exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 26 RSS Feed

Files Date: 2002-09-20

Posted Sep 20, 2002
Site dyatlov.ru

Wsh is a remote UNIX shell that works via HTTP. The client script provides a shell-like prompt, encapsulating user commands into HTTP POST requests and sending them to the server script. The server script extracts and executes commands and returns STDOUT and STDERR output. Features include command line history support, file upload/download, and it can work through an HTTP proxy server.

Changes: Fixed bugs.
tags | remote, web, shell, file upload
systems | unix
SHA-256 | d778cfad8fe9cd4984360d7fde1d073a5c62594e05b81265830cf21f00b1e303
Posted Sep 20, 2002
Authored by Joker | Site daforest.org

Efstool local root exploit which works against Redhat 7.3.

tags | exploit, local, root
systems | linux, redhat
SHA-256 | fc58920909390e466bdff6c7022d3d2d779ddd56de80c9aa9dfad48f12929155
Openwall Linux Kernel Patch
Posted Sep 20, 2002
Authored by Solar Designer | Site openwall.com

The Openwall Linux kernel patch is a collection of security "hardening" features for the Linux kernel which can stop most 'cookbook' buffer overflow exploits. The patch can also add more privacy to the system by restricting access to parts of /proc so that users may not see what others are doing. Also tightens down file descriptors 0, 1, and 2, implements process limits and shared memory destruction.

Changes: Updated for Kernel v2.2.22.
tags | overflow, kernel
systems | linux
SHA-256 | 528bce1080424a31cd75d58767c939449c114e6a662d62e98ae74c66a1129bcd
Posted Sep 20, 2002
Authored by Hank Leininger | Site TheAIMSGroup.com

HAP-Linux is a collection of security related patches which are designed to be applied after Solar Designers Openwall patches are installed. Changes include some extra information in the printks, and the ability to allow hard links to files you don't own which are in your group, and the ability to follow links & pipes in +t directories if they are not world-writable. This is useful for getting various daemons to run chrooted as a non-root user, and some secure drop- directory stuff.

Changes: This release has been synchronized with kernel 2.2.22 and Openwall 2.2.22-ow1.
tags | root, patch
systems | linux, unix
SHA-256 | d20cc21047b544d7f0a2e9c047049768d120ab55d0feadb777455e4a62ac0ca2
Posted Sep 20, 2002
Authored by Paul Drain | Site cipherfunk.org

The cipherfunk Patched Linux Kernels provide patch sets that focus on security enhancements, optimizations, and bugfixes to the current stable Linux Kernel. They are suitable for workstation or high-end server use in both production and development environments.

Changes: Features the addition of UML support and IRQ balancing, a fix to the elevator tuning patch to allow fairness between parallel processes, several new driver and filesystem updates, and new compile fixes for the framebuffer and agpgart drivers.
tags | kernel, patch
systems | linux, unix
SHA-256 | 37f4484d70c789b143522624938dc6144a3abab6e46224fdf83093a4c17a4c9a
Posted Sep 20, 2002
Site intersectalliance.com

SNARE (System iNtrusion Analysis and Reporting Environment) is a loadable kernel module and daemon that provide a host intrusion detection facility and C2-style auditing/event logging capability for Linux similar to the Basic Security Module (BSM) for Solaris.

Changes: Core package was restructured, leading to better stability under extreme audit loads. Many changes recommended by the RedHat kernel team have been implemented.
tags | kernel
systems | linux, solaris
SHA-256 | c74c1c5112557a48cc3956fdc4ed792e1df40853a3998db778b1e0df83977eeb
Posted Sep 20, 2002
Site sourceforge.net

Single Honeypot simulates many services - SMTP, HTTP, shell, and FTP. It can pretend to be many OS's, such as Windows FTP systems, Windows SMTP systems, different Linux distributions, and some Posix distributions.

Changes: Pop3 target added and commands of the SMTP target have been added and modified.
tags | tool, web, shell, intrusion detection
systems | linux, windows, unix, osx
SHA-256 | 7dad16d66c29a95ba1e3e9264d36977273af7bd19f478539d5b254aa78302492
Posted Sep 20, 2002
Site sourceforge.net

AIM Sniff is a utility for monitoring and archiving AOL Instant Messenger messages across a network which has the ability to do a live dump (actively sniff the network) or read a PCAP file and parse the file for IM messages. You also have the option of dumping the information to a MySQL database or STDOUT. AIM Sniff will also monitor for an AIM login and then perform an SMB lookup on the originating computer in order to match NT Domain names with AIM login names (handles). A basic Web frontend is included.

Changes: Message parsing has been improved again. The Web frontend had a lot of features put into it, including sorting by the various headings, getting SMB info (if it's in the database) by clicking on a name, multiple pages so that you don't see just the last 50 or so messages, and the ability to adjust how many messages are displayed per screen.
tags | tool, web, sniffer
SHA-256 | 60f1864b3854048b5d19c1299eb05153a1d3c9a7a15ab8becab045228461a740
Posted Sep 20, 2002
Authored by Grupo de Seguranca | Site inf.ufrgs.br

SOFFIC is a Linux kernel patch for kernel 2.4.18 that provides file integrity control integrated into the normal system operation, on-the-fly. It checks a file's integrity each time a monitored file is opened for reading or execution, and issues a warning if it is found to be invalid. It protects against rootkits, backdoors, worms, viruses, Web defacement, unauthorized installation and use of new software, and much more.

Changes: Includes a lot of code cleanups and a completely new syntax for the Hash List description.
tags | worm, web, kernel, patch
systems | linux, unix
SHA-256 | 2063dc3d456ab6d0c6bcea1d44e61d352a87fc81ffa3f80061768a5feeeb91a7
Posted Sep 20, 2002
Authored by David Endler, Euan Briggs | Site idefense.com

iDEFENSE Security Advisory 09.18.2002 - Three locally exploitable buffer overflows have been found in older versions of Tru64/OSF1. The -s parameter to the uucp utility can give local root, as can inc mail and dxterm.

tags | overflow, local, root
SHA-256 | 613c7847d1e5ec418d42614e0651bd7d1c878053db6ad2a0af3bc69ad0dbbcc2
Posted Sep 20, 2002
Site abtrusion.com

Microsoft Windows NT, 2000 and XP do not check execution rights correctly before allowing 16-bit executables to load, allowing users to run 16 bit apps even if the execution permission is denied. More information available here.

systems | windows
SHA-256 | 6964e798605925a0df1a108eaea05a0cb0dce6760bfeb63b5160218271793347
Posted Sep 20, 2002
Authored by Brian Carrier | Site atstake.com

The @stake Sleuth Kit (TASK) is an open source forensic toolkit for a complete analysis of Microsoft and UNIX file systems. TASK enables investigators to identify and recover evidence from images acquired during incident response or from live systems. Features the ability to analyze images generated by the 'dd' utility, Supports the NTFS, FAT, FFS, and EXT2FS file systems, 14 command line tools that allow the user to control what data is processed and presented, identify deleted files by name and location, and create time lines of file activity to identify files and directories to analyze.

Changes: Fixed some bugs and memory leaks, added a bigger magic file, and a new feature allows us to reflect what the maximum possible MFT entry is at that given point based on how many attribute lists have been processed.
tags | tool
systems | unix
SHA-256 | 6ecf9a862791266bd9d6b242a4b64a9536637fb3f0a10d432dab44af3f145f7f
Posted Sep 20, 2002
Authored by Sean Trifero | Site innu.org

The Bridge Filter kernel patch for v2.2.22 creates a new built-in chain you can use to filter packets before the bridge. The Linux firewall and bridge functions work well but you can't filter exactly which packets are bridged. The main goal of this patch is to allow this capability.

Changes: Ported to Kernel v2.2.22.
tags | kernel, patch
systems | linux, unix
SHA-256 | e3d51abe7aa586c9876430bbb9e8618e9a1234c9c5cdf10823e44ead73c67068
Linux 2.2.22 Stealth Patch
Posted Sep 20, 2002
Authored by Sean Trifero | Site innu.org

The Stealth Kernel Patch for Linux v2.2.22 makes the linux kernel discard the packets that many OS detection tools use to query the TCP/IP stack. Includes logging of the dropped query packets and packets with bogus flags. Does a very good job of confusing nmap and queso.

Changes: Now works with kernel v2.2.22.
tags | kernel, tcp, patch
systems | linux, unix
SHA-256 | 9da0cd16aad5d2f5f49edafb6cfb922ef8dd5bcd4ea1c3a44acbbff851af4117
Posted Sep 20, 2002
Authored by Lance Fitz-Herbert

Exploit for the PRIVMESG DoS that exists in several Trillian versions. This code, which emulates an IRC server, should work against Trillian version 0.73 and 0.74. Compiles on Windows - Tested with Borland 5.5 Commandline Tools.

tags | exploit
systems | windows
SHA-256 | a47fd98697a3fdd1a24f95897a80bb0d2e38da58a83484cb3d1aa8bf68fd37d7
Posted Sep 20, 2002
Authored by Peter Grundl | Site kpmg.dk

KPMG security advisory 2002035 - IBM Websphere 4.0.3 on Windows 2000 Server does not process large HTTP headers received from connected clients correctly. This can be used to remotely crash the application. The advisory contains patch information that can be used to counter this vulnerability.

tags | web
systems | windows
SHA-256 | 42521d9ce42e9706532fdcd6ca4eb3e092a3f4f38c91caeec71e5b5a37a532d4
Posted Sep 20, 2002
Site netric.org

20 byte IRIX/MIPS PIC shellcode that calls exit().

tags | shellcode
systems | irix
SHA-256 | 67a14fa05590c787dcec843671f49b7443a1d7ccc3515d6ee76cb37e2b1870f7
Posted Sep 20, 2002
Site netric.org

204 byte MIPS/IRIX PIC shellcode that binds /bin/sh to port 16705 TCP.

tags | tcp, shellcode
systems | irix
SHA-256 | 479827468c5e228e46d4aa888071676392b5c4dc1707661bd875f603c64b1da9
Posted Sep 20, 2002
Authored by ntronic | Site netric.org

52 byte MIPS/IRIX PIC shellcode that does an execve of /bin/sh.

tags | shellcode
systems | irix
SHA-256 | 16f8054992c0d396b5836585aca7a5de8f0a5d1d01fb58a831de763055ada649
Posted Sep 20, 2002
Authored by Mark van Gelder

The Check Point VPN-1/FireWall-1 4.1 and NG HTTP Security Server (in.ahttpd) can be used to proxy all kinds of different protocols. Since it is not possible to select the allowed protocols, this is considered a security risk.

tags | web, protocol
SHA-256 | a9b9e181e4d501629c8a297037d7956bcee7d444aaac7a7518d443cb31c01469
Posted Sep 20, 2002
Site debian.org

Debian security advisory DSA 168-1 - Debian released new PHP packages that fix newline character injection in several PHP functions. Additionally, these packages correct a bug in PHP that allow a safe_mode restriction to be bypassed.

tags | php
systems | linux, debian
SHA-256 | d11df9bb3f7995a61aa5db1b828fa32e561204530e69128bcd82699694604d0b
Posted Sep 20, 2002
Site distro.conectiva.com.br

Conectiva security advisory CLA-2002:524 - Several buffer overflow vulnerabilities found in PostgreSQL query functions affect Conectiva releases 6.0, 7.0 and 8. Abuse of these overflows, for which database access is needed, can result in a compromise of the affected systems.

tags | overflow, vulnerability
SHA-256 | a4d852419920ca11e133713dc203ab2d29ce4b0e093eb9b5b6244ae02f7fb036
Posted Sep 20, 2002
Authored by Bl0w | Site secworld.org

Blowdoor v2.0 is a backdoor for Unix systems and uses md5sum passwords for authentication.

tags | tool, rootkit
systems | unix
SHA-256 | cd4c9df16235197d6f1234733005b24229793a87de84374240a544f8582d7932
Posted Sep 20, 2002
Authored by RATS Team | Site securesw.com

RATS, the Rough Auditing Tool for Security, is a security auditing utility for C, C++, Python, Perl and PHP code. RATS scans source code in order to find potentially dangerous function calls. The output generated by RATS can be used as a good starting point for performing manual security audits.

Changes: RATS version 2.0 has updated databases, better output features, a statistics feature and much more.
tags | perl, php, python
systems | unix
SHA-256 | 33eab6ae6618322c56f8fca866f0b60be85a586e1807a08fdc02a51ddf1e10e9
Posted Sep 20, 2002
Site microsoft.com

Microsoft Security Advisory MS02-052 - Three serious security vulnerabilities have been found in Microsoft VM which allow attackers to create web pages which cause remote code execution. The vulnerabilities can be exploited via Outlook unless the Email Security Update is installed.

tags | remote, web, vulnerability, code execution
SHA-256 | 5e58cc4e3bfe7b10c12d51e443206ba7577f8f3bfa1cbdeea6bbf9551b0bcb0f
Page 1 of 2

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    28 Files
  • 16
    Jul 16th
    6 Files
  • 17
    Jul 17th
    34 Files
  • 18
    Jul 18th
    6 Files
  • 19
    Jul 19th
    34 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2022 Packet Storm. All rights reserved.

Security Services
Hosting By