⭐ 欢迎来到虫虫下载站! | 📦 资源下载 📁 资源专辑 ℹ️ 关于我们
⭐ 虫虫下载站
📤 上传资源

📄 indexdl.shtml

📁 一个FTP密码破解程序的源代码
💻 SHTML
📖 第 1 页 / 共 3 页
字号:
🔍
123 
<tr><td class=name bgcolor=#333366 align=left><a href=/"0107-exploits/cayman.txt">cayman.txt</a></td><td class=size bgcolor=#333366 align=center>344</td><td class=date bgcolor=#444477 align=center>Jul 12 00:36:59 2001</td><td class=name bgcolor=#444477 align=center>9cc90717d2cfb63a71c77417f014dbca</td></tr><tr><td class=desc colspan=4 bgcolor=#000033 align=left>Cayman routers allow remote access by using } as the username. By <a href="mailto:rhandorf@mail.russells-world.com">Russell Handorf</a></td></tr><tr><td class=name bgcolor=#333366 align=left><a href=/"0107-exploits/pileup-xpl.c">pileup-xpl.c</a></td><td class=size bgcolor=#333366 align=center>3489</td><td class=date bgcolor=#444477 align=center>Jul 29 04:07:36 2001</td><td class=name bgcolor=#444477 align=center>7db2fa47bb548a4281aad6708c157b54</td></tr><tr><td class=desc colspan=4 bgcolor=#000033 align=left>/usr/bin/pileup local root exploit. Tested against Debian 2.2. By Core</td></tr><tr><td class=name bgcolor=#333366 align=left><a href=/"0107-exploits/cfingerd-exploit.pl">cfingerd-exploit.pl</a></td><td class=size bgcolor=#333366 align=center>4227</td><td class=date bgcolor=#444477 align=center>Jul 12 00:07:46 2001</td><td class=name bgcolor=#444477 align=center>7deade15eef46381573d4b4220a005e0</td></tr><tr><td class=desc colspan=4 bgcolor=#000033 align=left>Cfingerd v1.4.3 and below local root buffer overflow exploit in perl. Exploits <a class=fd href="http://www.securityfocus.com/archive/1/192844"this</a> vulnerability. &nbsp;Homepage: <a href=http://www.digit-labs.org/teleh0r target=newbrowser>http://www.digit-labs.org/teleh0r.</a> By <a href="mailto:teleh0r@digit-labs.org">Telehor</a></td></tr><tr><td class=name bgcolor=#333366 align=left><a href=/"0107-exploits/libsldap-exp.c">libsldap-exp.c</a></td><td class=size bgcolor=#333366 align=center>2358</td><td class=date bgcolor=#444477 align=center>Jul 12 05:46:28 2001</td><td class=name bgcolor=#444477 align=center>7fb624eef82b60ad70c6ccf9b601a763</td></tr><tr><td class=desc colspan=4 bgcolor=#000033 align=left>Solaris 8 libsldap local root exploit. Tested on an Ultra10 and an Enterprise 3500 with success. By <a href="mailto:noir@gsu.linux.org.tr">Noir</a></td></tr><tr><td class=name bgcolor=#333366 align=left><a href=/"0107-exploits/lmail-xpl.c">lmail-xpl.c</a></td><td class=size bgcolor=#333366 align=center>2014</td><td class=date bgcolor=#444477 align=center>Jul 12 06:26:25 2001</td><td class=name bgcolor=#444477 align=center>7f9da8c5028c2fd49aa9c8210d25ec8d</td></tr><tr><td class=desc colspan=4 bgcolor=#000033 align=left>lmail local root exploit. Simply run it with the file you want to create/overwrite and the data you wish to place in the file. By <a href="mailto:core@ezlink.com">Charles Stevenson</a></td></tr><tr><td class=name bgcolor=#333366 align=left><a href=/"0107-exploits/cfingerd0x69.c">cfingerd0x69.c</a></td><td class=size bgcolor=#333366 align=center>5647</td><td class=date bgcolor=#444477 align=center>Jul 12 00:28:25 2001</td><td class=name bgcolor=#444477 align=center>4b97d06d5fd883f3f606f5c5bab3b932</td></tr><tr><td class=desc colspan=4 bgcolor=#000033 align=left>Cfingerd v1.4.3 and below Linux/x86 local root buffer overflow exploit. By <a href="mailto:qitest1@cercaband.com">Qitest1</a></td></tr><tr><td class=name bgcolor=#333366 align=left><a href=/"0107-exploits/ibm-db2.c">ibm-db2.c</a></td><td class=size bgcolor=#333366 align=center>1841</td><td class=date bgcolor=#444477 align=center>Jul 29 02:28:44 2001</td><td class=name bgcolor=#444477 align=center>3de9be6028bd648021d753ebaaf12c72</td></tr><tr><td class=desc colspan=4 bgcolor=#000033 align=left>IBM DB2 (which works under W98/NT/2000) Proof of concept Denial of Service. Sending 1 byte to port 6789 or 6790 IBM DB2 crashes, as described in <a class=fd href="http://packetstormsecurity.org/0107-exploits/ibm.db2.dos.txt">ibm.db2.dos.txt</a>. By <a class=fd href="mailto:honoriak@mail.ru">Honoriak</a></td></tr><tr><td class=name bgcolor=#333366 align=left><a href=/"0107-exploits/ttawebtop.html">ttawebtop.html</a></td><td class=size bgcolor=#333366 align=center>610</td><td class=date bgcolor=#444477 align=center>Jul 18 02:54:16 2001</td><td class=name bgcolor=#444477 align=center>3c05d637d7955fb852fe1c1ec31d1681</td></tr><tr><td class=desc colspan=4 bgcolor=#000033 align=left>Tarantella 3.01 ttawebtop.cgi "show files" exploit. '..' and '/' are not filtered while processing user input, so it is possible to enter arbitrary values to retrieve files from remote sever, which should not be accessible normally. Exploit URL included. By <a href="mailto:dotslash@snosoft.com">KF</a></td></tr><tr><td class=name bgcolor=#333366 align=left><a href=/"0107-exploits/mcaffee.mycio.traversal.txt">mcaffee.mycio.traver..></a></td><td class=size bgcolor=#333366 align=center>2559</td><td class=date bgcolor=#444477 align=center>Jul 12 00:04:18 2001</td><td class=name bgcolor=#444477 align=center>3dda84290792822ead2aa88636a565b1</td></tr><tr><td class=desc colspan=4 bgcolor=#000033 align=left>McAffee's MyCIO directory traversal vulnerability - Any machine running McAffee Agent ASaP VirusScan Software is vulnerable to a remote vulnerability which allows any file on the machine to be read. This software incorporates what is known as "Rumor Technology" that facilitates in the transfer of virus definitions between neighboring machines. This agent software runs as a service ("McAfee Agent") under the local system account and uses a light weight HTTP server that listens on TCP port 6515. Exploit URL included. By <a href="mailto:ade245@hushmail.com">Ade245</a></td></tr><tr><td class=name bgcolor=#333366 align=left><a href=/"0107-exploits/vvfreebsd.txt">vvfreebsd.txt</a></td><td class=size bgcolor=#333366 align=center>3901</td><td class=date bgcolor=#444477 align=center>Jul 12 01:51:40 2001</td><td class=name bgcolor=#444477 align=center>2d223327e13a25c1742fe30e2fda51ba</td></tr><tr><td class=desc colspan=4 bgcolor=#000033 align=left>Georgi Guninski security advisory #48, 2001 - There is local root compromise in FreeBSD 4.3 due to design flaw which allows injecting signal handlers in other processes. Includes vvfreebsd.c, a local root exploit. &nbsp;Homepage: <a href=http://www.guninski.com target=newbrowser>http://www.guninski.com.</a> By <a href="mailto:guninski@guninski.com">Georgi Guninski</a></td></tr><tr><td class=name bgcolor=#333366 align=left><a href=/"0107-exploits/ida-exploit.sh">ida-exploit.sh</a></td><td class=size bgcolor=#333366 align=center>6176</td><td class=date bgcolor=#444477 align=center>Jul 23 21:42:25 2001</td><td class=name bgcolor=#444477 align=center>00e34a156bbe3fe1825c7cec62b3b266</td></tr><tr><td class=desc colspan=4 bgcolor=#000033 align=left>Windows 2000 remote IIS .ida exploit - Spawns a shell on port 8008. Tested on Win2k with no service pack and SP2. Includes instructions on finding the offset. &nbsp;Homepage: <a href=http://monkey.org/~mat target=newbrowser>http://monkey.org/~mat.</a> By <a href="mailto:mat@monkey.org">Mat</a></td></tr><tr><td class=name bgcolor=#333366 align=left><a href=/"0107-exploits/pic-lpr-remote.c">pic-lpr-remote.c</a></td><td class=size bgcolor=#333366 align=center>5320</td><td class=date bgcolor=#444477 align=center>Jul 27 02:30:12 2001</td><td class=name bgcolor=#444477 align=center>b872ac8b739399184c12ab501762793c</td></tr><tr><td class=desc colspan=4 bgcolor=#000033 align=left>Pic / LPRng format string remote exploit. Pic is part of the groff package. It is used by troff-to-ps.fpi as uid lp when perl, troff and LPRng are installed. Tested against Redhat 7.0 (groff-1.16-7). By <a href="mailto:zen-parse@gmx.net">zen-parse</a></td></tr><tr><td class=name bgcolor=#333366 align=left><a href=/"0107-exploits/sig.c">sig.c</a></td><td class=size bgcolor=#333366 align=center>1752</td><td class=date bgcolor=#444477 align=center>Jul 18 02:46:13 2001</td><td class=name bgcolor=#444477 align=center>e9b50e27f1042cfbac603ed819ac6420</td></tr><tr><td class=desc colspan=4 bgcolor=#000033 align=left>FreeBSD 3.1 - 4.3 local root exploit - Uses the signal condition vulnerability discovered by G. Guninski. By Lamerboy.</td></tr><tr><td class=name bgcolor=#333366 align=left><a href=/"0107-exploits/slackware.init.txt">slackware.init.txt</a></td><td class=size bgcolor=#333366 align=center>2582</td><td class=date bgcolor=#444477 align=center>Jul 18 02:06:29 2001</td><td class=name bgcolor=#444477 align=center>da683d52f3f0072dc6963928eed7696f</td></tr><tr><td class=desc colspan=4 bgcolor=#000033 align=left>Slackware 8.0 local root exploit - Creates a suid shell when "modprobe lp" is run from the startup scripts. By <a href="mailto:josh@pulltheplug.com">Josh</a></td></tr><tr><td class=name bgcolor=#333366 align=left><a href=/"0107-exploits/slackware.man.c">slackware.man.c</a></td><td class=size bgcolor=#333366 align=center>2216</td><td class=date bgcolor=#444477 align=center>Jul 17 17:55:38 2001</td><td class=name bgcolor=#444477 align=center>c1c8ef9823405a020ea2cc19d098e213</td></tr><tr><td class=desc colspan=4 bgcolor=#000033 align=left>Slackware 8.0 and below ships with /var/man/cat* chmodded 1777, making it vulnerable to symlink attacks. This exploit creates a suid shell with the UID of the user running man. By <a href="mailto:josh@pulltheplug.com">Josh</a>, <a href="mailto:lockdown@lockeddown.net">Lockdown</a>, <a href="mailto:zen-parse@gmx.net">zen-parse</a></td></tr><tr><td class=name bgcolor=#333366 align=left><a href=/"0107-exploits/ktv.sh">ktv.sh</a></td><td class=size bgcolor=#333366 align=center>1822</td><td class=date bgcolor=#444477 align=center>Jul 18 02:59:25 2001</td><td class=name bgcolor=#444477 align=center>e7386b4de150129eee315ee540b989bc</td></tr><tr><td class=desc colspan=4 bgcolor=#000033 align=left>Ktvision v0.1.1-271 and below symlink local root exploit. Tested against SuSE 7.1. By <a class=fd href="mailto:IhaQueR@IRCnet">Ihaquer</a></td></tr><tr><td class=name bgcolor=#333366 align=left><a href=/"0107-exploits/ldap_exp2.c">ldap_exp2.c</a></td><td class=size bgcolor=#333366 align=center>2818</td><td class=date bgcolor=#444477 align=center>Jul 12 06:35:25 2001</td><td class=name bgcolor=#444477 align=center>fdb9fe8c09fcd1a59d191b3a276848d3</td></tr><tr><td class=desc colspan=4 bgcolor=#000033 align=left>Solaris 5.8 ldap / passwd local root exploit. Tested on SunOS 5.8 Generic_108528-06 sun4u sparc SUNW,Ultra-60. By <a href="mailto:fygrave@tigerteam.net">Fyodor</a></td></tr><tr><td class=name bgcolor=#333366 align=left><a href=/"0107-exploits/0107-exploits.tgz">0107-exploits.tgz</a></td><td class=size bgcolor=#333366 align=center>81081</td><td class=date bgcolor=#444477 align=center>Aug 2 13:09:51 2001</td><td class=name bgcolor=#444477 align=center>da3cb1438250539d8be8380e15486d7d</td></tr><tr><td class=desc colspan=4 bgcolor=#000033 align=left>Packet Storm new exploits for July, 2001.</td></tr><tr><td class=name bgcolor=#333366 align=left><a href=/"0107-exploits/QDAV-2001-7-3">QDAV-2001-7-3</a></td><td class=size bgcolor=#333366 align=center>1896</td><td class=date bgcolor=#444477 align=center>Jul 18 02:13:43 2001</td><td class=name bgcolor=#444477 align=center>ccfd18fc1da76e132dea511b4220808d</td></tr><tr><td class=desc colspan=4 bgcolor=#000033 align=left>qDefense Advisory Number QDAV-2001-7-3 - Interactive Story does not properly validate the contents of a hidden field entitled "next". By setting that field to the name of a file, and using double dots and poison nulls, an attacker can cause Interactive Story to display the contents of any file. Exploit URL included. &nbsp;Homepage: <a href=http://qDefense.com target=newbrowser>http://qDefense.com.</a></td></tr><tr><td class=name bgcolor=#333366 align=left><a href=/"0107-exploits/cfingerd.c">cfingerd.c</a></td><td class=size bgcolor=#333366 align=center>22161</td><td class=date bgcolor=#444477 align=center>Jul 17 23:34:09 2001</td><td class=name bgcolor=#444477 align=center>d764f4c05c80af0f321c878876a84804</td></tr><tr><td class=desc colspan=4 bgcolor=#000033 align=left>Cfingerd v1.4.3 remote root exploit for Linux. Binds to port 113 and sends bogus ident information. &nbsp;Homepage: <a href=http://security.is target=newbrowser>http://security.is.</a> By <a href="mailto:teddi@linux.is">Digit</a></td></tr><tr><td class=name bgcolor=#333366 align=left><a href=/"0107-exploits/filter-xpl.c">filter-xpl.c</a></td><td class=size bgcolor=#333366 align=center>2027</td><td class=date bgcolor=#444477 align=center>Jul 18 02:50:05 2001</td><td class=name bgcolor=#444477 align=center>ac0593f66f87f941019423787bd8fce7</td></tr><tr><td class=desc colspan=4 bgcolor=#000033 align=left>/usr/local/bin/filter local exploit. Gives GID=mail. More information available <a href="http://www.tao.ca/fire/bos/0354.html"here.</a> Tested against Slackware 3.1. Exploits the nlspath buffer overflow. By <a href="mailto:vali@lhab.soroscj.ro">_Phantom_</a></td></tr><tr><td class=name bgcolor=#333366 align=left><a href=/"0107-exploits/xdm-cookie-exploit.c">xdm-cookie-exploit.c</a></td><td class=size bgcolor=#333366 align=center>6142</td><td class=date bgcolor=#444477 align=center>Jul 12 15:26:04 2001</td><td class=name bgcolor=#444477 align=center>cb62c9d2e6db81932cda010ba727d2a0</td></tr><tr><td class=desc colspan=4 bgcolor=#000033 align=left>Current versions of xdm are sensitive to trivial brute force attack if it is compiled with bad options, mainly HasXdmXauth. Without this option, cookie is generated from gettimeofday(2). If you know starting time of xdm login session, computation of the cookie just takes a few seconds. By <a href="mailto:ntf@epita.fr">Ntf</a>, <a href="mailto:sky@epita.fr">Sky</a></td></tr><tr><td class=name bgcolor=#333366 align=left><a href=/"0107-exploits/ibm.db2.dos.txt">ibm.db2.dos.txt</a></td><td class=size bgcolor=#333366 align=center>491</td><td class=date bgcolor=#444477 align=center>Jul 12 00:26:20 2001</td><td class=name bgcolor=#444477 align=center>f4b462d2987f201a50bd03e6f68934fd</td></tr><tr><td class=desc colspan=4 bgcolor=#000033 align=left>IBM db2 for Windows (98/NT/2000) is vulnerable to a simple remote denial of service attack via db2ccs.exe (listening on port 6790) and db2jds.exe (port 6789). By <a href="mailto:gilles.lami@hays-dsia.fr">Gilles</a></td></tr><tr><td class=name height=10 colspan=4><img src=/images/spacer.gif></td></tr><tr><td class=name align=left colspan=4>&nbsp;</td></tr><tr><td class=name align=left colspan=4>&nbsp;</td></tr><tr><td class=small align=center><a class=small href=/privacy.html>Privacy Statement</a></td></tr><tr><td class=name align=left colspan=4><a href=#top><img border=0 src=/images/top.gif></a></td></tr></table></body></html>
123

⌨️ 快捷键说明

复制代码 Ctrl + C
搜索代码 Ctrl + F
全屏模式 F11
切换主题 Ctrl + Shift + D
显示快捷键 ?
增大字号 Ctrl + =
减小字号 Ctrl + -