Not sure if you want to integrate the following, how you want to credit, etc. So opening a ticket instead of a PR.
https://twitter.com/RevBits/status/851083571506929670
Our early analysis: "esna" is a 0day RCE for iPlanet Messaging Server.Have hardcoded offsets for different versions
https://twitter.com/juliocesarfort/status/850755910322532353
up/extinctspinach seems to be exploiting this vulnerability from 2001 in Chili!Soft:
https://lwn.net/2001/0222/a/sec-chilisoft.php3
https://twitter.com/buherator/status/851170464466653185
estopmoonlit is a Linux kernel exploit
https://twitter.com/buherator/status/851169307060994048
estesfox is a logwatch race condition privesc, probably CVE-2002-0162 http://www.securityfocus.com/bid/4374 (possible bug collision?)
https://twitter.com/buherator/status/851173226088730625
evolvingstrategy seems to exploit a basic SUID command injection in /var/emdg/sbin/iptaction - any ideas what this SW is?
https://twitter.com/buherator/status/851174712965312512
./Linux/bin/EE is a remote post-auth proftpd 1.2.8 exploit
https://twitter.com/buherator/status/851176013103026176
ESCROWUPGRADE seems like this Solaris cachefsd exploit by LSD - copyright notice removed :P https://www.exploit-db.com/exploits/21437/
https://twitter.com/GlassKeys/status/850780470682030081
xmlrpc.php used in Drupal, b2evolution, TikiWiki
https://twitter.com/buherator/status/850710836259815424
Based on strings EXACTCHANGE looks like a kernel exploit
https://twitter.com/juliocesarfort/status/850753804790312968
/Linux/bin/apache-ssl-linux seems to be a variant of openssl-too-open.c SSL2 KEY_ARG overflow - maybe OpenFuckv2?
https://twitter.com/adriaan92/status/850746329575948289
ELECTRICSLIDE: "Heap Overflow in squid 2.5.STABLE1-2 redhat 9.0" #shadowbrokers
https://twitter.com/RevBits/status/851077319485784064
Our early analysis: sneer is a 0day remote root exploit for SunOS snmp agent, mibissa. Uses UDP. ~takes 4:04 mins
https://twitter.com/hackerfantastic/status/850797960652890112
dw.linux - this looks like a previously unknown one (0day?), RPC dmispd exploit for Solaris 6 / 7 / 8
Not sure if you want to integrate the following, how you want to credit, etc. So opening a ticket instead of a PR.
https://twitter.com/RevBits/status/851083571506929670
Our early analysis: "esna" is a 0day RCE for iPlanet Messaging Server.Have hardcoded offsets for different versions
https://twitter.com/juliocesarfort/status/850755910322532353
up/extinctspinach seems to be exploiting this vulnerability from 2001 in Chili!Soft:
https://lwn.net/2001/0222/a/sec-chilisoft.php3
https://twitter.com/buherator/status/851170464466653185
estopmoonlit is a Linux kernel exploit
https://twitter.com/buherator/status/851169307060994048
estesfox is a logwatch race condition privesc, probably CVE-2002-0162 http://www.securityfocus.com/bid/4374 (possible bug collision?)
https://twitter.com/buherator/status/851173226088730625
evolvingstrategy seems to exploit a basic SUID command injection in /var/emdg/sbin/iptaction - any ideas what this SW is?
https://twitter.com/buherator/status/851174712965312512
./Linux/bin/EE is a remote post-auth proftpd 1.2.8 exploit
https://twitter.com/buherator/status/851176013103026176
ESCROWUPGRADE seems like this Solaris cachefsd exploit by LSD - copyright notice removed :P https://www.exploit-db.com/exploits/21437/
https://twitter.com/GlassKeys/status/850780470682030081
xmlrpc.php used in Drupal, b2evolution, TikiWiki
https://twitter.com/buherator/status/850710836259815424
Based on strings EXACTCHANGE looks like a kernel exploit
https://twitter.com/juliocesarfort/status/850753804790312968
/Linux/bin/apache-ssl-linux seems to be a variant of openssl-too-open.c SSL2 KEY_ARG overflow - maybe OpenFuckv2?
https://twitter.com/adriaan92/status/850746329575948289
ELECTRICSLIDE: "Heap Overflow in squid 2.5.STABLE1-2 redhat 9.0" #shadowbrokers
https://twitter.com/RevBits/status/851077319485784064
Our early analysis: sneer is a 0day remote root exploit for SunOS snmp agent, mibissa. Uses UDP. ~takes 4:04 mins
https://twitter.com/hackerfantastic/status/850797960652890112
dw.linux - this looks like a previously unknown one (0day?), RPC dmispd exploit for Solaris 6 / 7 / 8