what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 76 - 100 of 215 RSS Feed

Files Date: 2001-04-01 to 2001-04-30

if-1.4.9b.tar.gz
Posted Apr 22, 2001
Site karynova.com

Iridium Firewall is a very strong ipchains-based firewall with support for 21+ network services (including DHCP, NFS, SMB, HTTP, FTP, Telnet, etc.), masquerading, online gaming, multicasting, TOS flags, and specific port and IP blocking. Protections include twelve different types of IP spoofing, stuffed routing/masquerading, DoS, smurf attacks, control of the full range of ICMP datagrams, and many more. The script is configured completely through the use of a configuration file; no code hacking is required, but it is written so that users that know what they are doing can easily configure the script themselves. Iridium Firewall is heavily commented with instructions and explanations on various topics.

tags | tool, web, spoof, firewall
systems | linux
SHA-256 | 53580bf99b18eaac6e7e2840452a30ef213272c5f85b3b74626e37b641fb44ba
unidebug.zip
Posted Apr 21, 2001
Authored by Shrikant Raman

Unidebug is another exploit for the begging-to-get-patched IIS unicode bug. Takes advantage of the DOS/Win debug.exe to create binary files on the remote site.

tags | exploit, remote
SHA-256 | 8e17e7b0f8c5238e4b25523275f6838f53fb410606405d67218f8f95d39afcd6
vocabind-1.c
Posted Apr 21, 2001
Authored by DanteAlighieri

VocabScan v1.0 (dig version) scans just .com and outputs to result.txt. Takes the hosts from a wordlist, so be sure between IPs there are not undesired domains.

tags | tool, scanner
systems | unix
SHA-256 | 94aee50dc4cb80d46e86b902bab25b703f67984806193dcb779bea6b393b2ac0
webspider_1.1.pl
Posted Apr 21, 2001
Authored by T-Omicron | Site t-omicr0n.hexyn.be

Webspider v1.1 is a perl script that, when given a start page, will "follow" every link it finds, scanning the HTML code for the use of CGI's. WebSpider will report every CGI used by a webmaster in seconds.

tags | tool, cgi, scanner, perl
systems | unix
SHA-256 | 1b70f0f8a2720859cab88cd9fed76c3a1b90a455f7c30e10982eadb7d0892702
fk-0014.zip
Posted Apr 21, 2001
Authored by Wizdumb, fk

Forbidden Knowledge Issue 14 - Reconstructing serialized Java objects from sniffer logs, Blackhole TCP/UDP behavior and its effect of nmap, More fun with CyberXpress Internet Kiosks, The lazy man's "PGPDisk for BSD", More fun with Nedbank ATMs, Dumb Motorola T2288 Trick, and "Privacy and other myths of the 21st century".

tags | java, udp, tcp, magazine
systems | bsd
SHA-256 | 39d58aedc6af335d0d57fca798298950eefe903eab83712c5deaa046b7170bb9
iexslt.txt
Posted Apr 21, 2001
Authored by Georgi Guninski | Site guninski.com

Georgi Guninski security advisory #43, 2001 - It is possible to execute Active Scripting with the help of XML and XSL even if Active Scripting is disabled in all security zones. This is especially dangerous in email messages. Though this is not typical exploit itself, it may be used in other exploits especially in email. To use the demonstration, disable Active Scripting and click here. If you see any message box you are vulnerable.

tags | exploit
SHA-256 | c7fe5497623b82391c2f6f8c4e0d6f0cddd8405282c73ba789be9d2a1a709bdc
fk-0013.tgz
Posted Apr 20, 2001
Authored by Wizdumb, fk

Forbidden Knowledge Issue 13 - Hacking the Cyber Xpress Internet Kiosk, Hacking in Switched Environments, mIRC 5.41 DoS, M-Web Dialup Hostname Reference, Just how stupid Diana PABXs are, More Vodacom VMB hacking nonsense by Wizdumb, Fun with Windoze Networking by Wizdumb, "The Blob", And other true tales of stupidity.

tags | web, magazine
SHA-256 | 2753a98c4e0d6314d14ad99ca5f91a05ffb7bac94087f6c4792d945ce495a46d
defcom.cyberscheduler.txt
Posted Apr 19, 2001
Authored by Enrique A. Sanchez Montellano | Site defcom.com

Defcom Labs Advisory def-2001-18 - Cyberscheduler for Linux, Windows, and Solaris lacks bounds checking on the timezone variable, allowing remote root compromise. Patch available here. Includes proof of concept exploit x-cybershcehd.c and a shell script to brute force the offset. Vulnerable systems include Mandrake, RedHat, Slackware, Caldera, Suse, Debian, Windows NT, 2000 (IIS 4.0 and 5.0), and Solaris 2.5, 2.6, 7, and 8.

tags | remote, shell, root, proof of concept
systems | linux, redhat, windows, solaris, suse, slackware, debian, mandrake
SHA-256 | 21c37966585bd74ddeb800641942dfeff9778cd7e600ab1a642ec1d919315aa4
defcom.innfeed.txt
Posted Apr 19, 2001
Authored by Alex Hernandez, Enrique A. Sanchez Montellano | Site defcom.com

Defcom Labs Advisory def-2001-19 - Innfeed has local stack overflow vulnerabilities in the logOrPrint() function which can be exploited to give uid=news. Tested on Slackware 7.1, Mandrake 7.0, and RedHat 7.2. Includes a patch, proof of concept exploit x-startinnfeed.c, and a shell script to brute force the offset.

tags | overflow, shell, local, vulnerability, proof of concept
systems | linux, redhat, slackware, mandrake
SHA-256 | 4138178fdea0de7a98d769d075ebec0aa842b1ff03426901f91cd2c8b12ac932
xlock.txt
Posted Apr 19, 2001
Authored by Marco van Berkum

Removing the SUID bit from xlock causes enter to work as a password to unlock the screen for all users except root. With no SUID bit it can no longer read /etc/shadow, creating a blank .xlockrc, causing enter to be a valid password.

tags | exploit, root
SHA-256 | 7a3fc00fea0ff0994ae858e317eefc68874f30058a8c8af694cc82126a795089
spfx2.c
Posted Apr 19, 2001
Authored by Nijen Rode

spfx2.c is a linux kernel module which stops many exploits by protecting the system from code running on the stack. Works by limiting the use of key system calls to library functions. Although spfx2 does not prevent buffer-overflow related crashes, it does make it very difficult to break security with with a buffer-overflow attack, preventing most root compromises.

tags | overflow, kernel, root
systems | linux
SHA-256 | 21123c498529b71be6d347b91c4205c6d050024dbd2a5899cf8fb5b621b3df73
debian.samba.txt
Posted Apr 19, 2001
Site debian.org

Debian Security Advisory DSA-048-1 - Samba does not use temp files correctly, allowing local attackers to trick samba into overwriting arbitrary files. Both problems have been fixed in version 2.0.7-3.2.

tags | arbitrary, local
systems | linux, debian
SHA-256 | c64ca9f497ad002e62c183ca44b7e3a1180a6da09f6d05e942a74c5b380db8a7
icmp-log-0.4.tar.gz
Posted Apr 19, 2001
Authored by Zucco | Site w3.swi.hu

Icmp-Log v0.4 is a simple ICMP logger.

Changes: Better syslog() and log_it() function.
tags | system logging
systems | unix
SHA-256 | ca68646691293ec198e2109258822f5491defff735799a86db504b84fcaf73a9
check-ps-1.3.2.tar.gz
Posted Apr 19, 2001
Authored by Duncan Simpson | Site checkps.alcom.co.uk

Check-ps is a program that is designed to detect rootkit versions of ps that fail to tell you about selected processes. It currently requires /proc but other scanning methods can be implemented. The program will run in the background or one-shot mode. Check-ps has grown rather to better resist increasingly sophisticated attacks, generate more useful reports, and implement more detection methods. You are encouraged to check the signatures, available here.

Changes: Includes extended kill scanning which will detect LKM's such as adore-0.34. Includes new tests to generate a list of PID's by brute force.
tags | tool, intrusion detection
systems | unix
SHA-256 | b1c08424547c197563f6641aee28b0b9450246b337ba74064bd85a9711b9b8a1
fancylogin.c
Posted Apr 17, 2001
Authored by Ghost

Fancylogin 0.99.7 buffer overflow exploit. Fancylogin is usually not +s so this exploit isn't that dangerous. Tested on debian potato and kernel 2.2.18 and 2.2.19.

tags | exploit, overflow, kernel
systems | linux, debian
SHA-256 | 29d03dc71d859bbe4e1a2875ecdcaa1d77c2adb10f17069da1e18b83a08771c0
lcrzosrc-3.09.tgz
Posted Apr 17, 2001
Site laurentconstantin.com

Lcrzoex, created with the network library lcrzo, allows to test an Ethernet/IP network. For example, one can use it to sniff, spoof, create clients/servers, create decode and display packets, etc. The Ethernet, IP, UDP, TCP, ICMP, ARP and RARP protocols are supported. Lcrzoex and lcrzo were successfully installed under Linux, FreeBSD and Solaris.

Changes: Rewrite of most of the file/IPC/socket functions dealing with reading and writing data. Creation of functions lcrzo_fd_write_msg and lcrzo_stream_write_msg. These functions write their data in one step only.
tags | udp, spoof, tcp, protocol, library
systems | linux, solaris, freebsd
SHA-256 | dbfa70d9b6ce8ac4a17c12b0f95c81a072c7ebbcaf4406851176e70f4bcf9089
lids-1.0.7-2.4.3.tar.gz
Posted Apr 17, 2001
Authored by Xie Hua Gang | Site lids.org

The Linux Intrusion Detection System is a patch which enhances the kernel's security. When it's in effect, many system administration operations can be made impossible even for root. You can turn the security protection on or off on the fly and you can hide sensitive processes and prevent anyone from using ptrace or any other capability on your system. LIDS can also provide raw device and I/O access protection. LIDS FAQ available here.

Changes: Now works with kernel 2.4.3! Also includes an update for the lidsadm package, cleaner code, and better makefiles.
tags | kernel, root
systems | linux
SHA-256 | 4115335725a45f4603641308018122c98866dbd7787e7f9647379a7e21f766f6
01-2001.txt
Posted Apr 17, 2001
Authored by Cristiano Lincoln Mattos

Security flaw in Linux 2.4 IPTables using FTP PORT - If an attacker can establish an FTP connection passing through a Linux 2.4.x IPTables firewall with the state options allowing "related" connections (almost 100% do), he can insert entries into the firewall's RELATED ruleset table allowing the FTP Server to connect to any host and port protected by the firewalls rules, including the firewall itself. Advisory available here.

tags | exploit
systems | linux
SHA-256 | ae3602a2f75b24ef995eb290537dc514837d292b96235e884dbb43f17d8b9bcc
spapem.tar.gz
Posted Apr 17, 2001
Authored by s0ftpj, vecna | Site s0ftpj.org

The Spapem project aims to how how to elude securelevel under *BSD systems by hiding the fact that the system has been rebooted. Includes code to restore the PID, a LKM to change the uptime, a generic rootkit example, a module to remove startup messages, and instructions for patching init(8).

systems | bsd
SHA-256 | 82b43738fe9aaba0129a0e6210d475fb733357a302d34ecc0480bd867274d1d5
carbonite.tar.gz
Posted Apr 17, 2001
Site foundstone.com

Carbonite v1.0 is a LKM which is designed to investigate and detect rootkits, even LKM rootkits which patch calls to /proc. It works like lsof and ps at the kernel level, querying every process in Linux's task_struct, which is the kernel structure that maintains information on every running process in Linux. It gives administrators a more reliable method to identify all running processes on the system.

tags | kernel
systems | linux
SHA-256 | 9ea8e381203f46223874eea4e92810c3094d00eeda03ad7b927236f98a7cbb78
globulka.pl
Posted Apr 17, 2001
Authored by Venglin

FreeBSD-4.2-Stable ftpd GLOB remote root exploit in perl. This version requires user access and writeable home dir without chroot.

tags | exploit, remote, root, perl
systems | freebsd
SHA-256 | d9d003dd6fbf397662aaadea0cda37b79f4f487bbe81f0f4dca4c6995f5cb632
ISA.dos.txt
Posted Apr 17, 2001
Site securexpert.com

Denial of Service in Microsoft ISA server v1.0 - Microsoft ISA Server 1.0 on Windows 2000 Server SP1 is vulnerable to a simple network-based attack which stops all incoming and outgoing web traffic from passing through the firewall until the firewall is rebooted or the affected service is restarted. Exploit URL's included.

tags | exploit, web, denial of service
systems | windows
SHA-256 | 9d02d2508ec99a83764ebc8949250bbaa3f6a7f94d64565ec9d94e4721d64d5d
openbsd.glob.c
Posted Apr 17, 2001
Authored by Tomas Kindahl | Site codefactory.se

OpenBSD 2.x remote root GLOB exploit w/ chroot break. It is possible to exploit an anonymous ftp without write permission under certain circumstances. This is most likely to succeed if there is a single directory somewhere with more than 16 characters in its name. With write permissions, one could easily create such a directory.

tags | exploit, remote, root
systems | openbsd
SHA-256 | 5e2903fcb27602a8d106b23765838518455a5fb29fed0495120e4cdf16853274
clsidext.txt
Posted Apr 17, 2001
Authored by Georgi Guninski | Site guninski.com

Georgi Guninski security advisory #42, 2001 - By double clicking from Window Explorer or Internet Explorer on filenames with innocent extensions the user may be tricked to execute arbitrary programs. If the file extension has a certain CLSID, then Windows explorer and IE do not show the CLSID and only the harmless looking extension. Demonstration available here.

tags | exploit, arbitrary
systems | windows
SHA-256 | 4343d6e471cf14bde5baebc0d0bf30f0bf01a8f1220ae414f85aef130a942a42
1i0n.tar.gz
Posted Apr 17, 2001

1i0n.tar.gz is an executable package for the 1ion worm by the ramen crew. Includes several shell scripts and helper binaries.

tags | worm, shell
SHA-256 | c809a95720b0fc977cdf4bf07033e74055cbae62236d58c20fd20b1352efb33d
Page 4 of 9
Back23456Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close