exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 33 RSS Feed

Files from Simple Nomad

Email addressthegnome at nmrc.org
First Active1999-08-17
Last Active2006-01-15
nmrc-14Jan2006.txt
Posted Jan 15, 2006
Authored by Simple Nomad | Site nmrc.org

This advisory documents an anomaly involving Microsoft's Wireless Network Connection. If a laptop connects to an ad-hoc network it can later start beaconing the ad-hoc network's SSID as its own ad-hoc network without the laptop owner's knowledge. This can allow an attacker to attach to the laptop as a prelude to further attack.

tags | advisory
SHA-256 | 78cd0166cc3fdf94d948b2a5271ecace8556a14b625a9e730b15c0da1b9c63fa
icmpenum-1.1.1.tgz
Posted Oct 21, 2003
Authored by Simple Nomad | Site razor.bindview.com

This is a proof-of-concept tool to demonstrate possible distributed attacking concepts, such as sending packets from one workstation and sniffing the reply packets on another.

tags | denial of service
SHA-256 | d9c7ac5f2dae560efd2e8381a3c102663f7bd295b34cd3d688847fd5cb3845af
ncpquery-1.3.tar.gz
Posted Oct 21, 2003
Authored by Simple Nomad | Site razor.bindview.com

NCPQuery is an open source tool that allows probing of a Novell Netware 5.0/5.1 server running IP. It uses TCP port 524 to enumerate objects with public read access, disclosing such information as account names, server services, and other various objects. A remote attacker can gather the equivalent information provided by the console command "display servers" and the DOS client command "cx /t /a /r" without authentication. Includes a Win32 port.

tags | remote, tcp
systems | windows
SHA-256 | 354012e902e80df46b1bf28adfc90559ba18f2db45bf019a1b8745c756211795
nmrcOS-v1.0.iso
Posted Aug 6, 2003
Authored by Simple Nomad, Inertia | Site nmrcos.nmrc.org

NMRC created this secured, Debian-based Linux distribution that has Openwall, HAP-Linux, Bastille, and many other patches and features included.

systems | linux, debian
SHA-256 | e17637292fee6f8f80942b84f72e63ad84141d29e67a2c7a6bf63fef67897a9e
ncovert-1.1.tgz
Posted Aug 6, 2003
Authored by Simple Nomad | Site nmrc.org

NMRC covert channel using ISN to transmit data from one computer to another.

systems | unix
SHA-256 | 06c1b1d9f225af451885111b1f3bed5073b07ded469338b643220fbc2ad9c6ad
ncrypt-0.6.4.tgz
Posted Aug 6, 2003
Authored by Simple Nomad, Inertia | Site nmrc.org

NMRC symmetric file encryptor/decryptor/wiper that includes multiple crypto choices (Rijndael, Serpent, or Twofish) and multiple secure file wiping techniques.

tags | encryption, crypto
SHA-256 | 89caa35b66944f2c6953f1333745ef889ab02ac638fec61e68476812acdc34d9
groupwise.disclosure.txt
Posted Aug 16, 2001
Authored by Simple Nomad | Site nmrc.org

NetWare Enterprise Web Server 5.1 has a couple security problems - When NDS browsing via the web server is enabled, if an attacker can reach that server's port 80 they can enumerate information such as user names, group names, and other system information. In addition, poor handling of GET commands will allow for GroupWise WebAccess servers to display indexes of the directories instead of HTML files.

tags | exploit, web
SHA-256 | adf0654a73f370790f57c8f495e47ab5ce8db6242f05e002639e1d51d2ce342f
Simple_Nomad.txt
Posted Mar 6, 2001
Authored by Simple Nomad

Packet Storm Contest Entry - Strategies for Defeating Distributed Attacks. (Text Format)

tags | paper
SHA-256 | 7427476b12ea10eea15d1f28e11df64258077c0934a93532d27af5558cb06ff1
adv_novellleak.txt
Posted Nov 14, 2000
Authored by Simple Nomad | Site razor.bindview.com

Object Enumeration in Novell Environments - Due to a combination of legacy support and default settings, Novell Netware servers using native IP will leak system information via TCP port 524 when properly queried. In mixed Novell/Microsoft environments, information regarding Microsoft devices is leaked via the Service Advertising Protocol (SAP) table. Third party products, such as those used to synchronize directory services between environments can further the problem. Essentially, a remote attacker can gather the equivalent information provided by the console command "display servers" and the DOS client command "cx /t /a /r" without authentication.

tags | remote, tcp, protocol
SHA-256 | f09861f9843c17db74e28912eb8310b10f91156447711890837c68c8aac45b4e
ncpquery-1.2.tgz
Posted Nov 13, 2000
Authored by Simple Nomad | Site razor.bindview.com

NCPQuery is an open source tool that allows probing of a Novell Netware 5.0/5.1 server running IP. It uses TCP port 524 to enumerate objects with public read access, disclosing such information as account names, server services, and other various objects. A remote attacker can gather the equivalent information provided by the console command "display servers" and the DOS client command "cx /t /a /r" without authentication.

tags | remote, tcp
SHA-256 | 97f05208a1c028a90715780ea2c8dea387e4888c2aff9bf2d8ce53286f2f65ce
despoof-0.9.tgz
Posted Jul 25, 2000
Authored by Simple Nomad | Site razor.bindview.com

Despoof is a utility that tries to determine if a received packet is in fact spoofed by checking the TTL. This command-line utility is intended for near real-time responding (such as being triggered from an IDS). The README explains it all. This utility is based on an idea by Donald McLachlan [don@mainframe.dgrc.crc.ca] (thanks Don!). Despoof runs on most Unix systems (tested on Linux, *BSDs), and requires libnet 1.0 and libpcap 0.4.

tags | spoof
systems | linux, unix
SHA-256 | c730656dba9ef4d9ad86dcb864c528f945e8c29c056ccfe8f82664ec9d4a1e39
razor.dvwssr.txt
Posted Apr 23, 2000
Authored by Simple Nomad | Site razor.bindview.com

BindView RAZOR Team Analysis of DVWSSR.DLL - The risks of having dvwssr.dll are not as severe as originally reported in media outlets Friday morning, but still severe enough that system administrators responsible for NT systems to investigate. The risks involve whether or not a certain DLL is loaded, how rights are set, and potentially how Front Page 98 is used.

tags | exploit
SHA-256 | 8ae1ac958cdd839a071092f69cb028444e52101f3979ebfa78fac418bae535d2
zombie-1.2.tgz
Posted Mar 30, 2000
Authored by Simple Nomad | Site razor.bindview.com

Zombie Zapper Unix version 1.2 - Zombie Zapper [tm] is a free, open source tool that can tell a zombie system flooding packets to stop flooding. It works against Trinoo, TFN, and Stacheldraht. It does assume various defaults used by these attack tools are still in place, but allows you to put the zombies to sleep.

Changes: The new 1.2 version works against Trinoo (including the Windows Trinoo agent), TFN, Stacheldraht, and Shaft.
tags | denial of service
systems | unix
SHA-256 | 1b826dedddd3355c5cd7f3c1b0a853a3214af6ea762c4d4ef0be1e09e91a9664
Project_ZombieZapper1.2.zip
Posted Mar 30, 2000
Authored by Simple Nomad | Site razor.bindview.com

Zombie Zapper v1.2 Windows NT Source Code - Zombie Zapper [tm] is a free, open source tool that can tell a zombie system flooding packets to stop flooding. It works against Trinoo, TFN, and Stacheldraht. It does assume various defaults used by these attack tools are still in place, but allows you to put the zombies to sleep.

Changes: The new 1.2 version works against Trinoo (including the Windows Trinoo agent), TFN, Stacheldraht, and Shaft.
tags | denial of service
systems | windows
SHA-256 | 284a598ea169fa349dcc72b8a0cd88056fd0e80ff712647d8d5736efa6851fa0
zombie-1.1.tar.gz
Posted Feb 29, 2000
Authored by Simple Nomad | Site razor.bindview.com

Zombie Zapper Unix version - Zombie Zapper [tm] is a free, open source tool that can tell a zombie system flooding packets to stop flooding. It works against Trinoo, TFN, and Stacheldraht. It does assume various defaults used by these attack tools are still in place, but allows you to put the zombies to sleep.

Changes: Supports the new Win trinoo trojan.
tags | denial of service
systems | unix
SHA-256 | d2449dc174fe563a2ba61533f5e93fdabc5327ba36f7ee9f40827f10035f866a
razor.wintrinoo.txt
Posted Feb 29, 2000
Authored by Simple Nomad | Site razor.bindview.com

Razor has acquired a copy of the Windows Trojan Trinoo, the following is technical information gained from disassembling the binary.

tags | denial of service, trojan
systems | windows
SHA-256 | 5d0c0846d11849da11543b411218612346e6ce7fccec69dfcc03ec349a9e6dce
tfn2kpass.c
Posted Feb 25, 2000
Authored by Simple Nomad | Site razor.bindview.com

Tfn2k password recovery tool - Tfn2k asks for a password during the build, which is used to prevent someone from recovering the password from the td or tfn binaries. Usefor for forensics, or to command a whole flood network to send you mail letting you know all the machines infected, or to command an attack to stop if you can recover a binary.

tags | denial of service
SHA-256 | cfd719ba0cd05621c443ed48728a727968997b11e93221a512eaa02351d08836
md5-tool.tgz
Posted Feb 17, 2000
Authored by Simple Nomad | Site razor.bindview.com

If you have an md5 checksumming utility on your system, you can use these scripts for a "poor man's tripwire". These do several quick checks for archiving and security purposes.

tags | tool, intrusion detection
systems | unix
SHA-256 | 5105f0110153435688b633709392243a2b67d2f33b49e68780fa2df4ee6e043e
icmpenum-1.1.tgz
Posted Feb 16, 2000
Authored by Simple Nomad | Site razor.bindview.com

This is a proof-of-concept tool to demonstrate possible distributed attacking concepts, such as sending packets from one workstation and sniffing the reply packets on another.

tags | denial of service
SHA-256 | 5e617cf0cb9536d67cf2f63996629e47e11fc6856b5cfb66fe5a51d551eb1189
DDSA_Defense.htm
Posted Feb 16, 2000
Authored by Simple Nomad | Site razor.bindview.com

Distributed Denial of Service Defense Tactics - This paper details some practical strategies that can be used by system administrators to help protect themselves from distributed denial of service attacks as well as protect themselves from becoming unwitting attack nodes against other companies.

tags | denial of service
SHA-256 | d0f80557044b2a18453f2dc7582595ddb3ce718da4f6063550bdaf18440afa5b
Simple_Nomad.doc
Posted Jan 21, 2000
Authored by Simple Nomad

Packet Storm Contest Entry - Strategies for Defeating Distributed Attacks.

tags | paper
SHA-256 | adbb93cf6584385ff3b5f74b554128ad787340889c56f79cd9fcd7d9e7965277
pandora_linux_v4.0_b2.1.tgz
Posted Dec 2, 1999
Authored by Simple Nomad | Site nmrc.org

Pandora v4 Beta 2.1 Netware Attack tool for Linux - Offline password auditing and Online attack for the X Windows platform on Linux. The Online software requires an IPX-aware kernel and root.

Changes: Jitsu-Disk finished moving the Pandora Linux code so that Pandora Linux uses libpcap and libnet. A number of problems have been corrected from the beta release on November 19th, including several problems involving spoofing and sniffing. Libnet helped Jitsu fix all that. We've updated the documentation, included all the code we used to do the builds, pre-compiled binaries, and wrapped it up in a nice big tarball for your hacking needs.
tags | kernel, root
systems | linux, windows
SHA-256 | 04176a26ae4765b00ef4e4f75faf0e72600d8e13e260d89cfd33ce9a9697bc98
pan_linux_src_b2.tgz
Posted Nov 20, 1999
Authored by Simple Nomad | Site nmrc.org

Pandora v4 Beta 2 Full Source Code for Linux.

systems | linux
SHA-256 | 6289c497b8bcdbb15790b35262f4b9178a0cb00e7ffac4bf3b561bb7a96ab924
pan_docs_b2.zip
Posted Nov 20, 1999
Authored by Simple Nomad | Site nmrc.org

BETA - Documentation on using Pandora v4, with updated white papers, tips, and tricks. Included with the regular software, download this if you just wish to read the docs.

SHA-256 | 44e204f97e6c01e95f171dedd42e4589b8b55ec79a6b5d9d7868521bb2ed6bce
pan_src_b2.zip
Posted Nov 20, 1999
Authored by Simple Nomad | Site nmrc.org

Pandora v4 Beta 2 Full Source Code for Windows.

systems | windows
SHA-256 | db40217fe9c204f517fc1c297739c59110cd3db27f3c17085c141a05c0c4c1fa
Page 1 of 2
Back12Next

File Archive:

February 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    11 Files
  • 2
    Feb 2nd
    0 Files
  • 3
    Feb 3rd
    0 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    0 Files
  • 6
    Feb 6th
    0 Files
  • 7
    Feb 7th
    0 Files
  • 8
    Feb 8th
    0 Files
  • 9
    Feb 9th
    0 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    0 Files
  • 13
    Feb 13th
    0 Files
  • 14
    Feb 14th
    0 Files
  • 15
    Feb 15th
    0 Files
  • 16
    Feb 16th
    0 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    0 Files
  • 20
    Feb 20th
    0 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close