ms08-067 - Multiprotocol NTLM replay
attacks (Smbrelay3)
New generation smbrelay exploit tool that allows interaction with several network
protocols that support NTLM authentication.
Hauppauge EPG Software directory
transversal (SPANISH)
WinTv HVR drivers include a software named EPG (Electronic program guide) vulnerable
to directory transversal attacks.
NTLM Spoofing under Windows
2000 (SPANISH)
Windows 2000 is vulnerable to NTLM spoofing, allowing anonymous bruteforce attacks
or connections against SMB/CIFS protocols.
MS07-065
- Microsoft Windows 2000 Advanced Server SP4 Message Queue Exploit
Remote code execution for the message Queue service.
MS07-029
- Microsoft Windows DNS RPC Remote Buffer Overflow Exploit
Remote code execution througth DNS RPC interface. This exploit added an new unknown
attack vector (port 445)
MS07-027 - Internet explorer
mdsauth.dll Arbitrary file rewrite.
mdsauth.dll NMSA Session Description Object SaveAs control, arbitrary file modification
MS06-011 - Microsoft weak service
DACL allows remote code execution
Exploiting the default permission for several windows an third part software its
possible to remotely compromise a system and execute code with remote service credentials.
MS05-020 - Internet explorer
Content Advisor Memory Corruption Vulnerability
By delivering to the user an special crafted .rat file is possible to overflow msrating.dll
and execute remote code.
MS04-034 -
Vulnerability in Compressed (zipped) Folders
Exploit for the Microsoft zip folder vulnerability. This exploit will execute code
when a zip folder is accessed
MS04-011 - Microsoft utility manager
local exploit
Sending special crafted messages to the process utilman.exe its possible to execute
code as SYSTEM. This is a modified exploit from Cessar Cerrudo to make it work under
spanish xp computers.
MS03-027 - Microsoft ShellClassInfo code execution
By placing a malformed desktop.ini file into a local/remote folder its possible
to execute code every time an user access that folder.
MS03-026 - KAHT
II - Microsoft RPC Dcom exploit
This exploit search the computers of network for this vulnerability and execute
code for every vulnerable system found. This is one of the most reliable exploits
published.
MS03-007
- KAHT - Microsoft Webdav exploit
Exploit for the webdav IIS vulnerability that allows remote code execution. This
exploit bruteforces the return address to get into the system.
MS03-007 -
KAHT - Microsoft Webdav exploit
Exploit for the webdav IIS vulnerability that allows remote code execution. This
exploit bruteforces the return address to get into the system.
Universal
exploit for vulnerable printer providers
Universal local exploit for vulnerable printer providers. This exploit works against
cpprov.dll (Citrix Metaframe), and Novell (nwspool.dll - CVE-2006-5854 )
Citrix metaframe
WEAK dacl privilege scalation vulnerability
Universal local exploit for vulnerable printer providers. This exploit works against
cpprov.dll (Citrix Metaframe), and Novell (nwspool.dll - CVE-2006-5854 )
Tibco Rendezvous daemon, remote
code execution
This code exploits a vulnerability in the way that Tibco Rendezvous daemon handles
HTTP Request.
Tibco password extractor
Exploit against tibco configuration file. Due to the default weak ACLS, is possible
for a local user to extract administration passwords from the configuration file
Pi3Web 2.0.1 Denial of Service
- Proof of Concept
By sending a malformed GET request to the remote pi3web webserver its possible to
execute remote code.
Serv-U Local privilege Escalation
Serv-u Application contains a hardcoded account that is used for administration.
This account can be used to create a new user and grant him code execution permissions.
Exploiting this flaw is possible to execute code as SYSTEM.
BadBlue Personal Edition v2.55 remote
code execution
Remote code execution against badblue webserver. Versions <= 2.55 are affected.
WheresJames
Webcam Publisher Beta 2.0.0014
Remote code execution exploit.
Smallftpd
Multiple vulnerabilities for Smallftpd v.099 and v1.02
more exploits...
More undisclosed stuff... because we rocks!...