joe v2.8 stack overflow. joe overflows when trying to open() $HOME/.joerc. This is simply proof of concept code, hopefully to get the bug fixed. It will attempt to spawn a rootshell.
92174114b15928ccc797f3ac28878ca4c0229150414ef0e2334636a47b1b6e21
ksux.c -- ksu exploit. This program exploits a vulnerability in the 'ksu' utility included with the MIT Kerberos distribution. Versions prior to 1.1.1 are vulnerable. This exploit is for Linux/x86 with Kerberos version 1.0. Exploits for other operating systems and versions of Kerberos should also work.
575f9b9cd458226ac2f5b33532684894fb83b67d2d03b4ba8441db5ccbd69505
CGI vulnerability scanner version 2.40. Checks for 407 CGI vulnerabilities.
e93bcd7ea10d2170002c754b4c1eb5c945196a68fad653c1c73a618cb6ad4e65
Arping is an arp level ping utility which broadcasts a who-has ARP packet on the network and prints answers. Very useful when you are trying to pick an unused IP for a net that you don't yet have routing to.
ec870aee43c49d786ce5f080e2112c4f8ebd38dc95bfdf51cf403a87ed19caa4
HEH! Magazine Issue #2 (In Spanish). Textos incluidos: Introduccion a programacion orientada a objetos, TPMt (Telefonos Publicos Modulares by Telescum), DIV Games Studio, Screen Saver de HEH, Avisos Clasificados! o Yerbas! What ever!, Despedida!
4258a19c3d336a13a99e4915cdea38a4af435ae3ee944c92e198118c50e9361f
Java port Scanner is a comman line port scanner writte in Java 1.3. Use this program in Linux, Windows, AIX, AS/400 or any environment you choose.
87afd17b6619646aea07d54333ff555c40f13b7e8c6803b4b1c9a140eb508cb8
PR09.txt.zip
9996a1594ee69bb668a1744749d3f577ed5deae37acaa60790a092bb44c7594e
PR08.txt.zip
36b80c6c10bd2225e2e17e81d9b987f04bf37bea78c18fa4fb6374b3e511b38f
PR07.txt.zip
36e8db0e6b74cb9f0375d215491338ca8198e3f7ae0285fadb8acb796e543fd5
PR06.txt.zip
a29664967c27b2c474cda8ba345817718e4c6cb0568ae95f11059ae4357c7062
PR05.txt.zip
1cef4a1d48902fc90a4be4486a6719ecdcae3b1d1f7b9f45f4c68dc9519156a6
PR04.txt.zip
3a85b727313c6cd98b7757560927b10cefa23e57950d2c5f2bb864718e5f90a0
PR03.txt.zip
c904099ed19028ed4302a8a950f7498e470268abdd7423fd4c2a0854aaac7263
PR02.txt.zip
c7508682ed0b699d6ba7628664c6162bf24fa9ec605baa5b16aa0eb9001a8e01
PR01.txt.zip
1fd799081a3722ba2b6a8de69f30c1b9cf3c4cf472fd5a67fa9d54a839eeaa1e
Remote cisco DoS attack.
b291d0215efe2342445151c41c0dd9e7584a458042e98e5c3e036023ac132214
Whois - flexible whois client that automatically finds requested info in the 4 predefined databases and able to search in user-defined databases also. Supports easy linked navigation in the database, data saving, interface customization and holds the list of old requests.
dc0ce785d69ee88d2643a38f66b5c44dd689c86be59f414e0bfb1056db3b0bc2
shellhit.c - TESO Hellkit contains a buffer overflow - exploit is just meant to be funny. To all scriptkiddies: You won't get root from this, go and find something more useful.
a3e149bc4123017c3cbb604fcda0c4db3c04f6e279d5b9a75f8c0c48fe6dd47f
Microsoft Security Bulletin (MS00-029) - Microsoft has released a patch for a denial of service vulnerability in Microsoft Windows 95, Windows 98, WindowsNT 4.0 and Windows 2000. The affected systems contain a flaw in the code that performs IP fragment reassembly. If a continuous stream of fragmented IP datagrams with a particular malformation were sent to an affected machine, it could be made to devote most or all of its CPU availability to processing them. Microsoft FAQ on this issue available here.
3dd10f7e1279390739f02205ead303b9d109bd601bc2131536b5796d19dc0144
SRaw for FreeBSD ( sock.c ) - Enables all users to open raw sockets.
031d603337d3c77dcca435afe3641d180032d7eff7eda4e2da825be6148d4d91
ip-filter-cgi is a set of Perl scripts to modify rules of IP Filter (a TCP/IP packet-filtering package).
8254216f47e70d02e959f9aa6b7cad06d6dbb2a69bc0c7048eaff757241c466f
LKM for FreeBSD which makes ipfilter always accept packets from a certain IP.
d411790929f20a121f5c4adfb5b253210f3b91a01fbfc42a70416a71e1ff5ec4
This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.
c1f8bd4fe521bdf5aafc7d025c57d27e1d40de79ea236e681dff6e4734160bd3
"Know Your Enemy: A Forensic Analysis". This paper is a continuation of the Know Your Enemy series. The first three papers covered the tools and tactics of the black-hat community. This paper, the fourth of the series, studies step by step a successful attack of a system. However, instead of focusing on the tools and tactics used, we will focus on how we learned what happened and pieced the information together. The purpose is to give you the forensic skills necessary to analyze and learn on your own the threats your organization faces.
709a59fc782615e033bd0631bccf540ce8f53460a2e328ac4dd4649f8becea8f
dsniff is a suite of utilities that are useful for penetration testing. It consists of the following programs: arpredirect intercepts packets from a target host on the LAN intended for another host on the LAN by forging ARP replies. findgw determines the local gateway of an unknown network via passive sniffing. macof floods the local network with random MAC addresses. tcpkill kills specified in-progress TCP connections. dsniff is a simple password sniffer which handles many protocols. mailsnarf outputs all messages sniffed from SMTP traffic in Berkeley mbox format. webspy sends URLs sniffed from a client to your local Netscape browser for display, updated in real-time.
093d542c616d5bd7e35c508ad364c6cb4963df7d7c5d7c4a1477cb28a7907860