Fenris is a multipurpose tracer, stateful analyzer and partial decompiler intended to simplify bug tracking, security audits, code, algorithm, protocol analysis and computer forensics by providing a structural program trace, general information about internal constructions, execution path, memory operations, I/O, conditional expression info, and much more. A small demonstration how this tool works can be found here.
3a78f90ba3e009725dd21c6697b5a180836d3047bf155818439009389e28658fPrelude Manager is the main program of the Prelude Hybrid IDS suite. It is able to register local or remote sensors, let the operator configure them remotely, receive alerts, and store alerts in a database or any format supported by reporting plugins, thus providing centralized logging and analysis.
b29cdf617272528050d7c6a56f3b81e73bc4b8d10fb00c36bb836d516a8b9ed2The cipherfunk Patched Linux Kernels provide patch sets that focus on security enhancements, optimizations, and bugfixes to the current stable Linux Kernel. They are suitable for workstation or high-end server use in both production and development environments.
015549805cd93b1c000dc5e0954cb5572d41bfb622b656a96d3d28ad2a140148Pirch98 irc client contains a buffer overflow which can allow remote code execution in the way that pirch 98 handles links to other channels and websites. The Pirch98 client now shipping at www.pirch.com has been fixed. Includes ASM source and Windows binary for an exploit which opens a shell on port 31337.
7f56a90b8c077c19b9858745896eff56d0f85ffba292c9b650caa1e0a5c2dc2cSPIKE is an attempt to write an easy to use generic protocol API that helps reverse engineer new and unknown network protocols. It features several working examples. Includes a web server NTLM Authentication brute forcer and example code that parses web applications and DCE-RPC (MSRPC). SPIKE Blackhat talk available here.
a03cde9d9e6a0610628520b29ddaca21cfc758c0f5b56e014e242ef63cc09f87Internet Security Systems (ISS) X-Force has discovered multiple vulnerabilities in the Polycom ViewStation videoconferencing products. The ViewStation devices are powered by a proprietary operating system that includes Web, Telnet, and FTP servers.
0e9546d6ec69efb53f99fa0cb060c52d2a61dadc43f6032a89ce7704eb741851Microsoft Security Advisory MS02-049 - Users who have installed Visual FoxPro 6.0 are vulnerable to a remote command execution vulnerability through IE web browsing or HTML email messages.
6b67c9f54b77e52f8fbcc000c1311cd097f7f6c82e7190ed8224098f6139389eThe Finjan SurfinGate 6.0x on Windows NT 4.0 and 2000 can be bypassed by using IP addresses instead of hostnames or by adding a dot to the end of hostnames.
4fa5d59bbbd1bd8b2389b2c4cb99be00484375ec2b2ac05ca31117b4d560714eSmtpscan is a tool to guess which MTA is used by sending several "special" SMTP requests and by comparing error codes returned with those in the fingerprint database. It does not take into account banners. A document describing the fingerprinting method implemented in smtpscan is available here.
52359335730c657d81e7451cc2dac2e629bf087a11639db3cc93a71f74f7a39aSloggi is a thin loadable kernel module for the Solaris Operating Environment (OE) 8 and 9 which allows the administrator to change the name, the release, and the version of the operating system on a running system by intercepting the uname() system call.
7c182633a5eedfce174ca3165fdd754703441b3350f3c359e1e91739a0b9c33eFake AP 0.3 generates counterfeit 802.11b beacon frames with random ESSID, BSSID (MAC), and channel assignments. Wardriving tools like Kismet or NetStumbler will see thousands of Access Points pop up on their screens. Fake AP can be used on its own, as part of a wireless honeypot, or form a component of an 802.11b security architecture. Runs on Linux and requires a Prism2/2.5/3 based 802.11b card and the HostAP drivers.
08256b0be5eb118ea716321f3fa2820e8a32acec38600ebf18234dcdf5e1270bIISscan2002.pl scans for over 97 IIS strings and gets past certain IIS 4 an IIS 5 unicode charter set hot fixes as well as the ability to get cmd.exe access on open IIS servers vulnerable to the unicode flaw.
b0571b231b6644da0fc73cb7b9367a205c6c4c4f2074d3b9d6b0ae366125c6f9Wellenreiter is a GTK/Perl program that makes the discovery and auditing of 802.11b wireless networks much easier. It has an embedded statistics engine for the common parameters provided by wireless drivers, enabling you to view details about the consistency and signal strength of the network. Its scanner window can be used to discover access-points, networks, and ad-hoc cards. Records the network location with GPS support. The unique essid-brute forcer helps to get the essid of low-traffic networks. Wellenreiter works on handhelds that can run GTK/Perl and Linux/BSD (such as iPaqs). All the major wireless cards are supported. Random MAC switching when joining a wireless network hides your real MAC to the access point, a unique feature.
318dfc344fe5fce00bbdf0cec30bf43dbabc7e898e5f404a51fe76199edfeae0Pwck local linux buffer overflow exploit. Tested on Mandrake 8.2.
fa3f2ddf78013d48703efa19452ce9f8e3c69395f423649d3359d47dbfe38e6cDOSnet.c is a ddos script which runs from root and connects to an IRC network to take commands via ctcp.
810ec57269166a34419a04f48d96542b7b5390830ab053a935466d5db09e24b3Slog.c is a simple linux keystroke logger without function hooking. Tested on Redhat 7.2.
2c78e3a0f9e7cb2423fb65dd3e528fdf1b352a5d5ff0278632bb6128b7e40069Arirang is a powerful webserver security scanner with many features. Checks over 700 vulnerabilities including the apache chunking bug, IIS .ida buffer overflow, and more. Documentation available here.
b8d848cad587118bc1d7166814f658e7a6733aed7b90093e735b296be0896ed5SQLScan v1.0 is intended to run against Microsoft SQL Server and attempts to connect directly to port 1433. Features the ability to scan one host or an IP list from an input file, the ability to scan for one SQL account password or multiple passwords from a dictionary file, and the ability to create an administrative NT backdoor account on vulnerable hosts, which will fail if xp_cmdshell is disabled on the server.
d8f864782dc141099952736569998f1bb300c12102a7fc69727fdf6775d7cfc9Checkpoint Firewall-1 SecuRemote IKE usernames can be guessed or sniffed using IKE exchange and can be guessed separately from the password. Firewall-1 versions 4.0 SP 7, 4.1 SP2, 4.1 SP6, NG Base, NG FP1 and NG FP2 allow username guessing using IKE aggressive mode.
5a400ed8f87e890c92da75c23f927c0c3da387065ed5af4a3ab88c33d6c785a6
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed