ie_aurora
Acts as a web server that generates an exploit to
target a vulnerability
(CVE-2010-0249) in Internet Explorer.
The exploit was tested using Internet Explorer 6 on Windows XP SP2.
The exploit's payload spawns the calculator.
Source code
adobe_newplayer
Source code
Language: Python
Generates a PDF file that exploits a vulnerability
(CVE-2009-4324)
in Adobe Reader and Acrobat.
The generated PDF file was tested using Adobe Reader 9.2.0 on Windows XP SP3.
The exploit's payload spawns the calculator.
Source code
adobe_collab_geticon
Source code
Language: Python
Exploits a vulnerability
(CVE-2009-0927)
in Adobe Reader via the web.
The exploit was tested using Firefox 3.0.8 on Windows XP SP3 that
has Adobe Reader 9.0.0 installed.
The exploit's payload spawns the calculator.
Source code
DupReveal
Source code
Language: Python
Tool to identify duplicate files in a given folder. The tool
groups the paths of the duplicate files in the output file.
Source code
WordToExcel
Source code
Language: Python
Tool to move data from tables in a Microsoft
Word document to cells in a Microsoft Excel document.
The tool relies on the
Win32 extensions
for Python to communicate with Microsoft Word and Excel.
Source code
HashFile
Source code
Language: Python
Tool to compute and display the MD5 and SHA-1 message digests for a given file.
Source code
ie_owc
Source code
Language: Python
Acts as a web server that generates an exploit to
target a vulnerability
(CVE-2009-1136)
in an ActiveX control (Microsoft Office Web Components) used by Internet Explorer.
The exploit was tested using Internet Explorer 7.0.5730.13 on Windows XP SP3 with owc10.dll and
owc11.dll installed on the system.
The exploit causes the browser to spawn the calculator.
Source code
ie_mpeg2tunerequest
Source code
Language: Python
Acts as a web server that generates an exploit to
target a vulnerability
(CVE-2008-0015)
in an ActiveX control (Microsoft MPEG2TuneRequest) used by Internet Explorer.
The exploit was tested using Internet Explorer 7.0.5730.13 on Windows XP SP3.
The exploit causes the browser to spawn the calculator.
Source code
safari_xml_crash
Source code
Language: Python
Acts as a web server that generates an exploit to
target a vulnerability
(CVE-2009-1233)
in the Apple Safari browser.
The exploit was tested using Safari 3.2.2 and 4 (BETA) on Windows.
The exploit causes the browser to crash and terminate.
Source code
opera_xml_crash
Source code
Language: Python
Acts as a web server that generates an exploit to
target a vulnerability
(CVE-2009-1234)
in the Opera browser.
The exploit was tested using Opera 9.64 on Windows.
The exploit causes the browser to crash and terminate.
Source code
ie_delobject
Source code
Language: Python
Acts as a web server that generates an exploit to
target a vulnerability
(CVE-2009-0075)
in Internet Explorer 7.
The exploit was tested using Internet Explorer 7.0.5730.11 on Windows XP SP2
and Internet Explorer 7.0.5730.13 on Windows XP SP3.
The exploit causes the browser to spawn the calculator.
Source code
scorpion
Source code
Language: Python
Tool for converting x86 assembly code to a nicely formatted shellcode, which
is displayed in hex and UTF-16. The tool relies on
NASM to convert the assembly instructions to raw machine code.
Source code
Sample input
Sample output
funres
vmpy
Source code
Sample input
Sample output
Language: Python
Python wrapper for the vmrun command-line tool from VMware.
Vmpy supports VMware Workstation and wraps all the important functions that can be used to control
a virtual machine. It was tested with VMware Workstation 6.5.
Source code
Usage example
DLLInjector
Source code
Usage example
Language: Python
Tool for injecting a DLL into a running process.
The tool optionally displays the process IDs of all running processes in the system.
Source code
Executable
ServCtl
Source code
Executable
Language: C (Windows)
Graphical tool for loading and unloading Windows drivers.
Source code
Executable
proxio
Source code
Executable
Language: C (Windows)
Tool for checking the connectivity of proxies.
Source code
Sample input
Sample output
spambye
Source code
Sample input
Sample output
Language: Python
Bayesian spam filter that can classify messages into one of two categories (spam or non-spam) with high accuracy. The paper describing spambye can be found here. I implemented the GUI using SWT.
Source code
Loadable Kernel Module
Source code
Language: Java
Skeleton code for a loadable kernel module that can show you how to you can modify the pointers in the system call table
to point to your code. In the code I'm intercepting the mkdir system call. Once you load the module,
you can only create a directory called "example". Note that the address of the system call table is
hardcoded in the code. You can find the address of the system call table on your system by looking in /boot/System.map*.
Source code
pGINA plug-ins
Source code
Language: C (Linux)
pGINA is a substitube for GINA (in Windows) that can dynamically load plug-ins which can be
created to use any method of authentication. I implemented two different plug-ins for pGINA that allow you to authenticate
your Windows users against an SSH server or an email server (POP3/IMAP) with or without SSL.
SSH plug-in source code
SSH plug-in installer
Email plug-in source code
Email plug-in installer
LuFS
RSA Cryptosystem
SSH plug-in source code
SSH plug-in installer
Email plug-in source code
Email plug-in installer
Language: C (Windows)
RSA is an algorithm for public-key encryption. My implementation of the RSA algorithm can be used for encrypting/decrypting files and creating/verifying signatures with SHA-1. I used both the GMP and NTL libraries to do all the number theory stuff. The current implementation does the encryption and decryption correctly but it does not store the keys for later use. I will be adding more features to my implementation in the future.
Source code
BBS (Blum-Blum-Shub) pseudorandom number generator
Source code
Language: C++ (Linux)
A pseudorandom number generator (PRNG) is an algorithm that generates a sequence of numbers which are not truly random. These numbers approximate some of the properties of random numbers. I implemented the Blum-Blum-Shub pseudorandom number generator which can be used in Cryptographic applications. I used the GMP library to do all the number theory stuff.
Source code
Distributed Ray Tracer
Source code
Language: C++ (Linux)
Ray tracing is a technique used to model the path taken by light and its interaction with optical surfaces. I implemented a distributed ray tracer that can render soft phenomena. My implementation ray traces spheres and planes and simulates soft shadows, blurry reflections and refractions, depth of field, and motion blur.
Source code
Source code
Language: C++ (Linux)