exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 26 RSS Feed

Files Date: 2001-12-09

pspa-2.4.16-13.gz
Posted Dec 9, 2001
Site original.killa.net

The Linux Port/Socket Pseudo ACLs project is a patch to the Linux kernel which allows the admin to delegate privileges for some protected network resources to non-root users. The ACLs are generally used to run untrusted or insecure applications as an unprivileged process, thereby lessening the impact of some undiscovered denial of service or root compromise. The ACLs can cover protected ports, raw sockets, and packet sockets.

Changes: Updated for kernel v2.4.16.
tags | denial of service, kernel, root, patch
systems | linux, unix
SHA-256 | 950455aeab7a3af1e443d3eb59ad11313f0c8ea6f0e1697d331be54a85c40605
guarddog-1.9.8.tar.gz
Posted Dec 9, 2001
Authored by Simon Edwards | Site simonzone.com

GuardDog is a firewall configuration utility for KDE on Linux. GuardDog is aimed at two groups of users - novice to intermediate users who are not experts in TCP/IP networking and security, and those users who don't want the hassle of dealing with cryptic shell scripts and ipchains parameters. Features an easy to use goal oriented GUI and the ability to generate ipchains scripts as output. Screenshot here.

Changes: Proper multi-language support has been added to the protocol DB. A nasty bug in the generated firewall scripts that could cause the machine to appear to hang at boot time has been fixed. A small design bug concerning the user defined protocols has been fixed. It now looks for ipchains or iptables in /usr/sbin/.
tags | tool, shell, tcp, firewall
systems | linux
SHA-256 | 50183338fa5d55aa72ca20845389acd85ea5d81eee3378606496ac571409b857
netscript-1.6.5.tgz
Posted Dec 9, 2001
Authored by vade79, realhalo | Site realhalo.org

Netscript is a portable and lightweight tcp socket scripting tool. It is intended to allow anyone to script situations based on a word-to-word ruleset response system. Includes wildcard support, character replacement, random replacement, argument inclusion, server timeout, initial send, display altering, multiple character dump formats, telnet protocol support, logging, program to socket dumping, executable ruleset support and reverse binding among other things.

Changes: The main focus of this release is the fixing of a potential local/remote security bug found during a quick audit. This security is somewhat minor due to the fact it relies on the user defined ruleset. The $' variable has been added for execution data manipulation, and the --hist option has been changed to only add a line if it does not already exist in the history file.
tags | tcp, protocol
systems | unix
SHA-256 | 9ee1d9d4733ebd8d7e80e9b5346d734fbe146ee02359a04851d7cdb0bd040932
scanssh-1.6b.tar.gz
Posted Dec 9, 2001
Authored by Provos | Site monkey.org

scanssh scans a list of addresses and networks for running SSH servers and their version numbers. scanssh supports random selection of IP addresses from large network ranges and is useful for gathering statistics on the deployment of SSH servers in a company or the Internet as whole.

Changes: Bug fixes and minor improvements.
tags | tool, scanner
systems | unix
SHA-256 | d6e4ab95f68a59f3b30c935e81359f79a6e1519ba3da062fcf29185b1f824c7b
bastard-0.14.tgz
Posted Dec 9, 2001
Site bastard.sourceforge.net

A disassembler written for disassembly of x86 ELF targets on Linux (other file formats/CPUs can be 'plugged in'). Written as a backend or engine -- the UI is a command line; support for controlling the disassembler via pipes or FIFOs is provided. Note that this disassembler does not rely on libopcodes to do its disassembly; rather, the 'libi386' plugin is a standard .so that can be reused by other projects.

Changes: Bugs in the disassembler (disp32, 0x0F bugs) have been fixed. A GUI frontend has been added to the main Makefile, and autogen/configure has been replaced with more simple, more reliable Makefiles.
tags | x86
systems | linux
SHA-256 | ff3d0ecbcfd3aae1a05edbb12329d7b53e69f35f6276bbcb2fe8b968e739217d
syscalltrack-0.64.tar.gz
Posted Dec 9, 2001
Site syscalltrack.sourceforge.net

Syscall Tracker is a powerful tool for Linux 2.2 and 2.4 which allows you to write rules to track system calls. Currently only logging the invocation is supported, but in the future, you will be able to fail the system call (i.e. force it to return some error code), or suspend the process executing it. Allows you find out info that is hard to find, for instance to determine which process touched a certain file.

