exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 25 RSS Feed

Files Date: 2000-06-29 to 2000-06-30

Posted Jun 29, 2000
Site malware.com

Microsoft Internet Explorer 5 and accompanying mail and news clients on win95, win98 and win2000 enjoy a unique status in that they choose to ignore user input. This document will show you how to manually force a file onto the target computer despite all prompts and warnings. Demonstration available here.

tags | exploit
systems | windows
SHA-256 | 7ee1f183e67576845d5933f7a7c1c7ed4d66b3108afe965dc0696834b71ac633
Posted Jun 29, 2000
Authored by Vic Abell

Lsof is an extremely powerfiul unix diagnostic tool. Its name stands for LiSt Open Files, and it does just that. It lists information about any files that are open by processes currently running on the system. It easily pinpoints which process is using each network connection / open port.

Changes: NetBSD Alpha added, Solaris kernel address filtering added, fixes for /dev/kmem-based Linux, Solaris, BSDI, FreeBSD, NeXTSTEP, OpenBSD, and OpenStep. Added 64 bit file size and offset support for BSDI, FreeBSD, NetBSD, and OpenBSD.
tags | tool, intrusion detection
systems | unix
SHA-256 | cba979b649e12b0f5b3b05c196e31d6ea1f8a43d81ac109c8be92cc7e1977e16
Posted Jun 29, 2000
Authored by Lamarga | Site lamagra.seKure.de

Format Bugs - What they are, Where they came from, and How to exploit them. Users can often input format strings into printf and other statments, causing the stack to be overwritten. Includes code samples and debugger output.

tags | paper
systems | unix
SHA-256 | a591a666146efb26ddfc36a8bc0226770a35257ba749a6efc8797ecf52f3289c
Posted Jun 29, 2000
Authored by Prizm

Wingate.py is a dos exploit for Qbik wingate 3.0. Connects to tcp port 2080 and sends 2000 characters, causing all wingate services to crash. Origional bug found by eEye.

tags | exploit, tcp
SHA-256 | afd3c1b45990cec90d6d28919ea835f444a7fef236f733a9dc69806fde9832f3
Posted Jun 29, 2000
Authored by Georgi Guninski | Site nat.bg

Georgi Guninski security advisory #14 - Internet Explorer 5.01 and Access 2000 allow executing programs when viewing a web page or HTML email message. This allows taking full control over user's computer. Access 2000 allows executing VBA code which has access to system resources and in particular executing files. Includes exploit code which silently opens and executes VBA code from Access 2000. Demonstration available here.

tags | exploit, web
SHA-256 | fe568442ae8f90da9486762f3cbbcbf6148ba69298f95dfc55f9dce550ddbebf
Posted Jun 29, 2000
Authored by Georgi Guninski | Site nat.bg

Georgi Guninski security advisory #13 - Internet Explorer 5.01, Excel 2000 and PowerPoint allow executing programs when viewing a web page or HTML email message via insecure ActiveX controls. This allows taking full control over user's computer. Demonstration available here.

tags | exploit, web, activex
SHA-256 | f41e05939819ebcc5e580519c20fa7f242ed21f010334bb9e1e5c4204510a020
Posted Jun 29, 2000
Authored by b0g | Site b0g.org

B0g Issue 6 - In this issue: A Look Into Wiretapping, getting root; the b0g way, interview with cr0bar, The SS7 Signaling Connection Control Part Relay System, Sniffing and spoofing explained, How to crack macromedia products, Fun with noise in QBASIC, pulling people's doc's on irc, IRC Quotes, and much more.

tags | root, spoof, magazine
SHA-256 | 14df912c8324c58e5698de4a6c8108df9453bc48b810f92cdebaff1435cb9286
Posted Jun 29, 2000
Authored by Nick Burrett | Site freevsd.org

FreeVSD facilitates true Linux Virtual Servers within a 'chroot' environment, allowing Web servers and other applications to be deployed and administered discretely, without compromise to security. Each Virtual Server has its own IP address(es), Apache webserver, and view of the process table. FreeVSD expands the Linux system by creating a pseudo-'super user' (admin) for each Virtual Server. The admin user has the ability to create extra POP3/FTP and Telnet users and also administrate vital services such as the webserver.

Changes: Security fixes, bug fixes, and instalation fixes.
tags | web
systems | linux, unix
SHA-256 | f3c6f5917da78914473d0c645dfa4aa519baa58c3a256bb935dacfa72d4ded6b
Posted Jun 29, 2000
Authored by Ben Crackel | Site benz.slacknet.org

rvscan v3 beta one is a high quality unix remote vulnerability scanner. It is based on fts-rvscan but has many new additions, such as 100 new cgi checks, new bind checks, ftpd checks, bsdi vulnerabilities, more rpc checks, solaris vulnerabilities, new pop3 checks, bootp and mdbms, more sendmail checks, and better logging. It does a very thorough job, even includes some non-published exploit checks.

tags | tool, remote, cgi, scanner, vulnerability
systems | unix, solaris
SHA-256 | ef42dc9c0cad12930c5c5765f90ccd09e61f0706df7ae9f7e6d9ae5e685d5ac9
Posted Jun 29, 2000
Authored by r00tabega, Bansh33 | Site r00tabega.com

Quick perl script to search through the history file of each user on your system for a certain command (i.e. "cat /etc/passwd").

tags | perl
SHA-256 | 9bff10e0b13f74501fe381001cf0e37279e3be5fca0e60e87cb1c850a547780f
Posted Jun 29, 2000
Authored by r00tabega, Bansh33 | Site r00tabega.com

sploitmon.pl is a simple yet sophisticated perl script that runs in the background to monitor Apache's access_log file for indications of an exploit scan. If one is detected, a new exploit_scan_log file is created with the details. Checks for /cgi-bin/phf, /cgi-bin/nph-test-cgi, and /cgi-bin/whois_raw.cgi.

tags | cgi, perl
SHA-256 | a9a2d6cb059ca360921cfea53192a86691abc7cab592a0d3711c7ca85e80a471
Posted Jun 29, 2000
Authored by r00tabega, Bansh33 | Site r00tabega.com

A simple yet sophisticated perl script that runs in the background and monitors for user attempts to su to root. If one is detected, the log file is immediately mailed to a specified user and a backup is created in /tmp. Very useful for attempting to keep track of logs after an intrusion has occured.

tags | root, perl
SHA-256 | 9d5a05a262ce5c62f5af07164aa226ee20f05a3529a13f4c3b10f6642e980ec1
Posted Jun 29, 2000
Authored by r00tabega, Bansh33 | Site r00tabega.com

suidbofcheck.pl searches the system for suid binaries in /usr/bin, /bin, /sbin, and /usr/sbin and tests each one against a standard buffer overflow (both with and without the use of environmental variables) at a specified offset.

tags | overflow
SHA-256 | cdfabbf02010e314aaf0717fec7794934ca6e1c28d934c051807997557d665e4
Posted Jun 29, 2000
Authored by r00tabega, Bansh33 | Site r00tabega.com

Exploits the auto registration feature of most ChanServ bots and causes it to die. This exploit has been known to work on networks including DalNet, CobraNet and RelicNet.

SHA-256 | 865f6f01d3cc5bf17ccb21f2ea7ad728f0e13a90f25b6ff1a1fe00b5b3a4ad68
Posted Jun 29, 2000
Authored by Blue Panda | Site bluepanda.box.sk

iMesh 1.02 builds 116 and 177 for Windows are vulnerable to a buffer overflow that can be exploited to execute arbitrary code. Once iMesh connects to a server, it begins listening on a TCP port (varies). An attacker can connect to this port and cause an overflow which will overwrite EIP, effectively redirecting the flow of execution.

tags | exploit, overflow, arbitrary, tcp
systems | windows
SHA-256 | 7e6502a1050bf172ba5bec4d156f3a8bc7a2d4a1cece70a84fffcb07c167cf9c
Posted Jun 29, 2000
Authored by Paul Starzetz

Smit is a simple ARP hijacking tool for switched and unswitched networks. The source is based on arpmitm and arprelay and includes nice features such as automatic ARP MAC query and an improved MAC cache consistence algorithm. You can also run Smit in transproxy-only mode and use your favourite sniffer to capture 'hijacked' packets on switched networks.

tags | tool, sniffer
SHA-256 | f6b0bbb9acb2b5247541f8e9327ba3a86e30a865317acd35438ed13ae74ed9eb
Posted Jun 29, 2000
Authored by Larry W. Cashdollar | Site vapid.betteros.org

Sawmill 5.0.21 is a site log statistics package for UNIX, Windows and MacOS which has remote vulnerabilities. Any file on the system can be read, and password is stored with a weak hash algorithm and can be decrypted using the included C program. This is dangerous because the previous security hole will allow you to read the hash and decrypt the admin password.

tags | exploit, remote, vulnerability
systems | windows, unix
SHA-256 | 2c2c58f021857e688f36ad471178bf0306d758fc5829abf90f77a22c58174057
Posted Jun 29, 2000

Microsoft Windows secret options - More aggrivating display properties.

systems | windows, unix
SHA-256 | 65aa1e22a2068f5a58c7fbf967d3454c99c326426193757ad360e388913713fc
Posted Jun 29, 2000

Microsoft Windows secret options - Aggrivating display properties.

systems | windows, unix
SHA-256 | 9f400b96cf3bca5423aa8c2457b299c9d2c66c709c5aed663ab61bdba4657db5
Posted Jun 29, 2000

Microsoft Windows secret options - Endourance options, etc :)

systems | windows, unix
SHA-256 | 05779917700f59917b9bcfa81aa76d564e760f168128947370d0ace0ea56469e
Posted Jun 29, 2000
Authored by Andres Alfredo

SING sends fully customized ICMP packets from the command line. It is a replacment for ping which adds certain enhancements such as fragmentation, send/read spoofed packets, sends many ICMP types (Address Mask, Timestamp, Router Discovery, etc) and Error (Redirect, Unreach, Time Exceeded), oversize packets, etc. Tested on Linux, FreeBSD and Solaris.

tags | tool, spoof
systems | linux, unix, solaris, freebsd
SHA-256 | 0f37eb69dc449eea1282ba221917ed9864952f9a3b3cbaae762260af8982bf0e
Posted Jun 29, 2000
Authored by Alexandre Sagala | Site pages.infinit.net

KNmap is a new KDE frontend for Nmap which supports all the scan methods and a great deal of options.

Changes: Cleaner error messages, the removal of the "Elite" log output (since Nmap doesn't support it anymore), and a list of scanned hosts which is now kept and reloaded every time you start KNmap. Also bug fixes and GUI updates. Screenshot here.
tags | tool, nmap
systems | unix
SHA-256 | c79a3b333615c49733b9cb6caf849384756302a1b80d1e2206ce9cadaea2ae95
Posted Jun 29, 2000
Authored by Mike Heffner | Site my.ispchannel.com

BFBTester is a utility for doing quick, proactive security checks of binary programs by performing checks of single and multiple argument command line overflows and environment variable overflows. It will also watch for tempfile creation activity to alert the user of any programs using unsafe tempfile names. While BFBTester can not test all overflows in software, it is useful for detecting initial mistakes that can red flag dangerous software.

tags | tool, overflow
systems | unix
SHA-256 | 74db8d4c5d35b7c0f1826f9ebd93f8fcb8ffb78cdb0e453cbff11369557d33f7
Posted Jun 29, 2000
Site xfactor.itec.yorku.ca

slackUp is a Slackware auto-upgrade utility. It will download upgrades to the programs you currently have installed on your system from the slackware-current tree. No user interaction required. Just type the command, go for a coffee break, and after a reboot, your system should be upgraded. Until the Slackware team comes up with an official auto-upgrade utility, slackUp will hopefully help fill in for it. This will make your slackware system much more secure.

systems | linux, slackware
SHA-256 | 3f286e777b0746bd01c925bbb30f98d7dd8404f6427d0f54a2afb4d7fa31bba1
Posted Jun 29, 2000
Authored by Jeroen Vreeken | Site motion.technolust.cx

motion uses a video4linux device as a motion detector. It will make snapshots of the movement it sees, making it usable as an observation or security system. It can send out email, SMS messages, or invoke an external command when detecting motion.

Changes: Bug fixes, motion tracking with the mini_ssc library. A sensitivity mask and a minimum gap between snapshots was added.
systems | linux
SHA-256 | 4b99b6d1c13acc4acf9cfbeed78334a0323b65bb21cac5e08cd72aac985b1e4d
Page 1 of 1

File Archive:

February 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    16 Files
  • 2
    Feb 2nd
    19 Files
  • 3
    Feb 3rd
    0 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    24 Files
  • 6
    Feb 6th
    2 Files
  • 7
    Feb 7th
    10 Files
  • 8
    Feb 8th
    25 Files
  • 9
    Feb 9th
    37 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    17 Files
  • 13
    Feb 13th
    20 Files
  • 14
    Feb 14th
    25 Files
  • 15
    Feb 15th
    15 Files
  • 16
    Feb 16th
    6 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    35 Files
  • 20
    Feb 20th
    25 Files
  • 21
    Feb 21st
    18 Files
  • 22
    Feb 22nd
    15 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    10 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files
  • 29
    Feb 29th
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2022 Packet Storm. All rights reserved.

Security Services
Hosting By