dupl.pl v0.4 is a snort rules beautifier which removes duplicate rules from *-lib, vision.conf, and xxxx-rules files.
b76c7e112174613043dc1d689b3076f74a8e39ce5dc0a8e0ed2b5687496b215eUIN tp IP Converter for ICQ 2000 - This program enables you to retrieve the IP# of any given ICQ Number (UIN) in your online list. (The ICQMAPI.DLL is included) Written in Visual Basic.
15afb0fe0cb8f0a5bd0a3ef032c756d22fb68b16b5c56b1065cfc6af41450b55BKtspibdc.c allows sniffing on switched networks by flooding the switch with TCP & IP & ARP requests containing spoofed MAC addresses.
3d2385a867ce0b4d297d0ef596abb742173add20b7c3aad942ed6ac3f7b435b0BKtrpibdc.c is a network tool for arp redirection which implements a man in the middle attack.
6708726e4c0433d5697874606ed537a26e80eecb7fb5d757762d609b588763fdBKtclipabdc.c is a tool to change the mac address of your ethernet device. It doesn't change the hardware address, but just the stack implementation of it.
f8bd82cad3394a8e8ffbbce3e28b60bcb00bff580ed81044a67a2b1a2e664187Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings. Screenshot available here.
3cefe3bb966b2062072889ef31c89900491ab7fe7a07ae1a795d6ef84b74e1f0The wais.pl CGI written by Tony Sanders provides means to access the waisq WAIS client via the webserver. Waisq contains buffer overflows allowing remote code execution which can be exploited via wais.pl. In addition, files owned by nobody on the webserver can be overwritten with arbitrary content. Includes exploit for Linux/x86.
0a1486af2061c3b2f7952eb470c47fcbf6d3d36571a036f046ae5709356c58d1Sendmail is a Mail Transfer Agent, which is the program that moves mail from one machine to another.
bc497185b4c122db27c444e2c8a91693fe81459630c4718e6a27fa86386e78d7Zorp is a new-generation modular proxy firewall suite to finetune proxy decisions with its built in script language, fully analyze complex protocols (like SSH with several forwarded TCP connections), and utilize outband authentication techniques (unlike common practices where proxy authentication had to be hacked into the protocol).
538dc3df32203b51e16efa7a67085359cc1bc106bdad261f111aaaca03b17035Gopher+ v2.3.1p0 remote exploit - Spawns a remote shell on tcp port 36864 under the UID that the gopher+ daemon runs as. Tested against Linux Slackware 3.6 / 7.0.
71aa58978ab9c730cefaa09803a9c98febeb91b69d9d601ac9a232b790ac1e41SuSE Security Advisory - Suidperl is the perl interpreter for suid perl scripts, a part of the perl package. A maliciously implemented feature causes the interpreter to spawn the /bin/mail program, thereby passing on untrusted environment that causes /bin/mail to execute arbitrary commands as user root. SuSE security site here.
014ed0af6fcd3148a794ea9fc8ef4e1118024f8702a2a3d00d41005ed9cc8956SuSE Security Advisory - Due to incorrect string parsing in the code, a remote attacker could gain root priviledges on the machine running the vulnerable rpc.kstatd, which was distributed in the package linuxnfs or knfsd. SuSE security site here.
4fc97e2211f496c84ae3546f1ae36d7e425e0a9e13e7d63bd4f8100763e8c53bGuardent Security Advisory - There is a vulnerability in the way the standard Unix gopherd 2.x (a.k.a. UMN gopherd) creates a gopher DES key for authentication. If properly exploited, this vulnerability allows a remote user to gain unauthorized root access to affected systems.
4ddb2889c185993771351800971338c2916b9b438d1abe4e842bb757b6fac085Statistics Server 5.02x for Windows contains a buffer overflow caused by a long GET request. Includes perl exploit which spawns a winshell with system privileges on port 8008 on Statistics Server 5.02x/Win2k.
4d5eb9ffd94b406e9662e8575bcca3692763124371afe9b77e28d789f947712fRed Hat Security Advisory - Vulnerabilities exist with all Zope-2.0 releases - This HotFix corrects issues in the getRoles method of user objects contained in the default UserFolder implementation. Users with the ability to edit DTML could arrange to give themselves extra roles for the duration of a single request by mutating the roles list as a part of the request processing.
3aae58fa2ce77f6e29e2937cd2bf1a04b0f4bc3336e8c2895523e8de5692adcaRed Hat Security Advisory - The usermode package allows unprivileged users logged in at the system console to run the halt, poweroff, reboot, and shutdown commands without needing to know the superuser's password. While being able to halt, poweroff, and reboot is a desirable thing, an unprivileged user can also bring the system to single-user mode by running "shutdown now" with no additional flags.
74e1c146411d4e810234e042524b50565b60f9c341a78a1d67295a79e887a3baRedhat Linux rpc.statd remote buffer overflow exploit. Tested against Redhat 6.0, 6.1, and 6.2.
c1de1ba5c571d6f403a8f820e615faa4e5df066142935928a9f9d39804e2b53fGopher+ daemon v2.3 remote root buffer overflow exploit - Tested against Slackware Linux 3.6 and 7.0. Adds a line to /etc/passwd.
9c2f2d4a91a62e040ddd61ebd3561c42d0097168294f3951f1f9d91c91fab2e1Security Auditor's Research Assistant (SARA) is a security analysis tool based on the SATAN model. It is updated frequently to address the latest threats. Checks for common old holes, backdoors, trust relationships, default cgi, common logins.
92e13c0cd01c13af6c6fe0b3089d3b96bfa48a113d785dfbf12c2dc13f29dca3Ldistfp is an identd fingerprinting tool which works well with all Linux and most *BSD hosts that have their auth service running.
a0e02ae45f7bafdea7bf1bf796fdf701738fa98fb3b7144c5532341e9495418bCERT Advisory CA-2000-16 - Internet Explorer can open Microsoft Access database or project files containing malicious code and execute the code without giving a user prior warning. Access files that are referenced by OBJECT tags in HTML documents can allow attackers to execute arbitrary commands using Visual Basic for Applications (VBA) or macros. A remote intruder can send malicious HTML via an email message, newsgroup posting, or downloaded Web page and may be able to execute arbitrary code on a victim machine.
2ac36051a9e4bac06affdc8d3ca68aa41aa7d1985662ba3cee9f9797a1a045b6igmpsyn.c sends type 1 IGMP requests with random source addresses. Appears effective against Win95 / 98.
e586aa75def79fe1a2fe497ed40a6021a61562703e88d08b591f4aa935e9df9dJinro.c will transmit TCP packets which generate replies containing a modem hangup sequence. This is an improved version of the old hangup bug which may circumvent firewalls / init string patch.
a177990f433cf1832b454c2c6fec29700b7b6431125b5bee6189dfb3538da8d8x1.cpp is a utility for extracting lists of hostnames from northernlight search engine. Uses wget - tested on Linux.
050e801933c4356b808efa3fc09830292199ef555a08e5ad9a3052c6a9048fc7spam.pl is a perl script which automates the process of sending complaint letters to spammers ISP's. It strips out the proper address from the spams mail headers, taken via stdin.
a022c06c7ca2333a298d4c79b1d1c60e0f09de2419df0304950c047ad24a393e
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed