A basic backdoor program, but with a couple of neat features that "secure" the backdoor from being widely misused.
ef80817db5632b4c4ce350529db9e9aeb2d87a07cc3242b67845fbac55cef45e
Security hole in the pop2 daemon packaged with imap-4.4 and earlier releases allows remote attacker to gain shell access as user 'nobody'. Solution: Upgrade to imap-4.5.
cfadeca3ce1251f5c1cfbc32ae8edba06d169aafe6d16eb6620aa93bd8603f9b
Proof of concept exploit code that effectively demonstrates how the time() system call can be faked via procfs on Solaris. Numerous security implications.
50bb9ae8cef0621856f0a5673ed2191194bccb5e3eb6f4733d0446d5c62db3a9
Another Coldfusion exploit scanner, but this version scans entire subnets and is much faster than other Coldfusion exploit scanners. Excellent platform portability and clean, fresh code.
70a641cb517c84495a263eb5c9e291b99beabbb498337dccd5aa11982ebb6b80
"Exploiting Windows NT 4 Buffer Overruns - A Case Study: RASMAN.EXE" - excellent paper that details how to exploit Windows NT buffer overflows. Proof of concept exploit code and step-by-step exploit instructions included.
f5fd6b38305845ad79b167c9c4b204b8648c758d5cfc4cf8bb4fc8696262a445
Simple, but useful, code snippet that uses ptrace() to intercept and modify the return value of a system call.
4b11cdaa196778252b1a0065d37767750e2789ab54faf5e34f21ef7384382cf5
May SANS Security Digest Vol.3 Num.5 - the latest issue of the excellent, comprehensive SANS Security Digest, with information regarding Intrusion Detections and security issues and general info for all major operating systems. SANS
8bc0349eb5f8391bc179497dee82698e4b0aa0e0cc3953c654762aed0fbf68e3
Shockwave v1.2 sends random data to random ports on a remote host at a very fast rate, disconnecting targeted remote hosts from ICQ/IRC servers, lagging remote machines, rendering dialup connections useless.
600c57d50583f8bcca2ec68ff8925d828cf9f4593aeb0e146020394ab1667dad
Shockwave v1.1 is a Denial of Service program that sends random data to random ports on a remote host at a very fast rate. For Windows.
badbb538960c333225da206009cc503dbe1f83d3010900648e4ee735dc4907cf
showcode is a vulnerability scanner that checks for the Microsoft IIS 4.0 showcode.asp vulnerability. Optionally scans entire subnets.
bd7b50a1e093ae9be812832ef7110674f782cce124e9b0d3ebf6971c54869d03
Description of SunOS 5.7 rmmount exploit that allows local user to gain root privileges.
1c8000a8338ad043357d3c695a1170b2629a79bceb92c272302b6e929f3fdd8a
When installed under certain common conditions, a security bug in sshd allows any user to easily gain root access.
ac8ea21086f248fe212f6d9c97bfa9823fade62b29e76bbdfd985b4b3eaa5f36
Vulnerabilities in Sun Solaris 2.6 SNMP - excellent whitepaper that details security vulnerabilities in Sun's implementation of SNMP, with several exploit descriptions included. One of those "must read" documents for any Sun/Solaris admin.
af8f02a96f68f3094f81a9bf39872f293d1cbb6c1c5001bf27a468fa2e7f57ca
Brief description of the lpset buffer overflow present in Solaris 2.6 (x86).
04c7879d68dbf545800fd1bbd80493a87d5865c604492d6e951798961d6b9aad
Sun Microsystems SunSolve Online knowledge database allows malicious users to access privileged information, such as password files and network configurations, about other customers.
0a3bb64ba2c11c63893be8eee868b3b2a0cc43c09ad361fab4244af9c776c5b9
Buffer overflow in tcsh can potentially result in root compromise.
0535f1dababab97e1c288e506c7850d7b4d287dfc34694cfb4fc43249a2d8356
tmp-racer is a shell script that exploits programs that make insecure uses of /tmp.
99cd1d1f8067b36cc4cd7c27c668fdbd2663f2f6cef3eba89c8800e7e57fa1bc
Another remote/local root exploit for wu-ftpd [12] through [18]. Featured in b4b0 #7, coded by smiler and cossack.
b07ed8f9491a10012ed3b264479acb7ec53c9e9345a97b05bae7b4a4abdcd060
Buffer overflow in SmartDesk WebSuite v2.1 for Windows 98/NT allows remote attacker to execute denial of service attacks, crashing the SDWEBSRV.EXE server.
c2577e6ca6cb18a3a4a24c93809ae56584b86bd9c80cd44a7c13e0a580c8ac61
Exploit code and detailed analysis of the Winhlp32.exe buffer overrun. Source code for Windows NT exploit program included.
5ada3409d824fe92b4b7dc8c2680b3a9cca11f1b0c0f7dd5ccdf14368bea1191
Buffer overflow in the WinAMP Windows sound player allows remote attacker to launch simple denial of service attacks that crash WinAMP.
fba27144ec67d704c742b4053217af504fcb6f83072958d7848afbf8c4215156
Details of the very weak encryption used by Windows applications, and a couple of good tips about ways to increase password security. Probably nothing new here for the veteran NT admin, but well worth reading if you use Win32 at all.
2dd4a057e2dada06f9bd4c26aacc631051dcfd6afc0aa8b18419ca6e86779733
Compiled exploit code for Windows NT Winhlp32.exe buffer overrun condition.
391e552b0213d8963f9635fa9350a9e550fcd58814c6d5ebf5e15ba2f8115bd2
The Freedom privacy software by Zero-Knowledge Systems is vulnerable to a practical attack, described by Wei Dai, that reveals the supposedly anonymous routes used by the ZKS Freedom software user. In other words, the use of only link padding (ZKS uses no end-to-end padding) means that ZKS Freedom actually provides no security or privacy at all for the end user.
58a9db313bfce345ac548311bcc9790cd8014f0802cf762b4dc7e4eb6128f4b7
New Denial of Service suite that utilizes Back Orifice servers to launch very effective "spoofed" smurf-like attacks with malformed packets and a very impressive amplification ratio.
f7734d4876141f17b8d3a8d7cb53270036699186d63d4f46c2f3eb2a40b3585b