Section: .. / 0710-exploits /
| /// File Name: |
kodak-exec.txt |
Description:
|
Kodak Image Viewer code execution exploit that takes advantage of the MS07-055 TIFF vulnerability. Spawns calc.exe.
| | Author: | Gil-Dong / Woo-Chi | | File Size: | 85696 | | Last Modified: | Oct 29 16:26:42 2007 |
| MD5 Checksum: | a47148e6cad48f39a925a5d6ebaf22f0 |
|
| /// File Name: |
dropteamz.zip |
Description:
|
Proof of concept exploit for Dropteam versions 1.3.3 and below which suffer from format string, buffer overflow, and various other vulnerabilities.
| | Author: | Luigi Auriemma | | Homepage: | http://aluigi.org/ | | Related File: | dropteamz.txt | | File Size: | 35619 | | Last Modified: | Oct 5 23:00:32 2007 |
| MD5 Checksum: | 1990ec4d051b68be23cd61234ffe1bb7 |
|
| /// File Name: |
sphpblog051-multi.txt |
Description:
|
Simple PHP Blog versions 0.5.1 and below suffer from multiple vulnerabilities including cross site scripting, local file inclusion, and code execution flaws.
| | Author: | DarkFig | | File Size: | 26083 | | Last Modified: | Oct 22 18:23:37 2007 |
| MD5 Checksum: | 2a37aefcf9e7dcf6e6c20a3b4b70eb08 |
|
| /// File Name: |
hoagie_hlserver.c |
Description:
|
Half-Life Server versions 3.1.1.0 remote buffer overflow exploit that binds a TCP shell to port 30464.
| | Author: | KnbykL, Luigi Auriemma | | File Size: | 11730 | | Last Modified: | Oct 16 18:39:28 2007 |
| MD5 Checksum: | 3da1f44e9fbb65231f8d2c028bd98c5c |
|
| /// File Name: |
hoagie_subversion.c |
Description:
|
Subversion 0.3.7/1.0.0 two-stage remote buffer overflow exploit.
| | Author: | KnbykL, greuff | | File Size: | 11162 | | Last Modified: | Oct 16 18:37:24 2007 |
| MD5 Checksum: | d9c26f8466ae5c7c6dd38706b87bd055 |
|
| /// File Name: |
smf-blind.txt |
Description:
|
Simple Machines Forum aka SMF version 1.1.3 blind SQL injection exploit.
| | Author: | Michael Brooks | | File Size: | 11038 | | Last Modified: | Oct 22 22:40:20 2007 |
| MD5 Checksum: | dbf1801413aed2b58e04f05f6a61a52f |
|
| /// File Name: |
smf-sql.txt |
Description:
|
Simple Machines Forum versions 1.1.3 remote blind SQL injection exploit.
| | Author: | Michael Brooks | | File Size: | 10532 | | Last Modified: | Oct 22 18:17:01 2007 |
| MD5 Checksum: | cc9a352d42a340dcf854ec6ec4565e29 |
|
| /// File Name: |
phpstats-multi.txt |
Description:
|
PHP-Stats version 0.1.9.2 proof of concept exploit that demonstrates blind SQL injection and remote code execution vulnerabilities.
| | Author: | EgiX | | File Size: | 10463 | | Last Modified: | Oct 10 23:41:51 2007 |
| MD5 Checksum: | cb061fa44d25c648a7024caffa6f880e |
|
| /// File Name: |
lfscbof.zip |
Description:
|
Proof of concept exploit that demonstrates a buffer overflow in Live For Speed versions 0.5X10 and below.
| | Author: | Luigi Auriemma | | Homepage: | http://aluigi.org/ | | Related File: | lfscbof.txt | | File Size: | 8230 | | Last Modified: | Oct 15 19:06:23 2007 |
| MD5 Checksum: | 8426136d602a94b239c34325809f88bb |
|
| /// File Name: |
aaboompb.zip |
Description:
|
Proof of concept exploit for America's Army and America's Army Special Forces versions 2.8.2 and below which suffer from an unexploitable buffer overflow.
| | Author: | Luigi Auriemma | | Homepage: | http://aluigi.org/ | | Related File: | aaboompb.txt | | File Size: | 8207 | | Last Modified: | Oct 2 00:50:02 2007 |
| MD5 Checksum: | 0b76342adcc10e42df1c216812410135 |
|
| /// File Name: |
d3engfspb.zip |
Description:
|
Proof of concept exploit for the Doom 3 engine which suffers from a format string vulnerability. Doom 3 versions 1.3.1 and below, Quake 4 versions 1.4.2 and below, and Prey versions 1.3 and below are affected.
| | Author: | Luigi Auriemma | | Homepage: | http://aluigi.org/ | | Related File: | d3engfspb.txt | | File Size: | 7935 | | Last Modified: | Oct 2 00:37:08 2007 |
| MD5 Checksum: | 0298bcd939456dd9d796a208bd8e253a |
|
| /// File Name: |
fearfspb.zip |
Description:
|
Proof of concept exploit for F.E.A.R. versions 1.08 and below which suffer from a format string vulnerability.
| | Author: | Luigi Auriemma | | Homepage: | http://aluigi.org/ | | Related File: | fearfspb.txt | | File Size: | 7870 | | Last Modified: | Oct 2 00:52:37 2007 |
| MD5 Checksum: | 110ac975f68881fb84446b2136f8c9d0 |
|
| /// File Name: |
extremail-v6.c |
Description:
|
eXtremail versions 2.1.1 and below remote stack overflow exploit that makes use of PLAIN authentication.
| | Author: | mu-b | | File Size: | 7122 | | Last Modified: | Oct 15 17:42:32 2007 |
| MD5 Checksum: | cc854243111f96a0ef533ea9e4e2bd39 |
|
| /// File Name: |
litespeed-disclose.txt |
Description:
|
LiteSpeed web server versions 3.2.3 and below suffers from a remote source code disclosure vulnerability.
| | Author: | Tr3mbl3r | | Homepage: | http://thedefaced.org/ | | File Size: | 6815 | | Last Modified: | Oct 22 18:28:08 2007 |
| MD5 Checksum: | 9047c038f2ec2728665d663e6540ae02 |
|
| /// File Name: |
phone-sqlxss.txt |
Description:
|
A SQL injection vulnerability exist in asterisk-addons and cross site scripting vulnerabilities exist in the web applications of Areski, FreePBX, and Trixbox. Proof of concept exploit included.
| | Author: | Humberto J. Abdelnur, Olivier Festor, Radu State | | File Size: | 6813 | | Last Modified: | Oct 22 22:32:51 2007 |
| MD5 Checksum: | 9db2d65d58d26ed42170e08b50ec0eff |
|
| /// File Name: |
russian-multi.txt |
Description:
|
Multiple vulnerabilities from Russian blogs have been aggregated. These findings discuss vulnerabilities in PHP versions 4 and 5, WordPress MultiUser version 1.0, ActiveKB version 1.5, Joomla! versions 1.0.13 and below, ActiveKB NX version 2.5.4, UMI CMS, Nucleus, Stride CMS versions 1.0, and more. Exploitation details provided.
| | Homepage: | http://securityvulns.ru/ | | File Size: | 6372 | | Last Modified: | Oct 10 23:58:54 2007 |
| MD5 Checksum: | 4b87050e30aa5d9af249766005c08d38 |
|
| /// File Name: |
smbftpd.c |
Description:
|
smbftpd version 0.96 SMBDirList-function remote format string exploit that binds a TCP shell to port 4444.
| | Author: | Jerry Illikainen | | File Size: | 6368 | | Last Modified: | Oct 2 00:26:34 2007 |
| MD5 Checksum: | 806db04e3b79a531c1e5964b540c76f0 |
|
| /// File Name: |
itiff_exploit.cpp |
Description:
|
Exploit for the iTouch/iPhone libtiff vulnerability. This will work on iTouch/iPhone firmware 1.0.2 and 1.1.1.
| | Author: | Niacin, Dre | | Homepage: | http://toc2rta.com/ | | File Size: | 6264 | | Last Modified: | Oct 22 23:51:50 2007 |
| MD5 Checksum: | 6c50731a128529ada8db78d6977be85a |
|
| /// File Name: |
vanilla-sql.txt |
Description:
|
Vanilla versions 1.1.3 and below remote blind SQL injection exploit.
| | Author: | InATeam | | Homepage: | http://inattack.ru/ | | File Size: | 6122 | | Last Modified: | Oct 22 18:18:23 2007 |
| MD5 Checksum: | 7b0a1cead2cd49e9281e8323d8077ddd |
|
| /// File Name: |
kwsphpnews-sql.txt |
Description:
|
KwsPHP version 1.0 remote SQL injection exploit that takes advantage of the Newsletter module.
| | Author: | S4mi | | File Size: | 5872 | | Last Modified: | Oct 12 00:28:15 2007 |
| MD5 Checksum: | e01bb32974a22c0a8d71a6860fedc5c6 |
|
| /// File Name: |
extremail-v4.c |
Description:
|
eXtremail versions 2.1.1 and below remote root exploit that makes use of LOGIN.
| | Author: | mu-b | | File Size: | 5635 | | Last Modified: | Oct 15 17:41:42 2007 |
| MD5 Checksum: | 9353662cab12d0536533faa939f7f5e6 |
|
| /// File Name: |
elseif-rfi.txt |
Description:
|
Else If version Beta 0.6 suffers from multiple remote file inclusion vulnerabilities.
| | Author: | HACKERS PAL | | Homepage: | http://www.soqor.net/ | | File Size: | 5363 | | Last Modified: | Oct 8 19:36:31 2007 |
| MD5 Checksum: | ef7eb303e64e0276c078370b914b464f |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
