exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 139 RSS Feed

Files Date: 2001-07-01 to 2001-07-31

microsoft.codered.txt
Posted Jul 30, 2001

The Code Red worm is likely to start spreading again on July 31, 2001 at 8:00 EDT. All IIS 4 and 5 users MUST upgrade immediately! Fix for NT 4.0 available here.

tags | worm
SHA-256 | 6c9c02a04bec8e369b5d9d6a559029473f1a46e95779d6c1759e5299505cb94c
lcrzosrc-3.15.tgz
Posted Jul 30, 2001
Authored by Laurent Constantin | Site laurentconstantin.com

Lcrzoex is a toolbox for network administrators and network hackers. Lcrzoex contains over 200 functionalities using network library lcrzo. For example, one can use it to sniff, spoof, create clients/servers, create decode and display packets, etc. The Ethernet, IP, UDP, TCP, ICMP, ARP and RARP protocols are supported. Lcrzoex and lcrzo were successfully installed under Linux, FreeBSD and Solaris. This archive contains Lcrzo and Lcrzoex.

Changes: Creation of lcrzo_portlist, lcrzo_iplist and lcrzo_ethlist which allow the user of lists of ports, ip addresses, and ethernet addresses. Contains some bug fixes and code improvements.
tags | udp, spoof, tcp, protocol, library
systems | linux, solaris, freebsd
SHA-256 | 94464b6f9d468a51a8a2798e52ea2eb306b48426cc45b4b160f85f31d603e6a3
spadv03.txt
Posted Jul 30, 2001
Authored by SecPoint | Site secpoint.com

The Windows 2000 telnetd service is vulnerable to a remote denial of service attack. The service crashes when scanned for the recent AYT telnetd vulnerability discovered by Scut. Includes SPtelnetAYT.c, a scanner for the AYT vulnerability in telnet daemons build upon the BSD source.

tags | exploit, remote, denial of service
systems | windows, bsd
SHA-256 | 0ef77272ca00d7561e2ec1a992da524fa9ac1e25f7723de4dd30a596d8a408ce
StJude_LKM-0.20.tar.gz
Posted Jul 30, 2001
Authored by Tim Lawless | Site sourceforge.net

Saint Jude LKM is a Linux Kernel Module for the 2.2.0 and 2.4.0 series of kernels. This module implements the Saint Jude model for improper privilege transitions. This will permit the discovery of local and remote root exploits during the exploit itself. Once discovered, Saint Jude will terminate the execution, preventing the root exploit from occurring. This is done without checking for attack signatures of known exploits, and thus should work for both known and unknown exploits.

Changes: Introduced kernel integrity checking, and module support on systems that require module support. Added Read-Only /dev/kmem support. Eliminated the double-execve problem. New configuration script simplifies platform identification, and selection of compile-time options. Updated checks, verified compatibility with 2.4.7, and updated documentation. Changed license to GNU.
tags | remote, kernel, local, root
systems | linux
SHA-256 | 10ed91c76ecba958bba10ae5f2976871efdc47add4787b162dbce8be5ca574c9
pileup-xpl.c
Posted Jul 29, 2001
Authored by Charles Stevenson

/usr/bin/pileup local root exploit. Tested against Debian 2.2.

tags | exploit, local, root
systems | linux, debian
SHA-256 | 91ffd9b5c600d6641fc76b93d1585a6c5bdb92d4d9d1ce2ffd0e8c74e173e9b9
squidmap.pl
Posted Jul 29, 2001
Authored by Paul Nasrat

Squid can be used to port scan if set up as a httpd accelerator (reverse proxy). Tested on Redhat 7.0.

tags | exploit
systems | linux, redhat
SHA-256 | 40e7bb73d56456e9d9dcc70a1024c98673b814cb113d372d8513594c244df0fb
teso-advisory-011.txt
Posted Jul 29, 2001
Authored by teso, scut | Site team-teso.net

TESO Security Advisory #11 - Multiple vendor Telnet Daemon vulnerability. Most current telnet daemons in use today contain a buffer overflow in the telnet option handling. Under certain circumstances it may be possible to exploit it to gain root privileges remotely. Affected systems include BSDI 4.x, FreeBSD, IRIX, Linux with netkit-telnetd < 0.14, NetBSD, OpenBSD 2.x, and Solaris.

tags | overflow, root
systems | linux, netbsd, solaris, freebsd, irix, openbsd
SHA-256 | 4849ac76d26caec6f947c4879fceb873db9d4fbf399d4ebadda0a88587f6c0ba
adore-0.39b4.tgz
Posted Jul 29, 2001
Authored by teso, stealth | Site team-teso.net

Adore is a linux LKM based rootkit for Linux v2.[24]. Features smart PROMISC flag hiding, persistent file and directory hiding (still hidden after reboot), process-hiding, netstat hiding, rootshell-backdoor, and an uninstall routine. Includes a userspace program to control everything.

Changes: Now includes open()/stat() redirection and improved netstat hiding. Removed execution redirection.
systems | linux
SHA-256 | bc8ab5303f03a7435098e0a13569dd423675198c8181472e3c458b68a2296ecf
DEStroy-0.6.pl
Posted Jul 29, 2001
Authored by Plastek

DEStroy-0.6.pl is a perl script which uses DES to encrypt files and makes an attempt to securely remove the plaintext. Works with ASCII and binary files.

tags | perl, encryption
SHA-256 | 11476384e0f48e50c3ef8ba4c6c9a0cbdc290fc72fbfafaabf30522981a88223
ibm-db2.c
Posted Jul 29, 2001
Authored by Honoriak

IBM DB2 (which works under W98/NT/2000) Proof of concept Denial of Service. Sending 1 byte to port 6789 or 6790 IBM DB2 crashes, as described in ibm.db2.dos.txt.

tags | exploit, denial of service, proof of concept
SHA-256 | 44d64dfbdbb1557b294143c33f8c5588ad8abdebac45e6280e99353be9cf7797
Stealth-1.0-b30.zip
Posted Jul 29, 2001
Authored by Felipe Moniz | Site hideaway.net

The Stealth HTTP Security Scanner v1.0b30 provides more than 12000 http vulnerability checks. Runs on Win32 and Linux under Wine. Free.

Changes: New holes added: IDA "Code Red" Vulnerability and IIS Double Decode. Added Scan List and German language support.
tags | web
systems | linux, windows
SHA-256 | 548363d5e0b64dfa72beaad99e0981ca6ba08436231b2089abf33b96f7c55072
ippersonality-20010724-2.4.7.tar.gz
Posted Jul 29, 2001
Authored by Gael Roualland, Jean-Marc Saffroy | Site ippersonality.sourceforge.net

The IP Personality project is a patch to Linux 2.4 kernels that adds netfilter features: it enables the emulation of other OSes at network level, thus fooling remote OS detection tools such as nmap that rely on network fingerprinting. The characteristics that can be changed are TCP Initial Sequence Number (ISN), TCP initial window size, TCP options (their types, values and order in the packet), IP ID numbers, answers to some pathological TCP packets, and answers to some UDP packets.

Changes: This release adds new manglings to fool latest versions of nmap (2.54BETA), and has lots of code improvement. Ported to kernel v2.4.7.
tags | remote, kernel, udp, tcp
systems | linux
SHA-256 | e48ed49e11daf6287541ef54e52353431bba2aae7226fda5c1a75d43f7ffc8d7
_root_040.zip
Posted Jul 29, 2001
Site rootkit.com

Windows NT Rootkit v0.04 alpha - Hides processes, files, directories, has k-mode shell using TCP/IP - you can telnet into rootkit from remote. Hides registry keys - (keyboard patch disabled in this build.) Includes execution redirection.

tags | remote, shell, registry, tcp
systems | windows
SHA-256 | 383977e8f03d50438f27eb405e673676a70a76c7ce2b9be0aa18be86fa14f306
asmcodes-1.0.2.tar.gz
Posted Jul 29, 2001
Authored by The Last Stage of Delirium | Site lsd-pl.net

This package contains all codes prepared for technical paper - UNIX Assembly Codes Development for Vulnerabilities Illustration Purposes. For every discussed processor architecture samples of various assembly components are included.

tags | paper, vulnerability
systems | unix
SHA-256 | b198c0c0a17e1e73d1170ac01516e46602412eb03ffe85f6eeb00bf35c7ed193
asmcodes-1.0.2.pdf
Posted Jul 29, 2001
Authored by The Last Stage of Delerium | Site lsd-pl.net

Unix Assembly Code Development for Vulnerabilities Illustration Purposes v1.02 - Covers IRIX / MIPS, Solaris, HP-UX, AIX, Ultrix, Linux, BeOS, and BSD. Includes system call invocation information, code specifics, "Zero free" code, ASM functionality, and examples.

tags | paper, vulnerability
systems | linux, unix, solaris, irix, bsd, aix, hpux, beos
SHA-256 | 62d2e8de6232b3ff6562e6a1ae2a27a030259d2647d85ffb2ae413a70b82d7e1
ms01-041
Posted Jul 27, 2001

Microsoft Security Advisory MS01-041 - Several of the RPC servers associated with system services in Microsoft Exchange, SQL Server, Windows NT 4.0 and Windows 2000 do not adequately validate inputs, and are vulnerable to a remote denial of service attack. Microsoft FAQ on this issue available here.

tags | remote, denial of service
systems | windows
SHA-256 | e1f72be59317f491b185d7e733c56ed904195aa7bc19d7c27dc88996e81a8a70
ms01-042
Posted Jul 27, 2001

Microsoft Security Advisory MS01-042 - Windows Media Player v6.4, 7, and 7.1 contains a buffer overflow which allows remote code execution through opening an email or visiting a malicious web site. Microsoft FAQ on this issue available here.

