what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 18 of 18 RSS Feed

Files Date: 2002-01-31

Posted Jan 31, 2002
Authored by fryxar

Tunnelshell is a client-server backdoor which uses fragmented packets to traverse firewalls. Written in C, tested on Linux.

tags | tool, rootkit
systems | linux, unix
SHA-256 | cad32eeada78f1ea9cbd18a6eec29d4d5a74e7a4359cc941b571364ca2498d29
Posted Jan 31, 2002
Authored by Vic Abell

Lsof is an extremely powerful unix diagnostic tool. Its name stands for LiSt Open Files, and it does just that. It lists information about any files that are open by processes currently running on the system. It easily pinpoints which process is using each network connection / open port. FAQ available here.

Changes: Adds support for FreeBSD 4.5 and 5, makes Linux lsof handle file sizes greater than 32 bits, supports Solaris 9 BETA-Refresh, and permits NetBSD and OpenBSD lsof compilation when system sources are absent.
tags | tool, intrusion detection
systems | unix
SHA-256 | c998f200faef5821fde15c1b767260fa0f25665a10da539bf14771e058498261
Posted Jan 31, 2002

Microsoft Security Advisory - A vulnerability in the trust relationships between Windows NT or Windows 2000 domains allow attackers to insert SID's of his choice into the authorization data at the trusted domain, he could elevate his privileges to those associated with any desired user or group, including the Domain Administrators group for the trusting domain. Microsoft FAQ on this issue available here.

systems | windows
SHA-256 | aea549b863534dc20171daf7a828fe0e60c7f94a84c5929a495c20d4665d8914
Posted Jan 31, 2002
Authored by Null Byte Security | Site home.tampabay.rr.com

NetGear RO318 HTTP Filter Advisory - The firmware does not check URL's well enough and will send out restricted content if given a malformed URL. Includes perl exploit.

tags | exploit, web, perl
SHA-256 | 6e07fabd2f010c02fcaec5a1372c9f6341cee8b1bd9566de7cbd913ccf7a0bbc
Posted Jan 31, 2002
Authored by rain forest puppy | Site wiretrip.net

RFP2201 - MS Site Server Evilness. Security considerations to keep in mind when using Site Server 3.0. Includes info on a LDAP_Anonymous account w/ default password, information leakage and more via administrative pages, information leakage via _mem_bin pages, Cross-site scripting in various files, anonymous LDAP access, user publishing of files, Content publishing (cphost.dll) issues, and more.

tags | xss
SHA-256 | b2d879527af4c0745a0200f6764a9f8cc7188c198d4129e7315d2cc73fe7ec08
Posted Jan 31, 2002
Authored by NTSleuth | Site ntsleuth.0catch.com

NBTEnum 1.1 is a utility for Windows which can be used to enumerate one single host or an entire class C subnet. This utility can run in two modes: query and attack. The main difference between these modes is that when NBTEnum is running in attack mode it will seek for blank password and for passwords that are the same as the username but then in lowercase letters.

Changes: Dictionary attack added, now does enumeration of NT version and Service Pack level, AutoAdminLogon detection, WinVNC encrypted password extraction, and Enumeration of NT services.
systems | windows
SHA-256 | 22675fb728824e56d9bcf0846c4cf3213d6a7b360de88e654c36d018b6115f9c
Posted Jan 31, 2002
Authored by Bill Reilly | Site denmarket.dk

Port Scanning: Is it illegal? This paper discusses the one federal court ruling on this point.

tags | paper
SHA-256 | d953aed84b17bf0bfc1516817b7b83a26b86bc83564dee0cc846e17efcdf9723
Posted Jan 31, 2002
Authored by Bill Reilly | Site denmarket.dk

Write Code Go to Jail: A look at the DMCA criminal liability for non-US software developers.This article will explain the relevant criminal provisions of the DMCA, and explore how the US Attorney has applied the law to foreign software developers. Finally, taking both into consideration, I will suggest theoretical suggestions for non-US firms facing such dilemmas.

tags | paper
SHA-256 | 89d04ff0df31286a8ad49ce73fa3250dc08070a52936c9d072202ba9dc694ced
Posted Jan 31, 2002
Authored by Bill Reilly | Site denmarket.dk

The Impact of the USA Patriot Act on Network Security Practice - The patriot act contains some of the most substantial changes to U.S. federal cybercrime laws since the last major revisions of 1996. Many of these changes will have a direct impact on the way networked firms prepare and react to cybercrime incidents.

tags | paper
SHA-256 | 2e606400bdc9a1ca4683b05b6a9d12e07493064e660d390022d45736e35a273c
Posted Jan 31, 2002
Authored by Robert Anthony Rota

Windows 2000 Group Policy may be disabled by locking the policy files. Microsoft does not have sufficient plans to replace the system files to fix this problem so we developed an application that can be run on a domain to search for Group Policy files and lock them. Once the Group Policy files are locked the subsequent logins will attempt to read the Group Policy Objects but will not be able to so the Group Policies will not be propagated to the user or the machine. This can be a serious problem depending on the domain's reliance on Group Policy. More info on Windows group policy available here.

systems | windows
SHA-256 | 08873f4daedde8af20b491a031c88b5ed48e299ef4fdd37c545f5587e0dd1632
Posted Jan 31, 2002

A program to brute force valid Newspro logins/passwords by wh1sky

tags | cracker
SHA-256 | f9aa545b467315dff2fd79553b738fef828cbdbe42a8711c021d67f2bbf65bd3
Posted Jan 31, 2002

A program to brute force valid POP3 logins/passwords by wh1sky

tags | cracker
SHA-256 | 43fd1bea3dded75a79078cea2c014e2432181f31c8d09e352cc96daecd26fb9a
Posted Jan 31, 2002
Site nipc.gov

Find_ddos v4.2 (linux) - The NIPC has developed a tool to assist in combating ddos agents. The tool scans a local system that is either known or suspected to contain a DDOS program. The tool will detect several known denial-of-service attack tools including tfn2k client, tfn2k daemon, trinoo daemon, trinoo master, tfn daemon, tfn client, stacheldraht master, stacheldraht client, stachelddraht demon and tfn-rush client. Solaris version also available.

tags | denial of service, local
systems | linux, solaris
SHA-256 | 63805d1dc1a201e9c5c99849a4f4092d618ba023fbae47f723f306c23a32ca93
Posted Jan 31, 2002
Site sentinelchicken.com

Realplayer 8 for Windows and Linux has a remote heap overflow vulnerability. A malformed .rm file can overwrite data on the stack. Patch available here.

tags | remote, overflow
systems | linux, windows
SHA-256 | b917d88157f66ffde952ca6041c17c3ce8bbd5bf82563f46625c70a973b99d1b
Posted Jan 31, 2002
Authored by Wh1sky

HTML brute force cracker. Now works on FreeBSD too..

tags | cracker
systems | freebsd
SHA-256 | 3abedd80ce3a61d3cd68111b720ae33ded935ede869c9e101fd0f0df622e4eeb
Posted Jan 31, 2002
Authored by Askin

WebStorm is an IP scanner for Windows which checks webserver versions. Features include Webserver type filtering, option to use a HTTP Proxy server for scans, and saving the list or just IP's in the list to a file.

tags | web
systems | windows
SHA-256 | ec682d288a4efabd96ba578d5c5aa64cc3aaaf8a8b33c04664889e2ee9259621
Posted Jan 31, 2002
Authored by Condor

webi.c v4.0 - HTTP Request Packet Injection. This is a little program written in C, with which you can generate small http header and use all the apache methods. Tested on OpenBSD 3.0.

Changes: Added support for basic http authorization and automatic url encoding.
tags | web
systems | unix, openbsd
SHA-256 | 1bc4348379adda6b20ffada3c43e1081b631e32690beaa03eefdffa7eda5a976
Posted Jan 31, 2002
Authored by Freestyler, Xor^SS | Site bsdh.dhs.org

RootX is a local Macintosh OS/X exploit for sudo. Must be in sudoers. The latest Client/Server (10.1.2) are affected.

tags | exploit, local
systems | apple, osx
SHA-256 | 5ff52f6f3dfb5450eff58fc0b23c0c8073986283f4a01a42ace3f525d0299178
Page 1 of 1

File Archive:

May 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    44 Files
  • 2
    May 2nd
    5 Files
  • 3
    May 3rd
    11 Files
  • 4
    May 4th
    0 Files
  • 5
    May 5th
    0 Files
  • 6
    May 6th
    28 Files
  • 7
    May 7th
    3 Files
  • 8
    May 8th
    4 Files
  • 9
    May 9th
    54 Files
  • 10
    May 10th
    12 Files
  • 11
    May 11th
    0 Files
  • 12
    May 12th
    0 Files
  • 13
    May 13th
    17 Files
  • 14
    May 14th
    11 Files
  • 15
    May 15th
    17 Files
  • 16
    May 16th
    13 Files
  • 17
    May 17th
    22 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    17 Files
  • 21
    May 21st
    18 Files
  • 22
    May 22nd
    7 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2022 Packet Storm. All rights reserved.

Security Services
Hosting By