1603 matches found
Messenger/hotmail MITM exploit
hello, this a little sploit i wrote for Linux to test a man in the middle attack against Messenger/Hotmail. A kind of swiss army knife that: / use the messenger scrambler bug to get passwords hashes / spoof hotmail site to retrieve plaintext passwords since protocol is not enciphered when users...
LPRng 3.6.24-1 - Remote Command Execution
LPRng 3.6.24-1 - Remote Command Execution / REMOTE ROOT EXPLOIT for linux x86 - LPRng-3.6.24-1 RedHat 7.0 The RedHat 7.0 replaced the BSD lpr with the LPRng package which is vulnerable to format string attacks because it passes information to the syslog incorrectly. You can get remote root access...
LPRng 3.6.24-1 - Remote Command Execution
/ REMOTE ROOT EXPLOIT for linux x86 - LPRng-3.6.24-1 RedHat 7.0 The RedHat 7.0 replaced the BSD lpr with the LPRng package which is vulnerable to format string attacks because it passes information to the syslog incorrectly. You can get remote root access on machines running RedHat 7.0 with lpd...
Solaris locale Format Strings (noexec stack) Exploit
Exploit for solaris platform in category local exploits ==================================================== Solaris locale Format Strings noexec stack Exploit ==================================================== / exploit for locale subsystem format strings bug In Solaris with noexec stack. Test...
Solaris 2.67.0 - locale Format Strings noexec stack Overflow
Solaris 2.67.0 - locale Format Strings noexec stack Overflow / exploit for locale subsystem format strings bug In Solaris with noexec stack. Tested in Solaris 2.6/7.0 If it wont work, try adjust retloc offset. e.g. ./ex -o -4 $gcc -o ex ex.c ldd /usr/bin/passwd|sed -e...
Solaris 2.6/7.0 - 'locale' Format Strings noexec stack Overflow
/ exploit for locale subsystem format strings bug In Solaris with noexec stack. Tested in Solaris 2.6/7.0 If it wont work, try adjust retloc offset. e.g. ./ex -o -4 $gcc -o ex ex.c ldd /usr/bin/passwd|sed -e 's/^.lib\0-9a-zA-Z\.so./-l\1/' usages: ./ex -h Thanks for Ivan Arce who found this bug...
dump 0.4b15 exploit (Redhat 6.2)
Exploit for linux platform in category local exploits ================================ dump 0.4b15 exploit Redhat 6.2 ================================ / dump-0.4b15x.c dump-0.4b15 exploit: Redhat 6.2 dump command executes external program with suid priviledge. affected: /sbin/dump /sbin/dump.stat...
News Update 1.1 Change Admin Password
Exploit for cgi platform in category web applications ===================================== News Update 1.1 Change Admin Password ===================================== / newsexp.c - description ------------------- begin : Sat Oct 21 2000 For more information see my advisory which should be in thi...
News Update 1.1 - Change Admin Password
News Update 1.1 - Change Admin Password / newsexp.c - description ------------------- begin : Sat Oct 21 2000 copyright : C 2000 by Morpheusbd email : [email protected] advisory : www.brightdarkness.de Exploit code for the News Update 1.1 by Morpheusbd For more information see my advisory which...
News Update 1.1 - Change Admin Password
/ newsexp.c - description ------------------- begin : Sat Oct 21 2000 copyright : C 2000 by Morpheusbd email : [email protected] advisory : www.brightdarkness.de Exploit code for the News Update 1.1 by Morpheusbd For more information see my advisory which should be in this .tar.gz package...
labs51.txt
Hash: SHA1 Remote DoS Attack in Pragma TelnetServer 2000 Remote Execute Daemon Vulnerability USSR Advisory Code: USSR-2000051 Release Date: August 24, 2000 Systems Affected: Pragma TelnetServer 2000 for Windows NT/2000 THE PROBLEM: The Ussr Labs team has recently discovered a buffer overflow memo...
Blackboard Courseinfo v4.0 User Authentication
Apparently Courseinfo or at least the implementation I was playing with has no user authentication, meaning that anyone can force feed their own form values and Perl with merrily modify the database. So for instance running: all form input is in caps for readability...
Remote DoS Attack in WircSrv Irc Server v5.07s Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Remote DoS Attack in WircSrv Irc Server v5.07s Vulnerability "THE KING IS THE NEXT RELEASE" USSR Advisory Code: USSR-2000049 Release Date: July 10, 2000 Systems Affected: WircSrv Irc Server v5.07s THE PROBLEM The Ussr Labs team has recently discovered...
Remote DoS Attack in LocalWEB HTTP Server 1.2.0 Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Remote DoS Attack in LocalWEB HTTP Server 1.2.0 Vulnerability "THE KING IS COMING" USSR Advisory Code: USSR-2000048 Release Date: July 4, 2000 Systems Affected: LocalWEB HTTP Server 1.2.0 THE PROBLEM The Ussr Labs team has recently discovered a buffer...
Linux news 5.07.00
Ядро 2.2.17pre10 В очередной pre версии стабильного ядра 2.2.17 Alan Cox добавил следующие патчи: обновлены драйвера, исправлена ошибка с eepro и cs46xx, обновлена документация. Подробнее: ftp://ftp.kernel.org/pub/linux/kernel/people/alan/2.2.17pre/ Progress Software создает подразделение по...
Check Point Software Firewall-1 3.0/1.4.0/1.4.1 - Spoofed Source Denial of Service
// source: https://www.securityfocus.com/bid/1419/info If Checkpoint Firewall-1 receives a number of spoofed UDP packets with Source IP = Destination IP, the firewall and likely the machine hosting it crashes. NOTE: This vulnerability while being posted to Bugtraq is currently being denied as a...
fbi-aim-dos.txt
FROM THE OFFICES OF: | | | \ | | | | | | | | | |/ / | | | | | | | | / \ / | / | '| | || ' | / \ | | |/ |/ \ ' \ / / \ | || | | |/ / | | | | || | | | || / | | | | | / | | | | / | / // ,|| /| ||\||||, ||| ||\| / | |/ AOL Instant Messenger DoS Denial of Service exploit. Website:...
Multiples Remotes DoS Attacks in Dragon Server v1.00 and v2.00 Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Multiples Remotes DoS Attacks in Dragon Server v1.00 and v2.00 Vulnerability USSR Advisory Code: USSR-2000046 Release Date: June 16, 2000 Systems Affected: Dragon Server v2.00 Dragon Server v1.00 THE PROBLEM The Ussr Labs team has recently discovered ...
Remote DoS attack in Networks Associates PGP Certificate Server Version 2.5 Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Remote DoS attack in Networks Associates PGP Certificate Server Version 2.5 Vulnerability USSR Advisory Code: USSR-2000044 Release Date: June 13, 2000 Systems Affected: PGP Certificate Server Version 2.5.0 Solaris/Windows PGP Certificate Server Versio...
spad01.txt
Security Point [email protected] www.secpoint.com/advis.html Advisory 001 Title: Java Internet Shop Vulnerability Date: 31-05-00 Copyright c 2000 SECURITY POINT Contents: ========= I Disclaimer II Introduction III Description IV Fix V Contact VI Vulnerable sites VII Job Offers VIII Greetings I -...