what you don't know can hurt you
Showing 1 - 25 of 111 RSS Feed

Files Date: 2003-08-01 to 2003-08-31

Posted Aug 29, 2003
Authored by Team Remote-exploit.org | Site wellenreiter.net

Wellenreiter is a GTK/Perl wireless network discovery and auditing tool. Its scanner window can be used to discover access-points, networks, and ad-hoc cards. It detects essid broadcasting or non-broadcasting networks and detects WEP capabilities and the manufacturer automatically. Dhcp and arp traffic will be decoded and displayed to give you further informations about the networks. A flexible sound event configuration lets it work in unattended. An ethereal / tcpdump-compatible dumpfile can be created. GPS is used to track the location of the discovered networks immediately. Automatic associating is possible with randomly generated MAC address. Wellenreiter runs also on low-resolution devices that can run GTK/Perl and Linux/BSD (such as iPaqs). An unique Essod-bruteforcer is now included too. prism2, Lucent, and Cisco based cards are supported.

Changes: Added the User guide in the docs directory, Raised the packet capture length from 400 to 65535, Added a patch for better detection of prism2 based PCI and usb cards.
tags | tool, perl, wireless
systems | cisco, linux, bsd
MD5 | d8d3d10723f80c292e4dae4c14a2e4a7
Posted Aug 28, 2003
Authored by Todd J.

Packet Storm new exploits for June, 2003.

tags | exploit
MD5 | ac9f4f68ae6eef059db7338a6c6fcb34
GNU Privacy Guard
Posted Aug 27, 2003
Site gnupg.org

The GNU Privacy Guard (GnuPG) is GNU's tool for secure communication and data storage. It is a complete and free replacement of PGP and can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440.

Changes: This new stable release adds a new "--gnupg" option (set by default) that disables --openpgp and the various --pgpX emulation options. Includes minor fixes.
tags | encryption
MD5 | 829c1b5fa356434b0ae4ed618b7ea408
Posted Aug 27, 2003
Site cipherdyne.org

Port Scan Attack Detector (psad) is a collection of four lightweight daemons written in Perl and C that are designed to work with Linux firewalling code (iptables and ipchains) to detect port scans. It features a set of highly configurable danger thresholds (with sensible defaults provided), verbose alert messages that include the source, destination, scanned port range, begin and end times, TCP flags and corresponding nmap options, email alerting, and automatic blocking of offending IP addresses via dynamic configuration of ipchains/iptables firewall rulesets. In addition, for the 2.4.x kernels psad incorporates many of the TCP, UDP, and ICMP signatures included in Snort to detect highly suspect scans for various backdoor programs (e.g. EvilFTP, GirlFriend, SubSeven), DDoS tools (mstream, shaft), and advanced port scans (syn, fin, Xmas) which are easily leveraged against a machine via nmap. Psad also uses packet TTL, IP id, TOS, and TCP window sizes to passively fingerprint the remote operating system from which scans originate.

Changes: This release is available as an RPM package.
tags | remote, kernel, udp, perl, tcp
systems | linux
MD5 | 382190e3e20e4299848d60a2244bc121
Posted Aug 27, 2003
Site cert.org

CERT Advisory CA-2003-22 - Microsoft Internet Explorer contains multiple vulnerabilities, the most serious of which could allow a remote attacker to execute arbitrary code with the privileges of the user running IE. Versions affected are 5.01, 5.50, and 6.01.

tags | advisory, remote, arbitrary, vulnerability
MD5 | a1267ad85158abcd9012ae69ae2ef7e9
FreeBSD Security Advisory 2003.11
Posted Aug 27, 2003
Authored by The FreeBSD Project, Oleg Bulyzhin | Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-03:11.sendmail - Some versions of sendmail (8.12.0 through 8.12.8) contain a programming error in the code that implements DNS maps. A malformed DNS reply packet may cause sendmail to crash its child process and may lead to further possible exploitation.

tags | advisory
systems | freebsd
MD5 | 2f56fcaeeb06dc2f4dfb543e16022f39
Posted Aug 27, 2003
Authored by Jonathan A. Zdziarski | Site nuclearelephant.com

The Apache DoS Evasive Maneuvers Module is a module for Apache 1.3 and 2.0 that detects and fights off DoS attacks and brute force attempts by adding addresses to a 10-second '403 List' and rejecting rapidly repeated requests for the same URL from the same addresses. This module can be configured to talk to ipchains, ipfilter, or any other tool designed to push the attack out to the network layer, and provides email notification in the event of an attack.

tags | web
MD5 | db59ce8070c3b954c4ea101e17e4a4a0
Posted Aug 27, 2003
Authored by Mike Kershaw | Site kismetwireless.net

Kismet is an 802.11b wireless network sniffer. It is capable of sniffing using almost any wireless card supported in Linux, which currently divide into cards handled by libpcap and the Linux-Wireless extensions (such as Cisco Aironet), and cards supported by the Wlan-NG project which use the Prism/2 chipset (such as Linksys, Dlink, and Zoom). Besides Linux, Kismet also supports FreeBSD, OpenBSD and Mac OS X systems. Features Multiple packet capture sources, Runtime network sorting by AP MAC address (bssid), IP block detection via ARP and DHCP packet dissection, Cisco product detection via CDP, Ethereal and tcpdump compatible file logging, Airsnort-compatible "interesting" (cryptographically weak) logging, Secure SUID behavior, GPS devices and wireless devices fingerprinting. Kismet also includes a tool called gpsmap that can be used to create maps from logged GPS data. Full changelog here.

Changes: Released 3.0.1 stable. No new major changes, but plenty of bugfixes.
tags | tool, wireless
systems | cisco, linux, freebsd, openbsd, apple, osx
MD5 | 7ba34081eb93d7ca27377593ba40524b
Posted Aug 26, 2003
Authored by ^sq | Site u-n-f.com

monop local exploit that achieves privilege escalation to the second player's uid.

tags | exploit, local
MD5 | c26759b97943d809aa935799b3c1b387
Posted Aug 26, 2003
Authored by Johnny Cyberpunk | Site thc.org

Helix Universal Server aka Real Server versions 7, 8, and 9 remote root exploit for both Windows and Linux. Google flags this as malware so only use this if you know what you are doing. The password to unarchive this zip is the word "infected".

tags | exploit, remote, root
systems | linux, windows
MD5 | 2d15d5d2723426a352cbc02557c8d4f5
Posted Aug 26, 2003
Authored by Carlo Comin | Site spine-group.org

LKL is a userspace keylogger that runs under linux x86/arch. LKL logs everything which passes through the hardware keyboard port (0x60). Keycode to ASCII translation is supported.

Changes: PS2 bug fixed, addition of US, French, and Dvorak keymaps.
tags | x86
systems | linux
MD5 | 249c2025295f1227f8cd660f7775d2f4
HexView Security Advisory 2003-08-03.01
Posted Aug 26, 2003
Authored by HexView, SGI Security Coordinator | Site sgi.com

SGI Security Advisory 20030803-01-P - A vulnerability has been reported by sendmail.org that the 8.12.8 and earlier releases shipped with a potential problem in DNS mapping that could lead to a remote denial or service or root compromise. Relatedd CVE Number: CVE-2003-0688.

tags | advisory, remote, root
MD5 | 2a166f4afe5f37ea2cce1777428e4770
Posted Aug 26, 2003
Authored by Dave Aitel

Helix Universal Server 9 and earlier versions (RealSystem Server 8, 7 and RealServer G2) are vulnerable to a root exploit when certain types of character strings appear in large numbers within URLs destined for the Server's protocol parsers.

tags | advisory, root, protocol
MD5 | 75229ac833221a0cdcde4387fd65ffad
Posted Aug 26, 2003
Authored by Kevin Finisterre | Site secnetops.com

Secure Network Operations, Inc. Advisory SRT2003-08-22-104 - widz, the 802.11 wireless IDS system version 1.5 and below, makes use of untrusted input with a system call. If this utility were to be used in a production environment with any non-root users on the system, they would be able to easily escalate their privileges to root.

tags | advisory, root
MD5 | 588c2add27529a05aff0d4c686fd4bff
Posted Aug 26, 2003
Authored by Drew Copley | Site eEye.com

eEye Advisory - There is a flaw in Microsoft's primary contribution to HTML, the Object tag, which is used to embed almost all ActiveX into HTML pages. The parameter that specifies the remote location of data for objects is not checked to validate the nature of the file being loaded, and therefore trojan executables may be run from within a web page as silently and as easily as Internet Explorer parses image files or any other safe HTML content. Version affected: Microsoft Internet Explorer 5.01, 5.5, 6.0, and 6.0 for Windows Server 2003.

tags | advisory, remote, web, trojan, activex
systems | windows
MD5 | 9f6eb7569411e2aba0bb119b689e9c2a
Posted Aug 26, 2003
Authored by Knud Erik Hojgaard | Site dtors.net

Local exploit for ViRobot 2.0 that works against the FreeBSD edition. Tested against FreeBSD 4.8.

