exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 50 of 77 RSS Feed

Files Date: 2001-10-01 to 2001-10-31

smbbf-0.9.1.tar.gz
Posted Oct 24, 2001
Authored by Patrik Karlsson

The SMB Auditing Tool is a password auditing tool for the Windows and the SMB platform. It makes it possible to exploit the timeout architecture bug in Windows 2000/XP, making it extremely fast to guess passwords on these platforms. Running a large password file against Windows 2000/XP, shows statistics up to 1200 logins/sec. This means that you could run a commonly used English dictionary with 53 000 words against a server under a minute. Supports SMB over Netbios and native SMB over tcp port 445. Compiles on Linux, BSD, and Cygwin.

tags | cracker, tcp
systems | linux, windows, bsd
SHA-256 | 1e3300ae5e5ea40279f6d80a3ed0fccb68f2cde69c5f19250d5446805f317df0
logcleaner-0.3.c
Posted Oct 24, 2001
Authored by Dark Loop | Site solitude2000.f2s.com

Zap3.c cleans WTMP, UTMP, lastlog, messages, secure, xferlog, httpd.access_log, httpd.error_log. Check your log file and edit the source accordingly. Tested in Mandrake 7.2 and 8.0.

tags | tool, rootkit
systems | linux, unix, mandrake
SHA-256 | ddd7dd5733de189aa0a69ac6afdd5c760c285b48f1e5c5ea29875d8409b854cb
macosxsetuidroot.txt
Posted Oct 24, 2001
Site securemac.com

Mac OS X v10.1 and below contains a local root vulnerability which allows logged in users to get a root shell by running a specific series of applications. More info here.

tags | exploit, shell, local, root
systems | apple, osx
SHA-256 | 46aabb3e472e54612654c559a4bc57f5adf76fa15eb0274b3c38f0cc2b38d0d4
proton-1.0.0.4-setup.zip
Posted Oct 24, 2001
Authored by movax4c00 int21 | Site ftpscanner.com

Proton is a proxy tunneling application for Windows which supports SOCKS v4 and 5. When a connection is established with ProTon, it'll create a chain of proxy connections through many proxy servers until it reaches its destination.

systems | windows
SHA-256 | 27104ef1de57bf20b8aa3728a86e95510f4276a665e4bdee266013fce9718aa2
lsof_4.59_W.tar.gz
Posted Oct 23, 2001
Authored by Vic Abell

Lsof is an extremely powerful unix diagnostic tool. Its name stands for LiSt Open Files, and it does just that. It lists information about any files that are open by processes currently running on the system. It easily pinpoints which process is using each network connection / open port. FAQ available here.

Changes: Fixes for FreeBSD 5.0-CURRENT and Linux. Added new output field for raw device number in hex. Added support for OpenUNIX 8. Added an IP version selector to the -i option parameters.
tags | tool, intrusion detection
systems | unix
SHA-256 | 1e39c392e1016b61346c7830245b6b687bbb0fe67fc1d4576878af2447c25ac0
Samhain File Integrity Checker
Posted Oct 23, 2001
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain (stable branch) is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, tamper-resistant log file, and syslog) are available. Tested on Linux, AIX 4.1, HP-UX 10.20, Unixware 7.1.0, and Solaris 2.6.

Changes: Added MD5 and SHA1, fixed bugs.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
SHA-256 | 92952b60551212215a3ff7938055c795c0c7cf7520c9ecfa02d8165549e7e816
linux-2.2.19-ow4.tar.gz
Posted Oct 23, 2001
Authored by Solar Designer | Site openwall.com

The Openwall Linux kernel patch is a collection of security "hardening" features for the Linux kernel which can stop most 'cookbook' buffer overflow exploits. The patch can also add more privacy to the system by restricting access to parts of /proc so that users may not see what others are doing. Also tightens down file descriptors 0, 1, and 2, implements process limits and shared memory destruction.

Changes: Fixes two Linux kernel vulnerabilities. A non-security symbol export issue was fixed and support for ELF executables was put into a separate configuration option. Readme available <a href="http://www.openwall.com/linux/README"here.</a>
tags | overflow, kernel
systems | linux
SHA-256 | 27be7ee7003f92bb269f8c06f2f5b50f031cf87b73e9625e13dc8557c28755c3
zp-exp-telnetd.c
Posted Oct 20, 2001
Authored by Zen-Parse

Proof of concept netkit-0.17-7 local root exploit. Exploits buffer overflow in the AYT handling of in.telnetd, due to bad logic in the handling of snprintf().

tags | exploit, overflow, local, root, proof of concept
SHA-256 | 07af0ba46d6de20ca342e399bb7aa78397e7c268f742d6e103c05772650f39da
hap-linux-2.2.19-4.diff
Posted Oct 20, 2001
Site doutlets.com

HAP-Linux is a collection of security related patches which are designed to be applied after Solar Designers Openwall patches are installed. Changes include some extra information in the printks, and the ability to allow hard links to files you don't own which are in your group, and the ability to follow links & pipes in +t directories if they are not world-writable. This is useful for getting various daemons to run chrooted as a non-root user, and some secure drop- directory stuff.

Changes: Based on hap-linux-2.2.19-3.diff.gz which fixes the possible local root vulnerability discovered recently in kernel v2.2.19.
tags | root, patch
systems | linux, unix
SHA-256 | 0606ce0041917ab33a0b71bce0ad1540aa2deb46952477f11f0692d76c5afc46
linux-2.2.19-ow3.tar.gz
Posted Oct 20, 2001
Authored by Solar Designer | Site openwall.com

The Openwall Linux kernel patch is a collection of security "hardening" features for the Linux kernel which can stop most 'cookbook' buffer overflow exploits. The patch can also add more privacy to the system by restricting access to parts of /proc so that users may not see what others are doing. Also tightens down file descriptors 0, 1, and 2, implements process limits and shared memory destruction.

Changes: Fixes the possible local root vulnerability discovered recently in kernel v2.2.19. Readme available <a href="http://www.openwall.com/linux/README"here.</a>
tags | overflow, kernel
systems | linux
SHA-256 | e01a3bfee12ea89cb9334e05f90bbe2f39bf5239fcfc5e7946664dbdb915c6fc
GnoScan-0.1.2.tar.gz
Posted Oct 20, 2001
Site gnoscan.berlios.de

GnoScan is a multi-threaded network scan and security utility with an intuitive graphical user interface. It runs under GNOME. This is not the world's first port scanner, but certainly one of the most easy ones to use.

Changes: Small Bug Fixes.
tags | tool, scanner
systems | unix
SHA-256 | 1234ce122d16aef5618475fbc813993283391b05a7f5f817cc40a970cbced999
ipfw-graph-1.1.tar.gz
Posted Oct 18, 2001
Site mavetju.org

Ipfw-graph displays a graphical overview of the amount of bytes going through your FreeBSD ipfw-rules and a piled overview of the percentage based on which rule it happened.

tags | tool, firewall
systems | unix, freebsd
SHA-256 | 445cc53409fdf516cf5fb1af20253331265a2fdc9e36c81458fa9389da3fcaca
ethereal-0.8.20.tar.gz
Posted Oct 18, 2001
Authored by Gerald Combs | Site ethereal.com

Ethereal is a GTK+-based network protocol analyzer, or sniffer, that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and to give Ethereal features that are missing from closed-source sniffers. Screenshot available here.

Changes: New dissectors include GIOP CosEventComm, Quake 3 Arena, GMRP, GTP, HMIPv6, OSPFv3, MMSE, UCP, and the Skinny Client Control Protocol. Many other dissectors were enhanced, and updates were made to the user interface.
tags | tool, sniffer, protocol
systems | unix
SHA-256 | 41665c8dc7ea0746a504ecf19cc4a77f307fed8ffc8c1d1bac3d4b2a19710780
incident-1.8.tar.gz
Posted Oct 18, 2001
Site cse.fau.edu

Incident.pl is a small script which, when given syslogs generated by snort or other tools, can generate an incident report for events that appear to be attempted security attacks, gather information on the remote host, and report the attack to the appropriate administrators.

Changes: RWHOIS is now being used for ARIN as well as domain lookups. Bugs have been fixed.
tags | tool, remote, sniffer
SHA-256 | f3d2808aedba283d932feccb92c56fc6400bf41a09006aa8dab2182362aec3ca
Firewall Builder With GUI
Posted Oct 18, 2001
Site fwbuilder.org

Firewall Builder consists of object-oriented GUI and set of policy compilers for various firewall platforms. In Firewall Builder, firewall policy is a set of rules, each rule consists of abstract objects which represent real network objects and services (hosts, routers, firewalls, networks, protocols). Firewall Builder helps user maintain database of objects and allows policy editing using simple drag-and-drop operations. Firewall Builder can be used to manage firewalls built on variety of platforms including, but not limited to, Linux running iptables and FreeBSD or Solaris running ipfilter.

tags | tool, firewall, protocol
systems | linux, solaris, freebsd
SHA-256 | 56427fb7fe0bb13b185e6ab52a016f4c7ec66424a49639c32ffc4708631d711a
netdude-0.2.0.tar.gz
Posted Oct 18, 2001
Site netdude.sourceforge.net

Netdude is the NETwork DUmp data Displayer and Editor for tcpdump tracefiles. It is a GUI-based tool that allows you to make detailed changes to packets in tcpdump tracefiles. It can set the value of every field in IP, TCP, and UDP packet headers, copy, move, and delete packets in the tracefile, and fragment and reassemble IP packets. Netdude addresses the need for a tool that allows developers of networking code to easily create specific traffic patterns in order to test features of their software. Tested on Linux and FreeBSD.

tags | tool, udp, sniffer, tcp
systems | linux, freebsd
SHA-256 | f34961b4787080babac787618b4f2457859ed5b6ef94719455a03419aec8131a
spike-v1.8.tar.gz
Posted Oct 18, 2001
Site atstake.com

SPIKE is an attempt to write an easy to use generic protocol API that helps reverse engineer new and unknown network protocols. It features several working examples. Includes a web server NTLM Authentication brute forcer and example code that parses web applications and DCE-RPC (MSRPC).

tags | web, protocol
systems | unix
SHA-256 | 7e69f5a7ea1c2db4f13b9a857608b55c2483d9a7cac5201fa6c77932596fff0e
sharefuzz1.0.tar.gz
Posted Oct 18, 2001
Site atstake.com

Sharefuzz is a shared library which automatically detects environment variable overflows in Unix systems. This tool can be used to ensure all necessary patches have been applied, or as a reverse engineering tool.

tags | overflow
systems | unix
SHA-256 | 0480a8b835c431bca82601dd41dc51c21bcc45bbe1255266dc0b363224021c64
dcetest-1.2.tar.gz
Posted Oct 18, 2001
Site atstake.com

Dcetest is a tool which probes a windows machine over TCP port 135, MSRPC endpoint information. It can be though of as the equivalent of rpcinfo -p against a Windows box. Dcetest can also be very useful once inside a DMZ to fingerprint Windows machines on the network.

tags | tool, scanner, tcp
systems | windows, unix
SHA-256 | ffbb04526ee0bf44a9473b3dcc612da556022d5a3544d152f88fba267258ba75
mod_ssl-2.8.5-1.3.22.tar.gz
Posted Oct 18, 2001
Site modssl.org

mod_ssl provides provides strong cryptography for the Apache 1.3 webserver via the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1). It is based on the SSL/TLS toolkit OpenSSL and supports all SSL/TLS related functionality, including RSA and DSA/DH cipher support, X.509 CRL checking, etc. Additionally it provides special Apache related facilities like DBM and shared memory based inter-process SSL session caching. per-URL SSL session renegotiations, DSO support, etc.

Changes: Updated to work with Apache 1.3.22. Some bug fixes were made.
tags | encryption
SHA-256 | 258d6de5c22c0dd6882ba379b29ecf97f133631f9c1b14f950ae016c6034b098
apache_1.3.22.tar.gz
Posted Oct 18, 2001
Site apache.org

Apache is the most popular webserver on the Internet, quite possibly the best in terms of security, functionality, efficiency, and speed.

Changes: Two security updates - Closed autoindex /?M=D directory listing hole reported in bugtraq id 3009 which returned directory listings if multiviews and indexes are enabled.. Made split-logfile use the default logfile name if "/" or "\" are present in the virtual host name. This prevents the possible use of specially crafted virtual host names in some configurations to allow writing to any .log file on the system. Fixed quite a few minor bugs. Changelog available here.
systems | unix
SHA-256 | a62d1ce96e01b798f8d6ef33269508e96d8d8149f2d068dcc212d1697a82d06d
samba.sh
Posted Oct 17, 2001
Authored by Snyggast

Samba prior to v2.0.8 local root exploit. Tested against Red Hat 5.1 - 7.0.

tags | exploit, local, root
systems | linux, redhat
SHA-256 | 3559da9478ef6e2ad5bec74cb1fb9c968334a18bfaaedcff07c6f53c7ef83ec8
pikt-1.15.0.tar.gz
Posted Oct 17, 2001
Authored by Robert Osterlund | Site pikt.org

PIKT is a cross-platform, multi-functional toolkit for monitoring systems, reporting and fixing problems, security management, and updating system configurations. PIKT comprises an embedded scripting language with unique, labor-saving features. Binaries available here.

Changes: New stable release - Implemented per-slave authentication keys, new rkey utility, Added ARP (MAC/ethernet address) piktmaster authentication, fixed bugs, and general improvements.
tags | tool
systems | unix
SHA-256 | edb5d5aab3099948e83989762565afb9b9c5f76aa40ff518d84b1eb309eab40f
horus-0.1.tar.gz
Posted Oct 17, 2001
Authored by Incubus | Site coders.be

Horus is a tool for "third host" or "dumbhost" scanning. It can provide very stealth-ed portscans by using another source address in the SYN-packets of the portscan. This method will be almost invisible to the target host, since no direct connection is made from your computer to the target system. Tested on Linux.

tags | tool, scanner
systems | linux, unix
SHA-256 | a9d3745c610339116db47b8dc13f892e8cda110fce3eb01cd5f25189b6ff8b04
Internet Security Systems Security Advisory October 16, 2001
Posted Oct 17, 2001
Site xforce.iss.net

ISS has discovered a remote Denial of Service (DoS) vulnerability in Citrix MetaFrame. Citrix MetaFrame is an application server that works with Windows Terminal Services. This vulnerability causes a MetaFrame installation to crash or blue screen and requires an affected system to be restarted manually. No local access is needed to exploit this vulnerability.

tags | remote, denial of service
systems | windows
SHA-256 | 4ac34a8787598472e233d32474352c12be8616df6bec830ac5dd73fd29b0f80d
Page 2 of 4
Back1234Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close