Passive Connection Shellcode. Source is well documented.
9a944285c6e4fd0c571372a7f0144445fb852e672dec8b5363b5e3def84f1d5e
DETECT UDP SP00FiNG ON OUR FREEBSD BOX VIA KLD.
11818d662899f1f3be9befbe3281444ed8c4bb2041a3cb4441cf83924c29f7d8
LKM Detector - This module lets you a compare between a syscall & its kernel function, so you can detect any lkm which modifies your system. More documentation available here.
4dd86712125cd0e0aa3f86be78658c7384fc49ad18e49214d42677ca2d36a51b
s0ftpj snmp community name sniffer.
b045cba106f925e47765e9721dffa6e74e74231ba4043f0d3d73f43f57bab70c
IP_HDRINCL protection beta version 1.
7aa4377e96ae6d5a56e9a8b54c43ebb66246e4eb4db2d225719debea79ca60dc
Total obscurity for BPF Promisc Mode.
c8c67b00a7d8e3402342580f91f8c081512aed840c76ef6935fdc3c782677947
This simple source code uses sysctlbyname() to fetch statistics for a protocol that you can use for security purposes or for kernel testing.
f2452776425ae8565c153915701d04ef8305cbbdb0c2a5c86bafeb1133367914
IGMP/ICMP/IPIP/IDP/RSVP/IPIP/IPPROTO_RAW KERNEL CHECKER.
88d150b0fb1f12572bd32f4c4c131012166c8ebc26ac873c1c57d35c641e1113
Anti-spoofing lkm for FreeBSD via setsockopt() - detects and logs IP header manipulation.
6767ad2628aeb75102b54f33c88228bce7c4be5f07f5cbae3e4f3913921460c4
Simple Example of log for bad packets.
76919eef44ccbc084bae1b1b2858c154e8ae5fb096cbd787fb5ffe140a252a27
No information is available for this file.
7b5020a1c7b11432fd1cbe770c0957b73540e15ad8fa75ec2c2f318f05abe044
This kld gives you an example of how you can modify the output function of an Ethernet Interface.
b8193a4ce9a200bd034f7b9a59a6e301442838672141666df6e87261c2ba01be
The Siphon Project is designed to be a portable passive network mapping suite. Siphon currently does passive mapping of TCP ports and passive OS identification.
797063d1d38017aef05b78d7e475cc5fbbb3c7efebb62fdda8eb38a6271ec297
Scans anything from class C's to the entire internet for broadcast to use with DoS attacks. It has a decent amount of versatility. Read the comments prior to usage. Same as smurfscan.c, but ported to BSD.
df29e07a5b1346593af0a8a2866da3e9fee712b0b608fe70220243cffb324563
Scans anything from class C's to the entire internet for broadcast to use with DoS attacks. It has a decent amount of versatility. Read the comments prior to usage.
c0ddc7fb338978523aa42832beb988f9f39fc117eb8f2b811327aca26d9e6aff
Originally posted on BugTraq in regards to the Cart32 vulnerability. This code checks to see if the host is active and then makes a http connection to the victim. It then scans the victim for the vulnerable version of cart32 and prints to stdout telling you if the server is vulnerable or not.
ee49a21de9c4a64cc444f45024926ba669a0768f3bb9704725c9bb515169a44e
ISS Security Alert Summary for May 1, 2000. 35 new reported vulnerabilities this quarter, including: eudora-warning-message, icradius-username-bo, postgresql-plaintext-passwords, aix-frcactrl-file-modify, cisco-ios-http-dos, meetingmaker-weak-encryption, pcanywhere-tcpsyn-dos, piranha-passwd-execute, piranha-default-password, solaris-lp-bo, solaris-xsun-bo, solaris-lpset-bo, zonealarm-portscan, cvs-tempfile-dos, imp-wordfile-dos, imp-tmpfile-view, suse-file-deletion, qpopper-fgets-spoofing, adtran ping-dos, emacs-local-eavesdrop, emacs-tempfile-creation, emacs-password-history, irix-pmcd-mounts, irix-pmcd-processes, irix-pmcd-dos, iis-myriad-escape-chars, freebsd-healthd, beos-syscall-dos, linux-trustees-patch-dos, pcanywhere-login-dos, beos-networking-dos, win2k-unattended-install, mssql-agent-stored-pw, and webobjects-post-dos.
6d59eba0abd44501049acfa5e821123af34e918e7a66fc7f61eef2851fad52c7
How www.apache.org was defaced. This paper does _not_ uncover any new vulnerabilities. It points out common (and slightly less common) configuration errors, which even the people at apache.org made. This is a general warning. Learn from it.
c8fbb4923e10b56d5fcbff059d91139c68b95de7f091f514ef51869d1183cf7a
Nmap 2.52 - Added very simple man pages for xnmap/nmapfe (lack of man pages for these was noticed by LaMont Jones (lamont (at) hp.com), the Debian Nmap package maintainer, based on bug report by Adrian Bunk (bunk (at) fs.tum.de ). Fixed a "Status: Down" machine name output problem in machine parseable logs found by Alek O. Komarnitsky ( alek (at) ast.lmco.com ). Took some wierd files out of the doc directory (cd, grep , vi, and .swp). Fixed some typos found by Thomas Klausner ( wiz (at) danbala.ifoer.tuwien.ac.at ). Updated nmap-rpc with new entries found in the latest version of Eilon Gishri's rpc list.
14750d8bab973751299de8f734eb634234d4e00711396fcb169c0b77a6eff386
Phrack Magazine Issue 56 - Shared Library Redirection via ELF PLT Infection, writing IRIX shellcode, subtle backdooring techniques, Bypassing StackGuard and StackShield, the Phrack Prophile, and more
d4f49f9260edf5b745cd4416f6356f315a9364592830c2a900a874ca7988e437