what i do?

Am an Information Risk Consultant and Penetration Tester, i specialize mostly in penetrating secure networks/computer systems where i simulate an organized professional attack against your organization, where after that a detailed report with weakness and exploited vectors are summarized. This will help you gain control over your infrastructures security and maximize your protection.

Tuesday, September 25, 2007

SOME LIST OF KERNEL LOCAL EXPLOITS

This is really useful. Tells you which exploits are suited to which kernels

2.4.17
newlocal
kmod


2.4.18
brk
brk2
newlocal
kmod
km.2


2.4.19
brk
brk2
newlocal
kmod
km.2


2.4.20
ptrace
kmod
ptrace-kmod
km.2
brk
brk2


2.4.21
km.2
brk
brk2
ptrace
ptrace-kmod


2.4.22
km.2
brk2
brk
ptrace
ptrace-kmod


2.4.22-10
loginx
./loginx


2.4.23
mremap_pte


2.4.24
mremap_pte
Uselib24


2.4.25-1
uselib24


2.4.27
Uselib24


2.6.0
REDHAT 6.2
REDHAT 6.2 (zoot)
SUSE 6.3
SUSE 6.4
REDHAT 6.2 (zoot)
all top from rpm
-------------------------
FreeBSD 3.4-STABLE from port
FreeBSD 3.4-STABLE from packages
freeBSD 3.4-RELEASE from port
freeBSD 4.0-RELEASE from packages
----------------------------
all with wuftpd 2.6.0;
=
wuftpd
h00lyshit


2.6.2
mremap_pte
krad
h00lyshit


2.6.5 to 2.6.10
krad
krad2
h00lyshit


2.6.8-5
krad2
./krad x
x = 1..9
h00lyshit


2.6.9-34
r00t
h00lyshit


2.6.13-17
prctl
h00lyshit

-------------------

2.4.17 -> newlocal, kmod, uselib24
2.4.18 -> brk, brk2, newlocal, kmod
2.4.19 -> brk, brk2, newlocal, kmod
2.4.20 -> ptrace, kmod, ptrace-kmod, brk, brk2
2.4.21 -> brk, brk2, ptrace, ptrace-kmod
2.4.22 -> brk, brk2, ptrace, ptrace-kmod
2.4.22-10 -> loginx
2.4.23 -> mremap_pte
2.4.24 -> mremap_pte, uselib24
2.4.25-1 -> uselib24
2.4.27 -> uselib24
2.6.2 -> mremap_pte, krad, h00lyshit
2.6.5 -> krad, krad2, h00lyshit
2.6.6 -> krad, krad2, h00lyshit
2.6.7 -> krad, krad2, h00lyshit
2.6.8 -> krad, krad2, h00lyshit
2.6.8-5 -> krad2, h00lyshit
2.6.9 -> krad, krad2, h00lyshit
2.6.9-34 -> r00t, h00lyshit
2.6.10 -> krad, krad2, h00lyshit
2.6.13 -> raptor, raptor2, h0llyshit, prctl
2.6.14 -> raptor, raptor2, h0llyshit, prctl
2.6.15 -> raptor, raptor2, h0llyshit, prctl
2.6.16 -> raptor, raptor2, h0llyshit, prctl


compiled and .c exploits can be found here: http://meto5757.by.ru/l0c4lr00t/

Monday, September 17, 2007

PLAYING WITH SOME PHPMYADMIN

Guys at nnc made more of knew progress on phymyadmin hacking. And these are their papers.

Paper:
http://nnc.unkn0wn.eu/papers/pma/phpmyadmin.txt

Sql1:
http://nnc.unkn0wn.eu/papers/pma/sql1.txt

Sql2:
http://nnc.unkn0wn.eu/papers/pma/sql2.txt



Secure your applications.


/Chuks