exploit the possibilities
Showing 1 - 19 of 19 RSS Feed

Files Date: 2000-02-22

Posted Feb 22, 2000
Authored by Alt3kx | Site raza-mexicana.org

Exploit for Wu-ftpd 2.5 overflow - In spanish.

tags | tool, overflow, scanner
systems | unix
MD5 | 87d306805645ff4cca6d055bbeef9b65
Posted Feb 22, 2000
Authored by Carcin0gen

roi.sh is a small shell script to do remote OS identification, using Netcraft's services.

tags | tool, remote, shell, scanner
systems | unix
MD5 | cd3e6a9216f9ade7e3a59301ff743dfb
Posted Feb 22, 2000
Authored by LigerTeam | Site liger.fnetwork.com

Unused bits in the TCP header are interpreted incorrectly by some applications, allowing for some interesting application specific attacks to take place.

Changes: Updated for readability.
tags | tcp
MD5 | 223d40f8ec24ed8145c189c7ba4ebbf0
Posted Feb 22, 2000
Authored by W. ter Maat

Grazer1's Bait System opens a specific port and logs connections to it. Simple and ghetto way to log Netbus requests.

tags | tool, intrusion detection
systems | unix
MD5 | eb7bffeff5bf8f893bbeb14cdb2f2649
Posted Feb 22, 2000
Authored by J-Dog | Site resentment.org

ViperDB was created as a smaller and faster option to Tripwire. ViperDB does not use a fancy all-in-one database to keep records. Instead it uses a plaintext db which is stored in each "watched" directory. By using this there is no real one attack point for an attacker to focus his attention on. This coupled with the running of ViperDB every 5 minutes (via cron root job) decreases that likelihood that an attacker will be able to modify your "watched" filesystem while ViperDB is monitoring your system.

Changes: Ignore file functionality which allows user to specify files to ignore added. Updated code works better on solaris, updated ls options to lAcr for solaris instead of standard laAs. Splitting permissions code cleaned out into owner, group, all perms.
tags | tool, root, intrusion detection
systems | unix
MD5 | 3018ff63bf0aa467d1e34769ab332416
Posted Feb 22, 2000
Authored by Marcus Schopen | Site uni-bielefeld.de

DynFW for ipchains constantly checks /var/log/messages for packets denied by ipchains and responds by temporarily setting up firewallrules that deny any access from the originating IPs. Optionally it can do an ident lookup before setting up the rules.

Changes: using perl module tail instead of system's tail binary, starting & stopping is handled by pid, deleting rules after stopping, and inserting rules after restarting.
tags | tool, firewall
systems | linux
MD5 | 8846bf02d1cfa1d2e304d9ad8d814c38
Posted Feb 22, 2000
Authored by Balazs Scheidler | Site balabit.hu

syslog-ng as the name shows is a syslogd replacement, but with new functionality for the new generation. The original syslogd allows messages only to be sorted based on priority/facility pair, syslog-ng adds the possibility to filter based on message contents using regular expressions. The new configuration scheme is intuitive and powerful.

Changes: Portability and other bugfixes. (Alpha and PPC should now work without problems.)
tags | system logging
systems | unix
MD5 | 0b2b4f75d158f89e016677d9cf9ea20a
Posted Feb 22, 2000
Authored by Tom Vier | Site wipe.sourceforge.net

ya-wipe is a tool that effectively degausses the surface of a hard disk, making it virtually impossible to retrieve the data that was stored on it. This tool is designed to make sure that sensitive data is completely erased from magnetic media.

Changes: A fix for a typo that caused ioctl() to not be used (only affected block device support).
systems | unix
MD5 | ca66fc3147476033c30f3544d9ddf76c
Posted Feb 22, 2000
Authored by teso, stealth | Site team-teso.net

Adore is a linux LKM based rootkit. Features smart PROMISC flag hiding, persistant file and directory hiding (still hidden after reboot), process-hiding, netstat hiding, rootshell-backdoor, and an uninstall routine. Includes a userspace program to control everything.

Changes: Improved promisc hiding, port hiding fixed, and a readme.
systems | linux
MD5 | 3879c8ab46ebf72dc61bf267ea1f00a2
Posted Feb 22, 2000
Authored by R. Gregory | Site linuxmafia.org

gShield is an aggressive, modular, ipchains-based firewall script. Features include: easy configuration through a BSD-style configuration file, optional IPmasq support, TCP-wrapper-like funtionality for service access, and extremely restrictive defaults. It hopes to make administrating a comprehensive firewall easier, as well as offering robust protection while being easy to setup/maintain.

Changes: A serious typographical error was fixed in ipmasqadm. Outgoing blocks for non-routable source addresses were added, and a check to ensure ip-forwarding is disabled unless specifically enabled was added as well.
tags | tool, tcp, firewall
systems | linux, bsd
MD5 | d489791d7923dc102d7428d5ca48ef79
Posted Feb 22, 2000
Authored by Xfer

The Administrators Control Module (ACM) for kernel 2.2.x patches system calls like execve(), setuid(), open(), ipc(), setgid(), setreuid(), and setregid() for better security logging.

tags | kernel
systems | linux
MD5 | 3861e8b18bf7aa439b67e0f504bb9b1f
Posted Feb 22, 2000
Authored by Bennett Todd

Distributed Denial of Service Attacks have recently emerged as one of the most newsworthy, if not the greatest, weaknesses of the Internet. This paper attempts to explain how they work, why they are hard to combat today, and what will need to happen if they are to be brought under control. Plain text format, PS and HTML available at the homepage, here.

tags | denial of service
MD5 | aa3bb0212d4996647acb70f05d80b4a2
Posted Feb 22, 2000
Authored by Dug Song | Site monkey.org

dsniff is a suite of utilities that are useful for penetration testing. It consists of the following programs: arpredirect intercepts packets from a target host on the LAN intended for another host on the LAN by forging ARP replies. findgw determines the local gateway of an unknown network via passive sniffing. macof floods the local network with random MAC addresses. tcpkill kills specified in-progress TCP connections. dsniff is a simple password sniffer which handles many protocols. mailsnarf outputs all messages sniffed from SMTP traffic in Berkeley mbox format. webspy sends URLs sniffed from a client to your local Netscape browser for display, updated in real-time.

Changes: HTTP proxy fixes, manpages, telnet fix.
tags | tool, local, sniffer, tcp, protocol
MD5 | 7df8aa33816cabf1f3e3dce8c21d818c
Posted Feb 22, 2000
Authored by Martin Mevald | Site penguin.cz

Secure Deletion under Linux kernel patch. If a regular file has set attribute "s" on ext2 filesystem, the file will be securely deleted after an "unlink" call by the "srm" program.

tags | kernel
systems | linux
MD5 | 811368f0d49a265a31ec7d3e3cfb51a7
Posted Feb 22, 2000
Authored by Francis J. Lacoste | Site indev.insu.com

fwdumpd is a daemon which communicates with the kernel firewall using the netlink socket interface and copies packets marked for outputs to user space (usually using the -o of ipchains) to a binary capture file. This file is compatible with tcpdump and several other analysis programs. It is now possible to inspect all those denied packets.

tags | tool, kernel, firewall
systems | linux
MD5 | 26e92908b29acc8a558367b628494f28
Posted Feb 22, 2000
Authored by John Viega | Site rstcorp.com

ITS4 is a command-line tool for statically scanning C and C++ source code for security vulnerabilities. ITS4 scans through source code for potentially dangerous function calls that are stored in a database. Anything that is in the database gets flagged. ITS4 tries to automate a lot of the grepping usually done by hand when performing security audits.

tags | vulnerability
systems | unix
MD5 | bcf4c815b8d6d114e98b78e8db03141d
Posted Feb 22, 2000
Authored by Richard Fromm

This script sniffs traffic on the network watching for ebay userids and passwords. This is only possible because (as of this writing), ebay does not encrypt passwords -- they are sent in the clear.

tags | exploit
MD5 | 089c41fd118e2268f80957d3b5133f14
Posted Feb 22, 2000
Authored by Dug Song | Site monkey.org

Exploit for recent FW-1 FTP problems - Demonstrate a basic layer violation in "stateful" firewall inspection of application data (ftp within IP packets). Checkpoint alert about this vulnerability here.

tags | exploit
MD5 | 835a52a28c324e1d897fde567b0680d0
Posted Feb 22, 2000
Authored by Portal | Site security.is

Qpop3.0b30 and below buffer overflow exploit. Remote, but requires username and password.

tags | exploit, remote, overflow
MD5 | 02a791442470952c4bc80b6082d11105
Page 1 of 1

File Archive:

September 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    20 Files
  • 2
    Sep 2nd
    15 Files
  • 3
    Sep 3rd
    15 Files
  • 4
    Sep 4th
    4 Files
  • 5
    Sep 5th
    1 Files
  • 6
    Sep 6th
    1 Files
  • 7
    Sep 7th
    15 Files
  • 8
    Sep 8th
    27 Files
  • 9
    Sep 9th
    7 Files
  • 10
    Sep 10th
    16 Files
  • 11
    Sep 11th
    9 Files
  • 12
    Sep 12th
    0 Files
  • 13
    Sep 13th
    0 Files
  • 14
    Sep 14th
    25 Files
  • 15
    Sep 15th
    15 Files
  • 16
    Sep 16th
    15 Files
  • 17
    Sep 17th
    15 Files
  • 18
    Sep 18th
    12 Files
  • 19
    Sep 19th
    1 Files
  • 20
    Sep 20th
    1 Files
  • 21
    Sep 21st
    15 Files
  • 22
    Sep 22nd
    21 Files
  • 23
    Sep 23rd
    8 Files
  • 24
    Sep 24th
    15 Files
  • 25
    Sep 25th
    4 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2020 Packet Storm. All rights reserved.

Security Services
Hosting By