what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 25 RSS Feed

Files from r00tabega

First Active2000-01-10
Last Active2001-04-07
RetaRDS.pl
Posted Apr 7, 2001
Authored by Max, r00tabega | Site SecurityApex.com

RetaRDS.pl checks for IIS web servers which are vulnerable to the RDS bug. Includes host list scanning and IDS evasion.

tags | web
SHA-256 | 8ab119af163fc9daed47a7f1e47a2ddb6b694004f8d9fb14478bf9d003f54d5d
multihtml.c
Posted Sep 20, 2000
Authored by Zillion, r00tabega, Bansh33 | Site r00tabega.org

Multihtml.c is a remote exploit for /cgi-bin/multihtml.pl, versions previous to 2.2 which spawns a remote shell.

tags | exploit, remote, shell, cgi
SHA-256 | 1cb8b402e54df7815270db3a85536296536997d3459dfb03bc464424e639323c
ncsa1-3.c
Posted Jul 31, 2000
Authored by r00tabega, Xtremist | Site r00tabega.com

NCSA Httpd v1.3 remote root exploit. Tested against Slackware 4.0.

tags | exploit, remote, root
systems | linux, slackware
SHA-256 | fd048c6976c8652d858e282e552db1b774bbf2a33f9c4f5d8cbdad0d39ab5194
rivat.tgz
Posted Jul 31, 2000
Authored by r00tabega, Xtremist | Site r00tabega.com

Rivat is a distributed CGI scanner written in perl which scans for over 405 vulnerabilities.

tags | cgi, perl, vulnerability
SHA-256 | 9e90411a076c4578051a6a030e0ddf9912c74a3586dd318b2d2f7e86d6cbe206
sourcescan.pl
Posted Jul 31, 2000
Authored by r00tabega, Xtremist | Site r00tabega.com

Sourcescan.pl looks through C source code for common vulnerabilities, including strcpy, gets, strcat, sprintf, fscanf, scanf, vsprintf, realpath, getopt, getpass, streadd, strecpy, strtrns, getenv, and setenv.

tags | vulnerability
SHA-256 | 08e9707e93b71327f7308ac80c26eb28bcc78a62b4c77d056f8e210bed720e03
stealthcode.txt
Posted Jul 31, 2000
Authored by r00tabega, Xtremist | Site r00tabega.com

Many IDS systems detect buffer overflow exploitation by looking for a series of NOP's (hex 90) which are typically used to pad the buffer so the offset does not have to be exact. Instead of using NOP's, a stealthy exploit could jump to the next instruction (jmp 0x00) or jump a small number of instructions.

tags | overflow
SHA-256 | 5a83aa8429b3c9c4766634a3e4e0e6c3a972a542233b82a48fde3c8475fd483b
bx-dos.pl
Posted Jul 6, 2000
Authored by r00tabega, Rishi Bhat | Site r00tabega.com

BitchX dos exploit - joins a channel with %s in the name, and invites target nick.

tags | denial of service
SHA-256 | 454c258db3817f6310a5b53eef7dcb95058960cff7c6b95c5c1b94c2b3b38f0e
usercheck.pl
Posted Jun 29, 2000
Authored by r00tabega, Bansh33 | Site r00tabega.com

Quick perl script to search through the history file of each user on your system for a certain command (i.e. "cat /etc/passwd").

tags | perl
SHA-256 | 9bff10e0b13f74501fe381001cf0e37279e3be5fca0e60e87cb1c850a547780f
sploitmon.pl
Posted Jun 29, 2000
Authored by r00tabega, Bansh33 | Site r00tabega.com

sploitmon.pl is a simple yet sophisticated perl script that runs in the background to monitor Apache's access_log file for indications of an exploit scan. If one is detected, a new exploit_scan_log file is created with the details. Checks for /cgi-bin/phf, /cgi-bin/nph-test-cgi, and /cgi-bin/whois_raw.cgi.

tags | cgi, perl
SHA-256 | a9a2d6cb059ca360921cfea53192a86691abc7cab592a0d3711c7ca85e80a471
sumon.pl
Posted Jun 29, 2000
Authored by r00tabega, Bansh33 | Site r00tabega.com

A simple yet sophisticated perl script that runs in the background and monitors for user attempts to su to root. If one is detected, the log file is immediately mailed to a specified user and a backup is created in /tmp. Very useful for attempting to keep track of logs after an intrusion has occured.

tags | root, perl
SHA-256 | 9d5a05a262ce5c62f5af07164aa226ee20f05a3529a13f4c3b10f6642e980ec1
suidbofcheck.pl
Posted Jun 29, 2000
Authored by r00tabega, Bansh33 | Site r00tabega.com

suidbofcheck.pl searches the system for suid binaries in /usr/bin, /bin, /sbin, and /usr/sbin and tests each one against a standard buffer overflow (both with and without the use of environmental variables) at a specified offset.

tags | overflow
SHA-256 | cdfabbf02010e314aaf0717fec7794934ca6e1c28d934c051807997557d665e4
chanserv.c
Posted Jun 29, 2000
Authored by r00tabega, Bansh33 | Site r00tabega.com

Exploits the auto registration feature of most ChanServ bots and causes it to die. This exploit has been known to work on networks including DalNet, CobraNet and RelicNet.

SHA-256 | 865f6f01d3cc5bf17ccb21f2ea7ad728f0e13a90f25b6ff1a1fe00b5b3a4ad68
icqwebfront.sh
Posted Jun 9, 2000
Authored by r00tabega, Bansh33 | Site r00tabega.com

ICQ Web Front DOS Exploit - guestbook.cgi, part of ICQ web front, is vulnerable to a remote denial of service attack. This shell script exploit generates a malformed POST request and uses netcat to send it to port 80 of the victim host.

tags | remote, web, denial of service, shell, cgi
SHA-256 | b8e9e0819dfa1cd572dcf565fd2d91d1830fea0eb549bcc41414b0da7e85f832
magdalena.pl
Posted Jun 1, 2000
Authored by r00tabega, Futant | Site r00tabega.com

Magdalena.pl is a small utility written in perl that will scan a list of hostnames for a certain CGI. It lets the user define a string to match rather than just relying on HTTP codes.

tags | web, cgi, perl
SHA-256 | ccc299ad0540b9e3f12b44614383906c104dcf932edf981963b113749e28fa08
wemilo.tcl
Posted May 30, 2000
Authored by r00tabega, Futant | Site r00tabega.com

Remote Cart32 exploit - Though L0pht released an advisory and patch for the well known Cart32 bug, this is the first exploit released to date. Allows remote command execution.

tags | exploit, remote
SHA-256 | b15ca1584e4ea0d26f2e39fd6253fdaeb6ec98bcc198aec4914a379e204b8f61
netsol.c
Posted May 11, 2000
Authored by r00tabega, Bansh33 | Site r00tabega.com

Exploit for the (patched) major security issue with networksolutions.com(easysteps.pl) which would have set up a bindshell if it had been run.

SHA-256 | 9341f14a0079af7d87506afc61d98b1ef1589d7eeb8b50a03d204c3b48807cbf
whois_raw.c
Posted Apr 22, 2000
Authored by r00tabega, Lore | Site r00tabega.com

The whois_raw.cgi perl script included in all freeware versions of the cdomain package allows remote attacker to view/retrieve any system files, such as /etc/passwd, and to execute commands. Exploit included, which drops a shell, unlike previous whois_raw.cgi exploits.

tags | remote, shell, cgi, perl
SHA-256 | cdcb04dcc8c8d833822d837b47e293b61db57cc6668962ea1ef6d1dbedf1b93b
communigate.pl
Posted Apr 21, 2000
Authored by r00tabega, Bansh33 | Site r00tabega.com

communigate.pl is a DoS exploit against CommuniGatePro 3.1 for NT.

SHA-256 | 3c4ca0bd0f5f75d0a744d6c32d7bbbc01e060250be2da4e3f804f20d72c0e403
r00tlate.pl
Posted Apr 17, 2000
Authored by r00tabega, ragnarox

PERL script to grab a list of new files from r00tabega.com. It then gives the user the ability to pick and download any of the files, all without having to load up a browser. ragnarox is planning to also make a front-end for X and MS-WIN.

tags | tool, perl
systems | unix
SHA-256 | fe354f1906c1d44d05333dc1504dff7472b8cfe1ff0677b9daf68ccfd55e30b7
attrition.pl
Posted Apr 13, 2000
Authored by r00tabega, Bansh33 | Site r00tabega.com

attrition.pl gets the latest x (you specify how many) defacements from attrition. Just use the script to save the latest defacements to a file and then include them on your page through SSI.

tags | web
SHA-256 | 1dc09a27daea3b7dc5e06b5ec698922863ab4b98158b1c6f5ea7765c284c1112
d0s.pl
Posted Apr 12, 2000
Authored by r00tabega, ragnarox | Site r00tabega.com

DoS.pl uses Net::RawIP to launch a syn flood attack.

tags | denial of service
SHA-256 | 32ae0c00c03fd1e282fef426d088787651a77b6b9c1400e9ef48c2c496d3e497
frontpage.pl
Posted Mar 29, 2000
Authored by r00tabega, Bansh33 | Site r00tabega.com

Everybody knows about the _vti_pvt password files, but what about those misconfigured Frontpage servers that allow remote login and authoring without a login and password? This script will check for both vulnerabilties.

tags | tool, remote, scanner
systems | unix
SHA-256 | 9040980cfe8b96a201e33ee28fbdd4f0ee1d4f87da6b7f725166cb677e745d00
grinder.pl
Posted Mar 24, 2000
Authored by r00tabega, Bansh33 | Site r00tabega.com

Grinder.pl scans a range of IP's looking for a URL. Could be used to search for sites with a certain URL or CGI program.

tags | tool, cgi, scanner
systems | unix
SHA-256 | 17a62deebdd349e5d8c73be75d2c23ff06c8637cbc112b275271d2d25c11d2c9
DevNull-rootkit-v0.9.tar.bz2
Posted Mar 24, 2000
Authored by Tutor, r00tabega | Site r00tabega.com

DevNull Rootkit v0.9 - Linux rootkit, modified login, chsh, chfn and su. Our login, when in place, will not show the defined user logged into the system, nor log the connection origin.

tags | tool, rootkit
systems | linux, unix
SHA-256 | 84eec92a26c85da5068c9018ab802447990ef81ba86b37b1781f8eee80271317
msadc-trojan.pl
Posted Jan 10, 2000
Authored by r00tabega, Bansh33 | Site r00tabega.com

This script will upload a trojan to an RDS vulnerable site running NT and execute the trojan.

tags | exploit, trojan
SHA-256 | 103493a4c6051cab304f220b22274a4ca432f01306d62d03af4825d7c7bf7105
Page 1 of 1
Back1Next

File Archive:

August 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    20 Files
  • 2
    Aug 2nd
    4 Files
  • 3
    Aug 3rd
    6 Files
  • 4
    Aug 4th
    55 Files
  • 5
    Aug 5th
    16 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    13 Files
  • 9
    Aug 9th
    13 Files
  • 10
    Aug 10th
    34 Files
  • 11
    Aug 11th
    16 Files
  • 12
    Aug 12th
    0 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close