Lookout version 1.1 is a Windows tool which raw access to data sent over a TCP connection, allowing the inspection of protocols and the testing of buffers. Lookout connects to a foreign host's port and allows you to communicates with the host. Alternatively, Lookout can listen on a port and wait for another host to connect. Once connected, you can send raw data (including an option for a variable-length string) to the remote host. Screenshot here.
75ebec7ff7223085038e27c0bc23ac3ed03a887cc264661362d625bc18fa3170
Exploit for vulnerabilities in sendmail 8.8.8 which hijacks incoming mail and saves it in /tmp.
bafadc740b0a5f08f59f80e1deefd74e1785d438413907c07207f431886905b3
Mason is a tool that interactively builds a firewall using Linux' ipfwadm or ipchains firewalling. You leave mason running on the firewall machine while you are making all the kinds of connections that you want the firewall to support (and want it to block). Mason gives you a list of firewall rules that exactly allow and block those connections. It can either build a firewall from scratch for you or supplement an existing firewall.
f5c69d54788edabd7b26d213b7378984dfa81aa8f5258db04bae85bab91da6e5
Caldera Advisory - Versions of pine prior to 4.21 had a security problem when viewing URLs. Sending an email with a specially formatted URL embedded in it, an attacker could cause arbitrary shell code to be executed under the account of the victim user.
236cb5d6ada3c83705571621e9792293e6fe09111cd3332b8b9f8247f4b27cdb
Caldera Advisory - On Linux, most services do not log informational or error messages to their own files, but use the system log daemon, syslogd, for this. Unfortunately, the current syslogd has a problem by which any user on the local host can mount a denial of service attack that effectively stops all logging. Since all programs that want to send logging information to syslogd block until they're able to establish a connection to syslogd, this will make programs such as login, su, sendmail, telnetd, etc hang indefinitely.
75929757a539f9c77ec0d45380c414e5e913c577a894aafb8b777163e277b75b
Red Hat, Inc. Security Advisory - Denial of service attack in syslogd.
6c2ee480c3d97bb8092c8dca66c25e27a83226f20dc5fc9a0cfd37d6c0344224
syslog-ng as the name shows is a syslogd replacement, but with new functionality for the new generation. The original syslogd allows messages only to be sorted based on priority/facility pair, syslog-ng adds the possibility to filter based on message contents using regular expressions. The new configuration scheme is intuitive and powerful.
e42bc07a798bebba9f783c4d1dee52c4a33c8f24c32f2d51831757e810abe487
Integrated FTP attack facility. Remote exploit for wu-ftpd 2.5.0. Explains how to find the offset if you have the binary, and includes offsets for Redhat 6, Redhat 5.1, Redhat 5.2, and Debian 2.1.
5f3e182f8921a74a73a9d092c32adf6a628d50cdd4fa2d0665dc1ffb78405e19
Local denial of service against syslog 1.3.
d9f8b62e1fbc6cc30a10e8f39ca2ee1f949f9d7ea463a3663cc0475c6be4cdc2
First public release of Q - a client / server backdoor with strong (256 bit AES) encryption for remote shell access. Also supports encrypted tcp relay/bouncer server that supports normal clients (with a local encryption tunneling daemon). Includes stealth features like activation via raw packets, syslog spoofing, and single-session servers that prevent it from appearing in netstat.
d7265225af4406ffa7e288ab5319b6ec454cdc37a2b202d271b4a02a5c08f0de
SuSE Security Announcement: bind8 here.
e9ff1adacc050405b9af047443d0fbd7e678cadfffa955f09d04d0898099bba3
The Vermillion ftp daemon (VFTPD) version 1.23 has a remote DOS attack. Example included.
364eb73941cc98cd5a2bce052f4c3f604902f79f987368276c4c0288d9a0028c
Hping is a software to do TCP/IP stack auditing, to uncover firewall policy, to scan TCP port in a lot of different modes, to transfer files accross a firewall, test network performance, test of TOS is handled, etc.
c19bda14665db021f54abe130046c9840e62b27b23c0ed336b2a606781558a42
CGI vulnerability found in meta.pl that allows a remote user.to view files on the system as the UID of the httpd server.
b7f7521aa7e1a5c8863f05860d8a9ccf5f935deae7fdd07e63ddbf8b161b997c
nmap 2.3beta8 staticly linked Linux/x86 rpm for Linux users without GTK.
b63cbf8a2897805023686f5d9da6af7ba9f43c9c5afec4ab449145b583cd204c
nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). You just can't do all this with one scanning mode. And you don't want to have 10 different scanners around, all with different interfaces and capabilities. Thus I incorporated virtually every scanning technique I know into nmap.
85d5167197de6b013ef0cd1cd1723f790818bc78888095caa6414a6a04156c68
ipaudit listens to a network link using promiscuous mode and gathers statistics on network usage. For every combination of host pair, port pair and protocol, it counts bytes and packets in both directions. After a fixed interval (30 minutes for example) ipaudit can be signaled (via kill command) to output its results. The text output can be processed into reports but the raw data can also be useful identifying heavy bandwidth consumers, intrusive telnet sessions, denial of service attacks, etc. There is also an option (like tcpdump) to save raw packets to specific ports for detailed subsequent analysis with packages such as tcpdump or ethereal.
982b4d7197acb8b92706652d9b2b43d7fd82be03e5ac8e480a7d688834cf94a8
A tutorial for a Unix newbie or semi-newbie who is interested in computer security and/or networking. Basic Local/Remote Unix Security: Change default configurations, basic packet filtering, how to secure your system's networking services (or completely remove them or some of them, in case you don't need them, in order to increate your computer's security), how to use, how to avoid trojans, what are sniffers, how to maintain local security between different users in your system (if you're not the only one using this system, whether it's locally or remotely), some stuff about SSH, how to protect yourself against computer viruses under the Unix system, what are security scanners and how to use them, why you should encrypt your important data and how etc'.
752f8d456cd2997c648ad6a15e70646527e51406f91a4e955ca9031248eac546
Knark is a kernel based rootkit for Linux 2.2. Hides files in the filesystem, strings from /proc/net for netstat, processes, and program execution redirects for seamlessly bypassing tripwire / md5sum.
0a74c43e3e1e3f191114cf82097d3a11d695c91a6730013a6977c69ccf3c7273
Pandora v4 Beta 2 Full Source Code for Linux.
6289c497b8bcdbb15790b35262f4b9178a0cb00e7ffac4bf3b561bb7a96ab924
HP network printers (tested on HP LaserJet 4500) crash when given a URL loger then 256 characters.
d123734b6144ec16fede7b2f3f1b576848b20cada113ae27077f9c444a9ea6cd
BETA - Documentation on using Pandora v4, with updated white papers, tips, and tricks. Included with the regular software, download this if you just wish to read the docs.
44e204f97e6c01e95f171dedd42e4589b8b55ec79a6b5d9d7868521bb2ed6bce
Pandora v4 Beta 2 Full Source Code for Windows.
db40217fe9c204f517fc1c297739c59110cd3db27f3c17085c141a05c0c4c1fa
Pandora v4 Beta 2 for Linux BETA 2 - Offline password auditing and Online attack for the X Windows platform on Linux. The Online software requires an IPX-aware kernel and root. THIS SOFTWARE IS SUBJECT TO CHANGE FAIRLY QUICKLY, SO CHECK BACK OFTEN. Tar xvzf in your fave dirctory and build an icon to online/Pan-on in your fave X Windows manager. Hack Netware 4 and 5 from Linux!
59c80875d872f13fe9e905a9994b46635800ae3a01f1accd3a63d809ba9ebd59
Pandora v4 Beta 2 Online for Windows NT BETA 2 - Online point and click attacking of Novell Netware from Windows NT. Currently spoofing works but lots of crashes on SP3 (we're working on it). Unzip and run the setup.exe program. DO NOT FORGET TO INSTALL THE PACKET DRIVER OR THIS PROGRAM WILL NOT WORK!
d91c583bef20173ab5fc33a5877053eaa74ce5b7eb172fab7b4db670614c764d