Clone.c mutation - Clonebot IRC war script.
aaa31957a35cc46bb46b173b0eff597201a4590d2decf46f8351852f60114306Windows NT security update - Georgio Guninski discovered a problem with Internet Explorer that may allow the circumvention of the browser's domain security. Microsoft is aware of the issue, however no response was known at the time of this writing. Details here.
3d8453baf779aa48a54279be429ddc72af319e8be0ef01cc23d83f7fbab12591Wu-ftpd 2.4 remote root exploit for SuSE. Tested on SuSE 6.0 running Wu-ftpd 2.4.2-beta18.
862433a85c3fe8dac027facc9893261265443d119f46a08313455648da4c343aRemote exploit for PowerScripts PlusMail (all versions to current). Plusmail is an extremely popular cgi-based administration tool that allows you to remotely administer your website with a graphical control panel interface. The password file, however, is set with permissions rw enabled. All platforms are affected.
3a4c5c187df76131d4ae05c24665c8c7ee7290abe354df60a05f00210e06f59cThis program is a fake logon screen for Altavista's Free Internet Service (FreeAV). It automaticly logs the password and username and date in a log file. Screenshot here. Archive password is set to p4ssw0rd. Use at your own risk.
073be178a4d39072eea70fa81cbf4575c56001c8472fc66a1f820836fa33b57eA security bug was found in userhelper; the bug can be exploited to provide local users with root access.
fc3a85f9ccd212e3b0bcadc3eaae214af2b8f7c2b9310450a380508e3ed8aca2Two security vulnerabilities exist in the lpd (line printer daemon) shipped with the lpr package. First, authentication was not thorough enough. If a remote user was able to control their own DNS so that their IP address resolved to the hostname of the print server, access would be granted, when it should not be. Secondly, it was possible in the control file of a print job to specify arguments to sendmail. Through careful manipulation of control and data files, this could cause sendmail to be executed with a user-specified configuration file. This could lead very easily to a root compromise.
56b741d61ee2576a5d24470f80029e501accafe37d6d997f5fa992cf0d973d00floppyfw is a router and simple firewall on one single floppy. It uses Linux basic firewall capabilities and have a very simple packaging system. It is perfect for masquerading and securing networks on ADSL and cable lines using both static IP and DHCP. It has a simple installation, mostly only needed to edit one file on the floppy.
3bfa89b8fab1ead497e119f9cc1b129783e0c86f449a72c0ac952df65a4a9f6dnetfilter is a framework for arbitrary packet mangling. So far, a new NAT system and packet-filtering system have been built on top of it, as well as compatibility modules for ipfwadm and ipchains. Netfilter is a work-in-progress, but should be fairly robust for non-exotic work.
5c408a9ccdfb46e1d8fa414673cca5538332fbf428a258088e7938ed700858a9Checksums takes a file of predetermined MD5 checksums and compares with the current sum. It can be installed as a command line tool, or as a CGI which will allow you to upload the sums file remotely. In either case it is a useful tool to detect changes in your system files, such as a trojan.
96a42c4516d93a85f9e64561995083aa0404bd3dd489339bcc99aca203398fbegShield (formerly Godot's Modified Modular Firewall), is an aggressive, modular, ipchains-based firewall script. Features include: easy configuration through a BSD-style configuration file, optional IPmasq support, TCPwrapper-like funtionality for service access, and extremely restrictive defaults. It hopes to make administrating a comprehensive firewall easier, as well as offering robust protection.
2b2b2f05385266ea208312a5a7ef5622705f625a29c02d2dc8a2f145be1702a1Kmap is a QT/KDE front-end to nmap, a popular and powerful console portscanner. Kmap allows quick and easy access to all of nmap's features, with much less hassle. Kmap also sorts the output from nmap into usable sections, so you easily extract the information you want.
de9be336a87deb7dc42bf57855679326caf55bfe92d50ce1ccbc0986d25c4f20The version of nvi that was distributed with Debian GNU/Linux 2.1 has an error in the default /etc/init.d/nviboot script: it did not handle filenames with embedded spaces correctly. This made it possible to remove files in the root directory by creating entries in /var/tmp/vi.recover. Debian security homepage here.
6d4d0a9f29c0d75e85c71619ed6c28d2c170f546ad98962ee9eee00a03583594When you write buffer overflows you need to put the opcodes, not the actual assembly in the script, or file or whatever. This program allows you to insert the assembly into the program, and then it outputs it to a text file in string format so you can put it directly into a char buffer in a C\C++ program.
ee23bb2efd95ce84c852fdf6822d8cf9332d4492a2ce0ee628408c5fd17e3726Ethereal is a GTK+-based network protocol analyzer, or sniffer, that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and to give Ethereal features that are missing from closed-source sniffers.
0eedca5debe6af6a5af845337e86808bb47200e01fa50d69a0c58f3e3d9b74baNetRaider - Remote W9x/2000 Administration Tool. Archive password is set to p4ssw0rd. Use at your own risk.
e379315a4b8a5841d6ef735084a467af6ec33712111b63d7ade2831308b070daGcc 2.7.2.x Exploit - C version.
867a0fdc26a013485e3d1f9f158a953de2b5612c8ef8f16856d92774668eb453LKMs to forge and detect spoofed packets on your host.
63eeed4aae44fadc07265a1c0556b5a934b034ff55fa486354a70e0a716427c9Covert Tunnelling in ICMP 0x00 ECHO REPLY messages for Windows.
4262694dbb61e796e99741c6d41e263dbe37a5eee399e98fdd70e9d047dc32ccThe version of lpr that was distributed with Debian GNU/Linux 2.1 and the updated version released in 2.1r4 have a two security problems - Local users can obtain root access and remote users can access the print server. Debian security homepage here.
76f28548f53eab0c17b0e5cb003d08d19470656cb9af609506e56f57b0c25ed8Reverse Engineering Winamp - How to modify windows binaries to do anything you want. Uses reverse engineering winamp to read encrypted mp3's as an example.
b205c7aa737490b5282634163d7d5c96864e4fc24cac7d39c30de010ec9c410eThis script will upload a trojan to an RDS vulnerable site running NT and execute the trojan.
103493a4c6051cab304f220b22274a4ca432f01306d62d03af4825d7c7bf7105Opens a password protected backdoor and lets you execute commands, and then hides in the background. Based on gs.c.
118f42a1b5e7124b4e829331a89a5b9f25e3c7b3cc532e337fd5d7b50f328bc9HPSBUX0001-108.txt
7e0972b43759005224b7400e4fe364e662a155b0eb2f90c90a42b372f8cd141eThe Audio Security File is world writable on HP9000 Series 7/800 running HP-UX releases 10.X and 11.X. Denial of service, increase in capabilities possable.
40cdf8e217100d575b7d1230b20a876d147c01cfb06025595a9f49baf3429cce
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed