27 sept 2012

Wordpress Plugin: 'Five Star Rating' <=v1.3.1 SQL Injection


Link: http://www.1337day.com/exploits/19489

Publicado por localh0t en 14:00 0 comentarios
Etiquetas: , , , , ,

10 jun 2012

backfuzz v0.3 released

Hey guys, just announcing that v0.3 came out, new changes are:

(*) Added the ability to use different type of patterns while fuzzing (Cyclic | CyclicExtended | Single | Format-String).
(*) Removed a lot of un-useful parameters and use global variables instead.
(*) Minor Help Screen improvements.

Help Screen:



Example with CyclicExtended:



Download:

https://github.com/localh0t/backfuzz
Publicado por localh0t en 21:26 0 comentarios
Etiquetas: , , , , , , , , ,

14 abr 2012

Wordpress Plugin: Email Before Download <=3.16 Remote Blind SQL Injection


Link: http://www.1337day.com/exploits/18049
Publicado por localh0t en 18:04 0 comentarios
Etiquetas: , , , ,

8 abr 2012

backfuzz v0.2



New update of backfuzz: TFTP plugin added. Enjoy.

GitHub: https://github.com/localh0t/backfuzz
Publicado por localh0t en 19:24 0 comentarios
Etiquetas: , , ,

30 mar 2012

Bypassing tolower() filters in buffer overflows


This whitepaper goes into detail on how to bypass tolower() filters in buffer overflows. It uses a stack-based buffer overflow as an example but the technique can also be applied to heap overflows as well.
Hope you guys enjoy it :).

Link:  http://packetstormsecurity.org/files/download/111411/bypassing-tolower.pdf
Publicado por localh0t en 18:26 0 comentarios
Etiquetas: , , , ,

23 mar 2012

Website Pro <= 3.1.13.0 "Referer:" Remote Buffer Overflow PoC 



The crash occurs when the application tries to write ECX (0x00000000) into the address that 
contains EAX (we control EAX) (0xBAADBEEF) .
Possible explotable, not tested yet.
SHODAN Dork: "Server: Website/3.1" 
 
Link: http://www.1337day.com/exploits/17806









Publicado por
localh0t


en
13:44


0
comentarios

















Etiquetas:
,
,
,
















          

        

          

        

12 mar 2012


          

        







backfuzz - protocol fuzzing toolkit










Well, after a while I am releasing this simple fuzzer. 


You can use this basically to fuzz different protocols (FTP, HTTP, IMAP, etc) but also has no-protocol plug-ins (Example: File Fuzzer).
The general idea is that this script has several functions already predefined in the file "functions.py", so whoever wanna write his own plugin's (for another protocol) in a few lines and add it to the script can do so.
I know the code is still in beta and requires a lot of work to get better, so any questions / suggestions / criticism / comment is welcome.



Screenshots:






    Help Menu:








    Crash reached (FTP):





    Crash reached (HTTP):





    File Fuzzing:





    File Fuzzing (Files):






GitHub page:





Installation:



git clone https://github.com/localh0t/backfuzz
 
Happy fuzzing,
Matías. 









Publicado por
localh0t


en
11:32


5
comentarios

















Etiquetas:
,
,
,
,
,
,
















        

      









Suscribirse a:
Entradas (Atom)