exploit the possibilities
Showing 1 - 25 of 107 RSS Feed

Files Date: 2001-11-01 to 2001-11-30

Posted Nov 29, 2001
Authored by Sean Whalen | Site chocobospore.org

Mognet version 1.13 is a GPL'd libpcap/jpcap 802.11b sniffer/analyzer written in Java. It is display-optimized for use on handheld devices like the iPaq, and can save and load frames in libpcap/tcpdump/ethereal format.

tags | tool, java, wireless
MD5 | 597419cbdf698d3910e3a0d776952c16
Posted Nov 29, 2001
Authored by Ivan Arce | Site corest.com

CORE Security Advisory CORE-20011001 - Another globbing problem has been discovered in Wu-FTPD, allowing a remote user to execute arbitrary code. Affected versions include: all Wu-FTPD versions through 2.6.1, Wu-FTPD 2.7.0 snapshots, and FTP server programs derived from Wu-FTPD.

tags | remote, arbitrary
MD5 | d0f4c6846c096023d4dcbe87ec12b8ac
Posted Nov 28, 2001
Authored by rain forest puppy | Site wiretrip.net

Details and source diffs for the wu-ftpd v2.6.1 remote overflow vulnerability. By leaving off closing ']' and '}' characters, it's possible to get the glob function to construct a long string which very well may overflow a buffer in gzip v1.2.4.

tags | remote, overflow
MD5 | 9afb781f1eb9dc807231073297c6358e
Posted Nov 27, 2001
Site steghide.sourceforge.net

Steghide is steganography program which hides bits of a data file in some of the least significant bits of another file in such a way that the existence of the data file is not visible and cannot be proven. Steghide is designed to be portable and configurable and features hiding data in bmp, wav and au files, blowfish encryption, MD5 hashing of passphrases to blowfish keys, and pseudo-random distribution of hidden bits in the container data. It is able to embed data in BMP, WAV, and AU files.

Changes: The interval length now defaults to the max. Switches for verbosity, quiet, and force were added. Now prompts for a passphrase if one is not given.
tags | encryption, steganography
MD5 | 2d61b75286c3354026883f91c616cb67
Posted Nov 26, 2001
Site vapid.dhs.org

Vapid Labs Security Advisory 11232001-02 - The webserver administrator password for the Xitami Webserver is stored clear-text in a world readable file, allowing a local user to gain control of the webserver and, with some effort, the root account. Affected versions include: Xitami Webserver 2.4d9 and 2.5b5 beta.

tags | local, root
MD5 | b8f7367770e8399c7e4ec53c17423b3c
Posted Nov 26, 2001
Authored by Phuzzy L0gic | Site nmrc.org

NMRC Advisory - A vulnerability has been found in Sun's NetDymanics session management package that allows an attacker to hijack random user sessions. Versions confirmed affected include Solaris 7 and 8 (SPARC), running NetDynamics 4.x and 5.x.

systems | solaris
MD5 | 1357ff1e9215d62210f4bcd84d930a30
Posted Nov 26, 2001
Authored by Serge Birj

RemoteCompFind (previously known as RemoteHit) searches for a computer on a remote network, in a given IP Range, using NetBIOS protocol. The program is fully multi-threaded. RemoteHit has MS "Find: Computer" like interface.

Changes: The program doesn't use WinNT network libraries anymore. All NetBIOS related code is now part of the project. This significantly improves performance and adds compatibility with Win9x/Me.
tags | remote, protocol
MD5 | 9fa7dfcaf4d1c818e9bf56f2a21b68f6
Posted Nov 26, 2001
Authored by Stackd, ldm

ldM.c is a backdoor that runs on tcp port 141 by default.

tags | tcp
MD5 | 1aed76cc522684e3640094cf913455db
Posted Nov 26, 2001
Authored by Wojciech Purczynski | Site elzabsoft.pl

Capsel v1.9.99pre5 is a Linux kernel module for v2.2.x and 2.4.x with many features that increase your system security. It features the ability to stop chroot jail break, stop ptracing, control the execve call, and removes read permission from core dumps. It also changes the behavior of set*uid system calls which may be used by programs to drop almost all capabilities and UID without dropping capabilities that are needed to work correctly (i.e. bind sockets). Allows you to get rid of many of your SUID files.

Changes: Now works with kernel v2.2.20. Fixed some bugs. Readme available here.
tags | kernel
systems | linux
MD5 | 6e981a98be9291757155b8786c88b34d
Posted Nov 26, 2001
Authored by Freak88

Flood2.c is a SYN flooder that is more efficient than Juno because it uses smaller packets. Slightly broken.

tags | denial of service
MD5 | 5205ce43c00f91ce5f6bb2f78c8ac4a5
Posted Nov 25, 2001
Authored by Stackd, ldm

Std.c is a udp packet flooder. Tested on Linux.

tags | udp
systems | linux
MD5 | d332b164a8791631e3255c23ad0c1b34
Posted Nov 25, 2001
Site legions.org

IP Sorcery is a TCPIP packet generator which allows you to send TCP, UDP, and ICMP packets with a GTK+ interface.

Changes: New error windows to for errors. Includes minor feature enhancements to the GTK and console versions.
tags | udp, tcp
systems | unix
MD5 | f4acfb37ef5ede0372a36cce8fbf3ac6
Posted Nov 25, 2001
Authored by Marek Zelem, Martin Ockajak | Site medusa.fornax.sk

Medusa DS9 is a tool used to increase Linux's security. It consists of two major parts - Linux kernel changes and the user-space daemon. Kernel changes do the monitoring of syscalls, filesystem actions, and processes, and they implement the communication protocol. The security daemon communicates with the kernel using the character device to send and receive packets.

Changes: Patched for 2.2.20 and 2.4.15. Includes a bunch of bugfixes.
tags | kernel, protocol
systems | linux
MD5 | 5546ab7e67b2b95244aa8c5550afd35a
Posted Nov 25, 2001
Site thedumbterminal.co.uk

Sniff formats hex packets from tcpdump and converts them to ASCII to make them easier to read and understand. Its features include colored console output, CSV file saving, and fully customizable output. The program directly accepts all tcpdump options, including parsing from packet files.

Changes: A tcpdump option handling bug has been fixed.
tags | tool, sniffer
MD5 | 8707e39ff6a8c6e6ca0c2ebb53c30ccd
Posted Nov 25, 2001
Authored by Mike Ricketts | Site earth.li

SendIP is a commandline tool to send arbitrary IP packets. It has a large number of command line options to specify the content of every header of a TCP, UDP, ICMP, or raw IP packet. It also allows any data to be added to the packet. Checksums can be calculated automatically, but if you wish to send out wrong checksums, that is supported too.

Changes: Loads of compile fixes on various platforms, major bugfixes, and a real man page.
tags | tool, arbitrary, udp, tcp
systems | unix
MD5 | d04e7fe43b3cf2da4788cd2694495367
Posted Nov 24, 2001
Authored by Vacuum | Site winfingerprint.sourceforge.net

Winfingerprint v0.4.0 - Advanced remote windows OS detection. Current Features: Determine OS using SMB Queries, PDC (Primary Domain Controller), BDC (Backup Domain Controller), NT member server, NT Workstation, SQLServer, Novell Netware Server, Windows for Workgroups, Windows 9X, Enumerate Servers, Enumerate Shares including Administrative ($), Enumerate Global Groups, Enumerate Users, Displays Active Services, Ability to Scan Network Neighborhood, Ability to establish NULL IPC$ session with host, Ability to Query Registry (currently determines Service Pack Level & Applied Hotfixes. Runs on Windows NT and 2000.

tags | remote, registry
systems | windows, 9x, nt
MD5 | 79c0f0088f2717a49e59a443d32a6cc4
Posted Nov 24, 2001
Authored by Adam Guyot | Site speakeasy.net

Procwatch is a perl script which watches a /proc filesystem for new processes. When a process is created, procwatch reports the time, the username, the PID, and the binary that was run. Its output is suitable for logging to log files and is geared for system administrators who are testing a new but as yet untrusted UNIX system. Although it cannot detect, and is not proof against, hacked loadable kernel modules that have modified /proc, it is useful in watching for possible rogue binaries.

tags | kernel, perl
systems | linux, unix
MD5 | a91a4fd73ea6a3e871efd7c377c36da8
Posted Nov 24, 2001
Site original.killa.net

The Linux Port/Socket Pseudo ACLs project is a patch to the Linux kernel which allows the admin to delegate privileges for some protected network resources to non-root users. The ACLs are generally used to run untrusted or insecure applications as an unprivileged process, thereby lessening the impact of some undiscovered denial of service or root compromise. The ACLs can cover protected ports, raw sockets, and packet sockets.

Changes: Updated for kernel v2.4.15.
tags | denial of service, kernel, root, patch
systems | linux, unix
MD5 | b7eb746337c05cb946a201e8cd1c2d77
Posted Nov 24, 2001
Authored by eTech

Srape is a perl script which sends tcp with no flags set and causes the victim to reply with rst packets. Seems to be more effective than a syn attack and harder to filter.

tags | denial of service, perl, tcp
MD5 | 5972ce265362b6b1df477eb4f0ebfff3
Posted Nov 22, 2001
Authored by Zinc_Sh

Shell script to scan a domain for open windows shares using samba. Tested on slackware, red hat, SuSE. Requires smb client.

tags | tool, shell, scanner
systems | linux, redhat, windows, unix, suse, slackware
MD5 | 2cb45da8934e1a609da45af3e4205c1f
Posted Nov 22, 2001

CERT Advisory CA-99-16 - Buffer Overflow in solaris sadmind. The sadmind program is installed by default in Solaris 2.5, 2.6, and 7.

tags | overflow, add administrator
systems | solaris
MD5 | fd271451ef808735834c29476f4a121b
Posted Nov 22, 2001
Authored by Bro Evil

Dword.pl - This will convert a given IP address into it's dword equiv, as described in "How to Obscure Any URL", available here.

systems | unix
MD5 | fa19c30bc78ff6eeb419cdeda93779ca
Posted Nov 22, 2001
Authored by Cyrax | Site members.antionline.com

Explanation of how to exploit the rpc.sadmind bug on Solaris.

tags | exploit
systems | solaris
MD5 | be1ae7f11bc82103d3ad0d2ed147e147
Posted Nov 22, 2001
Authored by Hawaiian Superman

Hotmail is vulnerable to yet another serious security problem involving javascript. Windows, MacOS, and Linux users are affected. Filters may be bypassed by putting line feeds in the middle of the javascript code, the browser will remove the line feeds and execute it.

tags | exploit, javascript
systems | linux, windows
MD5 | 216cfc1e4f3f35e01de990a4c2973aba
Posted Nov 22, 2001
Authored by Echo8

Veritas Volume Manager 3.0.x for Solaris contains a security hole which can, under specific circumstances, allow local users to gain root access. Exploit description included.

tags | exploit, local, root
systems | solaris
MD5 | 11dc5c3932ca0eb6191ac53ab46ce704
Page 1 of 5

File Archive:

November 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    19 Files
  • 2
    Nov 2nd
    25 Files
  • 3
    Nov 3rd
    8 Files
  • 4
    Nov 4th
    7 Files
  • 5
    Nov 5th
    24 Files
  • 6
    Nov 6th
    0 Files
  • 7
    Nov 7th
    0 Files
  • 8
    Nov 8th
    18 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    106 Files
  • 11
    Nov 11th
    19 Files
  • 12
    Nov 12th
    13 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    18 Files
  • 16
    Nov 16th
    12 Files
  • 17
    Nov 17th
    15 Files
  • 18
    Nov 18th
    12 Files
  • 19
    Nov 19th
    4 Files
  • 20
    Nov 20th
    2 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    22 Files
  • 23
    Nov 23rd
    14 Files
  • 24
    Nov 24th
    19 Files
  • 25
    Nov 25th
    4 Files
  • 26
    Nov 26th
    1 Files
  • 27
    Nov 27th
    4 Files
  • 28
    Nov 28th
    1 Files
  • 29
    Nov 29th
    11 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2020 Packet Storm. All rights reserved.

Security Services
Hosting By