Fuzzy Fingerprinting is a new technique to attack cryptographic key authentication protocols that rely on human verification of key fingerprints. This document covers the theoretical background and the generation of fuzzy fingerprints and also details on the implementation ffp [FFP] and its usage. Includes practical part with details on the implementation and the provided sample session using SSHarp.
6e6d6a7063166a28c87b3797b06e03137cb09dd75b012ca7653ebff027aed6b5
Yaotp (Yet Another One-Time Pad) implements the one-time pad cipher for en- and decryption of messages. It features real random number generation by audio sampling and hashing, key management that enforces one-time usage and irreproducible key destruction. It is the right choice for the totally paranoid geek and high-security issues beyond any imagination.
f5d101e25e349399b37f97a876bfd29e59800c8dace4c42493f33574cd763767
THC-FuzzyFingerprint is a tool that generates fuzzy fingerprints as described in the corresponding paper, available here.. It generates very similar-looking fingerprints, an ideal extension to man-in-the-middle attacks against the SSH service. The current version supports RSA and DSA key generation and MD5 and SHA1 fingerprints. Due to the fact that fuzzy fingerprinting doesn't try to collide the fingerprints, good results can be achieved in reasonable time.
007e83348f95c354a45ebeda85f22b266151643fc53f80ccaa3bc7585009ce4a
Article from THC explaining the techniques behind the ksolaris kernel module, and helps you to develop your own solaris kernel modules.
523a74adb51f1f49d8003ba66d604653ea04038a4bbaff3610402554557bde7d
slkm-1.0.tar.gz is the first public solaris loadable kernel module backdoor from THC. Features File hiding, File content and directory hiding, Switch to toggle file content and directory hiding, Process hiding (structured proc), Promiscous flag hiding, Converting magic uid to root uid, and Execution redirecting.
17ee6bad714538c7e2f84e0c24b4520aec71d93c1ad872d769c659a16755d851
lpstat Exploit code for Solaris 2.6/2.7 X86 versions, resulting in local root compromise.
b4a5c4a3ef8e9b18f9d8d1fc2bc0e1ddaaf747d7e6ab6689b898a8f73c30be07