what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 24 of 24 RSS Feed

Files Date: 2004-05-25

Samhain File Integrity Checker
Posted May 25, 2004
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.

Changes: Fixed compilation problem on AIX 5.2, various other bug fixes, added Windows HOW-TO.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
SHA-256 | 196538799ce48f8d6083757d50e73081299cc378bacc224c2dcebae7a4580180
Publimark Steganographic Tool 0.1.1
Posted May 25, 2004
Authored by Gaetan Le Guelvouit | Site perso.wanadoo.fr

Publimark is a command line tool to secretly embed text in an audio file. Like cryptography, it uses a pair of keys: the public one can be shared, whereas the private one must be kept secret. Anybody can send a steganographic message, but only the private key owner will be able read it. Marked audio files are still playable.

Changes: Improved configure script.
tags | encryption, steganography
SHA-256 | bc96c067bb5ce51d3d1b4245d54bc954f8ae25907bae0fd4b9273bd2717ac1e3
tvark-0.3.tar.gz
Posted May 25, 2004
Authored by Fenris | Site tvark.com

Tvark is a network monitoring tool with a GUI front-end and is tied to a MySQL database. The GUI provides a view of traffic activity that can be seen from the machine/interface that Tvark is run on. What the end user sees is a list of source nodes on the left, destination nodes on the right, and lines drawn, left to right, showing traffic flow. Tvark runs in realtime, meaning the traffic is shown roughly as it happens with a small delay between it and the display being created.

tags | tool, sniffer
SHA-256 | cf2de69dd5655478a433024e5e6ddcf6e99dd625e0c01a96071e9200f4190f27
aexpl-1.2.tar.gz
Posted May 25, 2004
Authored by Enrico Kern | Site h07.org

AntiExploit is a small Perl script that scans for well known exploit files. It currently recognizes over 1400 suspicious files, and the database is updated weekly. Useful for a system that has a lot of shell accounts being used.

Changes: Added a grsecurity exec log analyzer, last Perl release 1.3 will use dazuko and do realtime checks.
tags | shell, perl
systems | unix
SHA-256 | e6d1df85585af18fcb90f03d6c5c20c2cc592659ad66dd582d4099f7d213c24f
snort2pf-3.3.tar.gz
Posted May 25, 2004
Authored by Stephan Schmieder | Site bsd-security.org

Snort2Pf is a small Perl daemon which greps Snort's alertfile and blocks the bad hosts for a given amount of time using pfctl.

Changes: Bug fixes.
tags | tool, perl, sniffer
SHA-256 | 438ba365303935c1d4822a8472364a15a56ff6dce642980908580f29c811abf3
Nmap-Parser-0.77.tar.gz
Posted May 25, 2004
Authored by Anthony G Persaud | Site npx.sourceforge.net

Nmap Parser is a Perl module that simplifies the process of developing scripts and collecting information from the XML nmap scan data, which can be obtained by using nmap's -oX switch or from the file handle of a pipe to an nmap process. It uses the XML twig library for parsing, and supports filters.

tags | tool, perl, nmap
systems | unix
SHA-256 | 17fb34d916e2a5c7843cfafe86d295321a35efe0381aeec466c5a7c0678c2e05
wflogs-0.9.8.tar.gz
Posted May 25, 2004
Authored by Herve Eychenne | Site wallfire.org

Wflogs is a firewall log analysis tool. It can be used to produce a log summary report in plain text, HTML, and XML, or to monitor firewalling logs in real-time. For now, netfilter, ipchains, ipfilter, cisco_pix, cisco_ios, and snort input formats are supported. It is particularly fast when asynchronous DNS resolution is enabled. The goal of the WallFire project is to build a very general and modular firewalling application based on Netfilter or any kind of low-level framework. Wflogs is part of the WallFire project, but can be used independently.

tags | tool, firewall
systems | unix
SHA-256 | 8e13d11758dffc7735b324c4be12e48f6ef1631c08e2dbe48aa4260a742a6701
bash-perassi.patch
Posted May 25, 2004
Authored by Carlo Perassi | Site honeynet.org

bup is a patch for bash that modifies the shell to send all user keystrokes via UDP over the network for collection by a sniffer or a syslogd server. It does not depend on syslogd to send the packets. It is part of the Tools/Data_Capture section of The Honeynet Project.

tags | shell, udp, patch, bash
systems | unix
SHA-256 | f02236b1503011ed1fdfe5d1c49fa9a09a5fce9feda24b025cded4554d76cc9f
rkhunter-1.0.9.tar.gz
Posted May 25, 2004
Authored by Michael Boelen | Site rootkit.nl

Rootkit Hunter scans files and systems for known and unknown rootkits, backdoors, and sniffers. The package contains one shell script, a few text-based databases, and optional Perl modules. It should run on almost every Unix clone.

Changes: Added support for Balaur rootkit, SuSE 9.1, Fedora Core 2, RHEL 3, PCLinux OS, Mandrake 10, along with various other bug fixes and changes.
tags | tool, shell, perl, integrity, rootkit
systems | unix
SHA-256 | a4c2e2d4f5bd6a07a195711c21c8f17f958476c61df2bb22ac923b43c17d09b1
tinyca-0.6.1.tar.gz
Posted May 25, 2004
Authored by Stephan Martin | Site tinyca.sm-zone.net

TinyCA is a simple GUI written in Perl-Gtk to manage a small certification authority. It works as a frontend to OpenSSL. TinyCA lets you manage x509 certificates. It is possible to export data in PEM or DER format for use with servers, as PKCS#12 for use with clients, or as S/MIME certificates for use with email programs. It is also possible to import your own PKCS#10 requests and generate certificates from them. It also lets you create and manage SubCAs for more complex setups. The most important certificate extensions can be configured with the graphical frontend. English and German translations are included.

Changes: Fixed bug which made it impossible to create a new Root CA.
tags | perl, encryption
SHA-256 | 75d3178dc330720a6ebe9f6739dc19397d69948aa03d37bd03616401a22f27d0
mod_ssl-2.8.17-1.3.31.tar.gz
Posted May 25, 2004
Site modssl.org

mod_ssl provides provides strong cryptography for the Apache 1.3 webserver via the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1). It is based on the SSL/TLS toolkit OpenSSL and supports all SSL/TLS related functionality, including RSA and DSA/DH cipher support, X.509 CRL checking, etc. Additionally it provides special Apache related facilities like DBM and shared memory based inter-process SSL session caching. per-URL SSL session renegotiations, DSO support, etc.

Changes: Updated to support Apache 1.3.31.
tags | encryption
SHA-256 | 7feea42e546b3ceb59f8da4485f9006ce4fcbaeebd93500bd2835d31f28f90a0
apache_1.3.31.tar.gz
Posted May 25, 2004
Site apache.org

Apache is the most popular webserver on the Internet, quite possibly the best in terms of security, functionality, efficiency, and speed.

Changes: This release addresses multiple security issues.
systems | unix
advisories | CVE-2003-0987, CVE-2003-0020, CVE-2004-0174, CVE-2003-0993
SHA-256 | 156fe239c825961d426a8b503f6a876b4fb872cd002a53f118e57685fcd8e284
MACOSX.SSHURI.txt
Posted May 25, 2004
Authored by kang | Site insecure.ws

Mac OS X versions 10.3.3 and greater along with various browsers suffer from yet another URI silent code execution flaw using the SSH handler.

tags | advisory, code execution
systems | apple, osx
SHA-256 | c173dc60dc3dcd0f29d58c95ff45eb288a767853fda654b6a75c8906df2a304a
cpanelApache.txt
Posted May 25, 2004
Authored by Rob Brown

The options used by cPanel software to compile Apache 1.3.29 and PHP using the mod_phpsuexec option are flawed and allow any local user to execute arbitrary code as any other user owning a web accessible php file.

tags | advisory, web, arbitrary, local, php
SHA-256 | 958b7c3d603a8a91d715903c8001ca9e73ed468d5964833442f8c7b9303ec0a8
dsa-508.txt
Posted May 25, 2004
Authored by Matt Zimmerman | Site debian.org

Debian Security Advisory DSA 508-1 - Jaguar discovered a vulnerability in one component of xpcd, a PhotoCD viewer. xpcd-svga, part of xpcd which uses svgalib to display graphics on the console, would copy user-supplied data of arbitrary length into a fixed-size buffer in the pcd_open function.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2004-0402
SHA-256 | 933ad9aa3641a27d6c66de69c8de545087b7ec673c070c7da435f57c70450c89
e107.ramsa.txt
Posted May 25, 2004
Site ramsecurity.us

R.A.M. Security Advisory - All versions of e107 have a vulnerability in the user.php file that allows malicious attackers the ability to post cross site scripting or html tags to a website for a member.

tags | advisory, php, xss
SHA-256 | 267412fb6220a6406d117ae380c4a7d40de18ece7e3727e1c5c19947ef2675c2
httprint_win32_202.zip
Posted May 25, 2004
Authored by Saumil Shah | Site net-square.com

httprint is a web server fingerprinting tool. It relies on web server characteristics to accurately identify web servers, despite the fact that they may have been obfuscated by changing the server banner strings, or by plug-ins such as mod_security or servermask. httprint can also be used to detect web enabled devices which do not have a server banner string, such as wireless access points, routers, switches, cable modems, etc. httprint uses text signature strings and it is very easy to add signatures to the signature database. httprint can import web servers from nmap network scans, if they are saved in XML format. The current version adds the ability to save reports in CSV and XML formats, and features a completely new method of scoring by confidence ratings to minimize false positives. This version is the Windows release.

Changes: Version 202 has a completely rewritten engine, internally, to increase efficiency and portability across platforms. A minor feature enhancement in version 202 is the ability to automatically follow 301 and 302 redirections.
tags | web
systems | windows
SHA-256 | 28dad18a8aa0c5ccd405f7dc4a7d701cf9a34ff7cc976e108db579a97aca89c4
httprint_macosx_202.zip
Posted May 25, 2004
Authored by Saumil Shah | Site net-square.com

httprint is a web server fingerprinting tool. It relies on web server characteristics to accurately identify web servers, despite the fact that they may have been obfuscated by changing the server banner strings, or by plug-ins such as mod_security or servermask. httprint can also be used to detect web enabled devices which do not have a server banner string, such as wireless access points, routers, switches, cable modems, etc. httprint uses text signature strings and it is very easy to add signatures to the signature database. httprint can import web servers from nmap network scans, if they are saved in XML format. The current version adds the ability to save reports in CSV and XML formats, and features a completely new method of scoring by confidence ratings to minimize false positives. This version is the Mac OS-X release.

Changes: Version 202 has a completely rewritten engine, internally, to increase efficiency and portability across platforms. A minor feature enhancement in version 202 is the ability to automatically follow 301 and 302 redirections.
tags | tool, web, scanner
systems | unix, apple, osx
SHA-256 | fd34462a1cb921ecf5aed244e7633f95a0808058aa56a91069e6b28ae50f7680
httprint_freebsd_202.zip
Posted May 25, 2004
Authored by Saumil Shah | Site net-square.com

httprint is a web server fingerprinting tool. It relies on web server characteristics to accurately identify web servers, despite the fact that they may have been obfuscated by changing the server banner strings, or by plug-ins such as mod_security or servermask. httprint can also be used to detect web enabled devices which do not have a server banner string, such as wireless access points, routers, switches, cable modems, etc. httprint uses text signature strings and it is very easy to add signatures to the signature database. httprint can import web servers from nmap network scans, if they are saved in XML format. The current version adds the ability to save reports in CSV and XML formats, and features a completely new method of scoring by confidence ratings to minimize false positives. This version is the FreeBSD release.

Changes: Version 202 has a completely rewritten engine, internally, to increase efficiency and portability across platforms. A minor feature enhancement in version 202 is the ability to automatically follow 301 and 302 redirections.
tags | tool, web, scanner
systems | unix, freebsd
SHA-256 | a29d163083835e04f3ac34d48e56fcbc39f8f5cc7c18ea0d79acbfd4686fbc7b
httprint_linux_202.zip
Posted May 25, 2004
Authored by Saumil Shah | Site net-square.com

httprint is a web server fingerprinting tool. It relies on web server characteristics to accurately identify web servers, despite the fact that they may have been obfuscated by changing the server banner strings, or by plug-ins such as mod_security or servermask. httprint can also be used to detect web enabled devices which do not have a server banner string, such as wireless access points, routers, switches, cable modems, etc. httprint uses text signature strings and it is very easy to add signatures to the signature database. httprint can import web servers from nmap network scans, if they are saved in XML format. The current version adds the ability to save reports in CSV and XML formats, and features a completely new method of scoring by confidence ratings to minimize false positives. This version is the Linux release.

Changes: Version 202 has a completely rewritten engine, internally, to increase efficiency and portability across platforms. A minor feature enhancement in version 202 is the ability to automatically follow 301 and 302 redirections.
tags | tool, web, scanner
systems | linux, unix
SHA-256 | 3abdeb0ba0bc07b69489438ae6647d34460512df310036ac0f7ce7785a824e2f
netgearURI.txt
Posted May 25, 2004
Authored by Marc Ruef | Site computec.ch

Netgear RP114 devices, and possibly other related Netgear hardware, have a URI filtering bypass vulnerability when the URI being evaluated is larger than 220 bytes long.

tags | advisory, bypass
SHA-256 | 7c2791d42f4fe25ac35ea87b471ff12f43f5d2022deaf13d5ef51f4d2621d65f
nmapgrep-0.2.c
Posted May 25, 2004
Authored by blh | Site blh.se

nmapgrep is a small tool customized to grep regular expression patterns from a nmap log file and output the IP addresses that match the pattern.

Changes: Improved matching code.
tags | tool, nmap
systems | unix
SHA-256 | fee7b6368d25712423e3f5c6f72366c8809222691257594176a7019b4973204e
microsoft.owned.jpg
Posted May 25, 2004

Amusing graphic of Microsoft's UK web site getting compromised and defaced again in May, 2004.

tags | web
systems | unix
SHA-256 | edb2ed3493028fcae986a0d3855973827917f057e0b23a9a519176ced4557a53
The_Basics_of_Shellcoding.pdf
Posted May 25, 2004
Authored by Angelo Rosiello, rosiello | Site rosiello.org

White paper discussing the basics of shellcoding, a quick overview of assembly, and usage of shellcodes.

tags | shellcode
SHA-256 | 91df4a2a5aa6a6b5d59ad6bb47315c025fe3c9ede801c8998cd641028cfa2e6a
Page 1 of 1
Back1Next

File Archive:

August 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    20 Files
  • 2
    Aug 2nd
    4 Files
  • 3
    Aug 3rd
    6 Files
  • 4
    Aug 4th
    55 Files
  • 5
    Aug 5th
    16 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    13 Files
  • 9
    Aug 9th
    13 Files
  • 10
    Aug 10th
    34 Files
  • 11
    Aug 11th
    16 Files
  • 12
    Aug 12th
    5 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close