exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 31 RSS Feed

Files Date: 2004-10-01 to 2004-10-02

libntlm-0.3.6.tar.gz
Posted Oct 1, 2004
Authored by Grant Edwards | Site josefsson.org

The NTLM library contains utilities for authenticating against Microsoft servers that require NTLM authentication. The goal of this project is to make libntlm easier to build (by using autoconf, automake, and libtool) for use by other projects.

tags | library
SHA-256 | dba0ab4262c050fef21f2fb24e0335922b43cd8ccae95af4c90e68ca9671da4c
radmind-1.3.2.tgz
Posted Oct 1, 2004
Site rsug.itd.umich.edu

radmind is a suite of Unix command-line tools and a server designed to remotely administer the file systems of multiple Unix machines. Radmind operates as a tripwire which is able to detect changes to any managed filesystem object, e.g. files, directories, links, etc. However, radmind goes further than just integrity checking: once a change is detected, radmind can optionally reverse the change.

Changes: Various bug fixes and some support added.
tags | tool, intrusion detection
systems | unix
SHA-256 | 3dc4b955b70065771e974b98c7b53e6f460c6a30da6332150d093c20fd188d13
pikt-1.17.0a.tar.gz
Posted Oct 1, 2004
Authored by Robert Osterlund | Site pikt.org

PIKT is a cross-platform, multi-functional toolkit for monitoring systems, reporting and fixing problems, security management, and updating system configurations. PIKT comprises an embedded scripting language with unique, labor-saving features. Binaries available here.

Changes: FAQ added. Various updates.
tags | tool
systems | unix
SHA-256 | ab1b8c5ba28302e661e78144048084216aa1c03f4449cd8288c22f1373684e3f
0409-exploits.tgz
Posted Oct 1, 2004
Authored by Todd J. | Site packetstormsecurity.com

Packet Storm new exploits for September, 2004.

tags | exploit
SHA-256 | 6487b533303aef310fb606cf4031233665038b0d3a39264f5bb3d1a10868e021
serendipityPoC.txt
Posted Oct 1, 2004
Authored by aCiDBiTS

Serendipity 0.7-beta1 and below proof of concept SQL injection exploit that dumps the administrator's username and md5 password hash.

tags | exploit, sql injection, proof of concept
SHA-256 | 0921a8c65327c27213316b4ea2d5b801a1e0596f4384dfe6d3868e19d39cc355
zinfexploit.c
Posted Oct 1, 2004
Authored by Delikon, Luigi Auriemma | Site delikon.de

Remote exploit for Zinf 2.2.1 on Win32 that downloads and executes a file.

tags | exploit, remote
systems | windows
SHA-256 | e80d2409b6e269d59edd99db2b19a5529b757d7eb1f822c75d015ee3aba48dbb
wordpress12.txt
Posted Oct 1, 2004
Authored by Thomas Waldegger

Wordpress 1.2 is susceptible to multiple cross site scripting flaws.

tags | advisory, xss
SHA-256 | 29068ffced3cce344bf52a9db7a5441b03c4b66d8113e65e06d9dc3a72361bd2
StoreCart.txt
Posted Oct 1, 2004

A vulnerability in the Yahoo! Store shopping cart allowed a remote user the ability to effectively alter the price of merchandise being placed into their shopping cart.

tags | advisory, remote
SHA-256 | f2e1a0d3cf0d91bfaaf5599d71edb2b9ea42b4e5b00cdc9318303d2fd50f1cdb
Fwknop Port Knocking Utility
Posted Oct 1, 2004
Authored by Michael Rash | Site cipherdyne.org

fwknop is a flexible port knocking implementation that is based around iptables. Both shared knock sequences and encrypted knock sequences are supported. In addition, fwknop makes use of passive OS fingerprinting signatures derived from p0f to ensure the OS that initiates a knock sequence conforms to a specific type. This makes it possible to allow, say, only Linux systems to connect to your SSH daemon. Both the knock sequences and OS fingerprinting are completely implemented around iptables log messages, and so a separate packet capture library is not required.

Changes: Added init script for Fedora systems. Added --Kill, --Restart, and --Status modes.
tags | tool, scanner
systems | linux, unix
SHA-256 | c681d25dce87be973e406ee80cb7b3097d0c2e03aca5aad2cb09d4cee152e17e
hotspotter-0.4.tar.gz
Posted Oct 1, 2004
Authored by Max Moser, Joshua Wright | Site remote-exploit.org

Hotspotter is a utility that passively monitors the network for probe request frames to identify the preferred networks of Windows XP clients, and will compare it to a supplied list of common hotspot network names. If the probed network name matches a common hotspot name, Hotspotter will act as an access point to allow the client to authenticate and associate. Once associated, Hotspotter can be configured to run a command, possibly a script to kick off a DHCP daemon and other scanning against the new victim.

Changes: New, pre accesspoint mode scripting and bug fix.
tags | tool, wireless
systems | windows
SHA-256 | 575cd3fb0edc9d59df108628351b17282b025240555382eb2e1631f856179f28
kripp-0.6.1.tar.gz
Posted Oct 1, 2004
Authored by Konstantin Klyagin | Site konst.org.ua

KRIPP is a simple and light-weight network passwords sniffer written in Perl, which uses tcpdump to intercept traffic. Can sniff and display ICQ, FTP and POP3 passwords.

Changes: Updated to stay in compliance with tcpdump.
tags | tool, perl, sniffer
SHA-256 | d9109f90c943f3dad9cc4dd96265f52164a54bcf21fa430a94d5e2f3db63ad40
phpPOC.txt
Posted Oct 1, 2004
Authored by Stefano Di Paola | Site wisec.it

PHP proof of concept exploit that makes use of an arbitrary file upload flaw in PHP versions below 4.3.9 and 5.0.2.

tags | exploit, arbitrary, php, proof of concept, file upload
SHA-256 | afff49337f58bcf7a3d4d154ad71cfde47193d319ff6dbeccf14fc280a7b754b
mywebServer103.txt
Posted Oct 1, 2004
Authored by nekd0 | Site unl0ck.blackhatz.info

MyWebServer 1.0.3 is susceptible to a denial of service attack and allows for direct administrative access to ServerProperties.html.

tags | advisory, denial of service
SHA-256 | c1a29d572b7d810f3077bd0cb43619391c7505092854f3b61550660dbd8568cb
sshole-0.1.tar.bz2
Posted Oct 1, 2004
Authored by Konstantin Klyagin | Site thekonst.net

SSHole 0.1 is a small program that can be useful for debugging SSL-encrypted protocols. It listens on a specified port for an incoming connection and as the handshake takes place, everything is reported to STDOUT. As feature in Software2.0 magazine.

tags | encryption, protocol
SHA-256 | ce8752ff4702a28b402276e87d615905b5769b57e5de46e6540f1809e8336ecd
alexPHP.txt
Posted Oct 1, 2004
Authored by Nourredine Himeur aka LostNoobs

The Alex PHP Guestbook suffers from a remote file inclusion vulnerability due to a lack of proper sanitization in it's chem_absolu variable.

tags | exploit, remote, php, file inclusion
SHA-256 | 99e65dfa933d26cdf99b4df674488af11261d0abf78dfdf6ac5930a973b023c4
chatmanx.zip
Posted Oct 1, 2004
Authored by Luigi Auriemma | Site aluigi.altervista.org

Remote denial of service exploit that makes use of a memory allocation flaw in Chatman versions 1.5.1 RC1 and below.

tags | exploit, remote, denial of service
SHA-256 | cfaf60fa8cff9a5a747631a35a8687ea7a2434ead9a4965b316ba2d20bf6639d
chatman151.txt
Posted Oct 1, 2004
Authored by Luigi Auriemma | Site aluigi.altervista.org

Improper memory allocation in Chatman versions 1.5.1 RC1 and below leave it susceptible to a denial of service attack.

tags | advisory, denial of service
SHA-256 | 6cace12445dcff93c2b73587c5ab07e74fd98329b84515bd066931ce3e7d820a
iDEFENSE Security Advisory 2004-09-27.t
Posted Oct 1, 2004
Authored by iDefense Labs | Site idefense.com

iDEFENSE Security Advisory 09.27.04 - Local exploitation of an input validation vulnerability in the ctstrtcasd command included by default in multiple versions of AIX could allow for the corruption or creation of arbitrary files anywhere on the system.

tags | advisory, arbitrary, local
systems | aix
advisories | CVE-2004-0828
SHA-256 | fee3d29f21a547029e70177424770da665196dbf27df3efdd012aebd57841de4
dsa-554.txt
Posted Oct 1, 2004
Authored by Hugo Espuny | Site debian.org

Debian Security Advisory DSA 554-1 - When installing sasl-bin to use sasl in connection with sendmail, the sendmail configuration script uses fixed user/password information to initialize the sasl database. Any spammer with Debian systems knowledge could utilize such a sendmail installation to relay spam.

tags | advisory
systems | linux, debian
advisories | CVE-2004-0833
SHA-256 | 3434226d521f6542bdd262dca0bc0db12c1475f4f552dfe8420d26ff9b10e856
Clam AntiVirus Toolkit 0.80rc3
Posted Oct 1, 2004
Authored by Tomasz Kojm | Site clamav.net

Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.

Changes: Various fixes and updates.
tags | virus
systems | unix
SHA-256 | 6a3c05d3e268bbae535e27e35a87ce711939aac962010522ff86dc0648e29dbb
Secunia Security Advisory 12662
Posted Oct 1, 2004
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in PHP-Fusion that can be exploited by malicious users to conduct script insertion attacks.

tags | advisory, php
SHA-256 | 8dab39f558bde79f151463eea7a458be110021538fa468ed7adb6581e414a2cb
cutter-1.02.tgz
Posted Oct 1, 2004
Authored by Chris Lowth | Site lowth.com

Cutter allows network administrators to close TCP/IP connections running over a Linux/IPtables firewall. It closes the connection in such a way as to lead both ends (client and server) to believe that it was aborted by the other.

tags | tcp
systems | linux
SHA-256 | 8566d5bf88af2a628a3cb8616c27f14260b5456d6a66c865a820dc0fa549227c
Secunia Security Advisory 12661
Posted Oct 1, 2004
Authored by Secunia, Ziv Kamir | Site secunia.com

Secunia Security Advisory - A weakness has been reported in Intellipeer Email Server, which can be exploited by malicious people to determine valid usernames.

tags | advisory
SHA-256 | 6b1eed1a75a9bc5799bc53c05fdbe94b374c823f10ca42264b281dbb3c8dab1e
Secunia Security Advisory 12655
Posted Oct 1, 2004
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in HP StorageWorks Command View XP, which can be exploited by malicious, local users to bypass certain access restrictions.

tags | advisory, local
SHA-256 | fe024a7bbbdd385a5d0fda0102d2987bd903ea6330056b73a81447d9033feccc
Secunia Security Advisory 12649
Posted Oct 1, 2004
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Baal Smart Forms 3.x, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
SHA-256 | 6569047c8844836518894101b9b9ec8806d6ddc2eba884a67bcefba678f56b83
Page 1 of 2
Back12Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    25 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close