what you don't know can hurt you
Showing 1 - 25 of 90 RSS Feed

Files Date: 2002-03-01 to 2002-03-31

Posted Mar 30, 2002
Authored by Gerald Combs | Site ethereal.com

Ethereal is a GTK+-based network protocol analyzer, or sniffer, that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and to give Ethereal features that are missing from closed-source sniffers. Screenshot available here. Lots of bugs were fixed, and new dissectors added.

tags | tool, sniffer, protocol
systems | unix
MD5 | 9ecd125c0ef321800fd799edc025d8e9
Posted Mar 30, 2002
Authored by Tim Lawless | Site sourceforge.net

StMichael is a LKM that attempts to detect and divert attempts to install a kernel-module backdoor into a running linux system. This is done by monitoring the init_module and delete_module process for changes in the system call table. Detects most modern LKM's, including KIS.

Changes: Really Immutable filesystem support for ext3 fs added, Added in Kernel Licensing Code to Identify the Kernel License for newer kernels, Backup kernel is now obscured from string searches using the weak crypt function, Added needed modifications to support the newer Alan Cox Kernels, with the different VM system, fixed lots of compilation issues, and better docs.
tags | kernel
systems | linux
MD5 | 16b42d7707d5dfa25214d8cd3768e7fa
Posted Mar 29, 2002

Microsoft Security Advisory MS02-15 - A cumulative patch for all versions of IE - 5.01, 5.5 and IE 6 has been released which eliminates two new serious vulnerabilities. The vulnerabilities include a bug in the handling of object tags that allows attackers to invoke an commands on the user's machine and a bug in the zone determination function that allows a script embedded in a cookie to be run in the Local Computer zone. Microsoft FAQ on this issue available here.

tags | local, vulnerability
MD5 | b42eee7060b86d4ae5846b0145e045ca
Posted Mar 29, 2002
Authored by Morgan

OpenSSH 2.9p* channel_lookup() off by one exploit. Tested against SuSE Linux 7.2 and FreeBSD 4.5-STABLE with OpenSSH 2.9p1 and p2. Based on OpenSSH-2.9p2 source.

tags | exploit
systems | linux, freebsd, suse
MD5 | ae4a56b17dda15f0c2b2ef133479a4e9
Posted Mar 28, 2002
Authored by Laurent Constantin | Site laurentconstantin.com

Lcrzoex is a toolbox for network administrators and network hackers. Lcrzoex contains over 200 functionalities using network library lcrzo. For example, one can use it to sniff, spoof, create clients/servers, create decode and display packets, etc. The Ethernet, IP, UDP, TCP, ICMP, ARP and RARP protocols are supported. Lcrzoex and lcrzo were successfully installed under Linux, FreeBSD and Solaris. This archive contains Lcrzo and Lcrzoex. Windows binaries available here.

Changes: Fixes to lcrzo_sock_udpmulser_virt and lcrzo_sock_udpmulser_real, and other minor changes.
tags | udp, spoof, tcp, protocol, library
systems | linux, windows, solaris, freebsd
MD5 | 9c36163a535653fea929bc0dde8feeb6
FreeBSD Security Advisory 2002.19
Posted Mar 28, 2002
Authored by The FreeBSD Project | Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-02:19 - The squid port prior to version 2.4_9 contains a heap overflow in the DNS processing which can be triggered by a DNS server.

tags | overflow
systems | freebsd
MD5 | 56fcd18f6322f43091a3af1f0136dc48
Posted Mar 27, 2002
Authored by Patrick Duane Dunston

Monitoring Network Traffic with Dsniff - This is a practical step by step guide showing how to use Dsniff, MRTG, IP Flow Meter, Tcpdump, NTOP, and Ngrep, and others. It also provides a discussion of how and why we should monitor network traffic. Updated version, sgml format.

tags | paper
MD5 | a88382cebd4c76a5098472547a4353ac
Posted Mar 25, 2002
Authored by Roelof Temmingh | Site sensepost.com

Sp_Quickkill scans internal networks for unpatched windows machines, IIS and SQL.

tags | exploit
systems | windows
MD5 | df1ed07f57c90114475fb5b2cedabf67
Posted Mar 25, 2002
Authored by Martin J. Muench | Site codito.de

ICMP-Chat is an encrypted console chat program that uses ICMP packets. ICMP-Chat uses enigma (crypt) for encryption. It is a peer-to-peer chat program that enables you to hide your chat or to chat through many firewalls.

Changes: any new features and major bugfixes. The domain has changed.
systems | unix
MD5 | 45c3108c943934428eaa51398c28f2e7
Nmap Scanning Utility 2.54 BETA 31
Posted Mar 23, 2002
Authored by Fyodor | Site insecure.org

Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings. Screenshot available here.

Changes: ICMP Timestamp and Netmask ping types have been added, fixed "grepable output" (-oG), mysterious and undocumented --scanflags option has been added, several Window bugs were fixed, new fingerprints were added, the nmap-services file was updated, and several bugs were fixed.
tags | tool, remote, udp, tcp, protocol, nmap
systems | unix
MD5 | f0d363b32bab910ea195502322a43cca
Posted Mar 23, 2002
Authored by Wojciech Purczynski | Site isec.pl

Libsafe protection against format string exploits may be easily bypassed using flag characters that are implemented in glibc but are not implemented in libsafe. Example exploit code included. Libsafe v2.0-12 fixes the issue.

MD5 | ae3258dbec3e23b524c615b29b7c6857
Posted Mar 23, 2002
Authored by Hellnbak | Site nmrc.org

RealSecure Network Intrusion Detection (NIDS) Version 6.0 running on Nokia appliances contains a test system named "starscream" and test user "skank" left behind in the ISS.ACCESS file as a KeyManager. This information can be used to push new pubkey files to the sensor, reconfigure or take control of the NIDS daemon and daemon components if a backend network is not used to communicate with the sensors.

MD5 | 7234ba8afcc78ffe1bf856ee8bf9d468
Posted Mar 22, 2002
Authored by Gregory Duchemin

Intellisol Xpede v4.1 and 7.1 contains two remote vulnerabilities which disclose user passwords. Workaround information included.

tags | remote, vulnerability
MD5 | f7a6e5cbaa67293b3fdacd0ad70fa034
Posted Mar 22, 2002
Authored by NTSleuth | Site ntsleuth.0catch.com

NetBIOS Enumeration Utility v2.0 is a utility for Windows which can be used to enumerate NetBios information from one single host or an entire class C subnet. The information that is enumerated includes the account lockout threshold, local groups and users, global groups and users, and shares. This utility will also perform password checking with the +use of a dictionary file. Runs on Windows NT 4.0/2000/XP.

Changes: Bug fixes.
tags | local
systems | windows, nt
MD5 | a606b7498943d3b29950151b2b988cd0
Posted Mar 22, 2002
Authored by Ory Segal

A vulnerability in the way the Windows versions of Apache parses batch files with cmd.exe allows remote users to execute commands on versions of Apache prior to 1.3.24 and 2.0.29-BETA. Exploit URL's included.

tags | exploit, remote
systems | windows
MD5 | 04bda8f5bf73eb6fe91b03b836198c35
Posted Mar 20, 2002
Authored by Gollum

Microsoft posted a security bulletin on this (ms99-040) way back in September 28, 1999; it is still exploitable if the html file is run from the users local disk and not from a webserver or file-share.

tags | exploit, local
MD5 | 93581200755ee08576317b5c3179619b
Posted Mar 20, 2002
Authored by Daniel | Site bastardo.de

IIS unicode strings.

tags | paper
MD5 | 5ca5c1a800a97c0d29679ce1f2a24a9d
Posted Mar 20, 2002
Authored by Solar Eclipse | Site phreedom.org

onesixtyone 0.3 is an efficient SNMP scanner which utilizes a sweep technique to achieve good performance. It finds SNMP devices on your network and brute-forces the community strings using a dictionary. It is possible to scan a class B network (65536 ip addresses) in under 13 minutes with a high degree of accuracy. Tested on Linux, FreeBSD, OpenBSD and Solaris.

Changes: This release includes portability enhancements.
tags | tool, scanner
systems | linux, unix, solaris, freebsd, openbsd
MD5 | 25b5366a68ff3dd777e99ddc230dc890
Posted Mar 20, 2002
Authored by Max Moser | Site remote-exploit.org

Wellenreiter is a GTK/Perl program that makes the discovery and the auditing of 802.11b wireless-networks much easier. It has an embedded statistics engine for the common parameters provided by the wireless drivers, enabling you to view details about the consistency and signal strength of the network. A scanner window can be used to discover access-points, networks, and ad-hoc cards. It detects essid broadcasting or non-broadcasting networks in every channel, automatically switching frequencies. Wellenreiter can run on low-resolution devices that can run GTK/Perl and Linux/BSD (such as iPaqs).

Changes: Added WEP enabled / disabled detection. WEP encrypted enabled access points now get a different icon coloring that non WEP enabled ones. Real access points got different icons than AD-Hoc stations that do the broadcasting. Added a battery monitor window. Enhanced the scanner window performance. Fixed the problem of adding of access point in the tree outside the channels.
tags | tool, perl, wireless
systems | linux, bsd
MD5 | c7b6218422c48f754b6f8fcac697e0ef
Posted Mar 20, 2002
Authored by Jamie Zawinski | Site jwz.org

XScreenSaver is a modular screen saver and locker for the X Window System. It is highly customizable and allows the use of any program that can draw on the root window as a display mode. It is also more stable than xlock.

Changes: Fixes for a few minor memory leaks, new hacks (cubenetic and fluidballs), new versions of pipes, glplanet, bsod, forest, and bumps, and better FPS computation in the GL hacks.
tags | root
systems | unix
MD5 | ea0deb9c38cae11b89ea3dd5c0a04540
Posted Mar 20, 2002
Authored by twlc, Yaroze | Site twlc.net

Mod_protection is an apache module that integrate basic function of an IDS (intrusion detection system) and of a firewall (just an emulation for now). Your apache administrator have only to install mod_protection and define rules. A normal NIDS can't check SSL protected traffic, where mod_protection can. When a malicious client sends a request that matches on your rules the administrator will be warned and the client gets a user defined page or a error or warning.

Changes: Three new directives - BlockTime, PairAlert, and PairAlertMatch. Blocktime does firewall emulation. Updated docs. Rules are now in an external file.
MD5 | 021f1fcdf44ec86204c47ee92eca0a2b
Posted Mar 20, 2002
Site legions.org

IP Sorcery is a TCPIP packet generator which allows you to send TCP, UDP, and ICMP packets with a GTK+ interface.

Changes: Added the ability to the console version to specify number of packets to send. Many cool feature enhancements were added.
tags | udp, tcp
systems | unix
MD5 | 61a5f1f2450ee8d5e04fe5bfa61e75bc
Posted Mar 20, 2002
Authored by Laurent Constantin | Site laurentconstantin.com

Lcrzoex is a toolbox for network administrators and network hackers. Lcrzoex contains over 200 functionalities using network library lcrzo. For example, one can use it to sniff, spoof, create clients/servers, create decode and display packets, etc. The Ethernet, IP, UDP, TCP, ICMP, ARP and RARP protocols are supported. Lcrzoex and lcrzo were successfully installed under Linux, FreeBSD and Solaris. This archive contains Lcrzo and Lcrzoex. Windows binaries available here.

Changes: Added support for serial line modems, the ability to spoof without having to specify an IP option (tools 298-307), the ability to create UDP/TCP clients/servers without having to specify an IP option (tools 308-315), TCP/UDP/ICMP traceroute at the IP level (tools 316-18), ICMP/TCP ping at the IP level (tools 319-20), TCP/UDP/ICMP scans at the IP level (tools 322-4), and the ability to edit binary files (tools 325-6) were added. Files not being renamed when the input and output files were the same has been fixed (tools 149-50).
tags | udp, spoof, tcp, protocol, library
systems | linux, windows, solaris, freebsd
MD5 | 9f8a12f7185ba3cecff8628151a09570
Posted Mar 20, 2002
Authored by Nyo, Jade

FreeBSD rootkit precompiled binaries for 4.2-RELEASE.

tags | tool, rootkit
systems | unix, freebsd
MD5 | 3ba84e13541e99d8356dd119efc33c1e
Samhain File Integrity Checker
Posted Mar 20, 2002
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, tamper-resistant log file, and syslog) are available. Tested on Linux, AIX 4.1, HP-UX 10.20, Unixware 7.1.0, and Solaris 2.6.

Changes: Fixes a compile error with --enable-xml on non-Linux systems and a problem with the hiding kernel module on new Linux kernels has been fixed (files were hidden, but the samhain process was visible).
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
MD5 | b7a160b89e91821412b9e7d6404cf8dd
Page 1 of 4

File Archive:

July 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    13 Files
  • 2
    Jul 2nd
    12 Files
  • 3
    Jul 3rd
    1 Files
  • 4
    Jul 4th
    2 Files
  • 5
    Jul 5th
    34 Files
  • 6
    Jul 6th
    21 Files
  • 7
    Jul 7th
    21 Files
  • 8
    Jul 8th
    13 Files
  • 9
    Jul 9th
    6 Files
  • 10
    Jul 10th
    1 Files
  • 11
    Jul 11th
    3 Files
  • 12
    Jul 12th
    15 Files
  • 13
    Jul 13th
    19 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    15 Files
  • 16
    Jul 16th
    9 Files
  • 17
    Jul 17th
    2 Files
  • 18
    Jul 18th
    2 Files
  • 19
    Jul 19th
    19 Files
  • 20
    Jul 20th
    21 Files
  • 21
    Jul 21st
    53 Files
  • 22
    Jul 22nd
    14 Files
  • 23
    Jul 23rd
    14 Files
  • 24
    Jul 24th
    1 Files
  • 25
    Jul 25th
    1 Files
  • 26
    Jul 26th
    21 Files
  • 27
    Jul 27th
    8 Files
  • 28
    Jul 28th
    9 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2020 Packet Storm. All rights reserved.

Security Services
Hosting By