocols. |
| February 14, 2004 |
sambascan2-0.3.4.tar.gz |
|
Sambascan2 allows you to search an entire network or a number of hosts for SMB shares and will also list the contents of all public shares that it finds. |
| February 13, 2004 |
ASPportal.txt |
|
An exploit for the ASP Portal Cookie Account Hijack vulnerability. |
| February 12, 2004 |
crobConDisconExploit.c |
|
Script that exploits the Crob FTP Server Remote
Denial of Service vulnerability. |
| February 11, 2004 |
X11.fontalias.c |
|
Script that exploits the XFree86 Font Information File Buffer Overflow vulnerability. |
| February 10, 2004 |
evoX-dos.pl |
|
Perl script that exploits the EvolutionX Denial of Service vulnerability. |
| February 10, 2004 |
MS04-007-dos.c |
|
Script that exploits the Windows ASN.1 Library Integer Handling vulnerability. |
| February 10, 2004 |
phpNukeSearchModExploit.php |
|
Exploit for the PHPNuke Remote SQL Injection vulnerability. |
| February 10, 2004 |
The_First_Cut_Is_The_Deepest.txt |
|
An exploit for PHPNuke versions 6.x and greater that extracts the administrator hash using a SQL injection attack. |
| February 10, 2004 |
xFreeFontBufO.c |
|
Script that exploits the XFree86 Font Information File
Buffer Overflow vulnerability. |
| February 9, 2004 |
kismet-feb.04.01.tar.gz |
|
A 802.11 layer 2 wireless network sniffer that can sniff 802.11b, 802.11a, and 802.11g traffic. It is capable of sniffing using almost any wireless card supported in Linux, which currently divide into cards handled by libpcap and the Linux-Wireless extensions (such as Cisco Aironet), and cards supported by the Wlan-NG project which use the Prism/2 chipset (such as Linksys, Dlink, and Zoom). |
| February 8, 2004 |
palmhttpd_dos.c |
|
Exploit for the Palmhttpd Server Remote Denial of Service vulnerability. |
| February 8, 2004 |
PalmOShttpd.txt |
|
Exploit for the Palmhttpd Server Remote Denial of Service vulnerability. |
| February 8, 2004 |
phpNukeSQLinj.pl |
|
Perl script that exploit the PHP-Nuke ‘public_message()’
Input Validation vulnerability. |
| February 8, 2004 |
sambarSmudge.py |
|
Script that exploits the Sambar Server Results.STM Post Request Buffer Overflow vulnerability. |
| February 8, 2004 |
trackmania_dos.c |
|
Script that exploits the Nadeo Game Engine Remote
Denial of Service vulnerability. |
| February 6, 2004 |
chrootAgainExploit.c |
|
Script that exploits the VServer Virtual Server chroot() vulnerability. |
| February 6, 2004 |
dreamFTPNightmare.c |
|
Script that exploits the BolinTech Dream FTP Server User Name Format String vulnerability. |
| February 6, 2004 |
systemsearcher.tgz |
|
A Linux security scanner written in Perl that scans single hosts or subnets for anonymous FTP servers, TFTP servers, SMTP servers which allow relaying, SSH servers, Telnet servers, NFS servers with exported directories, mail servers, Web servers (HTTP/HTTPS), well- known Trojan ports, and exploitable CGIs. |
| February 5, 2004 |
vserver_chroot.txt |
|
Local exploit for the VServer Virtual Server chroot() vulnerability. |
| February 3, 2004 |
chaser-adv.txt |
|
Exploit for the Chaser memory allocation vulnerability. |
| February 3, 2004 |
chaser-client.zip |
|
Test exploit for the server of Chaser versions 1.50 and below memory allocation vulnerability. |
