Showing 1 - 8 of 8

Files from Mudge

kerb4.tar.Z: Posted Oct 4, 2002; Authored by Mudge | Site atstake.com; Kerberos 4 cracker.; SHA-256 | 1e2ec4124c5ea5abc860098482da56da54827ff1882ff0bc51e8a78488c36135; Download | Favorite | View

skey_paper_and_tool.txt: Posted Oct 4, 2002; Authored by Mudge | Site atstake.com; Monkey S/Key challenge/response auditor and white paper. Works similarly in nature to Alec Muffet's CRACK. In essence it takes the md4 value in either HEX or English words and compares it to a dictionary.; SHA-256 | 91361b4f1c1136c90bd9c318b67f64854190eb95ae32e1899a0166c2aa19e602; Download | Favorite | View

anti_sniff_researchv1-1.tar.gz: Posted May 17, 2000; Authored by Mudge | Site l0pht.com; Antisniff Unix Researchers (free) version 1-1 - This is a command line only version that runs many of the same tests to determine if a sniffer is running on the local network that the Windows NT/98/95 GUI does. Currently only Solaris and OpenBSD are supported.; tags | tool, local, sniffer; systems | windows, unix, solaris, openbsd; SHA-256 | d6e2c4c3da8d8dc4fa5b2a702a65d8f22552aff1a897e8f70b86863afc84a4ef; Download | Favorite | View

imap_core.sh: Posted Apr 19, 2000; Authored by Mudge | Site l0pht.com; imap_core.sh is a quick proof of concept tool that causes some imapd implementations to dump core. Unfortunately the core file contains the password and shadow password file in it!; tags | exploit, proof of concept; SHA-256 | 5e97f6397d4e546bc641fcd0059100b35a6649499f07bf90d15bf975d7a592ee; Download | Favorite | View

init.tar.gz: Posted Dec 31, 1999; Authored by Mudge; initscripts-4.48-1 on RedHat Linux is vulnerable to a race condition. Contains the l0pht advisory on the subject and exploit.; tags | exploit; systems | linux, redhat; SHA-256 | 8fbb95a1d486767654b91e051c53b1fe705011257fc3403f663104539a8a7c68; Download | Favorite | View

l0pht.99-10-04.shell-lock.txt: Posted Oct 5, 1999; Authored by Mudge, lumpy; Application: Cactus Software's shell-lock. (a) A trivial encoding mechanism is used for obfuscating the shell code in the "compiled" binary. Anyone with read permissions to the file in question can decode and retrieve the original shell code. Another vulnerability exists where the user can retrieve the un-encoded shell script without needing to actually decode the binary. (b) The vendors claim the program to be useful in creating SUID binaries on systems that do not honor SUID shell scripts and also to protect against the security problems with SUID shell scripts. As it turns out any shell-lock "compiled" program that is SUID root will allow any user to execute any program with root privileges.; tags | shell, root; SHA-256 | fbc992a6624e12b0216864edca92c85c28dcac58f61f8ee50642f370d5371b9a; Download | Favorite | View

quakenbush-nt-password.txt: Posted Aug 17, 1999; Authored by Mudge; Quakenbush Windows NT Password Appraiser software sends users password hashes and even plaintext passwords out through the Internet, regardless of firewall rules.; tags | exploit; systems | windows; SHA-256 | 1c8af51b12b6d745cf6013df3d5a7e38a7194174382a59ffba2407bcf308f873; Download | Favorite | View

ClearCase.txt: Posted Aug 17, 1999; Authored by Mudge; Poor security coding leaves several race conditions and other security problems in Clear Case, a configuration management program from Rational Software. Local root compromise. "clear_waste.sh" exploit code included.; tags | exploit, local, root; SHA-256 | 956fb8fc120b620f5d57d1e03ed6693777c34c60bb007966b51b57d0a9569947; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days