The domtools package allows you to traverse DNS domain hierarchies, list all hosts (or subdomains) within a given domain, convert host name to IP address and vice-versa, convert a normal IP address to the "in-addr.arpa." format and vice-versa, and more. These commands can be used manually, or included as building blocks for higher level DNS tools. They generate output that is easily computer parsable.
86bf882cd741514bb6774767fdbd85b74348876a104a9ea663a78df1a6627785Remote denial of service attack against linux kernel 2.2.7 - 2.2.9, in perl.
ca4f3168b4556b5656aea0301813733aaa18edd7b2ddf602bb118a068d4fa223syslog-ng as the name shows is a syslogd replacement, but with new functionality for the new generation. The original syslogd allows messages only to be sorted based on priority/facility pair, syslog-ng adds the possibility to filter based on message contents using regular expressions. The new configuration scheme is intuitive and powerful.
6bc258d71caf71305a165c3cdf6028e3dd38d2e9544c106cb242f6dc855b65e1Tool for scanning networks which generates an list of IP addresses between a starting and ending ip.
a1f8e25c3c7b61b129cb7c4fbb6f06e931da51c972b3ad396b0a0c01d00403d2Y2k fix for cgicgk-1_35, which would return false positives on any server with a date of 2000.
85000facff02b8aebee3f019526d12443276a547a4db48d22bc22c7438b71837FileTraq is a shell script designed to be run periodically from the root crontab. Each time, it compares a list of system files with the copies that it keeps. Any changes are reported in diff or patchfile style, and dated backup copies are kept. It lets you keep an eye on intruders who might change system files, or other sysadmins who don't tell you about changes. It even helps you keep track of your own changes, along with dated backups.
f2a386b43c40c22d8549ec75a5d54013afc7341827cc5f1f0b0db2eb6989ed99Hackn' for Newbies is an all in one package for someone who has never used trojans, but would like to start. It contains the deepthroat 2.0 and netbus 1.7 trojan interface along with various scanners,an exe patcher,pasword crackers,user configurable buttons and more.
4d319829f6057b4db38c5efd2053e7bb72e3ae15be3cee9813ab03c20789de8bWinfingerprint 222: Advanced remote windows OS detection. Current Features: Determine OS using SMB Queries, PDC (Primary Domain Controlller), BDC (Backup Domain Controller), NT MEMBER SERVER, NT WORKSTATION, SQLSERVER, NOVELL NETWARE SERVER, WINDOWS FOR WORKGROUPS, WINDOWS 9X, Enumerate Servers, Enumerate Shares including Administrative ($), Enumerate Global Groups, E numerate Users, Displays Active Services, Ability to Scan Network Neighborhood, Ability to establish NULL IPC$ session with host, Ability to Query Registry (currently determines Service Pack Level & Applied Hotfixes.
bc8bad07f30343e90c33d302c4e3c1e98cbbf79476f56cd511e0a3d50edaa03cOn iMail Server 5.0 for Windows NT 4.0 SP 6a, a malicous user can read and send emails as any other user on the system. The issue lies in how iMail handles the creating of new email accounts, and how it stores them. Exploit instructions included.
cb49e1323d568f5b7d79148336aa88d62ecb3e572bce33f67d97c57bca63383eThe mailinglist software "majordomo" was found having several local vulnerabilties. However, the licence of the program prohibites us providing a fix. You should either remove majordomo or trust your local users until an official fix from greatcircles is available. SuSE security website here.
6494ccefa98173cb286a431e760b4b3a72f1ed68c9f590f66271894a3ae50fd1SuSE Compartment is a program to build secure compartments for running untrsted/insecure programs, and has got the usual uid/gid setting and chrooting abilitity, but the nice thing is the easy access to linux per process capabilities.
6faa41b9d39469855df1d035d5907b623f6b45bd05a59c93d59e807c750faf85Find_ddos Version 2 - In response to a number of recent distributed denial-of-service (DDOS) attacks that have been reported, the NPIC has developed a tool to assist in combating this threat. The tool (called "find_ddos") is intended to scan a local system that is either known or suspected to contain a DDOS program. It is capable of scanning executing processes on Solaris 2.6 or later, and of scanning local files on a Solaris 2.x (or later) system. The tool will detect several known denial-of-service attack tools, including the trinoo daemon, trinoo master, enhanced tfn daemon, tfn daemon, tfn client, tfn2k daemon, tfn2k client, and the tfn-rush client.
3178aa5ca62b73b6781659600f9dae776ff19371a8a775fe0a58d906ded64341Socks Scan V 2.0 - Scan a host for SOCKS servers. Includes the SOCKS perl module.
94a2842d6ffaae02a7bbdfbd30287e9ef131d3b4d7b0d167feaa43e7b810bff0The ELZA is a scripting language aimed at automating requests on web pages. Scripts written in ELZA are capable of mimicring browser behavoir almost perfectly, making it extremely difficult for remote servers to distinguish their activity from the activity generated by ordinary users and browsers. This gives those scripts the opportunity to act upon servers that will not respond to requests generated using netcat, rebol, telnet or similar tool. As a result, one can hijack heavily protected HTML forms, perform dictionary attacks on login forms, and do sophisticated CGI scanning.
ebcbde7933ca179ae3f56f4ceb13d430e295bd301e4361c85dc54a042f565e5fAnalysis of TFN-Style Toolkit v 1.1 - One of our systems was compromised and prompt action by the local sysadmin prevented the hackers from running their cleanup scripts. Consequently, we were able to get the toolkit that they were using against us. This toolkit contains components that are similar to what is in the TFN toolkit.
931bf856df02a6b943a81ec00d6ae03423a858509db190e01a1c3ee4fbce96f8The following is an analysis of "stacheldraht", a distributed denial of service attack tool, based on source code from the "Tribe Flood Network" distributed denial of service attack tool. Stacheldraht (German for "barbed wire") combines features of the "trinoo" distributed denial of service tool, with those of the original TFN, and adds encryption of communication between the attacker and stacheldraht masters and automated update of the agents.
bc4c022ff592ac5a5e926474eabe73cf1b4c0adf026de3eb391f6a929b9213ecCERT Advisory CA-2000-01 - Denial-of-Service Developments. A distributed denial-of-service tool called "Stacheldraht" has been discovered on multiple compromised hosts at several organizations. X-Force released a paper on trin00 and TFN. CERT DoS homepage here.
6339c83f968cb750f6a8fb5ee9b7be786a3003fc9952c6968cb89beab356d156
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed