exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 28 RSS Feed

Files Date: 2000-12-31

Posted Dec 31, 2000
Authored by teso, scut | Site team-teso.net

7350wu.c is a Wu-ftpd v2.6.0 remote root exploit which does it the proper way. Works on Linux/x86 and FreeBSD.

tags | exploit, remote, x86, root
systems | linux, freebsd
SHA-256 | 33f1db59facbfa0648cc1b9e7fac8958fdfbe6056b000bfbd7ca175b8b29af23
Posted Dec 31, 2000
Authored by teso, scut | Site team-teso.net

German speech given at the CCC - "exploiting format string vulnerabilities". Including examples.

tags | vulnerability
SHA-256 | fb6f4bbc3e3270eb0fdf54421051b06b4537b3129ca000b5f781fac055d4b629
Posted Dec 31, 2000
Site sslclient.sourceforge.net

The SSL client stress tool is a small program which is capable of stress testing any SSL-based server. It has been tested with Apache+mod_ssl and IIS. It can be easily modified to stress test any custom SSL implementation, and can also stress test static-page HTTP servers.

tags | web
SHA-256 | 688bde5e911922669bcf69ea6c926cdf387f615721ea14b6b29290958febf4ec
Posted Dec 31, 2000
Site users.digitex.net

Logtool is a syslog file parser, report generator, and monitoring utility. It takes syslog (and syslog compatible) logfiles as input from stdin, and depending on command line switches and/or config file settings, will parse and filter out unwanted messages from the logfile accordingly, and generate output in ANSI color, formatted ASCII, CSV (for spreadsheets), or HTML format. It is very handy for use in automated nightly reports, and online monitoring of logfile activity. It comes with some simple example scripts and documentation.

Changes: A fix for a bug in the include file functionality.
tags | system logging
systems | unix
SHA-256 | 52da48299fdc9fef7e589153e5385e54faf30c4c17e7212f7418061057c04869
Posted Dec 31, 2000
Site stud.fh-heilbronn.de

tcpinject allows you to send a wide variety of TCP/IP-packets to a given host. It is possible to specify source and destination IP address/port, packet size, payload, TCP control flag, TCP window size, and a few other things. Based on Libnet by Mike Schiffman, tcpinject is a nice tool to test your ipchains/netfilter packet-filtering settings.

tags | tcp
systems | unix
SHA-256 | e83a34af8faba87e1a85e62d4f7689e56b64001bda38ad30f47076421ab71640
Posted Dec 31, 2000
Authored by Bjarni R. Einarsson | Site mailtools.anomy.net

The Anomy mail sanitizer is a filter designed to block email-based attacks such as trojans and viruses. It reads an RFC822 or MIME message and removes or renames attachments, truncate unusually long MIME header fields and sanitizes HTML by disabling Javascript and Java. It uses a single-pass pure Perl MIME parser, which can make it both more efficient and more precise than other similar programs and has built-in support for third-party virus scanners.

Changes: Fixes for various MIME-related bugs which could cause message corruption in a few rare cases.
tags | trojan, perl, javascript, virus
systems | unix
SHA-256 | 2afd9fec0749cfc1288b7e3161a38854552fc3560ebe67a6fdcef84b0ddda4e1
Posted Dec 31, 2000
Authored by Jeroen Vreeken | Site motion.technolust.cx

motion uses a video4linux device as a motion detector. It will make snapshots of the movement it sees, making it usable as an observation or security system. It can send out email, SMS messages, or invoke an external command when detecting motion.

Changes: A fix for a compile problem with the includes in track.c.
systems | linux
SHA-256 | 3a8f40c9f0df2a5343a84373b9413223e93f4e39c9ea67762d5db15eba083ed8
Posted Dec 31, 2000
Site pgp.com

LOMAC is a security enhancement for Linux that uses Low Water-Mark Mandatory Access Control to protect the integrity of processes and data from viruses, Trojan horses, malicious remote users, and compromised root daemons. LOMAC is implemented as a loadable kernel module - no kernel recompilations or changes to existing applications are required. Although not all the planned features are currently implemented, it presently provides sufficient protection to thwart script-kiddies, and is stable enough for everyday use. Whitepaper available here.

Changes: This release is a clean reimplementation of the previous prototype, and is now stable enough for everyday use.
tags | remote, kernel, root, trojan
systems | linux
SHA-256 | f787b36002ce4d2d6001b47c3533437f755824dcd4b4080972e60e7a3672c773
Posted Dec 31, 2000
Site kapheine.hypa.net

Authforce is an HTTP authentication brute forcer. Using various methods, it attempts brute force username and password pairs for a site. It has the ability to try common usernames and passwords, username derivations, and common username/password pairs. It is used both to test the security of your site and to highlight the insecurity of HTTP authentication due to the fact that users just don't pick good passwords.

Changes: This release features fixed and improved session support, the replacement of SIGUSR1 with SIGINT (control-c), almost total memory leak annihilation, and many bugfixes.
tags | web, cracker
SHA-256 | fbb53acabdaa213d7add08cf749f4a4920bfa411ceae2c8b7b0612ebb94897a8
Posted Dec 31, 2000
Site cgiirc.sourceforge.net

CGI:IRC is a Perl/CGI program that allows you to use IRC from a Web browser without having to have access to an IRC port. It does not use Java, but it does need a browser capable of rendering frames. It can be used on a Web page to allow users to chat, or it can be used to access chat from behind a firewall.

Changes: This release features various bugfixes.
tags | java, web, cgi, perl
SHA-256 | 11261e3cd8bd45a4178f07d974e5a2b91e9e20a0c77d5fba11f521db6774ee11
Posted Dec 31, 2000
Site rickk.com

sslwrap is a simple unix daemon that sits over any simple TCP service such as POP3, IMAP, SMTP, and encrypts all of the data on the connection using TLS/SSL. It uses ssleay to support SSL version 2 and 3. It can run from inetd and encrypt data for services located on another computer. It works with the servers you already have, and does not require any modifications to your existing servers.

Changes: This release fixes compatibility issues with OpenSSL 0.9.6, a missing err.h, and a missing MALLOC error.
tags | encryption, tcp, imap
systems | unix
SHA-256 | 596a1bf61a457662e754b9fcfec6b3df7fb2f6c88498bd76ef8027f08c3af336
Posted Dec 31, 2000
Authored by Thomas Lundquist | Site zelow.no

floppyfw is a router and simple packet filtering firewall on one single floppy. It uses Linux ipchains firewall capabilities and includes a simple packaging system. It is perfect for masquerading and securing networks on ADSL and cable lines using both static IP and DHCP. It is simple to install, you only need to edit one file on the floppy.

Changes: An update to Linux 2.2.18, and a few small fixes.
tags | tool, firewall
systems | linux
SHA-256 | 8eef7dec66866fbb51e3d4a786e888d91c32c455b3812033fc9956532f594443
Posted Dec 31, 2000
Authored by Sam Kline | Site wwdsi.com

SAINT (Security Administrator's Integrated Network Tool) is an updated version of SATAN, designed to assess the remote security of computer networks. Features include scanning through a firewall, frequently updated security checks, 4 levels of vulnerability severity, and a feature rich HTML interface.

Changes: This beta version has new vulnerability checks for Oracle Internet Application Server, IMail mail server, BEA WebLogic server, bftpd, Sun Cluster Monitor service, and MDaemon mail server. It has also been modified to compile on PPC/Linux.
tags | tool, remote, scanner
systems | unix
SHA-256 | 92a1d1b8da20e2e2479fa4f55c5551193f52cd93e75659de99f6f70fd42510c0
Posted Dec 31, 2000
Authored by Netcat | Site netcat.it

Lpr-ng v3.6.24 and below remote root exploit for Linux/x86 which exploits the syslog() format string vulnerability. Tested against RedHat 7.0. Includes the ability to brute force the offset.

tags | exploit, remote, x86, root
systems | linux, redhat
SHA-256 | 45ca5a83e4e3b2935bbcc030e7aa7274b856c0e76c603e32c6c7565d8a05ad2a
Posted Dec 31, 2000
Authored by Loophole, hhp | Site hhp-programming.net

This little utility will use a public service (netcraft) to check the web server version and operating system of a remote host.

tags | remote, web
SHA-256 | 9daeb72af38ace3ab3f9e5d03f959dc534f506d19b3bca2a347b14881c7f11c5
Posted Dec 31, 2000
Authored by Loophole, hhp | Site hhp-programming.net

Shellcode which plays audio (knock knock) vi /dev/dsp and setreuid(0,0) + execve shellcode for Linux/x86.

tags | x86, shellcode
systems | linux
SHA-256 | a45331428e22c886119ae7325c4e640708d51d8be28eb45a5a5c17f3fa5b13a9
Posted Dec 31, 2000
Authored by hhp, Isox | Site hhp-programming.net

Expect v5.31.8 and v5.28.1 contains local buffer overflows. It is possible to exploit any suid/sgid expect application.

tags | exploit, overflow, local
SHA-256 | 8a69e04abc43d9ebdcd6198de5a7b5431ff007a5dca07c47115be8df48b6e33d
Posted Dec 31, 2000
Authored by Loophole, hhp | Site hhp-programming.net

GnomeScott local buffer overflow which provides a gid=40 (game) shell on SuSE 6.4 and 7.0.

tags | exploit, overflow, shell, local
systems | linux, suse
SHA-256 | b91af559b80952154115640a2ad71c7a3af251836cff99bde6dad6259ee95e28
Posted Dec 31, 2000
Authored by hhp, Isox | Site hhp-programming.net

Expect (/usr/bin/expect) v5.31.8 and v5.28.1 local buffer overflow exploit. Tested on Slackware 7.x. Advisory available here.

tags | exploit, overflow, local
systems | linux, slackware
SHA-256 | 763a21a0317bfb6f2998e4af7bd10b8c567fd24381ff2cea8e0f004f377ce176
Posted Dec 31, 2000
Authored by Loophole, hhp | Site hhp-programming.net

Gnomehack local buffer overflow exploit which provides a gid=60 (games) shell on Debian 2.2.

tags | exploit, overflow, shell, local
systems | linux, debian
SHA-256 | 5ccc4924acae3a7b73ecd24a19febb73d31ccc8e7ed7d704614e4dcbd8d4550a
Posted Dec 31, 2000
Authored by Loophole, hhp | Site hhp-programming.net

Kwintv local buffer overflow exploit which provides a gid=33 (video) shell on SuSE 7.0.

tags | exploit, overflow, shell, local
systems | linux, suse
SHA-256 | d44863b348783f75efca589a0a0b99b6a150e833cd2e1dd95d32999361050380
Posted Dec 31, 2000
Authored by hhp, Icesk | Site hhp-programming.net

Fancylogin v0.99.7 local root exploit. Tested on Red Hat 6.1.

tags | exploit, local, root
systems | linux, redhat
SHA-256 | 6a6d636b942d55b3a7cd1edceb5b8ba35821afd8196ce14ad6e2f04d65c3d913
Posted Dec 31, 2000
Authored by Loophole, hhp | Site hhp-programming.net

Generic ELF .dtors exploit.

SHA-256 | 7e4fcc9e325b71ea4dd0f30de481f4eb9dcb0403da041f927b6e200a7a9d57d4
Posted Dec 31, 2000
Authored by Loophole, hhp | Site hhp-programming.net

Ipchains firewall frontend - Prompts enabled.

SHA-256 | 79f4d5c6dd2281fff7d8406580199d4e0cd4abdc137d8e7af428569d2d60ced3
Posted Dec 31, 2000
Authored by Advanced Research Corporation | Site www-arc.com

Security Auditor's Research Assistant (SARA) is a security analysis tool based on the SATAN model. It is updated twice a month to address the latest threats. Checks for common old holes, backdoors, trust relationships, default cgi, common logins, open shares, and much more.

Changes: Now detects Sun iPlanet server vulnerability, netauth directory traversal, calendar.pl remote execution, eb+ directory traversal, and a test for the Microsoft Terminal Server. Also implemented several report writer enhancements and general bug fixes.
tags | tool, cgi, scanner
systems | unix
SHA-256 | db15b26c1ef17181b646ad4699d10da1c66d99a828057522c686f9f47a7d82c1
Page 1 of 2

File Archive:

November 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    1 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    0 Files
  • 5
    Nov 5th
    0 Files
  • 6
    Nov 6th
    0 Files
  • 7
    Nov 7th
    0 Files
  • 8
    Nov 8th
    0 Files
  • 9
    Nov 9th
    0 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    0 Files
  • 12
    Nov 12th
    0 Files
  • 13
    Nov 13th
    219 Files
  • 14
    Nov 14th
    19 Files
  • 15
    Nov 15th
    66 Files
  • 16
    Nov 16th
    38 Files
  • 17
    Nov 17th
    9 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    11 Files
  • 22
    Nov 22nd
    56 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    36 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    14 Files
  • 28
    Nov 28th
    30 Files
  • 29
    Nov 29th
    35 Files
  • 30
    Nov 30th
    25 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2022 Packet Storm. All rights reserved.

Security Services
Hosting By