what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 84 RSS Feed

Files from vade79

Email addressv9 at fakehalo.us
First Active2000-03-08
Last Active2007-07-31
corehttp-overflow.txt
Posted Jul 31, 2007
Authored by vade79 | Site fakehalo.us

corehttp version 0.5.3alpha remote buffer overflow exploit.

tags | exploit, remote, overflow
SHA-256 | e98680cccb577b333592ef8e70b14717becc34ab537a7f4ffc2eb8a498ed7f3e
xwdp-cygwin.c
Posted May 17, 2007
Authored by vade79 | Site fakehalo.us

Webdesproxy version 0.0.1 GET request remote buffer overflow exploit.

tags | exploit, remote, overflow
SHA-256 | b4593daeaadd34df5f26b06cb70578506f21879079a0042b9fdaa860e501e97d
xnotepad.c
Posted May 15, 2007
Authored by vade79

notepad++ version 4.1 ruby file processing buffer overflow exploit for win32.

tags | exploit, overflow, ruby
systems | windows
SHA-256 | a94c3b69ca7e1bf525c7e26b2d1417c794a90e1191e066b5bf7ec61ad95b9338
3proxy-win32.c
Posted May 3, 2007
Authored by vade79 | Site fakehalo.us

3proxy version 0.5.3g proxy.c logurl() remote buffer overflow exploit for win32. Binds a shell to tcp port 7979.

tags | exploit, remote, overflow, shell, tcp
systems | windows
SHA-256 | c01927dc7bdc5ec6906d1be1b4604e4dbc614e0b115fb9d2ad8570e7a9c45c3c
3proxy-linux.c
Posted May 3, 2007
Authored by vade79 | Site fakehalo.us

3proxy version 0.5.3g proxy.c logurl() remote buffer overflow exploit for Linux. Can spawn a bind shell or launch connect-back code.

tags | exploit, remote, overflow, shell
systems | linux
SHA-256 | 6c88fda037ba960a678b91b49e36f8dc08ef0d1a5e49878c3b716503bd53e1ff
iDEFENSE Security Advisory 2006-03-02.2
Posted Mar 3, 2006
Authored by vade79, iDefense Labs | Site idefense.com

iDefense Security Advisory 03.02.06 - Local exploitation of a design error in version 10.3.9 of Apple Computer Inc.'s Mac OS X could allow arbitrary files to be overwritten with user supplied contents. iDefense has confirmed the existence of this vulnerability in Mac OS X Version 10.3.9. In addition, the following versions been confirmed by the vendor to be vulnerable: Mac OS X Server Version 10.3.9, Mac OS X Version 10.4.5, Mac OS X Server Version 10.4.5.

tags | advisory, arbitrary, local
systems | apple, osx
advisories | CVE-2005-2713, CVE-2005-2714
SHA-256 | e7446b72dec9077789ffe0797d1ef378c8198f6cc646387674d5f7e0a5fc95b1
xosx-passwd.pl.txt
Posted Mar 3, 2006
Authored by vade79

/usr/bin/passwd local root exploit for Mac OS X.

tags | exploit, local, root
systems | apple, osx
SHA-256 | 97197ddd5e524ee50e986acb2ca1a3f44536133ef892db8bacad5ac7477cfb1c
iDEFENSE Security Advisory 2005-11-11.t
Posted Nov 12, 2005
Authored by vade79, iDefense Labs | Site idefense.com

iDEFENSE Security Advisory 11.11.05 - Remote exploitation of a command injection vulnerability in various vendors' implementations of Lynx could allow attackers to execute arbitrary commands with the privileges of the underlying user. The problem specifically exists within the feature to execute local cgi-bin programs via the lynxcgi: URI handler. The handler is generally intended to be restricted to a specific directory or program(s). However, due to a configuration error on multiple platforms, the default settings allow for arbitrary websites to specify commands to run as the user running Lynx. iDEFENSE has confirmed the existence of this vulnerability in the latest stable release of Lynx, version 2.8.5. It is suspected that earlier versions are also affected.

tags | advisory, remote, arbitrary, local, cgi
advisories | CVE-2005-2929
SHA-256 | b4e1e54bc83530521503bfe91f4bca692869b0c1e30589c117f27fa98dc41e55
openVPN20x.txt
Posted Nov 1, 2005
Authored by vade79

OpenVPN version 2.0.x contain a remotely exploitable format string bug in the processing of its command-line and configuration arguments.

tags | advisory
SHA-256 | ac9aae219661e250d8c14e1b49f62bdb7c92bc9fd23b145253ed6ab7f2d03578
iDEFENSE Security Advisory 2005-08-29.2
Posted Aug 31, 2005
Authored by vade79, iDefense Labs | Site idefense.com

iDEFENSE Security Advisory - Local exploitation of a design error in Adobe Systems, Inc. Version Cue allows local attackers to gain root privileges. Version Cue includes a setuid root application named VCNative which is vulnerable to a symlink attack. The vulnerability specifically exists due to the use of predictable log file names. VCNative uses a format such as VCNative-[pid].log for the filename and stores the file in the current working directory. Attackers can easily predict the created filename and supply user-controlled data via the -host and - port options. A carefully supplied value can cause a crafted log file to be written. Crafted strings written to root-owned files can lead to arbitrary code execution with root privileges.

tags | advisory, arbitrary, local, root, code execution
advisories | CVE-2005-1842
SHA-256 | 411dc375de7e880373b5415079f07e6ba80c1cdda2a6b6a1c38e1aa35c6407ac
iDEFENSE Security Advisory 2005-08-29.1
Posted Aug 31, 2005
Authored by vade79, iDefense Labs | Site idefense.com

iDEFENSE Security Advisory - Local exploitation of a design error in Adobe Systems, Inc. Version Cue allows local attackers to gain root privileges. Version Cue includes a setuid root application named VCNative which contains a design error that allows local attackers to gain root privileges. The vulnerability specifically exists due to an unchecked command line option parameter. The -lib command line option allows users to specify library bundles which allows for the introduction of arbitrary code in the context of a root owned process. The init function in a shared library is executed immediately upon loading. By utilizing the -lib argument to load a malicious library, local attackers can execute arbitrary code with root privileges.

tags | advisory, arbitrary, local, root
advisories | CVE-2005-1843
SHA-256 | 4df7fce995e778869fe2e236a60a050ada95134690b5bfce30b5fc73c86389d1
ethereal-SMB-DoS.c
Posted May 27, 2005
Authored by vade79, Nicob

Ethereal versions 0.10.10 and below SMB dissector remote denial of service exploit. Tested on 0.9.4 and 0.10.10.

tags | exploit, remote, denial of service
SHA-256 | 4bfdc3de77cde29503fcc4e4486eb5b7f814eb9ba623b7c983982dfc0e0ee4fa
xtcpdump-isis-dos.c
Posted Apr 27, 2005
Authored by vade79 | Site fakehalo.us

Tcpdump v3.8.x/3.9.1 remote infinite loop denial of service exploit which takes advantage of the isis_print() function by sending a GRE packet.

tags | exploit, remote, denial of service
SHA-256 | 7715283f9e248b04a7f1186a37ab92696fba6aa192da993f47a8e4362a1c6bfa
xtcpdump-bgp-dos.c
Posted Apr 27, 2005
Authored by vade79 | Site fakehalo.us

Tcpdump v3.8.x and below remote denial of service exploit which causes tcpdump to go into an infinite loop when it processes an evil BGP packet. Works if TCP port 179 is not filtered.

tags | exploit, remote, denial of service, tcp
SHA-256 | ccc1ba68ec8e05ee151df0dc0455d51be29ffeac87519d101d1ec5c6ec4d29f6
xtcpdump-ldp-dos.c
Posted Apr 27, 2005
Authored by vade79 | Site fakehalo.us

Tcpdump v3.8.3 and below remote denial of service exploit which causes tcpdump to go into an infinite loop when it processes an evil LDP packet.

tags | exploit, remote, denial of service
SHA-256 | 5d2ae4babb02e4a4cdaf59c68d9c308c703d7d0c5ae0c27f8ef1aab1b8401184
xtcpdump+ethr-rsvp-dos.c
Posted Apr 27, 2005
Authored by vade79 | Site fakehalo.us

Tcpdump v3.9.1 and below and Ethereal v0.10.10 and below remote denial of service exploit which takes advantage of a bug in rsvp_print().

tags | exploit, remote, denial of service
SHA-256 | 55e3698692b58c34879b5f8ed2655d6e63f7b4f6346ba705a052758b7d96a384
xosx-cf.c
Posted Mar 24, 2005
Authored by vade79 | Site fakehalo.us

Local root exploit for /usr/bin/su on Mac OS X that makes use of the buffer overflow vulnerability discovered by iDefense using the CF_CHARSET_PATH environment variable.

tags | exploit, overflow, local, root
systems | apple, osx
advisories | CVE-2005-0716
SHA-256 | 3d4f65ef5c5787a4e22d1adaf440941026368d42080a9637123986b999b4dcbf
xfinder-ds.pl
Posted Feb 22, 2005
Authored by vade79

The Finder utility that Mac OSX uses to launch and manipulate files and applications fails to check for hard linked files before performing changes. This allows an unprivileged user the ability to overwrite files as root. Full exploit included.

tags | exploit, root
systems | apple
SHA-256 | 607bf00b82581926e1ae755d2297dd135f36f47351d4a9b69559b86cf1ab5d89
xfkey.c
Posted Jan 25, 2005
Authored by vade79 | Site fakehalo.us

fkey version 0.0.2 local file accessibility exploit.

tags | exploit, local
SHA-256 | dfb6bbb2d3c62d255c655605b6d08045515378ba0ce5439df34cced8c6849b4a
xxchat-socks5.c
Posted May 4, 2004
Authored by vade79

X-Chat versions 2.0.8 through 1.8.0 remote exploit that makes use of a buffer overflow in the SOCKS-5 proxy code. Successful exploitation binds a shell to port 7979.

tags | exploit, remote, overflow, shell
SHA-256 | 2fee8170f90a051fd47c72f81150fec692e3bf4fac546c3cd394c69c90bc8001
xmpg123.c
Posted Sep 23, 2003
Authored by vade79

mpg123 v0.59r and 0.59s remote client-side heap corruption exploit that makes use of the overflow found in the readstring() function of httpget.c which does not limit the amount of data written to a buffer.

tags | exploit, remote, overflow
SHA-256 | b966ec4b297ac556e11aa1acbd8b25b092385a2aa517c52977bb4f02b7484849
netscript-1.7.0.tgz
Posted Feb 27, 2002
Authored by vade79, realhalo | Site realhalo.org

Netscript is a portable and lightweight tcp socket scripting tool. It is intended to allow anyone to script situations based on a word-to-word ruleset response system. Includes wildcard support, character replacement, random replacement, argument inclusion, server timeout, initial send, display altering, multiple character dump formats, telnet protocol support, logging, program to socket dumping, executable ruleset support and reverse binding among other things.

Changes: A (modified) cygwin/windows binary based on the netscript.c source was added. The syslog priority level was changed to better suit some situations and local display of error/statistical messages was changed to use less space. A bug with the -M option (that forced the -R option) and misplacing of a #ifdef were fixed.
tags | tcp, protocol
systems | unix
SHA-256 | b5aacf67e2cc669521c50f42bfbef95f6b53a01cb43f9821666edea091b088aa
netscript-1.6.8.tgz
Posted Jan 3, 2002
Authored by vade79, realhalo | Site realhalo.org

Netscript is a portable and lightweight tcp socket scripting tool. It is intended to allow anyone to script situations based on a word-to-word ruleset response system. Includes wildcard support, character replacement, random replacement, argument inclusion, server timeout, initial send, display altering, multiple character dump formats, telnet protocol support, logging, program to socket dumping, executable ruleset support and reverse binding among other things.

Changes: Routing support (-R, -k, -j, and -J options), a new $\ variable to send data directly to the route socket, a $" variable to only send data after an alloted amount of time, a -Q option to define socket options, a --interactive command line option to allow interactive use of netscript, reading of ~/.nsrc to to precurse any other interactive commands, a --list command line option to quickly list and execute rulesets, a $NS_PATH environmental variable to assist the --list option, a new manual page, MD5SUM validity check file, and some new/modified rulesets.
tags | tcp, protocol
systems | unix
SHA-256 | 45425b31c5653367a2be481e0a94b8c8246a0daa793a65aa948c6610cf1e0058
netscript-1.6.7.tgz
Posted Jan 1, 2002
Authored by vade79 | Site realhalo.org

Netscript is a portable and lightweight tcp socket scripting tool. It is intended to allow anyone to script situations based on a word-to-word ruleset response system. Includes wildcard support, character replacement, random replacement, argument inclusion, server timeout, initial send, display altering, multiple character dump formats, telnet protocol support, logging, program to socket dumping, executable ruleset support and reverse binding among other things.

Changes: This release adds -O to select an alternative shell to execute for third party programs, -o to omit socket reading of supplied character(s), -m to change the working directory, -M to change the root directory, and $' to change the current working directory via the ruleset. The standard reading of input has been changed to check for the tty name instead of the generic /dev/tty. All related third party executions have been modified to use $SHELL. A segmentation fault introduced in the previous version (-u with a user name that doesn't exist) has been fixed. This was not a security issue.
tags | tcp, protocol
systems | unix
SHA-256 | edf0b8bc95b90258a45286fbaed4493dcce1e54f04943f7e2c6d5056bc37137a
netscript-1.6.6.tgz
Posted Dec 14, 2001
Authored by vade79, realhalo | Site realhalo.org

Netscript is a portable and lightweight tcp socket scripting tool. It is intended to allow anyone to script situations based on a word-to-word ruleset response system. Includes wildcard support, character replacement, random replacement, argument inclusion, server timeout, initial send, display altering, multiple character dump formats, telnet protocol support, logging, program to socket dumping, executable ruleset support and reverse binding among other things.

Changes: This release adds -Z (system logging support) for when it is running at a syslog accessible level. -u has changed so that it will now apply the supplementary groups to the id change. Also, if no group id is specified, it will apply the group id of the user id. The ns_exit() module function has been changed to pass the type of exit.
tags | tcp, protocol
systems | unix
SHA-256 | 14b6ef214c3e8d6da1516db0ef399a645466b853e422b3ae13aaffafb7d93911
Page 1 of 4
Back1234Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close