Linux v2.6.10 and below kernel exploit which allows non-privileged users to read kernel memory.
64668cf27bf96d59d1d1f9aeceaa70ae1834d86bc88475e6ae009a8b38a70a8b
Aanval is a web based Snort intrusion detection console. Currently supporting Snort and syslog, Aanval provides dynamic monitoring, comprehensive reporting and powerful alerting capabilities. Several primary features are account hierarchy, data-archiving, real-time data displays, auto signature updating, sensor management tools, easy upgrading, advanced searching, artificial intelligence, timezone control, charts/graphs, query saving and more.
3c0a3023b264dbaaa65785291bca02ad2f778cb607ecb3bc916125dc2fd7271d
vBulletin v3.0 through 3.0.4 remote command execution exploit, written in PHP. Takes advantage of a bug in forumdisplay.php.
9298c75854aa587dfdd3e80741730d6f2b862b5d96bfb83aeddbe88066b7cad1
vBulletin v3.0.4 remote command execution exploit. Takes advantage of a bug in forumdisplay.php.
d4524c7e2e8566f6e4f5d23e18d2fb7a5b4bedeac23a5e39c07cff16fff4f799
Findjmp2.c is a tool which scans for call/jmp/pushret offsets, and logs to a file. This is a modified version of the Eeye tool Findjmp.
ded944f6f1617a78aca173788e57b43956af8818eef58eb78f07ee8c81cc8bae
Xprobe2 0.2.2 is a remote active OS fingerprinting tool which uses advanced techniques such as fuzzy logic.
bfe28acfadb1c41490347ff80010ed5272e944a5815887a49a8c7804009fd2f5
SNMP reflection DoS which sends spoofed UDP packet and requests a GetBulk at the expense of the targets IP.
da431f1771160b6b7ea712d672341bcce46035b7b7563183e8bfec8ff4cf662b
SInAR Solaris rootkit v0.2. Invisible kernel based rootkit for Solaris 8, 9, and 10.
8e59094c902a8a45f4cd71d579415c5f32b38e1e7a5960171b90f5a1b7db3da6
The ArGoSoft Mail Server 1.8.x contains three vulnerabilities which allow malicious people to cause a DoS, disclose sensitive information, and create arbitrary directories on a vulnerable system.
c8abedf9720b940afbc695aee2fc49b3df7592e49541a0d51bf51af49e759140
This script is an XSS attack controller which allows an attacker to force a victim to read pages off a XSS vulnerable server and relay contents back to this controller. This process also provides client with new script commands.
0b27ece0f83b8dea923f98d2bfd7fbb0b2ab348556d89d44948eac0530dfa175
Advanced Cross-Site-Scripting with Real-time Remote Attacker Control - Some people think XSS attacks are no big deal, but I plan to change that perception with the release of this paper and an accompanying tool called XSS-Proxy which allows XSS attacks to be fully controlled by a remote attacker. This paper describes current XSS attacks and introduces new methods/tool for making XSS attacks interactive, bi-directional, persistent and much more evil. This is not a detailed XSS HowTo, but an explanation of methods for taking XSS attacks much further. Attackers can access sites as the victim or forward specific blind requests to other servers.
8f3f833faade0f8c6add6576e39ff2be36df99d31657b8eb6613799fa7945aa6
F-Secure Antivirus Scanner multiple products vulnerability - A buffer overflow in the processing of ARJ archives allows remote code execution on multiple F-Secure products with no authentication required. Affected software includes F-Secure Anti-Virus 2004, F-Secure Anti-Virus 2005, F-Secure Anti-Virus 5.x, F-Secure Anti-Virus Client Security 5.x, F-Secure Anti-Virus for Firewalls 6.x, F-Secure Anti-Virus for Linux 4.x, F-Secure Anti-Virus for Microsoft Exchange 6.x, F-Secure Anti-Virus for MIMEsweeper 5.x, F-Secure Anti-Virus for Samba Servers 4.x, F-Secure Anti-Virus for Workstations 5.x, F-Secure Internet Gatekeeper 6.x, F-Secure Internet Gatekeeper for Linux 2.x, F-Secure Internet Security 2004, and F-Secure Internet Security 2005. See also here.