| February 3, 2004 |
chasercrash.zip |
|
Test exploit for the server of Chaser versions 1.50 and below memory allocation vulnerability. |
| February 2, 2004 |
ADMsmb_0.3.tar.gz |
|
A security scanner for Samba based on the source of smbclient. That will get the netbios name, share list, workgroup, domain, and OS. |
| February 2, 2004 |
overkill.txt |
|
Exploit for the 0verkill Game Client Multiple Buffer Overflows vulnerabilities. |
| February 2, 2004 |
tcpick-0.1.20.tar.gz |
|
A textmode sniffer that can track TCP streams and saves the data captured in files or displays them in the terminal. |
| February 2, 2004 |
uniqueid-0.5.0.tar.gz |
|
A Perl CGI that calculates and reverse engineers driver's license numbers. |
| February 4, 2004 |
web-crossing-exp.pl |
|
Perl script that exploits the Web Crossing Web Server Component Remote Denial of Service vulnerability. |
| February 2, 2004 |
$r34ct-rainbow.pl |
|
Perl script that exploits the SurgeFTP Remote Denial of Service vulnerability. |
| February 2, 2004 |
0verkill-exploit.c |
|
Script that exploits the 0verkill Game Client Multiple Local Buffer Overflow vulnerabilities. |
| February 1, 2004 |
PHPNUKEexploit1.html |
|
Exploit for one of the PHP-Nuke Multiple Vulnerabilities. |
| February 1, 2004 |
PHPNUKEexploit2.html |
|
Exploit for one of the PHP-Nuke Multiple Vulnerabilities. |
| February 1, 2004 |
PHPNUKEexploit3.html |
|
Exploit for one of the PHP-Nuke Multiple Vulnerabilities. |
| January 30, 2004 |
sslexp.c |
|
Brute forcer for OpenSSL ASN.1 parsing vulnerabilities. |
| January 30, 2004 |
winblast.sh |
|
Script that exploits the Windows XP/2003 Samba Denial of Service vulnerability. |
| January 29, 2004 |
epolicy_exp.c |
|
Script that exploits the ePolicy Orchestrator Agent HTTP POST vulnerability. |
| January 28, 2004 |
nfshp2cbof.zip |
|
Exploit for the Black Box Remote Buffer Overflow vulnerability. |
| January 27, 2004 |
OPEN3S-2003-08-08-eng-informix-onedcu.sh |
|
Script that exploits one of the Informix Multiple Vulnerabilities. |
| January 27, 2004 |
OPEN3S-2003-08-08-eng-informix-ontape.c |
|
Script that exploits one of the Informix Multiple Vulnerabilities. |
| January 26, 2004 |
mandragore-servuex.c |
|
Script that exploits the Serv-U FTP 'site chmod' Remote Buffer Overflow vulnerability. |
| January 26, 2004 |
mslug-servu.c |
|
Script that exploits the Serv-U FTP 'site chmod' Remote Buffer Overflow vulnerability. |
| January 26, 2004 |
proxynow_exp.pl |
|
Perl script that exploits the ProxyNow Multiple Buffer Overflow vulnerability. |
| January 26, 2004 |
serv-ME.c |
|
Script that exploits the Serv-U FTP 'site chmod' Remote Buffer Overflow vulnerability. |
| January 26, 2004 |
proxyNow2x.txt |
|
Perl script that exploits the ProxyNow Multiple Buffer Overflow vulnerability. |
| January 26, 2004 |
Servu.c |
|
Script that exploits the Serv-U FTP 'site chmod' Remote Buffer Overflow vulnerability. |
January 22, 2004 |
Apache-Mod-Perl.pl |
|
Perl script that exploits the Apache mod_perl Module File Descriptor Leakage vulnerability. |
January 22, 2004 |
lftp-exp.c |
|
Script that exploits the LFTP Buffer Overflows vulnerability. |
January 20, 2004 |
0om.c |
|
Script that exploits the SuSE YaST ‘SuSEconfig. gnome-filesystem’ Insecure File Creation vulnerability. |
January 20, 2004 |
wcamdos.rar |
|
Exploit for the Web Server Component Content-Length Value Remote Denial of Service vulnerability. |
January 19, 2004 |
yabb.java |
|
Exploit for the YABB SE SSI.PHP ID_MEMBER SQL Injection vulnerability. |
January 14, 2004 |
poststrike.c |
|
Script that exploits the WWW File Share Pro Multiple Remote Vulnerabilities. |
January 14, 2004 |
webpostmem.c |
|
Script that exploits the WWW File Share Pro Multiple Remote Vulnerabilities. |
January 10, 2004 |
DameWeird.c |
|
Script that exploits the Mini Remote Control Buffer Overflow vulnerability. |
January 9, 2004 |
windowsftpserver-ex.c |
|
Script that exploits the Windows FTP Server Username Format String vulnerability. |
January 8, 2004 |
SwitchOff.c |
|
Script that exploits the Switch Off Remote Buffer Overflow vulnerability. |
January 7, 2004 |
kpym_exp.c |
|
Script that exploits KpyM Telnet Server Remote Denial of Service vulnerability. |
January 7, 2004 |
mremap_bug.c |
|
Exploit that tests whether or not a Linux system is vulnerable to the ‘do_mremap’ Function vulnerability. |
January 7, 2004 |
mremap_poc.c |
|
Exploit for the Linux Kernel ‘do_mremap’ Function vulnerability. |
January 6, 2004 |
urc.zip |
|
A utility that demonstrates a simple UDP backdoor this allows for remote program execution on a Microsoft Windows server. |
January 5, 2004 |
adore-ng-0.31.tgz |
|
A Linux LKM based rootkit for Linux v2.[24]. Features smart PROMISC flag hiding, persistent file and directory hiding (still hidden after reboot), process-hiding, netstat hiding, rootshell-backdoor, and an uninstall routine. |
January 5, 2004 |
exp-xsok.c |
|
Script that exploits the XSOK ‘LANG’ Environment Variable Buffer Overflow vulnerability. |
January 5, 2004 |
exp-xsok-2.c |
|
Script that exploits the XSOK ‘XSOKDir’ Option Buffer Overflow vulnerability. |
January 5, 2004 |
mremap_poc.c |
|
Exploit for the Linux Kernel ‘do_mremap’ Function vulnerability. |
January 5, 2004 |
Syskey.zip |
|
A whitepaper that describes the obfuscation algorithm used by Windows 2k/NT/XP Syskey and the steps required to remove its encryption from the password hashes. Tools to automate the process are also included. |
January 5, 2004 |
Trustscn_6.4_b85.exe |
|
A new version of the web security scanner originally known as the Stealth HTTP Security Scanner that provides 13,000 http vulnerability checks and runs on Win32 and Linux under Wine. |
January 5, 2004 |
vbulletinSQL.txt |
|
Exploit code for the vBulletin Calendar Script Input Validation vulnerability. |
January 5, 2004 |
wcwdpoc.pl |
|
Perl script that exploits the Webcam Watchdog Web Server Remote Buffer Overflow vulnerability.
|
January 5, 2004 |
webcamwatchdog.txt |
|
Exploit for the Webcam Watchdog Web Server Remote Buffer Overflow vulnerability.
|
January 3, 2004 |
0x333xsok2.c |
|
Script that exploits the XSOK ‘XSOKDir’ Option Buffer Overflow vulnerability. |
January 3, 2004 |
0x333xsok-2.c |
|
Script that exploits the XSOK 'xfopen.c' Remote Code Execution vulnerability. |
January 3, 2004 |
switchoff_exp.c |
|
Script that exploits the Switch Off Remote Buffer Overflow vulnerability. |
January 3, 2004 |
watchdog_exp.pl |
|
Perl script that exploits the Webcam Watchdog Web Server Remote Buffer Overflow vulnerability.
|
January 3, 2004 |
wts_bo.c |
|
Script that exploits the Jordan Windows Telnet Server Remote Buffer Overflow vulnerability. |
December 31, 2003 |
CrashSecurityServer.c |
|
Exploit for the MacOS X SecurityServer Daemon Denial of Service vulnerability. |
December 30, 2003 |
0x333xsok.c |
|
Script that exploit the XSOK ‘LANG’ Environment Variable Buffer Overflow vulnerability. |
December 30, 2003 |
showexp.txt |
|
Exploit for the Internet Explorer ‘showHelp’ Directory Traversal vulnerability. |
December 29, 2003 |
jordwts.zip |
|
Exploit for the Jordan Windows Telnet Server Remote Buffer Overflow vulnerability.
|
December 29, 2003 |
Loader.zip |
|
Exploit for the Sygate Personal Firewall Authentication Bypass vulnerability. |
December 29, 2003 |
mdaemon_poc.c |
|
Script that exploits the MDaemon/ WorldClient ‘Form2Raw’ Remote Buffer Overflow vulnerability. |
December 28, 2003 |
gspoof-3.2.tar.gz |
|
A GTK+ program written in C that makes easy and accurate the building and the sending of TCP packets with or without a data payload. It's possible to modify TCP/IP fields or the Ethernet header. |
December 26, 2003 |
apache_poc.c |
|
Script that exploits the Apache ‘mod_php’ Module Information Disclosure vulnerability. |
December 26, 2003 |
prepare.sh |
|
Script that exploits the Indent Local Heap Overflow vulnerability. |
December 26, 2003 |
winnie-template.c |
|
Script that exploits the Indent Local Heap Overflow vulnerability. |
December 24, 2003 |
nesumin-opera.pl |
|
Perl script that exploits the Opera Directory Traversal vulnerability. |
December 24, 2003 |
phpbb_exp.pl |
|
Perl script that exploits the phpBB ‘search.php’ Input Validation vulnerability. |
December 24, 2003 |
phpbb_sql_exp.pl |
|
Perl script that exploits the phpBB ‘search.php’ Input Validation vulnerability. |
December 24, 2003 |
SPK-IMSPd.c |
|
Script that exploits the Cyrus IMSP Daemon Remote Buffer Overflow vulnerability. |
December 23, 2003 |
1stCleanRc-Xp.zip |
|
Proof of Concept exploit s for the Internet Explorer Multiple Vulnerabilities. |
December 23, 2003 |
hole-e-day.zip |
|
Exploit for the Multiple Browser URI Display Obfuscation vulnerability. |
December 23, 2003 |
URL-Obfuscator-Page-Creator.vbs.txt |
|
Exploit for the Multiple Browser URI Display Obfuscation vulnerability. |
December 23, 2003 |
vlogger-2.1.1.tar.gz |
|
A new release from THC that logs keystrokes on a Linux box. It logs all console, serial, and remote sessions, and does not use syscall modification. |
December 23, 2003 |
ward2.c |
|
A classic war dialer that scans a list of phone numbers, finding the ones where a modem is answering the call. WARD can generate phone number lists based on a user-supplied mask, in incremental or random order. |
December 22, 2003 |
CesarFTP_poc.pl |
|
Script that exploits the CesarFTP Remote Denial of Service vulnerability. |
December 22, 2003 |
pf_dos_poc.pl |
|
Perl script that exploits the ProjectForum Denial of Service & Cross-Site Scripting vulnerabilities. |
December 22, 2003 |
xlight_poc.pl |
|
Perl script that exploits the Xlight FTP Server Remote Buffer Overflow vulnerability.
|
December 17, 2003 |
eZXploit.pl |
|
Script that exploits the EZMeeting ‘EZNet.EXE’ Remote Buffer Overflow vulnerability.
|
December 17, 2003 |
ms03-043v2.c |
|
Script that exploits the Messenger Service Buffer Overflow vulnerability. |
December 16, 2003
|
arptoxin.exe |
|
A fully functional command line ARP Poisoning utility for the Windows platform which uses winpcap. Includes preset modes of operation for different attacks and the ability to change any field in the ARP packet. |
Mailing Lists & Feeds
