what you don't know can hurt you

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 76 - 100 of 104

Files Date: 2008-12-31 to 2008-12-31

OwenPoll 1.0 Insecure Cookie Handling

Posted Dec 31, 2008

Authored by Osirys | Site y-osirys.com

OwenPoll version 1.0 suffers from an insecure cookie handling vulnerability.

tags | exploit, insecure cookie handling

SHA-256 | 7380f94dafeda6542e11af3c1ece6602169f303b39ee1cfd8143dc0f5e464e0d

Download | Favorite | View

Microsoft Internet Explorer XML Parsing Exploit

Posted Dec 31, 2008

Authored by Jeremy Brown | Site jbrownsec.blogspot.com

Microsoft Internet Explorer XML parsing buffer overflow exploit. Written for IE7 on Vista SP1. Spawns a shell on port 30702.

tags | exploit, overflow, shell

SHA-256 | 39066f95525774536044be59fb4f5630b77288de364e8e771a2ad9b5795ae737

Download | Favorite | View

Mavi Emlak SQL Injection

Posted Dec 31, 2008

Authored by IRCRASH | Site ircrash.com

Mavi Emlak suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection

SHA-256 | 00a6a077263dfb7388481d776862adacddfb3045938319426a05215eaeca9875

Download | Favorite | View

Madrese-Portal SQL Injection

Posted Dec 31, 2008

Authored by IRCRASH | Site ircrash.com

Madrese-Portal suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection

SHA-256 | 445d42a4d24c4e25d6455f65b4b106308c1ee7bf3dd5036618d9d554790fde26

Download | Favorite | View

PHP-Fusion Mod TI Blog System SQL Injection

Posted Dec 31, 2008

Authored by IRCRASH | Site ircrash.com

PHP-Fusion Mod TI Blog System suffers from a remote SQL injection vulnerability.

tags | exploit, remote, php, sql injection

SHA-256 | a838673f5e19707f913f3738d15627196006d666cab9b8d8671b6963b90a243e

Download | Favorite | View

SonicBB 1.0 Multiple Cross Site Scripting Issues

Posted Dec 31, 2008

Authored by Xylitol | Site xylitol.free.fr

SonicBB versions 1.0 and below suffer from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss

SHA-256 | dbe512712b9f79b3575d1b97c9ed965d797ab52f957aac51bf8f5c4df69c3b0c

Download | Favorite | View

FreeBSD 6x/7 protosw Kernel Local Privilege Escalation Exploit

Posted Dec 31, 2008

Authored by Don "north" Bailey

FreeBSD 6x/7 protosw kernel local privilege escalation exploit. It does not spawn a new shell but gives your current shell euid=0.

tags | exploit, shell, kernel, local

systems | freebsd

SHA-256 | b8dab657d63737c87d99b627f3b16b1d15d8d609b6868bab906c23dd6abb4cdb

Download | Favorite | View

wtmpclean WTMP Record Modification Utility

Posted Dec 31, 2008

Authored by Davide Madrisan | Site davide.madrisan.googlepages.com

wtmpClean is a tool for Unix which clears a given user from the wtmp database.

Changes: Added username swapping functionality.

tags | tool, rootkit

systems | unix

SHA-256 | fda74d072613a262442900c528b80d31a6a07d31f9a3e533af5953fcabce95c8

Download | Favorite | View

strongSwan IPsec / IKEv1 / IKEv2 Implementation For Linux

Posted Dec 31, 2008

Authored by Andreas Steffen | Site strongswan.org

strongSwan is a complete IPsec and IKEv1 implementation for Linux 2.4 and 2.6 kernels. It interoperates with most other IPsec-based VPN products. It is a descendant of the discontinued FreeS/WAN project. The focus of the strongSwan project is on strong authentication mechanisms using X.509 public key certificates and optional secure storage of private keys on smartcards through a standardized PKCS#11 interface. A unique feature is the use of X.509 attribute certificates to implement advanced access control schemes based on group memberships.

Changes: Several performance improvements to handle thousands of tunnels with almost linear upscaling. Better parallelization to run charon on multiple cores. Various other improvements.

tags | kernel, encryption

systems | linux

SHA-256 | 92b957a69fecf7b5776a3da0954c2f0fed54299fc76712c9d79e0e50bc5f8b8d

Download | Favorite | View

tinc VPN Daemon For Tunneling

Posted Dec 31, 2008

Authored by Ivo Timmermans | Site tinc-vpn.org

tinc is a Virtual Private Network (VPN) daemon that uses tunneling and encryption to create a secure private network between multiple hosts on the Internet. This tunneling allows VPN sites to share information with each other over the Internet without exposing any information.

Changes: Fixed tinc as a service under Windows 2003. Fixed reading configuration files that do not end with a newline. Various other fixes and improvements.

tags | encryption

SHA-256 | 3159fb656b902e3320123f02f7c8c7e82a0503f7e490424bb94f86d328844593

Download | Favorite | View

OpenNHRP NBMA Next Hop Resolution 0.9

Posted Dec 31, 2008

Authored by Timo Teras | Site sourceforge.net

OpenNHRP implements the NBMA Next Hop Resolution Protocol (as defined in RFC 2332). It makes it possible to create a dynamic multipoint VPN Linux router using NHRP, GRE, and IPsec. It aims to be Cisco DMVPN compatible.

Changes: Uses monotonic system clock when available. Made NHRP holding time configurable. Various other improvements and updates.

tags | encryption, protocol

systems | cisco, linux

SHA-256 | 7eb80e46ff0e857343a96a526761347de81547e541c37683364969803ee906e2

Download | Favorite | View

BulletProof FTP Client 2.63 Heap Overflow

Posted Dec 31, 2008

Authored by His0k4

BulletProof FTP client version 2.63 local heap overflow proof of concept exploit.

tags | exploit, overflow, local, proof of concept

SHA-256 | 2dd301abf2a89f9c3c93a765655935690c75f10a13a7f15162b35bc47d948fc9

Download | Favorite | View

Joomla Low Cost Hotels Component SQL Injection Exploit

Posted Dec 31, 2008

Authored by Lovebug | Site rbt-4.net

Joomla Low Cost Hotels component remote SQL injection exploit.

tags | exploit, remote, sql injection

SHA-256 | cd1ae44dfd027f2df4634069c6fdfb3e5de5b061eaef8a65f0767a9cf23d6698

Download | Favorite | View

SSH Brute Forcing Utility

Posted Dec 31, 2008

Authored by Jeremy Brown | Site jbrownsec.blogspot.com

Simple SSH brute forcing utility. Written in Expect.

tags | cracker

SHA-256 | 03d481b8ffdc43333a1f7120ddebc8d3d17c19965174121aa69dd29b71ad2890

Download | Favorite | View

Microsoft Windows Media Player .WAV Integer Overflow

Posted Dec 31, 2008

Authored by laurent gaffie

Microsoft Windows Media Player .WAV file remote integer overflow exploit.

tags | exploit, remote, overflow

systems | windows

SHA-256 | 037f413b75594b96c7e16bd34a75b02b0cc4de146675b3f9a077e4a0dcce38a2

Download | Favorite | View

SAWStudio 3.9i Buffer Overflow Proof Of Concept

Posted Dec 31, 2008

Authored by Encrypt3d.M!nd

SAWStudio version 3.9i local buffer overflow proof of concept exploit.

tags | exploit, overflow, local, proof of concept

SHA-256 | 651da7008003fdca0ac6f51262ecb6e1954f322ffdc09b8137d343e6f74ebf5c

Download | Favorite | View

Joomla 5starhotels Component SQL Injection Exploit

Posted Dec 31, 2008

Authored by EcHoLL | Site warezturk.org

Joomla 5starhotels component remote SQL injection exploit.

tags | exploit, remote, sql injection

SHA-256 | 19c5199e97f31e68c25c9a2bbc2a551ea9435d8fda23288f55b40d007744b06d

Download | Favorite | View

Joomla mdigg Component 2.2.8 SQL Injection

Posted Dec 31, 2008

Authored by boom3rang | Site khq-crew.ws

The Joomla mdigg component version 2.2.8 suffers from a SQL injection vulnerability.

tags | exploit, sql injection

SHA-256 | 45abd6b3d7b0273bfec7328a61f6a23a1f3fc3c4487d2e3ef1c12f6f8e1e0193

Download | Favorite | View

Joomla Live Ticket Component 1.0 SQL Injection

Posted Dec 31, 2008

Authored by boom3rang | Site khq-crew.ws

The Joomla Live Ticket component version 1.0 suffers from a blind SQL injection vulnerability.

tags | exploit, sql injection

SHA-256 | 9bb1b361431b498bfe4b2accf324ee8c25e60697d230f95eeae5e6c1fa590219

Download | Favorite | View

Joomla Ice Gallery Component 0.5b2 Blind SQL Injection

Posted Dec 31, 2008

Authored by boom3rang | Site khq-crew.ws

The Joomla Ice Gallery component version 0.5b2 suffers from a blind SQL injection vulnerability.

tags | exploit, sql injection

SHA-256 | cd22bf0f58eb4686394b52436f1bff89b9521a0bda8992a443b317c3abab0bb7

Download | Favorite | View

Acoustica Mixcraft 4.2 Stack Overflow Exploit

Posted Dec 31, 2008

Authored by SkD

Acoustica Mixcraft versions 4.2 and below universal stack overflow exploit (SEH).

tags | exploit, overflow

SHA-256 | cfe12df23610202de0361cd1cbe90a38c6f39604bf558ca1b5e84abb9e6c232f

Download | Favorite | View

PHP GD Library Information Leak

Posted Dec 31, 2008

Authored by Hamid Ebadi | Site bugtraq.ir

The PHP GD library suffers from an imageRotate() function information leak vulnerability.

tags | advisory, php

advisories | CVE-2008-5498

SHA-256 | 63a4f23ebaa22d5f4bb47dced105c74b50d8a00ff26e6126ba04d1a32f614fea

Download | Favorite | View

eCL0WN ePassport Cloning Utility For Nokia NFC Phones

Posted Dec 31, 2008

Authored by Jeroen van Beek | Site dexlab.nl

eCL0WN is an ePassport utility for Nokia NFC phones that allows you to read and clone your ePassport's chip content.

tags | tool, wireless

SHA-256 | 33894979deb9298703638e7bf2898d5961c29dbf733494c93e9909c0aea7a832

Download | Favorite | View

PHP-Fusion 7.0.2 Blind SQL Injection Exploit

Posted Dec 31, 2008

Authored by StAkeR

PHP-Fusion versions 7.0.2 and below remote blind SQL injection exploit.

tags | exploit, remote, php, sql injection

SHA-256 | 31759185edb0dcf955c8787b7b4dee0e247b93bedb734f7da308f7eba56b1c30

Download | Favorite | View

ILIAS 3.7.4 Blind SQL Injection

Posted Dec 31, 2008

Authored by Lidloses_Auge

ILIAS versions 3.7.4 and below suffer from a blind SQL injection vulnerability.

tags | exploit, sql injection

SHA-256 | 9a6464349ddb57dfe3ef13ebb7d77108b0be57e40037223f3fe3912201706d91

Download | Favorite | View