Mognet version 1.13 is a GPL'd libpcap/jpcap 802.11b sniffer/analyzer written in Java. It is display-optimized for use on handheld devices like the iPaq, and can save and load frames in libpcap/tcpdump/ethereal format.
71c4a2d8b29343b5112f4cb355dde2b29e060e6b00f6ad3733e1d6e1d3f921ffCORE Security Advisory CORE-20011001 - Another globbing problem has been discovered in Wu-FTPD, allowing a remote user to execute arbitrary code. Affected versions include: all Wu-FTPD versions through 2.6.1, Wu-FTPD 2.7.0 snapshots, and FTP server programs derived from Wu-FTPD.
b2af010437f4826bb1eed002d7911ab9a56a1c96980ee85e3944582ce2cdbcf9Details and source diffs for the wu-ftpd v2.6.1 remote overflow vulnerability. By leaving off closing ']' and '}' characters, it's possible to get the glob function to construct a long string which very well may overflow a buffer in gzip v1.2.4.
30748757c260928c611e88fd96b30631aba28b1ad1813970dcd5a76a1ab7932dSteghide is steganography program which hides bits of a data file in some of the least significant bits of another file in such a way that the existence of the data file is not visible and cannot be proven. Steghide is designed to be portable and configurable and features hiding data in bmp, wav and au files, blowfish encryption, MD5 hashing of passphrases to blowfish keys, and pseudo-random distribution of hidden bits in the container data. It is able to embed data in BMP, WAV, and AU files.
c2bc422e604ece24acd0a7a9e633a942fddb50fcfffb8fb2d26dd84eea7ba0f8Vapid Labs Security Advisory 11232001-02 - The webserver administrator password for the Xitami Webserver is stored clear-text in a world readable file, allowing a local user to gain control of the webserver and, with some effort, the root account. Affected versions include: Xitami Webserver 2.4d9 and 2.5b5 beta.
086b0483b623081e9fdd5220b9aa4f16c4e694ca9fb5953d8a3a78590a93c16aNMRC Advisory - A vulnerability has been found in Sun's NetDymanics session management package that allows an attacker to hijack random user sessions. Versions confirmed affected include Solaris 7 and 8 (SPARC), running NetDynamics 4.x and 5.x.
93ca5cbfd649dcedcb26f1045e072b2faba1a2aa28bf1d75267c53805c5bb86dRemoteCompFind (previously known as RemoteHit) searches for a computer on a remote network, in a given IP Range, using NetBIOS protocol. The program is fully multi-threaded. RemoteHit has MS "Find: Computer" like interface.
f7f1091033a3b2f63fc387cdfb759af2a4e498e63db235ad30a684d4a43192afldM.c is a backdoor that runs on tcp port 141 by default.
c6299499912cbd9e814a5674cfc34c5a466c005cc3af22d93a7baed98fc365f9Capsel v1.9.99pre5 is a Linux kernel module for v2.2.x and 2.4.x with many features that increase your system security. It features the ability to stop chroot jail break, stop ptracing, control the execve call, and removes read permission from core dumps. It also changes the behavior of set*uid system calls which may be used by programs to drop almost all capabilities and UID without dropping capabilities that are needed to work correctly (i.e. bind sockets). Allows you to get rid of many of your SUID files.
a5918d4a20d806208b32e0b417f47e29eb7c913b1b76c03f7dcc0a0f05f8e1feFlood2.c is a SYN flooder that is more efficient than Juno because it uses smaller packets. Slightly broken.
87d55c83a0a5d1849a0ac50ee24c11e61710b2a8b7f7933479ee89fafad23673Std.c is a udp packet flooder. Tested on Linux.
e91335a547a70625afc111963c420b05bbe3f8bb4ba39bf722aaed746cba3df5IP Sorcery is a TCPIP packet generator which allows you to send TCP, UDP, and ICMP packets with a GTK+ interface.
adc1acd1519ea1fb4385857dd333f445e98932613ca65cea2c8e9888302e03f3Medusa DS9 is a tool used to increase Linux's security. It consists of two major parts - Linux kernel changes and the user-space daemon. Kernel changes do the monitoring of syscalls, filesystem actions, and processes, and they implement the communication protocol. The security daemon communicates with the kernel using the character device to send and receive packets.
782bc79b5afc4ff443dc44837213c29aa727a4d85eac15d2727e4485fc7da936Sniff formats hex packets from tcpdump and converts them to ASCII to make them easier to read and understand. Its features include colored console output, CSV file saving, and fully customizable output. The program directly accepts all tcpdump options, including parsing from packet files.
435498f0db4eb809acdb2227c9b536d51fe515d1329b990c5c7ff16977f75bd6SendIP is a commandline tool to send arbitrary IP packets. It has a large number of command line options to specify the content of every header of a TCP, UDP, ICMP, or raw IP packet. It also allows any data to be added to the packet. Checksums can be calculated automatically, but if you wish to send out wrong checksums, that is supported too.
c3dd259590c3eed83675409fb32029327c00b8da1230643dc43e89976642c03bWinfingerprint v0.4.0 - Advanced remote windows OS detection. Current Features: Determine OS using SMB Queries, PDC (Primary Domain Controller), BDC (Backup Domain Controller), NT member server, NT Workstation, SQLServer, Novell Netware Server, Windows for Workgroups, Windows 9X, Enumerate Servers, Enumerate Shares including Administrative ($), Enumerate Global Groups, Enumerate Users, Displays Active Services, Ability to Scan Network Neighborhood, Ability to establish NULL IPC$ session with host, Ability to Query Registry (currently determines Service Pack Level & Applied Hotfixes. Runs on Windows NT and 2000.
cbe16d6221e053409d04ba5f9d8cff4128c6413e64b44b33732d58ccca008171Procwatch is a perl script which watches a /proc filesystem for new processes. When a process is created, procwatch reports the time, the username, the PID, and the binary that was run. Its output is suitable for logging to log files and is geared for system administrators who are testing a new but as yet untrusted UNIX system. Although it cannot detect, and is not proof against, hacked loadable kernel modules that have modified /proc, it is useful in watching for possible rogue binaries.
68dfad72427ae0eddb228265f96ba7689c3ec4efa78ad0f285c13614b8594c69The Linux Port/Socket Pseudo ACLs project is a patch to the Linux kernel which allows the admin to delegate privileges for some protected network resources to non-root users. The ACLs are generally used to run untrusted or insecure applications as an unprivileged process, thereby lessening the impact of some undiscovered denial of service or root compromise. The ACLs can cover protected ports, raw sockets, and packet sockets.
fa1ad43fadf54a769b2370a50d8d29243ac7c710c4d53a67279b3fca599d425aSrape is a perl script which sends tcp with no flags set and causes the victim to reply with rst packets. Seems to be more effective than a syn attack and harder to filter.
e4f492aef69f00b77840d631ac6aa16b968e23e37b3dfc9b6d38bcf76c82d57eShell script to scan a domain for open windows shares using samba. Tested on slackware, red hat, SuSE. Requires smb client.
aa897cb01895e470ffc69ea88d3d8aa218b9d21900a286afbf5b78fded94e1fcCERT Advisory CA-99-16 - Buffer Overflow in solaris sadmind. The sadmind program is installed by default in Solaris 2.5, 2.6, and 7.
91e3ccb53dada317e1d9eb7fb117db045ea4dab85eb4219206c1ebfaece31491Dword.pl - This will convert a given IP address into it's dword equiv, as described in "How to Obscure Any URL", available here.
3f31fd5b39902ebcc095a352a0538509fc005b0f033a0d5aae798016f30131c7Explanation of how to exploit the rpc.sadmind bug on Solaris.
39930a280c144ab14cfd240d0a929369a2f7e68dfed059b8f4c01fda84a4ba71Hotmail is vulnerable to yet another serious security problem involving javascript. Windows, MacOS, and Linux users are affected. Filters may be bypassed by putting line feeds in the middle of the javascript code, the browser will remove the line feeds and execute it.
38d619755398daddb4094c74d9e46a705ebf54917924ac7f57da9be93f94b110Veritas Volume Manager 3.0.x for Solaris contains a security hole which can, under specific circumstances, allow local users to gain root access. Exploit description included.
fd2319ff0e16f1c6e713fa56b2101950213939c45121c340cc789350ca38aee3
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed