Sample proof of concept exploit that demonstrates the TCP vulnerability discovered by Paul A. Watson.
2edd0e1dafca116fdae393cd4f64c383
Rootkit Hunter scans files and systems for known and unknown rootkits, backdoors, and sniffers. The package contains one shell script, a few text-based databases, and optional Perl modules. It should run on almost every Unix clone.
0016af0e5ca9aa486cad90508cf47636
kopkop is a daemon that listens for encrypted, signed, and fully random-looking command packets. Only the fields essential for the packets' travel trough the Internet are filled with sane data. Upon reception and after a preset timeout, the daemon executes user-defined commands. This can be used to open firewalls, so you can reduce your system's attack surface by hiding certain services until you need to use them. The included kopkop client creates and sends the encrypted packets. The communication is strictly unidirectional and quite minimal between the client and the server. Replay attacks are forestalled by storing and comparing monotonically increasing packet IDs on both sides.
8b2ac0ae680bba4a7e01160c80adfd5e
Osiris is a host integrity management system that can be used to monitor changes to a network of hosts over time and report those changes back to the administrator(s). Osiris takes periodic snapshots of the filesystem, configurations, and logs, and stores them on a central management host. When changes are detected, Osiris will log these events and optionally send email to an administrator. Osiris also has preliminary support for monitoring other system data, including user lists, file system details, kernel modules, and network interface configurations.
9a342b5dc1a44ff66300bc651ef1a86d
Fwlogwatch analyzes the ipchains, netfilter, iptables packet filter, and Cisco logfiles and generates text and HTML summaries. Features realtime anomaly alerting capability, an interactive report generator, and the ability to cut off attacks by adding firewall rules.
7fff74be5a5c6277b771f6d963e3ac7e
File system investigator is a forensic tool that allows viewing of ReiserFS and EXT2/3. While primarily intended as a forensics tool, it is also useful for Linux users who dual boot with another OS; it allows them to view and extract files from their partitions. Written in Java.
6f6aab5bd77a4f8cce72a74de8011766
FSlint is a toolkit to find various forms of lint on a filesystem. At the moment it reports duplicate files, bad symbolic links, troublesome file names, empty directories, non stripped executables, temporary files, duplicate/conflicting (binary) names, and unused ext2 directory blocks.
c78a230c46a49d95fb8f29eec1723bcb
Another program that demonstrates the Rose Attack eating up CPU processing time on a Windows 2000 box.
c71f6be9ef9b5b7e9aaaa903c83d697c
Program that demonstrates the Rose Attack eating up CPU processing time on a Windows 2000 box.
abe79cdc4e802902cbc75e03bd7f4406
Updated version of the white-paper discussing the Rose Attack method and how sending two parts of a fragmented packet can cause various outcomes to network devices, including denial of service problems.
e5f32812c903e7589ac5aedaa9125b14
The SSDT utility makes use of sending spoofed ICMP and UDP traffic to send RSA encrypted files. Both client and server side programs are included.
c2d0886b3cb90281ed14b89fbd74f000
paFileDB version 3.1 suffers from path disclosure and cross site scripting flaws.
cae8846cd34224d112651b525dbbc79d
DiGi WWW Server version Compieuw.1 suffers from a DoS vulnerability due to a malformed URL.
10aed3b00ae6eea78f8f8d5e157fb1ab
THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.
858e0b049fed9dcf06c7c8d052579f69
PHP-Nuke Video Gallery Module version 0.1 Beta 5 is susceptible to full path disclosure and SQL injection attacks.
54acb3d8866b74c2e6d1ec256608e9d9
Linux root and Windows NT/2000 Administrator remote exploit for HP Web JetAdmin 6.5.
5cd19d9db75680df1b4b9a5cd6ca9642
Phenoelit Advisory #0815 - Multiple vulnerabilities exist in the HP Web JetAdmin product. Version 6.5 is fully affect. Versions 7.0 and 6.2 and below are partially affected. A vulnerability summary list: Source disclosure of HTS and INC files, real path disclosure of critical files, critical files accessible through web server, user and administrator password disclosure and decryption, user and administrator password replay, and many, many others.
e3e5f8476c574e691368a1f5161fc720
Sample proof of concept exploit that demonstrates the TCP vulnerability discovered by Paul A. Watson. Python version.
46637e58111353af9ab2dffa5ac6e5a3
Network Query Tool version 1.6 suffers from a cross site scripting and full path disclosure vulnerability.
d1445060688487a6f6a63d4c18dc813c
eEye Security Advisory - eEye Digital Security has discovered a severe denial of service vulnerability in the Symantec Client Firewall products for Windows. The vulnerability allows a remote attacker to reliably render a system inoperative with one single packet. Physical access is required in order to bring an affected system out of this "frozen" state. This specific flaw exists within the component that performs low level processing of TCP packets.
1a8e0db404df2e472bc8537292e8ae07
Proof of concept utility that allows spammers to hide behind 'Email a friend/article' scripts.
d783acb164cd32b285bf1b360c237a1b
Samsung SmartEther switches allow a remote attacker to login as admin without having a correct password. All that is required is that all of the characters that can fit in the buffer for the password be filled.
3960756959bce9934971104a4c4533b7
Sample proof of concept exploit that demonstrates the TCP vulnerability discovered by Paul A. Watson. Perl version.
35eafe0e58f3157a7d65afbb26e29c04
Linux eXtremail versions 1.5.9 and below remote root exploit that makes use of a format string vulnerability in its logging mechanism.
eb165abefc04759a78ee48e3da5a316d
Open Bulletin Board versions 1.0.6 and below suffer from cross site scripting, SQL injection, and arbitrary command execution flaws.
d312d326fb6de5ac0f588ae4da200302