exploit the possibilities
Showing 1 - 25 of 254 RSS Feed

Files Date: 2000-06-01 to 2000-06-30

Posted Jun 29, 2000
Site malware.com

Microsoft Internet Explorer 5 and accompanying mail and news clients on win95, win98 and win2000 enjoy a unique status in that they choose to ignore user input. This document will show you how to manually force a file onto the target computer despite all prompts and warnings. Demonstration available here.

tags | exploit
systems | windows, 9x
MD5 | 0e5a8cec453f8222f6e3e629bc30081c
Posted Jun 29, 2000
Authored by Vic Abell

Lsof is an extremely powerfiul unix diagnostic tool. Its name stands for LiSt Open Files, and it does just that. It lists information about any files that are open by processes currently running on the system. It easily pinpoints which process is using each network connection / open port.

Changes: NetBSD Alpha added, Solaris kernel address filtering added, fixes for /dev/kmem-based Linux, Solaris, BSDI, FreeBSD, NeXTSTEP, OpenBSD, and OpenStep. Added 64 bit file size and offset support for BSDI, FreeBSD, NetBSD, and OpenBSD.
tags | tool, intrusion detection
systems | unix
MD5 | 0d7c3cc23f7938015fe2266542809c0f
Posted Jun 29, 2000
Authored by Lamarga | Site lamagra.seKure.de

Format Bugs - What they are, Where they came from, and How to exploit them. Users can often input format strings into printf and other statments, causing the stack to be overwritten. Includes code samples and debugger output.

tags | paper
systems | unix
MD5 | 0f9a284535487d1ecff78e011e370e44
Posted Jun 29, 2000
Authored by Prizm

Wingate.py is a dos exploit for Qbik wingate 3.0. Connects to tcp port 2080 and sends 2000 characters, causing all wingate services to crash. Origional bug found by eEye.

tags | exploit, tcp
MD5 | e3c12ffd16dbf026757bbf6ce8f87904
Posted Jun 29, 2000
Authored by Georgi Guninski | Site nat.bg

Georgi Guninski security advisory #14 - Internet Explorer 5.01 and Access 2000 allow executing programs when viewing a web page or HTML email message. This allows taking full control over user's computer. Access 2000 allows executing VBA code which has access to system resources and in particular executing files. Includes exploit code which silently opens and executes VBA code from Access 2000. Demonstration available here.

tags | exploit, web
MD5 | 30b9808ed4a00215c9d3ef253e27bd55
Posted Jun 29, 2000
Authored by Georgi Guninski | Site nat.bg

Georgi Guninski security advisory #13 - Internet Explorer 5.01, Excel 2000 and PowerPoint allow executing programs when viewing a web page or HTML email message via insecure ActiveX controls. This allows taking full control over user's computer. Demonstration available here.

tags | exploit, web, activex
MD5 | a645ac971b6499c52ca87fc991933ceb
Posted Jun 29, 2000
Authored by b0g | Site b0g.org

B0g Issue 6 - In this issue: A Look Into Wiretapping, getting root; the b0g way, interview with cr0bar, The SS7 Signaling Connection Control Part Relay System, Sniffing and spoofing explained, How to crack macromedia products, Fun with noise in QBASIC, pulling people's doc's on irc, IRC Quotes, and much more.

tags | root, spoof, magazine
MD5 | 55132493657fdc292fb800ff02a81701
Posted Jun 29, 2000
Authored by Nick Burrett | Site freevsd.org

FreeVSD facilitates true Linux Virtual Servers within a 'chroot' environment, allowing Web servers and other applications to be deployed and administered discretely, without compromise to security. Each Virtual Server has its own IP address(es), Apache webserver, and view of the process table. FreeVSD expands the Linux system by creating a pseudo-'super user' (admin) for each Virtual Server. The admin user has the ability to create extra POP3/FTP and Telnet users and also administrate vital services such as the webserver.

Changes: Security fixes, bug fixes, and instalation fixes.
tags | web
systems | linux, unix
MD5 | 704e77510bb632e4fdea82c7665f2fea
Posted Jun 29, 2000
Authored by Ben Crackel | Site benz.slacknet.org

rvscan v3 beta one is a high quality unix remote vulnerability scanner. It is based on fts-rvscan but has many new additions, such as 100 new cgi checks, new bind checks, ftpd checks, bsdi vulnerabilities, more rpc checks, solaris vulnerabilities, new pop3 checks, bootp and mdbms, more sendmail checks, and better logging. It does a very thorough job, even includes some non-published exploit checks.

tags | tool, remote, cgi, scanner, vulnerability
systems | unix, solaris
MD5 | a70ca26bed381423ba48dcfe24205c78
Posted Jun 29, 2000
Authored by r00tabega, Bansh33 | Site r00tabega.com

Quick perl script to search through the history file of each user on your system for a certain command (i.e. "cat /etc/passwd").

tags | perl
MD5 | f71cf01f566565752cfe0186d257add0
Posted Jun 29, 2000
Authored by r00tabega, Bansh33 | Site r00tabega.com

sploitmon.pl is a simple yet sophisticated perl script that runs in the background to monitor Apache's access_log file for indications of an exploit scan. If one is detected, a new exploit_scan_log file is created with the details. Checks for /cgi-bin/phf, /cgi-bin/nph-test-cgi, and /cgi-bin/whois_raw.cgi.

tags | cgi, perl
MD5 | aa2fb5d66590141e34932b7013cb78d9
Posted Jun 29, 2000
Authored by r00tabega, Bansh33 | Site r00tabega.com

A simple yet sophisticated perl script that runs in the background and monitors for user attempts to su to root. If one is detected, the log file is immediately mailed to a specified user and a backup is created in /tmp. Very useful for attempting to keep track of logs after an intrusion has occured.

tags | root, perl
MD5 | 2f63d8f48ccd9afe6917c9af483afc1b
Posted Jun 29, 2000
Authored by r00tabega, Bansh33 | Site r00tabega.com

suidbofcheck.pl searches the system for suid binaries in /usr/bin, /bin, /sbin, and /usr/sbin and tests each one against a standard buffer overflow (both with and without the use of environmental variables) at a specified offset.

tags | overflow
MD5 | ee631de3074b32cc5abee50fd5c95f2d
Posted Jun 29, 2000
Authored by r00tabega, Bansh33 | Site r00tabega.com

Exploits the auto registration feature of most ChanServ bots and causes it to die. This exploit has been known to work on networks including DalNet, CobraNet and RelicNet.

MD5 | 8a03734daef08366c7690766b39ac3b7
Posted Jun 29, 2000
Authored by Blue Panda | Site bluepanda.box.sk

iMesh 1.02 builds 116 and 177 for Windows are vulnerable to a buffer overflow that can be exploited to execute arbitrary code. Once iMesh connects to a server, it begins listening on a TCP port (varies). An attacker can connect to this port and cause an overflow which will overwrite EIP, effectively redirecting the flow of execution.

tags | exploit, overflow, arbitrary, tcp
systems | windows
MD5 | 8b2233b642e513c4b6df6f1923af5f68
Posted Jun 29, 2000
Authored by Paul Starzetz

Smit is a simple ARP hijacking tool for switched and unswitched networks. The source is based on arpmitm and arprelay and includes nice features such as automatic ARP MAC query and an improved MAC cache consistence algorithm. You can also run Smit in transproxy-only mode and use your favourite sniffer to capture 'hijacked' packets on switched networks.

tags | tool, sniffer
MD5 | 771a34d98d040d197c65efb7bf7e33a1
Posted Jun 29, 2000
Authored by Larry W. Cashdollar | Site vapid.betteros.org

Sawmill 5.0.21 is a site log statistics package for UNIX, Windows and MacOS which has remote vulnerabilities. Any file on the system can be read, and password is stored with a weak hash algorithm and can be decrypted using the included C program. This is dangerous because the previous security hole will allow you to read the hash and decrypt the admin password.

tags | exploit, remote, vulnerability
systems | windows, unix
MD5 | 95f24e0b8468ed474dad73b0c43d53cf
Posted Jun 29, 2000

Microsoft Windows secret options - More aggrivating display properties.

systems | windows, unix
MD5 | ade01864de08be105a86509db70dc36e
Posted Jun 29, 2000

Microsoft Windows secret options - Aggrivating display properties.

systems | windows, unix
MD5 | 909e6dd36b4a909a4dcc5e043f7f76a5
Posted Jun 29, 2000

Microsoft Windows secret options - Endourance options, etc :)

systems | windows, unix
MD5 | 26987adc7b4580858a98ec1ff6ff6ab0
Posted Jun 29, 2000
Authored by Andres Alfredo

SING sends fully customized ICMP packets from the command line. It is a replacment for ping which adds certain enhancements such as fragmentation, send/read spoofed packets, sends many ICMP types (Address Mask, Timestamp, Router Discovery, etc) and Error (Redirect, Unreach, Time Exceeded), oversize packets, etc. Tested on Linux, FreeBSD and Solaris.

tags | tool, spoof
systems | linux, unix, solaris, freebsd
MD5 | ac511f1b19c9371eb2bf9eb943740ddb
Posted Jun 29, 2000
Authored by Alexandre Sagala | Site pages.infinit.net

KNmap is a new KDE frontend for Nmap which supports all the scan methods and a great deal of options.

Changes: Cleaner error messages, the removal of the "Elite" log output (since Nmap doesn't support it anymore), and a list of scanned hosts which is now kept and reloaded every time you start KNmap. Also bug fixes and GUI updates. Screenshot here.
tags | tool, nmap
systems | unix
MD5 | 936159a35e22b449aa449cb5ef0798d2
Posted Jun 29, 2000
Authored by Mike Heffner | Site my.ispchannel.com

BFBTester is a utility for doing quick, proactive security checks of binary programs by performing checks of single and multiple argument command line overflows and environment variable overflows. It will also watch for tempfile creation activity to alert the user of any programs using unsafe tempfile names. While BFBTester can not test all overflows in software, it is useful for detecting initial mistakes that can red flag dangerous software.

tags | tool, overflow
systems | unix
MD5 | d85331e6ebd2d1798eddd3d7bc0a2fd9
Posted Jun 29, 2000
Site xfactor.itec.yorku.ca

slackUp is a Slackware auto-upgrade utility. It will download upgrades to the programs you currently have installed on your system from the slackware-current tree. No user interaction required. Just type the command, go for a coffee break, and after a reboot, your system should be upgraded. Until the Slackware team comes up with an official auto-upgrade utility, slackUp will hopefully help fill in for it. This will make your slackware system much more secure.

systems | linux, slackware
MD5 | f54250c8d2df74d4896a4d262b596b23
Posted Jun 29, 2000
Authored by Jeroen Vreeken | Site motion.technolust.cx

motion uses a video4linux device as a motion detector. It will make snapshots of the movement it sees, making it usable as an observation or security system. It can send out email, SMS messages, or invoke an external command when detecting motion.

Changes: Bug fixes, motion tracking with the mini_ssc library. A sensitivity mask and a minimum gap between snapshots was added.
systems | linux
MD5 | 29c91c01c0e0c1f625277f24b223a9e7
Page 1 of 11

File Archive:

April 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    17 Files
  • 2
    Apr 2nd
    2 Files
  • 3
    Apr 3rd
    2 Files
  • 4
    Apr 4th
    0 Files
  • 5
    Apr 5th
    15 Files
  • 6
    Apr 6th
    15 Files
  • 7
    Apr 7th
    20 Files
  • 8
    Apr 8th
    16 Files
  • 9
    Apr 9th
    5 Files
  • 10
    Apr 10th
    0 Files
  • 11
    Apr 11th
    0 Files
  • 12
    Apr 12th
    4 Files
  • 13
    Apr 13th
    15 Files
  • 14
    Apr 14th
    27 Files
  • 15
    Apr 15th
    19 Files
  • 16
    Apr 16th
    7 Files
  • 17
    Apr 17th
    0 Files
  • 18
    Apr 18th
    0 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2020 Packet Storm. All rights reserved.

Security Services
Hosting By