exploit the possibilities
Showing 1 - 9 of 9 RSS Feed

Files from STE Jones

Email addressroot at networkpenetration.com
First Active2002-05-14
Last Active2012-05-16
Drupal Hostmaster 6.x Cross Site Scripting / Access Bypass
Posted May 16, 2012
Authored by STE Jones, Ivo Van Geertruyen | Site drupal.org

Drupal Hostmaster third party module version 6.x suffers from access bypass and cross site scripting vulnerabilities.

tags | advisory, vulnerability, xss
SHA-256 | 7c02451f79ba6d4bfe66bd38a9d30bc0c21b9498c33fec40e740f123d695f5e5
UKdnsTest.txt
Posted Oct 16, 2003
Authored by STE Jones | Site NetworkPenetration.com

Network Penetration conducted a survey at the start of 2003 to check the status of the United Kingdom's DNS infrastructure. This paper discusses the second run of what was tested, the results, some sample zone transfers, and recommendations.

tags | paper, protocol
SHA-256 | 31dc371eb671d823d16aa2224c769ef3802e82eb0154f61065f3def5701be8f0
SMB-RSVP.txt
Posted Aug 13, 2003
Authored by STE Jones | Site networkpenetration.com

Paper discussing how the Resource reSerVation Protocol (RSVP) is used within the Subnet Bandwidth Management protocol (RFC 2814) and is vulnerable to allowing a rogue host to hijack control of a server via the use of priority assignment.

tags | paper, protocol
SHA-256 | a784b06a39d986e6dcbd5f350d4ebbf3f646da4776903e5d2db061756436979f
Gobbler-2.0.1-Alpha1.tar.gz
Posted Jul 28, 2003
Authored by STE Jones | Site networkpenetration.com

Gobbler is a tool designed to audit various aspects of DHCP networks, from detecting if DHCP is running on a network to performing a denial of service attack. Gobbler also exploits DHCP and ethernet, to allow distributed spoofed port scanning with the added bonus of being able to sniff the reply from a spoofed host. This tool is based on proof of concept code "DHCP Gobbler" available from networkpenetration.com and the DHCP flaws paper.

Changes: Added port 0 fingerprinting, bug fixes.
tags | tool, denial of service, spoof, rootkit, proof of concept
systems | unix
SHA-256 | 28547ebff2666e8695d9c5e76a8063c0a32e0fc3e55e54aa0f70c4206c761b56
port0paper.txt
Posted Jul 28, 2003
Authored by STE Jones | Site networkpenetration.com

Paper discussing utilization of port zero for OS fingerprinting and how to protect against it.

tags | paper
SHA-256 | bbe9a71a165db0e8b2e6a2f2d5c437c544faf4ba99ad3d4c8737d4bf2ef584a0
openbsdportscan.txt
Posted Jun 29, 2003
Authored by STE Jones | Site networkpenetration.com

By using the OpenBSD packet filter pf, one can utilize the NAT address pools added into OpenBSD 3.3 to aid in distributed port scanning.

tags | tool, scanner
systems | unix, openbsd
SHA-256 | 8a31bcc028af2e38e08d090044b50741b4a83069781ec6191a41a5c751b115ab
gobbler-1.8alpha.tar.gz
Posted Feb 19, 2003
Authored by STE Jones | Site networkpenetration.com

Gobbler is a tool designed to audit various aspects of DHCP networks, from detecting if DHCP is running on a network to performing a denial of service attack. Gobbler also exploits DHCP and ethernet, to allow distributed spoofed port scanning with the added bonus of being able to sniff the reply from a spoofed host. This tool is based on proof of concept code "DHCP Gobbler" available from networkpenetration.com and the DHCP flaws paper.

tags | tool, denial of service, spoof, rootkit, proof of concept
systems | unix
SHA-256 | e67b7b0aaba893b9e0f5b0ff284ff00dc90a09e9061ead2c895a3ad085d770d8
steg1.txt
Posted Sep 21, 2002
Authored by STE Jones | Site networkpenetration.com

Stenographied File Transfer Using Posix File Locks - How to transfer information to other users on secure systems by communicating with locked files. Includes some sample code that uses 32 locked files to transfer data on Posix systems.

tags | paper
SHA-256 | 946de361a7741cef70570cb8e2a840356929f865101a429898f20fd3d294b852
DHCP_Gobbler.tar.gz
Posted May 14, 2002
Authored by STE Jones

The DHCP gobbler is a proof of concept tool for an attack mentioned in RFC 3118 which grabs all available DHCP addresses. New machines trying to join the network won't be allocated IP addresses as they have all been allocated to no existent machines.

tags | denial of service, proof of concept
SHA-256 | 6156f06b8cad144a22b2a4d99327ea07ba5b2b22ed181c5a46bf0f1782c27783
Page 1 of 1
Back1Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    6 Files
  • 24
    May 24th
    19 Files
  • 25
    May 25th
    5 Files
  • 26
    May 26th
    12 Files
  • 27
    May 27th
    12 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close