what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 16 of 16 RSS Feed

Files from Roelof Temmingh

First Active2000-07-07
Last Active2005-10-12
TT-Roelof-Temmingh-State-of-the-art.ppt
Posted Oct 12, 2005
Authored by Roelof Temmingh

Assessing Server Security - State of the Art. The talk takes into consideration the progress that has been made in web server security over the last few years, and the progress that has been made in attacking web servers over the same time. The paper visits the new vulnerabilities introduced by web applications and discuss the thinking applied to discover such vulnerabilities. It finally describes the state of the art of web server scanning technology.

tags | web, vulnerability
SHA-256 | 100459d29fc8945bc761d6a2ccc7ce82103b8f31e835d98cf9a6ae54e18497c5
finder.pl
Posted Mar 18, 2003
Authored by Roelof Temmingh | Site sensepost.com

Finder.pl remotely checks IIS Servers for most of the methods used by WebDAV. If the server does not complain about the method its an indication that WebDAV is in use. See ms03-007.

tags | tool, scanner
systems | unix
SHA-256 | ee03799da073c545d65ebc87a39171adc3d81c3cf8cb9ebe987ea93ca69df4d2
mielietools-v1.0.tgz
Posted Sep 11, 2002
Authored by Roelof Temmingh | Site sensepost.com

MielieTool v.1.0 is an easy to use Perl based web application "fuzzer". It supports fuzzing of CGIs in forms and links and supports multiple sites. Requires HTTrack, Lynx, grep, find, and rm.

tags | tool, web, cgi, perl, fuzzer
systems | unix
SHA-256 | efe615a070bb52a86f4508d814701ed4d6a3c1ea75ca01531f7e8a5ad1cf4e47
sp_quickill.zip
Posted Mar 25, 2002
Authored by Roelof Temmingh | Site sensepost.com

Sp_Quickkill scans internal networks for unpatched windows machines, IIS and SQL.

tags | exploit
systems | windows
SHA-256 | 78941018e6b74e5b871aa2d827e2f6b63074c8d472f41191cea1da645ff22ae5
mieliekoek.pl
Posted Feb 26, 2002
Authored by Roelof Temmingh | Site sensepost.com

Mieliekoek.pl is a SQL insertion crawler which tests all forms on a web site for possible SQL insertion problems. This script takes the output of a web mirroring tools as input, inspecting every file and determine if there is a form in the file.

tags | web
systems | unix
SHA-256 | fe1bfe7f6e6e16ac4c2fcbed336c09b562bbbe5cb6b8556bfdf043b0c7344cff
hackingguide3.1.pdf
Posted Oct 4, 2001
Authored by Roelof Temmingh | Site sensepost.com

A guide for breaking into computer networks from the Internet v3.1 - Includes host enumeration, scanners, custom tools, protocols, windows information, and much more. PDF format.

tags | paper, protocol
systems | windows
SHA-256 | 5642b5fd57ab06d3f07c54c62e9e19ae2b481c0682ffaefba65288589227982e
sr.pl
Posted Jul 18, 2001
Authored by Roelof Temmingh, Haroon Meer | Site sensepost.com

Checkpoint Firewall-1's SecureRemote allows any IP to connect and download sensitive network information. This perl script gives a potential attacker a wealth of information including ip addresses, network masks (and even friendly descriptions).

tags | exploit, perl
SHA-256 | e3619e7d295ef6e80dc77aada9c151eaf7aeff1c25021ef117f8331019de3414
sensedecode.tgz
Posted May 17, 2001
Authored by Roelof Temmingh | Site sensepost.com

Sensedecode.tgz includes 2 perl scripts which exploit the IIS url decoding bug. Decodecheck.pl checks for hosts that have the "decode" problem, and decodexecute executes code using the decoding problem, with redirection.

tags | exploit, perl
SHA-256 | d32db266c769e68dd5e55144cdff5aac3d5f570243d3c50560169d168c96b542
go.pl
Posted Apr 17, 2001
Authored by Roelof Temmingh

Go.pl allows you to scan ports through a misconfigured squid proxy.

tags | tool, scanner
systems | unix
SHA-256 | 98310269175325ec91f9370570f050216e816e3c000853861869d1df74773777
desperate.tgz
Posted Feb 27, 2001
Authored by Roelof Temmingh | Site sensepost.com

Desperate is a collection of tools used to extract of usernames via EXPN and finger, and obtaining IP addresses via "brute force" DNS lookups. Contains lists of commonly used usernames and DNS names. Coded in PERL.

tags | tool, scanner, perl
systems | unix
SHA-256 | 3eec3182b844f67054826bdc9dd5a20cdd822e3c2ec7659e61d174b262aeea46
unitools.tgz
Posted Jan 25, 2001
Authored by Roelof Temmingh | Site sensepost.com

Unitools.tgz contains two perl scripts - unicodeloader.pl uploads files to a vulnerable IIS site, and unicodexecute3.pl includes searches for more executable directories and is more robust and stable.

tags | exploit, perl
SHA-256 | ef1371caea9d6be5421cdfd47295c380d367086653e0281f537a4f4b1db5503e
pudding01.tar.gz
Posted Jan 13, 2001
Authored by Roelof Temmingh | Site sensepost.com

Pudding is a proxy which recodes HTTP requests using most of RFP's IDS evasion encoding methods, plus random UTF-8 encoding support. Allows any web aware program/exploit/cgi-scanner to evade IDS without modification of the original code. Encoding methods include all uppercase, hex encoding, /./ directory insertion, fake parameters, premature URL endings, windows delimiters, and random UTF8 encoding.

tags | web, cgi
systems | windows, unix
SHA-256 | c8a75f47892cf9971dfce9a19962ee940b44b6217ab7982e7299601b07617e91
unicodexecute2.pl
Posted Oct 28, 2000
Authored by Roelof Temmingh | Site sensepost.com

Unicodexecute2 is a simple perl script to execute commands on vulnerable IIS servers w/ Unicode, as described in this article.

tags | exploit, perl
SHA-256 | 5b2cf0d0ae0a8d6764aa36ceead14fd067a55867c82158f7611f7b7fe312bc2c
decoyblues.pl
Posted Oct 21, 2000
Authored by Roelof Temmingh | Site sensepost.com

decoyblues.pl is a denial of service attack against active firewalls. Works by basically creating a lot of decoys with nmap. Router/firewall will try to block all the (decoyed) IP numbers, eventually running out of access list/packetfilters, and possibly crashing, or overwriting access lists.

tags | denial of service
SHA-256 | cad12139ba8649d84be98349cfaf7e9026766bcf1b08660fe6c02a0942410501
trans.pl
Posted Sep 7, 2000
Authored by Roelof Temmingh

Win2k IIS remote exploit - Retrieves files using the Translate: f bug.

tags | exploit, remote
systems | windows
SHA-256 | e6689da228eca55eaf015fe6410fad686f0c799a345cd10825bec3dd47b9ddc4
Network Device / Switch Default Passwords
Posted Jul 7, 2000
Authored by Roelof Temmingh | Site sensepost.com

Default Passwords for many network switches and devices. Includes many 3com products, ACC, AcceleratedDSL, ADC, Alteon, Arrowpoint, AT

tags | paper
SHA-256 | 39b068457d87fe9ccdf5c7fa081a0000390236b200f7392040d582c8c91acd72
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close