Exploit the possiblities
Showing 1 - 25 of 431 RSS Feed

Files Date: 2000-05-01 to 2000-05-31

linux-security.1-5.txt
Posted May 30, 2000
Authored by Benjamin Thomas, Dave Wreski | Site linuxsecurity.com

Linux Security Magazine May 29. In this issue - Articles: The Top 10 Security Risks, Intrusion Detection on Linux, Analyzing Future Computer Trends and Threats, Always-on Internet Security, Mini-FAQ: "antivirus software for Linux". New Advisories this week: FreeBSD process and krb5 vubnerabilities, TurboLinux gpm, SuSE gdm, Slackware fdmount, XFree86 Multiple distribution vulnerability, Red Hat Secure Web Server 3.0-3.2: mailmail, Qpopper Vulnerability, Mandrake 7 dump vulnerability, Mandrake xemacs vulnerability, Mandrake fdmount buffer overflow, Caldera buffer overflow in kdm, and Caldera DoS attack against X server.

tags | web, overflow
systems | linux, redhat, freebsd, suse, slackware, mandrake
MD5 | 5968cee6649df42f5ce0e6f50ab983d4
conflictd.tar.gz
Posted May 30, 2000
Authored by Noah | Site ccitt5.net

conflict-DoS.c and conflictd.c are tools which spoof arp packets to make an annoying popup message appear on the target windows machine. It is faster to close all the boxes than reboot. Tested on FreeBSD 4.0. Uses libnet.

tags | denial of service, spoof
systems | windows, freebsd
MD5 | d1f4f4f2fc174b686f2d6c042f7ca444
snuff-v0.8.1.tar.gz
Posted May 30, 2000
Authored by Noah | Site ns2.crw.se

Snuff is a packet sniffer for Linux 2.0/2.2 that can monitor many streams at once. It can also mail and wipe the log if reached a specified size.

Changes: No more crap in the sniff logs anymore - Checking the size of the ip & tcp header now. Added the keepopen parameter for the log file and fixed a y2k bug.
tags | tool, sniffer
systems | linux
MD5 | d185f08af18e5f162c63e3b184e32c40
ecrack-0.1.tgz
Posted May 30, 2000
Authored by Sean Trifero | Site innu.org

ECrack v0.1 - Energymech (StarGlider Class - IRC bot) brute force password cracker. Tested with emech-2.7.6 but should work with other versions also.

tags | cracker
MD5 | fe0c1cebcc5cdcf15a9ace8db11d5b80
hunt-1.5bin.tgz
Posted May 30, 2000
Authored by Pavel Krauz | Site cri.cz

Hunt (linux binary distribution) is a program for intruding into a tcp connection, watching it and resetting it. It can handle all connections it sees. Features: Connection Management - setting what connections you are interested in, detecting an ongoing connection (not only SYN started), Normal active hijacking with the detection of the ACK storm, ARP spoofed/Normal hijacking with the detection of successful ARP spoof, synchronization of the true client with the server after hijacking (so that the connection don't have to be reset), resetting connection, watching connection; Daemons - reset daemon for automatic connection resetting, arp spoof/relayer daemon for arp spoofing of hosts with the ability to relay all packets from spoofed hosts, MAC discovery daemon for collecting MAC addresses, sniff daemon for logging TCP traffic with the ability to search for a particular string; Packet Engine - extensible packet engine for watching TCP, UDP, ICMP and ARP traffic, collecting TCP connections with sequence numbers and the ACK storm detection; Switched Environment - hosts on switched ports can be spoofed, sniffed and hijacked too; much, much more. Requires Linux 2.2, GlibC 2.1 with LinuxThreads, Ethernet.

Changes: Bug fix release - computation of packet checksum has been fixed, packet relaying for routers has been corrected, unprintable characters are printed in <hex> and printing of terminal control characters can be turned off.
tags | tool, udp, spoof, sniffer, tcp
systems | linux
MD5 | 87f2246deedd822cc19a3cbbf9bf000c
hunt-1.5.tgz
Posted May 30, 2000
Authored by Pavel Krauz | Site cri.cz

Hunt is a program for intruding into a tcp connection, watching it and resetting it. It can handle all connections it sees. Features: Connection Management - setting what connections you are interested in, detecting an ongoing connection (not only SYN started), Normal active hijacking with the detection of the ACK storm, ARP spoofed/Normal hijacking with the detection of successful ARP spoof, synchronization of the true client with the server after hijacking (so that the connection don't have to be reset), resetting connection, watching connection; Daemons - reset daemon for automatic connection resetting, arp spoof/relayer daemon for arp spoofing of hosts with the ability to relay all packets from spoofed hosts, MAC discovery daemon for collecting MAC addresses, sniff daemon for logging TCP traffic with the ability to search for a particular string; Packet Engine - extensible packet engine for watching TCP, UDP, ICMP and ARP traffic, collecting TCP connections with sequence numbers and the ACK storm detection; Switched Environment - hosts on switched ports can be spoofed, sniffed and hijacked too; much, much more. Requires Linux 2.2, GlibC 2.1 with LinuxThreads, Ethernet.

Changes: Bug fix release - computation of packet checksum has been fixed, packet relaying for routers has been corrected, unprintable characters are printed in here.
tags | tool, udp, spoof, sniffer, tcp
systems | linux
MD5 | 5a8886784d1668a8518d5562bfd01ae7
suse.kmulti.txt
Posted May 30, 2000

SuSE Security Announcement - A local security hole was discovered in the KDE CD player, kmulti here.

tags | local
systems | linux, suse
MD5 | dc3b3731cddb7ed1e3ea1d7f980f42e0
wemilo.tcl
Posted May 30, 2000
Authored by r00tabega, Futant | Site r00tabega.com

Remote Cart32 exploit - Though L0pht released an advisory and patch for the well known Cart32 bug, this is the first exploit released to date. Allows remote command execution.

tags | exploit, remote
MD5 | 83dd9bf64eb6edf2be0009d8544be719
execve-shell.tar.gz
Posted May 29, 2000
Authored by teso, scut | Site team-teso.net

execve-shell.tar.gz allows you to easily create linux x86 shellcode that execs any command you supply.

tags | shell, x86, shellcode
systems | linux
MD5 | ce5e7d60f9ccddc207136cdd9bdaabe7
lids-0.9.5-2.2.15.tar.gz
Posted May 29, 2000
Authored by Xie Hua Gang | Site lids.org

The Linux Intrusion Detection System is a patch which enhances the kernel's security. When it's in effect, many system administration operations can be made impossible even for root. You can turn the security protection on or off online and you can hide sensitive processes and prevent anyone from using ptrace or any other capability on your system. LIDS can also provide raw device and I/O access protection.

Changes: Bugfixed for protect mount point, lids_check_base, fixes for lidsadm when adding ACLs, added sparc64 support.
tags | kernel, root
systems | linux
MD5 | e86a56ce473d4132d1a64ef6e1114c8b
ippl-1.99.5.tar.gz
Posted May 29, 2000
Authored by Hugo Haas | Site pltplp.net

Ippl is a configurable IP protocols logger. It currently logs incoming ICMP messages, TCP connections and UDP datagrams. It is configured with Apache-like rules and has a built-in DNS cache. It is aimed to replace iplogger.

Changes: Fixed two typos and a bug causing ident on closing connexions to loop forever - this is the beta branch.
tags | udp, tcp, system logging, protocol
systems | unix
MD5 | 68349a916ed5fa20b43d1712ca70fbbf
ippl-1.4.10.tar.gz
Posted May 29, 2000
Authored by Hugo Haas | Site pltplp.net

Ippl is a configurable IP protocols logger. It currently logs incoming ICMP messages, TCP connections and UDP datagrams. It is configured with Apache-like rules and has a built-in DNS cache. It is aimed to replace iplogger.

Changes: Bug fixes - This is a stable release.
tags | udp, tcp, system logging, protocol
systems | unix
MD5 | a4bf3a222c60db1be8814ea0754aaf6a
Nmap Scanning Utility 2.54 BETA 1
Posted May 29, 2000
Authored by Fyodor | Site insecure.org

Nmap is a utility for network exploration or security auditing. It supports ping scanning (determine which hosts are up), many port scanning techniques (determine what services the hosts are offering), and TCP/IP fingerprinting (remote host operating system identification). Nmap also offers flexible target and port specification, decoy scanning, determination of TCP sequence predictability characteristics, sunRPC scanning, reverse-identd scanning, and more.

Changes: Added an extremely cool scan type -- IP Protocol scanning. Basically it sends a bunch of IP headers (no data) with different "protocol" fields to the host. The host then (usually) sends back a protocol unreachable for those that it does not support. By exclusion, nmap can make a list of those that are supported. Fixed some minor bugs in nmap and nmapfe, and added Russian and Lithuanian documentation.
tags | tool, remote, tcp, nmap
systems | unix
MD5 | a08482d87453022a6fc98e145b394e03
sniffit_NT.0.3.7.beta.zip
Posted May 28, 2000
Authored by Symbolic Worldwide | Site symbolic.it

Sniffit 0.3.7 beta for Windows NT/2000. This package requires winpcap, available here.

tags | tool, sniffer
systems | windows, nt
MD5 | a0e7d1042f5250b99d0a6a165fa15289
jolt2.c
Posted May 28, 2000
Authored by Phoenix

jolt2.c exploits the recent "IP Fragment Reassembly" Windows remote denial of service vulnerability described in here.

tags | exploit, remote, denial of service
systems | windows
MD5 | 35361fd98d8a12a07ef2299c9caf95f4
elm-ex.c
Posted May 28, 2000
Authored by Xfer | Site b0f.freebsd.lublin.pl

Elm 2.5 PL3 exploit tested under linux Slackware 3.6, 4.0, 7.0.

tags | exploit
systems | linux, slackware
MD5 | b9dbcee5ff2f4b064e0d41d4dcffe519
5niffi7.c
Posted May 27, 2000
Authored by Michel Kaempf

5niffi7.c - Remote root exploit for sniffit (-L mail) 0.3.7.beta on Debian 2.2. Includes a detailed explanation of how the exploit works.

tags | exploit, remote, root
systems | linux, debian
MD5 | 85324cc710685c61ffe3df50c7b98c05
Animal.c
Posted May 27, 2000
Authored by Gramble

Gauntlet firewall remote proof of concept code, tested against BSDI.

tags | exploit, remote, proof of concept
MD5 | 8624f60ceaccc3e6ae95387c829b508d
xaosexp.c
Posted May 27, 2000
Authored by DiGiT | Site security.is

/usr/bin/xaos local root buffer overflow exploit. Works on suse 6.1, and could be modified for 6.2.

tags | exploit, overflow, local, root
systems | linux, suse
MD5 | 8e971bebd587a0073317ced3a7ed74d4
ssibug
Posted May 27, 2000
Authored by DiGiT | Site security.is

The thttpd web server comes with a CGI script called /cgi-bin/ssi which allows any file on the system to be read. Exploit URL included.

tags | exploit, web, cgi
MD5 | 64bfd6b3618894d419b6e02914f941ab
elm_again.c
Posted May 27, 2000
Authored by vade79, realhalo | Site realhalo.org

elm_again.c exploits another buffer overflow in elm v2.5 giving a gid=12 shell if /usr/bin/elm is SGID. Tested on Slackware 3.6 and RedHat on elm2.5PL3.

tags | exploit, overflow, shell
systems | linux, redhat, slackware
MD5 | eaed8922a6848669c2da97329285ce72
CISADV000524a.txt
Posted May 27, 2000
Site cerberus-infosec.co.uk

Cerberus Information Security Advisory (CISADV000524a) - The Cerberus Security Team has discovered a serious security flaw with Rockliffe's MailSite Management Agent for Windows (version 4.2.1.0). This server allows remote users to access their POP3 accounts and read their mail over HTTP. The service usually listens on TCP port 90. Unfortunately there exists a buffer overrun vulnerability that allows attackers to execute arbitrary code. As this service runs as system, by default, any code executed will run with system privileges - meaning any server running this agent could be fully compromised.

tags | exploit, remote, web, overflow, arbitrary, tcp
systems | windows
MD5 | 0fc0c81f837e8c457447a97276000262
access.counter-4.0.7.txt
Posted May 26, 2000
Authored by Howard M. Kash III

A popular CGI web page acess counter, version 4.0.7 by George Burgyan permits execution of arbitrary commands as a result of unchecked user input. Commands are executed as the same permission of the webserver.

tags | exploit, web, arbitrary, cgi
MD5 | 0c191fd3806d1a3a7e8bb512a314c589
root-tail-0.0.6.tar.gz
Posted May 26, 2000
Authored by mj baker | Site csl.mtu.edu

oot-Tail v0.0.6 is a program which tails a text file and displays the information directly to the root window of your desktop transparently, which means without window frames or windows. It is an extremely handy program for monitoring /var/log/secure and /var/log/messages while you run X. This program will even trail different files and display them in different colors.

Changes: Many bugfixes.
tags | tool, root
systems | windows, unix
MD5 | 8f1580b2bc1c1b50e4da412628a45b81
ksnuffle-0.7.tgz
Posted May 26, 2000
Authored by Mike Richardson | Site quaking.demon.co.uk

KSnuffle is a network packet sniffer for KDE. It supports multiple concurrent sniffers, packet filtering (aka tcpdump), event triggers and commands, text and binary logging (and replay), remote sniffing (via a demon process), and dynamically loadable plugins. Network traffic is displayed graphically and in detail; supplied plugins summarise traffic by direction (incoming, outgoing), source, and destination.

Changes: The source and destination values in the packet details display was fixed, and compilation fixes for Mandrake and gcc.
tags | tool, remote, sniffer
MD5 | da0a00e3c471e10a20a57a6cc1cc6817
Page 1 of 18
Back12345Next

File Archive:

December 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    15 Files
  • 2
    Dec 2nd
    2 Files
  • 3
    Dec 3rd
    1 Files
  • 4
    Dec 4th
    15 Files
  • 5
    Dec 5th
    15 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    17 Files
  • 8
    Dec 8th
    15 Files
  • 9
    Dec 9th
    13 Files
  • 10
    Dec 10th
    4 Files
  • 11
    Dec 11th
    41 Files
  • 12
    Dec 12th
    44 Files
  • 13
    Dec 13th
    25 Files
  • 14
    Dec 14th
    10 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close