Microsoft Media Server 4.1 - Denial of Service exploit. This code will crash the Microsoft Media Unicast Server for Windows NT. We have tested this against machines running SP4 and SP6. Exploits the bug in ms00-013
cf6c20c1bd7246463c77ae25834294b7ce3a4cd2ae2fbfb9bfe122b462e14495If X11forwarding is turned on, and remote xauth is patched, sshing into a compromised server can allow programs to be run on under your ssh client. This is turned on by default in ssh1, ssh2, and openssh.
083e386a21e2ee341ea8c6922e55896cde8a2b905b0e442bf586d17e95bf58d8SUID Advisory #8 - Corel Linux 1.0 dosemu distribution configuration. Local users can take advantage of a packaging and configuration error (which has been known and documented for a long time) to execute arbitrary commands as root. Exploit description included.
96c2147114c2083d447c403b05ebe76f0fce1a1dd0a956feda12721668e91518SUID Advisory #7 - Corel xconf utils local root (among others) vulnerability - Local users can take advantage of lack of input validation and the lack of privilege dropping to gain root access, read any file, or perform a denial of service attack on Corel Linux systems.
e0779a0f39462f1e76553c9a16bd665c4bd32dbc04921ce7b2363ed40212fb1bBasic CallerID Logger is a perl script which provides CID logging to a database. It was written to use mysql but as long as you can generate the table for your own database, it should work fine. It puts the data into the table without any format changes; the idea is that an auxiliary program can make the format changes when it displays the data.
37deaffb089381912d8e5ae0edfe1798a039efd263edc68e910c5ac2e6a2b50flkpatch is a Linux kernel patcher. It connects to the fastest mirror, checks for new versions of the Linux kernel, downloads them, and patches your kernel source. It determines the fastest mirror by keeping track of previous download times.
1a234e67a804aa5c05f9783e13ec5602498c8bb1b534244cafd3b180f1e343d3Medusa DS9 is used to increase Linux's security. It consists of two major parts, Linux kernel changes and the user-space daemon. Kernel changes do the monitoring of syscalls, filesystem actions, and processes, and they implement the communication protocol. The security daemon communicates with the kernel using the character device to send and receive packets.
e30cd855861c797c09409abd181162212fe0cd69a038f27e2efee82072f17677NetBus 1.6 (Patch 4) - Patched to avoid detection by Spider, Drweb, Avp, and Norton Antivirus. Archive password is set to p4ssw0rd. Use at your own risk.
038a91f8d27ee8603040e79ae6d00da67c535f7f1da6333069b65cc5271f73ddBack Oriface 1.20 (Patch 8) - Patched to avoid detection by Drweb, Avp, and Norton Antivirus. Archive password is set to p4ssw0rd. Use at your own risk.
df6dd89973ea80854ecdeb64af2c2a3c9d1a481a1303416ef991cce0ac773244ICQ trojan - Patched to avoid detection by Drweb, Avp, and Norton Antivirus. Archive password is set to p4ssw0rd. Use at your own risk.
91109dd3636156804ff080e5ef796d4179d09b7f040f436e6083308b9ad02764Girlfriend remote control trojan - Patched to avoid detection by Drweb, Avp, and Norton Antivirus. Archive password is set to p4ssw0rd. Use at your own risk.
f0b8301a62219a211d29fb07000acd20f74bc7ce39ff340138b356c7381c941dNarrow Security Scanner 2000 searches for 341 remote vulnerabilities. Written in perl, tested on Redhat, FreeBSD, and OpenBSD, Slackware, and SuSE.
1865f7490af47de613f86e7a76f25b4390edffeca15d793cdb6566e8202dc5e6The one and only way to bypass the Power On BIOS password of a Toshiba Notebook. This method works on all models.
e8d2a181c14abba4811368c718535b1ecf1f7973b516f96befe422e3ef52cc4cAicmpsend is a perl script for sending custom ICMP packets.
9aedb80c57bf46b31ee5ea9f89cdc5ab838aba4916f18735d83d07848c8192faCGI vulnerability scanner version 2.00. Checks for 173 CGI vulnerabilities. Tested on linux, freebsd, and irix.
0431b7efce10152b2d33936031b456224a8417c3e9dd186c96dad485ee727526HTTP-XpsScanner scans a remote webserver for 77 vulnerable cgi scripts.
9f64d018277b2464ac86046ec1d3fc1aae140c378368b93e82d9c71a193f3becCoding in C - a summary of some popular mistakes. Most of them are not detected at compile time with all warnings enabled, which makes them very nasty and hard to detect.
737d50616c03d55f8e032bb3348892b062e5ced53d2c378786dbda33ef725c28shlog.c is a small program that will do getpeername on its input descriptor, and log a remote host, if it is invoked via a remote session, along with uid/gid to syslog. can be used as additional logging tool for login shells (by putting it into the system profile).
bd42d52088d6edf926cf9b9ece53c386df3616f092ad9588f1a8757e43cc353fipac is an IP accounting package for Linux which collects, summarizes, and nicely displays IP accounting data. The output of ipac can be a simple ASCII table, an ASCII graph, or even images with graphs showing traffic progression. ipac can be used for IP traffic analysis and for accounting purposes.
6b4a9beccc08dc306981c47388d502f984e724b1f42f3f0b055e28b67501acccJFwadmin is a Java 2 high-level X11 tool for ipchains. The GUI displays easy-to-understand services. Features include boot scripts generation, firewall save and restore, automatic interface and IP address and routes detection, and current firewall configuration display.
e5f2f8ccaaeac8588cf914fa1379b5cf4d28b901a6ac22a38c6716b533a65123SUID Advisory #6 - form.cgi and message.cgi. Anyone can execute any command on the remote system with the priveleges of the web server.
7218fd9d54aa6eeff4bbbbe4da3df325b9a0677e5cf227fce0be65494e9e7c7fWhat you don't know will hurt you - Remote information gathering. This paper outlines two models of information gathering . The first model is "noisy" where the attacker uses all known resources with little reguard for what footprints* might be left on the target. The second is "stealthy". Wherein the attacker uses methods and packages designed to subvert logging facilities on the target.
7ad6564fa61c83377ccb981bf858b6053af46d1c53f44d173b57428b2d0d38a9Netgrep checks a range of hosts for a specific service and grabs the banner. Features the ability to send a string to the port, and the ability to grep through the banner.
5db887fef030a6bd5114a42ab513996b22e0c7934e3da58c0568a6c7af3e6e48Tfn2k password recovery tool - Tfn2k asks for a password during the build, which is used to prevent someone from recovering the password from the td or tfn binaries. Usefor for forensics, or to command a whole flood network to send you mail letting you know all the machines infected, or to command an attack to stop if you can recover a binary.
cfd719ba0cd05621c443ed48728a727968997b11e93221a512eaa02351d08836CERT Incident Note - Windows Trinoo tool.
25e2126138bb2e55f48b34087e2f8ea0f59f9b3c7211778a0c2d68d6de4c24f4
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed