exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 76 - 100 of 302 RSS Feed

Files Date: 2000-07-01 to 2000-07-31

smegma_v0.4.tgz
Posted Jul 24, 2000
Authored by Scrippie | Site b0f.freebsd.lublin.pl

SMEGMA is an engine for generating garbled shellcode using several encryption mechanisms and making it self-decryptable by putting an Intel x86 machine-code decryptor in front of it. It uses a hand-written C lexer to grab the shellcode from sourcefiles and try and identify it. Use SMEGMA to modify shellcode in which characters get ruined by regular expressions (often seen in CGI binaries, web applications and webservers).

Changes: Fixed all NULL byte problems - you can now use smegma to rid shellcode of NULL characters, more garbling algorithms, more efficient garbling algorithms, fixed the size problem.
tags | web, x86, cgi, shellcode
SHA-256 | 27190bafedd46710e361a4de759ed1fb919aefd7840e72731dda48838278f0bf
SN451.tar.gz
Posted Jul 23, 2000
Site sources.redhat.com

Source-Navigator is a source code analysis tool. With it, you can edit source code, display relationships between classes and functions and members, display call trees, and build projects.

systems | linux
SHA-256 | 646b0bb295d013a2983e27d0adbf286415e12e6d4288932a8025ba16fcd88083
hypersrc-1.2.1.tar.gz
Posted Jul 23, 2000
Authored by Jim Brooks | Site jimbrooks.org

hypersrc is a GUI program for browsing source code, which uses GTK+. It provides a list widget containing sorted source code tags. A programmer can click a tag to hyperlink to a particular tagged line in a source code file. Screenshot here.

Changes: Starts much faster now.
systems | linux
SHA-256 | 375fe33186805783334ce85d84192a8e22386c1af719f300f3bba0dae3a41574
anomy-sanitizer-1.21.tar.gz
Posted Jul 23, 2000
Authored by Bjarni R. Einarsson | Site mailtools.anomy.net

The Anomy mail sanitizer is a filter designed to block email-based attacks such as trojans and viruses. It reads an RFC822 or MIME message and removes or renames attachments, truncate unusually long MIME header fields and sanitizes HTML by disabling Javascript and Java. It uses a single-pass pure Perl MIME parser, which can make it both more efficient and more precise than other similar programs and has built-in support for third-party virus scanners.

Changes: This release includes protection against buffer overflow attacks based on non-MIME headers, including the recently discovered Date: overflow in Microsoft Outlook.
tags | trojan, perl, javascript, virus
systems | unix
SHA-256 | d8aab3f92b057c4b29b5c824101d61338cf92a1cc8c05ee048456ce37f4486da
kmap-0.7.2.tar.gz
Posted Jul 22, 2000
Authored by KMap Development Team | Site edotorg.org

Kmap is a QT/KDE front-end to nmap, a popular and powerful console portscanner. Kmap allows quick and easy access to all of nmap's features, with much less hassle. Kmap also sorts the output from nmap into usable sections, so you easily extract the information you want.

Changes: Fixed bug in selecting a root level scan, added the window and ack scan options, and added the scan random IP's option.
tags | tool, nmap
systems | unix
SHA-256 | 13aa864a43d43e08b41aedb9d5b0a663fd6e9a9223d80430113fb11a959fe2ff
lrk-4.1.tar.gz
Posted Jul 22, 2000
Authored by Rolling

Linux Rootkit v4.1 is based on Lord Somers LRK4 but several things are fixed. Includes a better find patch, fixed install of pidof / killall, fixed rshd patch, compilation fixes, and more. Released 11-may-2000, tested on Linux kernel 2.2.6, Slackware 4.0.

tags | tool, kernel, rootkit
systems | linux, unix, slackware
SHA-256 | adecedb7ccb2d5c273f0825c00ea50190704d28a5ee05cde397452f6133b9549
tod.tar.gz
Posted Jul 22, 2000

Touch of Death is a TCP connection killer for linux which is designed to work with sniffit. When running sniffit in interactive mode, you can immediately kill any connection you can see.

tags | tool, sniffer, tcp
systems | linux
SHA-256 | 7ada2bc1a67bc67fc83014c84f0791097e39af05eccb4f2dc68b913ffb0a8b0b
cisco.00-07-11.tcpreset
Posted Jul 22, 2000
Site cisco.com

Cisco Secure PIX Firewall TCP Reset Vulnerability - The Cisco Secure PIX Firewall cannot distinguish between a forged TCP Reset (RST) packet and a genuine TCP RST packet because the sequence number is not checked. Any TCP/IP connection established through the Cisco Secure PIX Firewall can be terminated by a third party from the untrusted network if the connection can be uniquely determined. If only source ip / destination ip / destination port are known, a RST packet can be sent with each source port.

tags | tcp
systems | cisco
SHA-256 | b1f7eb96541775acb267d750a7136e421f2b6437fb5e1dadef4de9c99dc843d6
firestarter-0.3.1.tar.gz
Posted Jul 22, 2000
Authored by Tomas Junnonen | Site firestarter.sourceforge.net

The goal of FireStarter is to provide an easy to use, yet powerful, GUI tool for setting up, administrating and monitoring firewalls for Linux machines. FireStarter is made for the GNOME desktop. It can actively monitor your firewall and list any unauthorized connection attempts made to your machine in a readable table format.

Changes: Bug fixes and improvements, ability to do DNS lookups in firewall hits. Screenshot available here.
tags | tool, firewall
systems | linux
SHA-256 | 95f2a4e5466e3649db9dc3ecc82e2f37939c903d798d8efb780211d011bcca8f
twwwscan04.zip
Posted Jul 22, 2000
Authored by TSS | Site search.iland.co.kr

TWWWscan is a Windows based www vulnerability scanner which looks for 209 www/cgi vulnerabilities . Displays http header, server info, and tries for accurate results. Now features anti-IDS url encoding and passive mode scan. Tested on win95 osr2 win98,win98se,win nt4,win 2k.

Changes: Fixed bugs, added more information.
tags | web, cgi, vulnerability
systems | windows, unix
SHA-256 | e22757f754f09cec07ef92b15d7288a1bb562a9210beb649e6f3b972e9082ec0
freeswan-1.5.tar.gz
Posted Jul 22, 2000
Site freeswan.org

Linux FreeS/WAN provides IPSEC (IP Security, which is both encryption and authentication) kernel extensions and an IKE (Internet Key Exchange, keying and encrypted routing daemon) allowing you to build secure tunnels through untrusted networks. Compatible with with other IPSEC and IKE systems already deployed by other vendors such as OpenBSD.

Changes: Pluto's logging has been revised, Netlink device has been removed, bug fixes and documentation updates.
tags | tool, kernel, firewall
systems | linux, unix, openbsd
SHA-256 | 1c356c0db0bf695b0cfb1071cb663a74990de3ec263f22a6519bbff5cfffd444
gspy-0.1.2-src.tar.gz
Posted Jul 22, 2000
Authored by Lawrence P. Glaister | Site gspy.sourceforge.net

Gspy retrieves images from a video4linux device and processes these into a daily mpeg movie on the disk drive. Each image is recorded with a time stamp to insure accurate real world correlation. Special motion detection algorithms are used to reduce the size of the daily movies by eliminating pictures with similar content as well as the normal compression obtained via the mpeg process. The result is a time lapse video per day with nonlinear time compression using only the images of interest. Screenshot available here.

systems | linux
SHA-256 | 3a5d7fe8d9f47f7208c3de20c64ba67dcf4d1fd30c289ec26d47a46947ef6e5b
sara-3.1.5.tar.gz
Posted Jul 22, 2000
Authored by Advanced Research Corporation | Site www-arc.com

Security Auditor's Research Assistant (SARA) is a security analysis tool based on the SATAN model. It is updated frequently to address the latest threats. Checks for common old holes, backdoors, trust relationships, default cgi, common logins.

Changes: Updated IAW with SANS guidance, Updated smb.sara to test for null logins, Updated rules to 'catch' all smb services, Added O'Reilly test to http.sara, Added source.asp test to http.sara (BID 1457), Fixed NFS/Mountd anamolies, and Tweaked login.sara for really slow targets.
tags | tool, cgi, scanner
systems | unix
SHA-256 | a19656b99be490cdd1cdac8f161f6660f073f3560b9ae87285ebd94e3c44856f
bind-8.2.2-P5-chaos1.diff
Posted Jul 22, 2000
Authored by Sean Trifero | Site innu.org

Bind-8.2.2P5 patch which logs all bind version requests to syslog.

tags | patch
systems | unix
SHA-256 | 8f2aee92d405daba443d0178423cc93d73c437944166a54146dfe95825fd2a6e
ms00-046
Posted Jul 22, 2000

Microsoft Security Bulletin (MS00-046) - Patch Available for "Cache Bypass" vulnerability. Microsoft has released a patch for a security vulnerability in all versions of Outlook and Outlook Express. This vulnerability would allow an HTML mail to bypass the cache mechanism and create a file in a known location on the recipient's disk. If an HTML mail created an HTML file outside the cache, it would run in the Local Computer Zone when opened, allowing it to open a file on the user's computer and send it a malicious user's web site. The vulnerability also can be used as a way of placing an executable file on the user's machine or a way of reading any file. Microsoft FAQ on this issue available here.

tags | web, local
SHA-256 | f1f37e4ddffca9b7352f96d857b4ae7065485b5ad61a97039870a80d1747a8e1
ms00-045
Posted Jul 22, 2000

Microsoft Security Bulletin (MS00-045) - Patch Available for "Persistent Mail-Browser Link" vulnerability. Microsoft has released a patch for a security vulnerability affecting Microsoft Outlook Express. The vulnerability allows a malicious user to send an email that will "read over the shoulder" of the recipient as he previews subsequent emails in Outlook Express by opening a browser window that links back to the Outlook Express windows which can read the HTML mail that is displayed in Outlook Express. Microsoft FAQ on this issue available here.

systems | windows
SHA-256 | 3b31ce131e7d9706a3f89d381201adeea41926edc44b27d96fae174da7b8298f
ms00-043
Posted Jul 22, 2000

Microsoft Security Bulletin (MS00-043) - Patch Available for "Malformed E-mail Header" Vulnerability. Outlook and Outlook Express allow a malicious user to cause code of his choice to execute on another user's computer. A component shared by Outlook and Outlook Express contains an unchecked buffer in the functionality that parses e-mail headers when downloading mail via either POP3 or IMAP4. Microsoft FAQ on this issue available here.

SHA-256 | 95d4a85d402cadf9ee7b36bc9aa351f788acc75f338ca40111407c9bf8a8dfe1
pscan-1.2.tar.gz
Posted Jul 21, 2000
Authored by Alan DeKok | Site striker.ottawa.on.ca

Pscan checks C source code for problematic uses of printf style functions such as "sprintf(buffer, variable)", which have been the source of many security holes. It does not check for buffer overflows or other misuse of function parameters.

Changes: Now scans for more functions, fewer false positives, and optional warning messages.
tags | overflow
systems | unix
SHA-256 | cb2bd189b24663cf55c1b9bdbb2a40e2e84b75ece85ee86e49e70a5a8336c490
xpbitchx.c
Posted Jul 21, 2000
Authored by RaiSe | Site undersec.com

BitchX (75p3/1.0c16) local exploit.

tags | exploit, local
SHA-256 | aa40b281d2c006cac231c6c8505bc1727b23ce226626ce92283f8b3ea00b8bec
wu-ftpd-v2.4.4.c
Posted Jul 21, 2000
Authored by Pascal Bouchareine

Wu-ftpd v2.4(4) remote root exploit. Exploits the SITE EXEC buffer overflow.

tags | exploit, remote, overflow, root
SHA-256 | 30ef02937719df0ad119e5858cca2726768166acf8b807fa9b407db7a9340c28
xppnc.c
Posted Jul 21, 2000
Authored by RaiSe | Site undersec.com

PNC Bouncer remote exploit - tested against v1.11 on RedHat 6.0, SuSE 6.3, and Mandrake 6.0.

tags | exploit, remote
systems | linux, redhat, suse, mandrake
SHA-256 | f3e7d956629059a23a4eafb60363507ed837755b27f531596180153d41af5c6f
wn-ex.c
Posted Jul 21, 2000
Authored by Dvorak | Site ccc.de

Remote buffer overflow exploit for the wn webserver for linux version v2.0.9 and below.

tags | exploit, remote, overflow
systems | linux
SHA-256 | 54f424cc1122a2ea6b28734c7d2c58d1f67fa6e799266a8ebc622e21926ae9c0
wincrash.zip
Posted Jul 20, 2000
Authored by Tarzan | Site illegalcrew.org

Wincrasher is a shell script which uses 5 well known denial of service attacks to try and crash a windows machine. Includes support for spoofed ip's, and uses linux binaries of jolt2, misfrag, pimp, ssping, and trash2.

tags | denial of service, shell, spoof
systems | linux, windows
SHA-256 | 3ef3cada4de0cddaef2d9ac73a3156404377b5c871345280559fbed4133d63c4
lsh-1.0.1.tar.gz
Posted Jul 20, 2000
Authored by nisse | Site net.lut.ac.uk

LSH is a free implementation of the SSH2 protocol which is under active development.

Changes: Bug Fixes.
tags | encryption, protocol
SHA-256 | dfa18e9b5910fd4da0949b27d56d53d99335170bd54bd80e633fafe32cd3ce1f
snoop.servlet.txt
Posted Jul 20, 2000
Authored by Efrain Torres, lownoise

The Snoop Servlet on Release Build 3.1 and 3.0 of Tomcat from Apache Software Foundation reveals the full path to the webserver and OS.

tags | exploit
SHA-256 | 4412a9fbf956a5c83fe9f9fb236ddce13ba9aaa0a2f53e147babce25c1a4ca6b
Page 4 of 13
Back23456Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close