tags | remote, web, overflow, code execution
systems | windows
SHA-256 | dddbc16c5f5eac0683d11962bf6043a8609e6811299a36d8a3fb2053528d80b5
pic-lpr-remote.c
Posted Jul 27, 2001
Authored by Zen-Parse

Pic / LPRng format string remote exploit. Pic is part of the groff package. It is used by troff-to-ps.fpi as uid lp when perl, troff and LPRng are installed. Tested against Redhat 7.0 (groff-1.16-7).

tags | exploit, remote, perl
systems | linux, redhat
SHA-256 | 7f88ccf027b5e0d7c51b9f01279051f34a9d4df2f8d1ae6ccce5a1fbec9db7ff
Firewall Builder With GUI
Posted Jul 27, 2001
Site fwbuilder.org

Firewall Builder consists of object-oriented GUI and set of policy compilers for various firewall platforms. In Firewall Builder, firewall policy is a set of rules, each rule consists of abstract objects which represent real network objects and services (hosts, routers, firewalls, networks, protocols). Firewall Builder helps user maintain database of objects and allows policy editing using simple drag-and-drop operations. Firewall Builder can be used to manage firewalls built on variety of platforms including, but not limited to, Linux running iptables and FreeBSD or Solaris running ipfilter.

tags | tool, firewall, protocol
systems | linux, solaris, freebsd
SHA-256 | e30bd52563786f6d9f986c32527c8aa3beba154bee412ef0ecea1b7fb4acc793
jail_1.7.tar.gz
Posted Jul 27, 2001
Site gsyc.inf.uc3m.es

Jail Chroot Project is an attempt of write a tool that builds a chrooted environment. The main goal of Jail is to be as simple as possible, and highly portable. The most difficult step when building a chrooted environment is to set up the right libraries and files. Here, Jail comes to the rescue with a tool to automatically configures & builds all the required files, directories and libraries.

Changes: The perl scripts in 1.6 were missing the -w flag, causing some bugs to go undetected. The strace module had its argument parsing code fixed.
systems | unix
SHA-256 | 7ba4b44fa94c0777e038d48198ae15d92e952d9097253e0bf6587e09f3111cce
mambo_advisorie.txt
Posted Jul 26, 2001
Site reverseonline.com

The Mambo Site Server v3.0.0 - 3.0.5 contains a vulnerability which allows users to gain administrative privileges by changing global variables via URL parsing.

tags | exploit
SHA-256 | 130f26d521cff30052559a9d02cc0b8dd1f05866aefac6e2932959bd6a3d136d
ettercap-0.5.4.tar.gz
Posted Jul 26, 2001
Authored by Alberto Ornaghi, Marco Valleri | Site ettercap.sourceforge.net

Ettercap is a network sniffer/interceptor/logger for switched LANs. It uses ARP poisoning and the man-in-the-middle technique to sniff all the connections between two hosts. Features character injection in an established connection - you can inject characters to server (emulating commands) or to client (emulating replies) while maintaining an established TCP connection! Integrated into a easy-to-use and powerful ncurses interface.

tags | tool, sniffer, tcp
SHA-256 | dd20286014808bf9dcf00a3cc04ac9b3a0a6933c84d6415df46137b0504ea4a0
jail_1.6.tar.gz
Posted Jul 25, 2001
Site gsyc.inf.uc3m.es

Jail Chroot Project is an attempt of write a tool that builds a chrooted environment. The main goal of Jail is to be as simple as possible, and highly portable. The most difficult step when building a chrooted environment is to set up the right libraries and files. Here, Jail comes to the rescue with a tool to automagically configures & builds all the required files, directories and libraries.

Changes: Mkenv.sh and addjailuser.sh have bee rewritten in perl for greater portability. A new application, called addjailsw.pl, has been written to allow insertion of software into the chrooted environment, providing more flexibility.
systems | unix
SHA-256 | 38dd1866f81fbed0721377b5badc529448c06f26e935ec0eb2f2eed9bb8150c0
insidethreat.txt
Posted Jul 25, 2001
Authored by Reflux

Protecting Corporate and Enterprise Networks Against Insider Threats - The aim of this text is to provide a basic understanding of how important it is to maintain security within the corporate network, and to offer some theory and technique that the Hacker (The insider) may use or may be using to penetrate vital systems within your organization.

tags | paper
SHA-256 | 5ec4948937dc717974ed6bdf19e5686ce4a02c357d7f5f0ea6003868dc54d808
firestorm-0.2.0.tar.gz
Posted Jul 25, 2001
Site scaramanga.co.uk

Firestorm is a Network Intrusion Detection sensor which is multi-threaded, fast, and is pluggable at almost every point.

Changes: Re-Designed packet encode engine which supports encapsulation. A final few issues in the snort parser have been resolved. A log target (logs to tcpdump files) was added. Bugs were fixed,
tags | tool, intrusion detection
systems | unix
SHA-256 | d77c1d52b7ede8d864490d563f7de3841605942ac9922a458ccce1868d830305
Page 1 of 6
Back12345Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close