Wellenreiter is a GTK/Perl wireless network discovery and auditing tool. Its scanner window can be used to discover access-points, networks, and ad-hoc cards. It detects essid broadcasting or non-broadcasting networks and detects WEP capabilities and the manufacturer automatically. Dhcp and arp traffic will be decoded and displayed to give you further informations about the networks. A flexible sound event configuration lets it work in unattended. An ethereal / tcpdump-compatible dumpfile can be created. GPS is used to track the location of the discovered networks immediately. Automatic associating is possible with randomly generated MAC address. Wellenreiter runs also on low-resolution devices that can run GTK/Perl and Linux/BSD (such as iPaqs). An unique Essod-bruteforcer is now included too. prism2, Lucent, and Cisco based cards are supported.
b6e11e7142d8e615e21c96edf48ca439a7d5cb0d30804df676be298377ebe0b6Packet Storm new exploits for June, 2003.
641191a8624734d6b9a124e05f637516588e8e4f31f51bd5506b487928a9dd2fThe GNU Privacy Guard (GnuPG) is GNU's tool for secure communication and data storage. It is a complete and free replacement of PGP and can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440.
b29e88f9fd0f090c748c4cd79e26bd92be8925d623b093632ad035ac70d0e8d9Port Scan Attack Detector (psad) is a collection of four lightweight daemons written in Perl and C that are designed to work with Linux firewalling code (iptables and ipchains) to detect port scans. It features a set of highly configurable danger thresholds (with sensible defaults provided), verbose alert messages that include the source, destination, scanned port range, begin and end times, TCP flags and corresponding nmap options, email alerting, and automatic blocking of offending IP addresses via dynamic configuration of ipchains/iptables firewall rulesets. In addition, for the 2.4.x kernels psad incorporates many of the TCP, UDP, and ICMP signatures included in Snort to detect highly suspect scans for various backdoor programs (e.g. EvilFTP, GirlFriend, SubSeven), DDoS tools (mstream, shaft), and advanced port scans (syn, fin, Xmas) which are easily leveraged against a machine via nmap. Psad also uses packet TTL, IP id, TOS, and TCP window sizes to passively fingerprint the remote operating system from which scans originate.
2d1862b108021c9292ece1f23d0c3c49d6cbcc4a5fabdcd0d1fed66bfacb2681CERT Advisory CA-2003-22 - Microsoft Internet Explorer contains multiple vulnerabilities, the most serious of which could allow a remote attacker to execute arbitrary code with the privileges of the user running IE. Versions affected are 5.01, 5.50, and 6.01.
d1c51f0ed560fc53ab28a84f686194993fb73c72aed18f2d752fd2c3faec416dFreeBSD Security Advisory FreeBSD-SA-03:11.sendmail - Some versions of sendmail (8.12.0 through 8.12.8) contain a programming error in the code that implements DNS maps. A malformed DNS reply packet may cause sendmail to crash its child process and may lead to further possible exploitation.
7f9899383fadb7f77206e97c56d7e465f51be51c5a9e5de02316b0f5c5ded77eThe Apache DoS Evasive Maneuvers Module is a module for Apache 1.3 and 2.0 that detects and fights off DoS attacks and brute force attempts by adding addresses to a 10-second '403 List' and rejecting rapidly repeated requests for the same URL from the same addresses. This module can be configured to talk to ipchains, ipfilter, or any other tool designed to push the attack out to the network layer, and provides email notification in the event of an attack.
45f6196ce2c9de9f714930384f606362ddd04e056083b8e15a46b933f13c3935Kismet is an 802.11b wireless network sniffer. It is capable of sniffing using almost any wireless card supported in Linux, which currently divide into cards handled by libpcap and the Linux-Wireless extensions (such as Cisco Aironet), and cards supported by the Wlan-NG project which use the Prism/2 chipset (such as Linksys, Dlink, and Zoom). Besides Linux, Kismet also supports FreeBSD, OpenBSD and Mac OS X systems. Features Multiple packet capture sources, Runtime network sorting by AP MAC address (bssid), IP block detection via ARP and DHCP packet dissection, Cisco product detection via CDP, Ethereal and tcpdump compatible file logging, Airsnort-compatible "interesting" (cryptographically weak) logging, Secure SUID behavior, GPS devices and wireless devices fingerprinting. Kismet also includes a tool called gpsmap that can be used to create maps from logged GPS data. Full changelog here.
35a4e6fb6353da937eccdfa4d4bd06985ee1a6fd70aa4a31d2544a20742df2b7monop local exploit that achieves privilege escalation to the second player's uid.
cf992dfea23b0560132cbee0d12b1b8ce15c6fc35a58e26d678e31f2cf9e5077Helix Universal Server aka Real Server versions 7, 8, and 9 remote root exploit for both Windows and Linux. Google flags this as malware so only use this if you know what you are doing. The password to unarchive this zip is the word "infected".
15c91505e6cbf8608eb58beff61b02cf4d5a2601de86f3c901a8f1d588027c3aLKL is a userspace keylogger that runs under linux x86/arch. LKL logs everything which passes through the hardware keyboard port (0x60). Keycode to ASCII translation is supported.
044171738ef8d204530208c5e41d2ef4908d2386129b3558059e68eea2648923SGI Security Advisory 20030803-01-P - A vulnerability has been reported by sendmail.org that the 8.12.8 and earlier releases shipped with a potential problem in DNS mapping that could lead to a remote denial or service or root compromise. Relatedd CVE Number: CVE-2003-0688.
f599f483c03b2a7dbaa048e9abd60ad17327c2a14fc6add6523e23542a45abb1Helix Universal Server 9 and earlier versions (RealSystem Server 8, 7 and RealServer G2) are vulnerable to a root exploit when certain types of character strings appear in large numbers within URLs destined for the Server's protocol parsers.
2dbb8dceb018ef54a3e9f64fe191da489067b6b3aa66be81d8e731a9d1ec9d48Secure Network Operations, Inc. Advisory SRT2003-08-22-104 - widz, the 802.11 wireless IDS system version 1.5 and below, makes use of untrusted input with a system call. If this utility were to be used in a production environment with any non-root users on the system, they would be able to easily escalate their privileges to root.
0a5bd8db53063144a11c8d343d4ad593cd07df746dc5dac63023d1b8f5b20b2beEye Advisory - There is a flaw in Microsoft's primary contribution to HTML, the Object tag, which is used to embed almost all ActiveX into HTML pages. The parameter that specifies the remote location of data for objects is not checked to validate the nature of the file being loaded, and therefore trojan executables may be run from within a web page as silently and as easily as Internet Explorer parses image files or any other safe HTML content. Version affected: Microsoft Internet Explorer 5.01, 5.5, 6.0, and 6.0 for Windows Server 2003.
dd79f9814eb5b13d2de07d11deb7d6f23493a7bf6e0bf540ffc5293f0568e45cLocal exploit for ViRobot 2.0 that works against the FreeBSD edition. Tested against FreeBSD 4.8.
41059e552df59b7c97ce59335d8a8059d66eb278653f384fb513f884278d70fdSecure Network Operations, Inc. Advisory SRT2003-08-11-072 - ViRobot 2.0, the Linux-based antivirus solution, has multitudes of suids that are vulnerable to abuse.
b0f7f0118ddf986cbff764a044a771d9d65a93d009a0b5c98382c9be43058a9bKfence version 1.2 provides kernel protection against basic exploitation techniques, including stack and heap overflows and format string exploits, by patching /dev/kmem and redirecting system_call to test if the eip of the caller is in the wrong memory region.
86b7ef83422d92d95d9b4292f22b474924bcfbca4cce50f51c33a6f418dbed1cCryptcat is an encrypted version of netcat. It uses AES encryption and a static key to encrypt all transactions. Previous versions had a flaw in which not all network traffic was encrypted so this is the patched version. Many thanks to Eric Sheesley for fixing this utility since the last version is no longer supported.
07d72ba5e5a5601b5d6b9d6c4dbf7a4339f25974ccdc61d11f6d4b78f2c489bdRemote administration kernel module designed for the 2.4 series. It replaces system calls by inserting a push ret at the beginning of system_call, making the program jump to specified code. It provides a remote terminal backdoor through SYS_read hooking which means you can enter the box through any open tcp port. The connection is XOR encrypted and the module hides ports and pids. It also hides itself from vmalloc structure scanning and lsmod. Tested on Redhat 7.2 and 8.0. Currently lacks SMP support and is not considered stable so please exercise caution when utilizing this.
6b9d7bae3d68b1249acacb7222865ed7c41cc99ea8d9bdfa1e45104e265d2741Further information and research in regards to the InterSystems Cache vulnerabilities discussed here. Two new vulnerabilities have been discovered and exploits are included.
728fbb24e98602c5fe921cab33d49eb861a834a80b0d955bc059096191267f54This utility makes use of google.com to figure out what domains are running vulnerable PHP servers. Instructions are written in French.
b3f19d886ee5ea1afc45226f178523ffac8207bfec016dd3e0b692e675b132efA Perl script that enumerates DNS information from a domain, attempts zone transfers, performs a brute force dictionary style attack, and then performs reverse look-ups on the results.
f4978177d240a78a9f740f6802aff5a4a303543634e143d074128e57b587ef0dBanner scanning utility that generates random IP addresses, can search for specified strings, and has a default list of ports to scan if not given a list. Works extremely streamlined as it spawns sixteen children processes.
a29ff2cdc75b2c2460cc3322135bcc6d64cc8afd02c881149655284e653d8275White paper discussing methodologies for accessing internal networks using HTTP tunneling and tricking end users.
8dce9784b0590af718a606fd4452e9c8d12319c1f0f6545582ff6576e80b13f2
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed