exploit the possibilities
Showing 1 - 25 of 84 RSS Feed

Files Date: 2001-12-01 to 2001-12-31

Posted Dec 29, 2001
Authored by Xie Hua Gang | Site lids.org

The Linux Intrusion Detection System is a patch which enhances the kernel's security. When it's in effect, many system administration operations can be made impossible even for root. You can turn the security protection on or off on the fly and you can hide sensitive processes and prevent anyone from using ptrace or any other capability on your system. LIDS can also provide raw device and I/O access protection. LIDS FAQ available here.

Changes: LIDS can be used for the 2.4.16 kernel, /etc/lids access deny is no more hardcoded and has to be included in the configuration and several bugs where fixed.
tags | kernel, root
systems | linux
MD5 | d136b6aa536027a514e6e5a04914a35d
Posted Dec 28, 2001
Authored by phrack | Site phrack.org

Phrack Magazine Issue 58 - In this issue: Advanced return-into-lib(c) exploits (PaX case study), Runtime binary encryption, Advances in kernel hacking, Linux on-the-fly kernel patching without LKM, Linux x86 kernel function hooking emulation, RPC without borders, Developing StrongARM/Linux shellcode, HP-UX (PA-RISC 1.1) Overflows, The Security of Vita Vuova's Inferno OS, Phrack Loopback, Phrack World News, and more.

tags | overflow, x86, kernel, shellcode, risc, magazine
systems | linux, hpux
MD5 | b4cfe2e7dac63ba2279852828ac0d159
Posted Dec 28, 2001

The hp-ftp trojan pretends to be an exploit created by the Last Stage of Delirium that targets HP-UX FTP servers. Upon executions this file will try to add two new accounts to the password file and will send an email with netstat information to aborted@yahoo.com LinuxPir8@yahoo.com. Archive password is set to p4ssw0rd. Use at your own risk.

tags | trojan
systems | hpux
MD5 | 323f34db83b7d6108a4f23c73d3afb15
Posted Dec 28, 2001
Authored by JW Oh | Site monkey.org

Solaris x86 v2.8 /bin/login via telnet remote buffer overflow exploit. Uses fixed addresses. Executes any command as root.

tags | exploit, remote, overflow, x86, root
systems | solaris
MD5 | a738b5f4370aa08653cf62c7c419bf8b
Posted Dec 28, 2001
Authored by IhaQueR@IRCnet

Pmake <= 2.1.33 local root exploit. Some distributions have pmake suid root by default.

tags | exploit, local, root
MD5 | 60072037d04fb99236213b82a4239fdf
Posted Dec 27, 2001
Authored by contem

Kaitan.c is an IRC based DDoS client.

MD5 | 74fe3d86afcbf6c801d1cc3c4d6e357d
Posted Dec 26, 2001
Authored by Nelson Brito | Site nelson.wwsecurity.net

Nb-isakmp.pl is a proof of concept exploit for Bugtraq # 3652 - ISAKMP/IKE remote denial of service against Win2k. This code may exploit other bugs as well. Perl version.

tags | exploit, remote, denial of service, perl, proof of concept
systems | windows
MD5 | f5af9905a00822bcb51cfbd06064da72
Posted Dec 26, 2001
Authored by Nelson Brito | Site nelson.wwsecurity.net

Nb-isakmp.c is a proof of concept exploit for Bugtraq # 3652 - ISAKMP/IKE remote denial of service against Win2k. This code may exploit other bugs as well. C version.

tags | exploit, remote, denial of service, proof of concept
systems | windows
MD5 | 690321d47ef04f0d314c84e8da296191
Posted Dec 26, 2001
Authored by Gobbles Security | Site bugtraq.org

AdStreamer is a cgi package with several remote vulnerabilities, one of which allows remote command execution. Buggy open calls were found in addbanner.cgi, banner.cgi, bannereditor.cgi, and report2.cgi.

tags | exploit, remote, cgi, vulnerability
MD5 | 06fc404d3b77658241ef7dfe94f0d8bf
Posted Dec 26, 2001
Authored by BigHawk | Site kryptology.org

Aesop is a TCP-proxy which supports many advanced and powerful features. It's designed to be secure, fast and reliable. Aesop makes use of strong cryptography (RC4) for all its data-transmission up to the end-link. Another powerful feature of Aesop is that Aesop proxies can be transparently stacked into a secure chain. Aesop is implemented using multiplexing and is therefor fast and lightweight.

Changes: Added IPV6 support, more portable, fixed makefiles, added debugging, and fixed bugs.
tags | tcp
systems | unix
MD5 | 5077783e7899d8373b82f1cd9d0ea346
Posted Dec 26, 2001
Authored by Gerald Combs | Site ethereal.com

Ethereal is a GTK+-based network protocol analyzer, or sniffer, that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and to give Ethereal features that are missing from closed-source sniffers. Screenshot available here.

Changes: New dissectors include EAPOL, M2TP, MS RPC, MTP2, PCNFSD, PPP/EAPOL, QLLC, SMPP, and SUA. Support for DBS Etherwatch, Visual Networks Visual UpTime, and VMS TCPIPtrace capture files was added. Ascend/Lucent debug Etherpeek, iptrace and MS Netmon capture file support was enhanced.
tags | tool, sniffer, protocol
systems | unix
MD5 | ffd8bd046f744264b7eec1b1e3dd3565
Posted Dec 26, 2001
Authored by Stefan Esser | Site e-matters.de

A flaw in Microsoft Internet Explorer allows an attacker to perform a SSL Man-In-The-Middle attack without the majority of users recognizing it. In fact the only way to detect the attack is to manually compare the server name with the name stored in the certificate due to a flaw in the way IE checks HTTPS objects that are embedded into normal HTTP pages.

tags | exploit, web
MD5 | 813b3f6b340271cde3c512bb61deeb01
Posted Dec 26, 2001
Authored by twlc, Supergate | Site twlc.net

Plesk, a popular server administration tool used by many web hosting companies, has a bug which allows remote users to view the source of .php hosted files. All versions prior to v2.0 are affected.

tags | exploit, remote, web, php
MD5 | a7d92ef2dc4845c652651a3543755d05
Posted Dec 26, 2001
Authored by Jay Beale | Site bastille-linux.org

The Bastille Hardening System attempts to "harden" or "tighten" the Linux/Unix operating systems. It currently supports Red Hat and Mandrake systems, with support on the way for Debian, SuSE, TurboLinux and HP-UX. We attempt to provide the most secure, yet usable, system possible. Screenshot available here.. RPM's available.

systems | linux, redhat, unix, suse, debian, hpux, mandrake
MD5 | 280269a12641c1f495970f0baba1522c
Posted Dec 21, 2001

Microsoft Security Advisory MS01-060 - SQL Server 7.0 and 2000 have several vulnerabilities. Some allow remote code execution while others are denial of service attacks. An attacker could exploit the vulnerabilities in either of two ways. The most direct way would be for the attacker to simply load and execute a database query that calls one of the affected functions. Alternatively, if a web site or other database front-end would accept and process arbitrary queries, it could be possible for the attacker to provide inputs that would cause the query to call an affected function with the appropriate parameters. Microsoft FAQ on this issue available here.

tags | remote, web, denial of service, arbitrary, vulnerability, code execution
MD5 | d7934585bf8840ad375f4b82eb92391c
Posted Dec 21, 2001

Microsoft Security Advisory MS01-059 - Two unrelated buffer overflows have been found in the Microsoft UPnP service. A overflow in the NOTIFY directive allows remote attackers to execute arbitrary code. The second vulnerability crashes the machine. Windows ME and XP include native UPnP services; Windows 98 and 98SE do not include a native UPnP service, but one can be installed. Microsoft FAQ on this issue available here.

tags | remote, overflow, arbitrary
systems | windows, 9x, me
MD5 | ebf378945d3daf074db1ccefccfb9f77
Posted Dec 21, 2001
Authored by Andrea Barisani

The Firewall Tester consists of two simple perl scripts, the client part (ftest.pl) and the listening "daemon" (ftestd.pl). The client injects custom marked packets, while the daemon listens for them. The comparison of the script's log files permit the detection of filtered packets and consequently filtering rules if the two scripts are ran on different sides of a firewall.

Changes: Added command line packet injection option, packets are now tracked also with IP ID field, added freport for automatically parse ftest and ftestd log files. Requires: Net::RawIP, Net::PcapUtils, Net::Packet.
tags | tool, perl, firewall
systems | unix
MD5 | e65a068e4760f5c316afcb1c9caba592
Posted Dec 21, 2001
Authored by Risto Vaarandi | Site kodu.neti.ee

Sec is a free and platform independent event correlation tool that was designed for network and application management, but it can be applied for solving any other task where similar event correlation operations are relevant. Since sec uses powerful regular expression concept for matching input and also supports named pipes as input files, it can not merely be used for matching events from a single logfile, but also for more general purposes. You can integrate sec with arbitrary network management (or other) application, provided that output from that application can be directed to a named pipe, which most modern network management platforms provide. Written in perl, works on Unix and Windows. FAQ here.

tags | arbitrary, perl, system logging
systems | windows, unix
MD5 | 55dc74e90be992d29c5e2aee20845e69
Posted Dec 18, 2001
Authored by Todd Sabin | Site razor.bindview.com

Microsoft HK local exploit - Executes any command as SYSTEM, as described in MS01-003. Good for recovering lost admin rights. Includes C source and binary.

tags | exploit, local
MD5 | c304bfd8147a60c82839eaa4930b067a
Posted Dec 18, 2001

Knetfilter is a KDE gui application designed to manage the netfilter functionalities that will come with the new kernel 2.4.x. In Principal, all standard firewall system administration activities can be done just using knetfilter. But there is not just a GUI to iptables command line, it is possible also some monitoring via a tcpdump interface.

Changes: Output lines are no longer printed three times. The configure system has been updated (on the way to KDE 3).
tags | tool, kernel, firewall
systems | linux
MD5 | b2e71fd83f890876286c8c7274912dad
Posted Dec 18, 2001
Authored by Tomas Junnonen | Site firestarter.sourceforge.net

The goal of FireStarter is to provide an easy to use, yet powerful, GUI tool for setting up, administrating and monitoring firewalls for Linux machines. FireStarter is made for the GNOME desktop. It can actively monitor your firewall and list any unauthorized connection attempts made to your machine in a readable table format.

Changes: A more powerful wizard!!!!! Smarter connection tracking, more advanced sysctl checks that provide better security than ever, ability to forward different protocols (e.g., UDP), and lots of bugfixes.
tags | tool, firewall
systems | linux
MD5 | 38b4cd9717e09a0206018181939531cb
Posted Dec 18, 2001
Site conostix.com

IPFC is a framework to manage and monitor multiple types of security modules across a network. Security modules can be as diverse as packet filters (like netfilter, pf, ipfw, IP Filter, checkpoint FW1, etc.), NIDS (Snort, arpwatch, etc.), Web servers, and other general devices (from servers to embedded devices). Features log collection for different security "agents", dynamic log correlation possibilities, and easy extensibility due to the generic database and XML message formats used

tags | web, system logging
systems | unix
MD5 | 4ec321176440b092e7cddc25cba4c860
Posted Dec 18, 2001
Site sourceforge.net

The Network Security Monitor Daemon is a lightweight (distributed?) network security monitor for TCP/IP LANs which will capture certain network events and record them in a relational database. The recorded data is then made available for analysis via a CGI-based interface.

Changes: Improved security - No threads run as root. Added a new statistical thread and an HTTP server thread (which serves statistics in XML/XSL).
tags | tool, cgi, tcp, intrusion detection
systems | unix
MD5 | ce6dfe55f8de34afa03e3e5d51685b7a
Posted Dec 18, 2001
Authored by Dan Farmer, Wietse Venema | Site porcupine.org

TCT is a collection of tools which are geared towards gathering and analyzing forensic data UNIX system after a break-in. TCT features the grave-robber tool which captures information, the ils and mactime tools that display access patterns of files dead or alive, the unrm and lazarus tools that recover deleted files, and the keyfind tool that recovers cryptographic keys from a running process or from files. TCT is tested on Linux, BSD, Solaris, and SunOS. For more information see the handouts from Dan Farmer and Wietse Venema's computer forensics analysis class.

Changes: Added large file support for linux. Fixed a bad off by one bug in unrm. New grave-robber -I option for better control of icat/pcat. Fixed lots of bugs. Updated documentation.
tags | tool
systems | linux, unix, solaris, bsd
MD5 | aa21587eb1a38ab84c47716351e54948
Posted Dec 18, 2001

Infostego is a program for Windows to hide information in pictures. Shareware. From www.anity.net.

tags | encryption, steganography
systems | windows
MD5 | 125f542e7806262a2b85647b2f0ae04f
Page 1 of 4

File Archive:

November 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    19 Files
  • 2
    Nov 2nd
    25 Files
  • 3
    Nov 3rd
    8 Files
  • 4
    Nov 4th
    7 Files
  • 5
    Nov 5th
    24 Files
  • 6
    Nov 6th
    0 Files
  • 7
    Nov 7th
    0 Files
  • 8
    Nov 8th
    18 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    106 Files
  • 11
    Nov 11th
    19 Files
  • 12
    Nov 12th
    13 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    18 Files
  • 16
    Nov 16th
    12 Files
  • 17
    Nov 17th
    15 Files
  • 18
    Nov 18th
    12 Files
  • 19
    Nov 19th
    4 Files
  • 20
    Nov 20th
    2 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    22 Files
  • 23
    Nov 23rd
    14 Files
  • 24
    Nov 24th
    19 Files
  • 25
    Nov 25th
    4 Files
  • 26
    Nov 26th
    1 Files
  • 27
    Nov 27th
    4 Files
  • 28
    Nov 28th
    1 Files
  • 29
    Nov 29th
    11 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2020 Packet Storm. All rights reserved.

Security Services
Hosting By