what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 21 of 21 RSS Feed

Files Date: 2002-01-08

Posted Jan 8, 2002
Authored by Luca Deri | Site ntop.org

Ntop is a very useful Unix / Windows network sniffing tool that shows the network usage, similar to what the popular top Unix command does for processes. Has an interactive mode and a web mode for greater functionality and options, shows network traffic sorted according to various criteria, displays traffic statistics, shows IP traffic distribution among the various protocols, analyses IP traffic and sorts it according to the source/destination, displays IP Traffic Subnet matrix (who's talking to who?), reports IP protocol usage sorted by protocol type. In Web mode, it acts as a Web server, creating an HTML dump of the network status. Can be used as a a lightweight network IDS.

Changes: Improved application stability, performance enhancements, and many bugfixes. A HTTP-based client interface for creating ntop-centric monitoring applications has been added, and the ability to export NetFlows.
tags | tool, web, sniffer, protocol
systems | windows, unix
SHA-256 | 8eaf1c5baa1736ee4e3e51b9ad8e7646873b516fb60233d92ba8a98c9c9a809a
FreeBSD Security Advisory 2002.4
Posted Jan 8, 2002
Authored by The FreeBSD Project | Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-02:04 - The mutt ports, versions prior to mutt-1.2.25_1 and mutt-devel-1.3.24_2, contain a buffer overflow in the handling of email addresses in headers.

tags | overflow
systems | freebsd
SHA-256 | 6464640afeffbb8d80576dd583eb27af4174a3e9efeeb58196d1a98b1625fbed
Posted Jan 8, 2002
Authored by Smurf

Scans for rh7 boxes running ssh-2.1.1 that can be exploited using the TESO sshd exploit.

tags | tool, scanner
systems | unix
SHA-256 | 337efffdc164fbd36652c6593639bccf08d6e9a4cece4b53782e75423ac0d2ef
Posted Jan 8, 2002
Authored by Phuong Nguyen

Hosting Controller v1.4.1, an all-in-one administrative hosting tool for Windows, contains multiple vulnerabilities. It allows remote users to read any file on the system and browse non-public directories. Exploit URL's included.

tags | exploit, remote, vulnerability
systems | windows
SHA-256 | 2c63387a7684382d591e3e044e8f1a8a19214823af3c83775b0ffd2fbe8abd58
Posted Jan 8, 2002
Authored by Tamer Sahin | Site securityoffice.net

AOLserver v3.4.2 for Windows has a remote vulnerability which allows users to gain read access of known password protected files residing on an AOLserver host.

tags | remote
systems | windows
SHA-256 | 7fb93b6be8c7f43a99b7ec8616ce778988a9cbbe97e38d11620a6b969a3101db
Posted Jan 8, 2002
Authored by Tamer Sahin | Site securityoffice.net

The Savant Web Server v3.0 for Windows 95, 98, ME, NT, and 2000 has a remotely exploitable buffer overflow. Fix available at http://savant.sourceforge.net.

tags | web, overflow
systems | windows
SHA-256 | 225cd09a44933b83edcf3f7b0099bcd1bc96a920de2607ada83c729477a76cbc
Posted Jan 8, 2002

This is a Windows(tm) backdoor for ICQ 2001b that was tested on Version 5.18, but I may also work on future versions. This backdoor uses ICQ to indirectly access the internet, so most firewalls can't detect it. It has many features, you can use all of the standard socket functions remotely via this backdoor, you can remotely execute code on the target machine, and two example programs are included. NOTE: To understand this backdoor, you need knowledge of sockets programming and, if you need this feature, you should be familiar with the assembly language. This backdoor isn't thought for script kiddies, but for true programmers to experiment with it. Please do not misuse it! Archive password is set to p4ssw0rd. Use at your own risk.

tags | trojan
systems | windows
SHA-256 | 82cccb2f7f4fb663b8e0a9dbd319347f280c341600dae3fdfde443f629bffea2
FreeBSD Security Advisory 2002.3
Posted Jan 8, 2002
Authored by The FreeBSD Project | Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-02:03 - The mod_auth_pgsql port, versions prior to mod_auth_pgsql-0.9.9, contain a vulnerability that may allow a remote user to cause arbitrary SQL code to be execute. mod_auth_pgsql constructs a SQL statement to be executed by the PostgreSQL server in order to lookup user information. The username given by the remote user is inserted into the SQL statement without any quoting or other safety checks.

tags | remote, arbitrary
systems | freebsd
SHA-256 | 5f769d230b41592e415fa574769fd87226cc6e898a2af4b5608b7a041bbdb895
FreeBSD Security Advisory 2002.2
Posted Jan 8, 2002
Authored by The FreeBSD Project | Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-02:02 - When creating, removing, or modifying system users, the pw utility modifies the system password file '/etc/master.passwd'. This file contains the users' encrypted passwords and is normally only readable by root. During the modification, a temporary copy of the file is created. However, this temporary file is mistakenly created with permissions that allow it to be read by any user. A race condition is created.

tags | root
systems | freebsd
SHA-256 | 1bca2b877dbf7bc0f01b60bb2153ba2303a661e6157a04f5d85a15c9e26d28d6
Posted Jan 8, 2002
Authored by securiteam | Site securiteam.com

NT PHP.exe remote exploit. Allows any file on the webserver to be read.

tags | exploit, remote, php
SHA-256 | c70fec2805964960bbe0e6b210553f178550aa358ea04a158de1e717aa0fec37
Posted Jan 8, 2002
Authored by twlc, Dunric | Site twlc.net

Illusion isn't like every logs cleaner on earth, it's also able to check in syslog.conf for other possible logs, clean the logs of a possible sniffer, search the whole box for logs not linked to syslogd (on/off), and uses a lkm to hide the "syslogd restart".

tags | tool, rootkit
systems | unix
SHA-256 | 04da10fdda4a307e11c60ee027d92cf7f62ecbba6b50aa47d0e13ba8f676cd94
Posted Jan 8, 2002
Authored by Cartel Informatique

A small scanner and shell-like interface for the IIS unicode vulnerability (exploits directory traversal to reach cmd.exe).

tags | exploit, shell
SHA-256 | 4860665cc48f26976b79b732fa136524cf9ebb9a045a491dc290fe975295b816
Posted Jan 8, 2002
Authored by Cushman | Site hack-net.com

The Cisco UBR 900 series routers allow remote users snmp read access with any community string.

tags | remote
systems | cisco
SHA-256 | 9bd0f26ff7a2fc4740da643357c7a9d680e9716d015dce7ba90644ab12c220b7
Posted Jan 8, 2002
Site sourceforge.net

SAStk (Slackware Administrators Security tool kit) aims to provide a set of tools and utilities to install and maintain a reasonable level of security for the Slackware GNU/Linux distribution. At the same time, it should ease administration with a new centralized initialization setup and background information on what each daemon does.

Changes: Fixed a bug in which set the wrong permissions for the system's root directory. The pkgmake.sh script has been fixed, along with the directory permissions.
systems | linux, slackware
SHA-256 | e8d58562c90ddb3a272d51a44618f317594336f14b2e8a320e3adcccf3dab181
Posted Jan 8, 2002
Site sourceforge.net

IP Accounter is an IP accounting package for Linux. It collects, summarizes, and nicely displays IP accounting data. Its output can be a simple ASCII table, or graph images. Ipchains and iptables are supported. Logs are stored in files, gdbm, or even a PostgreSQL database.

Changes: The postg access method has been fixed. Traffic script improvements were made. Ipacsum-light has been added to the contrib section. The iptables way of doing work with interfaces has been fixed. There is a new ipac-ng.sql. It is now compatible with the pg_restore of PostgreSQL 7.1.3. Many other little fixes were made.
systems | linux
SHA-256 | 9fe874b940303fa7e678dd1ade2cdee3f5d842f99ed8d20bd065c2e97d86f3d1
Firewall Builder With GUI
Posted Jan 8, 2002
Site fwbuilder.org

Firewall Builder consists of object-oriented GUI and set of policy compilers for various firewall platforms. In Firewall Builder, firewall policy is a set of rules, each rule consists of abstract objects which represent real network objects and services (hosts, routers, firewalls, networks, protocols). Firewall Builder helps user maintain database of objects and allows policy editing using simple drag-and-drop operations. Firewall Builder can be used to manage firewalls built on variety of platforms including, but not limited to, Linux running iptables and FreeBSD or Solaris running ipfilter.

tags | tool, firewall, protocol
systems | linux, solaris, freebsd
SHA-256 | 80b59520a98620ba44421bb9e45a9efd8e1bbdf16a7ccdaf28b0f6caefbf806a
Posted Jan 8, 2002
Site members.optushome.com.au

Darkstat is an ntop-workalike network statistics gatherer. Built to be faster and smaller than ntop, it uses libpcap to capture network traffic and serves up Web page reports of statistics such as data transferred by host, port, and protocol. It also has a neat bandwidth usage graph.

Changes: Now uses autoconf and runs properly under FreeBSD. Clean shutdown has been improved, the graph thread has been replaced by a much more accurate mechanism, accounting for protocols has been made much more efficient, the mini Web server is now single-threaded, graphs are now stacked, and several memory overflows and leaks have been fixed.
tags | tool, web, sniffer, protocol
SHA-256 | 32e62b45981d2e0e618ad7096e7355385f807499f1b999933ec4d70b33b05a42
Posted Jan 8, 2002
Site syscalltrack.sourceforge.net

Syscall Tracker is a powerful tool for Linux 2.2 and 2.4 which allows you to write rules to track system calls. Currently only logging the invocation is supported, but in the future, you will be able to fail the system call (i.e. force it to return some error code), or suspend the process executing it. Allows you find out info that is hard to find, for instance to determine which process touched a certain file.

Changes: New process parameters PPID and PCOMM, a fix for a bug where filter expressions with '!' or '~' weren't parsed correctly, and a fix for a bug where if the filter expression first token was a '(' it looped endlessly because it never advanced to the next token.
systems | linux
SHA-256 | 285a707cd25909f1e0882fb55f785dc10285b821c910327d64feea4091004ac5
Posted Jan 8, 2002
Site knocker.sourceforge.net

Knocker is a simple and easy-to-use TCP security port scanner written in C. It is able to analyze hosts and the network services which are running on them. Knocker it is available for Linux and Unix platforms. Both a console version and a GTK+ version are available.

Changes: The --quiet-mode option was added to suppress output to the console, instead directing such output to a log file. The --enable-logfile option causes scan results to be written to a file, but does not disable console output. The --no-threads option disables the use of threads. A bug that prevented compilation under HP-UX was fixed.
tags | tool, scanner, tcp
systems | linux, unix
SHA-256 | 2db8aae36f6a9dcdb90c260df0e113add22932a1bde2bcd311ceafdde4df09cb
Posted Jan 8, 2002
Authored by Bjarni R. Einarsson | Site mailtools.anomy.net

The Anomy mail sanitizer is a filter designed to block email-based attacks such as trojans and viruses. It reads an RFC822 or MIME message and removes or renames attachments, truncate unusually long MIME header fields and sanitizes HTML by disabling Javascript and Java. It uses a single-pass pure Perl MIME parser, which can make it both more efficient and more precise than other similar programs and has built-in support for third-party virus scanners.

Changes: Improved Windows platform compatibility. The way that style blocks are handled by the html cleaner was improved. Some other minor bugs were fixed.
tags | trojan, perl, javascript, virus
systems | unix
SHA-256 | bf2a5e302454c5dee5adcfb683fdd11d6d40f054cf17d5741ce71fe4d145508a
Posted Jan 8, 2002
Authored by Laurent Constantin | Site laurentconstantin.com

Lcrzoex is a toolbox for network administrators and network hackers. Lcrzoex contains over 200 functionalities using network library lcrzo. For example, one can use it to sniff, spoof, create clients/servers, create decode and display packets, etc. The Ethernet, IP, UDP, TCP, ICMP, ARP and RARP protocols are supported. Lcrzoex and lcrzo were successfully installed under Linux, FreeBSD and Solaris. This archive contains Lcrzo and Lcrzoex. Windows binaries available here.

Changes: This version is a major rewrite. Windows 95, 98, Me, NT, 2k, and XP are now supported.
tags | udp, spoof, tcp, protocol, library
systems | linux, windows, solaris, freebsd
SHA-256 | 715d178b2057f3d69a78c3fe750e6eaf936143c7fa2965ce00393c50f0dec8ad
Page 1 of 1

File Archive:

October 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    10 Files
  • 2
    Oct 2nd
    0 Files
  • 3
    Oct 3rd
    12 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    18 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    0 Files
  • 8
    Oct 8th
    0 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By