exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 86 RSS Feed

Files from shadowpenguin

First Active1999-11-05
Last Active2002-07-08
gdd23.tar.gz
Posted Jul 8, 2002
Authored by shadowpenguin, Shadow Penguin Security | Site shadowpenguin.org

GreedyDog v2.3 is an ethernet packet sniffer for Linux, FreeBSD, OpenBSD, NetBSD, Solaris, IRIX, SunOS4, AIX, MacOSX, and Windows2000/Xp. GreedyDog keeps stream of each TCP session and writes to logfile. Very portable. Manual is here.

tags | tcp
systems | linux, netbsd, solaris, freebsd, irix, openbsd, aix
SHA-256 | 9ea5aa65e79bb73b43231fbad538888ef8b601b0fa200261c300006cf9e23e7c
ex_winproxy.c
Posted Nov 14, 2000
Authored by Unyun, shadowpenguin | Site shadowpenguin.backsection.net

Shadow Penguin Security Advsory #37 - WinProxy 2.0.0/2.0.1 (now known as Black Jumbo dog) contains many remotely exploitable buffer overflows. Exploit for the POP3 service included, tested on Japanese Windows98.

tags | exploit, overflow
SHA-256 | 78e8de82cf9348d47c5825f12d48e94baa226fdb5c9e134cadcd9e5e315b39a4
sps39.acrobat.txt
Posted Jul 27, 2000
Authored by Unyun, shadowpenguin | Site shadowpenguin.backsection.net

Shadowpenguin Security Advisory #39 - Adobe Acrobat Series PDF File buffer overflow. Many versions of Acrobat for Windows95/98/NT/2000 overflows when reading the PDF file which has long Registry or Ordering. The EIP can be controled and arbitrary code can be executed on the machine which views the PDF file. Patches available here.

tags | overflow, arbitrary, registry
SHA-256 | 517e6a13e53bcce4434518e0ff0fb9a5d889fe202d03af6d287ea2a02993baaf
getcode010.lzh
Posted Dec 9, 1999
Authored by Unyun, shadowpenguin | Site shadowpenguin.backsection.net

Getcode assists you in coding windows exploits by getting the codes for jmp reg,call reg,push reg;ret from some loaded dlls.

systems | windows
SHA-256 | 7cbbdc5037e046422003cb81047ef31d48b67a030528f6863b9093acd02a86b4
ex_inc.c
Posted Nov 25, 1999
Authored by Unyun, shadowpenguin | Site shadowpenguin.backsection.net

ex_inc.c exploits a bounds checking error in /usr/jp/bin/mh/inc which was distributed with the mh-6.8.3 package. Local root compromise.

tags | exploit, local, root
systems | unix
SHA-256 | 64f2aa455cd466403bc433552e384ce9c8e0ca9b98c3b17c61c9298a5606d3ea
ex_bbc.c
Posted Nov 25, 1999
Authored by Unyun, shadowpenguin | Site shadowpenguin.backsection.net

ex_bbc.c exploits a bounds checking error in /usr/jp/bin/mh/bbc which was distributed with the mh-6.8.3 package. Local root compromise.

tags | exploit, local, root
systems | unix
SHA-256 | 473ed7b2b606ac73b513d39a31d17c1a0273bb06e15e9331e35c648649c833b8
ex_kcms_configure86.c
Posted Nov 25, 1999
Authored by Unyun, shadowpenguin | Site shadowpenguin.backsection.net

kcms_configure has a overflow bug with "-P" option and it has been reported(107339-01). But this program has another hole. This hole has not been not reported, and the paches are not published at this time. kcms_configure overflows if long string is specified in NETPATH environment, and it is exploitable. I have included an exploit for Solaris7 intel edition to obtain root privilege.

tags | exploit, overflow, root
systems | unix
SHA-256 | ea0a516a062e19771e9d6d970e1a6bd9a1fc9ee7ecf921fcb1848a66309b1ef1
ex_kcms_configuresp.c
Posted Nov 25, 1999
Authored by Unyun, shadowpenguin | Site shadowpenguin.backsection.net

The vulnerability in kcms_configure also exists in Solaris 2.6 and 2.7 sparc edition. Exploit included.

tags | exploit
systems | unix, solaris
SHA-256 | ddad8f87f48eb849bc4bf6f56910e4be16715ce9dec57022ab5c00f69f2c1712
ex_mailtool.c
Posted Nov 25, 1999
Authored by Unyun, shadowpenguin | Site shadowpenguin.backsection.net

The mailer programs (mailtool and dtmail) and mail message print filter (dtmailpr) which are installed on Solaris7 have exploitable buffer overflow bugs. These programs are sgid (mail group) programs, local user can obtain mail group. The mail files are generated with 660 permission, so any user can read/write other user's mail files. I coded the exploits to get mail gid(egid=6). There are for Intel Solaris7. There are same kind of problems on Sparc Solaris7 and Solaris2.6 (Intel,Sparc).

tags | exploit, overflow, local
systems | unix
SHA-256 | e92d0a93449cedf9a5f2e97de3948d9c6e4f86ade92541e2bae6d0f02e99dcf4
amloger.c
Posted Nov 5, 1999
Authored by shadowpenguin

This is a auto logger for Amuser-net BBS which is used in the many Japanese underground sites

systems | unix
SHA-256 | 80653f6e1487e011985dfd86c164d0cf36943b4d7308752dc4124f262cb28c83
cgiexp.c
Posted Nov 5, 1999
Authored by shadowpenguin

This utility lists the servers which have the security vulnerabilities of CGI program. This utility supports the pht, test-cgi, nph-test-cgi, campas, htmlscritp, servce, pwd. The addition of new vulnerabilities is very easy.

tags | cgi, vulnerability
systems | unix
SHA-256 | d4a27daf41edaca44387d84582a47076dd8c2e2c284b8050549e4fece0afa2f9
easyscan.c
Posted Nov 5, 1999
Authored by shadowpenguin

The simple full-connection TCP port scanner. This utility lists the servers that open the specified port.

tags | tcp
systems | unix
SHA-256 | 2c2f178a0939dd3208042185eefd81b52fe57d32f8e190530bd6b4b8757524b9
ex_admintool.c
Posted Nov 5, 1999
Authored by shadowpenguin

Admintool local root exploit for Solaris2.6/7 Sparc machines.

tags | exploit, local, root
systems | unix
SHA-256 | b69c9cefb259fec08d07e73ec2112aafb9dd38c3c3df8295a4ee405733e2666d
ex_almail.c
Posted Nov 5, 1999
Authored by shadowpenguin

We found the overflow bug of AL-Mail32 Ver1.10. It overflows when that receives the long message of From: or Reply-To:. If the POP3 server send the long reply message that contains the exploit code, client executes any code. This exploit code execute any command on the target windows.

tags | exploit, overflow
systems | windows
SHA-256 | 707e8900f91b20b7c4ce906c63a00e36b79aa06a48654a492b594792e64b7447
ex_anhttpd.txt
Posted Nov 5, 1999
Authored by shadowpenguin

The test CGIs which are distributed with AN-HTTPd 1.20b contain the remote command execution problem.

tags | exploit, remote, cgi
systems | windows
SHA-256 | 2b6555ec7dadb833a618b2504a1b544225684da50219f4b22cbe90e83f51425b
ex_canuum.c
Posted Nov 5, 1999
Authored by shadowpenguin

Local root exploit code for buffer overflow in canuum for Japanese Linux.

tags | exploit, overflow, local, root
systems | linux, unix
SHA-256 | fd52577360eeaf28add4cfb979dda4918874e018bf645981ba365c5ede4420e4
ex_chocoa.c
Posted Nov 5, 1999
Authored by shadowpenguin

We found the overflow bug of CHOCOA 1.0beta7R. It overflows when that receives the long TOPIC. If the server send the long TOPIC that contains the exploit code, client executes any code. This exploit code execute any command on the target windows.

tags | exploit, overflow
systems | windows
SHA-256 | 1d808b55df808f181f7c029bf9268dfc7cd5c39061fb3906cefe50db633b1825
ex_cmail.c
Posted Nov 5, 1999
Authored by shadowpenguin

We found the overflow bug of CMail Server 2.3 SP2. It overflows when that receives the long MAIL FROM: in SMTP handling. If the host recives the packet which contains the exploit code, the host has been cracked by any instructions which are coded in the exploit code. This example sends the exploit code that executes any command on the host which is running the CMail Server 2.3 SP2.

tags | exploit, overflow
systems | windows
SHA-256 | c5662e8f3a1f97a425d8e0c04ec0eb3a1a5d42a218a8a4a487fe02fc9ace09fd
ex_emc.c
Posted Nov 5, 1999
Authored by Unyun, shadowpenguin | Site shadowpenguin.backsection.net

Buffer overflow in E-MailClub Ver1.0.0.5. It overflows when that receives the long From: in POP3 handling. If the host recives the mail which contains the exploit code, the host has been cracked by any instructions which are coded in the exploit code. This example generates the e-mail which contains the exploit code that reboot the target host. This exploit is coded for Windows98 Japanese edition, but if you change some parameters written in the sample exploit program, it will may works on Windows95 and WindowsNT.

tags | exploit, overflow
systems | windows
SHA-256 | eb5bb461b617975286628c613e3683c4e15675996639c870d9fababc85a7a212
ex_fuse.c
Posted Nov 5, 1999
Authored by shadowpenguin

We found the overflow bug of FuseMail 2.7. It overflows when that receives the long USER or PASS in POP3 handling. If the host recives the packet which contains the exploit code, the host has been cracked by any instructions which are coded in the exploit code. This example sends the exploit code that executes any command on the host which is running the CMail FuseMail 2.7.

tags | exploit, overflow
systems | windows
SHA-256 | 309610ace7f1c7fb6114ed72658bed907b4988c547c4ac6b184fd6b386bdd773
ex_hpprint.c
Posted Nov 5, 1999
Authored by shadowpenguin

We found the overflow bug of IBM HomePagePrint 1.0.7. If the visitors "print" or "preview" the web page which contains the long IMG SRC tags, the buffer overflow occurs. If this application reads the IMG SRC tag which is contained the exploit code, the host will be cracked. This sample generates a HTML file which is contained the exploit code that executes any command on the users' host.

tags | exploit, web, overflow
systems | windows
SHA-256 | 5b41c9cf0b6067f3542e27cb0432a55a0de1c7f63f761bf8d438001347254958
ex_ie4.c
Posted Nov 5, 1999
Authored by shadowpenguin

Microsoft Internet Explorer 4/5 overflows when the handling of "file://" specification. We coded the following sample codes. This codes generates the HTML file that reboots the client PC if the visitor uses IE4 for Windows98.

tags | exploit, overflow
systems | windows
SHA-256 | 042079790a6a4e9b858fb430e1f60928c5954d79784d84570c99351187dc48e4
ex_ie5.c
Posted Nov 5, 1999
Authored by shadowpenguin

This is overflow exploit for IE5.

tags | exploit, overflow
systems | windows
SHA-256 | af06e379b7a306fde53304718b7a6241229b6901fa31f4561c882f3b0b99c9d2
ex_imagemap.c
Posted Nov 5, 1999
Authored by shadowpenguin

Imagemap CGI which is written by C language is distributed with OmniHTTPd Pro2.04(shareware) and Ver1.01 (freeware), it has a security hole by the buffer overflow. Any instructions can be executed on the victim host by using this buffer overflow bug.

tags | exploit, overflow, cgi
systems | windows
SHA-256 | 23049799fe2224b9687d2345582b6e2e023c1ecd39d0e9ef35a33a70b0a2fc7d
ex_irfan.c
Posted Nov 5, 1999
Authored by shadowpenguin

The popular Image viewer "Irfan View32" contains the buffer overflow problem, this problem exists in the handling of Adobe Photoshop image file. This code generates the jpg file which contains the exploit code that generates "exp.com" in "c:\" and executes it. "exp.com" is a simple demo program, there is no danger.

tags | exploit, overflow
systems | windows
SHA-256 | 5a4c0197a83f99d759c5a6f2d4a089f21af960881b1053185810e9ea7530d600
Page 1 of 4
Back1234Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    25 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close