Packet Storm new exploits for August, 2004.
23a4c0e2fc061340844db15906f88155421b2ed0ad38202ceeb8256553e209fcRootkit Hunter scans files and systems for known and unknown rootkits, backdoors, and sniffers. The package contains one shell script, a few text-based databases, and optional Perl modules. It should run on almost every Unix variety except Solaris and NetBSD.
61178c2481dc83ac450af064ef072dcd6a76d5ce4df0af6fa657b7ec33feeafeList of the most known backdoors and the ports they use. It has 130 different trojans and more than 150 ports listed.
c0ca6e5af2ea2bc12bb290309372e81c364d8109c1d25218f4e4c52443f89292White paper discussing Windows trojans. Written for newbie home PC users.
33f7db9373b30ae302e7ee598301369005f836114516b5f2ed62e23b3a46a86aAn analysis of the Klez worm listing all the steps that it takes.
f2c65ec510c5523d748d5d277a63219df67263954663d1d20fdfc5ad9b1abcfcThis paper explains a technique of cracking any kind of raw encryption using word patterns, without the conventional key combination trying.
dce740abf0c17e037fbd17ff6fb1e118ffc53ede465268b5bbfa137c109d6cc4White paper explaining how to try and bypass detection from antivirus software by recompiling the same code with a few minor changes.
ed996b12d0f2df8baf46b0eb9266cbde4f7134bafe3dd50cd775fe7dd5ff08c9sishell is a reverse (connecting) shellcode kit for x86 Linux, FreeBSD, NetBSD and OpenBSD. It generates both regular shellcode without NULLs and stand-alone ELF executables. sishell is distributed with a Makefile system, a custom ELF brander (brandelf) and a C example code generator. sishell is distributed under the MIT License.
eb3226fcdde43122beef233db2fe7fa8429b08bce8d263a6fc202949daf66992gwee, or Generic Web Exploitation Engine, is a small program written in C designed to exploit input validation vulnerabilities in web scripts, such as Perl CGIs, PHP, etc. gwee is much like an exploit, except more general-purpose. It features several reverse connecting shellcodes, 4 methods of injection, and a built-in HTTP/HTTPS client and server. gwee is distributed under the MIT License. The Perl and Python shellcodes were written by Sabu.
5b057dc779cbc8e9e663251dac2448b253002f74a9570a2e50b915bf2bed149bsbd is a Netcat-clone, designed to be portable and offer strong encryption. It runs on Unix-like operating systems and on Microsoft Win32. sbd features AES-128-CBC + HMAC-SHA1 encryption (by Christophe Devine), program execution (-e option), choosing source port, continuous reconnection with delay, and some other nice features. Only TCP/IP communication is supported. Source code and binaries are distributed under the GNU General Public License.
6c8d26a05fe91f44aa4b406966355f89c4057c883dadf7ad576fd9c45decae7bSecunia Security Advisory - A vulnerability has been reported in Samba 2.x, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error within the handling of client printer change notification requests. This can be exploited to crash smbd by sending a FindNextPrintChangeNotify() request without first sending a FindFirstPrintChangeNotify() request.
ee130cef4b714074de9166bee757621997f1bf5ef4e3f7f7b228aaffbbd958bbImpost is a multi-purpose scriptable network protocol security auditing tool designed for analyzing network attacks and exploitations while operating as a honey pot or packet sniffer.
bd3addabda41e3c106b700d49400af1d4be939a8b0c8e41d4302e5cd59ec0c20Secunia Security Advisory - A security issue has been reported in Smart Guest Book 2.x, which may allow malicious people to gain knowledge of sensitive information. The problem is that the database file SmartGuestBook.mdb by default is accessible by anyone. This may disclose various information including the administrative username and password by downloading the file from an affected web site.
b955a6994768bd799bfa35a4596aa97312a1d5f066225ce9b7d05858ff62ef93A vulnerability has been found in WS_FTP Server version 5.0.2. The problem is in the module handling the file path parsing.
0e9084f43b4dd2a738430735be464461a912bebcc7ffe06033f3e6e2a76d5da7Remote exploit that will change an IP address for the D-Link DCS-900 IP camera, due to the fact that it listens for a 62976/udp broadcast packet telling it what IP address to use without any authentication.
80731a57a2cea9ecb8dd3acadf07b2de5a77b44a1815266951ba9d93b953b1aaCute news versions 1.3.6 and below have a world writable news.txt file that allows for site defacement.
888f182df2b68a165e3e0b213cb4ae41f1446894967a95da68b89f850e712485Gentoo Linux Security Advisory GLSA 200408-27 - Gaim versions below 0.81-r5 contain several security issues that might allow an attacker to execute arbitrary code or commands.
b60403c853c18a5c0b61329b35794b50f6e063580ecc1b96de4158dca60f75f3skl0g is a simple and compact keylogger for Windows. It runs invisibly and effectively. It logs everything that is typed at the computer and saves them in log files according to the date.
17c563fff95bddddea1a4b94071044a54181dfeb472a96552590df349f6134adRemote exploit for Citadel/UX versions 6.23 and below that makes use of the USER directive overflow. Successful exploitation adds an account in /etc/passwd.
49c652bb47321274ba36227f601c86fc98a4cb2b83fcc5e9942bc5c64a9773adSecunia Security Advisory - A vulnerability in Netscape can be exploited by malicious people to conduct phishing attacks. The problem is caused due to errors in the displaying of Java applets in a window when multiple tabs are used. This can be exploited to spoof the content of a HTML document from another HTML document being in a different tab. The vulnerability has been confirmed in Netscape 7.2 on Mac OS X 10.3.5.
c156bfd1618a6dc5ad052d0844d49de260fde926b32357fee71f463e842dafaeSecunia Security Advisory - A vulnerability in Network Everywhere Cable/DSL 4-Port Router NR041 allows malicious people to conduct script insertion attacks.
9a112b13d4c700c53499ba70b67a09d6ae6736e143c97ef7195074e130d0e605nabou is a Perl script which can be used to monitor changes to your system. It provides file integrity checking, and can also watch crontabs, suid files and user accounts for changes. It stores all data in standard dbm databases.
a6700ded216f2f75fd7c1d5e56fcc6ceccb24db60b571db51d3f34b57eda28c3iptables is the new packet alteration framework (firewall utility) for Linux 2.4. It is an enhancement on ipchains, and is used to control packet filtering, Network Address Translation (masquerading, port forwarding, transparent proxying), and special effects.
be7bd67232fddbe3ce81f40f5b79123380a2e67cd166ec06e650842f8acb373dNmap Parser is a Perl module that simplifies the process of developing scripts and collecting information from the XML nmap scan data, which can be obtained by using nmap's -oX switch or from the file handle of a pipe to an nmap process. It uses the XML twig library for parsing, and supports filters.
12b1c24b3e86ca3aa2c20405f18056e443c224e8d90a77cccfd9aeb3b3348db7RFC (Remote Filesystem Checker) is a set of scripts that aims to help system administrators run a filesystem checker (like tripwire, aide, etc.) from a master-node to several slave-nodes using ssh, scp, sudo, and few other common shell commands.
d44a76febd0400f975eeecda7d4a61a9cdf8fa8cce822786c156192af1fe4200
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed