Exploit the possiblities
Showing 1 - 24 of 24 RSS Feed

Files Date: 2004-05-25

Samhain File Integrity Checker
Posted May 25, 2004
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.

Changes: Fixed compilation problem on AIX 5.2, various other bug fixes, added Windows HOW-TO.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
MD5 | 046158552b564df10b2de4ff0b492332
Publimark Steganographic Tool 0.1.1
Posted May 25, 2004
Authored by Gaetan Le Guelvouit | Site perso.wanadoo.fr

Publimark is a command line tool to secretly embed text in an audio file. Like cryptography, it uses a pair of keys: the public one can be shared, whereas the private one must be kept secret. Anybody can send a steganographic message, but only the private key owner will be able read it. Marked audio files are still playable.

Changes: Improved configure script.
tags | encryption, steganography
MD5 | 3db15c3bfdfa106bfcb8c01611079f12
tvark-0.3.tar.gz
Posted May 25, 2004
Authored by Fenris | Site tvark.com

Tvark is a network monitoring tool with a GUI front-end and is tied to a MySQL database. The GUI provides a view of traffic activity that can be seen from the machine/interface that Tvark is run on. What the end user sees is a list of source nodes on the left, destination nodes on the right, and lines drawn, left to right, showing traffic flow. Tvark runs in realtime, meaning the traffic is shown roughly as it happens with a small delay between it and the display being created.

tags | tool, sniffer
MD5 | b0d3ece87007dbc28f4c63dda304d117
aexpl-1.2.tar.gz
Posted May 25, 2004
Authored by Enrico Kern | Site h07.org

AntiExploit is a small Perl script that scans for well known exploit files. It currently recognizes over 1400 suspicious files, and the database is updated weekly. Useful for a system that has a lot of shell accounts being used.

Changes: Added a grsecurity exec log analyzer, last Perl release 1.3 will use dazuko and do realtime checks.
tags | shell, perl
systems | unix
MD5 | 68c15fb75e8a9a2f183d5b09fae444d6
snort2pf-3.3.tar.gz
Posted May 25, 2004
Authored by Stephan Schmieder | Site bsd-security.org

Snort2Pf is a small Perl daemon which greps Snort's alertfile and blocks the bad hosts for a given amount of time using pfctl.

Changes: Bug fixes.
tags | tool, perl, sniffer
MD5 | bd1c5b046fbebc2009da71f4cc6ed39d
Nmap-Parser-0.77.tar.gz
Posted May 25, 2004
Authored by Anthony G Persaud | Site npx.sourceforge.net

Nmap Parser is a Perl module that simplifies the process of developing scripts and collecting information from the XML nmap scan data, which can be obtained by using nmap's -oX switch or from the file handle of a pipe to an nmap process. It uses the XML twig library for parsing, and supports filters.

tags | tool, perl, nmap
systems | unix
MD5 | ea993ae051f59fbb2fb4048e2cfe9849
wflogs-0.9.8.tar.gz
Posted May 25, 2004
Authored by Herve Eychenne | Site wallfire.org

Wflogs is a firewall log analysis tool. It can be used to produce a log summary report in plain text, HTML, and XML, or to monitor firewalling logs in real-time. For now, netfilter, ipchains, ipfilter, cisco_pix, cisco_ios, and snort input formats are supported. It is particularly fast when asynchronous DNS resolution is enabled. The goal of the WallFire project is to build a very general and modular firewalling application based on Netfilter or any kind of low-level framework. Wflogs is part of the WallFire project, but can be used independently.

tags | tool, firewall
systems | unix
MD5 | cee2ac33ca3c284f9253b492f793624c
bash-perassi.patch
Posted May 25, 2004
Authored by Carlo Perassi | Site honeynet.org

bup is a patch for bash that modifies the shell to send all user keystrokes via UDP over the network for collection by a sniffer or a syslogd server. It does not depend on syslogd to send the packets. It is part of the Tools/Data_Capture section of The Honeynet Project.

tags | shell, udp, patch, bash
systems | unix
MD5 | b07577f07aa49fc5a61988221cb2f836
rkhunter-1.0.9.tar.gz
Posted May 25, 2004
Authored by Michael Boelen | Site rootkit.nl

Rootkit Hunter scans files and systems for known and unknown rootkits, backdoors, and sniffers. The package contains one shell script, a few text-based databases, and optional Perl modules. It should run on almost every Unix clone.

Changes: Added support for Balaur rootkit, SuSE 9.1, Fedora Core 2, RHEL 3, PCLinux OS, Mandrake 10, along with various other bug fixes and changes.
tags | tool, shell, perl, integrity, rootkit
systems | unix
MD5 | ef2eff5b8eafb781cb6080913105e6c7
tinyca-0.6.1.tar.gz
Posted May 25, 2004
Authored by Stephan Martin | Site tinyca.sm-zone.net

TinyCA is a simple GUI written in Perl-Gtk to manage a small certification authority. It works as a frontend to OpenSSL. TinyCA lets you manage x509 certificates. It is possible to export data in PEM or DER format for use with servers, as PKCS#12 for use with clients, or as S/MIME certificates for use with email programs. It is also possible to import your own PKCS#10 requests and generate certificates from them. It also lets you create and manage SubCAs for more complex setups. The most important certificate extensions can be configured with the graphical frontend. English and German translations are included.

Changes: Fixed bug which made it impossible to create a new Root CA.
tags | perl, encryption
MD5 | a4a324091d861b58d4148edec9240528
mod_ssl-2.8.17-1.3.31.tar.gz
Posted May 25, 2004
Site modssl.org

mod_ssl provides provides strong cryptography for the Apache 1.3 webserver via the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1). It is based on the SSL/TLS toolkit OpenSSL and supports all SSL/TLS related functionality, including RSA and DSA/DH cipher support, X.509 CRL checking, etc. Additionally it provides special Apache related facilities like DBM and shared memory based inter-process SSL session caching. per-URL SSL session renegotiations, DSO support, etc.

Changes: Updated to support Apache 1.3.31.
tags | encryption
MD5 | 6c3f726b336f497793567591717d2a6b
apache_1.3.31.tar.gz
Posted May 25, 2004
Site apache.org

Apache is the most popular webserver on the Internet, quite possibly the best in terms of security, functionality, efficiency, and speed.

Changes: This release addresses multiple security issues.
systems | unix
advisories | CVE-2003-0987, CVE-2003-0020, CVE-2004-0174, CVE-2003-0993
MD5 | bd548a06ac48dda496b4e613572bb020
MACOSX.SSHURI.txt
Posted May 25, 2004
Authored by kang | Site insecure.ws

Mac OS X versions 10.3.3 and greater along with various browsers suffer from yet another URI silent code execution flaw using the SSH handler.

tags | advisory, code execution
systems | apple, osx
MD5 | 43c14820da5ad7432988ed2bc8ec7c7d
cpanelApache.txt
Posted May 25, 2004
Authored by Rob Brown

The options used by cPanel software to compile Apache 1.3.29 and PHP using the mod_phpsuexec option are flawed and allow any local user to execute arbitrary code as any other user owning a web accessible php file.

tags | advisory, web, arbitrary, local, php
MD5 | 7b88b68b4fa4d957d1bd9e593e8fb0ce
dsa-508.txt
Posted May 25, 2004
Authored by Matt Zimmerman | Site debian.org

Debian Security Advisory DSA 508-1 - Jaguar discovered a vulnerability in one component of xpcd, a PhotoCD viewer. xpcd-svga, part of xpcd which uses svgalib to display graphics on the console, would copy user-supplied data of arbitrary length into a fixed-size buffer in the pcd_open function.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2004-0402
MD5 | 230dc02db9771dfbfeb854cb7f69cf59
e107.ramsa.txt
Posted May 25, 2004
Site ramsecurity.us

R.A.M. Security Advisory - All versions of e107 have a vulnerability in the user.php file that allows malicious attackers the ability to post cross site scripting or html tags to a website for a member.

tags | advisory, php, xss
MD5 | 54e918b831480f28fe959ad7a1a46a85
httprint_win32_202.zip
Posted May 25, 2004
Authored by Saumil Shah | Site net-square.com

httprint is a web server fingerprinting tool. It relies on web server characteristics to accurately identify web servers, despite the fact that they may have been obfuscated by changing the server banner strings, or by plug-ins such as mod_security or servermask. httprint can also be used to detect web enabled devices which do not have a server banner string, such as wireless access points, routers, switches, cable modems, etc. httprint uses text signature strings and it is very easy to add signatures to the signature database. httprint can import web servers from nmap network scans, if they are saved in XML format. The current version adds the ability to save reports in CSV and XML formats, and features a completely new method of scoring by confidence ratings to minimize false positives. This version is the Windows release.

Changes: Version 202 has a completely rewritten engine, internally, to increase efficiency and portability across platforms. A minor feature enhancement in version 202 is the ability to automatically follow 301 and 302 redirections.
tags | web
systems | windows
MD5 | 20bc7ccb135a893b243cf4ebf624a8a1
httprint_macosx_202.zip
Posted May 25, 2004
Authored by Saumil Shah | Site net-square.com

httprint is a web server fingerprinting tool. It relies on web server characteristics to accurately identify web servers, despite the fact that they may have been obfuscated by changing the server banner strings, or by plug-ins such as mod_security or servermask. httprint can also be used to detect web enabled devices which do not have a server banner string, such as wireless access points, routers, switches, cable modems, etc. httprint uses text signature strings and it is very easy to add signatures to the signature database. httprint can import web servers from nmap network scans, if they are saved in XML format. The current version adds the ability to save reports in CSV and XML formats, and features a completely new method of scoring by confidence ratings to minimize false positives. This version is the Mac OS-X release.

Changes: Version 202 has a completely rewritten engine, internally, to increase efficiency and portability across platforms. A minor feature enhancement in version 202 is the ability to automatically follow 301 and 302 redirections.
tags | tool, web, scanner
systems | unix, apple, osx
MD5 | d1ff19c607b8cfe237d2a15bcbfe05b1
httprint_freebsd_202.zip
Posted May 25, 2004
Authored by Saumil Shah | Site net-square.com

httprint is a web server fingerprinting tool. It relies on web server characteristics to accurately identify web servers, despite the fact that they may have been obfuscated by changing the server banner strings, or by plug-ins such as mod_security or servermask. httprint can also be used to detect web enabled devices which do not have a server banner string, such as wireless access points, routers, switches, cable modems, etc. httprint uses text signature strings and it is very easy to add signatures to the signature database. httprint can import web servers from nmap network scans, if they are saved in XML format. The current version adds the ability to save reports in CSV and XML formats, and features a completely new method of scoring by confidence ratings to minimize false positives. This version is the FreeBSD release.

Changes: Version 202 has a completely rewritten engine, internally, to increase efficiency and portability across platforms. A minor feature enhancement in version 202 is the ability to automatically follow 301 and 302 redirections.
tags | tool, web, scanner
systems | unix, freebsd
MD5 | 6997fdda9a1ad62f335dc8e6f61fac86
httprint_linux_202.zip
Posted May 25, 2004
Authored by Saumil Shah | Site net-square.com

httprint is a web server fingerprinting tool. It relies on web server characteristics to accurately identify web servers, despite the fact that they may have been obfuscated by changing the server banner strings, or by plug-ins such as mod_security or servermask. httprint can also be used to detect web enabled devices which do not have a server banner string, such as wireless access points, routers, switches, cable modems, etc. httprint uses text signature strings and it is very easy to add signatures to the signature database. httprint can import web servers from nmap network scans, if they are saved in XML format. The current version adds the ability to save reports in CSV and XML formats, and features a completely new method of scoring by confidence ratings to minimize false positives. This version is the Linux release.

Changes: Version 202 has a completely rewritten engine, internally, to increase efficiency and portability across platforms. A minor feature enhancement in version 202 is the ability to automatically follow 301 and 302 redirections.
tags | tool, web, scanner
systems | linux, unix
MD5 | 476c221eb1db20edfb79d23b00231b6c
netgearURI.txt
Posted May 25, 2004
Authored by Marc Ruef | Site computec.ch

Netgear RP114 devices, and possibly other related Netgear hardware, have a URI filtering bypass vulnerability when the URI being evaluated is larger than 220 bytes long.

tags | advisory, bypass
MD5 | ce323745796bf51d574d7ce28c0c46e4
nmapgrep-0.2.c
Posted May 25, 2004
Authored by blh | Site blh.se

nmapgrep is a small tool customized to grep regular expression patterns from a nmap log file and output the IP addresses that match the pattern.

Changes: Improved matching code.
tags | tool, nmap
systems | unix
MD5 | 3c059eee4c8c80ea5e4377883be67349
microsoft.owned.jpg
Posted May 25, 2004

Amusing graphic of Microsoft's UK web site getting compromised and defaced again in May, 2004.

tags | web
systems | unix
MD5 | 4badced47cc58f6ea4dab74f208e6cf8
The_Basics_of_Shellcoding.pdf
Posted May 25, 2004
Authored by Angelo Rosiello, rosiello | Site rosiello.org

White paper discussing the basics of shellcoding, a quick overview of assembly, and usage of shellcodes.

tags | shellcode
MD5 | 031e3f6436729d7dc26876fe8c86b548
Page 1 of 1
Back1Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

January 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    2 Files
  • 2
    Jan 2nd
    13 Files
  • 3
    Jan 3rd
    16 Files
  • 4
    Jan 4th
    39 Files
  • 5
    Jan 5th
    26 Files
  • 6
    Jan 6th
    40 Files
  • 7
    Jan 7th
    2 Files
  • 8
    Jan 8th
    16 Files
  • 9
    Jan 9th
    25 Files
  • 10
    Jan 10th
    28 Files
  • 11
    Jan 11th
    44 Files
  • 12
    Jan 12th
    32 Files
  • 13
    Jan 13th
    2 Files
  • 14
    Jan 14th
    4 Files
  • 15
    Jan 15th
    31 Files
  • 16
    Jan 16th
    15 Files
  • 17
    Jan 17th
    16 Files
  • 18
    Jan 18th
    24 Files
  • 19
    Jan 19th
    7 Files
  • 20
    Jan 20th
    0 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    0 Files
  • 25
    Jan 25th
    0 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close