Luigi Auriemma

aluigi@autistici.org

News
Advisories
Proof-of-concepts
Research
Fake_players_bug
MyToolz
Password_recovery
Patches
MyMusic
Amiga_ADF
TestingToolz
RSS
Video
About...
Forum
aluigi.org
backup.aluigi.org
mirror.aluigi.org
  • 22 Aug 2008 Research: Race WTCC files encrypter/decrypter 0.2.2
    added support to version 5 used in GTR Evolution
  • 21 Aug 2008 MyToolz: UIF2ISO 0.1.6
    added support for the useless UIF versions 3 and 4
  • 13 Aug 2008 Patches: Ventrilo <= 3.0.2 NULL pointer fix 0.1 (any version and platform)
  • 13 Aug 2008 Advisories: NULL pointer in Ventrilo 3.0.2
  • 11 Aug 2008 Advisories: NULL pointer in Skulltag 0.97d2-RC3
  • 11 Aug 2008 Fake_players_bug: Skulltag Fake Players DoS 0.1.2
  • 10 Aug 2008 Research: WorldShift XE files extractor 0.1.1
  • 09 Aug 2008 Research: Ventrilo proxy data decrypter 0.3
    optimizations and full support to the 3.x protocol
  • 06 Aug 2008 Advisories: Endless loop and resources consumption in Halo 1.07.615
  • 06 Aug 2008 Fake_players_bug: Halo Fake Players DoS 0.2.1b
    handling of timeout
  • 06 Aug 2008 Research: Battlefield 2/2142 cdkey to PunkBuster GUID 0.1.1
    added the handling of input MD5 hashes too
  • 06 Aug 2008 Password_recovery: Generic CryptUnprotectData and RDP passwords decrypter 0.1.1
    a mini bugfix and automatic support for Battlefield 2/2142 encrypted cdkeys (ergc x9392)
  • 05 Aug 2008 Research: Battlefield 2/2142 cdkey to PunkBuster GUID 0.1
    quick tool for calculating the PB GUID from any cdkey of these two games
  • 04 Aug 2008 MyToolz: Lanfile 0.1.2
    memory optimizations
  • 04 Aug 2008 MyToolz: DAA2ISO 0.1.5a
    some mini fixes (thanx to Josh Freeman)
  • 03 Aug 2008 TestingToolz: Quake 3 engine "connect" modifier 0.1
    plugin for sudppipe which allows a simple customization of the "connect" packet for the games which use the Quake 3 engine
  • 03 Aug 2008 Proof-of-concepts: q3unban plugin for sudppipe 0.1.2
    rewritten
  • 02 Aug 2008 Advisories: Server termination in America's Army 2.8.3.1
  • 02 Aug 2008 Proof-of-concepts: Unreal Tournament 2004 <= v3369 NULL pointer 0.1.1
    now requires only one packet instead of two, I have updated also the relative advisory since other games are affected like Red Orchestra and Shadow Ops
  • 30 Jul 2008 Advisories: Memory corruption and NULL pointer in Unreal Tournament III 1.2
  • 30 Jul 2008 Advisories: NULL pointer in Unreal Tournament 2004 v3369
  • 29 Jul 2008 Fake_players_bug: Unreal engine basic client and Fake Players DoS 0.1.2a
    fixed the function which queries the server
  • 28 Jul 2008 Proof-of-concepts: q3unban plugin for sudppipe 0.1.1
    added support for old games
  • 28 Jul 2008 Fake_players_bug: Unreal engine basic client and Fake Players DoS 0.1.2
  • 28 Jul 2008 Proof-of-concepts: Denial of Service in Warpath and Pariah through DISABLESPLIT
  • 26 Jul 2008 TestingToolz: UDPSZ 0.2.2c
    fixed -P 0
  • 26 Jul 2008 MyToolz: Proxymini 0.2c
    added the -L option for choosing the outgoing interface
  • 26 Jul 2008 MyToolz: DAA2ISO 0.1.5
    added initial support for the DAA file version 110
  • 26 Jul 2008 Fake_players_bug: Ventrilo Fake Players DoS and brute forcer 0.2.8b
    added an option for a delay between each connection
  • 22 Jul 2008 MyToolz: UIF2ISO 0.1.5a
    added support for another rare type of image with uncompressed headers
  • 21 Jul 2008 TestingToolz: UDPSZ 0.2.2b
    micro fix when pck_size is negative but has been selected custom content (-f/-c/-C)
  • 21 Jul 2008 Advisories: NULL pointer in ZDaemon 1.08.07
  • 21 Jul 2008 MyToolz: UIF2ISO 0.1.5
    added support for the fixed keys encryption found in some new UIF files
  • 20 Jul 2008 Advisories: Vulnerabilities in SWAT 4 1.1
  • 20 Jul 2008 Fake_players_bug: Unreal engine basic client and Fake Players DoS 0.1.1
    added compatibility for more games
  • 20 Jul 2008 TestingToolz: UDPSZ 0.2.2a
    fixed and optimized the udpspoof function (thanx to SomaFM)
  • 18 Jul 2008 TestingToolz: UDPSZ 0.2.2
    added an option for spoofing the source address of the packets
  • 17 Jul 2008 Fake_players_bug: Unreal engine basic client and Fake Players DoS 0.1
    a basic client for sending custom commands to any server of almost any game based on the Unreal engine
  • 17 Jul 2008 Proof-of-concepts: Format string bug in the old versions of the Unreal engine
  • 17 Jul 2008 Proof-of-concepts: Hell bell bug in the Unreal engine through the BADBOY command
  • 17 Jul 2008 Proof-of-concepts: Two server bugs in old versions of the Unreal engine
  • 17 Jul 2008 TestingToolz: UDPSZ 0.2.1
    small fixes
  • 13 Jul 2008 Research: ShellShock Nam67 files extractor 0.1
    extractor for the assets files of this game
  • 11 Jul 2008 Research: Gslist 0.8.5
    now the webgui and -Q scanning is slower since I have implemented the reping of the servers and the usage of the Gamespy NAT negotiation for the queries 0, 8 and 11. removed some filtered chars in the -Q scanning
  • 10 Jul 2008 Fake_players_bug: Half-Life fake players bug (no auth) 0.3.2
    added the -x option which allows the automatic testing of all the bugs
  • 09 Jul 2008 MyToolz: Lame Patcher 0.4.2
    some small enhancements
  • 07 Jul 2008 Research: Milestone MIX files extractor 0.1
    extractor for the MIX archives used in the Milestone games like S.C.A.R., Superbike 2000 and 2001, Evolution GT and more
  • 07 Jul 2008 Research: CBF files extractor 0.2.1
    important bug fix below and full wildcards in -p
  • 07 Jul 2008 MyToolz: unlzw 0.1.2
    important bugfix in the part of the code which copies the dictionary data in the output (using memcpy was a bad idea)
  • 07 Jul 2008 MyToolz: unlzwx 0.1
    another implementation of LZW memory decompressor
  • 06 Jul 2008 News: it's summer and it's time to update your bookmarks! new website and mirrors available:
    aluigi.org, backup.aluigi.org and mirror.aluigi.org
  • 01 Jul 2008 Advisories: Endless loop in Soldner 33724
  • 30 Jun 2008 Proof-of-concepts: haloloop and haloloop2 0.1.1a
    added support to Halo demo
  • 30 Jun 2008 Fake_players_bug: Halo Fake Players DoS 0.2.1a
    added support to Halo demo
  • 29 Jun 2008 Proof-of-concepts: Halo <= 1.07 endless loop 0.1.1
    added support for Halo CE
  • 29 Jun 2008 Fake_players_bug: Halo Fake Players DoS 0.2.1
    added support for Halo CE
  • 29 Jun 2008 Proof-of-concepts: Halo <= 1.06 endless loop 0.1.1
    rewritten with support for Halo CE (this is the old haloloop)
  • 29 Jun 2008 Advisories: Endless loop in Halo 1.07
  • 28 Jun 2008 Advisories: Double Denial of Service in Call of Duty 4 1.7
    updated the cod4vamap advisory, version 1.7 is vulnerable too
  • 28 Jun 2008 Advisories: Multiple vulnerabilities in S.T.A.L.K.E.R. 1.0006
    updated the names of the vulnerable functions in both the advisory and the PoC
  • 28 Jun 2008 Advisories: Multiple vulnerabilities in S.T.A.L.K.E.R. 1.0006
  • 28 Jun 2008 Fake_players_bug: S.T.A.L.K.E.R. Fake Players DoS 0.1a