Changes: Better support for filter expressions, better error messages, Unary operators ('~', '!') are now working. Fixed some crash bugs and memory leaks.
systems | linux
SHA-256 | 8e56a3822ddfc6c312bd8cd985b08e7f0b607e9da7825b0d22a4705b46221b69
ipsorc-1.4.tar.gz
Posted Dec 9, 2001
Site legions.org

IP Sorcery is a TCPIP packet generator which allows you to send TCP, UDP, and ICMP packets with a GTK+ interface.

Changes: Added the ability to send a data payload with packets in console version and other minor enhancements.
tags | udp, tcp
systems | unix
SHA-256 | 68fe5507f49dd0770bfb49b0cd013ea8f074ea97a53911e85cd38873f9cc987c
ipac-ng-1.13.tar.gz
Posted Dec 9, 2001
Site sourceforge.net

IP Accounter is an IP accounting package for Linux. It collects, summarizes, and nicely displays IP accounting data. Its output can be a simple ASCII table, or graph images. Ipchains and iptables are supported. Logs are stored in files, gdbm, or even a PostgreSQL database.

Changes: Traffic script fixes\changes, minor configure fixes\additions, and gdbm storage fixes were added.
systems | linux
SHA-256 | db11173255576525b85ee5ce00817724d2702399f9af5ccde8e326bdabf29cb4
wu-ftpd-2.6.2.tar.gz
Posted Dec 9, 2001
Site wu-ftpd.org

Wu-Ftpd is a portable FTP server.

Changes: Remote root bugs in 2.6.1 fixed.
systems | unix
SHA-256 | fc2f30149acca955da1785b2e0388e0c9fe47dded69520dec633273209c5040b
mimedefang-2.2.tar.gz
Posted Dec 9, 2001
Authored by Dianne Skoll | Site roaringpenguin.com

MIME Defanger is a flexible MIME e-mail scanner designed to protect Windows clients from viruses and other harmful executables. It works with Sendmail 8.11 / 8.12 and will alter or delete various parts of a MIME message according to a flexible configuration file.

Changes: New actions were added (action_replace_with_url, action_notify_administrator). Now possible to customize rule sets on a per-domain basis, which is useful if you host many virtual domains. Now issues an SMTP temporary-failure code if a filter fails, which is safer than the old behavior of adding a warning and allowing mail through.
systems | windows, unix
SHA-256 | 28969b2c5e980f91a51d0d371e75b0a0b430147dbddcf9a30bab7dfecb6c7398
twhttpd.tar.gz
Posted Dec 9, 2001
Site ie.cuhk.edu.hk

TrustWall HTTP Proxy v0.9-5 is a secure HTTP proxy which protects web servers (and web browser clients) by checking the HTTP protocol header data. The design has already put most modern web base attacks into consideration and hence can protect most web servers without very in-depth knowledge about the attacking techniques.

Changes: support has been added for anonymized User-Agents, as well as some minor bugfixes.
tags | web, protocol
SHA-256 | 0d0cfbfa2eb3a8ca9314ff85bd2718830e92707e736d7baf0dcee783f8905127
aldebaran-3.0.2.tar.gz
Posted Dec 9, 2001
Site rogala.3d.pl

Aldebaran is an advanced libpcap-based network TCP, UDP, ICMP, and ARP network sniffer which gives a user only a payload from captured data and basic info about addresses and ports (nothing about flags, etc.). This is useful for monitoring data sent by connections and sniffing passwords. It supports filtering packets with not only simple port/address libpcap rules but also payload contents and can send captured data to another host via UDP. It can also encrypt data written to a dump file, analyze interface traffic, and present statistics (packet count, sizes, average speed, etc.) in HTML or a plain text file.

Changes: This release has ICMP protocol support, the ability to change the process name, kernel support (for hiding in system), server mode (sniffer detection in LAN), sending logs via mail, and switch MAC table overflowing (experimental).
tags | tool, udp, sniffer, tcp
SHA-256 | 5fd86446dc89c1595f573a6bcd7d765fa321e2a7ae51e8b3e6cbe76696b6a942
own-ettercap.c
Posted Dec 9, 2001
Authored by gobbles, Alicia | Site bugtraq.org

Ettercap v0.6.2 local root format string exploit. Works if the administrator made Ettercap SUID.

tags | exploit, local, root
SHA-256 | 4f7b696cea2b1db223e600477d54422235560202856224be55543c7f58c4a210
FreeBSD Security Advisory 2001.64
Posted Dec 9, 2001
Authored by The FreeBSD Project | Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-01:64.wu-ftpd - Wu-ftpd v2.6.1 and below contains a remote root vulnerability which allows ftp users with anonymous accounts or user accounts to execute code. This may be accomplished by inserting invalid globbing parameters which are incorrectly parsed by the FTP server into command input.

tags | remote, root
systems | freebsd
SHA-256 | bed19099b553f8ec342c3bbd33c003a2357327bf9a9abe5d374c316e9b571004
ssh-2.3.0.patch
Posted Dec 9, 2001
Authored by Digital Shadow | Site ministryofpeace.co.uk

SSH-2.3.0 client patch to log outgoing usernames, passwords, and hostnames.

tags | tool, rootkit
systems | unix
SHA-256 | ac70dd5c43e7220631199e96f023cd06a6796d6689b45217f7c81ade8e2345b3
openssh-2.9p2.patch
Posted Dec 9, 2001

Openssh-2.9p2 patch which logs the username, remote host, and password when outbound connections are made.

tags | tool, remote, rootkit
systems | unix
SHA-256 | 54ff25e46677231b2fc92927a45b716aa7cffc530903b1efb79922544c1dcd02
UseLogin.txt
Posted Dec 9, 2001
Authored by War | Site genhex.org

OpenSSH v3.0.1p1 and below root exploit which only works of the administrator has turned on the UseLogin feature. Uses the libroot library. Requires an account on the remote machine.

tags | exploit, remote, root
SHA-256 | b785235fe2fbf2c69f44d93ca622e244033585cf6ba64fbd80330fe466a5f2fc
kebi-webmail_vul.txt
Posted Dec 9, 2001
Authored by secret | Site wowhacker.org

The Kebi Webmail server allows remote users to have administrator access by going to http://site.com/a/.

tags | exploit, remote, web
SHA-256 | 5d2ff185f4844973c582f3bddcc8faef759c384b62fe1ca66d7e8a6cc8549176
ms01-057
Posted Dec 9, 2001

Microsoft Security Advisory MS01-057 - Outlook Web Access (OWA), a service of Exchange 5.5 Server, has a flow which allows remote attackers to take any action against the user's Exchange mailbox that the user himself was capable of, including sending, moving, or deleting messages. If an HTML message that contains specially formatted script is opened in OWA, the script executes when the message is opened. Microsoft FAQ on this issue available here.

tags | remote, web
SHA-256 | bc463ed36dace4a8c770b85f06fab109670e05d1e090147bcfabc694edab5205
FreeBSD Security Advisory 2001.63
Posted Dec 9, 2001
Authored by The FreeBSD Project | Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-01:63.openssh - OpenSSH prior to v3.0.2 has a remote root vulnerability, but only if the administrator set 'UseLogin yes' in the sshd_config file.

tags | remote, root
systems | freebsd
SHA-256 | 521f8bbae1b8707730186dbfe6ec79cfdbb5d86ffe92ddf46345ae69a14b59d4
LDAP_Brute.pl
Posted Dec 9, 2001
Authored by Victim1 | Site sec.angrypacket.com

LDAP_Brute.pl is an OpenLDAP brute force auditing application. Written under Slackware 8.0. Brute forces Manager password then Dumps entire Database of user and passwords in format for John the Ripper.

tags | cracker
systems | linux, slackware
SHA-256 | 54133368e7dc6d683f31097c304ee7b10afc02a8fd2701c4afdada32653453ac
analog-5.1.tar.gz
Posted Dec 9, 2001
Site analog.cx

Analog is a program to measure the usage on your web server. It tells you which pages are most popular, which countries people are visiting from, which sites they tried to follow broken links from, and all sorts of other useful information. It is totally free.

tags | web
SHA-256 | 8ac2b72bfcc5c6ed92791b6ad1a76136571e5b8eb9ca874fedc96146e9c5fe84
fwanalog-0.4.1.tar.gz
Posted Dec 9, 2001
Site tud.at

fwanalog is a shell script that parses and summarizes firewall logfiles. It currently (version 0.4.1) understands logs from ipf (tested with OpenBSD 2.8's and 2.9's ipf, also FreeBSD and NetBSD), Linux 2.2 ipchains and Linux 2.4 iptables. It has been tested on Debian GNU/Linux "sid" with bash and OpenBSD 2.8 and 2.9 with ksh as /bin/sh. It can be easily extended for other logfile formats, all it takes is editing two regular expressions. Sample report available here.

tags | tool, shell, firewall, bash
systems | linux, netbsd, unix, freebsd, openbsd, debian
SHA-256 | 12920533fe25151e3ced38b92d32d1bea3aab768f99fef447b1eb297e3539a8d
psad-0.9.4.tar.gz
Posted Dec 9, 2001
Site cipherdyne.com

Port Scan Attack Detector (psad) is a perl program that is designed to work with Linux firewalling code (iptables in the 2.4.x kernels, and ipchains in the 2.2.x kernels) to detect port scans. It features a set of highly configurable danger thresholds (with sensible defaults provided), verbose alert messages that include the source, destination, scanned port range, begin and end times, TCP flags and corresponding nmap options (Linux 2.4.x kernels only), email alerting, and automatic blocking of offending IP addresses via dynamic configuration of ipchains/iptables firewall rulesets. In addition, for the 2.4.x kernels psad incorporates many of the TCP signatures included in Snort to detect highly suspect scans for various backdoor programs (e.g. EvilFTP, GirlFriend, SubSeven), DDoS tools (mstream, shaft), and advanced port scans (syn, fin, Xmas) which are easily leveraged against a machine via nmap.

Changes: Added h2xs support so psad will install Psad.pm The Right Way. Added the conntrack_patch kernel patch to fix the iptables ip_conntrack bug which causes packets to be dropped that are part of legitimate tcp sessions. Added the USR1 option to support automatic sending of a USR1 signal to a running psad process. Updated documentation and man page to reflect the above changes.
tags | kernel, perl, tcp
systems | linux
SHA-256 | ad3a1269cc21c10c5746f35c3b548d06c68bc8a7d12baa2475cf864c19d14696
dante-1.1.11.tar.gz
Posted Dec 9, 2001
Site inet.no

Dante is a circuit-level firewall/proxy that can be used to provide convenient and secure network connectivity to a wide range of hosts while requiring only the server Dante runs on to have external network connectivity. Once installed, Dante can in most cases be made transparent to the clients while offering detailed access control and logging facilities to the server administrator.

tags | tool, firewall
systems | unix
SHA-256 | b6f0388e4ce5dee0b36dc0f2339bdecad72ef8dcc2b64c7cc0dd90621fa1043c
Page 1 of 2
Back12Next

File Archive:

September 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    23 Files
  • 2
    Sep 2nd
    12 Files
  • 3
    Sep 3rd
    0 Files
  • 4
    Sep 4th
    0 Files
  • 5
    Sep 5th
    10 Files
  • 6
    Sep 6th
    8 Files
  • 7
    Sep 7th
    30 Files
  • 8
    Sep 8th
    14 Files
  • 9
    Sep 9th
    26 Files
  • 10
    Sep 10th
    0 Files
  • 11
    Sep 11th
    0 Files
  • 12
    Sep 12th
    5 Files
  • 13
    Sep 13th
    28 Files
  • 14
    Sep 14th
    15 Files
  • 15
    Sep 15th
    17 Files
  • 16
    Sep 16th
    9 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    12 Files
  • 20
    Sep 20th
    15 Files
  • 21
    Sep 21st
    20 Files
  • 22
    Sep 22nd
    13 Files
  • 23
    Sep 23rd
    12 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close