Sample proof of concept exploit that demonstrates the TCP vulnerability discovered by Paul A. Watson.
498554d722ef08c3079f480800919a02ffb8380999bd74b87840cccf1b571e52Rootkit Hunter scans files and systems for known and unknown rootkits, backdoors, and sniffers. The package contains one shell script, a few text-based databases, and optional Perl modules. It should run on almost every Unix clone.
e394d3ac455c255d1c7607e09511ef79614437fb191ef4ea4c73a71e9241e5abkopkop is a daemon that listens for encrypted, signed, and fully random-looking command packets. Only the fields essential for the packets' travel trough the Internet are filled with sane data. Upon reception and after a preset timeout, the daemon executes user-defined commands. This can be used to open firewalls, so you can reduce your system's attack surface by hiding certain services until you need to use them. The included kopkop client creates and sends the encrypted packets. The communication is strictly unidirectional and quite minimal between the client and the server. Replay attacks are forestalled by storing and comparing monotonically increasing packet IDs on both sides.
dcfac1165b23dfff98417a486588a9fe4e6a5350d7f7750d46435db08b4b95edOsiris is a host integrity management system that can be used to monitor changes to a network of hosts over time and report those changes back to the administrator(s). Osiris takes periodic snapshots of the filesystem, configurations, and logs, and stores them on a central management host. When changes are detected, Osiris will log these events and optionally send email to an administrator. Osiris also has preliminary support for monitoring other system data, including user lists, file system details, kernel modules, and network interface configurations.
cc47768301dd94de6f6c1155bc68e83d1434ff7a9ff06f3c745739727ece435bFwlogwatch analyzes the ipchains, netfilter, iptables packet filter, and Cisco logfiles and generates text and HTML summaries. Features realtime anomaly alerting capability, an interactive report generator, and the ability to cut off attacks by adding firewall rules.
d3a68f42cbadfde7a9a26bb7c86d7958f430ad16ac95b9242a032a42475516e9File system investigator is a forensic tool that allows viewing of ReiserFS and EXT2/3. While primarily intended as a forensics tool, it is also useful for Linux users who dual boot with another OS; it allows them to view and extract files from their partitions. Written in Java.
148555dee50322a3e971221b0dbbc7586dd326ef3093e5fee993332a6624ddd3FSlint is a toolkit to find various forms of lint on a filesystem. At the moment it reports duplicate files, bad symbolic links, troublesome file names, empty directories, non stripped executables, temporary files, duplicate/conflicting (binary) names, and unused ext2 directory blocks.
7bcb02f26a17575b3b200eaa5d5191790d9ecac971ee6e1c5b7eb8e435f8baafAnother program that demonstrates the Rose Attack eating up CPU processing time on a Windows 2000 box.
1762446df8362dce6e172db2a60b849b2bc2e6fe8d05cc34f85b83cfd3bb51b5Program that demonstrates the Rose Attack eating up CPU processing time on a Windows 2000 box.
1affe79e6026e065c1e1f74743818f1905a9bd31d0c94f82f8de9b88e54adc91Updated version of the white-paper discussing the Rose Attack method and how sending two parts of a fragmented packet can cause various outcomes to network devices, including denial of service problems.
aa2f2ff730fea23f570e3ae205be9c0e9da54e6c7f83c0637e38973166c67f1aThe SSDT utility makes use of sending spoofed ICMP and UDP traffic to send RSA encrypted files. Both client and server side programs are included.
fc453f28b98740de2e25120c5e2435746b8e0d1c762fe67f570cb5b3917f9c1bpaFileDB version 3.1 suffers from path disclosure and cross site scripting flaws.
d5f47ce4fbc5d389d472a4f2644aa907ce5916533dbd1e734dcb4ffda99b5b1dDiGi WWW Server version Compieuw.1 suffers from a DoS vulnerability due to a malformed URL.
b59f8b508b853385cef1f02cb1e03b73784841a4adaa41136efa8c3c2438f65cTHC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.
f499f533b3049fa5dc11ca68ecca9bed993cb6ce9d9fb59bd12fa40f65f3a98fPHP-Nuke Video Gallery Module version 0.1 Beta 5 is susceptible to full path disclosure and SQL injection attacks.
fe3ff118560c7e9a4f76a80601322a0fa94b9f122ffbe84c9212355bc5ab8523Linux root and Windows NT/2000 Administrator remote exploit for HP Web JetAdmin 6.5.
2313f6c8c3680934ff278d70f97559a0358c9851c286921cd3a616b0ad3e2749Phenoelit Advisory #0815 - Multiple vulnerabilities exist in the HP Web JetAdmin product. Version 6.5 is fully affect. Versions 7.0 and 6.2 and below are partially affected. A vulnerability summary list: Source disclosure of HTS and INC files, real path disclosure of critical files, critical files accessible through web server, user and administrator password disclosure and decryption, user and administrator password replay, and many, many others.
c69f95a71084e7a828d8795c80a234d4f7bda584394ce675667092d629882a14Sample proof of concept exploit that demonstrates the TCP vulnerability discovered by Paul A. Watson. Python version.
80fbb1b75432221e765f2f7267fdcea0bd46642b06db40424528f8dc9503f573Network Query Tool version 1.6 suffers from a cross site scripting and full path disclosure vulnerability.
fa1523d9e83ebd95e254ed0fdedcdbbee7fbc285f5cf83a0945a61cc86b6c446eEye Security Advisory - eEye Digital Security has discovered a severe denial of service vulnerability in the Symantec Client Firewall products for Windows. The vulnerability allows a remote attacker to reliably render a system inoperative with one single packet. Physical access is required in order to bring an affected system out of this "frozen" state. This specific flaw exists within the component that performs low level processing of TCP packets.
145ded9725a9da33875b70d37b0748495d13246a5489f58b4d40c3b08b3d3e92Proof of concept utility that allows spammers to hide behind 'Email a friend/article' scripts.
408ba61c8ace35ca97c3511f317dd27884c0ed193189eecdafd32e35492d65d4Samsung SmartEther switches allow a remote attacker to login as admin without having a correct password. All that is required is that all of the characters that can fit in the buffer for the password be filled.
afe2a7860a1e2e382e42f0ff2b3783ae8f7656865e91fbdfc36859ea6c6103acSample proof of concept exploit that demonstrates the TCP vulnerability discovered by Paul A. Watson. Perl version.
7b8da88a4b120e083cbeadb74aaf609c90eefcbba41d5d768d53613eda9c9800Linux eXtremail versions 1.5.9 and below remote root exploit that makes use of a format string vulnerability in its logging mechanism.
6036e06b4c58e55a423903721dd48a2c313b1ab18a6383129e59eff5587ec24eOpen Bulletin Board versions 1.0.6 and below suffer from cross site scripting, SQL injection, and arbitrary command execution flaws.
e16c00b60f8ba3f4b3b6fd18ee54b24d3774e3df45e73ef6c1f8da73a3fd1158
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed