Уязвимости

International Cybersecurity Association

#!/usr/bin/perl # # Linux ntpd 4.2.8 'derive_nonce' remote stack overflow PoC # # Copyright 2016 (c) Todor Donev # [email protected] # https://www.ethical-hacker.org/ # https://www.facebook.com/ethicalhackerorg # http://pastebin.com/u/hackerscommunity # # # Description: # The ntpd program is an operating-system daemon that sets and maintains # a computer system's system time in synchronization with Internet-standard # time servers....

/* Linux Kernel 2.6.32-642 / 3.16.0-4 'inode' Integer Overflow PoC The inode is a data structure in a Unix-style file system which describes a filesystem object such as a file or a directory. Each inode stores the attributes and disk block locations of the object's data. Filesystem object attributes may include metadata, as well as...

Засегнати: Cisco ASA 5505, 5506, 5510, 5515, 5516, 5525 , 5540, 5545, 5585 Cisco 6500 рутери с SUP2T и Netflow v9 Cisco ASA 5550 (Наследен) и 5515-X (последната генерация) Dell SonicWall без ‘ICMP flood’ защита Някои непотвърдени устройства от Palo Alto Networks Palo Alto 5050 Firewalls с фърмуеър 7.1.4-h2 Zyxel NWA3560-N (Проявява се откъм LAN)...

#!/usr/bin/perl # # MS Windows Server 2008/2008 R2/ 2012/2012 R2/ AD LDAP RootDSE Netlogon # (CLDAP "AD Ping") query reflection DoS PoC # # Copyright 2016 (c) Todor Donev # Varna, Bulgaria # [email protected] # https://www.ethical-hacker.org/ # https://www.facebook.com/ethicalhackerorg # http://pastebin.com/u/hackerscommunity # # MS Windows Server 2016 [NOT TESTED !!!] # # Description: # The attacker...

#!/usr/bin/perl # # Counter-Strike 1.6 'GameInfo' Query Reflection DoS # Proof Of Concept # # Copyright 2015 (c) Todor Donev # [email protected] # http://www.ethical-hacker.org/ # https://www.facebook.com/ethicalhackerorg # http://pastebin.com/u/hackerscommunity # # # Disclaimer: # This or previous program is for Educational # purpose ONLY. Do not use it without permission. # The usual disclaimer applies, especially...

#!/usr/bin/perl # # NetBios NBSTAT name query reflection dos # # Copyright 2015 (c) Todor Donev # [email protected] # http://www.ethical-hacker.org/ # https://www.facebook.com/ethicalhackerorg # # Disclaimer: # This or previous program is for Educational # purpose ONLY. Do not use it without permission. # The usual disclaimer applies, especially the # fact that Todor Donev is...

#!/usr/bin/perl # # upnpd M-SEARCH ssdp:discover reflection # # Copyright 2015 (c) Todor Donev # [email protected] # http://www.ethical-hacker.org/ # https://www.facebook.com/ethicalhackerorg # # The SSDP protocol can discover Plug & Play devices, # with uPnP (Universal Plug and Play). SSDP is HTTP # like protocol and work with NOTIFY and M-SEARCH # methods. # # #...

#!/bin/sh # # [+] Glibc <= 2.12.x, 2.11.3, 2.12.2 LD_AUDIT libmemusage.so local root exploit # # Edited by Todor Donev (todor dot donev at gmail dot com) # This is another exploit for CVE-2010-3856 # # Thanks to Tavis 'taviso' Ormandy, zx2c4, Marco 'raptor' Ivaldi, Stiliyan Angelov # and Tsvetelina Emirska # # Another exploits:...

/* Linux <= 2.6.37-rc1 serial_multiport_struct Local Leak Exploit * * ./splitmilk2 leak 134514859 * [\m/] Linux <= 2.6.37-rc1 serial_multiport_struct Local Leak Exploit * [\m/] by Todor Donev * [x] Leakfile : leak * [x] Reservedsize : 134514859 * [+] Leaking.. =) * ... * * * Greets to prdelka, * for splitmilk.c release, Linux <=...

<!-- [+] Microsoft Internet Explorer 8 stack exhaust --> <!-- --> <!-- Vuln type: Denial of Service --> <!-- Author: Todor Donev --> <!-- Author mail: [email protected] --> <!-- --> <!-- This is simple crash exploit for MS IE8, tested on Windows XP SP3 EN --> <!-- It's not risk factor !! --> <!-- -->...