exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 76 - 100 of 248 RSS Feed

Files Date: 2000-12-01 to 2000-12-31

SSHWin-2.3.0.exe
Posted Dec 18, 2000
Site ssh.org

SSH (Secure Shell) Windows Port is a program to log into another computer over a network, to execute commands in a remote machine, and to move files from one machine to another, providing strong authentication and a secure communications over insecure channels.

Changes: Bug fixes and improvements.
tags | remote, shell, encryption
systems | windows
SHA-256 | 1c10f86cd298421f103a95d0a4a409ec81be753bee56f50597583959420c25c3
ssh-2.3.0.tar.gz
Posted Dec 18, 2000
Site ssh.org

SSH (Secure Shell) is a program to log into another computer over a network, to execute commands in a remote machine, and to move files from one machine to another, providing strong authentication and a secure communications over insecure channels.

Changes: Included SUA support, fixed bug in ssh-keygen2 under HP-UX, added -i, -c, and -o options to scp2, and took out uid and gid changing in the remote host from scp2 and sftp2 which fixed certain Solaris problems.
tags | remote, shell, encryption
SHA-256 | 0d2e2786422e45bc6fce6457c79843333a996a70dfbccba25fbe09473f68ad0b
mimedefang-0.7.tar.gz
Posted Dec 18, 2000
Authored by Dianne Skoll | Site roaringpenguin.com

MIME Defanger is a flexible MIME e-mail scanner designed to protect Windows clients from viruses and other harmful executables. It works with Sendmail 8.10 / 8.11 and will alter or delete various parts of a MIME message according to a flexible configuration file.

Changes: Safer handling of temporary working files, new action_discard silently discards messages, and other minor fixes.
systems | windows, unix
SHA-256 | 485d03e49b5c70c6c4aa398190b39e5c248e06620003e0718084bc738090c51f
dsniff-2.3.tar.gz
Posted Dec 18, 2000
Authored by Dug Song | Site monkey.org

dsniff is a suite of utilities that are useful for penetration testing. It consists of the following programs: arpredirect intercepts packets from a target host on the LAN intended for another host on the LAN by forging ARP replies. findgw determines the local gateway of an unknown network via passive sniffing. macof floods the local network with random MAC addresses. tcpkill kills specified in-progress TCP connections. dsniff is a powerful sniffer which automatically detects and parses many protocols, only saving the interesting bits. filesnarf saves files sniffed from network file system traffic. mailsnarf outputs all messages sniffed from SMTP traffic in Berkeley mbox format. webspy sends URLs sniffed from a client to your local Netscape browser for display, updated in real-time.

Changes: New programs: dnsspoof, msgsnarf, sshmitm, webmitm. Dnsspoof forges DNS queries and answers, msgsnarf records selected messages from sniffed AOL Instant Messenger, ICQ 2000, IRC, and Yahoo! Messenger chat sessions, sshmitm monkey-in-the-middle. proxies and sniffs SSH traffic redirected by dnsspoof(8), capturing SSH password logins, and optionally hijacking interactive sessions. webmitm transparently proxies and sniffs web traffic redirected by dnsspoof(8), capturing most "secure" SSL-encrypted webmail logins and form submissions. Also added VRRP, pcAnywhere 7, 9.x, SMTP, rexec, RPC ypserv, NNTPv2, Checkpoint Firewall-1 Session Authentication Agent, and Microsoft PPTP MS-CHAP (v1, v2) parsing to dsniff.
tags | tool, local, sniffer, tcp, protocol
SHA-256 | 24844b9aecb37c603acba7e5d7d54fcb89ac8d2f19c95606476444378b4f46fd
fyres.c
Posted Dec 17, 2000
Authored by truff | Site asmbeginer.com

Fyres.c is a spoofing utility for IRC for Linux. Uses the technique popularized by Kevin Mitnick. Commented in French. Uses Libpcap.

tags | spoof
systems | linux
SHA-256 | ac3eb7401f1641fe67d346fe23822fbf6df18d8fba4832751176794727c927f5
asmd.tgz
Posted Dec 17, 2000
Authored by Ripper

ASMD is a local root backdoor which is a wrapper which can wrap any setuid binary.

tags | tool, local, root, rootkit
systems | unix
SHA-256 | df90d44218bdc10526d2dbff5bbc12c3638c4953874da10420d36f57091e36eb
StJude_LKM-0.06.tar.gz
Posted Dec 17, 2000
Authored by Tim Lawless | Site sourceforge.net

Saint Jude LKM is a Linux Kernel Module for 2.2.0 and greater kernels. This module implements the Saint Jude model for improper privilege transitions. This will permit the discovery of local, and ultimately, remote root exploits during the exploit itself. Once discovered, Saint Jude will terminate the execution, preventing the root exploit from occurring. This is done without checking for attack signatures of known exploits, and thus should work equally well for both known and unknown exploits.

Changes: Fixed some broken code from 0.05 due to a 2AM release.
tags | remote, kernel, local, root
systems | linux
SHA-256 | 3e8c3b45c5408af069bcf8afd580a27ef66c4ba362fb62e8019194ddb54b3518
freebsd.org-report.txt
Posted Dec 17, 2000
Authored by Karin, Joost Pol aka Nohican

How Freebsd.org was hacked - By combining insecurities in two CGI scripts, www.freebsd.org was taken over by Nohican and Frank Van Vliet.

tags | paper, cgi
systems | freebsd
SHA-256 | a9d71e318700dd856a56a3d174a9700ea8a3e6f68489a1adb726739dc6089ab0
crypto-gram-0012.txt
Posted Dec 16, 2000
Authored by Bruce Schneier, crypto-gram | Site counterpane.com

Crypto-gram for December 15, 2000. In this issue: Voting and Technology, Crypto-Gram Reprints, IBM's New Crypto Mode of Operation, Solution in Search of a Problem: Digital Safe-Deposit Boxes, and New Bank Privacy Regulations.

tags | cryptography, magazine
SHA-256 | ff3f1cc0bac61ff3d6e20ab4e727a56aa83079c0f8ff7ab9d5432dd099ba8ad9
ms00-097
Posted Dec 16, 2000

Microsoft Security Bulletin (MS00-097) - Microsoft has released a patch that eliminates a security vulnerability in Microsoft Windows Media Server which allows malicious users to degrade the performance of a Windows Media server to the point where it could no longer provide useful service. When a connection to a Windows Media server is made, then severed, using a particular sequence of TCP/IP packets, the Windows Media Unicast Service does not release all of the resources allocated to the connection. When repeatedly making and then severing connections in this manner, malicious users can exhaust the resources of the server. Microsoft FAQ on this issue available here.

tags | tcp
systems | windows
SHA-256 | 613f0a1ea210493f1edac7eb5a50da9377cf301c0cd903f10d888953a7de0f9e
xsold.c
Posted Dec 16, 2000
Authored by Zorgon | Site nightbird.free.fr

Linux Xsoldier local root buffer overflow exploit. Overflows the -display command line option.

tags | exploit, overflow, local, root
systems | linux
SHA-256 | b399b42f07b8641525a5352aaf822e9698210c090495c285cd9fc11af3fdf062
ao20pr_p.zip
Posted Dec 16, 2000
Site elcomsoft.com

Advanced Office 2000 Password Recovery (professional edition) - Recovers lost passwords for Microsoft Word, Excel, Access, PowerPoint 97, Project, Money, Outlook, Backup, Schedule+, Mail, IE 3, 4, and 5, Visio 4 and 5, and others. All passwords are decrypted instantly except Word/Excel 97/2000 which has strong crypto and is only vulnerable to brute force attack. 30 day trial, although it does not actually expire.

tags | cryptography
SHA-256 | 36a029d56d699a3688c129dac53346e12e550312cc228e997b4d90d9939a70cc
idsa-0.84.tar.gz
Posted Dec 16, 2000
Site cs.uct.ac.za

IDS/A is an experimental interface between applications and a daemon which functions as system logger, reference monitor, and soon intrusion detection system. IDS/A is not yet complete, but can already be used as system log replacement with extra neat features such as automatic log rotation. It also ships with two example applications which demonstrate how the system can be used to block basic banner grabbing port or CGI scanners.

tags | cgi, system logging
systems | unix
SHA-256 | fa8dbeafaa0e09aaf18815c3c8f399c990d76fe3c94d68b2e9a889a7c19ff34a
XATO-122000-01
Posted Dec 15, 2000
Authored by Sozni | Site xato.net

Xato Security Advisory XATO-122000-01 - The majority of the command-line SMTP mailers available for Win32-based systems are vulnerable when used to send mail from a web server. The vulnerabilities found allow remote web users to read and/or write to the servers file system, retrieve files from the server's file system as mail attachments, bounce and/or spoof e-mail messages, spam, flood, mail bomb, or otherwise use a server's resources without authorization, bounce off a server to perform port scans, bounce off a server to perform brute-force attacks to POP and/or SMTP accounts, reroute all the mail through an untrusted mail server by changing mailer options, and launch dos attacks against the server or other systems. Vulnerable mailers include BatMail v1.8d, Blat v1.85h, CGIMail v2.5, CLEMAIL v1.3, Comments v1.7, FormVar v1.61, GBMail v2.02, MailForm v1.96, MailMe! v1.6, MailPost v5.1, MailSend v7.15, MailSend v3.18, NetFormDD v2.9, Postie v6, SendFile v1.0, Stalkerlab's Mailers V1.2, WindMail v3.05, WebMailer Pro v1.2, WebMailer Lite v1.2, and wSendmail v1.5.

tags | remote, web, spoof, vulnerability
systems | windows
SHA-256 | 5778b64953305f37414121c27758dc5965bc40da638cb84c38fd43be55ea05a4
rdC-LPRng.c
Posted Dec 15, 2000
Authored by venomous | Site rdcrew.com.ar

LPRng v3.6.24 and below remote root exploit for Linux/x86 which exploits the syslog() format string vulnerability. Tested against the default install of Redhat 7.0 (LPRng-3.6.24-1) and LPRng3.6.22-1 installed on Slackware 7.0.

tags | exploit, remote, x86, root
systems | linux, redhat, slackware
SHA-256 | 711ec9e53d55297ca043c724b126975613590c27a195978efaf80054e1390558
IDMEF-xml-plugin_0.1.tar.gz
Posted Dec 15, 2000
Authored by Joe McAlerney | Site silicondefense.com

Intrusion Detection Message Exchange Format (IDMEF) XML output plugin for Snort - Produces IDMEF messages in response to events triggering Snort rules. It is configured in a standard Snort configuration file, and can run concurrently with existing Snort logging output.

tags | tool, sniffer
SHA-256 | 47be696d8de817eee9d309676ddafdcad0bd15b9991cfc434abf5f7c06d62654
ipfirewall
Posted Dec 15, 2000
Authored by Magda Cien

Ipfirewall v3.1 is a script which configures a Unix firewall. Includes compatibility for ipchains, ipfw, ipfwadm, and natd. Designed for linux or BSD.

tags | tool, firewall
systems | linux, unix, bsd
SHA-256 | cf6bdbbe6a015b9b900e4aeabaee56db61c9543a9b63771c185f0f50a5e5da7a
Internet Security Systems Security Advisory December 14, 2000
Posted Dec 15, 2000
Site xforce.iss.net

WatchGuard SOHO is an appliance firewall device targeted at small to mid-sized companies that wish to connect their network to the Internet. ISS X-Force discovered the following vulnerabilities in the SOHO Firewall that may allow an attacker to compromise or deny service to the device:

tags | remote, vulnerability
SHA-256 | 8cc47b08e479f3101cc3f6ca9d94c2fd332658761e4a019a84429b4c8c47abfb
nscan07.exe
Posted Dec 15, 2000
Authored by Averk | Site nscan.hypermart.net

NScan is a very fast portscanner for Windows (up to 200 ports per second) for both hosts and large networks with numerous features: it scans not only address ranges, but also files with host lists (e.g. proxy list, domain zone or old log), writes logs at the different detail levels, has speed limits, pre-defined service sets and so on. It includes a set of additional tools: whois client, that supports automatic information recognition and fetch, has query history and other features; traceroute, that traces all the way to the host at once in one or two seconds, making route discovery tenth times faster; TCP-based DNS client that supports most of the available options, including AXFR zone transfer.

Changes: Bug fixes and updates.
tags | tcp
systems | windows
SHA-256 | 336b6d9ffde4587d851f236b75356d3c8f8df2eb7928cf02a262ba738c03f85b
StJude_LKM-0.05.tar.gz
Posted Dec 15, 2000
Authored by Tim Lawless | Site sourceforge.net

Saint Jude LKM is a Linux Kernel Module for 2.2.0 and greater kernels. This module implements the Saint Jude model for improper privilege transitions. This will permit the discovery of local, and ultimately, remote root exploits during the exploit itself. Once discovered, Saint Jude will terminate the execution, preventing the root exploit from occurring. This is done without checking for attack signatures of known exploits, and thus should work equally well for both known and unknown exploits.

Changes: Added new response method which will execute an external command to record and deal with the intrusion. It is likely to be noted by an astute individual that this also affords the opportunity to counter-attack the attacker, using their control channel against them.
tags | remote, kernel, local, root
systems | linux
SHA-256 | 0a1f1e745c9305728343c29b50726a9384d6f9f0123caec99ec9473b156315fb
stunnel-3.9.tar.gz
Posted Dec 15, 2000
Authored by Michal Trojnara | Site stunnel.org

Stunnel is a program that allows you to encrypt arbitrary TCP connections inside SSL (Secure Sockets Layer) available on both Unix and Windows. Stunnel can allow you to secure non-SSL aware daemons and protocols (like POP, IMAP, NNTP, LDAP, etc) by having Stunnel provide the encryption, requiring no changes to the daemon's code.

Changes: Fixes a security vulnerability in the syslog() function, uses an improved ssl loop to combat the 'random hang' problem of previous releases, and correctly honors client keylength requests. We strongly suggest you upgrade now.
tags | arbitrary, encryption, tcp, imap, protocol
systems | windows, unix
SHA-256 | 6e5823fa9edd49e61120e42eff0ef519263f3c773f984da6ec77d63e51a183f2
g2s-0.4.1.tar.gz
Posted Dec 15, 2000
Site jedi.claranet.fr

G2S is a smart, all-in-one frontend between client and server applications. It features portability, a robust super-server (inetd) replacement, TCP-wrappers integrated with paranoid DNS checks and support for broken or fake name servers, handy but detailed log files, support for various protocols (raw IP, ICMP, GGP, TCP, EGP, PUP, UDP, RDP), IPv6 compliance, IPv6 to IPv4 gatewaying, and support for RBL maps for automatic spam filtering.

tags | udp, tcp, protocol
systems | unix
SHA-256 | 7032acdac4351ce4a81bc1552c9d0244076982c9f5f469cbed77b3c2c5a1affd
vmail-0.5.6-devel.tar.gz
Posted Dec 15, 2000
Site virtua-web.co.uk

Vorpal Mail is an easily configurable but flexible replacement for sendmail, supporting advanced features such as virus scanning, virtual domains, etc.

tags | virus
systems | unix
SHA-256 | e5206c70485e446e7bf4a50d9973d709a5ecbd046844b46dfb8e84bc29dae99e
securecgi-1.0.tar.gz
Posted Dec 15, 2000
Site jedi.claranet.fr

The Secure CGI Library eases the development of C/C++ Web applications using the CGI interface. It's designed with security in mind and can enforce correct limits to avoid common denial-of-service attacks. It can also handle an unlimited number of variables with unlimited content size, and with very fast parsing and hashed lookups.

tags | web, cgi, library
SHA-256 | fb8afc71525fd3a7a7393057d5b7321cfb29ad3cead3d057d120b6cde64db024
unrm-0.91.tar.gz
Posted Dec 15, 2000
Authored by Octavian Popescu | Site hideout.art.ro

unrm is a small linux utility which can, under some circumstances, recover almost 99% of your erased data (similar to DOS's undelete).

Changes: This release searches through all erased data for the data, allowing for far more accurate recovery.
tags | tool
systems | linux, unix
SHA-256 | c461c5b17f93bf7b8d5f6b731db312a72037b5fd0d83072b98b17ffea9ea3af3
Page 4 of 10
Back23456Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close