    added the querying of the server for informations (totally useless)
  • 27 Jun 2008 TestingToolz: UDPSZ 0.2
    added tons of new options and features
  • 27 Jun 2008 Fake_players_bug: Quake 3 engine fake players DoS 0.4.3a
    fixed a bug with -g and more compatibility
  • 27 Jun 2008 Patches: Call of Duty 4 (1.6) work-around for the va() bug 0.1 (Windows)
  • 23 Jun 2008 Advisories: Some bugs in SunAge 1.08.1
  • 22 Jun 2008 Advisories: Double Denial of Service in Call of Duty 4 1.6
  • 22 Jun 2008 Advisories: NULL pointer in World in Conflict 1.008
  • 21 Jun 2008 Research: GS natneg client 0.1.1
    now it's faster and more compatible, in all my tests worked perfectly without timeouts or other errors
  • 20 Jun 2008 Research: Falcom YS games NA/NI/Z files extractor and rebuilder 0.1.3a
    solved a small bug with the handling of wildcards
  • 20 Jun 2008 Research: WorldShift XE files extractor 0.1a
    solved a small bug with the handling of wildcards
  • 20 Jun 2008 MyToolz: CmdDiz 0.1.2a
    solved a small bug with the handling of wildcards
  • 19 Jun 2008 Research: GS natneg client 0.1
    function for the initial implementation of the client-side Gamespy natneg protocol for joining servers behind router/NAT
  • 18 Jun 2008 Fake_players_bug: Halo Fake Players DoS 0.2
    totally rewritten, now works also versus internet servers
  • 18 Jun 2008 Fake_players_bug: Sniper Elite Fake Players DoS 0.1
  • 18 Jun 2008 Fake_players_bug: Sword of the Stars Fake Players DoS 0.1
  • 18 Jun 2008 Research: Gslist 0.8.4e
    fixed a bug in the usage of -Q
  • 17 Jun 2008 Research: Gslist 0.8.4d
    applied the colors filters also to the SQL function and added the -C option which allows to enable or disable this filter
  • 16 Jun 2008 Fake_players_bug: Ventrilo Fake Players DoS and brute forcer 0.2.8a
    now retries the connection for 3 times if this times out
  • 16 Jun 2008 Advisories: Server freezed in Skulltag 0.97d2-RC2
  • 16 Jun 2008 Advisories: NULL pointer in the HTTP rcon server in Crysis 1.21
  • 15 Jun 2008 Advisories: Denial of Service in S.T.A.L.K.E.R. 1.0006
  • 15 Jun 2008 Advisories: Informations disclosure in Crysis 1.21
  • 15 Jun 2008 Fake_players_bug: S.T.A.L.K.E.R. Fake Players DoS 0.1
  • 15 Jun 2008 Fake_players_bug: Crysis invisible Fake Players DoS 0.1
  • 13 Jun 2008 Fake_players_bug: Zdaemon Fake Players DoS 0.1.3
    nothing new, I have only limited the fake players to 2 in 26 seconds to avoid the banning
  • 13 Jun 2008 Fake_players_bug: Skulltag Fake Players DoS 0.1.1
    added support to the latest 0.97d/d2 versions
  • 12 Jun 2008 Fake_players_bug: Battlefield 1942 invisible Fake Players DoS 0.1.3
    added support for demos
  • 09 Jun 2008 Research: WorldShift XE files extractor 0.1
    interesting extractor for the compressed XE archives used in the WorldShift game
  • 08 Jun 2008 Research: Ventrilo RCon tool 0.2.2
    added full support to 3.x servers
  • 08 Jun 2008 Fake_players_bug: Ventrilo Fake Players DoS and brute forcer 0.2.8
    many compatibility fixes and improvements for both the new 3.x and the older servers
  • 07 Jun 2008 Fake_players_bug: Ventrilo Fake Players DoS and brute forcer 0.2.7a
    some important fixes in the handling of the in-game packets and restored the admin brute forcing on 3.x but with a warning
  • 07 Jun 2008 Password_recovery: Steam password decoder 0.2.1
    added support for Vista, thanx again to the same anonymous who contribuited to version 0.2!
  • 06 Jun 2008 Research: Gslist 0.8.4c
    solved a bug in the backup SQL query and removed the underscore filtering (thanx to ouioui), added the -E option for ignoring some SQL errors and -D for choicing a custom amount of milliseconds between each query (-Q/webgui)
  • 06 Jun 2008 Fake_players_bug: Ventrilo Fake Players DoS and brute forcer 0.2.7
    added the support to in-game packets and so to all the derived options for 3.x servers and added also the -j option for testing the brute forcing of the join/server password
  • 05 Jun 2008 MyToolz: MORSE2ASCII 0.1a
    microfix for wrong samples number and better handling of spaces in text visualization
  • 05 Jun 2008 MyToolz: DTMF2NUM 0.1c
    microfix for wrong samples number and better handling of spaces in text visualization
  • 05 Jun 2008 MyToolz: CmdDiz 0.1.2
    now each dictionary is loaded in memory when the program uses it, added complete wildcard support and the word is search on both the keywords list
  • 05 Jun 2008 MyToolz: hosts file/list DNS checker 0.1
    tool which checks if the hostnames listed in a file or contained in a hosts file can be resolved or not
  • 04 Jun 2008 Research: Falcom YS games NA/NI/Z files extractor and rebuilder 0.1.3
  • 04 Jun 2008 Research: Falcom YS games XSO files extractor and rebuilder 0.1.1
  • 04 Jun 2008 Research: Falcom YS games NA/NI/Z files extractor and rebuilder 0.1.2
    fixed a bug with the upper case chars of japanese filenames and added a debug option for encrypting the decrypted NI files
  • 03 Jun 2008 Research: Falcom YS games XSO files extractor and rebuilder 0.1
    tool for extracting and rebuilding the XSO files used in the YS game series of Falcom, these are the files which contain all the dialogs and the texts of the games
  • 03 Jun 2008 Patches: XPDF pdftotext/pdftops/pdfimages allow copying of text (Win32) 0.1
    this patch allows to use the Windows version of XPDF's pdftotext, pdftops and pdfimages on DRM protected PDF files without modifying and recompiling the program
  • 03 Jun 2008 Research: Falcom YS games NA/NI/Z files extractor and rebuilder 0.1.1
    added support to the zeroed compressed files like S_9021__W.YCO.Z of YS6, added an option for extracting/listing only the files with a specific extension and moved a size check to the correct location
  • 02 Jun 2008 MyToolz: webimgms 0.1.1
    some bug fixes, the disable resize option is now default and the mouse visualization is disabled in fullscreen mode
  • 01 Jun 2008 MyMusic: Idea
  • 27 May 2008 Research: Falcom YS games NA/NI/Z files extractor and rebuilder 0.1
    complete tool for extracting and rebuilding/appending the NA/NI/Z archives used by the series of games developed by Falcom like Ys Origin, Ys Felghana and any other which uses these types of files
  • 27 May 2008 MyToolz: Offset file unzipper 0.3.1
    solved some mini bugs like -s which said ever to have found zipped data
  • 27 May 2008 Fake_players_bug: Quake 3 engine fake players DoS 0.4.3
    now the q3unban function generates a smaller connect packet and pb_guid (Enemy Territory) is enabled only when is used -B
  • 27 May 2008 MyToolz: webimgms 0.1
    experimental tool for refreshing the same or sequential images and for slide show, works on both local and remote web images and allows to dump them too
  • 24 May 2008 Research: JmeetREC 0.2b
    passwored cam will be skipped automatically if has been used the o (open) filter
  • 24 May 2008 MyToolz: DirComp 0.2
    completely rewritten and with multifolder comparison
  • 20 May 2008 MyToolz: CmdDiz 0.1.1
    solved some bugs
  • 20 May 2008 Password_recovery: SmartFTP password decoder 0.1
    I have only removed the note about recoverying only own passwords since was wrong
  • 18 May 2008 Password_recovery: SmartFTP password decoder 0.1
  • 18 May 2008 MyToolz: UIF2ISO 0.1.4
    added support to NRG and CUE/BIN output images and forced large file support on Linux
  • 18 May 2008 MyToolz: DAA2ISO 0.1.4a
    forced large file support on Linux
  • 18 May 2008 MyToolz: NRG2CUE generator 0.1
    simple tool which generates a CUE file from a NRG one (both NRG v1 and v2 supported)
  • 18 May 2008 Fake_players_bug: Quake 3 engine fake players DoS 0.4.2c
    now cl_punkbuster is not sent if disabled
  • 16 May 2008 Password_recovery: CamFrog passwords decrypter 0.2
    added support to Serial and ActivationData needed to decrypt the Pro version key
  • 14 May 2008 Research: NCF/CCF packet format to tcpdump capture format 0.1.1
    added support for 802.11 and token ring in NCF
  • 03 May 2008 Advisories: Multiple vulnerabilities in WebMod 0.48
  • 02 May 2008 Advisories: In-game Denial of Service in Call of Duty 4 1.5
  • 02 May 2008 Fake_players_bug: Quake 3 engine fake players DoS 0.4.2b
    automatically compression testing, so is no longer needed to force the -c option with games like Call of Duty 4
  • 30 Apr 2008 MyToolz: myftpidx 0.1.3
    added support to non passive FTP connections
  • 24 Apr 2008 Research: NCF/CCF packet format to tcpdump capture format 0.1
    converts the CommView NCF and CCF dumps to the classical tcpdump CAP format
  • 23 Apr 2008 MyToolz: Mydown and mydownlib 0.2.3
    many improvements (but still backward compatible) and fixes, now mydown is a complete command-line multithread downloader
  • 21 Apr 2008 MyToolz: MORSE2ASCII 0.1
    experimental tool which decodes the morse codes from a PCM WAV file using a volume/peak based method, the tool can also decode the morse codes from text files
  • 21 Apr 2008 MyToolz: Morse generator 0.2
    simple tool which converts an input file to morse notation (like ...___... for SOS)
  • 21 Apr 2008 MyToolz: DTMF2NUM 0.1b
    solved a small bug in the normalization function
  • 20 Apr 2008 Proof-of-concepts: Quake 3 engine directory traversal PoC 0.2.2
    added support to Enemy Territory 2.55
  • 18 Apr 2008 Research: Multi engine RCON tool and password guesser 0.2.3b
    now retakes automatically the rcon challenge if expires
  • 18 Apr 2008 Advisories: Denial of Service in eTrust Secure Content Manager r8
  • 17 Apr 2008 Advisories: Crash in CA ARCserve Backup 12.0.5454.0
  • 16 Apr 2008 Advisories: Denial of Service in PunkBuster (22 Oct 2007)
  • 16 Apr 2008 Advisories: Directory traversal in BigAnt Messenger 2.2
  • 12 Apr 2008 Advisories: NULL pointer in Nero MediaHome 3.3.3.0
  • 12 Apr 2008 Advisories: Upload directory traversal in HP LoadRunner 9.10
  • 12 Apr 2008 Password_recovery: HP LoadRunner password decoder 0.1
    decodes the passwords created for LoadRunner with CryptonApp
  • 11 Apr 2008 Advisories: Directory traversal and multiple Denials of Service in HP OpenView NNM 7.53
  • 11 Apr 2008 Advisories: Denial of Service in SmarterMail 5.0.2999
  • 08 Apr 2008 Advisories: Memory corruption in HP OpenView NNM 7.53
    removed the yesterday's advisory since it was on an old version and modified the latest one
  • 08 Apr 2008 Advisories: Memory corruptions in HP OpenView NNM 7.53
  • 07 Apr 2008 Advisories: Multiple vulnerabilities in HP OpenView NNM 7.53
  • 06 Apr 2008 Research: Ventrilo RCon tool 0.2.1
    added the handling of subchans and batch files
  • 06 Apr 2008 Research: Ventrilo RCon tool 0.2
    rewritten using the ventilofp code (but Ventrilo 3.x is not supported yet), added support to version 2.2, added the /chan custom commands which allow to create/delete/list all the available chans and many bugfixes
  • 06 Apr 2008 Fake_players_bug: Ventrilo Fake Players DoS and brute forcer 0.2.6
    solved the Ventrilo 3.x handshake problem
  • 05 Apr 2008 MyToolz: DTMF2NUM 0.1a
    removed the function which skipped the start/end samples since useless and added a Makefile
  • 02 Apr 2008 Fake_players_bug: Ventrilo Fake Players DoS and brute forcer 0.2.5
    fixed a bug with version 3.x and in fastsend, added an option for setting the phonetic
  • 02 Apr 2008 Fake_players_bug: Flashchat Fake Players DoS 0.1.2c
    rewritten the function which loads user:pass from file
  • 01 Apr 2008 Advisories: Directory traversal in LANDesk Management Suite 8.80.1.1
  • 31 Mar 2008 MyToolz: DTMF2NUM 0.1
    tool for decoding DTMF and MF tones from PCM wave files
  • 29 Mar 2008 Advisories: Directory traversal in 2X ThinClientServer v5.0_sp1-r3497
  • 29 Mar 2008 Advisories: Denial of Service in SLMail Pro 6.3.1.0
  • 29 Mar 2008 Fake_players_bug: Ventrilo Fake Players DoS and brute forcer 0.2.4
    added support for the new Ventrilo 3 centralized handshake and a verbose and fast join/exit options
  • 27 Mar 2008 Proof-of-concepts: LANDesk Classroom Manager / LanSchool <= 7.0.3.5 fun and bugs 0.1.1
    corrected the IP based encryption algorithm
  • 26 Mar 2008 MyToolz: ZipComp 0.4.1
    large files and big endian support
  • 26 Mar 2008 Advisories: Multiple vulnerabilities in solidDB 06.00.1018
  • 26 Mar 2008 Proof-of-concepts: LANDesk Classroom Manager / LanSchool <= 7.0.3.5 fun and bugs 0.1
  • 25 Mar 2008 MyToolz: myftpidx 0.1.2
    solved a small bug and added options for verbose output, full URL, choosing of fields to visualize and HTML output
  • 24 Mar 2008 MyToolz: mydownlib 0.2.2a
    solved bug with e-mail passwords
  • 24 Mar 2008 MyToolz: myftpidx 0.1.1a
    solved bug with e-mail passwords
  • 23 Mar 2008 MyToolz: myftpidx 0.1.1
  • 22 Mar 2008 MyToolz: myftpidx 0.1
    tool for indexing recursively any file available inside an FTP server
  • 21 Mar 2008 Research: Gslist 0.8.4b
    improvements of the -Q option
  • 21 Mar 2008 Advisories: Buffer-overflow in ASUS Remote Console 2.0.0.19
  • 20 Mar 2008 Advisories: Multiple heap overflows in xine-lib 1.1.11
  • 19 Mar 2008 Research: Gslist 0.8.4a
    fixed bug in -z
  • 19 Mar 2008 Research: Gslist 0.8.4
    fixed some bugs added pings in the -Q queries and the possibility of querying a custom list of servers
  • 19 Mar 2008 Research: GS enctype1 servers list decoder 0.1a
    only removed the static buffers and added the enctype1_wrapper function
  • 19 Mar 2008 Research: GS enctype2 servers list decoder 0.1.1a
    only removed the static buffers and added the enctype2_wrapper function
  • 18 Mar 2008 MyToolz: DAA2ISO 0.1.4
    added password/encryption support, solved some micro bugs or compatibility problems and added some small enhancements
  • 18 Mar 2008 MyToolz: UIF2ISO 0.1.3
    added password/encryption support, solved some micro bugs or compatibility problems and added some small enhancements
  • 16 Mar 2008 Advisories: Update about vlcboffs
    the buffer-overflow in ParseSSA in VLC has not been patched in version 0.8.6e
  • 16 Mar 2008 Advisories: Buffer-overflow in BootManage TFTPD 1.99
  • 16 Mar 2008 Research: ISI rFactor files decrypter 0.1.1
    fixed a bug in the decryption function
  • 16 Mar 2008 Research: ISI rFactor files decrypter 0.1
    decrypter for the meshes/GMT files which can be used in this game
  • 16 Mar 2008 Fake_players_bug: Flashchat Fake Players DoS 0.1.2a
    adjusted some free()
  • 14 Mar 2008 Advisories: Multiple vulnerabilities in Net Inspector 6.5.0.828
  • 12 Mar 2008 Advisories: Format string in McAfee Framework 3.6.0.569 (ePolicy Orchestrator 4.0)
  • 10 Mar 2008 Advisories: Vulnerabilities in Timbuktu Pro 8.6.5
  • 10 Mar 2008 Advisories: Multiple vulnerabilities in ASG-Sentry 7.0.0
  • 08 Mar 2008 Advisories: NULL pointer in Remotely Anywhere 8.0.668
  • 08 Mar 2008 Advisories: Directory traversal in Argon Client Management Services 1.31
  • 08 Mar 2008 Advisories: Directory traversal and NULL pointer in Acronis PXE Server 2.0.0.1076
  • 08 Mar 2008 Advisories: Invalid memory access in Acronis True Image Group Server 1.5.19.191
  • 08 Mar 2008 Advisories: NULL pointer in Acronis True Image Windows Agent 1.0.0.54
  • 08 Mar 2008 Advisories: Denial of Service in PacketTrap TFTP server 2.0.3901.0
  • 07 Mar 2008 Advisories: Multiple vulnerabilities in MailEnable Professional/Enterprise 3.13
  • 06 Mar 2008 Advisories: Directory traversal in MicroWorld eScan Server 9.0.742.98
  • 05 Mar 2008 Fake_players_bug: Quake 3 engine fake players DoS 0.4.2a
  • 05 Mar 2008 Advisories: Multiple vulnerabilities in Perforce Server 2007.3/143793
  • 04 Mar 2008 Advisories: Arbitrary commands execution in Versant Object Database 7.0.1.3
  • 03 Mar 2008 Advisories: Heap overflow in Borland VisiBroker Smart Agent 08.00.00.C1.03
  • 02 Mar 2008 Advisories: Multiple vulnerabilities in Borland StarTeam MPX 6.7
  • 02 Mar 2008 Advisories: Multiple integer overflows in Borland StarTeam server 10.0.0.57
  • 28 Feb 2008 Advisories: Denial of Service in SmsGate 1.1n
  • 27 Feb 2008 Advisories: Buffer-overflow in the passwords handling of Trend Micro OfficeScan 8.0 and possibly other products
  • 26 Feb 2008 Password_recovery: Steam password decoder 0.2
    completely rewritten, multi-platform, easier to use and no longer DLL dependent (thanx to an anonymous)
  • 25 Feb 2008 Advisories: NULL pointer in SurgeFTP 2.3a2
  • 25 Feb 2008 Advisories: Format string and buffer-overflow in SurgeMail 38k4
  • 25 Feb 2008 Proof-of-concepts: SIDVault <= 2.0f "+" strstr Denial of Service 0.1
  • 22 Feb 2008 Advisories: Multiple vulnerabilities in Double-Take 5.0.0.2865
  • 21 Feb 2008 Advisories: Denial of Service in Zilab Remote Console Server 3.2.9
  • 21 Feb 2008 Advisories: Multiple vulnerabilities in Zilab Chat and Instant Messaging 2.1
  • 20 Feb 2008 Advisories: Heap overflow in Sybase MobiLink 10.0.1.3629
  • 19 Feb 2008 Advisories: Multiple buffer-overflow in NowSMS v2007.06.27
  • 19 Feb 2008 Advisories: Directory traversal in SCI Chat v3.4.9
  • 18 Feb 2008 Advisories: Access violation and limited informations disclosure in webcamXP 3.72.440.0
  • 17 Feb 2008 Advisories: NULL pointer crash in freeSSHd 1.20
  • 17 Feb 2008 Proof-of-concepts: Pragma FortressSSH <= 5.0.4.293 Denial of Service 0.1.1
    better protocol compatibility
  • 16 Feb 2008 Advisories: Two heap overflow in Foxit WAC Server 2.0 Build 3503
  • 16 Feb 2008 Proof-of-concepts: ProSSHD 1.0 20070707 resources eater 0.1
  • 16 Feb 2008 Proof-of-concepts: VanDyke VShell 3.0.3-569 exception message 0.2
    PoC rewritten
  • 14 Feb 2008 Research: Teamspeaklist 0.1.1
    fixed a problem with swapped IP addresses, thanx a lot to Steven Hartland
  • 14 Feb 2008 MyToolz: DAA2ISO & UIF2ISO
    no updates, I have simply separated the executable and the source code in two packages
  • 12 Feb 2008 Advisories: Directory traversal and DoS in WinIPDS G52-33-021
  • 11 Feb 2008 Advisories: Unicode buffer-overflow in RPM Remote Print Manager 4.5.1.11
  • 11 Feb 2008 Advisories: Format string and buffer-overflow in Lst Network Print Server 9.4.2 build 105
  • 11 Feb 2008 Advisories: Format string and DoS in Opium4 OPI and cyanPrintIP servers 4.10.x
  • 10 Feb 2008 Advisories: Directory traversal in SafeNet Sentinel Protection and Key Server 7.4.1.0
  • 10 Feb 2008 Advisories: Multiple vulnerabilities in EztremeZ-IP File and Printer Server 5.1.2x15
  • 08 Feb 2008 Advisories: NULL byte writing in Emerald, RadiusNT and Air Marshal
  • 07 Feb 2008 Advisories: Multiple vulnerabilities in Ipswitch Instant Messaging 2.0.8.1
  • 06 Feb 2008 Advisories: Logs visualization in WS_FTP Server Manager 6.1.0.0
  • 06 Feb 2008 Advisories: Chat vulnerabilities in TinTin++ 1.97.9
  • 04 Feb 2008 Advisories: Multiple vulnerabilities in WinCom LPD Total 3.0.2.623
  • 04 Feb 2008 Advisories: Multiple vulnerabilities in SAPlpd 6.28
  • 04 Feb 2008 Advisories: Socket termination in FTP Log Server 7.9.14.0
  • 01 Feb 2008 Password_recovery: Winzip wjf xflags password decrypter 0.1
    decrypts all the xflags passwords in the job files
  • 31 Jan 2008 MyToolz: Signsrch 0.1.4
    finally signsrch can be called from any location, it's enough that the signature file is in the same folder of signsrch
  • 31 Jan 2008 MyToolz: Simple UDP proxy/pipe 0.3a
    big endian compatibility of the -a option
  • 31 Jan 2008 Advisories: Denial of Service in Print Manager Plus 7.0.127.16
  • 31 Jan 2008 Patches: Half-Life x.1.1.1e (Windows and Linux) hlfreeze/hl-headnut/csdos/btbp fix 0.1.1
    added an experimental fix, available only for Windows, for the Born to be pig attack
  • 28 Jan 2008 MyToolz: DAA2ISO 0.1.3
    automatic mini GUI for Windows, big endian support and readme: now choosing the DAA/UIF file to convert is just the matter of a couple of clicks without using the console
  • 28 Jan 2008 MyToolz: UIF2ISO 0.1.2
    automatic mini GUI for Windows, big endian support and readme
  • 27 Jan 2008 Advisories: Crash in BitTorrent 6.0.1 and uTorrent 1.7.6 through webui
  • 27 Jan 2008 Research: GSPlayers 0.1.1
    now is possible to choose a custom search query
  • 24 Jan 2008 Advisories: Multiple crashes in Steamcast 0.9.75
  • 21 Jan 2008 MyToolz: DAA2ISO 0.1.2
    fseek 64 bit on Mingw and Makefile
  • 21 Jan 2008 MyToolz: UIF2ISO 0.1.1
    fseek 64 bit on Mingw and Makefile
  • 16 Jan 2008 Advisories: Peers static overflow in BitTorrent 6.0 and uTorrent 1.7.5
  • 13 Jan 2008 Proof-of-concepts: Quicktime Player <= 7.3.1.70 HTTP error message buffer-overflow 0.1
    full proof-of-concept which can be transformed in a code execution exploit simply passing the offset, the return address and the shellcode you want
  • 13 Jan 2008 Research: Multi engine RCON tool and password guesser 0.2.3a
    -x forces the scanning in any case
  • 10 Jan 2008 Advisories: Buffer-overflow in Quicktime Player 7.3.1.70
  • 10 Jan 2008 Proof-of-concepts: SAP MaxDB <= 7.6.03.07 remote command execution 0.1.1
    added major verbosity and customization
  • 09 Jan 2008 Advisories: Pre-auth remote commands execution in SAP MaxDB 7.6.03.07
  • 08 Jan 2008 Research: Multi engine RCON tool and password guesser 0.2.3
    added an option which ignores the data sent by the server, useful in some rare cases for the RCON DoS
  • 08 Jan 2008 Advisories: rmff_dump_header heap-overflow in Xine 1.1.9
  • 08 Jan 2008 Advisories: sdpplin_parse heap-overflow in VLC 0.8.6d
  • 08 Jan 2008 Advisories: report buffer-overflow in xtacacsd 4.1.2
  • 04 Jan 2008 Proof-of-concepts: mySQL <= 6.0 (yaSSL <= 1.7.5) pre-auth buffer-overflow 0.1
  • 04 Jan 2008 Advisories: Multiple vulnerabilities in yaSSL 1.7.5
  • 04 Jan 2008 Advisories: Crash in Foxit WAC Server 2.1.0.910
  • 02 Jan 2008 MyToolz: Simple TCP proxy/datapipe 0.4.3
    fixed the endian of the ports dumped with -d
  • 02 Jan 2008 Advisories: Multiple vulnerabilities in Georgia SoftWorks SSH2 Server 7.01.0003
  • 02 Jan 2008 Advisories: Buffer-overflow and format string in White_Dune 0.29beta791
  • 02 Jan 2008 Advisories: Denial of Service in Pragma FortressSSH 5.0.4.293
  • 02 Jan 2008 Advisories: Denial of Service in Pragma TelnetServer 7.0.4.589
  • 02 Jan 2008 Advisories: Exception message in Seattle Lab Telnet Server 4.1.1.3758
  • 02 Jan 2008 Advisories: Exception message in VanDyke VShell 3.0.3.569
  • old News

NOTE: I update VERY frequently all the material you find here for example adding more info, changing the style of the documents, rewriting and adding code and more other things. So stay tuned if you are interested in my works and my research!
Contact me if you have any idea, question, comment, exception, project or any other thing.