21 matches found
Mercur Messaging 2005 <= SP4 - IMAP Remote Exploit (egghunter mod)
No description provided by source. !/usr/bin/python Mercur Messaging 2005 SP3 IMAP service - Egghunter mod [email protected] http://www.offensive-security.com Original exploit by Winny Thomas Thanks Thomas, this code really came in handy ! VMWare seems to alter the stack a bit as the...
MS Windows Plug-and-Play (Umpnpmgr.dll) DoS Exploit (MS05-047) (2)
No description provided by source. // tested and approved /str0ke / Program: Denial of Service attack for MS UMPNPMGR PNPGetDeviceList Author: Winny Thomas Vulnerability: no length checking on passed parameter to PNPGetDeviceList in UMPNPMGR.dll Note: The code crashes services.exe on the target,...
Lotus Domino IMAP4 Server 6.5.4 Remote Buffer Overflow Exploit
No description provided by source. Lotus Domino IMAP4 Server Release 6.5.4 / Windows 2000 Advanced Server x86 Remote Exploit Vulnerable: IBM Lotus Domino = 7.0.2 && 6.5.5 FP2 tested 6.5.4 Authors: Dominic Chell [email protected] & prdelka Exploitation steps:...
McAfee Security Center IsOldAppInstalled - ActiveX Buffer Overflow
McAfee Security Center IsOldAppInstalled - ActiveX Buffer Overflow / McAfee Security Center IsOldAppInstalled ActiveX Buffer Overflow Vulnerability Peel the frame from axis,Thanks Test on Windows2000 and dll version Mcsubmgr.dll 6.0.0.15 Greetz to OYXin, sowhat, Winny Thomas and 0x557 team /...
Mercur Messaging 2005 <= SP4 IMAP Remote Exploit (egghunter mod)
Exploit for unknown platform in category remote exploits ================================================================ Mercur Messaging 2005 import os import sys import time import socket import struct Place our w00tw00t egghunter in nop heaven shellcode = "\x90" 92 shellcode...
Mercur Messaging 2005 <= SP4 IMAP Remote Exploit (egghunter mod)
No description provided by source. !/usr/bin/python Mercur Messaging 2005 SP3 IMAP service - Egghunter mod [email protected] http://www.offensive-security.com Original exploit by Winny Thomas Thanks Thomas, this code really came in handy ! VMWare seems to alter the stack a bit as the...
CA BrightStor ARCserve (lgserver.exe) Remote Stack Overflow Exploit
No description provided by source. !/usr/bin/python Remote exploit for the CA BrightStor Arcserve stack overflow as described in http://www.securityfocus.com/archive/1/458648/30/0/threaded Winny Thomas ;- Author shall bear no responsibility for any screw ups caused by using this code import os...
CA BrightStor ARCserve - lgserver.exe Remote Stack Overflow
CA BrightStor ARCserve - lgserver.exe Remote Stack Overflow !/usr/bin/python Remote exploit for the CA BrightStor Arcserve stack overflow as described in http://www.securityfocus.com/archive/1/458648/30/0/threaded Winny Thomas ;- Author shall bear no responsibility for any screw ups caused by usi...
CA BrightStor ARCserve (lgserver.exe) Remote Stack Overflow Exploit
Exploit for unknown platform in category remote exploits =================================================================== CA BrightStor ARCserve lgserver.exe Remote Stack Overflow Exploit =================================================================== !/usr/bin/python Remote exploit for th...
CA BrightStor ARCserve - 'lgserver.exe' Remote Stack Overflow
!/usr/bin/python Remote exploit for the CA BrightStor Arcserve stack overflow as described in http://www.securityfocus.com/archive/1/458648/30/0/threaded Winny Thomas ;- Author shall bear no responsibility for any screw ups caused by using this code import os import sys import socket import struc...
Apple Quicktime (rtsp URL Handler) Buffer Overflow Exploit (win2k)
No description provided by source. !/usr/bin/python Port bind exploit for apple quicktime rtsp vulnerability Tested on windows 2000 SP0 and SP4 with quicktime 7.1.3.100. Should be easy to port the exploit to others. All one needs to do is look for the appropriate...
Apple QuickTime (Windows 2000) - rtsp URL Handler Remote Buffer Overflow
Apple QuickTime Windows 2000 - rtsp URL Handler Remote Buffer Overflow !/usr/bin/python Port bind exploit for apple quicktime rtsp vulnerability Tested on windows 2000 SP0 and SP4 with quicktime 7.1.3.100. Should be easy to port the exploit to others. All one needs to do is look for the appropria...
Apple QuickTime (Windows 2000) - 'rtsp URL Handler' Remote Buffer Overflow
!/usr/bin/python Port bind exploit for apple quicktime rtsp vulnerability Tested on windows 2000 SP0 and SP4 with quicktime 7.1.3.100. Should be easy to port the exploit to others. All one needs to do is look for the appropriate jump address. Certain characters are not permitted in the shellcode...
MS Windows DNS Resolution Remote Denial of Service PoC (MS06-041)
Exploit for unknown platform in category dos / poc ================================================================= MS Windows DNS Resolution Remote Denial of Service PoC MS06-041 ================================================================= !/usr/bin/python POC for MS06-041 Run the python...
Microsoft Windows - DNS Resolution Remote Denial of Service (PoC) (MS06-041)
Microsoft Windows - DNS Resolution Remote Denial of Service PoC MS06-041 !/usr/bin/python POC for MS06-041 Run the python script passing the local ip address as parameter. The DNS server will start listening on this ip address for DNS hostname resolution queries. This script is for testing and...
Microsoft Windows - DNS Resolution Remote Denial of Service (PoC) (MS06-041)
!/usr/bin/python POC for MS06-041 Run the python script passing the local ip address as parameter. The DNS server will start listening on this ip address for DNS hostname resolution queries. This script is for testing and educational purpose and so to test this one will have to point the DNS...
MS Windows Metafile (mtNoObjects) Denial of Service Exploit (MS05-053)
No description provided by source. / Author: Winny Thomas Pune, INDIA The crafted metafile WMF from this code when viewed in explorer crashes it. The issue is seen when the field 'mtNoObjects' in the Metafile header is set to 0x0000. The code was tested on Windows 2000 server SP4. The issue does...
MS Windows Metafile (mtNoObjects) Denial of Service Exploit (MS05-053)
Exploit for unknown platform in category dos / poc ====================================================================== MS Windows Metafile mtNoObjects Denial of Service Exploit MS05-053 ====================================================================== / Author: Winny Thomas Pune, INDIA Th...
MS Windows 2k UPNP (getdevicelist) Memory Leak DoS Exploit
Exploit for unknown platform in category dos / poc ========================================================== MS Windows 2k UPNP getdevicelist Memory Leak DoS Exploit ========================================================== / Author: Winny Thomas Nevis Labs, Pune, INDIA Details: While working o...
Microsoft Windows Plug-and-Play - Umpnpmgr.dll Denial of Service (MS05-047) (2)
Microsoft Windows Plug-and-Play - Umpnpmgr.dll Denial of Service MS05-047 2 // tested and approved /str0ke / Program: Denial of Service attack for MS UMPNPMGR PNPGetDeviceList Author: Winny Thomas Vulnerability: no length checking on passed parameter to PNPGetDeviceList in UMPNPMGR.dll Note: The...