exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 101 - 125 of 248 RSS Feed

Files Date: 2000-12-01 to 2000-12-31

Openwall Linux Kernel Patch
Posted Dec 15, 2000
Authored by Solar Designer | Site openwall.com

The Secure-Linux patch adds a few security features to the kernel which, while not a complete method of protection, will stop most of the 'cookbook' buffer overflow exploits cold. It also adds the option of restricting the use of symlinks and named pipes in +t (temp) directories which fixes most tmp-race exploits as well. It can also add a little bit more privacy to the system by restricting access to parts of /proc to root so that users may not see who else is logged on or what they're doing. Also tightens down file descriptors 0, 1, and 2, implements process limits and shared memory destruction, and priveledged IP aliases for kernel 2.0.

Changes: Now works on kernel 2.2.18! Also includes workarounds for GNU MailMan and Courier Mail. Readme available <a href="http://www.openwall.com/linux/README"here.</a>
tags | overflow, kernel, root
systems | linux
SHA-256 | 9e7bf4bf8d704bdfa6dcc56066ed237fdc76140d9939c21863c15318242d51a6
anomy-sanitizer-1.33.tar.gz
Posted Dec 15, 2000
Authored by Bjarni R. Einarsson | Site mailtools.anomy.net

The Anomy mail sanitizer is a filter designed to block email-based attacks such as trojans and viruses. It reads an RFC822 or MIME message and removes or renames attachments, truncate unusually long MIME header fields and sanitizes HTML by disabling Javascript and Java. It uses a single-pass pure Perl MIME parser, which can make it both more efficient and more precise than other similar programs and has built-in support for third-party virus scanners.

Changes: This release fixes a bug where MIME-boundaries could get corrupted under very specific conditions, thus making one or more attachments illegible.
tags | trojan, perl, javascript, virus
systems | unix
SHA-256 | 98eb2f63e572a4aa415b91b47db7527b0c11c5db548aa6a529bfb715ca5071df
lids-0.9.11-2.2.18.tar.gz
Posted Dec 15, 2000
Authored by Xie Hua Gang | Site lids.org

The Linux Intrusion Detection System is a patch which enhances the kernel's security. When it's in effect, many system administration operations can be made impossible even for root. You can turn the security protection on or off on the fly and you can hide sensitive processes and prevent anyone from using ptrace or any other capability on your system. LIDS can also provide raw device and I/O access protection.

Changes: This release includes various bugfixes in lidsadm and is compatible with kernel 2.2.18.
tags | kernel, root
systems | linux
SHA-256 | 77d51a6ef53e377459d132a3d65faba0ed5c39b85e2f9439483a99a686abc0fe
CA-2000-22.lprng
Posted Dec 15, 2000
Site cert.org

CERT Advisory CA-2000-22 - Input Validation Problems in LPRng. A popular replacement software package to the BSD lpd printing service called LPRng contains at least one format string vulnerability in the syslog() function, which allows remote users with access to TCP port 515 to execute arbitrary code on vulnerable systems as root. Fix available here.

tags | remote, arbitrary, root, tcp
systems | bsd
SHA-256 | 7fc230b21bc7c073377322bd6f4f933c974648e8cc9f128acc8e460b7085da36
icqrin13.zip
Posted Dec 15, 2000
Authored by Moritz Bartl | Site headstrong.de

Icqrinfo is a Windows program which reads information (including passwords, personal information, and deleted contact list information) stored in ICQ.DAT files. ICQ Versions 99a, 99b, 2000a, and 2000b are supported.

Changes: Support for ICQ 2000b and a few bugs have been fixed. It contains a plain routine to extract contact list information to a textfile.
systems | windows
SHA-256 | 3c1bbb96928d420b7f704c1d789026a92c786f88ccbf3cf8776784146905cf01
attacker.zip
Posted Dec 15, 2000
Site members.home.com

A simple TCP port listener. You provide a list of ports to listen on and the program will notify you when a connection is made to the port(s). Can minimize to the system tray and play an audible alert. This program is intended to act as a guard dog to notify you of attempted probes to your computer via the Internet. 11/19/1998 release.

tags | tcp
SHA-256 | 3391210655a754537c5e861930e9b93630d18972107662c36c2f83492e3f923c
udpflood.zip
Posted Dec 15, 2000
Authored by Robin Keir | Site foundstone.com

