exploit the possibilities
Showing 1 - 18 of 18 RSS Feed

Files Date: 2002-01-31

Posted Jan 31, 2002
Authored by fryxar

Tunnelshell is a client-server backdoor which uses fragmented packets to traverse firewalls. Written in C, tested on Linux.

tags | tool, rootkit
systems | linux, unix
MD5 | d85e5b237d50e8eac3adc6a84bc13157
Posted Jan 31, 2002
Authored by Vic Abell

Lsof is an extremely powerful unix diagnostic tool. Its name stands for LiSt Open Files, and it does just that. It lists information about any files that are open by processes currently running on the system. It easily pinpoints which process is using each network connection / open port. FAQ available here.

Changes: Adds support for FreeBSD 4.5 and 5, makes Linux lsof handle file sizes greater than 32 bits, supports Solaris 9 BETA-Refresh, and permits NetBSD and OpenBSD lsof compilation when system sources are absent.
tags | tool, intrusion detection
systems | unix
MD5 | 583398bc99d265c5a64dbc30e99305cb
Posted Jan 31, 2002

Microsoft Security Advisory - A vulnerability in the trust relationships between Windows NT or Windows 2000 domains allow attackers to insert SID's of his choice into the authorization data at the trusted domain, he could elevate his privileges to those associated with any desired user or group, including the Domain Administrators group for the trusting domain. Microsoft FAQ on this issue available here.

systems | windows
MD5 | f4ef26a2e0feafb88cc8fcd1a482ac04
Posted Jan 31, 2002
Authored by Null Byte Security | Site home.tampabay.rr.com

NetGear RO318 HTTP Filter Advisory - The firmware does not check URL's well enough and will send out restricted content if given a malformed URL. Includes perl exploit.

tags | exploit, web, perl
MD5 | 9d7dbab5ae54817fb0af918b799bd42c
Posted Jan 31, 2002
Authored by rain forest puppy | Site wiretrip.net

RFP2201 - MS Site Server Evilness. Security considerations to keep in mind when using Site Server 3.0. Includes info on a LDAP_Anonymous account w/ default password, information leakage and more via administrative pages, information leakage via _mem_bin pages, Cross-site scripting in various files, anonymous LDAP access, user publishing of files, Content publishing (cphost.dll) issues, and more.

tags | xss
MD5 | e2d780dcf2358bfa5f20ab1ee03d4253
Posted Jan 31, 2002
Authored by NTSleuth | Site ntsleuth.0catch.com

NBTEnum 1.1 is a utility for Windows which can be used to enumerate one single host or an entire class C subnet. This utility can run in two modes: query and attack. The main difference between these modes is that when NBTEnum is running in attack mode it will seek for blank password and for passwords that are the same as the username but then in lowercase letters.

Changes: Dictionary attack added, now does enumeration of NT version and Service Pack level, AutoAdminLogon detection, WinVNC encrypted password extraction, and Enumeration of NT services.
systems | windows
MD5 | 860c595884ace0c85030e2b74cca7ac8
Posted Jan 31, 2002
Authored by Bill Reilly | Site denmarket.dk

Port Scanning: Is it illegal? This paper discusses the one federal court ruling on this point.

tags | paper
MD5 | f460656d1d93e3259d0c723beed2a54f
Posted Jan 31, 2002
Authored by Bill Reilly | Site denmarket.dk

Write Code Go to Jail: A look at the DMCA criminal liability for non-US software developers.This article will explain the relevant criminal provisions of the DMCA, and explore how the US Attorney has applied the law to foreign software developers. Finally, taking both into consideration, I will suggest theoretical suggestions for non-US firms facing such dilemmas.

tags | paper
MD5 | 5ee10988f6eac31e04a18e84a2190a2f
Posted Jan 31, 2002
Authored by Bill Reilly | Site denmarket.dk

The Impact of the USA Patriot Act on Network Security Practice - The patriot act contains some of the most substantial changes to U.S. federal cybercrime laws since the last major revisions of 1996. Many of these changes will have a direct impact on the way networked firms prepare and react to cybercrime incidents.

tags | paper
MD5 | 4143b34d5f1171b3f33551c491fe4918
Posted Jan 31, 2002
Authored by Robert Anthony Rota

Windows 2000 Group Policy may be disabled by locking the policy files. Microsoft does not have sufficient plans to replace the system files to fix this problem so we developed an application that can be run on a domain to search for Group Policy files and lock them. Once the Group Policy files are locked the subsequent logins will attempt to read the Group Policy Objects but will not be able to so the Group Policies will not be propagated to the user or the machine. This can be a serious problem depending on the domain's reliance on Group Policy. More info on Windows group policy available here.

systems | windows
MD5 | 4022f61b41897cd6a81f48d1fbc4de53
Posted Jan 31, 2002

A program to brute force valid Newspro logins/passwords by wh1sky

tags | cracker
MD5 | 6c74b61bc5e80e87f3b1f3b319e4ee29
Posted Jan 31, 2002

A program to brute force valid POP3 logins/passwords by wh1sky

tags | cracker
MD5 | 4a1ba485d68a6a0a602aca6ffd9fe2fa
Posted Jan 31, 2002
Site nipc.gov

Find_ddos v4.2 (linux) - The NIPC has developed a tool to assist in combating ddos agents. The tool scans a local system that is either known or suspected to contain a DDOS program. The tool will detect several known denial-of-service attack tools including tfn2k client, tfn2k daemon, trinoo daemon, trinoo master, tfn daemon, tfn client, stacheldraht master, stacheldraht client, stachelddraht demon and tfn-rush client. Solaris version also available.

tags | denial of service, local
systems | linux, solaris
MD5 | 5af645362aa80a3fb6c1f1c3fab6e7a3
Posted Jan 31, 2002
Site sentinelchicken.com

Realplayer 8 for Windows and Linux has a remote heap overflow vulnerability. A malformed .rm file can overwrite data on the stack. Patch available here.

tags | remote, overflow
systems | linux, windows
MD5 | ecb767f339e1e826579cf905b76ad8f1
Posted Jan 31, 2002
Authored by Wh1sky

HTML brute force cracker. Now works on FreeBSD too..

tags | cracker
systems | freebsd
MD5 | 9adec4e0871f897102ba08231f1749f1
Posted Jan 31, 2002
Authored by Askin

WebStorm is an IP scanner for Windows which checks webserver versions. Features include Webserver type filtering, option to use a HTTP Proxy server for scans, and saving the list or just IP's in the list to a file.

tags | web
systems | windows
MD5 | 681a0ca1f28aed8bdcfc7f0d41f87556
Posted Jan 31, 2002
Authored by Condor

webi.c v4.0 - HTTP Request Packet Injection. This is a little program written in C, with which you can generate small http header and use all the apache methods. Tested on OpenBSD 3.0.

Changes: Added support for basic http authorization and automatic url encoding.
tags | web
systems | unix, openbsd
MD5 | 413b5e050ce221294e92686a2340fc3a
Posted Jan 31, 2002
Authored by Freestyler, Xor^SS | Site bsdh.dhs.org

RootX is a local Macintosh OS/X exploit for sudo. Must be in sudoers. The latest Client/Server (10.1.2) are affected.

tags | exploit, local
systems | apple, osx
MD5 | 4e32ba3a79c40f5908183ffc60896118
Page 1 of 1

File Archive:

January 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    2 Files
  • 2
    Jan 2nd
    0 Files
  • 3
    Jan 3rd
    20 Files
  • 4
    Jan 4th
    4 Files
  • 5
    Jan 5th
    37 Files
  • 6
    Jan 6th
    20 Files
  • 7
    Jan 7th
    4 Files
  • 8
    Jan 8th
    0 Files
  • 9
    Jan 9th
    0 Files
  • 10
    Jan 10th
    18 Files
  • 11
    Jan 11th
    8 Files
  • 12
    Jan 12th
    19 Files
  • 13
    Jan 13th
    31 Files
  • 14
    Jan 14th
    2 Files
  • 15
    Jan 15th
    2 Files
  • 16
    Jan 16th
    2 Files
  • 17
    Jan 17th
    18 Files
  • 18
    Jan 18th
    0 Files
  • 19
    Jan 19th
    0 Files
  • 20
    Jan 20th
    0 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    0 Files
  • 25
    Jan 25th
    0 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2020 Packet Storm. All rights reserved.

Security Services
Hosting By