exploit the possibilities
Showing 1 - 18 of 18 RSS Feed

Files Date: 2000-01-24

Posted Jan 24, 2000
Authored by Wichert Akkerman | Site wi.leidenuniv.nl

Strace is a system call trace, a debugging tool which prints out a trace of all the system calls made by another process/program. The program to be traced need not be recompiled for this, so you can use it on binaries for which you don't have source. System calls and signals are events that happen at the user/kernel interface. A close examination of this boundary is very useful for bug isolation, sanity checking and attempting to capture race and buffer overflow conditions.

tags | overflow, kernel
systems | unix
MD5 | 4702419bfccbc025b9f10141bcf1ee9a
Posted Jan 24, 2000
Authored by Felix von Leitner | Site fefe.de

ffingerd is a small and secure finger daemon for Unix. It is meant to be run from inetd, designed for security, so that admins don't have to kill the finger service. It has support for autoconf and PGP/GPG.

Changes: IPv6 support (untested) and a Makefile cleanup.
systems | unix
MD5 | eea84aff3b4c7c9ef5a7a3d67daf7d72
Posted Jan 24, 2000
Authored by Moritz Both | Site comlink.apc.org

ipac is an IP accounting package for Linux. It collects, summarizes, and nicely displays IP accounting data. The output of ipac can be a simple ascii table, an ascii graph or even PNG images with graphs showing traffic progression. ipac can be used for IP traffic analysis and for accounting purposes.

Changes: PNG image generation instead of GIF images with a newer version of the GD library, and smaller changes.
systems | linux
MD5 | dafc11d9277b1e7e726a82514bbc8b55
Posted Jan 24, 2000
Authored by Francis J. Lacoste | Site indev.insu.com

Fwctl is a program that intends to make it easier to configure a tight firewall. It provides a configuration syntax that is easier to use and more expressive than the low-level primitives offered by ipchains. It supports multiple interfaces, masquerading and packet accounting. Fwctl doesn't replace a good security engineer, but it can make the job of the security engineer simpler.

Changes: New report generation tools, port forwarding with PPTP and IPSec, support for multiple interfaces with same IP, and bugfixes.
tags | tool, firewall
systems | linux
MD5 | 35265c07d73e686abf03258a93b1ece1
Posted Jan 24, 2000
Authored by ~el8, Johnathing Miles | Site el8.n3.net

Shellgen.c, a shellcode generator by Mixter, has an exploitable buffer overflow. Advisory and exploit included.

tags | overflow, shellcode, magazine
MD5 | 5e7ea81ac8f4572203420a7e6bee7db0
Posted Jan 24, 2000
Authored by Laurentiu Nicula | Site spynet.home.ro

SpyNet v3.12 is a sniffer for Win 95/98/NT/2000 which can recompose the original TCP sessions from the composing packets. Reconstructs telnet sessions, e-mail messages, POP3 logins, etc. Also has the ability to fake cookies it sniffs.

Changes: The sniffer portion is Windows 2000 compatible now! Screenshot here.
tags | tool, sniffer, tcp
MD5 | c2fd90e9fcd673f7c9dea831211b1e21
Posted Jan 24, 2000
Authored by Edward McLain | Site tuial.com

PHP Chains is a PHP3 interface to ipchains. It works with Apache/PHP3 and any version of the 2.2 kernel series and maybe even the 2.3 kernels. Input, output, and firewall chains can be added or deleted along with network objects. Once the script is generated, the chains can be installed immediately off the Web sight. The sudo-1.6.1 package is included in the distribution file.

tags | tool, web, kernel, php, firewall
systems | linux
MD5 | 86d47f9851f556f6c14daa42aa9634e5
Posted Jan 24, 2000
Authored by David Madore

ftpd-BSD is a Linux port of OpenBSD's ftp server (note that there are other such ports). It is thought to be more secure than wu-ftpd and proftpd. This port adds PAM support, and support for on-the-fly decompression of gzipped files.

Changes: IPv6 support (from the latest OpenBSD CVS checkouts) and shadow passwords support as an alternative to PAM authentication.
systems | linux, bsd, openbsd
MD5 | 97a948d05ec63f5510786ccfce5911f7
Posted Jan 24, 2000
Authored by Xie Hua Gang | Site soaring-bird.com.cn

The Linux Intrusion Detection System is a patch which enhances the kernel's security. When it's in effect, many system administration operations can be made impossible even for root. You can turn the security protection on or off online and you can hide sensitive processes and prevent anyone from using ptrace on your system. LIDS can also provide raw device and I/O access protection.

Changes: Minor typos, license to kill for smoother automatic shutdown (UPS), update option for lids.conf dev/inode numbers, and a 2-level encryption password.
tags | kernel, root
systems | linux
MD5 | a93523e8877d71bb20953422d7fc4998
Posted Jan 24, 2000
Authored by Diego Javier Grigna | Site grigna.com

Perro (The Internet Protocols logger) is a set of three daemons that log incoming IP/TCP, IP/UDP and IP/ICMP packets. It also produces detailed log files.

Changes: A Y2K fix.
tags | udp, tcp, system logging, protocol
systems | unix
MD5 | d6c7b6570966abd269fd7bc85b494fa2
Posted Jan 24, 2000

SuSE Security Announcment - A security hole was found in lprold which was distributed with all SuSE versions including 6.3. There are local and remote vulnerabilities. SuSE security site here.

tags | remote, local, vulnerability
systems | linux, suse
MD5 | a31f157bade0e9894053b7a9b05bd32c
Posted Jan 24, 2000
Authored by Brian Wellington | Site xbill.org

Secure FTP (sftp) implements a file transfer protocol using ssh/rsh as the transport mechanism. When the client is invoked, a remote shell is spawned and the server is run. sftp is mainly useful over a secure ssh session since passwords are not exposed. It also has the advantage that no root access is required, since the server runs as a user process.

Changes: A potential hang was fixed, transferring files now preserves modification time, and 'bye' and 'version' commands were added.
tags | remote, shell, root, encryption, protocol
MD5 | 9f9b5d28ff32b2e8c2d443cf5e6a227a
Posted Jan 24, 2000
Authored by Jeremy Beker | Site opensource.3gi.com

Sendmail-TLS is a wrapper for Sendmail which allows for clients to make a secure (SSL) connection to their mailserver as described in RFC 2487. The connection is internally forwarded to sendmail and does not require sendmail to be running on port 25. Clients which support this currently are Netscape Messenger, Microsoft Outlook, and Microsoft Outlook Express.

Changes: Fix for a permissions bug in 'make install' and a new make step to help in creation of self-signed certficates.
systems | unix
MD5 | c70dcdecd1c1170f79897515052e18ae
Posted Jan 24, 2000
Authored by Formatez

in.pop3d backdoor - Still functions as in.pop3d, but gives a shell with the proper password.

tags | tool, shell, rootkit
systems | unix
MD5 | 17c5305640b6991c01bca8be2220d04a
Posted Jan 24, 2000
Authored by rain forest puppy | Site wiretrip.net

Exploit for the new NT remote DOS and possible compromise. NT 4.0 server and workstation are vulnerable, even with SP level 1, 3, 5, or 6.

Changes: AVP no loger thinks this is a trojan, and it no longer reboots the machine it is running on.
tags | exploit, remote
MD5 | 0f740d5d2650f45cced8bb795dd24f8a
Posted Jan 24, 2000
Authored by Dave Shanley | Site hack-net.com

Apocolypso 1.3 is a new crypto tool from HNC. It supports a wide variety of encryption methods, including DES, Blowfish, IDEA, Gost, Misty 1, Twofish, Cast 256, Rinjindael, HNC Single Encryption, and HNC Multi Encryption. Apocolypso runs on Win95, 98, and NT.

tags | encryption, crypto
systems | windows
MD5 | 42ef6a9dd3fa1051bfba53e4c289bb4f
Posted Jan 24, 2000
Authored by Dug Song | Site monkey.org

dsniff is a suite of utilities that are useful for penetration testing. It consists of the following programs: arpredirect intercepts packets from a target host on the LAN intended for another host on the LAN by forging ARP replies. findgw determines the local gateway of an unknown network via passive sniffing. macof floods the local network with random MAC addresses. tcpkill kills specified in-progress TCP connections. dsniff is a simple password sniffer which handles many protocols. mailsnarf outputs all messages sniffed from SMTP traffic in Berkeley mbox format. webspy sends URLs sniffed from a client to your local Netscape browser for display, updated in real-time.

Changes: Addition of Berkeley db output file format to dsniff, as well as restricting logging to unique auth info, new tcpkill program, new dsniff manpage, DNS lookups in dsniff and urlsnarf, addition of HTTP Basic Authentication, Referer, and User-Agent logging to urlsnarf, improved RPC message parsing in dsniff, improved SMTP parsing in mailsnarf, improved HTTP 1.x parsing in dsniff, urlsnarf, and webspy. fixes for IMAP, Rlogin, Telnet option parsing in dsniff, and addition of X11 MIT-MAGIC-COOKIE parsing to dsniff.
tags | tool, local, sniffer, tcp, protocol
MD5 | 8a0c20553f6d7a2896dbc3d8d022e7d0
Posted Jan 24, 2000
Authored by Mixter | Site members.tripod.com

Intrusion Detection Evasion System is a daemon that monitors connections, and forges additional packets to hide from and disturb network monitoring processes of IDS and sniffers. It does this by inserting rst/fin and ack packets with bogus payloads and invalid sequence numbers that only affect network monitors. It also sends a custom amount of SYN requests from arbitrary sources on every real connection attempt it sees, which can for example be used to simulate coordinated scans.

tags | arbitrary
MD5 | 3c1e3c3539b845434d8444f5ab36993b
Page 1 of 1

File Archive:

June 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    1 Files
  • 2
    Jun 2nd
    2 Files
  • 3
    Jun 3rd
    19 Files
  • 4
    Jun 4th
    21 Files
  • 5
    Jun 5th
    15 Files
  • 6
    Jun 6th
    12 Files
  • 7
    Jun 7th
    11 Files
  • 8
    Jun 8th
    1 Files
  • 9
    Jun 9th
    1 Files
  • 10
    Jun 10th
    15 Files
  • 11
    Jun 11th
    15 Files
  • 12
    Jun 12th
    15 Files
  • 13
    Jun 13th
    8 Files
  • 14
    Jun 14th
    16 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2019 Packet Storm. All rights reserved.

Security Services
Hosting By