exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 18 of 18 RSS Feed

Files

enum.tar.gz
Posted Oct 21, 2003
Site razor.bindview.com

Enum is a console-based Win32 information enumeration utility. Using null sessions, enum can retrieve userlists, machine lists, sharelists, namelists, group and member lists, password and LSA policy information. enum is also capable of a rudimentary brute force dictionary attack on individual accounts. &nbs;

systems | windows
SHA-256 | ef78f9a8ba0b828bd878764098066000235132b2f9fef67ca988cb1f8dd17470
porttool.zip
Posted Oct 21, 2003
Site razor.bindview.com

Porttool is the proof-of-concept code for the Windows LPC ports vulnerabilities reported by RAZOR to Microsoft.

tags | vulnerability
systems | windows
SHA-256 | 8638fb3a54caa3088878ac46ac7f1f2c080dd71ed386b32ba7d5007f372c9070
acltools-1.0.zip
Posted Oct 21, 2003
Site razor.bindview.com

ACL tools contains two tools: lsaacl and samacl. lsaacl allows allows you to display and edit security descriptors for LSA objects. samacl allows you to display and edit security descriptors for SAM objects.

SHA-256 | ba7775253e27a833211ff12358821b81fad79f0e34f49f7581c5e1897feabf1a
rpctools-1.0.zip
Posted Oct 21, 2003
Site razor.bindview.com

The RPC tools package contains three separate tools for obtaining information from a system that is running RPC services. rpcdump allows you to dump the contents of the endpoint mapper database. ifids is similar to rpcdump but allows you to query a single RPC server and can even allow you to query an RPC server which is not listed in the endpoint map obtained with rpcdump above. walksam is a tool which allows you to dump the information of each user found within the SAM database via Named Pipes or using the additional protocol sequences used by Windows 2000 domain controllers.

tags | protocol
systems | windows
SHA-256 | 1526cb1947be29fc1bf338f36f7c4b647ca7000ccaf9d08eccbceccb426bffcc
fenris-0.7-m.tgz
Posted Oct 21, 2003
Authored by Michal Zalewski | Site razor.bindview.com

Fenris is a multipurpose tracer, stateful analyzer and partial decompiler intended to simplify bug tracking, security audits, code, algorithm, protocol analysis and computer forensics by providing a structural program trace, general information about internal constructions, execution path, memory operations, I/O, conditional expression info, and much more. A small demonstration how this tool works can be found here.

Changes: maintenance release: new fingerprints, bug-fixes.
tags | protocol
SHA-256 | 9db900b88bac67205c493bfdf4780d55020f71d6cf69ea0fd2a01fa148619d7e
fenris-0.7.tgz
Posted Sep 5, 2002
Authored by Michal Zalewski | Site razor.bindview.com

Fenris is a multipurpose tracer, stateful analyzer and partial decompiler intended to simplify bug tracking, security audits, code, algorithm, protocol analysis and computer forensics by providing a structural program trace, general information about internal constructions, execution path, memory operations, I/O, conditional expression info, and much more. A small demonstration how this tool works can be found here.

Changes: Includes some fixes and enhancements, including bugfixes to the build process and companion tools.
tags | protocol
SHA-256 | 3a78f90ba3e009725dd21c6697b5a180836d3047bf155818439009389e28658f
razor.chfn.txt
Posted Jul 30, 2002
Authored by Michal Zalewski | Site razor.bindview.com

Razor Advisory - A locally exploitable vulnerability is present in the util-linux package shipped with Red Hat Linux and numerous other Linux distributions. Chfn and chsh are affected. Tested against Red Hat Linux 7.3 and below.

systems | linux, redhat
SHA-256 | f33c78e000c95226dc9e980eef83fefd8f6895c01bda0b30a85f012ad3ca7906
fenris-0.7b.tgz
Posted Jun 13, 2002
Authored by Michal Zalewski | Site razor.bindview.com

Fenris is a multipurpose tracer, stateful analyzer and partial decompiler intended to simplify bug tracking, security audits, code, algorithm, protocol analysis and computer forensics by providing a structural program trace, general information about internal constructions, execution path, memory operations, I/O, conditional expression info, and much more. A small demonstration how this tool works can be found here.

Changes: Repaired syscall breakpoint functionality in Aegir, problems on RedHat 7.3, and made some minor fixes.
tags | protocol
SHA-256 | 447932c5e732d97ca339be5ddc5f94b42a695561b36cbd93615154bb8cd4e733
fenris-0.06.tgz
Posted Jun 3, 2002
Authored by Michal Zalewski | Site razor.bindview.com

Fenris is a multipurpose tracer, stateful analyzer and partial decompiler intended to simplify bug tracking, security audits, code, algorithm, protocol analysis and computer forensics by providing a structural program trace, general information about internal constructions, execution path, memory operations, I/O, conditional expression info, and much more. A small demonstration how this tool works can be found here.

Changes: GUI is now stable. There are several bugfixes, efficiency improvements, anti-debugging trap detection, better blocking syscall handling, and many more features.
tags | protocol
SHA-256 | 0505286f46a92eb98b135d52dc93d6949ecd18418ec1911d8d5d74825a2b4099
fenris-0.05.tgz
Posted May 25, 2002
Authored by Michal Zalewski | Site razor.bindview.com

Fenris is a multipurpose tracer, stateful analyzer and partial decompiler intended to simplify bug tracking, security audits, code, algorithm, protocol analysis and computer forensics by providing a structural program trace, general information about internal constructions, execution path, memory operations, I/O, conditional expression info, and much more. A small demonstration how this tool works can be found here.

Changes: Interactive debugging capabilities introduced and added burneye tracing.
tags | protocol
SHA-256 | e14cf365038e3721d3bd54233921777299724de0333f64d9953c009fe8fe0887
fenris-0.03.tgz
Posted May 19, 2002
Authored by Michal Zalewski | Site razor.bindview.com

Fenris is a multipurpose tracer, stateful analyzer and partial decompiler intended to simplify bug tracking, security audits, code, algorithm, protocol analysis and computer forensics by providing a structural program trace, general information about internal constructions, execution path, memory operations, I/O, conditional expression info, and much more. A small demonstration how this tool works can be found here.

Changes: Includes a new utility called dress which reconstructs symtabs in ELF static stripped binaries, and write new ELFs suitable for use with gdb, objdump, nm, etc, and other minor improvements.
tags | protocol
SHA-256 | f3e73051c8780f7ebb6d3106fec7d584c33baff1a3a3aa5e831467983b03a4a6
fenris-0.2.tgz
Posted May 15, 2002
Authored by Michal Zalewski | Site razor.bindview.com

Fenris is a multipurpose tracer, stateful analyzer and partial decompiler intended to simplify bug tracking, security audits, code, algorithm, protocol analysis and computer forensics by providing a structural program trace, general information about internal constructions, execution path, memory operations, I/O, conditional expression info, and much more. A small demonstration how this tool works can be found here.

Changes: Many fixes, new fingerprints, op5ionw and several optimizations.
tags | protocol
SHA-256 | 918de9718405630e09b3b3c2dfc3fea4d577479adfc90c8f21b79790fc3cf58d
adv_sendmail.txt
Posted Oct 3, 2001
Authored by Michal Zalewski | Site razor.bindview.com

RAZOR Advisory: Multiple Local Sendmail Vulnerabilities. Sendmail v8.12.0 and below contains multiple local root vulnerabilities. This is fixed in v8.12.1.

tags | local, root, vulnerability
SHA-256 | 33a10f0706c2b3d321f18b41f224a271bb8c7eb422d8bad8f87b3a52f6c7a860
adv_DCE-RPC_DoS.txt
Posted Aug 5, 2001
Site razor.bindview.com

Bindview Advisory - Many DCE/RPC servers don't do proper parameter validation, and can be crashed by sending an improperly formatted request. Affected systems include W2K SCM, NT4 LSA, NT4 Endpoint mapper, W2K Endpoint mapper, SQL Server 7, W2K's DHCP Server, W2K's IIS Server, Exchange 5.5 SP3, Exchange 5.5 SP3, NT4 Spooler, W2K License Srv, and NT4 License Srv. Microsoft bulletin on this issue available here.

tags | denial of service
SHA-256 | 5e096213ca28870ef36905370680122f6491ef0eb55cc4941841a9ce21274fe7
adv_LkIPmasq.txt
Posted Aug 5, 2001
Authored by Michal Zalewski | Site razor.bindview.com

Bindview Advisory - A remotely exploitable IP masquerading vulnerability in the Linux kernel can be used to penetrate protected private networks which have loaded the IRC masquerading module. There was a discussion last year that detailed exploiting NAT packet inspection mechanisms on Linux and other operating systems by forcing a client's browser or MUA software to send specific data patterns without the user's knowledge (see http://www.securityfocus.com/archive/82/50226) in order to open an inbound TCP port on the firewall. Appropriate but not sufficient workarounds were incorporated in Linux kernels released after the original advisory. Unfortunately, protocols other than those mentioned in the original discussions seem to be vulnerable as well. We found that IRC DCC helper (the Linux 2.2 ip_masq_irc module, and modules shipped with some other operating systems / firewalling software) can be exploited.

tags | web, kernel, tcp, protocol
systems | linux
SHA-256 | bcaf95982e917edd271016e86d6d77bc40fd5dd9c9b427da27e25b0f3c3b78f8
adv_smbd_log.txt
Posted Aug 5, 2001
Authored by Michal Zalewski | Site razor.bindview.com

Bindview Advisory - SMBD remote file creation vulnerability. Insufficient parameter validation and unsafe default configuration on popular Linux platforms make systems running samba SMB file sharing daemon vulnerable to remote attacks. Tested on SMBD 2.0.7 and 2.0.8. Samba daemon allows remote attackers to create SMB session log files (*.log) with highly attacker-dependent contents outside outside logs directory. This vulnerability itself can be used to perform DoS attacks, or, if combined with unprivileged local access, can be used to gain superuser privileges.

tags | remote, local
systems | linux
SHA-256 | cd04a10ae9f3510f12059b264b6521eb10a3a3ea5a56ac1c4ae8a772b263273c
adv_mstelnet.txt
Posted Jun 8, 2001
Authored by Michal Zalewski | Site razor.bindview.com

Razor / Bindview Advisory - There is a buffer size checking related fault condition in Microsoft Windows 2000 telnet server. This vulnerability is present only if telnet service is running and plain-text logins are allowed. If there are already 4300 characters in the buffer, username length range checking does not work. Perl exploit included.

tags | perl
systems | windows
SHA-256 | be12ffcb3f00a8aa6f4162cd3e7951feb76a5d093a8d28f0c9847b0b212e51c2
adv_ssh1crc.txt
Posted Feb 9, 2001
Authored by Michal Zalewski | Site razor.bindview.com

Razor Bindview Advisory - A remote root vulnerability exists in the crc32 compensation attack detector (deattack.c) of most ssh daemon installations (F-SECURE, OpenSSH, SSH from ssh.com, OSSH). Insufficient range control calculations (16-bit unsigned variable is used instead of 32-bit, which causes integer overflow) in the detect_attack() function leads to table index overflow bug. This effectively allows an attacker to overwrite arbitrary portions of memory. The altered memory locations affect code that is executed by the daemon with uid 0, and this can be leveraged to obtain general root access to the system. This is fixed in OpenSSH 2.3.0, ossh-1.5.8, and SSH-2.4.0.

tags | remote, overflow, arbitrary, root
SHA-256 | 72f0b876373954999b3e48c286d832d9874353833141a0ee8db15f4cd9b2c873
Page 1 of 1
Back1Next

Top Authors In Last 30 Days

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close