exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 25 RSS Feed

Files from c0ntex

Email addressc0ntexb at gmail.com
First Active2003-07-14
Last Active2012-08-01
eGlibc Signedness Code Execution
Posted Aug 1, 2012
Authored by c0ntex

A patch introduced a signedness bug causing any program compiled against the vulnerable version of eglibc and using optimized functions such as memcpy_ssse3 and memcpy-ssse3-back to be potentially vulnerable to unexpected code execution.

tags | exploit, code execution
advisories | CVE-2011-2702
SHA-256 | 25b911fe8b4f2b91e78c752029493fa3f38d85cdc1a956089b72d784bc277137
adobealbum-overflow.txt
Posted Apr 21, 2008
Authored by c0ntex | Site open-security.org

Adobe Photoshop Album Starter, Adobe After Effects CS3, and Adobe Photoshop CS3 all suffer from a local buffer overflow vulnerability. Included is an exploit for Album Starter version 3.2 on Microsoft Windows SP2 that launches calc.exe.

tags | exploit, overflow, local
systems | windows
SHA-256 | b9d39af85285018f275769b36f2ed7800d54726f4a9f858f9a4302a44dc409f9
iphone-dos.txt
Posted Jan 25, 2008
Authored by c0ntex | Site open-security.org

Apple iPhone version 1.1.2 remote denial of service exploit that makes use of Safari.

tags | exploit, remote, denial of service
systems | apple, iphone
SHA-256 | 17140e6c36e864614e1b0e826b1502ce79daef78f7a984b8311fb4fa3f9b5010
kadmind-overflow.txt
Posted Apr 11, 2007
Authored by c0ntex | Site open-security.org

Kerberos version 1.5.1 kadmind remote root buffer overflow exploit.

tags | exploit, remote, overflow, root
advisories | CVE-2007-0957
SHA-256 | e8db9a1943cc4ec249fdac17fbfedb8363cfeb66696583954fa18de60266c597
16.txt
Posted Apr 28, 2006
Authored by c0ntex | Site open-security.org

open security advisory #16 - Xine Media Player Format String Bug - There are 2 format string bugs in the latest version of Xine that could be exploited by a malicious person to execute code on the system of a remote user running the media player against a malicious playlist file. By passing a format specifier in the path of a file that is embedded in a remote playlist, it is possible to trigger this bug.

tags | advisory, remote
SHA-256 | d4f570c418c920fa2ace268f9e01803444655bf73c95bb1f9a806e7168cb8848
win-hlp.txt
Posted Apr 19, 2006
Authored by c0ntex | Site open-security.org

There is a heap based buffer overflow in the rendering engine of .hlp files in winhlp32.exe which will allow some attacker the possibility of modifying the internal structure of the process with a means to execute arbitrary and malicious code.

tags | advisory, overflow, arbitrary
SHA-256 | 261cc8c6cf2b5eda5136962d8d3719ae3cb6e8c675f3c02463a079710b8a439e
windowsHelp.txt
Posted Apr 1, 2006
Authored by c0ntex | Site open-security.org

There is a heap based buffer overflow in the rendering engine of .hlp files in winhlp32.exe which will allow some attacker the possibility of modifying the internal structure of the process with a means to execute arbitrary and malicious code.

tags | advisory, overflow, arbitrary
SHA-256 | c4259db39f4aff91e94ff092f7458b43487c81c6812534536180b76496dff498
appfluent.txt
Posted Dec 14, 2005
Authored by c0ntex | Site open-security.org

Appfluent Database IDS version 2.0 suffers from an environment variable overflow that can be manipulated using sudo as an attack vector. Exploit provided.

tags | exploit, overflow
SHA-256 | 27bbf57c930750edaa25ffa94bf598ee98a2503f8cb18f967e8422de7d3533a2
formatPaper.txt
Posted Nov 5, 2005
Authored by c0ntex | Site open-security.org

Whitepaper regarding further advances in the exploitation in format string bugs.

tags | paper
SHA-256 | 1438a410763bf9a8d5234436f27914d00ca889bb639fc9bd97d90bdeb6882436
OSG_Advisory_13.txt
Posted Sep 27, 2005
Authored by c0ntex | Site open-security.org

RealPlayer and Helix Player remote format string exploit. This flaw makes use of the .rp and .rt file formats. Code tested on Debian 3.1 against RealPlayer 10 Gold's latest version.

tags | exploit, remote
systems | linux, debian
SHA-256 | 6328db676f993820bc2666d3bb3ed814c0ad55dcc1af7e473c92f8ec2ae10ef6
lnx_binsh4.c
Posted Sep 7, 2005
Authored by c0ntex, BaCkSpAcE

23 byte linux/x86 /bin/sh sysenter opcode array payload.

tags | x86, shellcode
systems | linux
SHA-256 | c6fcfb33ec9f6fc7239338c5b769cff2c18bd07163945629fb794f7efd19c361
GOT_Hijack.txt
Posted Aug 28, 2005
Authored by c0ntex | Site open-security.org

This short paper discusses the method of overwriting a pointer used in a function for the sake of overwriting the associated entry in the Global Offset Table (GOT) which in turn allows for execution flow redirection.

tags | paper
SHA-256 | 033e7b997e6c0a12776532b8041054d9510d1006941fd5f1cd4d4aaf953be37c
elmexPoC.c
Posted Aug 24, 2005
Authored by c0ntex

Proof of concept exploit for Elm versions 2.5.8 and below that makes use of a buffer overflow during the parsing of the Expires field.

tags | exploit, overflow, proof of concept
SHA-256 | 7d429b07d470bef21a26afbf52a3adc8652582d94c91f0bcd8762925ec57fc01
lnx_binsh2.c
Posted Aug 24, 2005
Authored by c0ntex

45 Byte /bin/sh sysenter Opcode Array Payload.

tags | shellcode
SHA-256 | f97806cb20a9213227e7d015f8eaebd94a89db8e8add8024473fade051245bfd
lantronixRoot.txt
Posted Aug 6, 2005
Authored by c0ntex

Multiple Lantronix Secure Console Server local root exploits that make use of security issues allowing for unrestricted shell access.

tags | exploit, shell, local, root
SHA-256 | c0a5ce471897d527b519e28394d96c4425c7cba31436744d12e76f3ba35bd3c2
Return-to-libc.txt
Posted Jul 21, 2005
Authored by c0ntex

Cool whitepaper discussing the return into libc attacks used to bypass non-executable stacks.

tags | paper
SHA-256 | 1ba3c2707f91d623e72b2c5a1148eab35db801819661c3567ab2521765535e5f
siteminder55.txt
Posted Jul 9, 2005
Authored by c0ntex

eTrust's Siteminder version 5.5 is susceptible to a cross site scripting flaw.

tags | advisory, xss
SHA-256 | aa2c033eff8646b9cfc3037a593681e860f61083de6e1dc818765ffc9dc70e6c
eRoomVuln.txt
Posted Jul 7, 2005
Authored by c0ntex

Documentum eRoom 6.x suffers from problematic cookie handling and code execution vulnerabilities.

tags | exploit, vulnerability, code execution
SHA-256 | 0ecd59218425650299eb6433cd10686e0281e8c5eeacf121d26f18a5aeaec0ff
McAfeeIPS.txt
Posted Jul 7, 2005
Authored by c0ntex

The McAfee Intrushield IPS Management Console has been found susceptible to html and javascript injection, privilege escalation, and unauthenticated report deletion.

tags | exploit, javascript
SHA-256 | e44cf0de8c358ef924cc85051e0b96755dce09ff74b6909f706270ab2278f337
solsockjack.c
Posted Jul 7, 2005
Authored by c0ntex

Solaris has a bug in the use of SO_REUSEADDR in that the kernel favors any socket binding operation that is more specific than the general *.* wildcard bind(). Due to this, a malicious socket can bind to an already bound interface if a specific IP address is used. Exploit included.

tags | exploit, kernel
systems | solaris
SHA-256 | 9a57bfc1f13e75c3b857db7f9fa66b1d8bc8b6525ba1d8a4eed4fea59f468b53
Xines_Mine.c
Posted Aug 9, 2004
Authored by c0ntex | Site open-security.org

Xine v0.99.2 remote stack overflow exploit. A overflow in all versions of xine-lib allow the vcd:// input source to execute arbitrary code, even if the file is .mp3, .mpeg, .mpg or .avi media. Fix available (currently only in the cvs xine-lib) here.

tags | exploit, remote, overflow, arbitrary
SHA-256 | 32955c3e74badabf60efcd97d31761b9fa8bfd32d260deb331486ed610d1a87d
memplayer.c
Posted Jun 27, 2004
Authored by c0ntex

All versions of MPlayer, the movie player for Linux, are vulnerable to a buffer overflow attack that allows for privilege escalation. Local exploit included. Tested against Redhat Linux with Gnome, FreeBSD and latest cvsup plus ports with Gnome.

tags | exploit, overflow, local
systems | linux, redhat, freebsd
SHA-256 | 6850af71802ee705a1be21d2e279558327d7f8c14f4363ad429d736e33bfa329
lnx_reboot.c
Posted Apr 22, 2004
Authored by c0ntex

lnx_reboot version 2 - 59 Byte reboot Opcode array.

tags | shellcode
SHA-256 | e5dcf87114d61374126ac5f7b69c85049853adfc074046fc7cc91babdf726e56
oracle_ownage.c
Posted Oct 17, 2003
Authored by c0ntex

Local exploit for Oracle Release 2 Patch Set 3 Version 9.2.0.4.0 for Linux x86 that makes use of a buffer overflow to escalate user privileges via the oracle binary.

tags | exploit, overflow, x86, local
systems | linux
SHA-256 | 2c21dea3eb6b73fa7a98866ffe0291269326fe9469746e2067e9471a004ab542
exceed.c
Posted Jul 14, 2003
Authored by c0ntex

Hummingbird's Exceed X emulator mishandles fonts and is vulnerable to both remote and local denial of service attacks and may allow an attacker to remotely gain root privileges.

tags | exploit, remote, denial of service, local, root
SHA-256 | 4229f6700178e0c3f5a09ba9b35ac021fc622a1b8acd2e2bc7bda54b9d98eea6
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close