exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 19 of 19 RSS Feed

Files Date: 2000-07-24

Posted Jul 24, 2000
Authored by napalm, Kynik | Site napalm.firest0rm.org

Napalm Magazine issue #6 - In this issue: Security Hole in Veritas Volume Manager, Security Certification (CISSP), IPsec Crash Course (part 1), OS Detection with ARP, UNIX Lesson 1, BBS List, and URL's.

tags | magazine
systems | unix
SHA-256 | a5a77e4ed131792c2e4f79c9cc6574ba1ff5c8c6ac8846d52a6864af1cbfc0c3
Posted Jul 24, 2000
Authored by Mugwump Mugwump

bd.pl is a backdoor written in perl which sits on port 33556 by default, requires a password, and unsets the history environment variables.

tags | tool, perl, rootkit
systems | unix
SHA-256 | 1c5d8d2842c81db357d15533c0b4ab88013b89b5b556a2e3cb9494eb5e8e9a38
Posted Jul 24, 2000
Authored by Blue Panda | Site bluepanda.box.sk

WFTPD/WFTPD Pro 2.41 RC11 contains four remote denial of service vulnerabilities. Perl proof of concept code included for each.

tags | exploit, remote, denial of service, perl, vulnerability, proof of concept
SHA-256 | f66747fe1c3efb7f98a0b76e20c56baf2efea4d7adf3ae8f603bfb1fcc4364e6
Posted Jul 24, 2000
Authored by Heeb | Site slacknet.org

fawx2.c sends fragmented junk to port 139, causing a blue screen under Windows 95 / 98 / 2000.

tags | exploit
systems | windows
SHA-256 | 1985383a8c4a1bd9fdb9bde3638a6dc40d228e18f469aee8d932cdeec65324e4
Posted Jul 24, 2000
Site net-security.org

Weekly Newsletter from Help Net Security Issue 23 - 24.07.2000 - Covers weekly roundups of security related events. In this issue: Roxen v2.0.68 vulnerability, Local INN vulnerability, Outlook Persistant mail-browser link, Outlook malformed Email header vulnerability, O'Reilly Website Professtional overflow in webfind.exe, Ikey 1000 problems, HP Jetdirect FTP dos, Remotely Exploitable buffer overflow in Outlook, New encryption regulations, ACLU Challenge to Carnivore, First Autocad virus, Linux Distribution Security Report, Passive Fingerprinting, To Build a Honeypot, Auditing your Firewall Setup, and more.

tags | overflow, local, virus
systems | linux
SHA-256 | ed0317e9c9ddb128a467dfc27e6de6e2a1b635e7f27a3b2e4b24e5f145e2ea73
Posted Jul 24, 2000

Microsoft Security Bulletin (MS00-050) - Patch Available for "Telnet Server Flooding" vulnerability. A remote denial of service vulnerability has been discovered in the Telnet Server that ships with Microsoft Windows 2000. The denial of service can occur when a malicious client sends a particular malformed string to the server. Microsoft FAQ on this issue available here.

tags | remote, denial of service
systems | windows
SHA-256 | bba34b7eee04c58ecad1b77e6d0506c48a99cbdb0ac1fe88c3e79a1b3bc9cc0c
Posted Jul 24, 2000
Authored by H D Moore | Site digitaloffense.net

Passive Agression is a perl proof-of-concept exploit for downloading other user's files from FTP servers without needing thier authentication. It works against servers that use passive connections for data transfers and fail to check the incoming address of the data connection. It first attempts to determine the server-side data port incrementation rate and then guesses at the next port, makes a connection, and saves the retrieved data to a file. This does not work against M$ boxen, but is fairly impressive when run against large public FTP servers. A much more sinister purpose would be to snag confidential files being passed between corporate networks at scheduled times, like end of the day batch processing of customer orders, or crontab'd FTP backups.

tags | exploit, perl
SHA-256 | 2f7dee6b0a712a2ec0f4773b51daa24e069086bc2dbc73ffb50a9d1c4ccfdca7
Posted Jul 24, 2000
Authored by H D Moore | Site digitaloffense.net

phpDistributedPortScanner is a Web-based distributed TCP portscanner which uses plain PHP to perform distributed portscans against a single host. You can add new nodes just by uploading a tiny PHP script onto a Web server and adding a line to your master script to use it. Nodes are used in parallel and support multiple "threads" per node to increase your speed. It is portable and doesn't require shell access to use.

tags | tool, web, shell, scanner, php, tcp
systems | unix
SHA-256 | 1c49f7b9da92d7a66903e494bea560d54e18954e889992ee27386d188b2a0b17
Posted Jul 24, 2000
Authored by Michael Saarna | Site startuplinux.com

Virtual FTPD v6.4 is a secure FTP daemon which is derived from the OpenBSD ftp daemon and can allows virtual FTP accounts which do not have an /etc/passwd entry.

systems | linux, openbsd
SHA-256 | f92531e5dd84ba4031e283de97b474f29d03d61be5a82618cc1dfbec141ce93c
Posted Jul 24, 2000
Authored by Telehor | Site teleh0r.cjb.net

Form Mail v1.0 (form.cgi) remote exploit - spawns an xterm from the victim computer.

tags | exploit, remote, cgi
SHA-256 | 0a106d313f4d701240d2c353c6d13d94bd56cd95675b225e91644c39bf674c86
Posted Jul 24, 2000
Authored by Telehor | Site teleh0r.cjb.net

Click Responder v1.02 remote exploit - spawns an xterm from the victim computer.

tags | exploit, remote
SHA-256 | 641649b9d5e09cdbd6153ff158fd12a709fc05ea1502c9ebc1c2a9a2d2e706b7
Posted Jul 24, 2000
Authored by Telehor | Site teleh0r.cjb.net

bulk.cgi is a Bulk Mailer CGI which has remote vulernabilities which allow an attacker to spawn an xterm.

tags | exploit, remote, cgi
SHA-256 | 8bef063aa4f8a6099294506a682482551cb6e76ed05df104f7d8cd504ab6d562
Posted Jul 24, 2000
Authored by Telehor | Site teleh0r.cjb.net

AlienForm2 remote cgi exploit - Spawns an xterm from target machine.

tags | exploit, remote, cgi
SHA-256 | 0f1c6a0e6f0f4c3ce24670e4260bc91a1fbb65613853982bf45a8ba4a3f01572
Posted Jul 24, 2000
Authored by Telehor | Site teleh0r.cjb.net

bnbform.cgi v4.0 and below remote exploit - reads any file on the system.

tags | exploit, remote, cgi
SHA-256 | f8545048ece8ca8481bfdc18a36d3918bf84ddc084afd0240f23a03690f02408
Posted Jul 24, 2000
Authored by Blazinweed

Plague creates an environment that is capable of effectively coordinating a number of compromised hosts in a distributed attack. The nature of this attack ranges from denial of service to a sophisticated scan of the Internet for potential targets for future compromise.

tags | denial of service
SHA-256 | d0c697c299afbe79b68c6fc88129c5152681cdea9beda495f35458857831f64e
Posted Jul 24, 2000
Authored by Martin Roesch | Site snort.org

Snort is a lightweight network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. Snort uses a flexible rules language to describe traffic that it should collect or pass, as well as a detection engine that utilizes a modular plugin architecture.

Changes: This version has been well tested and contains many fixes. Now compiles on more platforms and can locate libpcap more accurately, fixed ICMP ping packet id/sequence printouts, updated portscan detector, and more. Requires here.
tags | tool, overflow, cgi, sniffer, protocol
SHA-256 | b21e0c7cd4490e8f8b3298322e233f20a446833d396d1dbf1425841070a3a518
Posted Jul 24, 2000
Authored by Frost Byte

UDPer is a logic bomb written in ASM for Windows which floods a victim with packets at a certain date.

tags | denial of service
systems | windows
SHA-256 | 51b9a0b285efad03f7affe599d3191b523a7c8d338e58191576976773663182a
Posted Jul 24, 2000
Authored by Dro

wuscan.c scans machines for wu-ftpd v2.60.

tags | tool, scanner
systems | unix
SHA-256 | 41a7363d1e18322f41e204724ac52e57fa76aedb7c0deeb69188eedafc9c9ca4
Posted Jul 24, 2000
Authored by Scrippie | Site b0f.freebsd.lublin.pl

SMEGMA is an engine for generating garbled shellcode using several encryption mechanisms and making it self-decryptable by putting an Intel x86 machine-code decryptor in front of it. It uses a hand-written C lexer to grab the shellcode from sourcefiles and try and identify it. Use SMEGMA to modify shellcode in which characters get ruined by regular expressions (often seen in CGI binaries, web applications and webservers).

Changes: Fixed all NULL byte problems - you can now use smegma to rid shellcode of NULL characters, more garbling algorithms, more efficient garbling algorithms, fixed the size problem.
tags | web, x86, cgi, shellcode
SHA-256 | 27190bafedd46710e361a4de759ed1fb919aefd7840e72731dda48838278f0bf
Page 1 of 1

File Archive:

September 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    23 Files
  • 2
    Sep 2nd
    12 Files
  • 3
    Sep 3rd
    0 Files
  • 4
    Sep 4th
    0 Files
  • 5
    Sep 5th
    10 Files
  • 6
    Sep 6th
    8 Files
  • 7
    Sep 7th
    30 Files
  • 8
    Sep 8th
    14 Files
  • 9
    Sep 9th
    26 Files
  • 10
    Sep 10th
    0 Files
  • 11
    Sep 11th
    0 Files
  • 12
    Sep 12th
    5 Files
  • 13
    Sep 13th
    28 Files
  • 14
    Sep 14th
    15 Files
  • 15
    Sep 15th
    17 Files
  • 16
    Sep 16th
    9 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    12 Files
  • 20
    Sep 20th
    15 Files
  • 21
    Sep 21st
    20 Files
  • 22
    Sep 22nd
    13 Files
  • 23
    Sep 23rd
    12 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By