what you don't know can hurt you
Showing 1 - 10 of 10 RSS Feed

Files Date: 2004-01-06

chkrootkit-043.tar.gz
Posted Jan 6, 2004
Authored by Nelson Murilo | Site chkrootkit.org

Chkrootkit v0.43 locally checks for signs of a rootkit. Chkrootkit includes ifpromisc.c to check and see if the interface is in promisc mode, chklastlog.c to check lastlog for deletions, and chkwtmp.c to check wtmp for deletions, strings.c for quick and dirty strings replacement, check_wtmpx.c to check for wtmpx deletions and the files chkproc.c and chkdirs.c to check for LKM trojans. Tested on Linux 2.0.x, 2.2.x and 2.4.x, FreeBSD 2.2.x, 3.x, 4.x, and 5.x, BSDI, OpenBSD 2.6, 2.7, 2.8, 2.9, 3.0 and 3.1, NetBSD 1.5.2 and Solaris 2.5.1, 2.6 and 8.0, and HP-UX 11.

Changes: Better PROMISC mode detection on newer Linux kernels, new CGI backdoors detected, new rootkits added, and minor bug fixes.
tags | tool, trojan, integrity, rootkit
systems | linux, netbsd, unix, solaris, freebsd, openbsd, hpux
MD5 | 08646b9bf3a9dc45c25a40946962a839
toolkit.tgz
Posted Jan 6, 2004
Authored by r3dstorm

The R3dstorm Toolkit is a rootkit like utility which hides processes and files and was tested on Red Hat 9.0.

tags | tool, rootkit
systems | linux, redhat, unix
MD5 | b8d3e1b38213fa172890f41e30411dab
Openwall Linux Kernel Patch
Posted Jan 6, 2004
Authored by Solar Designer | Site openwall.com

The Openwall Linux kernel patch is a collection of security "hardening" features for the Linux kernel which can stop most 'cookbook' buffer overflow exploits. The patch can also add more privacy to the system by restricting access to parts of /proc so that users may not see what others are doing. Also tightens down file descriptors 0, 1, and 2, implements process limits and shared memory destruction.

Changes: Fixes two newly discovered local root vulnerabilities in the mremap() system call. Ported to kernel v2.4.23.
tags | overflow, kernel
systems | linux
MD5 | 7e69e67d2eef41504cc8521128e055c0
yinyang-1.0.zip
Posted Jan 6, 2004
Authored by Primac | Site yinyang.sourceforge.net

yinyang is a kernel module used to detect a file opening and passes that information to a daemon for action such as logging file transactions, anti-virus checking, and other file activities. Ideal for real-time on-access file scanning.

tags | kernel, virus
systems | linux
MD5 | 7a9c3a73819455d9f88a758d2f056231
AQTRONIX Security Advisory AQ-2003-02
Posted Jan 6, 2004
Authored by Parcifal Aertssen | Site aqtronix.com

AQTRONIX Security Advisory AQ-2003-02 - When an HTTP request with the verb TRACK under Microsoft IIS 5.0 is performed, the transaction is not logged. This can lead to the server being utilized for XST attacks along with other tactics for information gathering. Microsoft silently fixed this bug in IIS 6.0.

tags | advisory, web
MD5 | 270fe16944a7ca65fbca666e220244da
exp-xsok-2.c
Posted Jan 6, 2004
Authored by n2n

Local gid=games exploit for xsok v1.0.2 and below that exploits the -xsokdir command line overflow bug.

tags | exploit, overflow, local
MD5 | 1e7c28de39c2ed8b2304c408c7baa1e1
exp-xsok.c
Posted Jan 6, 2004
Authored by n2n

Local gid=games exploit for xsok v1.0.2 and below that will automatically calculate the return address and has improved shellcode. Tested on RedHat 9.0.

tags | exploit, local, shellcode
systems | linux, redhat
MD5 | 23986a992a6216b63170a195ed714fac
Syskey.zip
Posted Jan 6, 2004
Authored by Nicola Cuomo | Site studenti.unina.it

Small whitepaper describing the obfuscation algorithm used by Windows 2k/NT/XP Syskey and the steps required to remove its encryption from the password hashes. Tools to automate the process included.

tags | paper
systems | windows, 2k
MD5 | 0ff1b279635db3fd61771f14c0845e7b
adore-ng-0.31.tgz
Posted Jan 6, 2004
Authored by teso, stealth | Site team-teso.net

Adore is a Linux LKM based rootkit for Linux v2.[24]. Features smart PROMISC flag hiding, persistent file and directory hiding (still hidden after reboot), process-hiding, netstat hiding, rootshell-backdoor, and an uninstall routine. Includes a userspace program to control everything.

Changes: Syslog filtering, wtmp/utmp/lastlog filtering, relinking of LKMs as described in Phrack #61.
systems | linux
MD5 | 4a925181db7030c1e9b67225a88abbe0
Trustscn_6.4_b85.exe
Posted Jan 6, 2004
Authored by Felipe Moniz de Aragao | Site syhunt.com

TrustSight Security Scanner 6.4 Build 85 is a new version of the web security scanner originally known as the Stealth HTTP Security Scanner. It provides 13,000 http vulnerability checks and runs on Win32 and Linux under Wine.

Changes: Improved scanning performance of web servers. Minor fixes. CVE Compatible.
tags | web
systems | linux, windows, 32
MD5 | 95375c9e30089c3e8b31ebac7770e912
Page 1 of 1
Back1Next

File Archive:

March 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    15 Files
  • 2
    Mar 2nd
    5 Files
  • 3
    Mar 3rd
    3 Files
  • 4
    Mar 4th
    25 Files
  • 5
    Mar 5th
    20 Files
  • 6
    Mar 6th
    16 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    12 Files
  • 9
    Mar 9th
    3 Files
  • 10
    Mar 10th
    4 Files
  • 11
    Mar 11th
    23 Files
  • 12
    Mar 12th
    12 Files
  • 13
    Mar 13th
    12 Files
  • 14
    Mar 14th
    19 Files
  • 15
    Mar 15th
    12 Files
  • 16
    Mar 16th
    3 Files
  • 17
    Mar 17th
    1 Files
  • 18
    Mar 18th
    15 Files
  • 19
    Mar 19th
    22 Files
  • 20
    Mar 20th
    14 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    8 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close