exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 75 RSS Feed

Files Date: 2001-09-01 to 2001-09-30

alpha-fmtstr.txt
Posted Sep 28, 2001
Authored by Truefinder | Site igrus.inha.ac.kr

How to Exploit Format String Vulnerabilities under Alpha Linux. Includes techniques and example code.

tags | paper, vulnerability
systems | linux, unix
SHA-256 | fb0fd3f5ea1da71d3480f0ab3b12774cb66642a7b3267859fa03b1b693e6053e
maj1944-xpl.pl
Posted Sep 28, 2001
Authored by Nemes||y

Majordomo v1.94.4 local exploit in perl. Binds a shell to port 1234 with uid=Majordomo.

tags | exploit, shell, local, perl
SHA-256 | 3a1bfea6bba3d9ea6fd7f66f9211de9ecce5dbe5b859d9ffa9613bbeeeb45ced
FreeBSD-STABLE_and_IPFILTER.htm
Posted Sep 28, 2001
Authored by Marty Schlacter | Site schlacter.dyndns.org

This howto walks you through building a FreeBSD-STABLE firewall with IPFILTER. This is a checklist that walks you through the entire process from beginning to end: installing FreeBSD-stable, recompiling the kernel, OpenSSH security, TCP-wrappers, VESA video modes, and special syslog logging for your firewall.

Changes: Updated for FreeBSD-4.4-STABLE.
tags | paper, kernel, tcp
systems | freebsd
SHA-256 | 90a89638a1bb7a689710c7cb260fddd1887bc75eeb83cc49e93d7f7220e9ce8a
cisco.01-09-26.pix.smtp
Posted Sep 27, 2001
Site cisco.com

Cisco Security Advisory - The Cisco Secure PIX firewall feature "mailguard" which limits SMTP commands to a specified minimum set of commands can be bypassed. To exploit this vulnerability, attackers must be able to make connections to an SMTP mail server protected by the PIX Firewall. All users of Cisco Secure PIX Firewalls with software versions 6.0(1), 5.2(5) and 5.2(4) that provide access to SMTP Mail services are at risk.

systems | cisco
SHA-256 | 844d365f0b47bcd0fed7bc74723706ea4c035e7ea51e5d953adcdb2706897b20
openssh-2.9.9p2.tar.gz
Posted Sep 27, 2001
Authored by Damien Miller | Site openssh.com

This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.

Changes: Fixes a weakness in OpenSSH's source IP based access control for SSH protocol v2 public key authentication (more information here.
tags | encryption
systems | linux, openbsd
SHA-256 | 3dd87a3456ea61151d0bd2287b3d8b9e9371d8472d0f756b9fe3ac2800478e1a
thcrut-0.1.tar.gz
Posted Sep 27, 2001
Authored by thc | Site thc.org

THC-RUT (aRe yoU There) is a local network discovery tool developed to brute force its way into wvlan access points. It offers arp-request on ip-ranges and identifies the vendor of the NIC, spoofed DHCP, BOOTP and RARP requests, icmp-address mask request and router discovery techniques. This tool should be 'your first knife' on a foreign network.

tags | tool, local, spoof, wireless
SHA-256 | 57ed9bd93003205ae3738dab5fe7d6c2d887404f5fcbc0a7ef08c05f22715a55
hydra-1.3.tar.gz
Posted Sep 27, 2001
Authored by thc | Site thc.org

Hydra v1.4 is the world's first parallel login hacker. With this tool you are able to attack several services at once (FTP, POP3, IMAP, Telnet, HTTP Auth, etc).

tags | web, cracker, imap
SHA-256 | 1e7c26a3b9c5840830cbfe4b20c5f8dc16d52e1db7dc42711e493c8035da5d70
wardrive-2.0.tar.gz
Posted Sep 27, 2001
Authored by van Hauser, thc | Site thc.org

THC-WarDrive v2.0 is a linux based tool for mapping your city for wavelan networks with a GPS device while you are driving a car or walking through the streets. It is effective and flexible, supporting NMEA GPS devices.

tags | tool, wireless
systems | linux
SHA-256 | 867fdb212fef9c2ee86ba52fd23b7ca63a5d5187f61ddb0c34345adb112a82cf
Linux IPTables Firewall
Posted Sep 27, 2001
Site iptables.org

iptables is the new packet alteration framework (firewall utility) for Linux 2.4. It is an enhancement on ipchains, and is used to control packet filtering, Network Address Translation (masquerading, port forwarding, transparent proxying), and special effects.

Changes: Fixes for IPv6, a fix for a possible string overflow in psd match, and incremental checksumming when changing TTL in TTL target.
tags | tool, firewall
systems | linux
SHA-256 | 565eabdc7cea7f1203810b37c30dfedc37fb979e145ffa30b7c25d5a9c21d48a
pspa-2.4.10-9.tar.gz
Posted Sep 27, 2001
Site original.killa.net

The Linux Port/Socket Pseudo ACLs project is a patch to Linux kernel v2.4 which allows the admin to delegate privileges for some protected network resources to non-root users. The ACLs are generally used to run untrusted or insecure applications as an unprivileged process, thereby lessening the impact of some undiscovered denial of service or root compromise. The ACLs can cover protected ports, raw sockets, and packet sockets.

Changes: Ported to kernel v2.4.10, some bugs were fixed, and a "make config" warning when packet socket is modular has been added.
tags | denial of service, kernel, root, patch
systems | linux, unix
SHA-256 | a73ebf143d0739e1eb292453bf559c1f9cdec32058f30c2394eb8715caa2e556
firestorm-0.2.2.tar.gz
Posted Sep 27, 2001
Site scaramanga.co.uk

Firestorm is a Network Intrusion Detection sensor which is multi-threaded, fast, and is pluggable at almost every point.

Changes: Many snort compatibility fixes were made. All the snort 1.7 rules work. Most of the snort 1.8 rules work. Lots of bugs were fixed.
tags | tool, intrusion detection
systems | unix
SHA-256 | 25d1a40d6e0adbf5ed62b143d1f7a0e416617b5b67d9c4f0e55d11e094db97b4
gtkskan-0.2.tgz
Posted Sep 27, 2001
Site sourceforge.net

802.11b Network Discovery Tools is a gtk tool to scan for 802.11b networks using wavelan/aironet hardware and Linux wireless extensions. It includes the ability to log coordinates of found networks from a NMEA compatible GPS device, and can be linked to a serial port.

tags | tool, wireless
systems | linux
SHA-256 | 1fd449b3cfcfecf2aff18bf6d9c0c6c0363c62e10cd530785328adb191408365
cpt1.tar.gz
Posted Sep 27, 2001
Authored by Toxic Ocean | Site blackhat.be

Proxy Toolkit is coded in Java and checks to see what information a web proxy forwards.

tags | java, web
SHA-256 | 29df10b97dc837a93d9fbf6d310c5ccfc8236ae4560a8bdac470fa265c494422
ms01-049
Posted Sep 27, 2001

Microsoft Security Advisory MS01-049 - A security vulnerability exists in Exchange 2000 Outlook Web Access, because it will accept and process a request for an item in an authenticated user's mailbox without verifying first that the folder structure is valid. An attacker can mount a denial of service attack by repeatedly levying a request for a non-existent but deeply nested folder in his own mailbox. Microsoft FAQ on this issue available here.

tags | web, denial of service
SHA-256 | 94946005340865173ae7c47cce980ae07ca0a2c50db2342cc2005aa10fb1d1f3
FreeBSD Security Advisory 2001.60
Posted Sep 27, 2001
Authored by The FreeBSD Project | Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-01:60 - Procmail versions prior to procmail 3.20 performed unsafe actions while in the signal handlers. If a signal is delivered while procmail is already in an unsafe signal handler, undefined behavior may result, possibly leading to the ability to perform actions as the superuser under unprivileged local user control.

tags | local
systems | freebsd
SHA-256 | a15e547ec286cb5b926fcb77bad3b9f6485a830f74e96e8d626520438447fb28
mimedefang-1.4.tar.gz
Posted Sep 22, 2001
Authored by Dianne Skoll | Site roaringpenguin.com

MIME Defanger is a flexible MIME e-mail scanner designed to protect Windows clients from viruses and other harmful executables. It works with Sendmail 8.10 / 8.11 and will alter or delete various parts of a MIME message according to a flexible configuration file.

Changes: Handles MIME-encoded words in headers correctly.
systems | windows, unix
SHA-256 | 2bc9444be7624a764f02de03965505a1408853ddd196b038dba3a8d08cd9505e
sendmail.8.12.0.tar.gz
Posted Sep 22, 2001
Site sendmail.org

Sendmail is a very popular unix Mail Transfer Agent, a program that moves mail from one machine to another.

Changes: This release includes lots of security and performance issues. The sendmail binary is no longer setuid! There is better memory and thread handling and lots of fixes. Changelog available here.
systems | unix
SHA-256 | ef37bf77cb9f2b3ce65d8d7fdf266366f6640a62409b57907ed953fd86a9261e
lids-1.0.15-2.4.9.tar.gz
Posted Sep 22, 2001
Authored by Xie Hua Gang | Site lids.org

The Linux Intrusion Detection System is a patch which enhances the kernel's security. When it's in effect, many system administration operations can be made impossible even for root. You can turn the security protection on or off on the fly and you can hide sensitive processes and prevent anyone from using ptrace or any other capability on your system. LIDS can also provide raw device and I/O access protection. LIDS FAQ available here.

Changes: Fixed inheritance problems including the kernel going into an endless loop and more lidsadm fixes and code cleanup.
tags | kernel, root
systems | linux
SHA-256 | 3e13d68114e1d23e557d6f3380af20b67b224328e7e1951b82b181c1a107fa27
mindterm_2.1-bin.zip
Posted Sep 22, 2001
Site appgate.com

MindTerm is a complete ssh-client in pure java which can be used either as a standalone java-application or as a java-applet. Includes a vt102/xterm-terminal with the ssh protocol and also "drop-in" socket replacements to use ssh tunnels transparently from a java application/applet.

Changes: Changed keypair format to be PEM for key compatibility with OpenSSH, Added a GUI to the SFTP transfer. Fixed lots of bugs.
tags | java, protocol
SHA-256 | f61d2b74017f34d562ef1f8005602a6819466baf7b6498a42f91e32a9baad685
RNmap 0.5.3 Beta
Posted Sep 21, 2001
Authored by Tuomo Makinen | Site sourceforge.net

Remote Nmap is a python client/server package which allows many authorized clients to connect to a centralized nmap server to do their port scanning. This could be useful for security companies who want to have all their scans come from a dedicated machine.

Changes: A few bugfixes, a workaround to make the nmap multi-portlist feature work, and a few modifications for grnmap.
tags | tool, remote, nmap, python
systems | unix
SHA-256 | dfbb52e97f0f0884cb02942e7db1b6327bb76edb3174c3be78889275eb88fe2b
gps-0.8.0.tar.gz
Posted Sep 21, 2001
Authored by Whitehat | Site gps.sourceforge.net

Ghost Port Scan is an advanced port scanner and a firewall rule disclosure tool. Uses IP & ARP spoofing, sniffing, stealth scanning, arp poisoning, IP fragmentation, and other techniques to perform stealth and untrackable information collection. GPS is especially efficient in LAN pen-testing, due to its ability to disclose the firewall settings of a host.

tags | tool, scanner, spoof
systems | unix
SHA-256 | 8b0c46b51c8ec5007ef24990765445686e08ac8a7fa8aca2da9311c6e1987e7d
SAdoor.0.2.beta.tgz
Posted Sep 21, 2001
Authored by CMN | Site mdstud.chalmers.se

SADoor is a non-listening remote admin tool for UN*X systems. It sets up a listener in non-promiscuous mode for a specific sequence of packets arriving to the interface before allowing command mode. The commands are sent MIME64 encoded in the TCP payload and decoded and passed on to system(3).

tags | tool, remote, tcp, rootkit
systems | unix
SHA-256 | 65218b8628ccf90b31968d77f356467c7ff3ab2195dd393e39834620308e4c3b
FormScalpelv1.0.11BETA.zip
Posted Sep 20, 2001
Authored by Curryman | Site ugc.org.uk

Form Scalpel v1.0.11 for Windows is designed to aid security professionals to assess the resilience of a web sites forms to various forms of attack. Given the growing sophistication and variety of sites and development techniques utilized, a generic tool specifically aimed at making this job easier was required. Thus "Form Scalpel" was born. The tool automatically extracts form/s from a given web page and automatically splits out all fields for editing and manipulation - making it a simple task to formulate detailed GET and POST requests. The application supports HTTP and HTTPS connections and will function over proxy servers.

tags | web
systems | windows
SHA-256 | 7e07602b66b9a90c888f9c066ea1852defe0f6f2cc036b7160b45d979aad1fdc
netl-1.09.tar.gz
Posted Sep 20, 2001
Authored by Graham Ollis | Site netl.org

netl v1.09 is a network logger/sniffer suitable for TCP/IP over Ethernet and loopback which provides functionality not found in similar programs. netl is capable of logging everything from pings to telnet, including low level IP like SYNs and RSTs.

Changes: Added perl/Tk interface, fixed some bugs.
tags | tool, tcp, intrusion detection
systems | unix
SHA-256 | 5c0f37cb666914e50b01575f936c4800c589f5a6b7f0052d172debf882e961f7
LaBrea.tgz
Posted Sep 19, 2001
Authored by Tom Liston | Site hackbusters.net

LaBrea v2.0 is a program that creates a tarpit or, as some have called it, a "sticky honeypot". LaBrea takes over unused IP addresses on a network and creates "virtual machines" that answer to connection attempts. LaBrea answers those connection attempts in a way that causes the machine at the other end to get "stuck", sometimes for a very long time.

Changes: New command line option -p to keep tcp connections in the "persist" state, which can hold on to threads for a long time.
tags | tool, intrusion detection
systems | unix
SHA-256 | 23b2e7cad2a4578ea03587998eac0e122e2899f608739aa1a517864514a77f26
Page 1 of 3
Back123Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close