tags | exploit, local
systems | freebsd
MD5 | ed19ce04e70634d80a88c32115c487ee
Posted Aug 26, 2003
Authored by Kevin Finisterre | Site secnetops.com

Secure Network Operations, Inc. Advisory SRT2003-08-11-072 - ViRobot 2.0, the Linux-based antivirus solution, has multitudes of suids that are vulnerable to abuse.

tags | advisory
systems | linux
MD5 | 392d3e308ffde41354f4acc4646bf47e
Posted Aug 26, 2003
Authored by ins1der

Kfence version 1.2 provides kernel protection against basic exploitation techniques, including stack and heap overflows and format string exploits, by patching /dev/kmem and redirecting system_call to test if the eip of the caller is in the wrong memory region.

Changes: Added .bss exec protection, simplified shellcode, added a better struct extraction method, added support for all 2.2.x and 2.4.x kernels.
tags | overflow, kernel
systems | linux
MD5 | 9aa3ccf1a93852710026277cd614db63
Posted Aug 26, 2003

Cryptcat is an encrypted version of netcat. It uses AES encryption and a static key to encrypt all transactions. Previous versions had a flaw in which not all network traffic was encrypted so this is the patched version. Many thanks to Eric Sheesley for fixing this utility since the last version is no longer supported.

tags | tool
systems | unix
MD5 | 3a2481e2ac36a367e9b52f82727582b5
Posted Aug 26, 2003
Authored by ins1der

Remote administration kernel module designed for the 2.4 series. It replaces system calls by inserting a push ret at the beginning of system_call, making the program jump to specified code. It provides a remote terminal backdoor through SYS_read hooking which means you can enter the box through any open tcp port. The connection is XOR encrypted and the module hides ports and pids. It also hides itself from vmalloc structure scanning and lsmod. Tested on Redhat 7.2 and 8.0. Currently lacks SMP support and is not considered stable so please exercise caution when utilizing this.

tags | remote, kernel, tcp
systems | linux, redhat
MD5 | 3f5cdb6e7dba958b3e9f438acf055153
Posted Aug 26, 2003
Authored by Larry W. Cashdollar

Further information and research in regards to the InterSystems Cache vulnerabilities discussed here. Two new vulnerabilities have been discovered and exploits are included.

tags | exploit, vulnerability
MD5 | d8d2308fa5893bf58ac73513ebf91311
Posted Aug 26, 2003
Authored by alex

This utility makes use of google.com to figure out what domains are running vulnerable PHP servers. Instructions are written in French.

tags | tool, scanner, php
systems | unix
MD5 | 77cc166621b423bcbbf8a5df77154b76
Posted Aug 26, 2003
Authored by Filip Waeytens

A Perl script that enumerates DNS information from a domain, attempts zone transfers, performs a brute force dictionary style attack, and then performs reverse look-ups on the results.

tags | tool, scanner, perl
systems | unix
MD5 | d04ba89b205f4e707804ab4b5a46fdd6
Posted Aug 26, 2003
Authored by Phender

Banner scanning utility that generates random IP addresses, can search for specified strings, and has a default list of ports to scan if not given a list. Works extremely streamlined as it spawns sixteen children processes.

tags | tool, scanner
systems | unix
MD5 | e907f63ce400cbae5daaf465aa4adeb4
Posted Aug 26, 2003
Authored by Frederic Charpentier

White paper discussing methodologies for accessing internal networks using HTTP tunneling and tricking end users.

tags | paper, web, virus
MD5 | ccd40eb358c1a868a3672f6b1af39a1a
Page 1 of 5

File Archive:

January 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    4 Files
  • 2
    Jan 2nd
    3 Files
  • 3
    Jan 3rd
    3 Files
  • 4
    Jan 4th
    33 Files
  • 5
    Jan 5th
    31 Files
  • 6
    Jan 6th
    21 Files
  • 7
    Jan 7th
    15 Files
  • 8
    Jan 8th
    19 Files
  • 9
    Jan 9th
    1 Files
  • 10
    Jan 10th
    1 Files
  • 11
    Jan 11th
    33 Files
  • 12
    Jan 12th
    19 Files
  • 13
    Jan 13th
    27 Files
  • 14
    Jan 14th
    8 Files
  • 15
    Jan 15th
    16 Files
  • 16
    Jan 16th
    0 Files
  • 17
    Jan 17th
    0 Files
  • 18
    Jan 18th
    0 Files
  • 19
    Jan 19th
    0 Files
  • 20
    Jan 20th
    0 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    0 Files
  • 25
    Jan 25th
    0 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2020 Packet Storm. All rights reserved.

Security Services
Hosting By