CGIAudit is a black-box debugging tool which automatically audits CGI entities with only an interface specification, the HTML form. Attack types that a CGI script or program become subject to are configurable, as well as server replies that denote a possible penetration success. Other features include a built-in spider, proxy support, and hexadecimal encoding of requests.
d126c77221362b232d8c30d9ff3b6318d53fa438bbc6f491cf482f578d240a23FreeBSD Security Advisory FreeBSD-SA-02:05 - The pine port, versions previous to pine-4.40, handles URLs in messages insecurely. PINE allows users to launch a web browser to visit a URL embedded in a message. Due to a programming error, PINE does not properly escape meta-characters in the URL before passing it to the command shell as an argument to the web browser.
bd35deff33ef609e251b486734b4b234a56114ded09699be08f3d6b9fa3ad22eThe Boozt! banner management software for Linux v0.9.8alpha remote exploit. Included shellcode creates a suid httpd shell in /tmp. Fix available here.
76e9febe02a80ee5b9f529526ed2bcc8ef743cd4768f9e070b7ca96214e48fe4How Nmap scans work - This MS word document has information on how some of the different nmap scan types work.
22b9a4cfef68364a9b2ddaa65ca1711e247271b9ab7e8b22d390d178b4512d08Flawfinder searches through source code for potential security flaws, listing potential security flaws sorted by risk, with the most potentially dangerous flaws shown first. This risk level depends not only on the function, but on the values of the parameters of the function. Secure Programming HOWTO here.
a5fea5ba068d2b6b32f3f2fba83ef2c4fef29d12194faa7400b55466d2a9d656Darkside is a rootkit for unix which hides processes and their children, hides files, manipulates uid's, and modifies the tcp/ip stack to hide connections.
eb276d600410c8a211cbf397f2b173e3e4002a0aa9941df781e69f1c181d746bIRPAS is a suite of routing protocol attack tools which sends custom routing protocol packets from the unix command line. It is very useful for searching for new routing protocol vulnerabilities. Included is a tool for sending Cisco Discovery Protocol (CDP) messages, one for injecting IGRP routes, and a scanner for IGRP autonomous systems. Documentation available here.
6fd6dd1b5ca7eb5e3d6f2d12608a58741756eb2b080c577a322a31af1150b1ceBuggyzilla.pl exploits two vulnerabilities in bugzilla 2.14 or prior in order to execute commands on affected systems. This uses bad quotation of user input in bugzilla to gain access to administrator pages. The a weakness in the reports.cgi is then used to allow execution of commands. Advisory available here.
3e2376615b934217d9ee3fabfaf8b0934c68e5e806151b15baa23d51a10793baUnifuck 2.0 - An IIS Unicode/Decode exploit with full proxy support. Includes perl mods to run it.
084a834e61084b005aae60bc7033e96f7581366e6620431e7f0d6e3595f820fdThe Boozt! banner management software for Linux v0.9.8alpha has a remotely exploitable buffer overflow in a CGI executable. Fix available here.
b18893da35f68fb0231c9a63fbf5e0eeef0dff5397177aa07c4a990258121765FreeBSD Security Advisory FreeBSD-SA-02:01 - Pkg_add allows local attackers to modify the package contents and potentially elevate privileges or otherwise compromise the system.
731e85f42f619ca54425288be3cb87d0686a3e9b2f984c421c4359cbf121f100Syn sock scanner - A very fast scanner for socks proxies.
4b2fade99de54c56f4671c8d73eba434c11b5d29070ce91b04d6ec2a5684b41dNBTEnum 1.0 is a utility for Windows which can be used to enumerate one single host or an entire class C subnet. This utility can run in two modes: query and attack. The main difference between these modes is that when NBTEnum is running in attack mode it will seek for blank password and for passwords that are the same as the username but then in lowercase letters.
0f1c8cb865a3ae18a3eab808427e104925747d3c8e97efb9fed2d00242010a48
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed