Twenty Year Anniversary
Showing 1 - 19 of 19 RSS Feed

Files Date: 2002-09-05

Posted Sep 5, 2002
Authored by Michal Zalewski | Site

Fenris is a multipurpose tracer, stateful analyzer and partial decompiler intended to simplify bug tracking, security audits, code, algorithm, protocol analysis and computer forensics by providing a structural program trace, general information about internal constructions, execution path, memory operations, I/O, conditional expression info, and much more. A small demonstration how this tool works can be found here.

Changes: Includes some fixes and enhancements, including bugfixes to the build process and companion tools.
tags | protocol
MD5 | c5d8079bd95aaf61fb13a5a4e4ac8d82
Posted Sep 5, 2002

Prelude Manager is the main program of the Prelude Hybrid IDS suite. It is able to register local or remote sensors, let the operator configure them remotely, receive alerts, and store alerts in a database or any format supported by reporting plugins, thus providing centralized logging and analysis.

Changes: Bugs fixed, and corrects OpenSSL, PgSQL, and MySQL detection.
tags | tool, remote, local, intrusion detection
systems | unix
MD5 | 3021934c7782b155cf240c75519aaf46
Posted Sep 5, 2002
Authored by Paul Drain | Site

The cipherfunk Patched Linux Kernels provide patch sets that focus on security enhancements, optimizations, and bugfixes to the current stable Linux Kernel. They are suitable for workstation or high-end server use in both production and development environments.

Changes: Includes several bug and compile fixes. Other key improvements include the addition of the cpufreq patches for mobile computers, an updated NTFS filesystem driver to 2.1.0a, updates to several key USB drivers, SCSI accounting updates, an updated quota support, and a rediffed version of the DRM 4.2.0 patch.
tags | kernel, patch
systems | linux, unix
MD5 | 2233d2d70caea1f2687b30c336d75444
Posted Sep 5, 2002
Authored by vecna

Pirch98 irc client contains a buffer overflow which can allow remote code execution in the way that pirch 98 handles links to other channels and websites. The Pirch98 client now shipping at has been fixed. Includes ASM source and Windows binary for an exploit which opens a shell on port 31337.

tags | exploit, remote, overflow, shell, code execution
systems | windows
MD5 | 4828fff9ebe60b2e0057cb601748011c
Posted Sep 5, 2002
Authored by Dave Aitel | Site

SPIKE is an attempt to write an easy to use generic protocol API that helps reverse engineer new and unknown network protocols. It features several working examples. Includes a web server NTLM Authentication brute forcer and example code that parses web applications and DCE-RPC (MSRPC). SPIKE Blackhat talk available here.

Changes: Added SunRPC fuzzing, integer fuzzing, crawling support for SPIKE Proxy, unicode support, and many other features.
tags | web, protocol
systems | unix
MD5 | 689aec876da579da59dfb1f6fe608d0e
Posted Sep 5, 2002
Authored by Jeff Horne | Site

ISS Security Advisory - Polycom ViewStation videoconferencing products contain several remote vulnerabilities which allow attackers to gather information about the device, retrieve files, crash the device, and monitor videoconferences. Polycom ViewStation 7.2 and earlier and Polycom ViewStation FX/VS 4000 version 4.1.5 and below are affected.

tags | remote, vulnerability
advisories | CVE-2002-0626, CVE-2002-0627, CVE-2002-0628, CVE-2002-0629, CVE-2002-0630
MD5 | 4aa04177e96055df305f827067346d7c
Posted Sep 5, 2002

Microsoft Security Advisory MS02-049 - Users who have installed Visual FoxPro 6.0 are vulnerable to a remote command execution vulnerability through IE web browsing or HTML email messages.

tags | remote, web
MD5 | 91839578fa4e03aea6f2faec69c2fed9
Posted Sep 5, 2002
Authored by Marc Ruef | Site

The Finjan SurfinGate 6.0x on Windows NT 4.0 and 2000 can be bypassed by using IP addresses instead of hostnames or by adding a dot to the end of hostnames.

tags | exploit
systems | windows, nt
MD5 | 1458603dc6c13802ef082062b929b537
Posted Sep 5, 2002

Smtpscan is a tool to guess which MTA is used by sending several "special" SMTP requests and by comparing error codes returned with those in the fingerprint database. It does not take into account banners. A document describing the fingerprinting method implemented in smtpscan is available here.

tags | tool, scanner
systems | unix
MD5 | f8b205bb95ffde199062f52fb2bb4974
Posted Sep 5, 2002

Sloggi is a thin loadable kernel module for the Solaris Operating Environment (OE) 8 and 9 which allows the administrator to change the name, the release, and the version of the operating system on a running system by intercepting the uname() system call.

tags | kernel
systems | unix, solaris
MD5 | beaaa73dd936769e01f3e377e87afbbd
Posted Sep 5, 2002

Fake AP 0.3 generates counterfeit 802.11b beacon frames with random ESSID, BSSID (MAC), and channel assignments. Wardriving tools like Kismet or NetStumbler will see thousands of Access Points pop up on their screens. Fake AP can be used on its own, as part of a wireless honeypot, or form a component of an 802.11b security architecture. Runs on Linux and requires a Prism2/2.5/3 based 802.11b card and the HostAP drivers.

Changes: Added WEP capability and option to vary the Tx power.
tags | tool, wireless
systems | linux
MD5 | d5967111f6a7d396398fb46203c83b5a
Posted Sep 5, 2002
Authored by Thomas O'Connor | Site scans for over 97 IIS strings and gets past certain IIS 4 an IIS 5 unicode charter set hot fixes as well as the ability to get cmd.exe access on open IIS servers vulnerable to the unicode flaw.

tags | cgi
systems | unix
MD5 | 8e660cf2c10b6fc3f34c06024fbd8443
Posted Sep 5, 2002
Authored by Team | Site

Wellenreiter is a GTK/Perl program that makes the discovery and auditing of 802.11b wireless networks much easier. It has an embedded statistics engine for the common parameters provided by wireless drivers, enabling you to view details about the consistency and signal strength of the network. Its scanner window can be used to discover access-points, networks, and ad-hoc cards. Records the network location with GPS support. The unique essid-brute forcer helps to get the essid of low-traffic networks. Wellenreiter works on handhelds that can run GTK/Perl and Linux/BSD (such as iPaqs). All the major wireless cards are supported. Random MAC switching when joining a wireless network hides your real MAC to the access point, a unique feature.

Changes: Added update docs, now works on newer lucent cards, faster load process, added a quick hack of a network and access point counter in status bar, added a night color feature, maps can now be exported, and bugs were fixed. Full changelog available here.
tags | tool, perl, wireless
systems | linux, bsd
MD5 | 87cfe6cb838535dab66be348aed40228
Posted Sep 5, 2002
Authored by Tacettin Karadeniz

Pwck local linux buffer overflow exploit. Tested on Mandrake 8.2.

tags | exploit, overflow, local
systems | linux, mandrake
MD5 | 5bf12aa6da163e5d29f5c86199ba3290
Posted Sep 5, 2002
Authored by Thomas O'Connor | Site

DOSnet.c is a ddos script which runs from root and connects to an IRC network to take commands via ctcp.

tags | denial of service, root
MD5 | ccb171ef33fc0b55ab93d94d2c24b1bb
Posted Sep 5, 2002
Authored by Slacko

Slog.c is a simple linux keystroke logger without function hooking. Tested on Redhat 7.2.

systems | linux, redhat
MD5 | 1527a47b813bd458beebc7b2d9ffad18
Posted Sep 5, 2002
Authored by Pilot | Site

Arirang is a powerful webserver security scanner with many features. Checks over 700 vulnerabilities including the apache chunking bug, IIS .ida buffer overflow, and more. Documentation available here.

tags | overflow, cgi, vulnerability
systems | unix
MD5 | 286cff103eef8a264fefb481230fd9cf
Posted Sep 5, 2002
Authored by NTSleuth

SQLScan v1.0 is intended to run against Microsoft SQL Server and attempts to connect directly to port 1433. Features the ability to scan one host or an IP list from an input file, the ability to scan for one SQL account password or multiple passwords from a dictionary file, and the ability to create an administrative NT backdoor account on vulnerable hosts, which will fail if xp_cmdshell is disabled on the server.

tags | exploit
MD5 | 6e80ac480a5081c6d7b2b7381a02f471
Posted Sep 5, 2002
Authored by Roy Hills | Site

Checkpoint Firewall-1 SecuRemote IKE usernames can be guessed or sniffed using IKE exchange and can be guessed separately from the password. Firewall-1 versions 4.0 SP 7, 4.1 SP2, 4.1 SP6, NG Base, NG FP1 and NG FP2 allow username guessing using IKE aggressive mode.

MD5 | 6b2ca1b67b3b84ed7635d156869d2cab
Page 1 of 1

File Archive:

December 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    11 Files
  • 2
    Dec 2nd
    1 Files
  • 3
    Dec 3rd
    18 Files
  • 4
    Dec 4th
    40 Files
  • 5
    Dec 5th
    16 Files
  • 6
    Dec 6th
    50 Files
  • 7
    Dec 7th
    12 Files
  • 8
    Dec 8th
    1 Files
  • 9
    Dec 9th
    1 Files
  • 10
    Dec 10th
    15 Files
  • 11
    Dec 11th
    30 Files
  • 12
    Dec 12th
    25 Files
  • 13
    Dec 13th
    15 Files
  • 14
    Dec 14th
    14 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2018 Packet Storm. All rights reserved.

Security Services
Hosting By