Briis-1.pl is a unicode / decode IIS attack tool which includes SSL support under Linux. Features many checks for CMD.EXE, Caches the found directory, SSL support with SSLeay (Unix), Easy to use text file upload, Easy to use / encoding option, Relative path name program execution, and Virtual host support. More info available here.
02d511ae9e47f8a3122d180ba75ec52c4603ad0f5b0dc7d8ad3579832c4c1fdcVIPRR 1.1 is the first public beta of a concept study of attack routers. It's a userland virtual router which can be used together with any routing protocol attack tools. One of the most interesting features is the ability to inject packets into GRE tunnels and therefore making it possible to perform the RFC1918 hacking attacks described in gre.html without modification of the tools.
f1543db4d953ccae8605fd93c2a39617d3e5693a1ebfb2bae6ca957a517416e9Arpwarp is a tool which attempts to detect ARP spoofing attacks before executing a unix command (such as SSH or Telnet). This is the solaris version - The Linux version is available here.
0273b0048f41f1383b82f2a1445b9dafb3c3cab573cc73d817eb8fbf0b023ceaArpwarp is a tool which attempts to detect ARP spoofing attacks before executing a unix command (such as SSH or Telnet). This is the linux version - The solaris version is available here.
fb4e374b3b67a9958140a897ca83b151e75d5d663b0f3a0fe9a2e70556277fa4KIS is the Kernel Intrusion System, a powerful client / server LKM based rootkit.
1e702e017cefbe936077a52afd9e910ef6941a061c01106f322a61e1984687a9rpcinfo-diff is a patch for the netkit version 0.17 rpc package, allowing a target port to be set for rpcinfo. This is useful for targeting older sun machines, which run rpcbind on a udp port greater than 32770.
d0fd8bb5faecc65d974419c39913e73f6bdaf0362a8460360ad9c24f0c690f53Kbd v3.0 is a Linux loadable kernel module backdoor. Allows root access by modifying the SYS_utime and SYS_getuid32 system calls. Can be used in conjunction with cleaner.c from the adore root for stealth capability.
1e01acc4b6519e04281fd7a9cbecefe015e166620e9d670ffc0d78520451a2d7Sshscan.c scans for port 22, grabs server type and version. Uses a list of IPs.
7eb790e4b309675487eb6113534ae3090026d8b6fb4f55a2279b59d861b627ef63 byte connect-read-execve - linux-x86. This shellcode connects back and ask you for code to execute.
92eee9f754961c5729bb81fd22c2deff270d912773a857cf9b7eb698cbb63222The NeoHapsis port is a comprehensive list of ports numbers and the services/trojans that run on them. Updated Jul 19, 2001. Archive password is set to p4ssw0rd. Use at your own risk.
6e6d76d94ece75f4137ed6a65c50cec59725d7872190b24bd092786d8cef3b04Ifconfig and Netstat trojan - reads interfaces (sit0, eth0, eth0:1) from a file , defined in a char[] array and hides it.
378ba583e2eec0f73aef01b0a8b1baa9b18c41893fa4a18fdf01ab15e557a2faLibwhisker is a perl module for performing whisker CGI vulnerability checks. This is a preview release.
960d4be891522dd39a4a6fc33fd4765ddb81bffe80c0002f1a0f8c849c9e1977Skydance v3.6 is a distributed denial of service tool for Windows. Uses the IP_HDRINCL option. Tested on Win98 and Win2k. Uses ICMP for communication.
a60ab7490d90ddc3b7b5a27d0532f12cbfc6684dbb168f89e17b31b688699739Inflex is an email scanner which encapsulates your existing sendmail server setup. It scans both incoming and outgoing email and it does not alter your current /etc/sendmail.cf file. It can scan for email viruses, unwanted file types (eg. EXE, BMP, MPEG) and file names (eg. prettypark.exe). It can also be used to scan for text snippets within emails.
7e940e81b05c21de023858e47275acab82a79a82b5826e7471c5e5b9f3eb9dd8Ktvision v0.1.1-271 and below symlink local root exploit. Tested against SuSE 7.1.
7484393e8ed414c9a92178e33e802ebab4f5ba09c299bb89762e99c3e225abf9Tarantella 3.01 ttawebtop.cgi "show files" exploit. '..' and '/' are not filtered while processing user input, so it is possible to enter arbitrary values to retrieve files from remote sever, which should not be accessible normally. Exploit URL included.
9d5f4ace0d04cf6c840c506cafe1e2d3223f2c0444093380f59b04e3a168c8d5/usr/local/bin/filter local exploit. Gives GID=mail. More information available <a href="http://www.tao.ca/fire/bos/0354.html"here.</a> Tested against Slackware 3.1. Exploits the nlspath buffer overflow.
ba1c94f39c9843539d6330b83182ca2c4e79cc085b9114c402708728dea02aaeFreeBSD 3.1 - 4.3 local root exploit - Uses the signal condition vulnerability discovered by G. Guninski.
877ecb999c4cc6e021713bc69df6e18a70c93bcd73f813c5488ecc59bcd1edb6qDefense Advisory Number QDAV-2001-7-3 - Interactive Story does not properly validate the contents of a hidden field entitled "next". Setting that field to the name of a file, and using double dots and poison nulls, an attacker can cause Interactive Story to display the contents of any file. Exploit URL included.
97e8dec2dd73cc70c28c0ffa336013bf512a8924ca83704f520ae24b059baa61Sneaky2.sh is a swiss army knife for Hotmail/Messenger. Implements Spoofing/brute force/misconception/unexpected input Class Attacks. Will spoof Hotmail/messenger server to recover user hotmail/password, crash messenger client, remotely inject and execute malicious exe on the victim host.
a20cd1bbf47e56f622a99907ad68665a56c73da31f4c7353938fa59ca1b6d1f4Slackware 8.0 local root exploit - Creates a suid shell when "modprobe lp" is run from the startup scripts.
b8b095012e691aba701cd6577f74f4427437ebc53c5be9b4cc9758dc3d3cfeebRed Hat Security Advisory RHSA-2001:091-07 - Elm had a buffer overflow when handling very long message-ids. This overwrote other header fields, and could potentially cause more damage. Red Hat Linux 5.2, 6.2, 7 and 7.1 is vulnerable.
d4b372395a2cdc3ff027c6537d7c9d02e3d327aec80692578de48c794ce48673Checkpoint Firewall-1's SecureRemote allows any IP to connect and download sensitive network information. This perl script gives a potential attacker a wealth of information including ip addresses, network masks (and even friendly descriptions).
e3619e7d295ef6e80dc77aada9c151eaf7aeff1c25021ef117f8331019de3414Looking for Vulnerabilities - Our approach has been to look for a few common mistakes in programs (and scripts) of interest (mainly setuid, setgid programs and network servers). This paper focuses on unsafe temp files, unsafe environment, and buffer overflows.
f66499c4db19f49b5b6f1abda1969d8574ee7a5fbe0ed73010d9c2401d1d8dacCfingerd v1.4.3 remote root exploit for Linux. Binds to port 113 and sends bogus ident information.
badd5107b708ecea2476eda90f2a5fe6efe2f9988539733c58710c082a2510d6
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed