Showing 1 - 9 of 9

Files from B-r00t

First Active	2003-06-25
Last Active	2004-07-25

applePanther.txt: Posted Jul 25, 2004; Authored by B-r00t; Apple OSX Panther 10.3.4 with Internet Connect version 1.3 by default appends to ppp.log in /tmp if the file already exists. If a symbolic link is made to any file on the system, it automatically writes to it as root allowing for an easy local compromise. Detailed exploitation given.; tags | exploit, local, root; systems | apple; SHA-256 | 2f6db0577a7345df30a3467027308f9c9fa6a73932cae530a5da70cd8726be82; Download | Favorite | View

4DWS_ftp.c: Posted Sep 13, 2003; Authored by B-r00t | Site doris.scriptkiddie.net; 4D WebSTAR FTP server suite version 5.3.1 remote exploit that binds a shell to port 6969 as the uid running the server. This exploit makes use of the pre-authentication buffer overflow that exists in the login mechanism of the WebSTAR FTP service.; tags | exploit, remote, overflow, shell; SHA-256 | 01bd8e388df9d06a72dc6ebd9d02e2c90f9818694359d81010f1bde7d75c1d8e; Download | Favorite | View

PPC_OSX_Shellcode_Assembly.pdf: Posted Sep 10, 2003; Authored by B-r00t; White paper discussing OS X (Darwin) shellcode assembly on the PowerPC 32bit architecture. It covers design considerations, system calls, eliminating NULL bytes, self modifying shellcode, and more.; tags | shellcode; systems | apple, osx; SHA-256 | 302b93e116bcad5ce5620bf7d78e7d092c3331db1765871a148a0c9761f6e8c4; Download | Favorite | View

as2hex.tgz: Posted Sep 10, 2003; Authored by B-r00t | Site doris.scriptkiddie.net; An easy PowerPC shellcode generation program to extract the hex shellcode from an ASM program that has been assembled but not linked. Tested on programs assembled using the GAS (GNU Assembler) on OSX 10.2.6.; tags | shellcode; systems | apple; SHA-256 | 18f5f5d7bee35e7ae86717c77d8e308f29d7009587d29023536db62ca57c3053; Download | Favorite | View

CLIVITT-2003-4-Citadel.txt: Posted Jul 17, 2003; Authored by Carl Livitt, B-r00t; Citadel/UX BBS versions 6.07 and below have faulty boundary checking that allows arbitrary code execution, poor random number seeding that allows predictable authentication tokens, and do not keep a user from filling up the harddrive when entering in data via the biography section.; tags | advisory, arbitrary, code execution; SHA-256 | 85126978760da416df1927103a59644cf4487bcea2d8fd64641318e7d07a0eb7; Download | Favorite | View

eXtreme.c: Posted Jul 7, 2003; Authored by B-r00t; Linux eXtremail versions 1.5-8 and below remote root exploit that makes use of a format string vulnerability in its logging mechanism.; tags | exploit, remote, root; systems | linux; SHA-256 | f73f3161c91641b7b5567b990f13c9d5b919ba33786bbedc6f63f3cc2fb52d54; Download | Favorite | View

eXtremail.txt: Posted Jul 7, 2003; Authored by B-r00t; Linux eXtremail versions 1.5-8 and below hold a format string vulnerability in its logging mechanism. Exploiting this can allow for arbitrary code execution or a denial of service on the server.; tags | advisory, denial of service, arbitrary, code execution; systems | linux; SHA-256 | 9f300aec91de3f79ec8ad7dea040e62aded97cd4340b3ea05a7067bc03e93163; Download | Favorite | View

essenexploit.c: Posted Jul 4, 2003; Authored by B-r00t; A buffer overflow exists in the Essentia Web Server for Linux due to bad boundary checking with long urls which are greater than 2000 bytes. Versions higher than 2.12 are vulnerable.; tags | exploit, web, overflow; systems | linux; SHA-256 | f55766bfff8269fac9c31113d14529568080f5e761e6c0b22990bb0daaf7d482; Download | Favorite | View

kerio563.txt: Posted Jun 25, 2003; Authored by B-r00t; Kerio Mail Server 5.6.3 remote buffer overflow exploit. Adds wide open root account to /etc/passwd. Written based upon the vulnerability discussed here.; tags | exploit, remote, overflow, root; SHA-256 | 9b6caaf215dc0b765ded6013c36c55a7897e80b242d716bc226a4ac4ccb0eef0; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days