UDPFlood v2.0 is a UDP packet sender. It sends out UDP packets to the specfied IP and port at a controllable rate. Packets can be made from a typed text string, a given number of random bytes or data from a file. This program was written to stress test game servers where I work. It proved to be especially useful for bullet-proofing the packet receiving code, making sure it could deal with various combinations of formatted and random data.

tags | denial of service, udp
SHA-256 | 4b7ae9a55e88c36ba84ba2aa2fa3321494b17e84ce127a199df2a3a8ef60d764
Blast20.zip
Posted Dec 15, 2000
Authored by JD Glaser | Site foundstone.com

Blast v2.0 - A small, quick TCP service stress test tool. Blast does a good amount of work very quickly and can help spot potential weaknesses in your network servers.

tags | tcp
SHA-256 | 4748961063184db9300cb0e92b5327c7001591c319c6cac0ad3f148a0474d49f
setreuid_1-255.asm
Posted Dec 15, 2000
Authored by vade79, realhalo | Site realhalo.org

Shellcode which does a setreuid before spawning a shell. Allows you to choose which UID / GID to use.

tags | shell, shellcode
systems | unix
SHA-256 | bab59cebad1397fb98c625b155e3892b60680d09a40410d2dae76cd0f4e43062
killntoe.c
Posted Dec 15, 2000
Authored by vade79, realhalo | Site realhalo.org

Nettoe v1.0.5 denial of service attack - Causes the Nettoe server to use all available CPU cycles and lock the game.

tags | exploit, denial of service
SHA-256 | 0829ddccf17a5f6cf8784776e011d370671b9df074562df981cf1b37ab918cdd
Newbie Guide To The Underground
Posted Dec 15, 2000
Authored by Ratdance

A serious newbies guide to the underground.

tags | paper
SHA-256 | 370184283306338515c762102e2da6cd29d333067479676072a56635fb416bde
sa_09.txt
Posted Dec 15, 2000
Site nsfocus.com

NSFOCUS Security Advisory (SA2000-09) - EZshopper v2.0 and v3.0 from AHG contains remote CGI vulnerabilities which allow an attacker to get directory listings and sensitive file contents. Exploit URL's included.

tags | remote, cgi, vulnerability
SHA-256 | 26cabffb2d71d094476b9be5255376ed3fa9940c9c2776dc3aa0c73a88675d8a
sa_08.txt
Posted Dec 15, 2000
Site nsfocus.com

NSFOCUS Security Advisory (SA2000-08) - Microsoft IIS for Far East Editions File Disclosure Vulnerability. Submitting a malformed URL with a non-ascii character, a different file can be opened and the contents read. Vulnerable versions include IIS 4.0 (Far East Edition) previous to SP6 and IIS 5.0 (Far East Edition). English versions are unaffected. Exploit will be released soon.

SHA-256 | 18ac62855ee1f46fc88efa8ccb402ebb65f449eb0664a5ce46786c49c83d7b5b
0011-exploits.tgz
Posted Dec 15, 2000
Authored by Todd J. | Site packetstormsecurity.com

Packet Storm new exploits for November, 2000.

tags | exploit
SHA-256 | bceee421a4f65a0ececf0fa87e308b9cb4bcd88b4982b651a42a90dc7473b73c
lsof_4.53_W.tar.gz
Posted Dec 14, 2000
Authored by Vic Abell

Lsof is an extremely powerful unix diagnostic tool. Its name stands for LiSt Open Files, and it does just that. It lists information about any files that are open by processes currently running on the system. It easily pinpoints which process is using each network connection / open port.

Changes: OpenBSD 2.8 and Mac OS X support, Linux socket fixes, and misc bug fixes.
tags | tool, intrusion detection
systems | unix
SHA-256 | 57df5e8ccc729dafda5c118f31e4b586da09dfbb073877d31f195da1e13bc0a1
NTOMax20.zip
Posted Dec 13, 2000
Authored by JD Glaser | Site foundstone.com

NTOMax v2.0 - A scriptable, server stress testing tool.This tool takes a text file as input and runs a server through a series of tests based on the input. The purpose of this tool is to find buffer overflows and DOS points in a server.

tags | overflow
SHA-256 | ef34377a85529f26bafd7fc023eda8fc64b8470ac6e53c53e19d8e7325857bf9
trout.zip
Posted Dec 13, 2000
Authored by Robin Keir | Site foundstone.com

Trout v2.0 is a visual (i.e. GUI as opposed to command-line) traceroute and Whois program. Pinging can be set at a controllable rate as can the frequency of repeatedly scanning the selected host. The built-in simple Whois lookup can be used to identify hosts discovered along the route to the destination computer. Parallel pinging and hostname lookup techniques make this traceroute program perhaps the fastest currently available.

SHA-256 | a9a707eed5f6c64b0c4510a6c2acc3c72c62491acd8823b26b64bbf1a8a50df9
superscan.exe
Posted Dec 13, 2000
Authored by Robin Keir | Site foundstone.com

SuperScan v3.0 - SuperScan is a powerful connect-based TCP port scanner, pinger and hostname resolver. Multithreaded and asynchronous techniques make this program extremely fast and versatile.

tags | tcp
SHA-256 | a4df0e59a28d75e143117051a04d52f4a61a9ea7b23c41ad51a3a829cad62b58
ddosping.zip
Posted Dec 13, 2000
Authored by Robin Keir | Site foundstone.com

DDoSPing v2.0 is a Win 9x/NT GUI scanner for the DDoS agents Wintrinoo, Trinoo, Stacheldraht and TFN.

tags | denial of service
SHA-256 | 57e4cd81c86b8688f78c15c437701b1ad27ae8e1d7f7f442aaa71aca2ec3d421
boping.zip
Posted Dec 13, 2000
Authored by Robin Keir | Site foundstone.com

BOPing is a network scanner for the infamous Back Orifice trojan. It is many times faster than the ping sweeper built in to the original client program. This is intended as a vigilante tool to notify victims who unknowingly have the trojan on their system. It includes the ability to notify detected victims by sending them a BO message box message directly from within the program.

tags | trojan
SHA-256 | 1e5f64dd410ef6765183eaf15f87fed4f26d1952d8389f363cf6f9479d1b4274
patchit.zip
Posted Dec 13, 2000
Authored by Robin Keir | Site foundstone.com

Patchit v2.0 is a file byte-patching utility. This is driven by a simple scripting language. It can patch sequences of bytes in any file, search for byte patterns (with wildcards) and also extract and utilize DLL exported function addresses as source positions in files to be patched.

SHA-256 | 519813ce0cd53d0202964737cc201c22426b6813ed26d46a1e07e85708c1a151
bintext.zip
Posted Dec 13, 2000
Authored by Robin Keir | Site foundstone.com

BinText v3.0 is a small and fast text extractor that will be of particular interest to programmers. It can extract text from any kind of file and includes the ability to find plain ASCII text, Unicode (double byte ANSI) text and Resource strings, providing useful information for each item in the optional "advanced" view mode. It's comprehensive filtering helps prevent unwanted text being listed. The gathered list can be searched and saved to a separate file as either a plain text file or in informative tabular format.

SHA-256 | 7842378df02ffb07486a2858620214aac559627bdbbe6fd9b1016c79c3263fad
showin.zip
Posted Dec 13, 2000
Authored by Robin Keir | Site foundstone.com

Showin is a utility which can display hidden password editbox fields (text behind the asterisks *****). This will work in many programs although Microsoft have changed the way things work in some of their applications, most notably MS Office products and Windows 2000. ShoWin will not work in these cases. Neither will it work for password entry boxes on web pages, at least with most web browsers.

tags | web
systems | windows
SHA-256 | ab0aa66b96b80e917509ca0e95fd64b18e178eaa2829969b1c68d1d643ed2275
filewatch.zip
Posted Dec 13, 2000
Authored by Robin Keir | Site foundstone.com

FileWatch v1.0 is a file change monitor. FileWatch (originally called ICEWatch 1.x) is a small utility that can monitor a given file for changes. Monitoring can detect file size changes or simply file writes, both with minimal impact on system resources (no polling is performed). The primary use of this utility is for monitoring changes in the log file of a personal firewall program and being able to spawn a separate application when changes are detected, but the tool can be applied to any number of other uses.

SHA-256 | 36d4ecbff2288777330ce9694cc1b2c2eaeb922eab01c891f24c721eb3376c29
ForensicToolkit20.zip
Posted Dec 13, 2000
Authored by JD Glaser | Site foundstone.com

Forensic Toolkit v2.0 is a file properties analyzer designed to examine the files on a disk drive for unauthorized activity. Lists files by their last access time, search for access times between certain time frames, and scan the disk for hidden files and data streams.

SHA-256 | 4d29428f9ff309f7b8d1dae8cf523a7dcbcace17b6b2fa9a7708117299dc0fa4
Page 5 of 10
Back34567Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close