Chkrootkit v0.43 locally checks for signs of a rootkit. Chkrootkit includes ifpromisc.c to check and see if the interface is in promisc mode, chklastlog.c to check lastlog for deletions, and chkwtmp.c to check wtmp for deletions, strings.c for quick and dirty strings replacement, check_wtmpx.c to check for wtmpx deletions and the files chkproc.c and chkdirs.c to check for LKM trojans. Tested on Linux 2.0.x, 2.2.x and 2.4.x, FreeBSD 2.2.x, 3.x, 4.x, and 5.x, BSDI, OpenBSD 2.6, 2.7, 2.8, 2.9, 3.0 and 3.1, NetBSD 1.5.2 and Solaris 2.5.1, 2.6 and 8.0, and HP-UX 11.
116242ca080fe3b4d62772e05c8a42ee4bd5a826ccb49a7b5aa0ed05b58e5758The R3dstorm Toolkit is a rootkit like utility which hides processes and files and was tested on Red Hat 9.0.
2b31937ef797c0b48a00e99462cb38c25d74fd46d7354bf828532adf1a57b757The Openwall Linux kernel patch is a collection of security "hardening" features for the Linux kernel which can stop most 'cookbook' buffer overflow exploits. The patch can also add more privacy to the system by restricting access to parts of /proc so that users may not see what others are doing. Also tightens down file descriptors 0, 1, and 2, implements process limits and shared memory destruction.
ed2cf0f0331fa312c06bda8d7a5154da3f0532e142d13094457de775afb424feyinyang is a kernel module used to detect a file opening and passes that information to a daemon for action such as logging file transactions, anti-virus checking, and other file activities. Ideal for real-time on-access file scanning.
d203f08bf9f7f8d70175d2752601233678644c81319fd93f6eb776353c2f91d4AQTRONIX Security Advisory AQ-2003-02 - When an HTTP request with the verb TRACK under Microsoft IIS 5.0 is performed, the transaction is not logged. This can lead to the server being utilized for XST attacks along with other tactics for information gathering. Microsoft silently fixed this bug in IIS 6.0.
1cc8f2eec00f14d310835e89c0e3a53b9d47467a9845df76a8e8d4c71dfffb75Local gid=games exploit for xsok v1.0.2 and below that exploits the -xsokdir command line overflow bug.
c3a5c213c08d45eb04fe4e7433752ae2ab219ae36a5b6e16bf72bb3172fb8b95Local gid=games exploit for xsok v1.0.2 and below that will automatically calculate the return address and has improved shellcode. Tested on RedHat 9.0.
3e6e7fbdfeca585aeec422ec95da58f46f9af1e35a26b5de75fcb316a7db05b6Small whitepaper describing the obfuscation algorithm used by Windows 2k/NT/XP Syskey and the steps required to remove its encryption from the password hashes. Tools to automate the process included.
f5f9bec45eda579187a441ef744709a51fad7d1713b89e43530fcc7690bca1d3Adore is a Linux LKM based rootkit for Linux v2.[24]. Features smart PROMISC flag hiding, persistent file and directory hiding (still hidden after reboot), process-hiding, netstat hiding, rootshell-backdoor, and an uninstall routine. Includes a userspace program to control everything.
87dcaf982e1058d9279347cd8fd26d51f9edbfca0e02f19d548cdcddcf6ffaf3TrustSight Security Scanner 6.4 Build 85 is a new version of the web security scanner originally known as the Stealth HTTP Security Scanner. It provides 13,000 http vulnerability checks and runs on Win32 and Linux under Wine.
bf53602f4de0190f7c8493edad2e10e9e4e056e0b2ffe407a484218ee1e1194e
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed