exploit the possibilities
Showing 51 - 75 of 243 RSS Feed

Files Date: 2000-10-01 to 2000-10-31

Posted Oct 21, 2000
Authored by Bindview Vlad Team | Site razor.bindview.com

VLAD the Scanner - A freeware, open-source scanner that checks for the common security problems referenced in the SANS Top Ten list of common security problems. While freeware scanners are not neccessarily unique, VLAD is rather unique because of the amount of vulnerable CGI programs it checks for, and its comprehensive account/password checks (seven different protocols).

Changes: Added htr, webhits, and the new iis-unicode checks to the CGI scanner database.
tags | tool, cgi, scanner, protocol
systems | unix
MD5 | 520331dd74fbb1bb062aa98a429153cf
Posted Oct 21, 2000
Authored by Duncan Simpson | Site checkps.alcom.co.uk

Check ps is a simple program that runs ps and compares it with its own list. It currently requires /proc but other scanning methods can be implemented. The program will run in the background or one-shot mode. Check-ps has grown rather to better resist increasingly sophisticated attacks, generate more useful reports, and implement more detection methods.

Changes: Better reporting, bug fixes, more resistant to attack.
tags | tool, intrusion detection
systems | unix
MD5 | 229ea770193b6247a854097ab1dfed00
Posted Oct 21, 2000
Site meshuggeneh.net

Shoki is a collection of IDS tools, scripts, and so forth. All the bits together can collect data from sensors, schlep it to a central location for storage, run signature-based and statistical analysis on the data, and load the data into a SQL database. Shoki provides a framework for a distributed system for network traffic analysis among untrusted peers.

tags | tool, intrusion detection
systems | unix
MD5 | 20d43922b0415cedf1de6af12fbbeca6
Posted Oct 21, 2000
Site duncanthrax.net

Exiscan is an email virus scanner which works together with the Exim MTA and McAffee's uvscan or Trend Micro's vscan. It is written in Perl and is designed to be as subtle and lightweight as possible. The special thing about exiscan is that is does not resend messages after scanning them, so that the process is fully transparent to the MTA and requires only minimal reconfiguration of Exim.

Changes: The reformime MIME decoder can now be used instead of metamail, a configurable sender and receiver notification has been added, as well as better security against fake X-Scanner header lines.
tags | perl, virus
systems | unix
MD5 | 341f1d92693a0e94d9bf8156f02bdb1c
Posted Oct 21, 2000
Authored by vade79, realhalo | Site realhalo.org

Linux /usr/games/zarch v.92 local root buffer overflow exploit.

tags | exploit, overflow, local, root
systems | linux
MD5 | e4b8a65eb01c952a88aa9f45824a4c9e
GNU Privacy Guard
Posted Oct 21, 2000
Site gnupg.org

GnuPG is a complete and free replacement for PGP. Because it does not use IDEA it can be used without any restrictions. GnuPG is a RFC2440 (OpenPGP) compliant application. Features RSA support.

Changes: A security fix which causes gnupg to report files which have been signed with multiple keys to be valid even if just one of the signatures is in fact valid, new utility gpgv to validate signatures, AES encryption added.
tags | encryption
MD5 | bef2267bfe9b74a00906a78db34437f9
Posted Oct 21, 2000
Site bronzesoft.org

The SYN cookie firewall implements syn cookie syn flood protection on all hosts behind it. Contains a patch to Linux kernel 2.2.17 and an administration tool.

tags | kernel
systems | linux
MD5 | 35b808ade7e0faa9571b7feb2fb0c5c4
Posted Oct 21, 2000
Authored by Kim Yong-jun | Site hackerslab.org

Oracle 8.1.5 local buffer overflow exploit for Linux.

tags | exploit, overflow, local
systems | linux
MD5 | d529954e32f7d3ccdfd831d3eacc8c0b
Posted Oct 21, 2000
Authored by Samy Kamkar | Site pdump.lucidx.com

Pdump is a sniffer written in perl which dumps, greps, monitors, creates, and modifies traffic on a network. It combines features from tcpdump, tcpkill, ngrep, tcptrace, dsniff (and its webspy and urlsnarf), pfilt, macof, and xpy. It is able to do passive operating system detection/fingerprinting and can also watch packet streams and then create it's own spoofed packets to hijack or kill TCP connections. It understands tcpdump-like and perl-like syntax and allows easy modifications via a plug-in system. The packet display is easily configurable. Readme available here.

Changes: The packet injection tool has been updated, updated documentation, and Makefile fixes.
tags | tool, perl, spoof, sniffer, tcp
MD5 | c69b97a9666af130614fa6d1785c6ab9
Posted Oct 21, 2000
Authored by Roelof Temmingh | Site sensepost.com

decoyblues.pl is a denial of service attack against active firewalls. Works by basically creating a lot of decoys with nmap. Router/firewall will try to block all the (decoyed) IP numbers, eventually running out of access list/packetfilters, and possibly crashing, or overwriting access lists.

tags | denial of service
MD5 | b775b42865b17628b85c373ae67fbb99
Posted Oct 21, 2000

Webevent v3.3.3 (webevent.pl) is an online calendar which contains a remote cgi vulnerability which allows administrative access.

tags | exploit, remote, cgi
MD5 | 4a602b2cb9647896d04f006c4a292fd7
Posted Oct 21, 2000
Authored by Toxic Ocean | Site blackhat.be

The Cum Security Toolkit v1.2 is a cgi/port scanner which checks for over 350 vulnerable CGI scripts and can implement 5 different Anti-IDS tactics. Features support for vhosts, wait times, fake X-forwarded-for: headers, and much more.

tags | cgi
systems | unix
MD5 | 855b5e362bcab249f0fe7fe823608081
Posted Oct 21, 2000
Authored by vade79, realhalo | Site realhalo.org

Linux space plumber (/usr/games/splumber) local buffer overflow exploit.

tags | exploit, overflow, local
systems | linux
MD5 | 58f5df89319698f357778a70e2ffd86d
Posted Oct 21, 2000
Authored by Advanced Research Corporation | Site www-arc.com

Security Auditor's Research Assistant (SARA) is a security analysis tool based on the SATAN model. It is updated twice a month to address the latest threats. Checks for common old holes, backdoors, trust relationships, default cgi, common logins, open shares, and much more.

Changes: Improved tcp wrapper detection, Added http tests for Web Shopper, Shopping Cart, PHP, and PUT, and fixed bugs.
tags | tool, cgi, scanner
systems | unix
MD5 | 9678ba4a0af52964ae1477140f72615f
Posted Oct 21, 2000
Authored by SteeLe

Unicde.pl exploits vulnerable IIS servers which allow remote command execition, as described in iis-unicode.txt.

tags | exploit, remote
MD5 | 804a40c9118e14b9459ec105b11b75d8
Posted Oct 21, 2000
Authored by Piffy

iisscan.pl scans for vulnerable IIS servers which allow remote command execition, as described in iis-unicode.txt.

tags | tool, remote, scanner
systems | unix
MD5 | 1e8d93c965466d30fadb8c34f2963bc1
Posted Oct 19, 2000
Authored by Incubus | Site securax.org

iisex.c is a remote command execution exploit for Microsoft IIS 4.0 and 5.0, as discussed in iis-unicode.txt which attempts to provide an interactive cmd.exe shell.

tags | exploit, remote, shell
MD5 | 459afc044268c9b7a2672e4e8ec28bf1
Posted Oct 19, 2000
Authored by 6 Inch Taint

Godmessage Creator allows you to implement the Godmessage IV activeX attack with any binary you supply. Archive password is set to p4ssw0rd. Use at your own risk.

Changes: Dynamically creates Godmessage from supplied html file, and creates a second RC4 encrypted / Hex encoded Godmessage, increased max trojan size to 34500 bytes.
tags | trojan, activex
MD5 | 9dfcaa611a906a01c966461756024a90
Posted Oct 19, 2000
Site redhat.com

Red Hat Security Advisory - A local security hole has been found in GnoRPM due to insecure temp file handling.

tags | local
systems | linux, redhat
MD5 | 92c0318c5eb9a7c8acfd1019ddd986e9
Posted Oct 19, 2000
Authored by Zen-Parse

/usr/sbin/userhelper / kbdrate local root exploit - works only at console. Works well for people you know.

tags | exploit, local, root
MD5 | 7d5d4a74b7f48563794fd01efa8426ba
Posted Oct 19, 2000
Authored by Thun

Dafinger.pl attempts to find valid logins on hosts which run a finger service by guessing common user names.

tags | tool, scanner
systems | unix
MD5 | b3532e702f92ca2bb0f350d16097fbe3
Posted Oct 19, 2000
Authored by Sinfony

Slackware Linux's ppp-off command uses /tmp insecurely by writing ps output to /tmp/grep.tmp, allowing an unprivileged user to overwrite any file as root.

tags | exploit, root
systems | linux, slackware
MD5 | 7783c36ac5381617d59657e340e75e90
Posted Oct 19, 2000
Site ussrback.com

USSR Advisory #55 - A buffer overflow has been discovered in HyperTerminal which can cause arbitrary code from a HTML mail message to be executed via a telnet: URL, as described in here.

tags | overflow, arbitrary
MD5 | 78e5e95fd4f4bacc79bc8616c97323e1
Posted Oct 19, 2000
Authored by Jay Beale | Site bastille-linux.org

Bastille Linux aims to be the most comprehensive, flexible, and educational Security Hardening Program for Red Hat Linux 6.0/6.1. Virtually every task it performs is optional, providing immense flexibility. It educates the installing admin regarding the topic at hand before asking any question. The interactive nature allows the program to be more thorough when securing, while the educational component produces an admin who is less likely to compromise the increased security.

Changes: New stable release incorporating changes from many betas. Many bugs fixed.
systems | linux, redhat
MD5 | 2422b75788d433caac4ac93c7047b5f6
Posted Oct 19, 2000
Authored by Ashtar

DNS Spy v 2.2 is a shell scripted DNS lookup scanner for class C networks which uses the host command.

tags | tool, shell, scanner
systems | unix
MD5 | 0a6e94bbcc6d96f6d241be440d729d6d
Page 3 of 10

File Archive:

April 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    60 Files
  • 2
    Apr 2nd
    0 Files
  • 3
    Apr 3rd
    0 Files
  • 4
    Apr 4th
    0 Files
  • 5
    Apr 5th
    0 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    0 Files
  • 9
    Apr 9th
    0 Files
  • 10
    Apr 10th
    0 Files
  • 11
    Apr 11th
    0 Files
  • 12
    Apr 12th
    0 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    0 Files
  • 16
    Apr 16th
    0 Files
  • 17
    Apr 17th
    0 Files
  • 18
    Apr 18th
    0 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2016 Packet Storm. All rights reserved.

Security Services
Hosting By