[ home ] [ contents ] [ platforms ] [ shellcode ] [ search ] [ cracker ] [ links ] [ rss ] [ archive ]
milw0rm
[ remote ]
-::DATE -::DESCRIPTION -::HITS -::AUTHOR
2008-08-20 Anzio Web Print Object <= 3.2.30 ActiveX Buffer Overflow Exploit 252 R D Core Security
2008-08-17 FlashGet 1.9.0.1012 (FTP PWD Response) BOF Exploit (safeseh) 2715 R D Guido Landi
2008-08-15 FlashGet 1.9.0.1012 (FTP PWD Response) SEH STACK Overflow Exploit 3346 R D SkOd
2008-08-13 IntelliTamper 2.07/2.08 Beta 4 A HREF Remote Buffer Overflow Exploit 2587 R D kralor
2008-08-13 BIND 9.5.0-P2 (randomized ports) Remote DNS Cache Poisoning Exploit 4897 R D Zbr
2008-08-11 Apache Tomcat <= 6.0.18 UTF8 Directory Traversal Vulnerability 8786 R D Simon Ryeo

[ local ]
-::DATE -::DESCRIPTION -::HITS -::AUTHOR
2008-08-01 IrfanView <= 3.99 IFF File Local Stack Buffer Overflow Exploit 4053 R D fl0 fl0w
2008-07-29 CoolPlayer m3u File Local Buffer Overflow Exploit 2741 R D Guido Landi
2008-07-21 IntelliTamper 2.07 (map file) Local Arbitrary Code Execution Exploit (pl) 3318 R D Guido Landi
2008-07-11 Download Accelerator Plus - DAP 8.x m3u File Buffer Overflow Exploit (c) 5858 R D Shinnok
2008-07-08 Poppler <= 0.8.4 libpoppler uninitialized pointer Code Execution PoC 3621 R D Felipe Andres Manzano
2008-07-08 OllyDBG v1.10 and ImpREC v1.7f (export name) BOF PoC 6032 R D Defsanguje

[ web apps ]
-::DATE -::DESCRIPTION -::HITS -::AUTHOR
2008-08-20 webEdition CMS (we_objectID) Blind SQL Injection Exploit 288 R D Lidloses_Auge
2008-08-20 phpBazar 2.0.2 (adid) Remote SQL Injection Vulnerability 284 R D e.wiZz!
2008-08-20 Pars4U Videosharing V1 XSS / Remote Blind SQL Injection Exploit 240 R D Mr.SQL
2008-08-19 Active PHP Bookmarks 1.1.02 Remote SQL Injection Vulnerability 1414 R D Hussin X
2008-08-19 Banner Management Script (tr.php id) Remote SQL Injection Vulnerability 1356 R D S.W.A.T.
2008-08-19 SunShop <= 4.1.4 (id) Remote SQL Injection Vulnerability 1922 R D GulfTech Security

[ dos / poc ]
-::DATE -::DESCRIPTION -::HITS -::AUTHOR
2008-08-18 VMware Workstation (hcmon.sys 6.0.0.45731) Local DoS Vulnerability 1688 R D g_
2008-08-17 WS_FTP Home/Professional FTP Client Remote Format String PoC 1434 R D securfrog
2008-08-16 EO Video 1.36 Local Heap Overflow DOS / PoC 947 R D j0rgan
2008-08-16 VLC 0.8.6i tta File Parsing Heap Overflow PoC 1305 R D g_
2008-08-16 ESET Smart Security 3.0.667.0 Privilege Escalation PoC 1521 R D g_
2008-08-14 Microsoft Visual Studio (Msmask32.ocx) ActiveX Remote BOF PoC 2246 R D Symantec

[ shellcode ]
-::DATE -::DESCRIPTION -::HITS -::AUTHOR
2008-08-19 freebsd/x86 encrypted shellcode /bin/sh 48 bytes 402 R D c0d3_z3r0
2008-08-19 linux/x86 shellcode generator / null free 390 R D BlackLight
2008-08-19 linux/86 setreuid(geteuid, geteuid) + execve(/bin/sh) shellcode 336 R D Reth
2008-08-18 linux/x86 setuid(0) . setgid(0) . aslr_off 79 bytes 451 R D LiquidWorm
2008-08-18 linux/x86 rm -rf / attempts to block the process from being stopped 378 R D onionring
2008-08-18 linux/x86 writes a php connectback shell to the fs 508 bytes 381 R D GS2008

[ papers ]
-::DATE -::DESCRIPTION -::HITS -::AUTHOR
2008-08-19Reverse Engineering: Smashing the Signature622DGeorge Nicolaou
2008-08-19[spanish] Técnicas de inyección en MySQL367Dka0x
2008-08-19Data-mining with SQL Injection and Inference521DDavid Litchfield
2008-08-19Breaking the Windows Server 2003 SP2 Stack728Dkcope
2008-08-18[german] A german guide to WEP/WPA cracking576DJohannes Greil
2008-08-18[german] Sybase SQL Injection && Bypassing mod_security463DThomas Kerbl

[ videos ]
-::DATE -::DESCRIPTION -::HITS -::AUTHOR
2008-04-17Packet sniffing with Ettercap (arp spoofing basics) 105555eXeCuTeR
2008-04-15Anonymous Voice Vlan Hack 16739CwG GeNiuS
2008-04-10How to Make File Undetected by AVs 30851LynxEffect
2008-04-09Howto using aircrack-ptw WEP cracking tool 19845br0ken rlz
2008-04-02ICQ 6 HTML EXECUTION AND CRASH 17514UnDef0x00
2008-03-31Advanced Mysql Injection in Joomla 30337gsy


send all submissions to submit[at]milw0rm.com [gpg]

Copyright © 2004-2008 milw0rm