what you don't know can hurt you
Showing 1 - 10 of 10 RSS Feed

Files Date: 2004-01-06

chkrootkit-043.tar.gz
Posted Jan 6, 2004
Authored by Nelson Murilo | Site chkrootkit.org

Chkrootkit v0.43 locally checks for signs of a rootkit. Chkrootkit includes ifpromisc.c to check and see if the interface is in promisc mode, chklastlog.c to check lastlog for deletions, and chkwtmp.c to check wtmp for deletions, strings.c for quick and dirty strings replacement, check_wtmpx.c to check for wtmpx deletions and the files chkproc.c and chkdirs.c to check for LKM trojans. Tested on Linux 2.0.x, 2.2.x and 2.4.x, FreeBSD 2.2.x, 3.x, 4.x, and 5.x, BSDI, OpenBSD 2.6, 2.7, 2.8, 2.9, 3.0 and 3.1, NetBSD 1.5.2 and Solaris 2.5.1, 2.6 and 8.0, and HP-UX 11.

Changes: Better PROMISC mode detection on newer Linux kernels, new CGI backdoors detected, new rootkits added, and minor bug fixes.
tags | tool, trojan, integrity, rootkit
systems | linux, netbsd, unix, solaris, freebsd, openbsd, hpux
MD5 | 08646b9bf3a9dc45c25a40946962a839
toolkit.tgz
Posted Jan 6, 2004
Authored by r3dstorm

The R3dstorm Toolkit is a rootkit like utility which hides processes and files and was tested on Red Hat 9.0.

tags | tool, rootkit
systems | linux, redhat, unix
MD5 | b8d3e1b38213fa172890f41e30411dab
Openwall Linux Kernel Patch
Posted Jan 6, 2004
Authored by Solar Designer | Site openwall.com

The Openwall Linux kernel patch is a collection of security "hardening" features for the Linux kernel which can stop most 'cookbook' buffer overflow exploits. The patch can also add more privacy to the system by restricting access to parts of /proc so that users may not see what others are doing. Also tightens down file descriptors 0, 1, and 2, implements process limits and shared memory destruction.

Changes: Fixes two newly discovered local root vulnerabilities in the mremap() system call. Ported to kernel v2.4.23.
tags | overflow, kernel
systems | linux
MD5 | 7e69e67d2eef41504cc8521128e055c0
yinyang-1.0.zip
Posted Jan 6, 2004
Authored by Primac | Site yinyang.sourceforge.net

yinyang is a kernel module used to detect a file opening and passes that information to a daemon for action such as logging file transactions, anti-virus checking, and other file activities. Ideal for real-time on-access file scanning.

tags | kernel, virus
systems | linux
MD5 | 7a9c3a73819455d9f88a758d2f056231
AQTRONIX Security Advisory AQ-2003-02
Posted Jan 6, 2004
Authored by Parcifal Aertssen | Site aqtronix.com

AQTRONIX Security Advisory AQ-2003-02 - When an HTTP request with the verb TRACK under Microsoft IIS 5.0 is performed, the transaction is not logged. This can lead to the server being utilized for XST attacks along with other tactics for information gathering. Microsoft silently fixed this bug in IIS 6.0.

tags | advisory, web
MD5 | 270fe16944a7ca65fbca666e220244da
exp-xsok-2.c
Posted Jan 6, 2004
Authored by n2n

Local gid=games exploit for xsok v1.0.2 and below that exploits the -xsokdir command line overflow bug.

tags | exploit, overflow, local
MD5 | 1e7c28de39c2ed8b2304c408c7baa1e1
exp-xsok.c
Posted Jan 6, 2004
Authored by n2n

Local gid=games exploit for xsok v1.0.2 and below that will automatically calculate the return address and has improved shellcode. Tested on RedHat 9.0.

tags | exploit, local, shellcode
systems | linux, redhat
MD5 | 23986a992a6216b63170a195ed714fac
Syskey.zip
Posted Jan 6, 2004
Authored by Nicola Cuomo | Site studenti.unina.it

Small whitepaper describing the obfuscation algorithm used by Windows 2k/NT/XP Syskey and the steps required to remove its encryption from the password hashes. Tools to automate the process included.

tags | paper
systems | windows, 2k
MD5 | 0ff1b279635db3fd61771f14c0845e7b
adore-ng-0.31.tgz
Posted Jan 6, 2004
Authored by teso, stealth | Site team-teso.net

Adore is a Linux LKM based rootkit for Linux v2.[24]. Features smart PROMISC flag hiding, persistent file and directory hiding (still hidden after reboot), process-hiding, netstat hiding, rootshell-backdoor, and an uninstall routine. Includes a userspace program to control everything.

Changes: Syslog filtering, wtmp/utmp/lastlog filtering, relinking of LKMs as described in Phrack #61.
systems | linux
MD5 | 4a925181db7030c1e9b67225a88abbe0
Trustscn_6.4_b85.exe
Posted Jan 6, 2004
Authored by Felipe Moniz de Aragao | Site syhunt.com

TrustSight Security Scanner 6.4 Build 85 is a new version of the web security scanner originally known as the Stealth HTTP Security Scanner. It provides 13,000 http vulnerability checks and runs on Win32 and Linux under Wine.

Changes: Improved scanning performance of web servers. Minor fixes. CVE Compatible.
tags | web
systems | linux, windows, 32
MD5 | 95375c9e30089c3e8b31ebac7770e912
Page 1 of 1
Back1Next

File Archive:

July 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    15 Files
  • 2
    Jul 2nd
    19 Files
  • 3
    Jul 3rd
    11 Files
  • 4
    Jul 4th
    0 Files
  • 5
    Jul 5th
    0 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    0 Files
  • 9
    Jul 9th
    0 Files
  • 10
    Jul 10th
    0 Files
  • 11
    Jul 11th
    0 Files
  • 12
    Jul 12th
    0 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    0 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close