all things security
Showing 1 - 25 of 145 RSS Feed

Files Date: 2003-12-01 to 2003-12-31

pcds
Posted Dec 30, 2003
Authored by Bart Somers | Site doornenburg.homelinux.net

pcds is a Perl script written to monitor processes on a system and report changes.

tags | perl
systems | unix
MD5 | 488f217da8ad4d03515345301418c746
env_audit-2.0.tar.gz
Posted Dec 30, 2003
Authored by Steve Grubb | Site web-insights.net

Env_audit is a program that ferrets out everything it can about the environment. It looks for process IDs, UID, GID, signal masks, umask, priority, leaked file descriptors, and environmental variables. It comes with test configurations for anacron, Apache, atd, crond, GDB, inittab, logrotate, PHP, pppd, procmail, rsh, rxvt, Sendmail, SSH, stunnel, sudo, xinetd, and xterm.

tags | php
systems | unix
MD5 | 05cba8f3d1c1b498b4ded630a0832aa6
firewall-jay-1.0.3.tar.gz
Posted Dec 30, 2003
Authored by Jerome Nokin | Site firewall-jay.sourceforge.net

Jay's Iptables Firewall is a bash script that allows one to easily install and configure a firewall on a Linux system. It features support for multiple interfaces, TCP/UDP/ICMP control, masquerading, synflood control, spoofing control, port forwarding from specific interfaces, VPNs, ToS, denying hosts by IP or MAC address, ZorbIPTraffic, Spyware list IP, Pre/Post scripts, log options, and more. The firewall is able to launch custom iptables rules, and the configuration of the firewall is assisted by an optional, interactive, curses-based Perl script.

tags | tool, udp, perl, spoof, tcp, firewall, bash
systems | linux
MD5 | 5c100faa0c6218816d5ec85ca0cd71e7
init_rpi.txt
Posted Dec 30, 2003
Authored by Christophe Devine

Whitepaper detailing how to successfully patch the linux kernel in order to allow ptracing /sbin/init, and subsequently inject a connect-back shellcode into the target process. Patch code included.

tags | paper, kernel, shellcode
systems | linux, unix
MD5 | 416c6fffc2174a4c171d7edaeccba127
showexp.txt
Posted Dec 30, 2003
Authored by Arman Nayyeri

Exploit code that makes use of the showHelp() vulnerability found in Microsoft Explorer versions 5.x-6.0. This file must be renamed with a .html extension to work.

tags | exploit
MD5 | e99fb54eb1ced09dc1fd2e3187b715cb
ie_showHelp.txt
Posted Dec 30, 2003
Authored by Arman Nayyeri

A flaw exists in Microsoft Internet Explorer 5.x-6.0 that allows a remote attacker to execute a file using chm in showHelp().

tags | advisory, remote
MD5 | db3591cd11cf5acd1b4f20246b92e736
gallery133.txt
Posted Dec 30, 2003
Authored by The-Insider | Site theinsider.deep-ice.com

Gallery versions 1.3.3 and below suffer from a cross-site scripting vulnerability in its searching functionality.

tags | exploit, xss
MD5 | bd8fa7a52e93df322ab5dc54d4b6faf3
phpping.txt
Posted Dec 30, 2003
Authored by ppp-design | Site ppp-design.de

php-ping improperly filters user inputs, allowing for a malicious remote attacker to execute arbitrary commands as the webserver uid.

tags | exploit, remote, arbitrary, php
MD5 | 450d6884bb82ab689b9ced960891973e
mdaemon-raw.txt
Posted Dec 29, 2003
Authored by Pejamn Davarzani, Behrang Fouladi | Site hat-squad.com

Alt-N Technologies MDaemon Mail Server versions 6.52 to 6.85 suffer from a remote buffer overflow in its raw message handler. Sending more than 153 bytes in the From field to FROM2Raw.exe creates a raw file, that when processed by mdaemon, will cause a stack buffer overflow.

tags | exploit, remote, overflow
MD5 | 74de9bd4c75e8a57e115b87b3aff2516
landesk.txt
Posted Dec 29, 2003
Authored by Tri Huynh

The Landesk Management Suite versions 8.0 and below suffer from a buffer overflow in their SetClientAddress function inside of YAUTO.DLL.

tags | advisory, overflow
MD5 | 57a53a16c4e22b83ec3f1c09bba1301b
quikstore.txt
Posted Dec 29, 2003
Authored by Dr'Ponidi

The QuikStore Shopping Cart suffers from directory traversal vulnerabilities that allow a remote attacker to gain access to files outside of the webroot and also discloses installation path information on error pages.

tags | exploit, remote, vulnerability
MD5 | 4953833c7c0fe6962bd8a66fecb9aa0a
opera07autodel.txt
Posted Dec 29, 2003
Authored by Nesumin | Site opera.rainyblue.org

Opera versions 7.22 and below allow for a remote site to overwrite local files during temporary file creation due to a lack of sanitizing filenames.

tags | advisory, remote, local
MD5 | e78538b84ad2cce8c0ef254d8ad4b666
snort-2.1.0.tar.gz
Posted Dec 29, 2003
Authored by Martin Roesch | Site snort.org

Snort is an open source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. Includes real time alerting, incorporating alerting mechanisms for syslog, a user specified file, a UNIX socket, or WinPopup messages via smbclient.

Changes: Fixed bugs and added signatures.
tags | tool, overflow, cgi, sniffer, protocol
systems | unix
MD5 | 1da6d683d18b39a72a3c277e8deffc69
psad-1.3.1.tar.gz
Posted Dec 29, 2003
Site cipherdyne.org

Port Scan Attack Detector (psad) is a collection of four lightweight daemons written in Perl and C that are designed to work with Linux firewalling code (iptables and ipchains) to detect port scans. It features a set of highly configurable danger thresholds (with sensible defaults provided), verbose alert messages that include the source, destination, scanned port range, begin and end times, TCP flags and corresponding nmap options, email alerting, and automatic blocking of offending IP addresses via dynamic configuration of ipchains/iptables firewall rulesets. In addition, for the 2.4.x kernels psad incorporates many of the TCP, UDP, and ICMP signatures included in Snort to detect highly suspect scans for various backdoor programs (e.g. EvilFTP, GirlFriend, SubSeven), DDoS tools (mstream, shaft), and advanced port scans (syn, fin, Xmas) which are easily leveraged against a machine via nmap. Psad also uses packet TTL, IP id, TOS, and TCP window sizes to passively fingerprint the remote operating system from which scans originate. Changelog available here.

Changes: Added the ability to re-import scanning ip directories after a restart of psad or a system reboot. An analysis mode was added so that a logfile that contains iptables messages (such as the /var/log/messages) can be analyzed for scans. ICMP type and code validation against RFC 792 was added. Excessive strictness with FW_MSG_SEARCH was fixed. The signatures were updated to those included with snort 2.1.
tags | remote, kernel, udp, perl, tcp
systems | linux
MD5 | 96a43d63a1cb944b651cb28786dbe0de
mysecrep.gz
Posted Dec 29, 2003
Authored by Bart Somers | Site doornenburg.homelinux.net

mysecrep version 0.8 generates an audit-report from the syslog messages from snort, pcds and samhain, thus covering a whole range of security-tools, packed in 1 report. The report written is to disk and send via email. Written in Perl.

Changes: Cleaned up snort reporting, making it more flexable to extend or modify. Modified the file mask settings.
tags | tool, perl, sniffer
MD5 | eae9d5901b568ea0587f60aed0c647c0
bilbo-0.9.tar.gz
Posted Dec 29, 2003
Authored by Bart Somers | Site doornenburg.homelinux.net

Bilbo is a wrapper for nmap which makes it easier to scan lots of machines or networks.

tags | tool, nmap
systems | unix
MD5 | c604511389256dc7d11191c9754279d2
linux_chown_chmod_shellcode.c
Posted Dec 29, 2003
Authored by n2n

43-byte linux x86 shellcode which does the following: setuid(0);chown("/tmp/n2n",0,0);chmod("/tmp/n2n", 04755);exit();

tags | x86, shellcode
systems | linux
MD5 | c48e43da015d0dc6f2c3e6859ada518f
gspoof-3.2.tar.gz
Posted Dec 29, 2003
Authored by embyte | Site gspoof.sourceforge.net

Gspoof is a GTK+ program written in C which makes easy and accurate the building and the sending of TCP packets with or without a data payload. It's possible to modify TCP/IP fields or the Ethernet header.

tags | tcp
systems | unix
MD5 | 7a1d124a1d0bed87e19b239d559ba880
xlcrack-1.0.tar.gz
Posted Dec 29, 2003
Authored by Nick Lamb | Site ecs.soton.ac.uk

Xlcrack is a small tool to recover lost and forgotten passwords from XLS files. Works on most Un*x systems, but it needs libgsf, most commonly installed along with Gnumeric. Some newer XLS files are not suitable for password recovery using this software.

tags | cracker
MD5 | 9b7e062a94a51dce78f6aff5894dc5b9
vampiric.asm
Posted Dec 25, 2003
Authored by Peter Winter-Smith

Vampiric Shellcode - Url Download + Execute for Win32. Vampiric shellcode links to system DLL's so create shellcode that works on many different service packs, more information here.

tags | shellcode
systems | windows
MD5 | f29989ef8b0aca1f8d3c4f18240b1e42
SPK-IMSPd.c
Posted Dec 25, 2003
Authored by SpikE

IMSPd v1.7 and below remote root buffer overflow exploit which takes advantage of a bug in abook_dbname(). Tested against IMSPd 1.7 and 1.6a3 under RedHat 8.0. Fix available here.

tags | exploit, remote, overflow, root
systems | linux, redhat
MD5 | 5162fefc17a2d96ad76b83a84c36f570
xmas.txt
Posted Dec 24, 2003
Authored by fris

CGI hacking tutorial which explains how to find many vulnerable systems using google and contains an awful lot of URL's.

tags | paper, cgi
MD5 | 2385a0fe77e314ff7bca52993150fa8b
exp_unix2tcp.c
Posted Dec 24, 2003
Authored by n2n | Site eos-india.net

Exp_unix2tcp.c is a local exploit for unix2tcp below v0.8.0 which gives root access if unix2tcp is setuid, which it is usually not. Tested on Redhat Linux 9.

tags | exploit, local, root
systems | linux, redhat
MD5 | 17f3b5fb7f646a6cb8647a775b53c63e
reducing_human_factor_mistakes.txt
Posted Dec 24, 2003

Reducing human factor mistakes.

tags | paper
MD5 | 90efd071f1b84d1810a556ba2edf042d
rkhunter-1.00RC3.tar.gz
Posted Dec 24, 2003
Authored by Michael Boelen | Site rootkit.nl

Rootkit Hunter scans files and systems for known and unknown rootkits, backdoors, and sniffers. The package contains one shell script, a few text-based databases, and optional Perl modules. It should run on almost every Unix clone.

Changes: Fixed bugs and added new features.
tags | tool, shell, perl, integrity, rootkit
systems | unix
MD5 | 0e661907740318adc1e13055334034c9
Page 1 of 6
Back12345Next

File Archive:

October 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    15 Files
  • 2
    Oct 2nd
    16 Files
  • 3
    Oct 3rd
    15 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    11 Files
  • 6
    Oct 6th
    6 Files
  • 7
    Oct 7th
    2 Files
  • 8
    Oct 8th
    1 Files
  • 9
    Oct 9th
    13 Files
  • 10
    Oct 10th
    16 Files
  • 11
    Oct 11th
    15 Files
  • 12
    Oct 12th
    23 Files
  • 13
    Oct 13th
    13 Files
  • 14
    Oct 14th
    12 Files
  • 15
    Oct 15th
    2 Files
  • 16
    Oct 16th
    16 Files
  • 17
    Oct 17th
    16 Files
  • 18
    Oct 18th
    14 Files
  • 19
    Oct 19th
    8 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close