ptnews.txt
PT News v1.7.7 allows access to administrator functionality without authentication via news.inc which is included in the index.php file.
View ArticleANHTTPd.txt
AN HTTPd versions 1.42h and prior ships with a script called count.pl which allows remote attackers to use a directory traversal attack to overwrite the contents of files on the system.
View Articlesp-xeneo.pl
The Xeneo Web Server v2.2.9.0 is vulnerable to a Denial of Service attack when a GET request with 4096 ?'s are received. Tested against Windows XP Pro SP1 and Windows 2000 SP3.
View Articlefmtstring.txt
Detailed paper that describe format string vulnerabilities and how to exploit them.
View Articleenvpaper.pdf
Radical Environments part I - A paper that compiles various stack related tips and tricks which discusses how an exploit without nops works.
View ArticleNetric-RE-partII.pdf
Radical Environments part II - This paper continues where part one left off, detailing a technique in writing 0 bytes when exploiting a local buffer overflow using a non-executable stack with the heap...
View Article0x4553_Crypt0r.tar.gz
0x4553_Crypt0r is a base engine for encrypting ELF binaries. Uses simple bit rotation and allows for the ability to add your own algorithm.
View Article
