exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 107 RSS Feed

Files Date: 2001-11-01 to 2001-11-30

Posted Nov 29, 2001
Authored by Sean Whalen | Site chocobospore.org

Mognet version 1.13 is a GPL'd libpcap/jpcap 802.11b sniffer/analyzer written in Java. It is display-optimized for use on handheld devices like the iPaq, and can save and load frames in libpcap/tcpdump/ethereal format.

tags | tool, java, wireless
SHA-256 | 71c4a2d8b29343b5112f4cb355dde2b29e060e6b00f6ad3733e1d6e1d3f921ff
Posted Nov 29, 2001
Authored by Ivan Arce | Site corest.com

CORE Security Advisory CORE-20011001 - Another globbing problem has been discovered in Wu-FTPD, allowing a remote user to execute arbitrary code. Affected versions include: all Wu-FTPD versions through 2.6.1, Wu-FTPD 2.7.0 snapshots, and FTP server programs derived from Wu-FTPD.

tags | remote, arbitrary
SHA-256 | b2af010437f4826bb1eed002d7911ab9a56a1c96980ee85e3944582ce2cdbcf9
Posted Nov 28, 2001
Authored by rain forest puppy | Site wiretrip.net

Details and source diffs for the wu-ftpd v2.6.1 remote overflow vulnerability. By leaving off closing ']' and '}' characters, it's possible to get the glob function to construct a long string which very well may overflow a buffer in gzip v1.2.4.

tags | remote, overflow
SHA-256 | 30748757c260928c611e88fd96b30631aba28b1ad1813970dcd5a76a1ab7932d
Posted Nov 27, 2001
Site steghide.sourceforge.net

Steghide is steganography program which hides bits of a data file in some of the least significant bits of another file in such a way that the existence of the data file is not visible and cannot be proven. Steghide is designed to be portable and configurable and features hiding data in bmp, wav and au files, blowfish encryption, MD5 hashing of passphrases to blowfish keys, and pseudo-random distribution of hidden bits in the container data. It is able to embed data in BMP, WAV, and AU files.

Changes: The interval length now defaults to the max. Switches for verbosity, quiet, and force were added. Now prompts for a passphrase if one is not given.
tags | encryption, steganography
SHA-256 | c2bc422e604ece24acd0a7a9e633a942fddb50fcfffb8fb2d26dd84eea7ba0f8
Posted Nov 26, 2001
Site vapid.dhs.org

Vapid Labs Security Advisory 11232001-02 - The webserver administrator password for the Xitami Webserver is stored clear-text in a world readable file, allowing a local user to gain control of the webserver and, with some effort, the root account. Affected versions include: Xitami Webserver 2.4d9 and 2.5b5 beta.

tags | local, root
SHA-256 | 086b0483b623081e9fdd5220b9aa4f16c4e694ca9fb5953d8a3a78590a93c16a
Posted Nov 26, 2001
Authored by Phuzzy L0gic | Site nmrc.org

NMRC Advisory - A vulnerability has been found in Sun's NetDymanics session management package that allows an attacker to hijack random user sessions. Versions confirmed affected include Solaris 7 and 8 (SPARC), running NetDynamics 4.x and 5.x.

systems | solaris
SHA-256 | 93ca5cbfd649dcedcb26f1045e072b2faba1a2aa28bf1d75267c53805c5bb86d
Posted Nov 26, 2001
Authored by Serge Birj

RemoteCompFind (previously known as RemoteHit) searches for a computer on a remote network, in a given IP Range, using NetBIOS protocol. The program is fully multi-threaded. RemoteHit has MS "Find: Computer" like interface.

Changes: The program doesn't use WinNT network libraries anymore. All NetBIOS related code is now part of the project. This significantly improves performance and adds compatibility with Win9x/Me.
tags | remote, protocol
SHA-256 | f7f1091033a3b2f63fc387cdfb759af2a4e498e63db235ad30a684d4a43192af
Posted Nov 26, 2001
Authored by Stackd, ldm

ldM.c is a backdoor that runs on tcp port 141 by default.

tags | tcp
SHA-256 | c6299499912cbd9e814a5674cfc34c5a466c005cc3af22d93a7baed98fc365f9
Posted Nov 26, 2001
Authored by Wojciech Purczynski | Site elzabsoft.pl

Capsel v1.9.99pre5 is a Linux kernel module for v2.2.x and 2.4.x with many features that increase your system security. It features the ability to stop chroot jail break, stop ptracing, control the execve call, and removes read permission from core dumps. It also changes the behavior of set*uid system calls which may be used by programs to drop almost all capabilities and UID without dropping capabilities that are needed to work correctly (i.e. bind sockets). Allows you to get rid of many of your SUID files.

