CVE-2003-0190 PoC

Proof of Concept for CVE-2003-0190: timing attack on OpenSSH-portable <= 3.6.1p1 with PAM.

• http://lab.mediaservice.net/code/ssh_brute.c
  MD5: 4fbc9a1fb23e828b1fe42ff7cc65d1c1
  SHA-1: b57f20c0a86c20cda82e8dc169923452fc50225c
  
• http://lab.mediaservice.net/code/openssh-3.6.1p1_brute.diff
  MD5: de3bc1148b93ddb427f6fc721d08a1c0
  SHA-1: 9cf2b8a9bcb5e526c071f18e4bd3be5c5b716e35

RunAsUser v0.5

RunAsUser uses DLL injection techniques to gain SYSTEM privileges abusing the LSASS.EXE process, then it duplicates the security token of the target process and runs an arbitrary program, effectively impersonating the owner of the target process.

• http://lab.mediaservice.net/code/RunAsUser.zip
  MD5: 32872e88252169d3a1f25455f8480ec3
  SHA-1: f84883a463b12427b438213326e57a465fccd973

Singsing

Singsing is a SYN scan library, small, fast and compatible. From the core engine, the asyncronous SYN scanner zucca has been born.

• Singsing project page
  http://lab.mediaservice.net/code/singsing/

Copyright © 2000-2008 @ Mediaservice.net S.r.l. con Socio Unico. All rights reserved.