Tunnelshell is a client-server backdoor which uses fragmented packets to traverse firewalls. Written in C, tested on Linux.
cad32eeada78f1ea9cbd18a6eec29d4d5a74e7a4359cc941b571364ca2498d29Lsof is an extremely powerful unix diagnostic tool. Its name stands for LiSt Open Files, and it does just that. It lists information about any files that are open by processes currently running on the system. It easily pinpoints which process is using each network connection / open port. FAQ available here.
c998f200faef5821fde15c1b767260fa0f25665a10da539bf14771e058498261Microsoft Security Advisory - A vulnerability in the trust relationships between Windows NT or Windows 2000 domains allow attackers to insert SID's of his choice into the authorization data at the trusted domain, he could elevate his privileges to those associated with any desired user or group, including the Domain Administrators group for the trusting domain. Microsoft FAQ on this issue available here.
aea549b863534dc20171daf7a828fe0e60c7f94a84c5929a495c20d4665d8914NetGear RO318 HTTP Filter Advisory - The firmware does not check URL's well enough and will send out restricted content if given a malformed URL. Includes perl exploit.
6e07fabd2f010c02fcaec5a1372c9f6341cee8b1bd9566de7cbd913ccf7a0bbcRFP2201 - MS Site Server Evilness. Security considerations to keep in mind when using Site Server 3.0. Includes info on a LDAP_Anonymous account w/ default password, information leakage and more via administrative pages, information leakage via _mem_bin pages, Cross-site scripting in various files, anonymous LDAP access, user publishing of files, Content publishing (cphost.dll) issues, and more.
b2d879527af4c0745a0200f6764a9f8cc7188c198d4129e7315d2cc73fe7ec08NBTEnum 1.1 is a utility for Windows which can be used to enumerate one single host or an entire class C subnet. This utility can run in two modes: query and attack. The main difference between these modes is that when NBTEnum is running in attack mode it will seek for blank password and for passwords that are the same as the username but then in lowercase letters.
22675fb728824e56d9bcf0846c4cf3213d6a7b360de88e654c36d018b6115f9cPort Scanning: Is it illegal? This paper discusses the one federal court ruling on this point.
d953aed84b17bf0bfc1516817b7b83a26b86bc83564dee0cc846e17efcdf9723Write Code Go to Jail: A look at the DMCA criminal liability for non-US software developers.This article will explain the relevant criminal provisions of the DMCA, and explore how the US Attorney has applied the law to foreign software developers. Finally, taking both into consideration, I will suggest theoretical suggestions for non-US firms facing such dilemmas.
89d04ff0df31286a8ad49ce73fa3250dc08070a52936c9d072202ba9dc694cedThe Impact of the USA Patriot Act on Network Security Practice - The patriot act contains some of the most substantial changes to U.S. federal cybercrime laws since the last major revisions of 1996. Many of these changes will have a direct impact on the way networked firms prepare and react to cybercrime incidents.
2e606400bdc9a1ca4683b05b6a9d12e07493064e660d390022d45736e35a273cWindows 2000 Group Policy may be disabled by locking the policy files. Microsoft does not have sufficient plans to replace the system files to fix this problem so we developed an application that can be run on a domain to search for Group Policy files and lock them. Once the Group Policy files are locked the subsequent logins will attempt to read the Group Policy Objects but will not be able to so the Group Policies will not be propagated to the user or the machine. This can be a serious problem depending on the domain's reliance on Group Policy. More info on Windows group policy available here.
08873f4daedde8af20b491a031c88b5ed48e299ef4fdd37c545f5587e0dd1632A program to brute force valid Newspro logins/passwords by wh1sky
f9aa545b467315dff2fd79553b738fef828cbdbe42a8711c021d67f2bbf65bd3A program to brute force valid POP3 logins/passwords by wh1sky
43fd1bea3dded75a79078cea2c014e2432181f31c8d09e352cc96daecd26fb9aFind_ddos v4.2 (linux) - The NIPC has developed a tool to assist in combating ddos agents. The tool scans a local system that is either known or suspected to contain a DDOS program. The tool will detect several known denial-of-service attack tools including tfn2k client, tfn2k daemon, trinoo daemon, trinoo master, tfn daemon, tfn client, stacheldraht master, stacheldraht client, stachelddraht demon and tfn-rush client. Solaris version also available.
63805d1dc1a201e9c5c99849a4f4092d618ba023fbae47f723f306c23a32ca93Realplayer 8 for Windows and Linux has a remote heap overflow vulnerability. A malformed .rm file can overwrite data on the stack. Patch available here.
b917d88157f66ffde952ca6041c17c3ce8bbd5bf82563f46625c70a973b99d1bHTML brute force cracker. Now works on FreeBSD too..
3abedd80ce3a61d3cd68111b720ae33ded935ede869c9e101fd0f0df622e4eebWebStorm is an IP scanner for Windows which checks webserver versions. Features include Webserver type filtering, option to use a HTTP Proxy server for scans, and saving the list or just IP's in the list to a file.
ec682d288a4efabd96ba578d5c5aa64cc3aaaf8a8b33c04664889e2ee9259621webi.c v4.0 - HTTP Request Packet Injection. This is a little program written in C, with which you can generate small http header and use all the apache methods. Tested on OpenBSD 3.0.
1bc4348379adda6b20ffada3c43e1081b631e32690beaa03eefdffa7eda5a976RootX is a local Macintosh OS/X exploit for sudo. Must be in sudoers. The latest Client/Server (10.1.2) are affected.
5ff52f6f3dfb5450eff58fc0b23c0c8073986283f4a01a42ace3f525d0299178
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed