exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 37 RSS Feed

Files from rain forest puppy

Email addressrfp at wiretrip.net
First Active1999-08-17
Last Active2002-12-06
libwhisker-1.6.tar.gz
Posted Dec 6, 2002
Authored by rain forest puppy | Site wiretrip.net

Libwhisker is a perl module for performing whisker CGI vulnerability checks. It adds a vast array of functionality and has robust functions that are geared toward network auditing. Function reference available here.

Changes: Major fixes - All users should upgrade.
tags | cgi, perl
systems | unix
SHA-256 | e542ac10fc69358b71c76c10dd0673cf046d45a5dd590997990739ebf75ff405
whisker-2.1.tar.gz
Posted Dec 6, 2002
Authored by rain forest puppy | Site wiretrip.net

Whisker is a high quality URL scanner which is used to search for known vulnerable CGIs on websites. Whisker does this by both scanning the the CGIs directly as well as crawling the website in order to determine what CGIs are already currently in use. Whisker is scriptable and is easily tailored to do lots of flexible web scanning. Very stealthy. Implemented anti-IDS techniques. Lots of options. Reads in nmap output, files full of domains, or single host. Virtual host, Proxy, and SSL support.

Changes: Tons of changes - so many it's not worth individually documenting. Added the newbie.help guided configuration walkthrough. Fixed bugs.
tags | web, cgi
systems | unix
SHA-256 | bb25191bfef42806daa43d9a10273c4099163ab1ae7d71209cd042cdc856db9e
libwhisker-1.3.tar.gz
Posted Mar 31, 2002
Authored by rain forest puppy | Site wiretrip.net

Libwhisker is a perl module for performing whisker CGI vulnerability checks. It adds a vast array of functionality and has robust functions that are geared toward network auditing.

tags | cgi, perl
systems | unix
SHA-256 | 8bd72d0828a11d981434fbf42ec6062d4b0709e587674d8589f97365b5a266ee
rfp2201.site-server.txt
Posted Jan 31, 2002
Authored by rain forest puppy | Site wiretrip.net

RFP2201 - MS Site Server Evilness. Security considerations to keep in mind when using Site Server 3.0. Includes info on a LDAP_Anonymous account w/ default password, information leakage and more via administrative pages, information leakage via _mem_bin pages, Cross-site scripting in various files, anonymous LDAP access, user publishing of files, Content publishing (cphost.dll) issues, and more.

tags | xss
SHA-256 | b2d879527af4c0745a0200f6764a9f8cc7188c198d4129e7315d2cc73fe7ec08
wu-ftpd.2.6.0.rfp
Posted Nov 28, 2001
Authored by rain forest puppy | Site wiretrip.net

Details and source diffs for the wu-ftpd v2.6.1 remote overflow vulnerability. By leaving off closing ']' and '}' characters, it's possible to get the glob function to construct a long string which very well may overflow a buffer in gzip v1.2.4.

tags | remote, overflow
SHA-256 | 30748757c260928c611e88fd96b30631aba28b1ad1813970dcd5a76a1ab7932d
libwhisker-pr3.tgz
Posted Jul 19, 2001
Authored by rain forest puppy | Site wiretrip.net

Libwhisker is a perl module for performing whisker CGI vulnerability checks. This is a preview release.

tags | cgi, perl
systems | unix
SHA-256 | 960d4be891522dd39a4a6fc33fd4765ddb81bffe80c0002f1a0f8c849c9e1977
RFP.txt
Posted Mar 6, 2001
Authored by rain forest puppy, NightAxis

Packet Storm Contest Entry - Purgatory 101: Learning to cope with the SYNs of the Internet. (Text Format)

tags | paper
SHA-256 | 43284d288da9f2331d1bd5c0d9a900b6ffaf2f5af2659be61d5f41dde2c20fc5
RFP2101.txt
Posted Feb 14, 2001
Authored by rain forest puppy | Site wiretrip.net

RFP2101 - SQL hacking user logins in PHP-Nuke web portal. PHP-Nuke v4.3 contains authentication weaknesses in the SQL code which allows you to impersonate other users and retrieve their password hashes.

tags | exploit, web, php
SHA-256 | cc5049f1f163f63deea98dbb2a421e75f15ed91bb1c34e3487646b61d0d36b8d
whisker-1.4+SSL.tar.gz
Posted Oct 24, 2000
Authored by rain forest puppy | Site wiretrip.net

whisker v1.40 with native SSL support. Adds a -x option which uses the Net::SSLeay perl module and OpenSSL. Whisker is what I've dubbed a 'next generation' CGI scanner. I've implemented anti-IDS checks into the scan. Includes over 200 checks. Lots of options. Reads in nmap output, files full of domains, or single host. Virtual host support. Proxy support. Can be used as a CGI.

Changes: SSL patch by H.D. Moore at http://www.digitaloffense.net:8000.
tags | cgi, perl
systems | unix
SHA-256 | b08da8795124f5cedfed471dc8c6fdce6b7cc819512817bb29e50ed6a5ac34ce
rfpolicy-2.0.txt
Posted Oct 17, 2000
Authored by rain forest puppy | Site wiretrip.net

RFPolicy 2.0 - rain forest puppy's policy on notifying vendors and releasing security vulnerabilities.

Changes: Less stringent on timeframes, more stringent on communication. Thanks to everyone who contributed. I also added some supporting notes (FAQ, etc) to help dispell some misconceptions on it.
tags | paper, vulnerability
SHA-256 | 292c943bdd96a7ec03da8dac3e27832c587f3bcc55001ecabfda4ad18b74786b
iis-unicode.txt
Posted Oct 17, 2000
Authored by rain forest puppy | Site wiretrip.net

rain forest puppy's investigation of the recent Microsoft IIS remote command execution vulnerability which was first mentioned in a ms00-078. UNICODE character translation on foreign IIS 4.0 and 5.0 servers allows additional ways of encoding '/' and '\', allowing commands to be executed under the IUSR_machine context.

tags | exploit, remote
SHA-256 | 2b1c446965eae66c719dc5275df8c83c036b0c35b914f77fa9b14f18472713f1
whisker-1.4.0.tar.gz
Posted Aug 5, 2000
Authored by rain forest puppy | Site wiretrip.net

whisker is what I've dubbed a 'next generation' CGI scanner. It is Scriptable. It's a programming-ish language that is tailored to do lots of flexible web scanning. Very stealthy. I've implemented anti-IDS checks into the scan. Includes over 200 checks. Lots of options. Reads in nmap output, files full of domains, or single host. Virtual host support. Proxy support. Can be used as a CGI.

Changes: Includes 10 anti-IDS tactics, brute force user names, brute force basic authentication guessing, now uses perl modules if available for extra speed, HTTP return values can be redefined, can now be used as a CGI, html output, SSL support, more vulnerabilities in the scan.db, and bug fixes.
tags | web, cgi
systems | unix
SHA-256 | 173635b21dce7df421528d14e826b70fae03b6130717bd2979423c603175488a
RFP2K05.txt
Posted May 19, 2000
Authored by rain forest puppy | Site wiretrip.net

NetProwler 3.0, a network based intrusion detection system, has a remote denial of service vulnerability. The software crashes when two fragmented IP packets are sent to an IP address that it is profiling. Netprowler must be profiling ftp in order for the exploit to work. Please note that Netprowler logs all incoming alerts to a Microsoft .mdb file. Please read RFP2K04.txt for more information.

tags | exploit, remote, denial of service
SHA-256 | 01dfbeff982172b700a96a3ad3afd0f8babfbb62d8508a80fe57958e3f4d2e87
RFP2K04.txt
Posted May 17, 2000
Authored by rain forest puppy | Site wiretrip.net

RFP2K04 - Mining BlackICE with RFPickAxe. BlackICE IDS uses a management console called ICECap to collect and monitor alerts sent by the various installed BlackICE agents. The ICECap user console sits on port 8081 and has the default login of 'iceman' with no password. The second problem is that the software uses, by default, the Microsoft Jet 3.5 engine to store alerts. If you couple that with the shell VBA problem, that means you can push alerts that contain commands to be executed on the ICECap system. Includes RFPickaxe.pl demo exploit.

tags | exploit, shell
advisories | CVE-2000-0325
SHA-256 | eb477a77f630953d91b35937b63fd59b9bc492d8898abfeed95794044c8189f8
RFParalyze.txt
Posted May 3, 2000
Authored by rain forest puppy, Evan Brewer

Through a netbios session request packet with a NULL source name, Windows 9[5,8] show a number of odd responses. Everything from lockups, reboots and "the blue screen of death", to total loss of network connectivity. Source code included. Reverse engineered from a binary exploit already in use.

tags | exploit
systems | windows
SHA-256 | f3538a492ff6e70e86c22b289cde727edd32fe6a78aeb81e4c21dbecb58b573c
RFP2K03.txt
Posted Apr 20, 2000
Authored by rain forest puppy | Site wiretrip.net

RFP2K03 - Contemplations on dvwssr.dll and how it affects life. Lots of information here. Also includes a fixed versoin of the perl exploit.

tags | exploit, perl
SHA-256 | 35d74c40a89b7e8cc70b2ff471f069a45fac739fddcdc7582bf99957b60ddc84
RFP2K02.txt
Posted Apr 14, 2000
Authored by rain forest puppy | Site wiretrip.net

RFP2K02 - "Netscape engineers are weenies!" AKA a back door in Microsoft FrontPage extensions/authoring components. Anyone with web authoring permission can use a backdoor in dvwssr.dll to read .asp (and .asa) files under the web root. As Microsoft has told me, the immediate problem is moreso the fact that any developer of one particular virtual site can download the .asp code of other virtual sites on the same system. Includes dvwssr.pl, a perl based exploit.

tags | exploit, web, root, perl, asp
SHA-256 | 0936015396bd313d2672ec14ba8f974c4fc1c50db12450334d9108faf511c37f
ms00-019.info.txt
Posted Apr 7, 2000
Authored by rain forest puppy

Exploit information for the "Virtualized UNC Share" problem talked about in MS00-019 which yeilds the source of .asp's.

tags | exploit, asp
SHA-256 | 95fa2946c47ff7913a1492a8b887bb7d64476444f8a22f608baa88cefaf77142
rfp2k01.txt
Posted Feb 3, 2000
Authored by rain forest puppy | Site wiretrip.net

"How I hacked PacketStorm Forums" - A look at hacking wwwthreads via SQL. This is more of a technical paper than an advisory, but it does explain how I used a vulnerability in the wwwthreads package to gain administrative access and some 800 passwords to PacketStorm's discussion forum.

tags | exploit
SHA-256 | 29b3228561304410fb2ef71030ea7e75376cc046c8543397a51327868ce6872e
RFPoison.exe
Posted Jan 24, 2000
Authored by rain forest puppy | Site wiretrip.net

Exploit for the new NT remote DOS and possible compromise. NT 4.0 server and workstation are vulnerable, even with SP level 1, 3, 5, or 6.

Changes: AVP no loger thinks this is a trojan, and it no longer reboots the machine it is running on.
tags | exploit, remote
SHA-256 | 2b98566441d44ba149fafd2b74a9bf4293af462f1fe5b8657c87530b1278ec22
RFPoison.c
Posted Jan 22, 2000
Authored by rain forest puppy | Site wiretrip.net

Source for the RFPoison, a NT remote DOS. NT 4.0 server and workstation are vulnerable, even with SP level 1, 3, 5, or 6.

Changes: AVP no loger thinks this is a trojan, and it no longer reboots the machine it is running on.
tags | remote
SHA-256 | 97b128e117f9dab3ea840c5462d01811717f598125ea7c7d49bde330c80268b9
RFP.doc
Posted Jan 21, 2000
Authored by rain forest puppy, NightAxis

Packet Storm Contest Entry - Purgatory 101: Learning to cope with the SYNs of the Internet.

tags | paper
SHA-256 | acbfe437758ef4ccfb79fde7993aac9a5d2d865fa6ba4948cd195b2923ef09cf
whiskerids.html
Posted Jan 2, 2000
Authored by rain forest puppy | Site wiretrip.net

A look at whisker's anti-IDS tactics. Anti-Intrusion Detection System (IDS) tactics were one of the original key features of my whisker web scanner. The goal of any anti-IDS tactic is to mutate a request so much that the ID systems will get confused, but the web server will still be able to understand it, hence the subtitle "just how bad can we ruin a good thing?".

tags | paper, web
SHA-256 | f9e654a0fc127dcf27a1beb7e8a32d1157b5138bca0b71216771555c32113361
ms99-061.info.txt
Posted Dec 30, 1999
Authored by rain forest puppy

More information on the vulnerability described in ms99-061, a problem in IIS that causes it to parse invalid escape sequences, allowing a carefully made string to bypass IDS systems, ISAPI filters, and extension handlers. Includes a perl script to test for vulnerability.

tags | perl
SHA-256 | ef40568ad6b25c2ee06d8471ee964346dcb723886938cecd3b91cb78e396a9a0
whisker-1.3.0a.tar.gz
Posted Dec 24, 1999
Authored by rain forest puppy

whisker is what I've dubbed a 'next generation' CGI scanner. It is Scriptable. It's a programming-ish language that is tailored to do lots of flexible web scanning. Very stealthy. I've implemented anti-IDS checks into the scan. Includes over 200 checks. Lots of options. Reads in nmap output, files full of domains, or single host. Virtual host support. Proxy support.

Changes: 8 new anti-IDS tactics, scan SSL, alternate file formats, distributed scanning, 200 vulnerabilities, 100 servers, multi-threaded front end, and distributed proxy fixes.
tags | web, cgi
systems | unix
SHA-256 | aa01b002879dbb047ab54823efeedd8d3e423630310048e3b7a238055f3e9ab6
Page 1 of 2
Back12Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close