Changes: Now works with kernel v2.2.20. Fixed some bugs. Readme available here.
tags | kernel
systems | linux
SHA-256 | a5918d4a20d806208b32e0b417f47e29eb7c913b1b76c03f7dcc0a0f05f8e1fe
Posted Nov 26, 2001
Authored by Freak88

Flood2.c is a SYN flooder that is more efficient than Juno because it uses smaller packets. Slightly broken.

tags | denial of service
SHA-256 | 87d55c83a0a5d1849a0ac50ee24c11e61710b2a8b7f7933479ee89fafad23673
Posted Nov 25, 2001
Authored by Stackd, ldm

Std.c is a udp packet flooder. Tested on Linux.

tags | udp
systems | linux
SHA-256 | e91335a547a70625afc111963c420b05bbe3f8bb4ba39bf722aaed746cba3df5
Posted Nov 25, 2001
Site legions.org

IP Sorcery is a TCPIP packet generator which allows you to send TCP, UDP, and ICMP packets with a GTK+ interface.

Changes: New error windows to for errors. Includes minor feature enhancements to the GTK and console versions.
tags | udp, tcp
systems | unix
SHA-256 | adc1acd1519ea1fb4385857dd333f445e98932613ca65cea2c8e9888302e03f3
Posted Nov 25, 2001
Authored by Marek Zelem, Martin Ockajak | Site medusa.fornax.sk

Medusa DS9 is a tool used to increase Linux's security. It consists of two major parts - Linux kernel changes and the user-space daemon. Kernel changes do the monitoring of syscalls, filesystem actions, and processes, and they implement the communication protocol. The security daemon communicates with the kernel using the character device to send and receive packets.

Changes: Patched for 2.2.20 and 2.4.15. Includes a bunch of bugfixes.
tags | kernel, protocol
systems | linux
SHA-256 | 782bc79b5afc4ff443dc44837213c29aa727a4d85eac15d2727e4485fc7da936
Posted Nov 25, 2001
Site thedumbterminal.co.uk

Sniff formats hex packets from tcpdump and converts them to ASCII to make them easier to read and understand. Its features include colored console output, CSV file saving, and fully customizable output. The program directly accepts all tcpdump options, including parsing from packet files.

Changes: A tcpdump option handling bug has been fixed.
tags | tool, sniffer
SHA-256 | 435498f0db4eb809acdb2227c9b536d51fe515d1329b990c5c7ff16977f75bd6
Posted Nov 25, 2001
Authored by Mike Ricketts | Site earth.li

SendIP is a commandline tool to send arbitrary IP packets. It has a large number of command line options to specify the content of every header of a TCP, UDP, ICMP, or raw IP packet. It also allows any data to be added to the packet. Checksums can be calculated automatically, but if you wish to send out wrong checksums, that is supported too.

Changes: Loads of compile fixes on various platforms, major bugfixes, and a real man page.
tags | tool, arbitrary, udp, tcp
systems | unix
SHA-256 | c3dd259590c3eed83675409fb32029327c00b8da1230643dc43e89976642c03b
Posted Nov 24, 2001
Authored by Vacuum | Site winfingerprint.sourceforge.net

Winfingerprint v0.4.0 - Advanced remote windows OS detection. Current Features: Determine OS using SMB Queries, PDC (Primary Domain Controller), BDC (Backup Domain Controller), NT member server, NT Workstation, SQLServer, Novell Netware Server, Windows for Workgroups, Windows 9X, Enumerate Servers, Enumerate Shares including Administrative ($), Enumerate Global Groups, Enumerate Users, Displays Active Services, Ability to Scan Network Neighborhood, Ability to establish NULL IPC$ session with host, Ability to Query Registry (currently determines Service Pack Level & Applied Hotfixes. Runs on Windows NT and 2000.

tags | remote, registry
systems | windows
SHA-256 | cbe16d6221e053409d04ba5f9d8cff4128c6413e64b44b33732d58ccca008171
Posted Nov 24, 2001
Authored by Adam Guyot | Site speakeasy.net

Procwatch is a perl script which watches a /proc filesystem for new processes. When a process is created, procwatch reports the time, the username, the PID, and the binary that was run. Its output is suitable for logging to log files and is geared for system administrators who are testing a new but as yet untrusted UNIX system. Although it cannot detect, and is not proof against, hacked loadable kernel modules that have modified /proc, it is useful in watching for possible rogue binaries.

tags | kernel, perl
systems | linux, unix
SHA-256 | 68dfad72427ae0eddb228265f96ba7689c3ec4efa78ad0f285c13614b8594c69
Posted Nov 24, 2001
Site original.killa.net

The Linux Port/Socket Pseudo ACLs project is a patch to the Linux kernel which allows the admin to delegate privileges for some protected network resources to non-root users. The ACLs are generally used to run untrusted or insecure applications as an unprivileged process, thereby lessening the impact of some undiscovered denial of service or root compromise. The ACLs can cover protected ports, raw sockets, and packet sockets.

Changes: Updated for kernel v2.4.15.
tags | denial of service, kernel, root, patch
systems | linux, unix
SHA-256 | fa1ad43fadf54a769b2370a50d8d29243ac7c710c4d53a67279b3fca599d425a
Posted Nov 24, 2001
Authored by eTech

Srape is a perl script which sends tcp with no flags set and causes the victim to reply with rst packets. Seems to be more effective than a syn attack and harder to filter.

tags | denial of service, perl, tcp
SHA-256 | e4f492aef69f00b77840d631ac6aa16b968e23e37b3dfc9b6d38bcf76c82d57e
Posted Nov 22, 2001
Authored by Zinc_Sh

Shell script to scan a domain for open windows shares using samba. Tested on slackware, red hat, SuSE. Requires smb client.

tags | tool, shell, scanner
systems | linux, redhat, windows, unix, suse, slackware
SHA-256 | aa897cb01895e470ffc69ea88d3d8aa218b9d21900a286afbf5b78fded94e1fc
Posted Nov 22, 2001

CERT Advisory CA-99-16 - Buffer Overflow in solaris sadmind. The sadmind program is installed by default in Solaris 2.5, 2.6, and 7.

tags | overflow, add administrator
systems | solaris
SHA-256 | 91e3ccb53dada317e1d9eb7fb117db045ea4dab85eb4219206c1ebfaece31491
Posted Nov 22, 2001
Authored by Bro Evil

Dword.pl - This will convert a given IP address into it's dword equiv, as described in "How to Obscure Any URL", available here.

systems | unix
SHA-256 | 3f31fd5b39902ebcc095a352a0538509fc005b0f033a0d5aae798016f30131c7
Posted Nov 22, 2001
Authored by Cyrax | Site members.antionline.com

Explanation of how to exploit the rpc.sadmind bug on Solaris.

tags | exploit
systems | solaris
SHA-256 | 39930a280c144ab14cfd240d0a929369a2f7e68dfed059b8f4c01fda84a4ba71
Posted Nov 22, 2001
Authored by Hawaiian Superman

Hotmail is vulnerable to yet another serious security problem involving javascript. Windows, MacOS, and Linux users are affected. Filters may be bypassed by putting line feeds in the middle of the javascript code, the browser will remove the line feeds and execute it.

tags | exploit, javascript
systems | linux, windows
SHA-256 | 38d619755398daddb4094c74d9e46a705ebf54917924ac7f57da9be93f94b110
Posted Nov 22, 2001
Authored by Echo8

Veritas Volume Manager 3.0.x for Solaris contains a security hole which can, under specific circumstances, allow local users to gain root access. Exploit description included.

tags | exploit, local, root
systems | solaris
SHA-256 | fd2319ff0e16f1c6e713fa56b2101950213939c45121c340cc789350ca38aee3
Page 1 of 5

File Archive:

October 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    0 Files
  • 2
    Oct 2nd
    22 Files
  • 3
    Oct 3rd
    0 Files
  • 4
    Oct 4th
    0 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    0 Files
  • 8
    Oct 8th
    0 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2022 Packet Storm. All rights reserved.

Security Services
Hosting By