Skip navigation.


Harvecter bot


Harvecter bot's source code

Harvecter's mirror:
The mirror contains a group of files, while the original source code pointed
has only one file.

Cheers :)


Anyone knows how to hack/exploit this Netgear software? as this program prevents people from learning more and communicating on the internet.

MySpace Phish and Drive-by attack vector propagating Fast Flux network growth

Some MySpace profiles hit with a Web attack
Posted by Robert Vamosi

At some point within the last week, some MySpace user pages were seeded with malicious computer code. The malicious code seeks to exploit Microsoft Windows and Internet Explorer using recently patched security holes. The hope is that you haven't patched your computer yet. If you're a MySpace visitor and you visit one of the infected pages, you'll be redirected to a fake MySpace log-in page aiming to steal the visitor's MySpace user name and password. The attack employs phishing and drive-by download techniques.

SANS' Internet Storm Center offers a detailed breakdown of the attack.

Jitko a tool to turn any Javascript enabled browser into a component of a botnet

It seems that the Javascript botnet code that was announced at Shmoocon last month has been leaked.

The code known as Jitko was designed to turn any Javascript enabled browser into a component of a botnet. Written by Billy Hoffman from Spy Dynamics the code was presented at Shmoocon, the code was placed unprotected on a publicly visible web server where eagle-eyed conference goers where able to copy the URL and download a copy of the code for themselves.

looking for Big Yellow


I was wondering if anyone has the "big yellow" worm that hits the symantec AV as indicated by eeye at I tried hitting the site but either it's hammered or it's down.
also, is this worm is the same as W32.Spybot.ACYR?


PowerPoint sploits?


Anyone have a copy of the in-the-wild "Exploit-PPT.d" [McAfee] PowerPoint exploit?

IDS sigs?

| |

Hi. New to the site, but this looks at lot like what some of my friends and I have been looking for. That is, a site that says something to the effect of "here is what a packet looks like if it (fill in the blank) and can be found with this signature."

I realize that sigs are better found at and sites like that, but it would be nice to have the full pcap file, the sig, *and* (if possible), the malware to go with it. Is that outside the scope of what this site is for? I notice that the Intrusion Detection links tells me to go away....



perl open pipe cgi exploit

This is the perl cgi open pipe metasploit module exploit.
If you have a perl cgi that does something like


someone can make $something_user_inputed = "|/bin/id";

or any other number of evil things.



This is the phpbb_highlight metasploit module exploit. Go to for the framework.



vmstat proof of concept exploit.
Not useful unless vmstat is suid root for some reason.


Syndicate content