a5bce77f36680f7f5d0a72394b009ba5dadc6be110f0240e4a7d97305fddb0af
The CA BrightStor ArcServe Discovery Service overflow exploit takes advantage of a vulnerability in the CA BrightStor Discovery Service which occurs when a large request is sent to UDP port 41524, triggering a stack overflow.
7d0b4a2e24e12ce44e33a8962a865ecfdab582d552df7e09621a2b9dfe423cca
CA BrightStor Discovery Service SERVICEPC Overflow for Win32, win2000, winxp, and win2003 which exploits a vulnerability in the TCP listener on port 45123. Affects all known versions of the BrightStor product. More information available here.
06aea5c93f017821b6f5bb745269cc286814e9aac984c4e232a1da82215c07b2
The CA BrightStor Discovery Service overflow exploit is a perl module exploits a vulnerability in the CA BrightStor Discovery Service which occurs when a large request is sent to UDP port 41524, triggering a stack overflow. Targets include Win32, win2000, winxp, and win2003. More information available here.
6ebf5e3c394cc6d934ad22365dc61149ffa66fc65a6227931ed9237c32d8be19
Brute Blocker is a python script which block brute force login attempts detected via swatch by editing hosts.deny. In Spanish.
26ac288a83b20f78956929d64779087d72974229bc2cabc3867c02d9aa5be128
THC Keyfinder analyses files for public/private keys and encrypted or compressed data. It identifies such areas by measuring the entropy, arithmetical mean and counter checking, and dumps the encrypted/compressed file sections.
35a9a7d340627b6885d74cb98d01849cc87a8deda546b6155dd85efc2df56ee5
Libnids is a library that provides a functionality of one of NIDS (Network Intrusion Detection System) components, namely E-component. It means that libnids code watches all local network traffic, cooks received datagrams a bit, and provides convenient information on them to analyzing modules of NIDS. So, if you intend to develop a custom NIDS, you do not have to build low-level network code. If you decide to use libnids, and you have got E-component ready - you can focus on implementing other parts of NIDS.
c5a7553f64bed2384ecc9535e67cf7d80ccf7f7f34ab8b132703b60d0eaec604
Exim <= 4.4.3 exploit for the SPA authentication vulnerability. Takes advantage of the spa_base64_to_bits() call.
d290358d63001c6fed4824d7d8bda0f645b150ab15fca97112a1d0cd421de646
Mercuryboard <= 1.1.1 remote sql injection exploit.
1a5ee612aa7218d1e301bf5ac4bc98b6cb169d340b1b5bfa8dd94a59aa7833ca
MyPHPForum v1.0 remote sql injection exploit. Shows administrators name and password. MyPHP Forum is available here.
6cd1c3d8353e7558ac8dd9f5b96f18be76d6c86edacd05ecc29d53784a443ad6
CMS Core remote SQL injection exploit. CMS Core is available here.
d352c17e29e51f28fab9caf8dc1125f5aa0c16058c15c070d22256ed0186d71a
Chipmunk Forum remote SQL injection exploit. Chipmunk forum is available here.
79b0a3c4fc4f911965e6c040f69341a77bb31810050eb6aec57eade7e3c99981
PHP-Nuke v7.4 remote exploit which allows you to create new admin with relative passwd that you specify on the command line. Allows you to take administrative control of the webPortal. See here for more information.
d4519b08516e4a2b394f9870d72fa7a2e76009da122c00757f5e8ba8dabc2814
Postnuke Postwrap remote command execution exploit. Includes information on finding vulnerable systems with google.
7485adac9a7f99f5fec2d43521344bc6ce806e1156b799b3e86948debe621742