CVE-2003-0190 PoC
Proof of Concept for CVE-2003-0190: timing attack on OpenSSH-portable <= 3.6.1p1 with PAM.
- http://lab.mediaservice.net/code/ssh_brute.c
MD5: 4fbc9a1fb23e828b1fe42ff7cc65d1c1
SHA-1: b57f20c0a86c20cda82e8dc169923452fc50225c
- http://lab.mediaservice.net/code/openssh-3.6.1p1_brute.diff
MD5: de3bc1148b93ddb427f6fc721d08a1c0
SHA-1: 9cf2b8a9bcb5e526c071f18e4bd3be5c5b716e35
CVE-2008-0960 Exploit
Proof of Concept for CVE-2008-0960: allow you to bypass authentication on SNMP v3 (tested on CISCO and Net- SNMP) via HMAC validation error.
- http://lab.mediaservice.net/code/snmpv3_exp.tgz
MD5: 8b361d84155829c8b08e4342f8db6aa2
SHA-1: 4f011d1dae3b28611700b2e66158ba572d4673a6
RunAsUser v0.5
RunAsUser uses DLL injection techniques to gain SYSTEM privileges abusing the LSASS.EXE process, then it duplicates the security token of the target process and runs an arbitrary program, effectively impersonating the owner of the target process.
- http://lab.mediaservice.net/code/RunAsUser.zip
MD5: 32872e88252169d3a1f25455f8480ec3
SHA-1: f84883a463b12427b438213326e57a465fccd973
Singsing
Singsing is a SYN scan library, small, fast and compatible. From the core engine, the asyncronous SYN scanner zucca has been born.
- Singsing project page
http://lab.mediaservice.net/code/singsing/
