exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 27 RSS Feed

Files Date: 1999-10-05

Posted Oct 5, 1999
Authored by Mudge, lumpy

Application: Cactus Software's shell-lock. (a) A trivial encoding mechanism is used for obfuscating the shell code in the "compiled" binary. Anyone with read permissions to the file in question can decode and retrieve the original shell code. Another vulnerability exists where the user can retrieve the un-encoded shell script without needing to actually decode the binary. (b) The vendors claim the program to be useful in creating SUID binaries on systems that do not honor SUID shell scripts and also to protect against the security problems with SUID shell scripts. As it turns out any shell-lock "compiled" program that is SUID root will allow any user to execute any program with root privileges.

tags | shell, root
SHA-256 | fbc992a6624e12b0216864edca92c85c28dcac58f61f8ee50642f370d5371b9a
Posted Oct 5, 1999

Daemons to replace rsh and rlogin with those that log the remote host/user names and provides tcp wrapper access control. Replaces daemons on SunOS, Solaris, Ultrix 4.x. Supports S/KEY style passwords for login/ftp and rexec for many other flavours of UNIX.

tags | remote, tcp, system logging
systems | unix, solaris
SHA-256 | 6a6240fbe4899b95311c4826b17390788793fd0cbc95f8a9aff1497da36eec21
Posted Oct 5, 1999

Blurb for tcp_wrappers_7.6.tar.gz

tags | tool, intrusion detection
systems | unix
SHA-256 | ba6ca8ba9ee13ef06fd505b3d9e5b285d454a0e72b86349ac550c1bf7bb075cc
Posted Oct 5, 1999

Wietse Venema's tcp wrapper. The package provides tiny daemon wrapper programs that can be installed without any changes to existing software or to existing configuration files. The wrappers report the name of the client host and of the requested service; the wrappers do not exchange information with the client or server applications, and impose no overhead on the actual conversation between the client and server applications.

tags | tool, tcp, intrusion detection
systems | unix
SHA-256 | 9543d7adedf78a6de0b221ccbbd1952e08b5138717f4ade814039bb489a4315d
Posted Oct 5, 1999

Root exploit for the rpmmail vulnerability in Red Hat 6.0. A vulnerability exists in the rpmmail package distributed on the Red Hat 6.0 Extra Applications CD. The potential compromise for this bug could be remote or local root or simply remote command execution as "nobody" or similar, depending on your system configuration.

tags | exploit, remote, local, root
systems | linux, redhat
SHA-256 | 2cdcf4abe1c6a4a8a7e75b47b916948aa173b33e93083ee15cadd95a85556788
Posted Oct 5, 1999

Sample denial of service attack against the Sambar HTTP-Server 4.2.1 running on Windows95

tags | exploit, web, denial of service
SHA-256 | 525b31fe0c35c900a3355b9822171065bf4356f4d474e7f5c7beb021df4ae167
Posted Oct 5, 1999

A root compromise is possible using a buffer overflow in the cdda2cdr package cdwtools-0.93.78

tags | exploit, overflow, root
SHA-256 | 32b79c5ea9a8b96c79c9a0fe7f9925deece4eff4936063bb2e95cb25d98fa8b8
Posted Oct 5, 1999
Authored by Arne Vidstrom

Buffer overflows in FTP Serv-U 2.5.

tags | overflow
SHA-256 | 3a0930556d22757867dbc57017c8360dce0eea7e4d7cf71bb2f9c0c7a452b56c
Posted Oct 5, 1999
Authored by Arne Vidstrom

".."-hole in Alibaba 2.0.

SHA-256 | ab85df42ea84cf87c53ad28ae97e61da057744109d4ecd488d109858fb7b295e
Posted Oct 5, 1999
Authored by Arne Vidstrom

Vulnerabilities in BisonWare FTP Server 3.5.

tags | vulnerability
SHA-256 | 1afa959029404442157477e21c28438df90a40354bf7959843d365e82fdebf6f
Posted Oct 5, 1999
Authored by Arne Vidstrom

".."-hole in Broker FTP Server v.3.0 Build 1.

SHA-256 | acfc6c3200dab5bf7eab84848292f6b0484d0d94053fc3bd9537b80dcaf13b5b
Posted Oct 5, 1999
Authored by Arne Vidstrom

Netscape Enterprise Server SSL Handshake Bug

SHA-256 | 285d0656db3855b2db3b7e41b331819b487551a63280b537fc0b7c149ef6c543
Posted Oct 5, 1999
Authored by Arne Vidstrom

Buffer overflow in AspUpload 1.4.

tags | overflow
SHA-256 | 5ad4e0688d466820ec188552e81108419055d14da22cdd713bf4a438d2bf83d0
Posted Oct 5, 1999

FAQ for rasfix.exe

SHA-256 | fbfce68bb8e5e746c33c205287d9f86baced70c53d667f8dcfbf312102d3dfa6
Posted Oct 5, 1999

FAQ for gsd.exe

SHA-256 | 3c710b24132607d1316326072588cbbbafa6f8cf55b263847bf047962562da39
Posted Oct 5, 1999

FAQ for strongpass.dll

SHA-256 | df93ffe11f4f0ddb63722def399cb9f806a3b6cd35c76459afe67e090730f6d7
Posted Oct 5, 1999

FAQ for downgrade.exe

SHA-256 | e0d8f88986ab71b07974c540bb3c43278998b87917b87f7e45a8e11cd54edf20
Posted Oct 5, 1999

FAQ for winfo.exe

SHA-256 | df740c0c4b0a038956f3025557238c599d092273325f31256b6d38a9b8485b33
Posted Oct 5, 1999

FAQ for wups.exe

SHA-256 | 9c4ce0912d99f4d38341fb0ffdaf4acf57b50467b2ca8b4cbee38d29e741eeb4
Posted Oct 5, 1999

Rasfix: tightens the permissions on the rasman (Remote Access Connection Manager) service in Windows NT. This stops the exploit which Alberto Rodriguez Aragons has constructed.

tags | remote
systems | windows
SHA-256 | 4bed80ff071c6731b236cc70719c91374e21506329cc7889017f26e8895a9121
Posted Oct 5, 1999
Authored by Arne Vidstrom

GSD (Get Service Dacl) gives you the DACL (Discretionary Access Control List) of the Windows NT service you specify as a command line option.

systems | windows
SHA-256 | 207e65ce416221840f3ea2bdd7b9ff9ee7a7a1ebf1ab4e9599eab2ee19af02c4
Posted Oct 5, 1999
Authored by JD Glaser

NTLast 1.6 is a security audit tool for Windows NT. It's a Win32 command line utility with several switches that search the event log for Interactive/Remote/Failed logon stats. In it's simplist form, it reports the last ten successful logons at your computer. NTLast does two significant things that event viewer does not. It can distinguish remote/interactive logons and it matches logon times with logoff times. NTLast is designed to assist your efforts in tracking down logon/logoff data.

tags | remote
systems | windows
SHA-256 | f4714562db9789cff915e2fdb7578a6c93cb3878834211ba13fda28f127c0952
Posted Oct 5, 1999
Authored by Arne Vidstrom

A DLL that works like passfilt.dll, but enforces some extra password policies to make it harder for password crackers like l0phtcrack to crack LANMAN hashes of the passwords.

SHA-256 | 46c055ddc72e9b13f964b8310997adc7198cac1962db7fc18277c4aea581363b
Posted Oct 5, 1999
Authored by Arne Vidstrom

Fake SMB server that tries a dialect downgrade to get plaintext passwords from remote users. For Windows NT.

tags | remote
systems | windows
SHA-256 | 62340b061d7a15fec551bb7363ad26af415e1c46046113635019a369ec27025b
Posted Oct 5, 1999
Authored by Arne Vidstrom

Uses Null Sessions to retrieve account and share information from Windows NT.

systems | windows
SHA-256 | 438d40336b187ddd4f1ae7936aab6bee89668ec6aa6a4955fd9e39953de21f77
Page 1 of 2

File Archive:

August 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    20 Files
  • 2
    Aug 2nd
    4 Files
  • 3
    Aug 3rd
    6 Files
  • 4
    Aug 4th
    55 Files
  • 5
    Aug 5th
    16 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    13 Files
  • 9
    Aug 9th
    0 Files
  • 10
    Aug 10th
    0 Files
  • 11
    Aug 11th
    0 Files
  • 12
    Aug 12th
    0 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By