exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 126 - 150 of 206 RSS Feed

Files from thc

First Active1999-08-17
Last Active2023-01-06
THCsmbgetOS.c
Posted Apr 20, 2004
Authored by thc, Johnny Cyberpunk | Site thc.org

A small, but very useful SMB OS-detection tool which gets workgroup, smbserver and operating system. It works for all tested samba versions on different platforms like Mac OSX, AIX, Solaris, Linux, BSD, and all Microsoft Windows platforms.

systems | linux, windows, solaris, bsd, aix, apple
SHA-256 | 15e66dd0f9ffc8a4ba1ade94a6b6fa5ed858378503b48dd688db6c38623db32a
hydra-3.1.tar.gz
Posted Mar 13, 2004
Authored by van Hauser, thc | Site thc.org

THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.

Changes: Various bug fixes and feature enhancements.
tags | web, cracker, imap
systems | cisco
SHA-256 | 913be04024b19d6c629e70b277350275d61d85481ff36af6ec37cf13454a998b
hydra-2.6.tar.gz
Posted Dec 16, 2003
Authored by van Hauser, thc | Site thc.org

THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.

Changes: Fixes compilation problems with new gcc versions.
tags | web, cracker, imap
systems | cisco
SHA-256 | 47d15c2b336a796a3d5af5bbe31e65b6f185711aefe832cbdf160912af59d05e
hydra-2.5.tar.gz
Posted Dec 3, 2003
Authored by van Hauser, thc | Site thc.org

THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.

Changes: Added parallel scan support and included smbnt and cisco AAA support.
tags | web, cracker, imap
systems | cisco
SHA-256 | 11d4e84acd9ba0ff47bcce3af0d8ab452e0703a39f1785ddb9b55525f5549b95
amap-4.5.tar.gz
Posted Nov 21, 2003
Authored by van Hauser, thc, DJ Revmoon | Site thc.org

Application Mapper is a next-generation scanning tool that allows you to identify the applications that are running on a specific port. It does this by connecting to the port(s) and sending trigger packets. These trigger packets will typically be an application protocol handshake (i.e. SSL). Amap then looks up the response in a list and prints out any match it finds. Adding new response identifications can be done just by adding them to an easy-to-read text file. With amap, you will be able to identify that SSL server running on port 3445 and some oracle listener on port 233!

Changes: Added portability fixes for OpenBSD and Cygwin.
tags | tool, protocol
SHA-256 | 4923561c01a4c32b8a2d4f42772f5d3002c1c22b849d7cbf665111013dba4682
THC Secure Deletion v3.1
Posted Nov 21, 2003
Authored by van Hauser, thc | Site thc.org

THC-Secure Deletion v3.1 for UNIX is the latest release of van Hauser's suite of secure deletion and overwriting utilities. Included are 'srm' - secure deletion of files

Changes: Linux LKM for secure file deletion included. Bug fixes.
systems | unix
SHA-256 | 84723b3bc93dbba5d4c86c232ca6c84566ef1cbf281823588a7b902a539b70ac
thc_imap_bruter.c
Posted Nov 9, 2003
Authored by thc, Skyper | Site thc.org

IMAP password brute force tool. Can go up to 500 passwords / second on a remote host with 1000 connections in parallel if you like. It's fast and efficient.

tags | remote, imap
SHA-256 | d6b4d292152253c3334afdd2a23e77394ed57ce9bd1ec0da568b01e3292c0d50
THC-CUPASS10.zip
Posted Oct 30, 2003
Authored by thc, Doc Holiday | Site TheHackersChoice.com

CUPASS uses techniques to guess the password of ANY user on a WindowsNT/W2K server or domain. CUPASS uses a flaw in the implementation of Microsofts NetUserChangePassword API to guess/change the users password. This release is the proof of concept code for the THC paper "CUPASS and the NetUserChangePassword Problem"

tags | proof of concept
SHA-256 | 32d02d7418f4b853a4a32ea1b03f44daf08ae3e5dd3ef0452f45e0e5bcaa4f17
thc-ipf10.zip
Posted Oct 30, 2003
Authored by van Hauser, thc, Doc Holiday | Site thc.org

IPF is the first command line tool for configuring the packet filter of Windows NT4 and Window 2000 systems. It replaces the annoying GUI alternatives and can be used as an elegant entry for writing advanced firewall scripts under the Windows system.

systems | windows
SHA-256 | c46f4f02954aa5e7db1c4c29cdde1a7774c2112b79cd65edb7097fa134fe9cd1
THC Secure Deletion v3.0
Posted Oct 30, 2003
Authored by van Hauser, thc | Site thc.org

THC-Secure Deletion v3.0 for UNIX is the latest release of van Hauser's suite of secure deletion and overwriting utilities. Included are 'srm' - secure deletion of files

Changes: Bug fixes.
systems | unix
SHA-256 | b218d13f203672b1361f8387242d89fdf58135875e60dd7def28e581a5ac1d23
thcrut-1.2.5.tar.gz
Posted Oct 30, 2003
Authored by thc, anonymous | Site thc.org

THC-RUT (aRe yoU There) is a local network discovery tool developed to brute force its way into wvlan access points. It offers arp-request on ip-ranges and identifies the vendor of the NIC, spoofed DHCP, BOOTP and RARP requests, icmp-address mask request and router discovery techniques. This tool should be 'your first knife' on a foreign network.

Changes: Fixed a bug which skipped the first IP of the range.
tags | local, spoof
SHA-256 | b32f3d71ac540248b7643baa39d8ecfb75af493228caaeb64608e49f2f092473
hydra-2.4.tar.gz
Posted Oct 30, 2003
Authored by van Hauser, thc | Site thc.org

THC-Hydra is a high quality parallized login hacker for Samba, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support and is part of Nessus.

Changes: Added mysql module, fixed VNC module, and a new ./configure script for better Solaris and *BSD support.
tags | web, cracker, imap
systems | cisco
SHA-256 | 693645829a78ed3b1dcdc74f3741819dbe8eaf67b14b72b0ec6a4223ceeaa0b1
ffp-0.0.8.tar.gz
Posted Oct 30, 2003
Authored by thc, Plasmoid | Site thc.org

THC-FuzzyFingerprint is a tool that generates fuzzy fingerprints as described in the corresponding paper, available here.. It generates very similar-looking fingerprints, an ideal extension to man-in-the-middle attacks against the SSH service. The current version supports RSA and DSA key generation and MD5 and SHA1 fingerprints. Due to the fact that fuzzy fingerprinting doesn't try to collide the fingerprints, good results can be achieved in reasonable time.

SHA-256 | 007e83348f95c354a45ebeda85f22b266151643fc53f80ccaa3bc7585009ce4a
amap-4.3.tar.gz
Posted Sep 21, 2003
Authored by van Hauser, thc, DJ Revmoon | Site thc.org

Application Mapper is a next-generation scanning tool that allows you to identify the applications that are running on a specific port. It does this by connecting to the port(s) and sending trigger packets. These trigger packets will typically be an application protocol handshake (i.e. SSL). Amap then looks up the response in a list and prints out any match it finds. Adding new response identifications can be done just by adding them to an easy-to-read text file. With amap, you will be able to identify that SSL server running on port 3445 and some oracle listener on port 233!

Changes: More identifications added and various bug fixes.
tags | tool, protocol
SHA-256 | 4450b9ecd3bc40104031d83fad31d0bb3fc7aa15de4088460aa734c06f2e1f2b
amap-4.2.tar.gz
Posted Aug 10, 2003
Authored by van Hauser, thc, DJ Revmoon | Site thc.org

Application Mapper is a next-generation scanning tool that allows you to identify the applications that are running on a specific port. It does this by connecting to the port(s) and sending trigger packets. These trigger packets will typically be an application protocol handshake (i.e. SSL). Amap then looks up the response in a list and prints out any match it finds. Adding new response identifications can be done just by adding them to an easy-to-read text file. With amap, you will be able to identify that SSL server running on port 3445 and some oracle listener on port 233!

Changes: Various bug fixes, added 28 new response ids and triggers, and more.
tags | tool, protocol
SHA-256 | a2826954e3dafa6ed8b2e3866603be894a0363d4ef2157de174bb9e5e407d089
grenzgaenger-alpha.tar.gz
Posted Aug 10, 2003
Authored by thc | Site thc.org

Grenzgaenger is a SOCKS-like hacker tool for tunneling nmap, netcat and exploits transparently through systems into protected networks.

SHA-256 | 7b46223b2239a585a065db7456ef97a3a6f6b8c152023b6ac785b4990ad42954
vmap-0.6.tar.gz
Posted Aug 10, 2003
Authored by van Hauser, thc, Whyking | Site thc.org

Version mapper 0.5.2 is a utility for fingerprinting services by checking features and replies of bogus commands being fed to the daemon. Currently supports FTP, SMTP, POP3, IMAP, and HTTP.

tags | web, imap
SHA-256 | 315d3d9e5cf65be910fc47d159fe64a09effc31240e987426e119ac6e5524275
amap-4.0.tar.gz
Posted Jul 22, 2003
Authored by van Hauser, thc, DJ Revmoon | Site thc.org

Amap Version 4.0 is a next-generation scanning tool that allows you to identify the applications that are running on a specific port. It does this by connecting to the port(s) and sending trigger packets. These trigger packets will typically be an application protocol handshake (i.e. SSL). Amap then looks up the response in a list and prints out any match it finds. Adding new response identifications can be done just by adding them to an easy-to-read text file. With amap, you will be able to identify that SSL server running on port 3445 and some oracle listener on port 233!

Changes: Rewritten from scratch to enhance speed and reliability. There are also new features, better documentation, and various other bug fixes.
tags | tool, protocol
SHA-256 | 2093ae53f387b8dfbd45483389d5031cf82dd14770bd294b48f87d7917b52210
shagg-0.2.0.tar.gz
Posted Jul 18, 2003
Authored by thc | Site thc.org

THC-Shagg is an application to bruteforce check digit algorithms. It analyzes a given list of serial numbers and tries to find a matching algorithm and its setup. If such a setup is found, THC-Shagg is able to generate (extrapolate) new serial numbers, e.g. VISA and MasterCard credit card numbers, EAN numbers, IMEI, UPC or even EFT routing numbers.

SHA-256 | beaebc61b99d81db0fc58c65787d826e2032df6e00662b4ca2b8413ed3611e9d
login_hacker-1.1.tar.gz
Posted Jun 29, 2003
Authored by van Hauser, thc | Site thc.org

THC Modem Login Hacker - A tool that will attempt to break into modem dialups using scripts written for minicom. Extremely configurable and a must have for any penetration test.

SHA-256 | 828570b792839f01260c13d3a4c84290f8ec66299dfceef31ab46fc2941ec452
amap-2.7.tar.gz
Posted Jun 17, 2003
Authored by van Hauser, thc, DJ Revmoon | Site thc.org

Amap is a scanning tool that allows you to identify the applications that are running on a specific port. It does this by connecting to the port(s) and sending trigger packets. These trigger packets will typically be an application protocol handshake (i.e. SSL). Amap then looks up the response in a list and prints out any match it finds. Adding new response identifications can be done just by adding them to an easy-to-read text file. With amap, you will be able to identify that SSL server running on port 3445 and some oracle listener on port 233!

Changes: Added the ability to compile under Cygwin, Added some triggers and responses, and various bug fixes.
tags | tool, protocol
SHA-256 | 94fab83628b9447bc141df6b16c39f31750777f88ee84a8d1eb31ceb8b387221
amap-2.5.tar.gz
Posted May 31, 2003
Authored by van Hauser, thc, DJ Revmoon | Site thc.org

Amap is a scanning tool that allows you to identify the applications that are running on a specific port. It does this by connecting to the port(s) and sending trigger packets. These trigger packets will typically be an application protocol handshake (i.e. SSL). Amap then looks up the response in a list and prints out any match it finds. Adding new response identifications can be done just by adding them to an easy-to-read text file. With amap, you will be able to identify that SSL server running on port 3445 and some oracle listener on port 233!

Changes: Bug fix in the -o output and RPC scanning.
tags | tool, protocol
SHA-256 | 6df1e33d4c0dea8aae82e949aa3198c14cb677bce90ca0f5998b50a39229a476
thcrut-1.2.4g.tar.gz
Posted May 28, 2003
Authored by thc | Site thc.org

THC-RUT (aRe yoU There) is a local network discovery tool developed to brute force its way into wvlan access points. It offers arp-request on ip-ranges and identifies the vendor of the NIC, spoofed DHCP, BOOTP and RARP requests, icmp-address mask request and router discovery techniques. This tool should be 'your first knife' on a foreign network.

Changes: New OS Fingerprint implementation by gathering tcp stack informations, banners, open/closed port characteristics and timing values and tosses them through a perl regular expression matrix to determine the OS with high accuracy.
tags | local, spoof
SHA-256 | f41eda1909b90b1e54ab9977d800ab9eacb0016df82f2180d5a8da02b160d2b1
amap-2.1.tar.gz
Posted May 8, 2003
Authored by van Hauser, thc, DJ Revmoon | Site thc.org

Amap V2.1 is a scanning tool that allows you to identify the applications that are running on a specific port. It does this by connecting to the port(s) and sending trigger packets. These trigger packets will typically be an application protocol handshake (i.e. SSL). Amap then looks up the response in a list and prints out any match it finds. Adding new response identifications can be done just by adding them to an easy-to-read text file. With amap, you will be able to identify that SSL server running on port 3445 and some oracle listener on port 233!

Changes: More application fingerprints, better identification, speed enhancements, amapcrap added, new features and bugfixes.
tags | tool, protocol
SHA-256 | a2fcff73f3df3c1bcf73d1501e95403b8c981c8c823a2d9d6763f52252bbb3ad
THCunREAL_V0.2.ZIP
Posted Apr 30, 2003
Authored by thc, Johnny Cyberpunk | Site thc.org

Updated version of the remote root exploit for Realserver 8 on several Windows platforms.

Changes: New shellcode added and the code has been condensed.
tags | exploit, remote, root
systems | windows
SHA-256 | faac60e3244b42b5c4ede35ae529a0d44f8df9e59b986f1e0455c38db816a155
Page 6 of 9
Back45678Next

File Archive:

January 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    0 Files
  • 2
    Jan 2nd
    13 Files
  • 3
    Jan 3rd
    5 Files
  • 4
    Jan 4th
    5 Files
  • 5
    Jan 5th
    9 Files
  • 6
    Jan 6th
    5 Files
  • 7
    Jan 7th
    0 Files
  • 8
    Jan 8th
    0 Files
  • 9
    Jan 9th
    18 Files
  • 10
    Jan 10th
    31 Files
  • 11
    Jan 11th
    30 Files
  • 12
    Jan 12th
    33 Files
  • 13
    Jan 13th
    25 Files
  • 14
    Jan 14th
    0 Files
  • 15
    Jan 15th
    0 Files
  • 16
    Jan 16th
    7 Files
  • 17
    Jan 17th
    25 Files
  • 18
    Jan 18th
    38 Files
  • 19
    Jan 19th
    6 Files
  • 20
    Jan 20th
    21 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    24 Files
  • 24
    Jan 24th
    68 Files
  • 25
    Jan 25th
    22 Files
  • 26
    Jan 26th
    20 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close