winkod.pl is a simple perl version of the IGMP Windows remote dos attack which has been tested on Red Hat Linux running Kernel 2.2.14, but should be very portable.
1e47e96cd25220d314d65b0a8ecb72862872aaedec454f107c43e164e84f512acd00r.c is a proof of concept code to test the idea of a completely invisible (read: not listening) backdoor server. Standard backdoors and remote access services have one major problem - the port's they are listening on are visible on the system console as well as from outside (by port scanning). To activate the remote access service, one has to send several packets (TCP SYN) to ports on the target system. Which ports in which order and how many of them can be defined in the source code.
2f73a801f48ec39376a23f69b2bdec44c0cc0dc7e9174c8d108cec34d41d0da7FreeBSD-SA-00:25 - The FreeBSD port to the Alpha platform did not provide the /dev/random or /dev/urandom devices. Some applications fail to correctly check for a working /dev/random and do not exit with an error if it is not available, so this weakness goes undetected. OpenSSL 0.9.4, and utilities based on it, including OpenSSH (both of which are included in the base FreeBSD 4.0 system) are affected in this manner.
b5a6b3e3c85aab31d8474b3242b293e743d2375070930536cd70abb583048751secure rm (srm) is a command-line compatible rm(1) which completely destroys file contents before unlinking. The goal is to provide drop in security for users who wish to prevent command line recovery of deleted information, even if the machine is compromised.
df7e99e636f648b027c3e40863ff6f31014a3c565b410d8e07039070a34300b9S0ftpj Security Advisory SPJ-004-000 - Multiple remote CGI vulnerabilities in MailStudio2000. Users can view any file on the system, as well as execute commands remotely as root. Major search engines can be used to locate vulnerable hosts. Exploit descriptions included.
6550727efc6ec1b93efcd6c291fe46eb0b814d183be7bc7774db23d9d629e939Whowatch is an interactive utility that displays information about the users currently on the machine in real time. Besides standard information (login name, tty, host, user's process) you can see the connection type (ie. telnet or ssh). You can also watch the process tree, navigate it, and send INT and KILL signals. Ncurses ascii graphics.
221564dbdf503990e6e14803a1df0c735c61fa6069ebc56a57a8fba9ac22e4f4Cold Fusion 4.5.1 remote dos attack - sends a very long password, crashing the server.
0b5a9e596dbd2833a0b03573a26e83f6d337941402dc05d7f9f0a61b76ea5f58Linux-sniff v1.0 - Linux eth/tcp/ip sniffer. This tool logs printable data in the packet or it gives detailed info about the eth/tcp/ip packet headers.
b86e7fe41e02d33b5988fa5e16a4be01a16bd16d5141071d400b75f7e8c8a26eCGI Backdoor - Perl based client / server backdoor which communicates over port 80, bypassing many firewalls.
dde28029afd3db6710f19fa6c3dca7798fdd9aadda96193ca78f74920eeb55eefloppyfw is a router and simple firewall on one single floppy. It uses Linux basic firewall capabilities and have a very simple packaging system. It is perfect for masquerading and securing networks on ADSL and cable lines using both static IP and DHCP. It has a simple installation, mostly only needed to edit one file on the floppy.
eedb25dce8ca5edc2cd64b9f6ada48ee8c179fb593b510f1b458772de8bdbb93dspspy is a sound recording utility for spying. dspspy waits until a sound is detected (input via /dev/dsp) and then it records it to a unique file. dspspy records sounds from the microphone to raw sound files. This can be used as a surveillance system.
2f976dcf013e8787c100ebc3a15bc32dfeb85c98fc7fb0ff9c86d09df9a62cfaFwctl is a program that intends to make it easier to configure a tight firewall. It provides a configuration syntax that is easier to use and more expressive than the low-level primitives offered by ipchains. It supports multiple interfaces, masquerading and packet accounting. Fwctl doesn't replace a good security engineer, but it can make the job of the security engineer simpler.
cbb85383791c19d9b39185a0626a5baa9521ef5aabea3f255593cde505cebc9cP0f performs passive OS detection by watching SYN packets with tcpdump. Additionally, it is able to determine distance to remote host, and can be used to determine the structure of a foreign or local network. When running on the gateway of a network it is able to gather huge amounts of data and provide useful statistics. On a user-end computer it could be used to track which operating systems are making each connection. p0f supports full tcpdump-style filtering expressions, and has an easily modified fingerprinting database. Tested on Linux 2.0/2.2, FreeBSD, OpenBSD, NetBSD, SunOS, and Solaris.
c12412c6a9ae99a45bca4816d61188e822b5b548420cec12adf7538b07a171a5Security Auditor's Research Assistant (SARA) is a security analysis tool based on the SATAN model. It is updated frequently to address the latest threats. Checks for common old holes, backdoors, trust relationships, default cgi, common logins.
69d7821829f339eaf8d94b1f53e86e08354a0157af0544fa752db136949e1be0
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed