what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 9 of 9 RSS Feed

Files from STE Jones

Email addressroot at networkpenetration.com
First Active2002-05-14
Last Active2012-05-16
Drupal Hostmaster 6.x Cross Site Scripting / Access Bypass
Posted May 16, 2012
Authored by STE Jones, Ivo Van Geertruyen | Site drupal.org

Drupal Hostmaster third party module version 6.x suffers from access bypass and cross site scripting vulnerabilities.

tags | advisory, vulnerability, xss
SHA-256 | 7c02451f79ba6d4bfe66bd38a9d30bc0c21b9498c33fec40e740f123d695f5e5
UKdnsTest.txt
Posted Oct 16, 2003
Authored by STE Jones | Site NetworkPenetration.com

Network Penetration conducted a survey at the start of 2003 to check the status of the United Kingdom's DNS infrastructure. This paper discusses the second run of what was tested, the results, some sample zone transfers, and recommendations.

tags | paper, protocol
SHA-256 | 31dc371eb671d823d16aa2224c769ef3802e82eb0154f61065f3def5701be8f0
SMB-RSVP.txt
Posted Aug 13, 2003
Authored by STE Jones | Site networkpenetration.com

Paper discussing how the Resource reSerVation Protocol (RSVP) is used within the Subnet Bandwidth Management protocol (RFC 2814) and is vulnerable to allowing a rogue host to hijack control of a server via the use of priority assignment.

tags | paper, protocol
SHA-256 | a784b06a39d986e6dcbd5f350d4ebbf3f646da4776903e5d2db061756436979f
Gobbler-2.0.1-Alpha1.tar.gz
Posted Jul 28, 2003
Authored by STE Jones | Site networkpenetration.com

Gobbler is a tool designed to audit various aspects of DHCP networks, from detecting if DHCP is running on a network to performing a denial of service attack. Gobbler also exploits DHCP and ethernet, to allow distributed spoofed port scanning with the added bonus of being able to sniff the reply from a spoofed host. This tool is based on proof of concept code "DHCP Gobbler" available from networkpenetration.com and the DHCP flaws paper.

Changes: Added port 0 fingerprinting, bug fixes.
tags | tool, denial of service, spoof, rootkit, proof of concept
systems | unix
SHA-256 | 28547ebff2666e8695d9c5e76a8063c0a32e0fc3e55e54aa0f70c4206c761b56
port0paper.txt
Posted Jul 28, 2003
Authored by STE Jones | Site networkpenetration.com

Paper discussing utilization of port zero for OS fingerprinting and how to protect against it.

tags | paper
SHA-256 | bbe9a71a165db0e8b2e6a2f2d5c437c544faf4ba99ad3d4c8737d4bf2ef584a0
openbsdportscan.txt
Posted Jun 29, 2003
Authored by STE Jones | Site networkpenetration.com

By using the OpenBSD packet filter pf, one can utilize the NAT address pools added into OpenBSD 3.3 to aid in distributed port scanning.

tags | tool, scanner
systems | unix, openbsd
SHA-256 | 8a31bcc028af2e38e08d090044b50741b4a83069781ec6191a41a5c751b115ab
gobbler-1.8alpha.tar.gz
Posted Feb 19, 2003
Authored by STE Jones | Site networkpenetration.com

Gobbler is a tool designed to audit various aspects of DHCP networks, from detecting if DHCP is running on a network to performing a denial of service attack. Gobbler also exploits DHCP and ethernet, to allow distributed spoofed port scanning with the added bonus of being able to sniff the reply from a spoofed host. This tool is based on proof of concept code "DHCP Gobbler" available from networkpenetration.com and the DHCP flaws paper.

tags | tool, denial of service, spoof, rootkit, proof of concept
systems | unix
SHA-256 | e67b7b0aaba893b9e0f5b0ff284ff00dc90a09e9061ead2c895a3ad085d770d8
steg1.txt
Posted Sep 21, 2002
Authored by STE Jones | Site networkpenetration.com

Stenographied File Transfer Using Posix File Locks - How to transfer information to other users on secure systems by communicating with locked files. Includes some sample code that uses 32 locked files to transfer data on Posix systems.

tags | paper
SHA-256 | 946de361a7741cef70570cb8e2a840356929f865101a429898f20fd3d294b852
DHCP_Gobbler.tar.gz
Posted May 14, 2002
Authored by STE Jones

The DHCP gobbler is a proof of concept tool for an attack mentioned in RFC 3118 which grabs all available DHCP addresses. New machines trying to join the network won't be allocated IP addresses as they have all been allocated to no existent machines.

tags | denial of service, proof of concept
SHA-256 | 6156f06b8cad144a22b2a4d99327ea07ba5b2b22ed181c5a46bf0f1782c27783
Page 1 of 1
Back1Next

File Archive:

July 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    52 Files
  • 2
    Jul 2nd
    0 Files
  • 3
    Jul 3rd
    0 Files
  • 4
    Jul 4th
    0 Files
  • 5
    Jul 5th
    0 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    0 Files
  • 9
    Jul 9th
    0 Files
  • 10
    Jul 10th
    0 Files
  • 11
    Jul 11th
    0 Files
  • 12
    Jul 12th
    0 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    0 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close