Briis-1.pl is a unicode / decode IIS attack tool which includes SSL support under Linux. Features many checks for CMD.EXE, Caches the found directory, SSL support with SSLeay (Unix), Easy to use text file upload, Easy to use / encoding option, Relative path name program execution, and Virtual host support. More info available here.
02d511ae9e47f8a3122d180ba75ec52c4603ad0f5b0dc7d8ad3579832c4c1fdc
VIPRR 1.1 is the first public beta of a concept study of attack routers. It's a userland virtual router which can be used together with any routing protocol attack tools. One of the most interesting features is the ability to inject packets into GRE tunnels and therefore making it possible to perform the RFC1918 hacking attacks described in gre.html without modification of the tools.
f1543db4d953ccae8605fd93c2a39617d3e5693a1ebfb2bae6ca957a517416e9
Arpwarp is a tool which attempts to detect ARP spoofing attacks before executing a unix command (such as SSH or Telnet). This is the solaris version - The Linux version is available here.
0273b0048f41f1383b82f2a1445b9dafb3c3cab573cc73d817eb8fbf0b023cea
Arpwarp is a tool which attempts to detect ARP spoofing attacks before executing a unix command (such as SSH or Telnet). This is the linux version - The solaris version is available here.
fb4e374b3b67a9958140a897ca83b151e75d5d663b0f3a0fe9a2e70556277fa4
KIS is the Kernel Intrusion System, a powerful client / server LKM based rootkit.
1e702e017cefbe936077a52afd9e910ef6941a061c01106f322a61e1984687a9
rpcinfo-diff is a patch for the netkit version 0.17 rpc package, allowing a target port to be set for rpcinfo. This is useful for targeting older sun machines, which run rpcbind on a udp port greater than 32770.
d0fd8bb5faecc65d974419c39913e73f6bdaf0362a8460360ad9c24f0c690f53
Kbd v3.0 is a Linux loadable kernel module backdoor. Allows root access by modifying the SYS_utime and SYS_getuid32 system calls. Can be used in conjunction with cleaner.c from the adore root for stealth capability.
1e01acc4b6519e04281fd7a9cbecefe015e166620e9d670ffc0d78520451a2d7
Sshscan.c scans for port 22, grabs server type and version. Uses a list of IPs.
7eb790e4b309675487eb6113534ae3090026d8b6fb4f55a2279b59d861b627ef
63 byte connect-read-execve - linux-x86. This shellcode connects back and ask you for code to execute.
92eee9f754961c5729bb81fd22c2deff270d912773a857cf9b7eb698cbb63222
The NeoHapsis port is a comprehensive list of ports numbers and the services/trojans that run on them. Updated Jul 19, 2001. Archive password is set to p4ssw0rd. Use at your own risk.
6e6d76d94ece75f4137ed6a65c50cec59725d7872190b24bd092786d8cef3b04
Ifconfig and Netstat trojan - reads interfaces (sit0, eth0, eth0:1) from a file , defined in a char[] array and hides it.
378ba583e2eec0f73aef01b0a8b1baa9b18c41893fa4a18fdf01ab15e557a2fa
Libwhisker is a perl module for performing whisker CGI vulnerability checks. This is a preview release.
960d4be891522dd39a4a6fc33fd4765ddb81bffe80c0002f1a0f8c849c9e1977
Skydance v3.6 is a distributed denial of service tool for Windows. Uses the IP_HDRINCL option. Tested on Win98 and Win2k. Uses ICMP for communication.
a60ab7490d90ddc3b7b5a27d0532f12cbfc6684dbb168f89e17b31b688699739
Inflex is an email scanner which encapsulates your existing sendmail server setup. It scans both incoming and outgoing email and it does not alter your current /etc/sendmail.cf file. It can scan for email viruses, unwanted file types (eg. EXE, BMP, MPEG) and file names (eg. prettypark.exe). It can also be used to scan for text snippets within emails.
7e940e81b05c21de023858e47275acab82a79a82b5826e7471c5e5b9f3eb9dd8
Ktvision v0.1.1-271 and below symlink local root exploit. Tested against SuSE 7.1.
7484393e8ed414c9a92178e33e802ebab4f5ba09c299bb89762e99c3e225abf9
Tarantella 3.01 ttawebtop.cgi "show files" exploit. '..' and '/' are not filtered while processing user input, so it is possible to enter arbitrary values to retrieve files from remote sever, which should not be accessible normally. Exploit URL included.
9d5f4ace0d04cf6c840c506cafe1e2d3223f2c0444093380f59b04e3a168c8d5
/usr/local/bin/filter local exploit. Gives GID=mail. More information available <a href="http://www.tao.ca/fire/bos/0354.html"here.</a> Tested against Slackware 3.1. Exploits the nlspath buffer overflow.
ba1c94f39c9843539d6330b83182ca2c4e79cc085b9114c402708728dea02aae
FreeBSD 3.1 - 4.3 local root exploit - Uses the signal condition vulnerability discovered by G. Guninski.
877ecb999c4cc6e021713bc69df6e18a70c93bcd73f813c5488ecc59bcd1edb6
qDefense Advisory Number QDAV-2001-7-3 - Interactive Story does not properly validate the contents of a hidden field entitled "next". Setting that field to the name of a file, and using double dots and poison nulls, an attacker can cause Interactive Story to display the contents of any file. Exploit URL included.
97e8dec2dd73cc70c28c0ffa336013bf512a8924ca83704f520ae24b059baa61
Sneaky2.sh is a swiss army knife for Hotmail/Messenger. Implements Spoofing/brute force/misconception/unexpected input Class Attacks. Will spoof Hotmail/messenger server to recover user hotmail/password, crash messenger client, remotely inject and execute malicious exe on the victim host.
a20cd1bbf47e56f622a99907ad68665a56c73da31f4c7353938fa59ca1b6d1f4
Slackware 8.0 local root exploit - Creates a suid shell when "modprobe lp" is run from the startup scripts.
b8b095012e691aba701cd6577f74f4427437ebc53c5be9b4cc9758dc3d3cfeeb
Red Hat Security Advisory RHSA-2001:091-07 - Elm had a buffer overflow when handling very long message-ids. This overwrote other header fields, and could potentially cause more damage. Red Hat Linux 5.2, 6.2, 7 and 7.1 is vulnerable.
d4b372395a2cdc3ff027c6537d7c9d02e3d327aec80692578de48c794ce48673
Checkpoint Firewall-1's SecureRemote allows any IP to connect and download sensitive network information. This perl script gives a potential attacker a wealth of information including ip addresses, network masks (and even friendly descriptions).
e3619e7d295ef6e80dc77aada9c151eaf7aeff1c25021ef117f8331019de3414
Looking for Vulnerabilities - Our approach has been to look for a few common mistakes in programs (and scripts) of interest (mainly setuid, setgid programs and network servers). This paper focuses on unsafe temp files, unsafe environment, and buffer overflows.
f66499c4db19f49b5b6f1abda1969d8574ee7a5fbe0ed73010d9c2401d1d8dac
Cfingerd v1.4.3 remote root exploit for Linux. Binds to port 113 and sends bogus ident information.
badd5107b708ecea2476eda90f2a5fe6efe2f9988539733c58710c082a2510d6